6 matches found
CVE-2021-22908
A buffer overflow vulnerability exists in Windows File Resource Profiles in 9.X allows a remote authenticated user with privileges to browse SMB shares to execute arbitrary code as the root user. As of version 9.1R3, this permission is not enabled by default...
CVE-2021-22908
CVE-2021-22908 describes a buffer overflow in Pulse Connect Secure (PCS) related to Windows File Resource Profiles and SMB sharing. Reported as affecting PCS 9.X up to 9.1R2/3, with 9.1R3 enabling default-deny for SMB browsing; exploitation requires an authenticated user with privileges and could...
Pulse Secure VPNs Get Quick Fix for Critical RCE
Pulse Secure has issued a workaround for a critical remote-code execution RCE vulnerability in its Pulse Connect Secure PCS VPNs that may allow an unauthenticated, remote attacker to execute code as a user with root privileges. Pulse Secure’s parent company, Ivanti, issued an out-of-band advisory...
CVE-2021-22908
creationtimestamp| type| source ---|---|--- 2021-05-25 09:41:01+00:00| seen| https://t.me/thehackernews/1240 2021-05-26 07:44:58+00:00| seen| https://t.me/cyberbannewsir/3275 2022-09-20 08:55:13+00:00| seen| https://t.me/technicalprivatecat/179 2022-09-22 04:58:41+00:00| published-proof-of-concep...
New High-Severity Vulnerability Reported in Pulse Connect Secure VPN
Ivanti, the company behind Pulse Secure VPN appliances, has published a security advisory for a high severity vulnerability that may allow an authenticated remote attacker to execute arbitrary code with elevated privileges. "Buffer Overflow in Windows File Resource Profiles in 9.X allows a remote...
Pulse Connect Secure Samba buffer overflow
Overview Pulse Connect Secure PCS gateway contains a buffer overflow vulnerability in Samba-related code that may allow an authenticated remote attacker to execute arbitrary code. Description CVE-2021-22908 PCS includes the ability to connect to Windows file shares SMB. This capability is provide...