9102 matches found
VulnCheck KEV: CVE-2005-1983
Stack-based buffer overflow in the Plug and Play PnP service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob aka Mytob worm...
MS05-039: Vulnerability in Plug and Play Could Allow Remote Code Execution and Elevation of Privilege (899588)
The remote version of Windows contains a flaw in the function PNPQueryResConfList in the Plug and Play service that could allow an attacker to execute arbitrary code on the remote host with the SYSTEM privileges. A series of worms Zotob are known to exploit this vulnerability in the wild. Tenable...
MS05-039: Vulnerability in Plug and Play Service Could Allow Remote Code Execution (899588) (uncredentialed check)
The remote version of Windows contains a flaw in the function 'PNPQueryResConfList' in the Plug and Play service that may allow an attacker to execute arbitrary code on the remote host with SYSTEM privileges. A series of worms Zotob are known to exploit this vulnerability in the wild. C Tenable...
FreeBSD : mpg123 -- buffer overflow in URL handling (20d16518-2477-11d9-814e-0001020eed82)
Carlos Barros reports that mpg123 contains two buffer overflows. These vulnerabilities can potentially lead to execution of arbitrary code. The first buffer overflow can occur when mpg123 parses a URL with a user-name/password field that is more than 256 characters long. This problem can be...
CVE-2003-1158
CVE-2003-1158 reports multiple buffer overflows in the FTP service of Plug and Play Web Server 1.0002c, allowing remote users to crash the server via long FTP commands (dir, ls, delete, mkdir, DELE, RMD, MKD). The provided documents do not specify exact vulnerable components, versions beyond the ...
mpg123 -- buffer overflow in URL handling
Carlos Barros reports that mpg123 contains two buffer overflows. These vulnerabilities can potentially lead to execution of arbitrary code. The first buffer overflow can occur when mpg123 parses a URL with a user-name/password field that is more than 256 characters long. This problem can be...
Plug & Play Web Server multiple bugs
Directory traversal, DoS...
CVE-2003-1159
Plug and Play Web Server Proxy 1.0002c allows remote attackers to cause a denial of service server crash via an invalid URI in an HTTP GET request to TCP port 8080...
Plug And Play Web Server 1.0 002c - FTP Service Command Handler Buffer Overflow
source: https://www.securityfocus.com/bid/8667/info Plug and Play Web Server FTP service has been reported prone to multiple buffer overflow issues, the issues present themselves when the affected FTP service handles FTP command arguments of excessive size. It has been demonstrated that a remote...
Directory traversal in Plug & Play Web Server
Directory traversal in Plug & Play Web Server Introduction: ============= "The Plug and Play Web Server provides all of the tools you need to host your own website. The tools are bundled together in one comprehensive software package that it is incredibly easy to use and maintain." - Vendors...
Denial Of Service in Plug & Play Web (FTP) Server
Denial Of Service in Plug & Play Web FTP Server Introduction: ============= "The Plug and Play Web Server provides all of the tools you need to host your own website. The tools are bundled together in one comprehensive software package that it is incredibly easy to use and maintain." - Vendors...
Plug and Play Web Server 1.0 002c - Directory Traversal
Plug and Play Web Server 1.0 002c - Directory Traversal source: https://www.securityfocus.com/bid/8645/info It has been reported that Plug and Play Web Server is prone a directory traversal issue allowing a remote attacker to traverse outside the server root directory by using '../' or '..'...
pandpdt.txt
Directory traversal in Plug & Play Web Server Introduction: ============= "The Plug and Play Web Server provides all of the tools you need to host your own website. The tools are bundled together in one comprehensive software package that it is incredibly easy to use and maintain." - Vendors...
pandpdos.txt
Denial Of Service in Plug & Play Web FTP Server Introduction: ======== "The Plug and Play Web Server provides all of the tools you need to host your own website. The tools are bundled together in one comprehensive software package that it is incredibly easy to use and maintain." - Vendors...
NETGEAR FM114P ProSafe Wireless Router - UPnP Information Disclosure
NETGEAR FM114P ProSafe Wireless Router - UPnP Information Disclosure source: https://www.securityfocus.com/bid/7267/info The Netgear FM114P ProSafe Wireless Router is vulnerable to information disclosure. If Remote Access and Universal Plug and Play are both enabled on the WAN interface, a UPnP...
NETGEAR FM114P ProSafe Wireless Router - Rule Bypass
NETGEAR FM114P ProSafe Wireless Router - Rule Bypass source: https://www.securityfocus.com/bid/7270/info The Netgear FM114P allows certain ports to be blocked, both for external users attempting to enter the local network and for local users connecting to the WAN. If Remote Access and Universal...
Netgear FM114P ProSafe Wireless Router - Rule Bypass
source: https://www.securityfocus.com/bid/7270/info The Netgear FM114P allows certain ports to be blocked, both for external users attempting to enter the local network and for local users connecting to the WAN. If Remote Access and Universal Plug and Play are both enabled on the WAN interface, a...
Netgear FM114P ProSafe Wireless Router - UPnP Information Disclosure
source: https://www.securityfocus.com/bid/7267/info The Netgear FM114P ProSafe Wireless Router is vulnerable to information disclosure. If Remote Access and Universal Plug and Play are both enabled on the WAN interface, a UPnP SOAP request can retrieve the username and password for the WAN...
Epic Games Unreal Tournament Server 436.0 - Denial of Service Amplifier
Epic Games Unreal Tournament Server 436.0 - Denial of Service Amplifier source: https://www.securityfocus.com/bid/5148/info Unreal Tournament is a game produced by Epic Games, available for Microsoft Windows and Linux. Network play is supported. A vulnerability has been reported in the server use...
CVE-2001-0876
Buffer overflow in Universal Plug and Play UPnP on Windows 98, 98SE, ME, and XP allows remote attackers to execute arbitrary code via a NOTIFY directive with a long Location URL...