Stack overflow

Multiple stack-based buffer overflows in the PVATLCalendar.PVCalendar.1 ActiveX control in pvcalendar.ocx in the scheduler component in the Media Server in Symantec Backup Exec for Windows Server BEWS 11d 11.0.6235 and 11.0.7170, and 12.0 12.0.1364, allow remote attackers to execute arbitrary cod...

Authentication flaw

The PVATLCalendar.PVCalendar.1 ActiveX control in pvcalendar.ocx in the scheduler component in the Media Server in Symantec Backup Exec for Windows Server BEWS 11d 11.0.6235 and 11.0.7170, and 12.0 12.0.1364, exposes the unsafe Save method, which allows remote attackers to cause a denial of servi...

CVE-2007-6017

The PVATLCalendar.PVCalendar.1 ActiveX control in pvcalendar.ocx in the scheduler component in the Media Server in Symantec Backup Exec for Windows Server BEWS 11d 11.0.6235 and 11.0.7170, and 12.0 12.0.1364, exposes the unsafe Save method, which allows remote attackers to cause a denial of servi...

CVE-2007-6016

Multiple stack-based buffer overflows in the PVATLCalendar.PVCalendar.1 ActiveX control in pvcalendar.ocx in the scheduler component in the Media Server in Symantec Backup Exec for Windows Server BEWS 11d 11.0.6235 and 11.0.7170, and 12.0 12.0.1364, allow remote attackers to execute arbitrary cod...

CVE-2007-6017

The PVATLCalendar.PVCalendar.1 ActiveX control in pvcalendar.ocx in the scheduler component in the Media Server in Symantec Backup Exec for Windows Server BEWS 11d 11.0.6235 and 11.0.7170, and 12.0 12.0.1364, exposes the unsafe Save method, which allows remote attackers to cause a denial of servi...

CVE-2007-6017

The PVATLCalendar.PVCalendar.1 ActiveX control (pvcalendar.ocx) in the Media Server component of Symantec Backup Exec for Windows Server (BEWS) 11d/12.0 exposes an unsafe Save method. The vulnerability allows a remote attacker to cause a denial of service (browser crash) or to create/overwrite ar...

CVE-2007-6016

CVE-2007-6016 affects the PVATLCalendar.PVCalendar.1 ActiveX control (pvcalendar.ocx) in the Symantec Backup Exec for Windows Server BEWS, specifically the Media Server’s scheduler component. The vulnerability arises from stack-based buffer overflows when long values are written to the properties...

Symantec Backup Exec系统还原管理器FileUpload类非授权文件上传漏洞

BUGTRAQ ID: 27487 CVECAN ID: CVE-2008-0457 Symantec Backup Exec是一款全面的数据备份解决方案。 Symantec Backup Exec系统还原管理器的运行在Symantec LiveState Apache Tomcat服务器（TCP 8080端口）上的FileUpload类存在安全漏洞。如果远程攻击者向该服务器提交了恶意的HTTP POST请求的话，就可以向公开可访问的web目录上传JSP脚本，导致执行任意代码。 Symantec Backup Exec System Recovery Manager 7.0.1...

Backup Exec System Recovery Manager <= 7.0.1 File Upload Exploit

No description provided by source. ?xml version="1.0"? html xmlns="http://www.w3.org/1999/xhtml" headtitleFile Upload POC/title/head body h2 Backup Exec System Recovery Manager 7.0brFile Upload POC/h2 form action="https://TARGET:8443/axis/FileUpload" method="post" enctype="multipart/form-data"...

Symantec Backup Exec System Recovery Manager FileUpload Class Unauthorized File Upload

The remote host appears to be running Symantec Backup Exec System Recovery Manager, a backup manager solution. The version of Recovery Manager on the remote host includes the Tomcat Servlet 'FileUpload' that fails to validate the user input. An unauthenticated attacker may be able to exploit this...

backupexec-upload.txt

File Upload POC Backup Exec System Recovery Manager 7.0File Upload POC :8443/axis/FileUpload" method="post" enctype="multipart/form-data" Remote Path: File to upload: cBastardLabs 2008...

Backup Exec System Recovery Manager <= 7.0.1 File Upload Exploit

Exploit for unknown platform in category remote exploits ================================================================ Backup Exec System Recovery Manager File Upload POC Backup Exec System Recovery Manager 7.0File Upload POC :8443/axis/FileUpload" method="post" enctype="multipart/form-data"...

Backup Exec System Recovery Manager 7.0.1 - Arbitrary File Upload

Backup Exec System Recovery Manager 7.0.1 - Arbitrary File Upload File Upload POC Backup Exec System Recovery Manager 7.0File Upload POC :8443/axis/FileUpload" method="post" enctype="multipart/form-data" Remote Path: File to upload: cBastardLabs 2008. milw0rm.com 2008-02-07...

Symantec Backup Exec System Recovery Manager unauthorized access

It's possible to upload files with TCP/8080 Web server...

dBpowerAMP Audio Player Release 2 M3U File Buffer Overflow Exploit

No description provided by source. dBpowerAMP Audio Player Release 2 Remote Buffer Overflow Exploit $nop= "x90" x 65; win32exec - CMD=cmd /k net user /add secur frog Size=188 http://metasploit.comhttp://metasploit.com 253 my $shellcode = "x29xc9x83xe9xd7xd9xeexd9x74x24xf4x5bx81x73x13x6c"...

ZDI-08-003: Symantec Backup Exec Remote File Upload Vulnerability

ZDI-08-003: Symantec Backup Exec Remote File Upload Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-003.html February 6, 2008 -- CVE ID: CVE-2008-0457 -- Affected Vendor: Symantec -- Affected Products: Backup Exec System Recovery Manager 7.0 Backup Exec System Recovery Manager...

Backup Exec System Recovery Manager 7.0.1 - Arbitrary File Upload

File Upload POC Backup Exec System Recovery Manager 7.0File Upload POC :8443/axis/FileUpload" method="post" enctype="multipart/form-data" Remote Path: File to upload: cBastardLabs 2008. milw0rm.com 2008-02-07...

Symantec Backup Exec Remote File Upload Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Backup Exec System Recovery Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the FileUpload class running on the Symantec LiveState Apache...

win xp/2000/2003 Download File and Exec 241 bytes

No description provided by source. / ----------------------------------------------------------------------- downloadurlv31.c - Download file and exec shellcode for Overflow exploit Copyright C 2000-2004 HUC All Rights Reserved. Author : lion : lioncnhonker.net...

linux/ppc read &amp; exec shellcode 32 bytes

No description provided by source. / readnexecppc-core.c by Charles Stevenson [email protected] / char hellcode = / read0,stack,1028; stack; linux/ppc by core / "\x7c\x63\x1a\x79" / xor. r3,r3,r3 / "\x38\xa0\x04\x04" / li r5,1028 / "\x30\x05\xfb\xff" / addic r0,r5,-1025 / "\x7c\x24\x0b\x78" / mr...