Lucene search
+L

2345 matches found

nessus
nessus
added 2014/01/27 12:0 a.m.19 views

Solaris 8 (x86) : 150509-01

Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: Remote Procedure Call RPC. Supported versions that are affected are 8, 9, 10 and 11.1. Easily exploitable vulnerability requiring logon to Operating System. Successful attack of this vulnerability can...

4.6CVSS5.4AI score0.00442EPSS
Exploits0References2
redhat
redhat
added 2014/01/06 6:32 p.m.4 views

samba: Heap-based buffer overflow due to incorrect DCE-RPC fragment length field check

Heap-based buffer overflow in the dcerpcreadncacnpacketdone function in librpc/rpc/dcerpcutil.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet...

8.3CVSS7.8AI score0.02748EPSS
Exploits0References4
openvas
openvas
added 2013/12/11 12:0 a.m.35 views

Microsoft Windows Local Procedure Call Local Privilege Escalation Vulnerability (2898715)

This host is missing an important security update according to Microsoft Bulletin MS13-102. OpenVAS Vulnerability Test $Id: secpodms13-102.nasl 6115 2017-05-12 09:03:25Z teissa $ Microsoft Windows Local Procedure Call Local Privilege Escalation Vulnerability 2898715 Authors: Antu Sanadi Copyright...

6.9CVSS0.7AI score0.01743EPSS
Exploits0References3
openvas
openvas
added 2013/12/11 12:0 a.m.25 views

Microsoft Windows Local Procedure Call Local Privilege Escalation Vulnerability (2898715)

This host is missing an important security update according to Microsoft Bulletin MS13-102. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

6.9CVSS5AI score0.01743EPSS
Exploits0References3
redhat
redhat
added 2013/12/10 12:15 a.m.9 views

samba: Heap-based buffer overflow due to incorrect DCE-RPC fragment length field check

Heap-based buffer overflow in the dcerpcreadncacnpacketdone function in librpc/rpc/dcerpcutil.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet...

8.3CVSS7.8AI score0.02748EPSS
Exploits0References4
symantec
symantec
added 2013/12/10 12:0 a.m.33 views

Microsoft Windows Local Procedure Call CVE-2013-3878 Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that affects the Local Procedure Call LPC component. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Successful exploits will result in the complete compromise of...

6.9CVSS1.2AI score0.01743EPSS
Exploits0Affected Software5
osv
osv
added 2013/12/09 12:0 a.m.4 views

UBUNTU-CVE-2013-4408

Heap-based buffer overflow in the dcerpcreadncacnpacketdone function in librpc/rpc/dcerpcutil.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet...

8.3CVSS7.7AI score0.02748EPSS
Exploits0References4
zdt
zdt
added 2013/10/23 12:0 a.m.92 views

Windows Management Instrumentation (WMI) Remote Command Execution

This Metasploit module executes powershell on the remote host using the current user credentials or those supplied. Instead of using PSEXEC over TCP port 445 we use the WMIC command to start a Remote Procedure Call on TCP port 135 and an ephemeral port. Set ReverseListenerComm to tunnel traffic...

7.5CVSS6.8AI score0.63703EPSS
Exploits13
packetstorm
packetstorm
added 2013/10/23 12:0 a.m.52 views

Windows Management Instrumentation (WMI) Remote Command Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' require 'rex' class Metasploit3...

7.5CVSS0.4AI score0.63703EPSS
Exploits13
osv
osv
added 2013/09/30 9:55 p.m.1 views

DEBIAN-CVE-2013-4296

The remoteDispatchDomainMemoryStats function in daemon/remote.c in libvirt 0.9.1 through 0.10.1.x, 0.10.2.x before 0.10.2.8, 1.0.x before 1.0.5.6, and 1.1.x before 1.1.2 allows remote authenticated users to cause a denial of service uninitialized pointer dereference and crash via a crafted RPC ca...

4CVSS5.8AI score0.02678EPSS
Exploits0References1
metasploit
metasploit
added 2013/09/20 5:36 p.m.98 views

Windows Management Instrumentation (WMI) Remote Command Execution

This module executes powershell on the remote host using the current user credentials or those supplied. Instead of using PSEXEC over TCP port 445 we use the WMIC command to start a Remote Procedure Call on TCP port 135 and an ephemeral port. Set ReverseListenerComm to tunnel traffic through that...

7.5CVSS7.4AI score0.63703EPSS
Exploits13
nessus
nessus
added 2013/09/04 12:0 a.m.35 views

Amazon Linux AMI : glibc (ALAS-2012-39)

An integer overflow flaw, leading to a heap-based buffer overflow, was found in the way the glibc library read timezone files. If a carefully-crafted timezone file was loaded by an application linked against glibc, it could cause the application to crash or, potentially, execute arbitrary code wi...

6.8CVSS8.8AI score0.08073EPSS
Exploits1References3
cve
cve
added 2013/08/14 10:0 a.m.216 views

CVE-2013-3175

CVE-2013-3175 is a Windows elevation-of-privilege issue in the handling of asynchronous RPC requests. Affected products include Windows XP SP2/SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2/R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT. Root cause...

10CVSS7.5AI score0.27538EPSS
Exploits1References4Affected Software8
cvelist
cvelist
added 2013/08/14 10:0 a.m.31 views

CVE-2013-3175

Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT allow remote attackers to execute arbitrary code via a malformed asynchronous RPC request, aka "Remote Procedure Call...

7.5AI score0.27538EPSS
Exploits1References4
mskb
mskb
added 2013/08/13 12:0 a.m.38 views

MS13-062: Vulnerability in remote procedure call could allow elevation of privilege: August 13, 2013

None None...

6.1AI score
Exploits0
openvas
openvas
added 2013/05/31 12:0 a.m.23 views

CentOS Update for libtirpc CESA-2013:0884 centos6

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS5.2AI score0.0646EPSS
Exploits2References2
nessus
nessus
added 2013/05/08 12:0 a.m.14 views

IBM solidDB Stored Procedure Call Remote Denial of Service

The version of IBM solidDB installed on the remote host is 6.5.x prior to 6.5.0.12, 6.30.x prior to 6.30.0.55, 6.0.x prior to 6.0.0.1070, or 7.0.x prior to 7.0.0.4. It therefore is reportedly affected by a remote denial of service vulnerability that can be triggered by calling a stored procedure...

3.5CVSS5.6AI score0.0118EPSS
Exploits0References8
nessus
nessus
added 2013/03/26 12:0 a.m.24 views

Solaris 10 (sparc) : 150157-01 (deprecated)

Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: Remote Procedure Call RPC. Supported versions that are affected are 8, 9, 10 and 11.1. Easily exploitable vulnerability requiring logon to Operating System. Successful attack of this vulnerability can...

4.6CVSS5.7AI score0.00442EPSS
Exploits0References2
nessus
nessus
added 2013/03/25 12:0 a.m.24 views

Solaris 10 (x86) : 150158-01 (deprecated)

Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: Remote Procedure Call RPC. Supported versions that are affected are 8, 9, 10 and 11.1. Easily exploitable vulnerability requiring logon to Operating System. Successful attack of this vulnerability can...

4.6CVSS5.7AI score0.00442EPSS
Exploits0References2
redhat
redhat
added 2013/01/28 7:1 p.m.11 views

libvirt: use-after-free in virNetMessageFree()

Use-after-free vulnerability in the virNetMessageFree function in rpc/virnetserverclient.c in libvirt 1.0.x before 1.0.2, 0.10.2 before 0.10.2.3, 0.9.11 before 0.9.11.9, and 0.9.6 before 0.9.6.4 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code by...

6.8CVSS6.7AI score0.05774EPSS
Exploits0References4
Rows per page
Query Builder