Authentication flaw

CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 does not require authentication, which allows remote attackers to execute arbitrary code via vectors related to creation of a file, loading a DLL, and process control...

CVE-2011-4051

CEServer.exe in the CEServer component in the Remote Agent module in InduSoft Web Studio 6.1 and 7.0 does not require authentication, which allows remote attackers to execute arbitrary code via vectors related to creation of a file, loading a DLL, and process control...

InduSoft WebStudio Unauthenticated Remote Operations Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Indusoft Web Studio. Authentication is not required to exploit this vulnerability. The flaw exists within the Remote Agent component CEServer.exe which listens by default on TCP port 4322. When...

IGSS Data Server Directory Traversal Arbitrary File Access

Binary data scadaigssdirtraversal.nbin...

[Full-disclosure] CORE-2008-0125: CitectSCADA ODBC service vulnerability

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ CitectSCADA ODBC service vulnerability Advisory Information Title: CitectSCADA ODBC service vulnerability Advisory ID: CORE-2008-0125 Advisory URL:...

Server side request forgery (ssrf)

Gesytec Easylon OPC Server before 2.3.44 does not properly validate server handles, which allows remote attackers to execute arbitrary code or cause a denial of service via unspecified network traffic to the OLE for Process Control OPC interface, probably related to free operations on arbitrary...

CVE-2007-1319

Unspecified vulnerability in the IOPCServer::RemoveGroup function in the OPCDA interface in Takebishi Electric DeviceXPlorer OLE for Process Control OPC Server before 3.12 Build3 allows remote attackers to execute arbitrary code via unspecified vectors involving access to arbitrary memory. NOTE:...

Code injection

Unspecified vulnerability in the IOPCServer::RemoveGroup function in the OPCDA interface in Takebishi Electric DeviceXPlorer OLE for Process Control OPC Server before 3.12 Build3 allows remote attackers to execute arbitrary code via unspecified vectors involving access to arbitrary memory. NOTE:...

CVE-2007-1319

The CVE refers to an arbitrary code execution vulnerability in the Takebishi DeviceXPlorer OPC Server family (HIDIC, SYSMAC, MELSEC, FA-M3, MODBUS) via the OPC DA interface. The issue stems from the server implementation of the IOPCServer::RemoveGroup method, which can access arbitrary memory and...

Convert-UUlib 1.041.05 Perl Module - Remote Buffer Overflow

Convert-UUlib 1.041.05 Perl Module - Remote Buffer Overflow source: https://www.securityfocus.com/bid/13401/info Convert-UUlib Perl module is prone to a remotely exploitable buffer-overflow vulnerability. A remote attacker may leverage this condition to overwrite sensitive program control variabl...

Convert-UUlib 1.04/1.05 Perl Module - Remote Buffer Overflow

source: https://www.securityfocus.com/bid/13401/info Convert-UUlib Perl module is prone to a remotely exploitable buffer-overflow vulnerability. A remote attacker may leverage this condition to overwrite sensitive program control variables and thus gain control of the process's execution flow. Th...

sudoscript -- signal delivery vulnerability

If non-root access is enabled in sudoscript, any member of the ssers group can send a SIGHUP signal to any process...

Trend Micro PC-cillin 200020022003 - Mail Scanner Buffer Overflow

Trend Micro PC-cillin 200020022003 - Mail Scanner Buffer Overflow source: https://www.securityfocus.com/bid/6350/info A buffer overflow vulnerability has been reported for PC-cillin's mail scanning utility. An attacker can exploit this vulnerability by connecting to a vulnerable pop3trap.exe...

CVE-2001-1238

Task Manager in Windows 2000 does not allow local users to end processes with uppercase letters named 1 winlogon.exe, 2 csrss.exe, 3 smss.exe and 4 services.exe via the Process tab which could allow local users to install Trojan horses that cannot be stopped with the Task Manager...

Multiple Security Holes in LPPlus

LPPlus is Plus Technologies' print management system for unix. It contains several serious security holes, some of which undermine the integrity of the printing subsystem, some of which threaten the security of the system on which the product is installed. Details ------- Hole 1: Of the 74 binari...