Lucene search
K

9088 matches found

securityvulns
securityvulns
added 2007/03/27 12:0 a.m.35 views

Sony Playstation 3 flood DoS

UDP datagrams flood DoS with enabled remote play feature...

7.8CVSS1.8AI score0.01612EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2007/03/12 12:0 a.m.79 views

MS05-047: Plug and Play Remote Code Execution and Local Privilege Elevation (905749) (uncredentialed check)

The remote host contains a version of the Plug and Play service that contains a vulnerability in the way it handles user-supplied data. An authenticated attacker may exploit this flaw by sending a malformed RPC request to the remote service and execute code with SYSTEM privileges. Note that...

6.5CVSS5.8AI score0.63062EPSS
Exploits3References2
Metasploit
Metasploit
added 2007/02/18 12:10 a.m.64 views

MS05-039 Microsoft Plug and Play Service Overflow

This module exploits a stack buffer overflow in the Windows Plug and Play service. This vulnerability can be exploited on Windows 2000 without a valid user account. NOTE: Since the PnP service runs inside the service.exe process, a failed exploit attempt will cause the system to automatically...

10CVSS7.3AI score0.93405EPSS
Exploits9
Metasploit
Metasploit
added 2006/12/03 11:35 p.m.25 views

Microsoft Plug and Play Service Registry Overflow

This module triggers a stack buffer overflow in the Windows Plug and Play service. This vulnerability can be exploited on Windows 2000 without a valid user account. Since the PnP service runs inside the service.exe process, this module will result in a forced reboot on Windows 2000. Obtaining cod...

6.5CVSS7.9AI score0.63062EPSS
Exploits3
securityvulns
securityvulns
added 2006/07/22 12:0 a.m.117 views

D-Link Router UPNP Stack Overflow

D-Link Router UPNP Stack Overflow Release Date: July 13, 2006 Date Reported: February 27, 2006 Patch Development Time In Days: 136 Severity: High Remote Code Execution Vendor: D-Link Routers Affected: DI-524 Rev A DI-524 Rev C DI-524 Rev D DI-604 Rev E DI-624 Rev C DI-624 Rev D DI-784 Rev A...

0.3AI score
Exploits0
NVD
NVD
added 2006/07/21 2:3 p.m.28 views

CVE-2006-3687

Stack-based buffer overflow in the Universal Plug and Play UPnP service in D-Link DI-524, DI-604 Broadband Router, DI-624, D-Link DI-784, WBR-1310 Wireless G Router, WBR-2310 RangeBooster G Router, and EBR-2310 Ethernet Broadband Router allows remote attackers to execute arbitrary code via a long...

7.5CVSS8.1AI score0.19134EPSS
Exploits0References11
Cvelist
Cvelist
added 2006/07/18 9:0 p.m.28 views

CVE-2006-3687

Stack-based buffer overflow in the Universal Plug and Play UPnP service in D-Link DI-524, DI-604 Broadband Router, DI-624, D-Link DI-784, WBR-1310 Wireless G Router, WBR-2310 RangeBooster G Router, and EBR-2310 Ethernet Broadband Router allows remote attackers to execute arbitrary code via a long...

8.1AI score0.19134EPSS
Exploits0References11
CVE
CVE
added 2006/07/18 9:0 p.m.75 views

CVE-2006-3687

The CVE-2006-3687 issue is a stack-based buffer overflow in the UPnP service of several D-Link routers (DI-524, DI-604, DI-624, DI-784, WBR-1310, WBR-2310, EBR-2310) triggered by an oversized M-SEARCH UDP 1900 request. The CERT document notes this could allow a remote attacker to execute arbitrar...

7.5CVSS8.1AI score0.19134EPSS
Exploits0References11Affected Software7
Positive Technologies
Positive Technologies
added 2006/07/03 12:0 a.m.5 views

PT-2006-4236 · None +1 · Upnp +1

Name of the Vulnerable Software and Affected Versions: Siemens Speedstream Wireless Router version 2624 Description: The issue allows local users to bypass authentication and access protected files by utilizing the Universal Plug and Play UPnP/1.0 component. Recommendations: For Siemens Speedstre...

7.5CVSS6.6AI score0.01524EPSS
Exploits0References10
Zero Day Initiative
Zero Day Initiative
added 2006/06/29 12:0 a.m.33 views

Apple iTunes AAC File Parsing Integer Overflow Vulnerability

This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Apple iTunes. Exploitation requires an attacker to convince a target user into opening a malicious play list file. The specific flaw exists during the processing of malicious AAC media files such as those...

5.1CVSS5.2AI score0.06891EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2006/05/24 12:0 a.m.4 views

PT-2006-3507 · Edimax · Edimax Br-6104K

Name of the Vulnerable Software and Affected Versions: Edimax BR-6104K router affected versions not specified Description: The issue allows remote attackers to bypass access restrictions and conduct unauthorized operations. This is achieved via a UPnP request with a modified InternalClient...

7.5CVSS6.6AI score0.01548EPSS
Exploits0References6
securityvulns
securityvulns
added 2006/04/11 12:0 a.m.112 views

Microsoft Windows system services privilege escalation

There are several local services SSDP Discovery service, Universal Plug and Play Host service allow any authenticated user to configure service. It makes it possible to specify executable file and elevate privilege to Local System. Also vulnerable: HP Software: "Pml Driver HPZ12" HP Printer...

3AI score
Exploits0References4
Saint
Saint
added 2006/03/03 12:0 a.m.23 views

Windows Plug and Play buffer overflow

Added: 03/03/2006 CVE: CVE-2005-1983 BID: 14513 OSVDB: 18605 Background The Windows Plug and Play service allows Windows operating systems to automatically detect and configure a new hardware device, such as a mouse. Problem A buffer overflow in the Plug and Play service could allow command...

10CVSS7AI score0.93405EPSS
Exploits9
Saint
Saint
added 2006/03/03 12:0 a.m.32 views

Windows Plug and Play buffer overflow

Added: 03/03/2006 CVE: CVE-2005-1983 BID: 14513 OSVDB: 18605 Background The Windows Plug and Play service allows Windows operating systems to automatically detect and configure a new hardware device, such as a mouse. Problem A buffer overflow in the Plug and Play service could allow command...

10CVSS6.9AI score0.93405EPSS
Exploits9
Saint
Saint
added 2006/03/03 12:0 a.m.35 views

Windows Plug and Play buffer overflow

Added: 03/03/2006 CVE: CVE-2005-1983 BID: 14513 OSVDB: 18605 Background The Windows Plug and Play service allows Windows operating systems to automatically detect and configure a new hardware device, such as a mouse. Problem A buffer overflow in the Plug and Play service could allow command...

10CVSS6.9AI score0.93405EPSS
Exploits9
Saint
Saint
added 2006/03/03 12:0 a.m.28 views

Windows Plug and Play buffer overflow

Added: 03/03/2006 CVE: CVE-2005-1983 BID: 14513 OSVDB: 18605 Background The Windows Plug and Play service allows Windows operating systems to automatically detect and configure a new hardware device, such as a mouse. Problem A buffer overflow in the Plug and Play service could allow command...

10CVSS6.9AI score0.93405EPSS
Exploits9
securityvulns
securityvulns
added 2005/11/17 12:0 a.m.27 views

Microsoft Windows Plug and Play Service UMPNPMGR buffer overflow

Buffer overflow on PNPGetDeviceList and PNPGetDeviceListSize calls for anonymous user on Windows 2000 and authenticated user on Windows 2003 / XP. There is another one similar vulnerability, leading to memory leak with DoS conditions...

3AI score
Exploits0References2
OpenVAS
OpenVAS
added 2005/11/03 12:0 a.m.29 views

Microsoft Windows XP Multiple Vulnerabilities (MS01-059, Q315000)

Microsoft Windows XP is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2002 Michael Scheidell Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.4AI score0.49483EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2005/10/24 12:0 a.m.45 views

Microsoft Windows Plug-and-Play - 'Umpnpmgr.dll' Denial of Service (MS05-047) (2)

// tested and approved /str0ke / Program: Denial of Service attack for MS UMPNPMGR PNPGetDeviceList Author: Winny Thomas Vulnerability: no length checking on passed parameter to PNPGetDeviceList in UMPNPMGR.dll Note: The code crashes services.exe on the target, effectively bringing down the targe...

7AI score
Exploits0
exploitpack
exploitpack
added 2005/10/24 12:0 a.m.40 views

Microsoft Windows Plug-and-Play - Umpnpmgr.dll Denial of Service (MS05-047) (2)

Microsoft Windows Plug-and-Play - Umpnpmgr.dll Denial of Service MS05-047 2 // tested and approved /str0ke / Program: Denial of Service attack for MS UMPNPMGR PNPGetDeviceList Author: Winny Thomas Vulnerability: no length checking on passed parameter to PNPGetDeviceList in UMPNPMGR.dll Note: The...

7.3AI score
Exploits0
Rows per page
Query Builder