DDIVRT-2007-05 NetSupport Manager Client Buffer Overflow

Title ----- NetSupport Manager Client Buffer Overflow Severity -------- Medium Date Discovered --------------- 9/4/2007 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Credit Given To: sxkeebler and r@b13$ http://www.digitaldefense.net/ Vulnerability Description...

NetSupport Manager unauthorized access

Unauthenticated access is possible thorugh TCP/5405...

NetSupport NSM / NSS Initial Connection Setup Configuration Exchange Remote Overflow

NetSupport Manager NSM, a multi-platform remote control application, is installed on the remote host. According to its version, the NetSupport Manager client component on the remote host fails to properly validate input during the initial client connection sequence. An unauthenticated, remote...

Authentication flaw

NetSupport Manager Client before 10.20.0004 allows remote attackers to bypass the 1 basic and 2 authentication schemes by spoofing the NetSupport Manager...

CVE-2007-5057

NetSupport Manager Client before 10.20.0004 allows remote attackers to bypass the 1 basic and 2 authentication schemes by spoofing the NetSupport Manager...

CVE-2007-5057

NetSupport Manager Client before 10.20.0004 allows remote attackers to bypass the 1 basic and 2 authentication schemes by spoofing the NetSupport Manager...

CVE-2007-5057

NetSupport Manager Client vulnerability (CVE-2007-5057) affects versions 10.20 and earlier. The issue is an authentication bypass: remote attackers can spoof the NetSupport Manager, bypassing both the basic and authentication schemes to pose as the legitimate client and potentially gain control. ...

NetSupport Manager Client Spoofing Remote Authentication Bypass

NetSupport Manager NSM, a multi-platform remote control application, is installed on the remote host. According to its version, the NetSupport Manager client component on the remote host does not properly handle authentication sessions. A remote attacker may be able to leverage this issue to pose...

DDIVRT-2007-04 NetSupport Manager Authentication Bypass

Title ----- NetSupport Manager Authentication Bypass Severity -------- High Date Discovered --------------- 9/4/2007 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team Additional Discovered By Digital Defense, Inc. Credit: sxkeebler and r@b13s Vulnerability Description...

KLA10271 SB vulnerability in NetSupport Manager Client

An unspecified vulnerability was found in NetSupport Manager Client. By exploiting this vulnerability malicious users can bypass auth schemes. This vulnerability can be exploited remotely via spoofing UI. Original advisories - Related products NetSupport-Manager CVE list CVE-2007-5057 critical...

CVE-2002-0482

Directory traversal vulnerability in PCI Netsupport Manager before version 7, when running web extensions, allows remote attackers to read arbitrary files via a .. dot dot in the HTTP GET request...

CVE-2002-0482

PCI Netsupport Manager (before v7) is affected by a directory traversal vulnerability in web extensions that allows an attacker to read arbitrary files via .. in an HTTP GET request. The issue arises from insufficient validation of path input in the web extension context, enabling access to files...

Webtraversal in PCI Netsupport Manager (all version up to 7 using web extensions)

It is possible to view and download files on machines running PCI Netsupport Manager all version up to 7 that have the web extensions switched on default port 80. This has only been tested on Windows NT 4 server and workstation and Windows 2000 Pro , Server and Advanced server. Example on a...

Directory traversal in PCI NetSupport Manager

Directory traversal in web manager allows read access to whole disk content...