Posts Tagged ‘arbitrary’

Ghostscript 9.21 Type Confusion Arbitrary Command Execution

This Metasploit module exploits a type confusion vulnerability in Ghostscript that can be exploited to obtain arbitrary command execution. This vulnerability affects Ghostscript versions 9.21 and earlier and can be exploited through libraries such as ImageMagick and Pillow. Source: Ghostscript 9.21 Type Confusion Arbitrary Command Execution


Solarwinds LEM 6.3.1 Management Shell Arbitrary File Read

The management shell on Solarwinds Log and Event Manager Virtual Appliance version 6.3.1 allows the end user to edit the MOTD banner displayed during SSH logon. The editor provided for this is nano. This editor has a keyboard mapped function which lets the user import a file from the local file system into the editor. […]