2337 matches found
IBM AIX ToolTalk RPC Server Remote Buffer Overflow
ToolTalk is an inter-application communications system developed by Sun Microsystems in order to allow applications to communicate with each other at runtime. The ToolTalk service is designed to facilitate the development of inter-operating applications that serve individuals and work groups. A...
Vulnerability in RPC Could Allow Elevation of Privilege (970238)
This host is missing a critical security update according to Microsoft Bulletin MS09-026. OpenVAS Vulnerability Test $Id: secpodms09-026.nasl 5934 2017-04-11 12:28:28Z antu123 $ Vulnerability in RPC Could Allow Elevation of Privilege 970238 Authors: Antu Sanadi Updated By: Madhuri D on 2010-12-01...
Vulnerability in RPC Could Allow Elevation of Privilege (970238)
This host is missing a critical security update according to Microsoft Bulletin MS09-026. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Kernel BUG() in locks_remove_flock
Race condition in the dosetlk function in fs/nfs/file.c in the Linux kernel before 2.6.26 allows local users to cause a denial of service crash via vectors resulting in an interrupted RPC call that leads to a stray FLPOSIX lock, related to improper handling of a race between fcntl and close in th...
VulnCheck KEV: CVE-2009-0079
The RPCSS service in Microsoft Windows XP SP2 and SP3 and Server 2003 SP1 and SP2 does not properly implement isolation among a set of distinct processes that 1 all run under the NetworkService account or 2 all run under the LocalService account, which allows local users to gain privileges by...
Security Best Practice: Protect Yourself from MS-RPC and DCE-RPC Vulnerabilities
DCE/RPC stands for "Distributed Computing Environment / Remote Procedure Calls". It is a Remote Procedure Call system that allows software to work across multiple computers, as if it were all working on the same computer. This system allows programmers to write distributed software without having...
PT-2009-1235 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.26 Description: A race condition exists in the do setlk function, allowing local users to cause a denial of service by interrupting an RPC call, resulting in a stray FL POSIX lock. This issue is related to t...
BrightStor ARCserve and eTrust Antivirus Arbitrary Code Execution Vulnerability
Overview BrightStor ARCserve Backup and eTrust Antirus r7.1 have a problem in handling RPC requests and are vulnerable to arbitrary code execution. Impact A remote authenticated attacker could execute arbitrary code. Solution Please refer to the 'Vendor Information' section for the official...
VulnCheck KEV: CVE-2008-4250
The Server service in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, and 7 Pre-Beta allows remote attackers to execute arbitrary code via a crafted RPC request that triggers the overflow during path canonicalization, as exploited in the...
Microsoft Windows Server Service RPC Handling Remote Code Execution Vulnerability
Description Microsoft Windows is prone to a remote code-execution vulnerability that affects RPC Remote Procedure Call handling in the Server service. An attacker could exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will result in the complete...
[Full-disclosure] Assurent VR - CA ARCserve Backup DB Engine Denial of Service
CA ARCserve Backup DB Engine Denial of Service Assurent ID: FSC20081009-12 1. Affected Software CA ARCserve Backup 11.1 Windows CA ARCserve Backup 11.5 Windows CA ARCserve Backup 12.0 Windows Reference: http://www.ca.com/us/data-loss-prevention.aspx 2. Vulnerability Summary A vulnerability has be...
Microsoft Host Integration Server Remote Command Execution (MS08-059; CVE-2008-3466)
Microsoft Host Integration Server HIS is a gateway application that provides host access and integration, extending Microsoft Windows to other systems by integrating mission-critical host applications, data sources, messaging, and security systems. A remote code execution vulnerability has been...
CVE-2008-3838
Unspecified vulnerability in the NFS Remote Procedure Calls RPC zones implementation in Sun Solaris 10 and OpenSolaris before snv88 allows local administrators of non-global zones to read and modify NFS traffic for arbitrary non-global zones, possibly leading to file modifications or a denial of...
CA ARCserve Backup xdr_rwsstring buffer overflow
Added: 05/27/2008 CVE: CVE-2008-2242 BID: 29283 OSVDB: 45368 Background CA ARCserve Backup formerly BrightStor ARCserve Backup is a backup and recovery solution. It runs several services which use the SUN Remote Procedure Call SUN-RPC protocol. SUN-RPC messages are defined using the External Data...
CA ARCserve Backup xdr_rwsstring buffer overflow
Added: 05/27/2008 CVE: CVE-2008-2242 BID: 29283 OSVDB: 45368 Background CA ARCserve Backup formerly BrightStor ARCserve Backup is a backup and recovery solution. It runs several services which use the SUN Remote Procedure Call SUN-RPC protocol. SUN-RPC messages are defined using the External Data...
PT-2008-2569 · Emv · Emc Diskxtender
Name of the Vulnerable Software and Affected Versions: EMV DiskXtender version 6.20.060 Description: The issue allows remote attackers to bypass authentication due to a hard-coded login and password. This can be exploited via the RPC interface. Recommendations: For version 6.20.060, consider...
Out-of-Bounds
Overview Affected versions of this package are vulnerable to Out-of-Bounds. Buffer overflow in the RPC library lib/rpc/rpcdtablesize.c used by libgssrpc and kadmind in MIT Kerberos 5 krb5 1.2.2, and probably other versions before 1.3, when running on systems whose unistd.h does not define the...
Preemptive Protection against Novell Client nwspool.dll EnumPrinters Function Buffer Overflow Vulnerability
A buffer overflow vulnerability has been discovered in the Novel Client for Windows. The flaw is due to a boundary error in Novell Client's Spooler service nwspool.dll. The vulnerable service is included with the Novell Client for Microsoft Windows, and provides access to remote printing services...
CVE-2007-6701
Multiple stack-based buffer overflows in the Spooler service nwspool.dll in Novell Client 4.91 SP4 for Windows allow remote attackers to execute arbitrary code via long arguments to multiple unspecified RPC functions, aka Novell bug 287919, a different vulnerability than CVE-2007-2954...
wireshark RPC Portmap flaws
Wireshark formerly Ethereal 0.8.16 to 0.99.6 allows remote attackers to cause a denial of service crash via a malformed RPC Portmap packet...