Hannon Hill's Cascade Server product is vulnerable to a command execution vulnerability. An attacker with access to an unprivileged account within Cascade Server could exploit this vulnerability to run arbitrary commands on the system with the privileges of the user who started Cascade Server. Exploit included.
f7ced456827e556f7666c29ee5a31702075e67c0ad2062551073b9d05905ce9fTelartis's AWStats Totals versions 1.0 through 1.14 suffer from a remote code execution vulnerability.
d9ce95a383cb2e1ade8d4133679234958de2b0f8d679e1c091b434b2d3745d8fSafeNet Inc.'s Sentinel Protection Server and Sentinel Keys Server products include web servers which are vulnerable to directory traversal attacks. Full details provided.
f7f6354ebed49f68c99bbd67e5995748deda4a1778bd64afdf085e8b40571d30A SQL injection vulnerability exists in the Log On page of the web interface for Cisco CallManager AKA Unified Communications Manager. An unauthenticated attacker who is able to access the Log On page could exploit this vulnerability to run arbitrary SQL commands as the logged in database user, usually cm_publisher. By running SQL commands, the attacker could gain information about the CallManager configuration, including call records. Exploitation details provided.
bdf4519eaae63fb7371ea2a51f7e95369b5b21611901b65877146460074a3edfDataDomain OS versions 3.0.0 through 4.0.3.5 suffer from an arbitrary command execution flaw.
c27abbbc37ec5024f9f399fc7955c3b2bb3d37224f3d245488dec40b548509b5Ars Digita Community System (ACS) versions 3.4.10 and below suffer from a directory traversal vulnerability.
28bf38108a3490ba56539fc9a6818406b5265072836249f9e56dfad64160cffd
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed