23 matches found
Exim 4.91 Local Privilege Escalation
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'expect' class MetasploitModule 'Exim 4.87 - 4.91 Local Privilege Escalation', 'Description' = %q This module exploits a flaw in Exim versions 4.87 to 4.91...
Exim 4.91 Local Privilege Escalation Exploit
Exploit for linux platform in category local exploits !/bin/bash raptoreximwiz - "The Return of the WIZard" LPE exploit Copyright c 2019 Marco Ivaldi A flaw was found in Exim versions 4.87 to 4.91 inclusive. Improper validation of recipient address in delivermessage function in /src/deliver.c may...
CVE-2019-10149: the Exim remote command execution vulnerability and early warning analysis-vulnerability warning-the black bar safety net
Recently, security researchers found the Exim mail server there is a remote command execution vulnerability, the vulnerability number CVE-2019-10149 it. The vulnerability in the default configuration may be a local attacker to direct the use, by low-privileged user to execute root command, a remo...
Exim 4.87 - 4.91 RCE Vulnerability
Exim is prone to an unauthenticated remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
Novell Client 4.91 SP4 - Privilege Escalation Exploit
No description provided by source. Novell Client 4.91 SP3/4 Privilege escalation exploit Download link: http://download.novell.com/Download?buildid=SyZ1G2ti7wU SecurityFocus: http://www.securityfocus.com/bid/27209/info CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5762 Patch:...
Novell Client 4.91 NWSPOOL.DLL Remote Buffer Overflow Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/21220/info Novell Client is prone to a remote buffer-overflow vulnerability. Successful exploits may result in a denial-of-service condition or arbitrary code execution. Remote, anonymous attackers may exploit this issue...
Novell Client 4.91 SP4 nwfs.sys Local Privilege Escalation
This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' require 'rex' require 'msf/core/post/common' require...
Novell Client 4.91 SP4 nwfs.sys Local Privilege Escalation
This module exploits a flaw in the nwfs.sys driver to overwrite data in kernel space. The corruption occurs while handling ioctl requests with code 0x1438BB, where a 0x00000009 dword is written to an arbitrary address. An entry within the HalDispatchTable is overwritten in order to execute...
Novell Client 4.91 SP4 Privilege Escalation Exploit
Exploit for windows platform in category local exploits Novell Client 4.91 SP3/4 Privilege escalation exploit Download link: http://download.novell.com/Download?buildid=SyZ1G2ti7wU SecurityFocus: http://www.securityfocus.com/bid/27209/info CVE:...
Novell Client 4.91 SP4 - Local Privilege Escalation
Novell Client 4.91 SP4 - Local Privilege Escalation Novell Client 4.91 SP3/4 Privilege escalation exploit Download link: http://download.novell.com/Download?buildid=SyZ1G2ti7wU SecurityFocus: https://www.securityfocus.com/bid/27209/info CVE:...
Remote code execution
webmail/modules/filesystem/edit.php in U-Mail Webmail server 4.91 allows remote attackers to overwrite arbitrary files via an absolute pathname in the path parameter and arbitrary content in the content parameter. NOTE: this can be leveraged for code execution by writing to a file under the web...
U-Mail Webmail 'edit.php' Arbitrary File Write Vulnerability
U-Mail Webmail Arbitrary File Write Vulnerability ================================================== Vulnerable: U-Mail 4.91 Vendors: www.comingchina.com Category: Input Validation Error Impact: An attacker can write arbitrary data to new files. Author: Shennan Wang Date: 2008-10-30 Web:...
U-Mail Webmail 4.91 (edit.php) Arbitrary File Write Vulnerability
Exploit for unknown platform in category web applications ================================================================= U-Mail Webmail 4.91 edit.php Arbitrary File Write Vulnerability =================================================================...
U-Mail Webmail 4.91 - edit.php Arbitrary File Write
U-Mail Webmail 4.91 - edit.php Arbitrary File Write U-Mail Webmail Arbitrary File Write Vulnerability ================================================== Vulnerable: U-Mail 4.91 Vendors: www.comingchina.com Category: Input Validation Error Impact: An attacker can write arbitrary data to new files...
CVE-2008-3158
Unspecified vulnerability in NWFS.SYS in Novell Client for Windows 4.91 SP4 has unknown impact and attack vectors, possibly related to IOCTL requests that overwrite arbitrary memory...
Code injection
Unspecified vulnerability in NWFS.SYS in Novell Client for Windows 4.91 SP4 has unknown impact and attack vectors, possibly related to IOCTL requests that overwrite arbitrary memory...
Novell Client nwspool.dll EnumPrinters buffer overflow
Added: 02/22/2008 CVE: CVE-2008-0639 BID: 27741 OSVDB: 41510 Background Novell Client software provides NetWare connectivity to Windows platforms. Problem The nwspool.dll library in Novell Client is affected by a buffer overflow in the EnumPrinters function, allowing remote attackers to execute...
CVE-2007-5762
NICM.SYS driver 3.0.0.4, as used in Novell NetWare Client 4.91 SP4, allows local users to execute arbitrary code by opening the \.\nicm device and providing crafted kernel addresses via IOCTLs with the METHODNEITHER buffering mode...
CVE-2007-0108
nwgina.dll in Novell Client 4.91 SP3 for Windows 2000/XP/2003 does not delete user profiles during a Terminal Service or Citrix session, which allows remote authenticated users to invoke alternate user profiles...
Novell Client NWGINA.DLL User档案文件安全绕过漏洞
Novell Client是一款Novell系统客户端。 Novell Client存在安全绕过问题,远程攻击者可以利用漏洞在Citrix环境中调用其他用户的档案文件,导致提权等攻击。 目前没有详细漏洞细节提供。 Novell Client 4.91 SP3 可联系供应商获得解决方案: http://support.novell.com/cgi-bin/search/searchtid.cgi?/2974970.htm...