Lucene search
+L

89 matches found

Prion
Prion
added 2011/07/17 8:55 p.m.14 views

Design/Logic Flaw

NFRAgent.exe in Novell File Reporter 1.0.4.2 and earlier allows remote attackers to delete arbitrary files via a full pathname in an SRS OPERATION 4 CMD 5 request to /FSF/CMD...

5CVSS7.2AI score0.16676EPSS
Exploits5References5Affected Software1
Cvelist
Cvelist
added 2011/07/17 8:0 p.m.25 views

CVE-2011-2750

NFRAgent.exe in Novell File Reporter 1.0.4.2 and earlier allows remote attackers to delete arbitrary files via a full pathname in an SRS OPERATION 4 CMD 5 request to /FSF/CMD...

6.7AI score0.16676EPSS
Exploits5References5
CVE
CVE
added 2011/07/17 8:0 p.m.55 views

CVE-2011-2750

CVE-2011-2750 affects Novell File Reporter NFRAgent.exe; prior versions up to 1.0.4.2 (and earlier) allow remote deletion of arbitrary files via a full pathname in an SRS request (OPERATION 4, CMD 5 to /FSF/CMD). Public material confirms PoC/exploit code (Metasploit module) and reports of an arbi...

5CVSS6.9AI score0.16676EPSS
Exploits5References5Affected Software1
NVD
NVD
added 2011/07/14 11:55 p.m.22 views

CVE-2011-2220

Stack-based buffer overflow in NFREngine.exe in Novell File Reporter Engine before 1.0.2.53, as used in Novell File Reporter and other products, allows remote attackers to execute arbitrary code via a crafted RECORD element...

10CVSS7.9AI score0.16064EPSS
Exploits0References6
Prion
Prion
added 2011/07/14 11:55 p.m.19 views

Stack overflow

Stack-based buffer overflow in NFREngine.exe in Novell File Reporter Engine before 1.0.2.53, as used in Novell File Reporter and other products, allows remote attackers to execute arbitrary code via a crafted RECORD element...

10CVSS8.5AI score0.16064EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2011/07/14 11:0 p.m.58 views

CVE-2011-2220

The CVE-2011-2220 entry applies to Novell File Reporter Engine’s NFREngine.exe, with the vulnerability present in versions before 1.0.2.53. The issue is a stack-based buffer overflow while parsing the element, allowing remote attackers to execute arbitrary code via crafted data over the network....

10CVSS8AI score0.16064EPSS
Exploits0References6Affected Software2
Cvelist
Cvelist
added 2011/07/14 11:0 p.m.29 views

CVE-2011-2220

Stack-based buffer overflow in NFREngine.exe in Novell File Reporter Engine before 1.0.2.53, as used in Novell File Reporter and other products, allows remote attackers to execute arbitrary code via a crafted RECORD element...

7.8AI score0.16064EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2011/07/08 12:0 a.m.21 views

Novell File Reporter Engine RECORD Element Tag Parsing Overflow (uncredentialed check)

Binary data novellfilereporterenginestackoverflow.nbin...

10CVSS7.3AI score0.16064EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2011/07/08 12:0 a.m.17 views

Novell File Reporter Engine Detection

Binary data novellfilereporterenginedetect.nbin...

7.3AI score
Exploits0References1
securityvulns
securityvulns
added 2011/07/04 12:0 a.m.69 views

ZDI-11-227: Novell File Reporter Engine RECORD Tag Parsing Remote Code Execution Vulnerability

ZDI-11-227: Novell File Reporter Engine RECORD Tag Parsing Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-227 June 27, 2011 -- CVE ID: CVE-2011-2220 -- CVSS: 9.7, AV:N/AC:L/Au:N/C:C/I:C/A:P -- Affected Vendors: Novell -- Affected Products: Novell File...

10CVSS0.5AI score0.16064EPSS
Exploits0
securityvulns
securityvulns
added 2011/07/04 12:0 a.m.57 views

Novell File Reporter Engine buffer overflow

Buffer overflow on TCP/3035 HTTPs response parsing...

10CVSS2.2AI score0.16064EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2011/06/30 12:0 a.m.27 views

Novell File Reporter Engine RECORD Element Tag Parsing Overflow (credentialed check)

The version of Novell File Reporter NFR Engine installed on the remote Windows host is earlier than 1.0.2.53. As such, it reportedly has a flaw in its handling of HTTP requests to the TCP port used to communicate with the NFR Agent, normally 3035. Specifically, the application fails to check the...

10CVSS6.3AI score0.16064EPSS
Exploits0References4
Check Point Advisories
Check Point Advisories
added 2011/06/28 12:0 a.m.25 views

Novell File Reporter Agent XML Parsing Stack Buffer Overflow (CVE-2011-0994)

A stack buffer overflow vulnerability has been reported in the Agent component of Novell File Reporter. The vulnerability is due to improper boundary checks of user-supplied NAME tags in the input XML. The vulnerability is triggered upon parsing of a malicious XML tag with overly long content...

10CVSS7.6AI score0.17936EPSS
Exploits6
Zero Day Initiative
Zero Day Initiative
added 2011/06/27 12:0 a.m.26 views

Novell File Reporter Engine RECORD Tag Parsing Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell File Reporter Engine. Authentication is not required to exploit this vulnerability. The specific flaw exists within NFREngine.exe which communicates with the Agent component over HTTPS on TC...

9.7CVSS2.4AI score0.16064EPSS
Exploits0References1
Saint
Saint
added 2011/05/16 12:0 a.m.44 views

Novell File Reporter Agent XML Parser Buffer Overflow

Added: 05/16/2011 CVE: CVE-2011-0994 BID: 47144 OSVDB: 71980 Background Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where...

10CVSS7.3AI score0.17936EPSS
Exploits6
Saint
Saint
added 2011/05/16 12:0 a.m.36 views

Novell File Reporter Agent XML Parser Buffer Overflow

Added: 05/16/2011 CVE: CVE-2011-0994 BID: 47144 OSVDB: 71980 Background Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where...

10CVSS7.3AI score0.17936EPSS
Exploits6
Saint
Saint
added 2011/05/16 12:0 a.m.44 views

Novell File Reporter Agent XML Parser Buffer Overflow

Added: 05/16/2011 CVE: CVE-2011-0994 BID: 47144 OSVDB: 71980 Background Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where...

10CVSS7.3AI score0.17936EPSS
Exploits6
Saint
Saint
added 2011/05/16 12:0 a.m.35 views

Novell File Reporter Agent XML Parser Buffer Overflow

Added: 05/16/2011 CVE: CVE-2011-0994 BID: 47144 OSVDB: 71980 Background Novell File Reporter is software that allows network administrators to identify files stored on the network and generates reports regarding the size of individual files, file type, when files were last accessed, and where...

10CVSS7.3AI score0.17936EPSS
Exploits6
Tenable Nessus
Tenable Nessus
added 2011/05/06 12:0 a.m.13 views

Novell File Reporter Agent XML Parsing Remote Code Execution

Binary data 5907.prm...

10CVSS7.3AI score0.17936EPSS
Exploits6References4
Tenable Nessus
Tenable Nessus
added 2011/04/22 12:0 a.m.33 views

Novell File Reporter Agent XML Tag Handling Buffer Overflow

The version of Novell File Reporter NFR Agent installed on the remote Windows host is earlier than 1.0.4.2. Such versions reportedly have a buffer overflow vulnerability because the service, which listens by default on TCP port 3037, blindly copies user-supplied data into a fixed-length buffer on...

10CVSS6.5AI score0.17936EPSS
Exploits6References4
Rows per page
Query Builder