89 matches found
Design/Logic Flaw
NFRAgent.exe in Novell File Reporter 1.0.4.2 and earlier allows remote attackers to delete arbitrary files via a full pathname in an SRS OPERATION 4 CMD 5 request to /FSF/CMD...
CVE-2011-2750
NFRAgent.exe in Novell File Reporter 1.0.4.2 and earlier allows remote attackers to delete arbitrary files via a full pathname in an SRS OPERATION 4 CMD 5 request to /FSF/CMD...
CVE-2011-2750
CVE-2011-2750 affects Novell File Reporter NFRAgent.exe; prior versions up to 1.0.4.2 (and earlier) allow remote deletion of arbitrary files via a full pathname in an SRS request (OPERATION 4, CMD 5 to /FSF/CMD). Public material confirms PoC/exploit code (Metasploit module) and reports of an arbi...
CVE-2011-2220
Stack-based buffer overflow in NFREngine.exe in Novell File Reporter Engine before 1.0.2.53, as used in Novell File Reporter and other products, allows remote attackers to execute arbitrary code via a crafted RECORD element...
Stack overflow
Stack-based buffer overflow in NFREngine.exe in Novell File Reporter Engine before 1.0.2.53, as used in Novell File Reporter and other products, allows remote attackers to execute arbitrary code via a crafted RECORD element...
CVE-2011-2220
The CVE-2011-2220 entry applies to Novell File Reporter Engine’s NFREngine.exe, with the vulnerability present in versions before 1.0.2.53. The issue is a stack-based buffer overflow while parsing the element, allowing remote attackers to execute arbitrary code via crafted data over the network....
CVE-2011-2220
Stack-based buffer overflow in NFREngine.exe in Novell File Reporter Engine before 1.0.2.53, as used in Novell File Reporter and other products, allows remote attackers to execute arbitrary code via a crafted RECORD element...
Novell File Reporter Engine RECORD Element Tag Parsing Overflow (uncredentialed check)
Binary data novellfilereporterenginestackoverflow.nbin...
Novell File Reporter Engine Detection
Binary data novellfilereporterenginedetect.nbin...
ZDI-11-227: Novell File Reporter Engine RECORD Tag Parsing Remote Code Execution Vulnerability
ZDI-11-227: Novell File Reporter Engine RECORD Tag Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-227 June 27, 2011 -- CVE ID: CVE-2011-2220 -- CVSS: 9.7, AV:N/AC:L/Au:N/C:C/I:C/A:P -- Affected Vendors: Novell -- Affected Products: Novell File...
Novell File Reporter Engine buffer overflow
Buffer overflow on TCP/3035 HTTPs response parsing...
Novell File Reporter Engine RECORD Element Tag Parsing Overflow (credentialed check)
The version of Novell File Reporter NFR Engine installed on the remote Windows host is earlier than 1.0.2.53. As such, it reportedly has a flaw in its handling of HTTP requests to the TCP port used to communicate with the NFR Agent, normally 3035. Specifically, the application fails to check the...
Novell File Reporter Agent XML Parsing Stack Buffer Overflow (CVE-2011-0994)
A stack buffer overflow vulnerability has been reported in the Agent component of Novell File Reporter. The vulnerability is due to improper boundary checks of user-supplied NAME tags in the input XML. The vulnerability is triggered upon parsing of a malicious XML tag with overly long content...
Novell File Reporter Engine RECORD Tag Parsing Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell File Reporter Engine. Authentication is not required to exploit this vulnerability. The specific flaw exists within NFREngine.exe which communicates with the Agent component over HTTPS on TC...
Novell File Reporter Agent XML Parser Buffer Overflow
Added: 05/16/2011 CVE: CVE-2011-0994 BID: 47144 OSVDB: 71980 Background Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where...
Novell File Reporter Agent XML Parser Buffer Overflow
Added: 05/16/2011 CVE: CVE-2011-0994 BID: 47144 OSVDB: 71980 Background Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where...
Novell File Reporter Agent XML Parser Buffer Overflow
Added: 05/16/2011 CVE: CVE-2011-0994 BID: 47144 OSVDB: 71980 Background Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where...
Novell File Reporter Agent XML Parser Buffer Overflow
Added: 05/16/2011 CVE: CVE-2011-0994 BID: 47144 OSVDB: 71980 Background Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where...
Novell File Reporter Agent XML Parsing Remote Code Execution
Binary data 5907.prm...
Novell File Reporter Agent XML Tag Handling Buffer Overflow
The version of Novell File Reporter NFR Agent installed on the remote Windows host is earlier than 1.0.4.2. Such versions reportedly have a buffer overflow vulnerability because the service, which listens by default on TCP port 3037, blindly copies user-supplied data into a fixed-length buffer on...