Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

S-156: OpenBSD bgplg 'cmd' Parameter Vulnerability

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) S-156: OpenBSD bgplg 'cmd' Parameter Vulnerability
# 1  
Old 02-01-2008
S-156: OpenBSD bgplg 'cmd' Parameter Vulnerability
OpenBSD bgplg is prone to a cross-site scripting vulnerability because the application fails to properly sanitize user-supplied input. The risk is MEDIUM. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may help the attacker steal cookie-based authentication credentials and launch other attacks.


More...
Login or Register to Ask a Question

Previous Thread | Next Thread

6 More Discussions You Might Find Interesting

1. Shell Programming and Scripting

XSS vulnerability found via injection in the parameter address

Mods please move if posted in wrong section, I wasnt sure where to ask this one. There are several of us that use an open source program called yiimp, https://github.com/tpruvot/yiimp several of our sites were attacked last night and I am reaching out to you guys to see if then vulnerability... (0 Replies)
Discussion started by: crombiecrunch
0 Replies

2. Shell Programming and Scripting

Command that takes one parameter and then searches for the passed in parameter

Hi I am looking for a unix command or a small shell script which can takes one parameter and then searches for the passed in the parameter in any or all files under say /home/dev/ Can anyone please help me on this? (3 Replies)
Discussion started by: pankaj80
3 Replies

3. Shell Programming and Scripting

Perl open(CMD, "cmd |"); buffering problem..

Hello, There's a third-party application's command that shows the application's status like "tail -f verybusy.log". When use the command, the output comes every 1-sec. but when it goes in a script below the output comes every 8-sec...What is the problem and how can I fix it? open(CMD,... (2 Replies)
Discussion started by: Shawn, Lee
2 Replies

4. Shell Programming and Scripting

Unix cmd prompt how to get old cmd run?

Hi, I am using SunOS I want to serch my previous command from unix prompt (like on AIX we can search by ESC -k) how to get in SunOs urgent help require. (10 Replies)
Discussion started by: RahulJoshi
10 Replies

5. Shell Programming and Scripting

how do I make dynamic parameter names? Or get the value of a parameter evaluated twi

Say I write something like the following: var1=1 var2=2 for int in 1 2 do echo "\$var$int" done I want the output to be: 1 2 Instead I get something like: $var1 $var2 (2 Replies)
Discussion started by: Awanka
2 Replies

6. UNIX for Dummies Questions & Answers

man <cmd> >> cmd.txt

I've noticed most of my postings here are because of syntax errors. So I want to begin compiling a large txt file that contains all the "man <cmd>" of the commands I most have problems with. I ran a "man nawk >> nawk.txt" but it included a header/footer on each "page". Anyone know how I'd be... (6 Replies)
Discussion started by: yongho
6 Replies
Login or Register to Ask a Question

LEARN ABOUT CENTOS

trace-cmd-stop

TRACE-CMD-STOP(1)														 TRACE-CMD-STOP(1)

NAME

       trace-cmd-stop - stop the Ftrace Linux kernel tracer from writing to the ring buffer.

SYNOPSIS

       trace-cmd stop

DESCRIPTION

       The trace-cmd(1) stop is a complement to trace-cmd-start(1). This will disable Ftrace from writing to the ring buffer. This does not stop
       the overhead that the tracing may incur. Only the updating of the ring buffer is disabled, the Ftrace tracing may still be inducing
       overhead.

       After stopping the trace, the trace-cmd-extract(1) may strip out the data from the ring buffer and create a trace.dat file. The Ftrace
       pseudo file system may also be examined.

       To disable the tracing completely to remove the overhead it causes, use trace-cmd-reset(1). But after a reset is performed, the data that
       has been recorded is lost.

SEE ALSO

       trace-cmd(1), trace-cmd-record(1), trace-cmd-report(1), trace-cmd-start(1), trace-cmd-extract(1), trace-cmd-reset(1), trace-cmd-split(1),
       trace-cmd-list(1), trace-cmd-listen(1)

AUTHOR

       Written by Steven Rostedt, <rostedt@goodmis.org[1]>

RESOURCES

       git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/trace-cmd.git

COPYING

       Copyright (C) 2010 Red Hat, Inc. Free use of this software is granted under the terms of the GNU Public License (GPL).

NOTES

	1. rostedt@goodmis.org
	   mailto:rostedt@goodmis.org

								    06/11/2014							 TRACE-CMD-STOP(1)