41 matches found
CVE-2019-12324
A command injection missing input validation issue in the IP address field for the logging server in the configuration web interface on the Akuvox R50P VoIP phone with firmware 50.0.6.156 allows an authenticated remote attacker in the same network to trigger OS commands via shell metacharacters i...
Command injection
A command injection missing input validation issue in the IP address field for the logging server in the configuration web interface on the Akuvox R50P VoIP phone with firmware 50.0.6.156 allows an authenticated remote attacker in the same network to trigger OS commands via shell metacharacters i...
CVE-2019-12324
A command injection missing input validation issue in the IP address field for the logging server in the configuration web interface on the Akuvox R50P VoIP phone with firmware 50.0.6.156 allows an authenticated remote attacker in the same network to trigger OS commands via shell metacharacters i...
CVE-2009-2523
The License Logging Server llssrv.exe in Microsoft Windows 2000 SP4 allows remote attackers to execute arbitrary code via an RPC message containing a string without a null terminator, which triggers a heap-based buffer overflow in the LlsrLicenseRequestW method, aka "License Logging Server Heap...
Heap overflow
The License Logging Server llssrv.exe in Microsoft Windows 2000 SP4 allows remote attackers to execute arbitrary code via an RPC message containing a string without a null terminator, which triggers a heap-based buffer overflow in the LlsrLicenseRequestW method, aka "License Logging Server Heap...
CVE-2009-2523
CVE-2009-2523 affects Microsoft Windows 2000 SP4 License Logging Server (llssrv.exe). The vulnerability is a remote code execution via a heap-based buffer overflow in the LlsrLicenseRequestW RPC handler when processing an RPC string that lacks a terminating null. Exploitation is unauthenticated a...
CVE-2009-2523
The License Logging Server llssrv.exe in Microsoft Windows 2000 SP4 allows remote attackers to execute arbitrary code via an RPC message containing a string without a null terminator, which triggers a heap-based buffer overflow in the LlsrLicenseRequestW method, aka "License Logging Server Heap...
Microsoft Windows 2000 License Logging Server buffer overflow
Buffer overflow on RPC call parsing...
Microsoft Windows License Logging Server Remote Code Execution Vulnerability (974783)
This host is missing a critical security update according to Microsoft Bulletin MS09-064. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Microsoft License Logging Server RPC Call Heap Overflow (MS09-064; CVE-2009-2523)
The License Logging service is a tool that was originally designed to help customers manage licenses for the Microsoft server products that are licensed in the Server Client Access License CAL model. License Logging service is one of the services used by Windows Small Business Server 2003 or...
IPSwitch WS_FTP Logging Server Daemon Denial of Service (CVE-2007-3823)
The Ipswitch WSFTP server is a full featured secure File Transfer Protocol FTP server complete with several optional authentication mechanisms, encryption and data access controls. It is fully compliant with the File Transfer Protocol specifications. There exists a denial of service vulnerability...
CVE-2008-0608
The Logging Server ftplogsrv.exe 7.9.14.0 and earlier in IPSwitch WSFTP 6.1 allows remote attackers to cause a denial of service loss of responsiveness via a large number of large packets to port 5151/udp, which causes the listening socket to terminate and prevents log commands from being recorde...
Design/Logic Flaw
The Logging Server ftplogsrv.exe 7.9.14.0 and earlier in IPSwitch WSFTP 6.1 allows remote attackers to cause a denial of service loss of responsiveness via a large number of large packets to port 5151/udp, which causes the listening socket to terminate and prevents log commands from being recorde...
CVE-2008-0608
The Logging Server ftplogsrv.exe 7.9.14.0 and earlier in IPSwitch WSFTP 6.1 allows remote attackers to cause a denial of service loss of responsiveness via a large number of large packets to port 5151/udp, which causes the listening socket to terminate and prevents log commands from being recorde...
CVE-2008-0608
The CVE-2008-0608 entry concerns IPSwitch WS_FTP Logging Server (ftplogsrv.exe) version 6.1 and earlier. Affected component: the Logging Server process handling UDP traffic on port 5151/udp. Root cause: processing a large number of large UDP packets can cause the listening socket to terminate, le...
gmailsteal_remote.scpt.txt
-- This script can be used to steal gmail's keychained password by injecting -- Javascripts into Safari. When executed it opens gmail's login page, reads -- saved password and sends it to a logging server by creating an hidden iframe -- into gmail's page. It can be easly modified to steal other...
Code injection
The Logging Server Logsrv.exe in IPSwitch WSFTP 7.5.29.0 allows remote attackers to cause a denial of service daemon crash by sending a crafted packet containing a long string to port 5151/udp...
CVE-2007-3823
The Logging Server Logsrv.exe in IPSwitch WSFTP 7.5.29.0 allows remote attackers to cause a denial of service daemon crash by sending a crafted packet containing a long string to port 5151/udp...
CVE-2007-3823
The Logging Server Logsrv.exe in IPSwitch WSFTP 7.5.29.0 allows remote attackers to cause a denial of service daemon crash by sending a crafted packet containing a long string to port 5151/udp...
[Full-disclosure] IPSwitch WS_FTP Logging Server Remote Denial of Service -- a VDA Labs, LLC discovery
IPSwitch WSFTP Logging Server Remote Denial of Service ------------------------------------------------ Version: 7.5.29.0 Logsrv.exe Overview -------- The WS FTP logging server is a daemon that listens on UDP port 5151 and is shipped with WS FTP and by default is turned on and used by the local W...