18 matches found
EUVD-2017-15064
Malware in sbrugna...
EUVD-2017-4352
Malware in sbrugna...
Bomgar Remote Support Portal JavaStart.jar Applet Path Traversal Vulnerability
Bomgar Remote Support Portal JavaStart.jar Applet is a suite of cross-platform remote support tools from Bomgar, USA. The tool provides remote assistance through firewalls to remote desktops, servers, POS systems and other mobile devices. A path traversal vulnerability exists in Bomgar Remote...
CVE-2017-12815
Analysis of the Bomgar Remote Support Portal JavaStart.jar Applet 52790 and earlier revealed that it is vulnerable to a path traversal vulnerability. The archive can be downloaded from a given Bomgar Remote Support Portal deployment at https://domain/api/content/JavaStart.jar and is callable from...
Path traversal
Analysis of the Bomgar Remote Support Portal JavaStart.jar Applet 52790 and earlier revealed that it is vulnerable to a path traversal vulnerability. The archive can be downloaded from a given Bomgar Remote Support Portal deployment at https://domain/api/content/JavaStart.jar and is callable from...
Bomgar Remote Support DLL Hijacking Vulnerability
Bomgar Remote Support is a suite of cross-platform remote support software from Bomgar USA. The software provides remote assistance through firewalls for remote desktops, servers, POS systems and other mobile devices. A security vulnerability exists in the agent in Bomgar Remote Support, which...
Bomgar Remote Support Local Privilege Escalation Vulnerability
Bomgar Remote Support suffers from a local privilege escalation vulnerability. Versions affected include 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4. =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= Advisory Name: Bomgar Remote Support - Loc...
CVE-2017-5996
The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijacking because of weak %SYSTEMDRIVE%\ProgramData permissions...
Design/Logic Flaw
The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijacking because of weak %SYSTEMDRIVE%\ProgramData permissions...
CVE-2017-5996
The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijacking because of weak %SYSTEMDRIVE%\ProgramData permissions...
CVE-2017-5996
The CVE-2017-5996 issue affects Bomgar Remote Support: the agent in 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 is vulnerable to DLL hijacking due to weak permissions on %SYSTEMDRIVE%\ProgramData. This is a local privilege escalation exposure where an attacker could lever...
CVE-2017-5996
The agent in Bomgar Remote Support 15.2.x before 15.2.3, 16.1.x before 16.1.5, and 16.2.x before 16.2.4 allows DLL hijacking because of weak %SYSTEMDRIVE%\ProgramData permissions...
Bomgar Remote Support Unauthenticated Code Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Bomgar Remote Support Unauthenticated Code Execution', 'Description' = %q This module exploits a vulnerability in the Bomgar Remote...
Bomgar Remote Support - Code Execution (Metasploit)
Bomgar Remote Support - Code Execution Metasploit This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'Bomgar Remote Support Unauthenticated Code Execution', 'Description' = %q This...
Bomgar Remote Support Detection (HTTP)
HTTP based detection of Bomgar Remote Support. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only include"pluginfeedinfo.inc"; ifdescription...
CVE-2015-0935
Bomgar Remote Support before 15.1.1 allows remote attackers to execute arbitrary PHP code via crafted serialized data to unspecified PHP scripts...
CVE-2015-0935
Bomgar Remote Support prior to 15.1.1 is vulnerable to arbitrary PHP code execution via crafted serialized data that is deserialized by the application. The root cause is improper handling of untrusted serialized input (PHP unserialize) in the Bomgar portal, enabling an attacker to execute code i...
Bomgar Remote Support Portal deserializes untrusted data
Overview Bomgar Remote Support version 14.3.1 and possibly earlier versions deserialize untrusted data without sufficient validation, allowing an attacker to potentially execute arbitrary PHP code. Description CWE-502: Deserialization of Untrusted Data Bomgar Remote Support version 14.3.1 and...