2108 matches found
Microsoft Excel COUNTRY Record Memory Corruption Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file. The specific flaw exists within the parsing of the BIFF file format used by...
CA Products That Embed Ingres Multiple Vulnerabilities
Title: CA Products That Embed Ingres Multiple Vulnerabilities CA Advisory Date: 2008-08-01 Reported By: iDefense Labs Impact: A remote attacker can execute arbitrary code, gain privileges, or cause a denial of service condition. Summary: CA products that embed Ingres contain multiple...
LANDesk Remote Control Service Detection
Binary data landeskremotecontroldetect.nbin...
Security Best Practice: Blocking TeamViewer
TeamViewer is a cross-platform remote control application that allows the user to take complete control over a computer anywhere on the Internet, even through firewalls. TeamViewer also has file-sharing and chat capabilities. The use of TeamViewer may circumvent the organizational security policy...
Share Trojan-free kill technology experience-vulnerability warning-the black bar safety net
Trojan horsefree kill,in the country should originate in the 0 to 5 years. From then on a single feature of the code is now a composite signature,antivirus software from Active defense to Active Defense. Free to killtechnology is increasingly difficult. But plus ça change--change the feature code...
Fake SMTP/FTP Server Detection (possible backdoor)
Although this service answers with 3 digit ASCII codes like FTP, SMTP or NNTP servers, it sends back different codes when several NOOP commands are sent in a row. This is probably a backdoor; in this case, your system is compromised and an attacker can control it remotely. C Tenable Network...
Motorola Timbuktu login request buffer overflow
Added: 05/15/2008 CVE: CVE-2007-4221 BID: 25454 OSVDB: 40124 Background Motorola Timbuktu is remote control software for Windows and Mac. It runs a service which listens for connections on port 407/TCP or 407/UDP. Problem A buffer overflow vulnerability when processing login requests allows remot...
Motorola Timbuktu login request buffer overflow
Added: 05/15/2008 CVE: CVE-2007-4221 BID: 25454 OSVDB: 40124 Background Motorola Timbuktu is remote control software for Windows and Mac. It runs a service which listens for connections on port 407/TCP or 407/UDP. Problem A buffer overflow vulnerability when processing login requests allows remot...
Motorola Timbuktu login request buffer overflow
Added: 05/15/2008 CVE: CVE-2007-4221 BID: 25454 OSVDB: 40124 Background Motorola Timbuktu is remote control software for Windows and Mac. It runs a service which listens for connections on port 407/TCP or 407/UDP. Problem A buffer overflow vulnerability when processing login requests allows remot...
Motorola Timbuktu login request buffer overflow
Added: 05/15/2008 CVE: CVE-2007-4221 BID: 25454 OSVDB: 40124 Background Motorola Timbuktu is remote control software for Windows and Mac. It runs a service which listens for connections on port 407/TCP or 407/UDP. Problem A buffer overflow vulnerability when processing login requests allows remot...
CA Unicenter DSM ITRM Legends ActiveX integer overflow
Overview The CA Unicenter DSM ITRM Legends ActiveX control contains an integer overflow vulnerability, which can allow a remote attacker to execute arbitrary code on a vulnerable system. Description CA Unicenter DSM ITRM Legends is an ActiveX control that is included with multiple CA products. Th...
CA DSM gui_cm_ctrls ActiveX Control Vulnerability
Title: CA DSM guicmctrls ActiveX Control Vulnerability CA Advisory Date: 2008-04-15 Reported By: Greg Linares of eEye Digital Security Impact: A remote attacker can execute arbitrary code or cause a denial of service condition. Summary: CA products that implement the DSM guicmctrls ActiveX contro...
Explain in detail the hacker used a remote control Trojan horse-vulnerability warning-the black bar safety net
Like browsing online the news people will often see someone privacy is hack theft, or in order to blackmail the victim thing. Here we might ask, How do they do it? In fact, the answer is very simple, but is the use of a remote Trojan to achieve control, the following the author will for the hacki...
CA Multiple Products DSM ListCtrl ActiveX Control Buffer Overflow Vulnerability
Title: CA Multiple Products DSM ListCtrl ActiveX Control Buffer Overflow Vulnerability CVE: CVE-2008-1472 CA Advisory Date: 2008-03-28 Reported By: Exploit code posted at milw0rm.com Impact: A remote attacker can cause a denial of service or execute arbitrary code. Summary: CA products that...
Vulnerabilities in Timbuktu Pro 8.6.5
Luigi Auriemma Application: Timbuktu Pro Remote Control Software http://www.netopia.com/software/products/tb2/ Versions: = 8.6.5 RC 229 Platforms: Windows Mac OS X has not been tested Bugs: A Denial of Service B limited upload directory traversal Exploitation: remote Date: 10 Mar 2008 Author: Lui...
Move Networks Quantum Streaming Player Control - Remote Buffer Overflow
function Check // win32exec - EXITFUNC=seh CMD=c:\windows\system32\calc.exe Size=378 Encoder=Alpha2 http://metasploit.com var shellcode1 = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u4949%u4949" + "%u4948%u4949%u4949%u4949%u4949%u4949%u5a51%u436a" +...
Move Networks Quantum Streaming Player Control - Remote Buffer Overflow
Move Networks Quantum Streaming Player Control - Remote Buffer Overflow function Check // win32exec - EXITFUNC=seh CMD=c:\windows\system32\calc.exe Size=378 Encoder=Alpha2 http://metasploit.com var shellcode1 = unescape"%u03eb%ueb59%ue805%ufff8%uffff%u4949%u4949%u4949" +...
VNCviewer in Listen Mode Detection
The remote service is a VNC viewer in listen mode, allowing VNC servers to initiate reverse connections back to the client running on the remote host. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid30150;...
CVE-2008-0383
CVE-2008-0383 affects MyBB 1.2.10 and earlier. The vulnerability is a set of SQL injection flaws exploitable via specific parameters: mergepost in do_mergeposts, rid in allreports, threads in do_multimovethreads (moderation.php), and gid in admin/usergroups.php. Root cause is improper handling of...
UPnP enabled by default in multiple devices
Overview Multiple vendors ship devices with UPnP enabled by default. By convincing a user to open a malicious URL, an attacker may be able to remotely control or configure UPnP enabled devices. Description Universal Plug and Play UPnP is a collection of protocols maintained and distributed by the...