OSCA-550, OSCA-550A Security Vulnerabilities
FTP Server Traversal Arbitrary File Access (RETR)
The remote FTP server allows a user to retrieve files outside his home directory using a specially crafted 'RETR' command with traversal sequences. A remote attacker could exploit this flaw to gain access to arbitrary...
0.4AI Score
1.3AI Score
7.4AI Score
EPSS
7.4AI Score
EPSS
1AI Score
MOXA Device Manager Tool 2.1 Buffer Overflow
This module exploits a stack buffer overflow in MOXA MDM Tool 2.1. When sending a specially crafted MDMGw (MDM2_Gateway) response, an attacker may be able to execute arbitrary...
7.9AI Score
CA BrightStor ARCserve for Laptops & Desktops LGServer - Remote Buffer Overflow (Metasploit) (3)
...
7.4AI Score
EPSS
MOXA Device Manager Tool 2.1 - Buffer Overflow (Metasploit)
MOXA Device Manager Tool 2.1 - Buffer Overflow (Metasploit). CVE-2010-4741. Local exploit for Windows...
0.1AI Score
0.332EPSS
1.3AI Score
Unfixed XSS vulnerability at sexinthecitiestour.com
Security researcher nullbyt3, has submitted on 19/10/2010 a cross-site-scripting (XSS) vulnerability affecting sexinthecitiestour.com, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 18/12/2011. It is...
-0.1AI Score
1.3AI Score
DATAC RealWin SCADA Server SCPC_INITIALIZE_RF Buffer Overflow
This module exploits a stack buffer overflow in DATAC Control International RealWin SCADA Server 2.0 (Build 6.1.8.10). By sending a specially crafted packet, an attacker may be able to execute arbitrary...
1.5AI Score
DATAC RealWin SCADA Server SCPC_INITIALIZE Buffer Overflow
This module exploits a stack buffer overflow in DATAC Control International RealWin SCADA Server 2.0 (Build 6.1.8.10). By sending a specially crafted packet, an attacker may be able to execute arbitrary...
1.5AI Score
This module will serve an FTP server and perform FTP client interaction...
7.1AI Score
7.4AI Score
EPSS
7.4AI Score
EPSS
U.S. Government Publishes List of Top IT Projects
HED: Security and data integration projects top list of top .GOV IT projects DEK: Stovepipe busting and data sharing are common themes as Uncle Sam details the top IT projects. The White House’s Office of Management and Budget (OMB) on Monday released its list of the top 26 government IT...
-0.2AI Score
7.4AI Score
0.1AI Score
0.1AI Score
SapGUI BI v7100.1.400.8 Heap Corruption Exploit
Exploit for windows platform in category remote...
7.1AI Score
7.4AI Score
EPSS
Checks the Sendmail Configuration. The Script test the SMTP Sendmail Server if the commands DEBUG, VRFY and EXPN are...
7.3AI Score
Q&A: HD Moore on Metasploit, Disclosure and Ethics
We conducted our third live chat this week, this one with HD Moore, the founder of the Metasploit Project and the CSO of Rapid7. Moore got a lot of great questions on a wide variety of topics, so if you weren’t able to join us, here’s a full transcript of the chat. Dennis Fisher: Hi everyone, and.....
-0.4AI Score
7.4AI Score
EPSS
7.4AI Score
EPSS
7.4AI Score
7.4AI Score
EPSS
AI Score
FreeBSD and OpenBSD 'ftpd' NULL Pointer Dereference Denial Of Service Vulnerability
The FreeBSD and OpenBSD 'ftpd' service is prone to a denial-of-service vulnerability because of a NULL-pointer dereference. Successful exploits may allow remote attackers to cause denial-of- service conditions. Given the nature of this issue, attackers may also be able to run arbitrary code, but...
AI Score
FreeBSD and OpenBSD 'ftpd' NULL Pointer Dereference Denial Of Service Vulnerability
The FreeBSD and...
7.4AI Score
Attempts to enumerate the users on a SMTP server by issuing the VRFY, EXPN or RCPT TO commands. The goal of this script is to discover all the user accounts in the remote system. The script will output the list of user names that were found. The script will stop querying the SMTP server if...
9.8CVSS
-0.1AI Score
0.973EPSS
AI Score
Simply Classified 0.2 - Cross-Site Scripting Cross-Site Request Forgery
Simply Classified 0.2 - Cross-Site Scripting Cross-Site Request...
0.8AI Score
7.1AI Score
7.4AI Score
0.1AI Score
0.3AI Score
0.891EPSS
0.1AI Score
Camino 1.6.10 Remote Array Overrun (Arbitrary code execution)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [ Camino 1.6.10 Remote Array Overrun (Arbitrary code execution) ] Author: Maksymilian Arciemowicz and sp3x http://SecurityReason.com Date: - - Dis.: 07.05.2009 - - Pub.: 11.12.2009 CVE: CVE-2009-0689 CWE: CWE-119 Risk: High Remote: Yes Affected...
0.7AI Score
0.97EPSS
0.3AI Score
0.97EPSS
Computer Associates ARCserve REPORTREMOTEEXECUTECML Buffer Overflow
This module exploits a buffer overflow in Computer Associates BrightStor ARCserve r11.5 (build 3884). By sending a specially crafted RPC request to opcode 0x342, an attacker could overflow the buffer and execute arbitrary code. In order to successfully exploit this vulnerability, you will need set....
8.2AI Score
0.7AI Score
0.5AI Score
0.941EPSS
0.5AI Score
0.889EPSS
1.3AI Score
0.303EPSS
0.7AI Score
0.071EPSS
0.7AI Score
0.95EPSS
0.5AI Score
0.22EPSS
0.7AI Score
0.898EPSS