Jaguar

**Name of the Vulnerable Software and Affected Versions** Annuaire Netref version 4.2 **Description** The issue allows remote attackers to execute arbitrary PHP code. This is achieved by setting the `ad direct` parameter to reference cat for gen.php, then including the code in the `m for racine` parameter, which is then written to cat for gen.php. **Recommendations** For Annuaire Netref version 4.2, consider restricting access to the cat for gen.php file and avoid using the `ad direct` and `m for racine` parameters until a patch is available. As a temporary workaround, consider disabling the execution of PHP code in the cat for gen.php file to prevent exploitation.

**Name of the Vulnerable Software and Affected Versions** queue versions prior to 1.30.1 **Description** A buffer overflow issue in queue.c and queued.c may allow remote attackers to execute arbitrary code. **Recommendations** For versions prior to 1.30.1, update to version 1.30.1 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** gopherd version 3.0.3 **Description** The issue is related to an integer overflow in the gopher daemon. This can be triggered by remote attackers sending crafted content of a certain size, potentially leading to a denial of service and possibly the execution of arbitrary code. **Recommendations** For gopherd version 3.0.3, update to a newer version that addresses the integer overflow issue to prevent potential denial of service and arbitrary code execution.

**Name of the Vulnerable Software and Affected Versions** gopherd version 3.0.3 **Description** A format string vulnerability exists in the log routine of the gopher daemon, which allows remote attackers to cause a denial of service and possibly execute arbitrary code. **Recommendations** For gopherd version 3.0.3, update to a version that fixes this issue to prevent potential exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Gemitel version 3.50 **Description** The issue allows remote attackers to execute arbitrary PHP code via the `base` parameter in the `affich.php` file. **Recommendations** For Gemitel version 3.50, consider restricting access to the `affich.php` file to minimize the risk of exploitation. Avoid using the `base` parameter in the affected file until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.