1454 matches found
UBUNTU-CVE-2016-7042
The prockeysshow function in security/keys/proc.c in the Linux kernel through 4.8.2, when the GNU Compiler Collection gcc stack protector is enabled, uses an incorrect buffer size for certain timeout data, which allows local users to cause a denial of service stack memory corruption and panic by...
CVE-2016-7042
It was found that when the gcc stack protector was enabled, reading the /proc/keys file could cause a panic in the Linux kernel due to stack corruption. This happened because an incorrect buffer size was used to hold a 64-bit timeout value rendered as weeks...
Wordpress defa-online-image-protector plugin cross-site scripting vulnerability
WordPress is the WordPress Software Foundation's set of blogging platforms developed using the PHP language, which supports personal blog sites set up on servers with PHP and MySQL. defa-online-image-protector is one of the online image protection plug-ins. A cross-site scripting vulnerability...
CVE-2016-1000129
Reflected XSS in wordpress plugin defa-online-image-protector v3.3...
CVE-2016-1000129
Reflected XSS in wordpress plugin defa-online-image-protector v3.3...
Cross site scripting
Reflected XSS in wordpress plugin defa-online-image-protector v3.3...
CVE-2016-1000129
Summary: CVE-2016-1000129 is a reflected cross-site scripting (XSS) vulnerability in the WordPress plugin “defa-online-image-protector”
HPE Data Protector EXEC_BAR domain Buffer Overflow (CVE-2016-2006)
A buffer overflow vulnerability has been found in the Omnilnet.exe component of HPE Data Protector. This vulnerability is due to lack of boundary checks on the domain field in EXECBAR requests. A remote, unauthenticated attacker could exploit this vulnerability by sending malformed requests to a...
HPE Data Protector EXEC_BAR username Buffer Overflow (CVE-2016-2005)
A buffer overflow vulnerability has been found in the OmniInet.exe component of HPE Data Protector. This vulnerability is due to lack of boundary checks on the username field in EXECBAR requests. A remote, unauthenticated attacker could exploit this vulnerability by sending malformed requests to...
HP Data Protector Encrypted Communications Arbitrary Command Execution Vulnerability
HP Data Protector is prone to an arbitrary command execution vulnerability. Copyright C 2016 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is...
iSQL 1.0 - isql_main.c Buffer Overflow (PoC)
Exploit for linux platform in category dos / poc !/bin/ruby Exploit Title: iSQLRL 1.0 - Buffer Overflowisqlmain.c Date: 2016-06-13 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: https://github.com/roselone/iSQL Software Link:...
iSQL 1.0 Buffer Overflow
!/bin/ruby Exploit Title: iSQLRL 1.0 - Buffer Overflowisqlmain.c Date: 2016-06-13 Exploit Author: HaHwul Exploit Author Blog: www.hahwul.com Vendor Homepage: https://github.com/roselone/iSQL Software Link: https://github.com/roselone/iSQL/archive/master.zip Version: 1.0 Tested on: Debian wheezy C...
HP Data Protector Encrypted Communication Remote Command Execution
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/exploit/powershell' require 'openssl' class MetasploitModule "HP Data Protector Encrypted Communication Remote Command Execution",...
HP Data Protector Encrypted Communication Remote Command Execution
This module exploits a well known remote code execution exploit after establishing encrypted control communications with a Data Protector agent. This allows exploitation of Data Protector agents that have been configured to only use encrypted control communications. This exploit works by executin...
HP Data Protector missing authentication
Added: 05/31/2016 CVE: CVE-2016-2004 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem Data Protector does not authenticate users, even with Encrypted Control Communications enabled. This could allow an unauthenticated remote...
HP Data Protector A.09.00 - Encrypted Communications Arbitrary Command Execution (Metasploit)
HP Data Protector A.09.00 - Encrypted Communications Arbitrary Command Execution Metasploit Exploit Title: Data Protector Encrypted Communications Date: 26-05-2016 Exploit Author: Ian Lovering Vendor Homepage: http://www8.hp.com/uk/en/software-solutions/data-protector-backup-recovery-software/...
HP Data Protector missing authentication
Added: 05/31/2016 CVE: CVE-2016-2004 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem Data Protector does not authenticate users, even with Encrypted Control Communications enabled. This could allow an unauthenticated remote...
HP Data Protector missing authentication
Added: 05/31/2016 CVE: CVE-2016-2004 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem Data Protector does not authenticate users, even with Encrypted Control Communications enabled. This could allow an unauthenticated remote...
HP Data Protector A.09.00 - Encrypted Communications Arbitrary Command Execution (Metasploit)
Exploit for windows platform in category remote exploits Exploit Title: Data Protector Encrypted Communications Date: 26-05-2016 Exploit Author: Ian Lovering Vendor Homepage: http://www8.hp.com/uk/en/software-solutions/data-protector-backup-recovery-software/ Version: A.09.00 and earlier Tested o...
HP Data Protector missing authentication
Added: 05/31/2016 CVE: CVE-2016-2004 Background HP OpenView Storage Data Protector is a backup solution for enterprise and distributed environments. Problem Data Protector does not authenticate users, even with Encrypted Control Communications enabled. This could allow an unauthenticated remote...