Lucene search
K

92 matches found

ThreatPost
ThreatPost
added 2017/08/18 9:30 a.m.12 views

Threatpost News Wrap, August 18, 2017

Mike Mimoso and Tom Spring discuss this week’s security news, including recent abuse of Google Chrome extensions for fraud, a close look at Adobe’s decision to end of life Flash Player, and a backdoor discovered in NetSarang server management software’s update mechanism. Download: Threatpost News...

1.8AI score
Exploits0References7
The Hacker News
The Hacker News
added 2017/08/15 8:6 p.m.18 views

Backdoor Found in Popular Server Management Software used by Hundreds of Companies

Cyber criminals are becoming more adept, innovative, and stealthy with each passing day. They are now adopting more clandestine techniques that come with limitless attack vectors and are harder to detect. Recently, cyber crooks managed to infiltrate the update mechanism for a popular server...

6.7AI score
Exploits0
Securelist
Securelist
added 2017/08/15 6:0 p.m.60 views

ShadowPad in corporate networks

ShadowPad, part 2: Technical Details PDF In July 2017, during an investigation, suspicious DNS requests were identified in a partner's network. The partner, which is a financial institution, discovered the requests originating on systems involved in the processing of financial transactions. Furth...

7.5AI score
Exploits0
ThreatPost
ThreatPost
added 2017/08/15 2:0 p.m.17 views

Attackers Backdoor NetSarang Software Update Mechanism

Attackers infiltrated the update mechanism for a popular server management software package as recently as last month and modified it to include a backdoor. NetSarang, which has headquarters in South Korea and the United States, has removed the backdoored update, but not before it was activated o...

0.9AI score
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2017/08/15 12:0 a.m.3 views

VulnCheck KEV: CVE-2017-20203

NetSarang Xmanager Enterprise 5.0 Build 1232, Xmanager 5.0 Build 1045, Xshell 5.0 Build 1322, Xftp 5.0 Build 1218, and Xlpd 5.0 Build 1220 contain a malicious nssock2.dll that implements a multi-stage, DNS-based backdoor. The dormant library contacts a C2 DNS server via a specially crafted TXT...

9.3CVSS5.8AI score0.00622EPSS
Exploits0References1
myhack58
myhack58
added 2017/08/15 12:0 a.m.86 views

CNNVD on the United States Netsarang company multi software the presence of malicious code briefings-vulnerability warning-the black bar safety net

Recently, the national information security vulnerabilities library CNNVD received about the the United States Netsarang company more software there malicious code in case the message send. The company Xshell And Xmanager remote connection use of the product nssock2.dll module in the presence of...

7.2AI score
Exploits0
CNVD
CNVD
added 2017/08/14 12:0 a.m.5 views

Backdoor in the nssock2.dll module of several products including NetSarang Xmanager and Xshell

NetSarang is a company that provides secure link solutions and Xshell is a terminal emulation software. The related nssock2.dll module, a component used for network communication, in the installation directories of Xshell, Xlpd, Xmanager, and Xftp has been found to contain backdoor-type code samp...

6.7AI score
Exploits0References1
Openbugbounty
Openbugbounty
added 2017/06/09 3:28 p.m.9 views

netsarang.com XSS vulnerability

Vulnerable URL: https://www.netsarang.com/forum/xftp/list?status=1=10type="'--!...

6.9AI score
Exploits0
Packet Storm
Packet Storm
added 2017/02/17 12:0 a.m.41 views

Xshell5 5.0 Build 1124 DLL Hijacking

Title: Xshell5 - "api-ms-win-appmodel-runtime-l1-1-0" DLL Loading Arbitrary Code Execution. + Credits / Discovery: Nassim Asrir + Author Email: [email protected] + Author Company: Henceforth Vendor: =============== https://www.netsarang.com/ Product Version: =============== 5.0 Build 1124...

0.2AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.22 views

NetSarang Xlpd Printer Daemon 4 Denial of Service Vulnerability

No description provided by source. Title : NetSarang Xlpd Printer Daemon Denial of Service Vulnerability Author : Prabhu S Angadi SecPod Technologies www.secpod.com Vendor : http://www.netsarang.com Advisory : http://secpod.org/blog/?p=457...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.33 views

XLPD 3.0 - Remote DoS

No description provided by source. Application: XLPD 3.0 Remote DoS Platforms: Windows XP Professional SP2 crash: YES Exploitation: remote DoS Date: 2009-10-06 Author: Francis Provencher Protek Research Lab's 1 Introduction 2 Technical details 3 The Code =============== 1 Introduction...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.13 views

XFTP 3.0 Build 0239 Long filename Buffer Overflow

No description provided by source. !/usr/bin/python import socket import sys |------------------------------------------------------------------| | | | / / / / | | / / / / / / / \ / / / / \ | | / // // / / / / / // / / / / / // / // / / / / / / | | /// //,// // //,// // // | | | |...

7.1AI score
Exploits0
NVD
NVD
added 2012/02/14 5:55 p.m.11 views

CVE-2012-1009

NetSarang Xlpd 4 Build 0100 and NetSarang Xmanager Enterprise 4 Build 0186 allow remote attackers to cause a denial of service daemon crash via a malformed LPD request...

5CVSS6.7AI score0.02972EPSS
Exploits1References5
Prion
Prion
added 2012/02/14 5:55 p.m.9 views

Cross site request forgery (csrf)

NetSarang Xlpd 4 Build 0100 and NetSarang Xmanager Enterprise 4 Build 0186 allow remote attackers to cause a denial of service daemon crash via a malformed LPD request...

5CVSS7.2AI score0.02972EPSS
Exploits1References5Affected Software2
CVE
CVE
added 2012/02/14 5:0 p.m.45 views

CVE-2012-1009

NetSarang Xlpd 4 (Build 0100) and NetSarang Xmanager Enterprise 4 (Build 0186) are affected by CVE-2012-1009. The issue allows remote attackers to trigger a denial-of-service (daemon crash) through a malformed LPD request, indicating a malformed protocol handling vulnerability in the LPD service....

5CVSS6.9AI score0.02972EPSS
Exploits1References5Affected Software2
Cvelist
Cvelist
added 2012/02/14 5:0 p.m.18 views

CVE-2012-1009

NetSarang Xlpd 4 Build 0100 and NetSarang Xmanager Enterprise 4 Build 0186 allow remote attackers to cause a denial of service daemon crash via a malformed LPD request...

6.7AI score0.02972EPSS
Exploits1References5
exploitpack
exploitpack
added 2012/02/02 12:0 a.m.12 views

NetSarang Xlpd Printer Daemon 4 - Denial of Service

NetSarang Xlpd Printer Daemon 4 - Denial of Service Title : NetSarang Xlpd Printer Daemon Denial of Service Vulnerability Author : Prabhu S Angadi SecPod Technologies www.secpod.com Vendor : http://www.netsarang.com Advisory : http://secpod.org/blog/?p=457...

0.4AI score
Exploits0
0day.today
0day.today
added 2012/02/02 12:0 a.m.19 views

NetSarang Xlpd Printer Daemon 4 Denial of Service Vulnerability

Exploit for windows platform in category dos / poc Title : NetSarang Xlpd Printer Daemon Denial of Service Vulnerability Author : Prabhu S Angadi SecPod Technologies www.secpod.com Vendor : http://www.netsarang.com Advisory : http://secpod.org/blog/?p=457...

7AI score
Exploits0
Exploit DB
Exploit DB
added 2012/02/02 12:0 a.m.22 views

NetSarang Xlpd Printer Daemon 4 - Denial of Service

Title : NetSarang Xlpd Printer Daemon Denial of Service Vulnerability Author : Prabhu S Angadi SecPod Technologies www.secpod.com Vendor : http://www.netsarang.com Advisory : http://secpod.org/blog/?p=457 http://secpod.org/advisories/SecPodExploitNetSarangXlpdPrinterDaemonDoSVuln.txt...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2010/07/12 12:0 a.m.32 views

Xftp < 3.0 Build 242 LIST Response Buffer Overflow

The version of Xftp, an FTP client for Windows, installed on the remote host is older than 3.0 Build 242. Such versions are reportedly affected by a buffer overflow vulnerability. By tricking a user into double-clicking on a file name included in the 'LIST' command response from a malicious FTP...

6.5AI score
Exploits0References2
Rows per page
Query Builder