📄 NFR Agent 1.0.4.2 Arbitrary File Delete

The code exploits a vulnerability in the Novell File Reporter Agent versions 1.0.4.2 and below, which allows an attacker to remotely delete any file on the targeted system...

📄 NFR Agent 1.0.1 Arbitrary File Delete

Proof of concept exploit for an arbitrary file deletion vulnerability from 2011 in NFR Agent version 1.0.1. ============================================================================================================================================= | Title : NFR Agent 1.0.1 Arbitrary File Delete...

CVE-2012-4958

Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a 126 /FSF/CMD request with a .. dot dot in a FILE element of an FSFUI record...

CVE-2012-4957

Absolute path traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to read arbitrary files via a /FSF/CMD request with a full pathname in a PATH element of an SRS record...

CVE-2012-4959

Directory traversal vulnerability in NFRAgent.exe in Novell File Reporter 1.0.2 allows remote attackers to upload and execute files via a 130 /FSF/CMD request with a .. dot dot in a FILE element of an FSFUI record...

NFR Agent SRS Record Arbitrary Remote File Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NFR Agent SRS Record Arbitrary Remote File Access', 'Description' = %q NFRAgent.exe, a component of Novell File Reporter NFR, allows remote...

NFR Agent FSFUI Record Arbitrary Remote File Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NFR Agent FSFUI Record Arbitrary Remote File Access', 'Description' = %q NFRAgent.exe, a component of Novell File Reporter NFR, allows remote...

NFR Agent Heap Overflow

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NFR Agent Heap Overflow Vulnerability', 'Description' = %q This module exploits a heap overflow in NFRAgent.exe, a component of Novell File...

Novell File Reporter Agent Arbitrary File Delete

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Novell File Reporter Agent Arbitrary File Delete', 'Description' = %q NFRAgent.exe in Novell File Reporter allows remote attackers to delete...

SUSE CVE-2011-0994

Stack-based buffer overflow in NFRAgent.exe in Novell File Reporter NFR before 1.0.2 allows remote attackers to execute arbitrary code via unspecified XML data...

NFR Agent FSFUI Record File Upload RCE

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

Novell File Reporter Agent XML Parsing Remote Code Execution Vulnerability (0day)

No description provided by source. wwww.abysssec.com Novell File Reporter Agent XML Parsing Remote Code Execution Vulnerability 0day CVE-2012-4959 @abysssec well just one more of our 0day got published after 2 year here is info :...

Novell File Reporter Agent Arbitrary File Delete (CVE-2011-2750)

A policy bypass vulnerability exists in Novell File Reporter. The vulnerability allow a remote attacker to delete arbitrary files using OPERATION 4 commands, respectively.A remote unauthenticated attacker can leverage the vulnerability to delete arbitrary files, including system files, from the...

Novell File Reporter FSFUI Arbitrary File Retrieval (CVE-2012-4958)

A file retrieval vulnerability has been reported in Novell File Reporter. The vulnerability is due to lack of authorization on certain requests, resulting in the retrieval of the contents of a file. A remote attacker can exploit this issue by sending a specially crafted request to the affected...

Novell File Reporter FSFUI File Upload

Added: 12/17/2012 CVE: CVE-2012-4959 BID: 56579 OSVDB: 87573 Background Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where...

Novell File Reporter FSFUI File Upload

Added: 12/17/2012 CVE: CVE-2012-4959 BID: 56579 OSVDB: 87573 Background Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where...

Novell File Reporter FSFUI File Upload

Added: 12/17/2012 CVE: CVE-2012-4959 BID: 56579 OSVDB: 87573 Background Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where...

Novell File Reporter FSFUI File Upload

Added: 12/17/2012 CVE: CVE-2012-4959 BID: 56579 OSVDB: 87573 Background Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where...

Novell File Reporter VOL Tag Stack Buffer Overflow

A stack buffer overflow vulnerability has been reported in Novell File Reporter Agent...

Novell File Reporter (NFR) Agent - XML Parsing Remote Code Execution

Novell File Reporter NFR Agent - XML Parsing Remote Code Execution wwww.abysssec.com Novell File Reporter Agent XML Parsing Remote Code Execution Vulnerability 0day CVE-2012-4959 @abysssec well just one more of our 0day got published after 2 year here is info :...