172 matches found
Microsoft Windows Consent User Interface Registry Key Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in Consent User Interface. An attacker can exploit this issue to execute arbitrary code with 'LocalSystem' privileges. Successful exploits will result in the complete compromise of affected computers...
SEC Consult SA-20090525-3 :: SonicWALL Global VPN Client Local Privilege Escalation Vulnerability
SEC Consult Security Advisory 20090525-3 ========================================================================== title: SonicWALL Global VPN Client Local Privilege Escalation Vulnerability program: SonicWALL Global VPN Client vulnerable version: Global VPN Client = 4.0.0.835 possibly other...
stunnel < 4.23 Local Privilege Escalation
The remote host is running stunnel, an application for encrypting arbitrary network connections with SSL. The version of stunnel installed on the remote host, when running as a service, allows a local user to gain LocalSystem privileges due to an unspecified error. C Tenable Network Security, Inc...
SNMPc < 7.1.1 UDP Packet Handling Buffer Overflow
The remote host is running SNMPc, a network management application for Windows from Castle Rock Computing. The version of SNMPc installed on the remote host reportedly is affected by a stack-based buffer overflow vulnerability. Using a specially crafted SNMP TRAP packet with an overly long...
BitDefender Update Server HTTP Request Traversal Arbitrary File Access
The version of BitDefender Update Server running on the remote host fails to sanitize request strings of directory traversal sequences, which allows an unauthenticated attacker to read files outside the web server's document directory. Note that the server runs with LocalSystem privileges by...
Design/Logic Flaw
Panda Antivirus 2008 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying PAVSRV51.EXE or other unspecified files, a related issue to CVE-2006-4657...
CVE-2007-4191
Panda Antivirus 2008 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying PAVSRV51.EXE or other unspecified files, a related issue to CVE-2006-4657...
CVE-2007-4191
CVE-2007-4191 affects Panda antivirus products (e.g., Panda Platinum Internet Security 2006/2007) where service executables are stored in the installation directory with weak permissions. The vulnerability allows local users to elevate privileges to LocalSystem by modifying executable files such ...
CVE-2007-4191
Panda Antivirus 2008 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying PAVSRV51.EXE or other unspecified files, a related issue to CVE-2006-4657...
pandaav-local.txt
/ Security Advisory Severity: Medium Title: Panda Antivirus 2008 Local Privileg Escalation Date: 02.08.07 Author: tarkus tarkus at tiifp dot org URL: https://tiifp.org/tarkus Vendor: Panda http://www.pandasoftware.com/ Affected Products: Panda Antivirus 2008 Not Affected Products: - Panda...
Panda Antivirus 2008 Local Privileg Escalation (UPS they did it again)
Security Advisory Severity: Medium Title: Panda Antivirus 2008 Local Privileg Escalation Date: 02.08.07 Author: tarkus tarkus at tiifp dot org URL: https://tiifp.org/tarkus Vendor: Panda http://www.pandasoftware.com/ Affected Products: Panda Antivirus 2008 Not Affected Products: - Panda...
RSA Authentication Agent for Web for IIS chunked encoding overflow
Added: 07/13/2007 CVE: CVE-2005-1471 BID: 13524 OSVDB: 16164 Background RSA Authentication Agent For Web for IIS provides access control for applications on IIS web servers. Problem A heap overflow vulnerability when using chunked transfer-encoding allows remote attackers to execute arbitrary...
RSA Authentication Agent for Web for IIS chunked encoding overflow
Added: 07/13/2007 CVE: CVE-2005-1471 BID: 13524 OSVDB: 16164 Background RSA Authentication Agent For Web for IIS provides access control for applications on IIS web servers. Problem A heap overflow vulnerability when using chunked transfer-encoding allows remote attackers to execute arbitrary...
CVE-2007-0436
The CVE-2007-0436 entry concerns Barron McCann X-Kryptor Driver BMS1446HRR used by X-Kryptor Secure Client. The vulnerability arises because the driver does not drop privileges when launching an Explorer window in response to a help command, enabling a local user to gain LocalSystem privileges vi...
CVE-2006-4657
Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying 1 WebProxy.exe or 2 PAVSRV51.EXE...
CVE-2006-4657
Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 stores service executables under the product's installation directory with weak permissions, which allows local users to obtain LocalSystem privileges by modifying 1 WebProxy.exe or 2 PAVSRV51.EXE...
ntdll.dll buffer overflow via IIS 5.0 WebDAV
Added: 07/18/2006 CVE: CVE-2003-0109 BID: 7116 OSVDB: 4467 Background The dynamic link library ntdll.dll is a core component of the Windows operating system. It is used by many operating system components including the WebDAV component of Microsoft IIS. Problem A buffer overflow in ntdll.dll allo...
ntdll.dll buffer overflow via IIS 5.0 WebDAV
Added: 07/18/2006 CVE: CVE-2003-0109 BID: 7116 OSVDB: 4467 Background The dynamic link library ntdll.dll is a core component of the Windows operating system. It is used by many operating system components including the WebDAV component of Microsoft IIS. Problem A buffer overflow in ntdll.dll allo...
ntdll.dll buffer overflow via IIS 5.0 WebDAV
Added: 07/18/2006 CVE: CVE-2003-0109 BID: 7116 OSVDB: 4467 Background The dynamic link library ntdll.dll is a core component of the Windows operating system. It is used by many operating system components including the WebDAV component of Microsoft IIS. Problem A buffer overflow in ntdll.dll allo...
Microsoft Windows WebClient service buffer overflow
Buffer overflow on RPC based service allows code execution with LocalSystem privileges...