Exploit the possiblities
Showing 26 - 50 of 949 RSS Feed

CGI Files

Geutebruck testaction.cgi Remote Command Execution
Posted Feb 17, 2017
Authored by Davy Douhine, Frederic Cikala, Florent Montel | Site metasploit.com

This Metasploit module exploits a an arbitrary command execution vulnerability. The vulnerability exists in the /uapi-cgi/viewer/testaction.cgi page and allows an anonymous user to execute arbitrary commands with root privileges. Firmware <= 1.11.0.12 are concerned. Tested on 5.02024 G-Cam/EFD-2250 running 1.11.0.12 firmware.

tags | exploit, arbitrary, cgi, root
advisories | CVE-2017-5173, CVE-2017-5174
MD5 | 584256c90a7c1a22c6fb8b90488d1b76
Peplink NGxxx/LCxxx VPN-Firewall Open Redirect
Posted Nov 29, 2016
Authored by LiquidWorm | Site zeroscience.mk

Input passed via the '_redirect' GET parameter via 'service.cgi' script on various Peplink VPN-Firewall devices is not properly verified before being used to redirect users. This can be exploited to redirect a user to an arbitrary website e.g. when a user clicks a specially crafted link to the affected script hosted on a trusted domain.

tags | exploit, arbitrary, cgi
MD5 | 5af9c98feacf1c9f241e8c52fcc8846f
Ubuntu Security Notice USN-3134-1
Posted Nov 22, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3134-1 - It was discovered that the smtplib library in Python did not return an error when StartTLS fails. A remote attacker could possibly use this to expose sensitive information. Various other issues were also addressed.

tags | advisory, remote, web, cgi, python
systems | linux, ubuntu
advisories | CVE-2016-0772, CVE-2016-1000110, CVE-2016-5636, CVE-2016-5699
MD5 | 0ce8a8b98671640d3e776ca2617dbc64
Red Hat Security Advisory 2016-1978-01
Posted Sep 29, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1978-01 - Twisted is an event-based framework for internet applications. Twisted Web is a complete web server, aimed at hosting web applications using Twisted and Python, but fully able to serve static pages too. Security Fix: It was discovered that python-twisted-web used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request.

tags | advisory, remote, web, cgi, python
systems | linux, redhat
advisories | CVE-2016-1000111
MD5 | 51d8e2299330edaa913b00676551d000
Red Hat Security Advisory 2016-1851-01
Posted Sep 12, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1851-01 - This release of Red Hat JBoss Core Services Service Pack 1 serves as a replacement for JBoss Core Services Apache HTTP Server. Security Fix: It was discovered that Apache HTTP Server used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request.

tags | advisory, remote, web, cgi
systems | linux, redhat
advisories | CVE-2016-5387
MD5 | b15744f67fff01d22370d8bb54a6ff20
Red Hat Security Advisory 2016-1635-01
Posted Aug 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1635-01 - This release of Red Hat JBoss Web Server 3.0.3 Service Pack 1 serves as a update for Red Hat JBoss Web Server 3.0.3 httpd and tomcat. Security Fix: It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request.

tags | advisory, remote, web, cgi
systems | linux, redhat
advisories | CVE-2016-5387, CVE-2016-5388
MD5 | 149540e482b47698e6e0df21eb5f5881
Red Hat Security Advisory 2016-1626-01
Posted Aug 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1626-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: It was discovered that the Python CGIHandler class did not properly protect against the HTTP_PROXY variable name clash in a CGI context. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a Python CGI script to an attacker-controlled proxy via a malicious HTTP request.

tags | advisory, remote, web, cgi, python
systems | linux, redhat
advisories | CVE-2016-0772, CVE-2016-1000110, CVE-2016-5699
MD5 | 53b0ca7b2756e948f24fbe6f5e5bc10e
Red Hat Security Advisory 2016-1629-01
Posted Aug 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1629-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: It was discovered that the Python CGIHandler class did not properly protect against the HTTP_PROXY variable name clash in a CGI context. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a Python CGI script to an attacker-controlled proxy via a malicious HTTP request.

tags | advisory, remote, web, cgi, python
systems | linux, redhat
advisories | CVE-2016-0772, CVE-2016-1000110, CVE-2016-5699
MD5 | 071423e786f2546938e8ff0585f22468
Red Hat Security Advisory 2016-1628-01
Posted Aug 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1628-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: It was discovered that the Python CGIHandler class did not properly protect against the HTTP_PROXY variable name clash in a CGI context. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a Python CGI script to an attacker-controlled proxy via a malicious HTTP request.

tags | advisory, remote, web, cgi, python
systems | linux, redhat
advisories | CVE-2016-0772, CVE-2016-1000110, CVE-2016-5699
MD5 | a48c45d1cb8791d0084505e7c812eddb
Red Hat Security Advisory 2016-1630-01
Posted Aug 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1630-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: It was discovered that the Python CGIHandler class did not properly protect against the HTTP_PROXY variable name clash in a CGI context. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a Python CGI script to an attacker-controlled proxy via a malicious HTTP request.

tags | advisory, remote, web, cgi, python
systems | linux, redhat
advisories | CVE-2016-0772, CVE-2016-1000110, CVE-2016-5699
MD5 | 5c4f0a8e974437ef65b97dc33fd28f3f
Red Hat Security Advisory 2016-1627-01
Posted Aug 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1627-01 - Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and libraries, as well as to various windowing systems. Security Fix: It was discovered that the Python CGIHandler class did not properly protect against the HTTP_PROXY variable name clash in a CGI context. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a Python CGI script to an attacker-controlled proxy via a malicious HTTP request.

tags | advisory, remote, web, cgi, python
systems | linux, redhat
advisories | CVE-2016-0772, CVE-2016-1000110, CVE-2016-5699
MD5 | 4a80a804ca49b06fb96354f767bbcc96
Red Hat Security Advisory 2016-1636-01
Posted Aug 21, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1636-01 - This release of Red Hat JBoss Web Server 3.0.3 Service Pack 1 serves as a update for Red Hat JBoss Web Server 3.0.3 httpd and tomcat. Security Fix: It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request.

tags | advisory, remote, web, cgi
systems | linux, redhat
advisories | CVE-2016-5387, CVE-2016-5388
MD5 | 71e4a37e06d92d984bcdf8bab8012f4a
Red Hat Security Advisory 2016-1625-02
Posted Aug 17, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1625-02 - This release of Red Hat JBoss Core Services Service Pack 1 serves as a replacement for JBoss Core Services Apache HTTP Server. Security Fix: It was discovered that Apache HTTP Server used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request.

tags | advisory, remote, web, cgi
systems | linux, redhat
advisories | CVE-2016-5387
MD5 | ae02625deda15d1643d5fbb5170161d8
Red Hat Security Advisory 2016-1624-01
Posted Aug 17, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1624-01 - This release of Red Hat JBoss Web Server 3.0.3 Service Pack 1 serves as a update for Red Hat JBoss Web Server 3.0.3 httpd and tomcat. Security Fix: It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request.

tags | advisory, remote, web, cgi
systems | linux, redhat
advisories | CVE-2016-5387, CVE-2016-5388
MD5 | ebdbb54fd7f5f8bb1d657fca632ba0f8
Red Hat Security Advisory 2016-1573-01
Posted Aug 5, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1573-01 - Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fix: It was found that the fix for CVE-2016-4051 released via RHSA-2016:1138 did not properly prevent the stack overflow in the munge_other_line() function. A remote attacker could send specially crafted data to the Squid proxy, which would exploit the cachemgr CGI utility, possibly triggering execution of arbitrary code.

tags | advisory, remote, web, overflow, arbitrary, cgi
systems | linux, redhat
advisories | CVE-2016-5408
MD5 | 15b2429a81a9c12b3390c34d17bbda3f
Red Hat Security Advisory 2016-1538-01
Posted Aug 2, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1538-01 - The golang packages provide the Go programming language compiler. The following packages have been upgraded to a newer upstream version: golang. Security Fix: An input-validation flaw was discovered in the Go programming language built in CGI implementation, which set the environment variable "HTTP_PROXY" using the incoming "Proxy" HTTP-request header. The environment variable "HTTP_PROXY" is used by numerous web clients, including Go's net/http package, to specify a proxy server to use for HTTP and, in some cases, HTTPS requests. This meant that when a CGI-based web application ran, an attacker could specify a proxy server which the application then used for subsequent outgoing requests, allowing a man-in-the-middle attack.

tags | advisory, web, cgi
systems | linux, redhat
advisories | CVE-2016-5386
MD5 | 77d9d5de16b6046bfc28d4daee82e9dd
Iris ID IrisAccess ICU 7000-2 Remote Root Command Execution
Posted Jul 27, 2016
Authored by LiquidWorm | Site zeroscience.mk

The Iris ID IrisAccess ICU 7000-2 device suffers from an unauthenticated remote command execution vulnerability. The vulnerability exist due to several POST parameters in the '/html/SetSmarcardSettings.php' script not being sanitized when using the exec() PHP function while updating the Smart Card Settings on the affected device. Calling the '$CommandForExe' variable which is set to call the '/cgi-bin/setsmartcard' CGI binary with the affected parameters as arguments allows the attacker to execute arbitrary system commands as the root user and bypass the biometric access control in place.

tags | exploit, remote, arbitrary, cgi, root, php
MD5 | f59e65cadfb308c8285e1fd97c8debff
Debian Security Advisory 3623-1
Posted Jul 20, 2016
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3623-1 - Scott Geary of VendHQ discovered that the Apache HTTPD server used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request.

tags | advisory, remote, web, cgi
systems | linux, debian
advisories | CVE-2016-5387
MD5 | d0615c9ff4f86bce1493eaec4f9eb683
Red Hat Security Advisory 2016-1420-01
Posted Jul 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1420-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request.

tags | advisory, remote, web, cgi
systems | linux, redhat
advisories | CVE-2016-4979, CVE-2016-5387
MD5 | bea311b5e8c0745339385478afa2ee7f
Ubuntu Security Notice USN-3038-1
Posted Jul 18, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3038-1 - It was discovered that the Apache HTTP Server would set the HTTP_PROXY environment variable based on the contents of the Proxy header from HTTP requests. A remote attacker could possibly use this issue in combination with CGI scripts that honour the HTTP_PROXY variable to redirect outgoing HTTP requests.

tags | advisory, remote, web, cgi
systems | linux, ubuntu
advisories | CVE-2016-5387
MD5 | c86498b031429724ac164a93b704b529
Red Hat Security Advisory 2016-1421-01
Posted Jul 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1421-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request.

tags | advisory, remote, web, cgi
systems | linux, redhat
advisories | CVE-2016-5387
MD5 | 614b40ea9841a30aaacfba0a5fe026a7
Red Hat Security Advisory 2016-1422-01
Posted Jul 18, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1422-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fix: It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request.

tags | advisory, remote, web, cgi
systems | linux, redhat
advisories | CVE-2016-5387
MD5 | da23a7d6723e082cd25203a4cbe0db4f
IPFire proxy.cgi Remote Command Execution
Posted Jun 9, 2016
Authored by h00die, Yann CAM | Site metasploit.com

IPFire, a free linux based open source firewall distribution, versions prior to 2.19 Update Core 101 contain a remote command execution vulnerability in the proxy.cgi page.

tags | exploit, remote, cgi
systems | linux
MD5 | e746b797e03c49d9a2212d7299db7b23
Ubuntu Security Notice USN-2995-1
Posted Jun 9, 2016
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2995-1 - Yuriy M. Kaminskiy discovered that the Squid pinger utility incorrectly handled certain ICMPv6 packets. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly cause Squid to leak information into log files. Yuriy M. Kaminskiy discovered that the Squid cachemgr.cgi tool incorrectly handled certain crafted data. A remote attacker could use this issue to cause Squid to crash, resulting in a denial of service, or possibly execute arbitrary code. Various other issues were also addressed.

tags | advisory, remote, denial of service, arbitrary, cgi
systems | linux, ubuntu
advisories | CVE-2016-3947, CVE-2016-4051, CVE-2016-4052, CVE-2016-4053, CVE-2016-4054, CVE-2016-4553, CVE-2016-4554, CVE-2016-4555, CVE-2016-4556
MD5 | bb2147c6eb5504215df16972765f0e77
Red Hat Security Advisory 2016-1140-01
Posted May 31, 2016
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2016-1140-01 - The "squid34" packages provide version 3.4 of Squid, a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Note that apart from "squid34", this version of Red Hat Enterprise Linux also includes the "squid" packages which provide Squid version 3.1. Security Fix: A buffer overflow flaw was found in the way the Squid cachemgr.cgi utility processed remotely relayed Squid input. When the CGI interface utility is used, a remote attacker could possibly use this flaw to execute arbitrary code.

tags | advisory, remote, web, overflow, arbitrary, cgi
systems | linux, redhat
advisories | CVE-2016-4051, CVE-2016-4052, CVE-2016-4053, CVE-2016-4054, CVE-2016-4553, CVE-2016-4554, CVE-2016-4555, CVE-2016-4556
MD5 | 45504d41466709f36e10ee4bc7a5bbb7
Page 2 of 38
Back12345Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close