50 matches found
[SECURITY] [DLA 2294-1] salt security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-2294-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz July 28, 2020 https://wiki.debian.org/LTS -...
Beckhoff TwinCAT Remote Manager Detection (Windows SMB Login)
Detects the installed version of Beckhoff TwinCAT Remote Manager for Windows. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Nanopool Claymore Dual Miner APIs RCE
This module takes advantage of miner remote manager APIs to exploit an RCE vulnerability. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Nanopool Claymore Dual Miner APIs RCE', 'Description' =...
CVE-2017-5182
Remote Manager in Open Enterprise Server OES allows unauthenticated remote attackers to read any arbitrary file, via a specially crafted URL, that allows complete directory traversal and total information disclosure. This vulnerability is present on all versions of OES for linux, it applies to...
Information disclosure
Remote Manager in Open Enterprise Server OES allows unauthenticated remote attackers to read any arbitrary file, via a specially crafted URL, that allows complete directory traversal and total information disclosure. This vulnerability is present on all versions of OES for linux, it applies to...
CVE-2017-5182
Remote Manager in Open Enterprise Server OES allows unauthenticated remote attackers to read any arbitrary file, via a specially crafted URL, that allows complete directory traversal and total information disclosure. This vulnerability is present on all versions of OES for linux, it applies to...
CVE-2017-5182
Open Enterprise Server (OES) Remote Manager on Linux is affected by a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files via a specially crafted URL. The issue impacts multiple OES lines (e.g., OES2015 SP1 before 11080, OES2015 before 11079, OES11 SP3 ...
Novell Remote Manager Off-by-One Denial of Service
An off-by-one denial of service vulnerability has been reported in Novell Remote Manager. The vulnerability is due to insufficient validation of the HTTP Host header values. A remote attacker can exploit this vulnerability by sending a specially crafted HTTP POST request to the vulnerable server...
Novell SUSE Linux Enterprise Server Remote Manager Heap Overflow (CVE-2005-3655)
The SUSE Enterprise Linux Server is an operating system designed for medium to large organizations. It contains numerous server components which are operational in default installation of the system. The server may optionally be controlled remotely through a web interface provided by the Novell...
netbeware.txt
Novell Netware 6.5 Remote Manager HTML Injection Exploit Username: Password: Example -- Username: "var ex=new ActiveXObject"WScript.Shell";ex.run'cmd.exe /C ver';...
Novell Open Enterprise Server Remote Manager (novell-nrm) POST Request Content-Length Overflow
The remote host is running Novell Remote Manager HTTP service for SuSE Enterprise or Open Enterprise Server. The remote version of this software is vulnerable to a heap overflow attack that may be exploited by sending a negative value for the 'Content-Length' field. Since the 'httpstkd' service...
iDefense Security Advisory 01.13.06: Novell SUSE Linux Enterprise Server Remote Manager Heap Overflow
Novell SUSE Linux Enterprise Server Remote Manager Heap Overflow iDefense Security Advisory 01.13.06 http://www.idefense.com/application/poi/display?type=vulnerabilities January 13, 2006 I. BACKGROUND Novell SUSE Linux Enterprise Server is a platform for open source computing in an enterprise...
Novell SUSE Linux Enterprise Server Remote Manager buffer overflow
Integer overflow on negative HTTP POST Content-Length: paramters leads to 4-bytes heap overflow...
CVE-2005-3655
CVE-2005-3655 describes a heap-based buffer overflow in Novell Open Enterprise Server Remote Manager (novell-nrm) for SUSE Linux Enterprise Server 9. The vulnerability arises from improper handling of HTTP POST requests with a negative Content-Length, allowing an unauthenticated attacker to injec...
CVE-2002-2096
Buffer overflow in Novell Remote Manager module, httpstk.nlm, in NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary code via a long 1 username or 2 password...
CVE-2002-2096
This CVE affects NetWare 5.1 and NetWare 6 where the Novell Remote Manager module (httpstk.nlm) has a buffer overflow vulnerability in which a long username or password can allow remote arbitrary code execution. Root cause is a buffer overflow in httpstk.nlm. The connected sources document this v...
CVE-2002-1552
Summary: CVE-2002-1552 affects Novell eDirectory (eDir) 8.6.2 and NetWare 5.1 eDir 85.x. When users with expired passwords log in via Remote Manager, they may gain inappropriate permissions. The issue is supported by multiple sources (NVD/NVDCVE and CVE records) with a CVSS v2 base score of 7.5 (...
CVE-2002-1552
Novell eDirectory eDir 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager...
CVE-2002-1552
Novell eDirectory eDir 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager...
CVE-2002-2096
Buffer overflow in Novell Remote Manager module, httpstk.nlm, in NetWare 5.1 and NetWare 6 allows remote attackers to execute arbitrary code via a long 1 username or 2 password...