EUVD-2015-7759

Malware in sbrugna...

The vulnerability of the Radia Client Automation program allows a hacker to gain access to users’ account credentials.

The vulnerability of the Radia Client Automation program relates to deficiencies in restricting access to certain functions. Exploiting this vulnerability allows a malicious actor to list user accounts through the getUsers request, assign a role to a user account through the addAssigneesToRole...

The vulnerability of the Radia Client Automation program allows a remote attacker to execute arbitrary commands.

The Radia Client Automation software contains a vulnerability in the radexecd.exe service. If this service is exploited, a malicious actor can use a specially crafted TCP request to execute arbitrary commands...

The vulnerability of the Radia Client Automation program allows a hacker to alter the roles of user accounts.

The vulnerability of the Radia Client Automation user automation program lies in its lack of access control for certain functions. Exploiting this vulnerability allows a malicious actor to remotely alter the roles of user accounts...

The vulnerability of the Radia Client Automation program allows a hacker to execute arbitrary code.

The vulnerability of the Radia Client Automation user automation program lies in its lack of access control for certain functions. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending specific commands remotely...

The vulnerability of the Radia Client Automation program allows a hacker to execute arbitrary code.

The vulnerability of the Radia Client Automation user automation program arises due to buffer overflow in the stack. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a large amount of data...

The vulnerability of the Radia Client Automation program allows a hacker to circumvent existing access restrictions.

The vulnerability of the Radia Client Automation user automation program is related to errors in security settings during default configuration. Exploiting this vulnerability can allow a malicious actor to circumvent existing access restrictions remotely...

Persistent Systems Accelerite Radia Client Automation Access Bypass Vulnerability

Persistent Systems Accelerite Radia Client Automation formerly known as HP Client Automation is a client automation management solution from Persistent Systems India. The solution provides monitoring, alerting, auto-remediation and reporting on hardware, applications and operating systems. A...

Unspecified Vulnerability in Persistent Systems Accelerite Radia Client Automation

Persistent Systems Accelerite Radia Client Automation formerly known as HP Client Automation is a client automation management solution from Persistent Systems India. The solution provides monitoring, alerting, auto-remediation and reporting on hardware, applications and operating systems. A...

Persistent Systems Accelerite Radia Client Automation Arbitrary Code Execution Vulnerability

Persistent Systems Accelerite Radia Client Automation formerly known as HP Client Automation is a client automation management solution from Persistent Systems India. The solution provides monitoring, alerting, auto-remediation and reporting on hardware, applications and operating systems. A...

Persistent Systems Accelerite Radia Client Automation Stack Buffer Overflow Vulnerability

Persistent Systems Accelerite Radia Client Automation formerly known as HP Client Automation is a client automation management solution from Persistent Systems India. The solution provides monitoring, alerting, auto-remediation and reporting on hardware, applications and operating systems. A stac...

HP Client Automation and Radia Client Automation is vulnerable to remote code execution

Overview Radia Client Automation previously sold under the name HP Client Automation agent prior to version 9.1 is vulnerable to arbitrary remote code execution. Description According to ZDI's advisory for ZDI-15-363, which has been assigned CVE-2015-7860: "This vulnerability allows remote...

CVE-2015-7863

The default configuration of Persistent Accelerite Radia Client Automation formerly HP Client Automation 7.9 through 9.1 before 2015-02-19 enables a remote Notify capability without the Extended Notify Security features, which might allow remote attackers to bypass intended access restrictions vi...

CVE-2015-7862

Persistent Accelerite Radia Client Automation formerly HP Client Automation 7.9 through 9.1 before 2015-02-19 improperly implements the Role Based Access Control feature, which might allow remote attackers to modify an account's role assignments via unspecified vectors...

CVE-2015-7861

Persistent Accelerite Radia Client Automation formerly HP Client Automation, possibly before 9.1, allows remote attackers to execute arbitrary code by sending unspecified commands in an environment that lacks relationship-based firewalling...

CVE-2015-7860

Stack-based buffer overflow in the agent in Persistent Accelerite Radia Client Automation formerly HP Client Automation, possibly before 9.1, allows remote attackers to execute arbitrary code by sending a large amount of data in an environment that lacks relationship-based firewalling...

Design/Logic Flaw

Persistent Accelerite Radia Client Automation formerly HP Client Automation, possibly before 9.1, allows remote attackers to execute arbitrary code by sending unspecified commands in an environment that lacks relationship-based firewalling...

Stack overflow

Stack-based buffer overflow in the agent in Persistent Accelerite Radia Client Automation formerly HP Client Automation, possibly before 9.1, allows remote attackers to execute arbitrary code by sending a large amount of data in an environment that lacks relationship-based firewalling...

CVE-2015-7860

The CVE-2015-7860 issue affects Persistent Accelerite Radia Client Automation (formerly HP Client Automation) — specifically the Radia/Client Automation agent prior to version 9.1. The vulnerability is a stack-based buffer overflow in the agent that can be exploited remotely by sending a large am...

CVE-2015-7862

CVE-2015-7862 affects Persistent Accelerite Radia Client Automation (formerly HP Client Automation) versions 7.9–9.1 prior to 2015-02-19. The vulnerability stems from improper implementation of Role Based Access Control, allowing a remote attacker to modify an account’s role assignments via unspe...