1454 matches found
linux/x86-64 - Encoded execve shellcode
/ Compile with: gcc -fno-stack-protector -z execstack This execve shellcode is encoded with 0xff and is for 64 bit linux. shell: file format elf64-x86-64 Disassembly of section .text: 0000000000400080 : 400080: 48 b9 ff ff ff ff ff movabs rcx,0xffffffffffffffff 400087: ff ff ff 40008a: 49 b8 ae b...
HP Data Protector multiple security vulnerabilities
DoS, code execution, privilege escalation...
[security bulletin] HPSBMU03321 rev.1 - HP Data Protector, Remote Increase of Privilege, Denial of Service (DoS), Execution of Arbitrary Code
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c04636829 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04636829 Version: 1 HPSBMU03321 rev....
TestDisk 6.14 Check_OS2MB Stack Buffer Overflow Vulnerability
This document details a stack based buffer overflow vulnerability within TestDisk version 6.14. A buffer overflow is triggered within the software when a malicious disk image is attempted to be recovered. This may be leveraged by an attacker to crash TestDisk and gain control of program execution...
CVE-2015-2116
Unspecified vulnerability in HP Storage Data Protector 7.x before 7.03 build 107 allows remote authenticated users to execute arbitrary code or cause a denial of service via unknown vectors...
Code injection
Unspecified vulnerability in HP Storage Data Protector 7.x before 7.03 build 107 allows remote authenticated users to execute arbitrary code or cause a denial of service via unknown vectors...
CVE-2015-2116
Unspecified vulnerability in HP Storage Data Protector 7.x before 7.03 build 107 allows remote authenticated users to execute arbitrary code or cause a denial of service via unknown vectors...
CVE-2015-2116
Unspecified vulnerability in HP Storage Data Protector 7.x before 7.03 build 107 allows remote authenticated users to execute arbitrary code or cause a denial of service via unknown vectors...
CVE-2015-2116
CVE-2015-2116 affects HP Data Protector (Storage Data Protector) 7.x, specifically vulnerable until 7.03 Build 107 (patches to 7.03 Build 107 required after updating from 7.03 Build 105). HP’s Security Bulletin HPSBMU03321 confirms remote privilege escalation, DoS, and arbitrary code execution co...
HP Data Protector has multiple vulnerabilities
HP Data Protector is a unified data protection solution. HP Data Protector has multiple security vulnerabilities that could allow a remote attacker to perform elevation of privilege, denial of service attacks, or execute arbitrary code...
Xoops CMS 2.5.7.1 Cross Site Scripting
Hi Team, Affected Vendor: http://www.xoops.org/ Date: 24/04/2015 Discovered by: Joel Vadodil Varghese Type of vulnerability: Persistent XSS Tested on: Windows 8.1 Product: Xoops CMS Version: 2.5.7.1 Tested Link:...
HP Data Protector Multiple Vulnerabilities (HPSBMU03321 SSRT101677)
The HP Data Protector running on the remote host is affected by multiple unspecified vulnerabilities that can allow a remote attacker to gain elevated privileges, trigger a denial of service, or execute arbitrary code with System privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
musl: arbitrary code execution
A stack-based buffer overflow has been found in musl libc's ipv6 address literal parsing code. Programs which call the inetpton or getaddrinfo function with AFINET6 or AFUNSPEC and untrusted address strings are affected. Successful exploitation yields control of the return address. Having enabled...
HP Data Protector Opcode 42 Directory Traversal - Ver2 (CVE-2013-6194)
A directory traversal vulnerability has been reported in HP Data Protector. The vulnerability is due to a lack of input sanitization on a file name provided with Opcode 42. A remote unauthenticated attacker could exploit this vulnerability by sending a crafted request to the vulnerable service...
HP Data Protector 8.10 Remote Command Execution Exploit
Exploit for windows platform in category remote exploits This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'HP Data Protector 8.10 Remote Command Execution', 'Description' = %q This...
HP Data Protector 8.10 - Remote Command Execution (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'HP Data Protector 8.10 Remote Command Execution', 'Description' = %q This module exploits a remote command execution on HP Data...
HP Data Protector 8.10 Remote Command Execution
This module exploits a remote command execution on HP Data Protector 8.10. Arbitrary commands can be executed by sending crafted requests with opcode 28 to the OmniInet service listening on the TCP/5555 port. Since there is a strict length limitation on the command, rundll32.exe is executed, and...
HP Data Protector Windows Unauthenticated Remote Code Execution
Added: 02/18/2015 CVE: CVE-2014-2623 BID: 68672 OSVDB: 109069 Background HP Data Protector is a backup solution for enterprise and distributed environments. Data Protector Manager listens on port 5555/TCP. Problem HP Data Protector is vulnerable to remote unauthenticated arbitrary command executi...
HP Data Protector Windows Unauthenticated Remote Code Execution
Added: 02/18/2015 CVE: CVE-2014-2623 BID: 68672 OSVDB: 109069 Background HP Data Protector is a backup solution for enterprise and distributed environments. Data Protector Manager listens on port 5555/TCP. Problem HP Data Protector is vulnerable to remote unauthenticated arbitrary command executi...
HP Data Protector Windows Unauthenticated Remote Code Execution
Added: 02/18/2015 CVE: CVE-2014-2623 BID: 68672 OSVDB: 109069 Background HP Data Protector is a backup solution for enterprise and distributed environments. Data Protector Manager listens on port 5555/TCP. Problem HP Data Protector is vulnerable to remote unauthenticated arbitrary command executi...