Trend Micro InterScan Web Security Virtual Appliance CSRF Protection Bypass Vulnerability

Trend Micro InterScan Web Security Virtual Appliance IWSVA is a Web security gateway from Trend Micro that provides dynamic, integrated security protection for enterprise networks against Web-based threats. A security vulnerability exists in Trend Micro InterScan Web Security Virtual Appliance 6....

CVE-2020-27010

A cross-site scripting XSS vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2 could allow an attacker to tamper with the web interface of the product in a manner separate from the similar CVE-2020-8462...

Trend Micro Web Security - Remote Code Execution

This Metasploit module exploits multiple vulnerabilities together in order to achieve a remote code execution. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Trend Micro Web Security Virtual...

Trend Micro Web Security (Virtual Appliance) Remote Code Execution

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Trend Micro Web Security Virtual Appliance Remote Code Execution', 'Description' = %q This module exploits multiple vulnerabilities together in...

Trend Micro Web Security (Virtual Appliance) Remote Code Execution Exploit

This Metasploit module exploits multiple vulnerabilities together in order to achieve a remote code execution. Unauthenticated users can execute a terminal command under the context of the root user. The specific flaw exists within the LogSettingHandler class of administrator interface software...

Information disclosure

RSA Archer versions, prior to 6.5 SP2, contain an information exposure vulnerability. The database connection password may get logged in plain text in the RSA Archer log files. An authenticated malicious local user with access to the log files may obtain the exposed password to use it in further...

CVE-2016-9269

Remote Command Execution in com.trend.iwss.gui.servlet.ManagePatches in Trend Micro Interscan Web Security Virtual Appliance IWSVA version 6.5-SP2BuildLinux1707 and earlier allows authenticated, remote users with least privileges to run arbitrary commands on the system as root via Patch Update...

Novell NetWare LSASS CIFS.NLM Driver Stack Overflow

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Novell NetWare...

Novell NetWare LSASS CIFS.NLM Driver Stack Buffer Overflow

This module exploits a stack buffer overflow in the NetWare CIFS.NLM driver. Since the driver runs in the kernel space, a failed exploit attempt can cause the OS to reboot. This module requires Metasploit: https://metasploit.com/download Current source:...

Novell NetWare 6.5 SP2-SP7 - LSASS CIFS.NLM Overflow (Metasploit)

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Novell NetWare...

Novell NetWare 6.5 SP2-SP7 LSASS CIFS.NLM Overflow

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core'...