CVE-2016-6598

BMC Track-It! 11.4 before Hotfix 3 is affected by CVE-2016-6598. An unauthenticated .NET Remoting FileStorageService on port 9010 allows uploading a file to an arbitrary path on the Track-It! server, which can lead to code execution as NETWORK SERVICE or SYSTEM. Root cause: unauthenticated remote...

CVE-2016-6598

BMC Track-It! 11.4 before Hotfix 3 exposes an unauthenticated .NET remoting file storage service FileStorageService on port 9010. This service contains a method that allows uploading a file to an arbitrary path on the machine that is running Track-It!. This can be used to upload a file to the web...

Remote code execution

Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an unauthenticated remote code execution. An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java SignedObject object to the Jenkins CLI, that would be deserialized...

CVE-2017-1000354

Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to a login command which allowed impersonating any Jenkins user. The login command available in the remoting-based CLI stored the encrypted user name of the successfully authenticated user in a cache file used to...

CVE-2017-1000353

Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an unauthenticated remote code execution. An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java SignedObject object to the Jenkins CLI, that would be deserialized...

CVE-2017-1000353

Jenkins versions 2.56 and earlier as well as 2.46.1 LTS and earlier are vulnerable to an unauthenticated remote code execution. An unauthenticated remote code execution vulnerability allowed attackers to transfer a serialized Java SignedObject object to the Jenkins CLI, that would be deserialized...

BMC Track-It! 11.4 Code Execution / Information Disclosure

Happy new year! I was doing some new year cleaning and realised I never released this advisory properly. Two vulnerabilities in BMC Track-It! 11.4 which were disclosed by SecuriTeam Secure Disclosure on July 2016. Posting here because I've seen quite a few of these still in active use, live and...

RemObjects Remoting SDK Cross-Site Scripting Vulnerability

RemObjects Remoting SDK for Delphi is a set of cross-platform remote mobile application development tools. A cross-site scripting vulnerability exists in RemObjects Remoting SDK for Delphi 9 version 1.0.0.0. The vulnerability can be exploited to inject arbitrary web script or HTML by sending the...

CVE-2017-16665

RemObjects Remoting SDK 9 1.0.0.0 for Delphi is vulnerable to a reflected Cross Site Scripting XSS attack via the service parameter to the /soap URI, triggering an invalid attempt to generate WSDL...

CVE-2017-16665

RemObjects Remoting SDK 9 1.0.0.0 for Delphi is vulnerable to a reflected Cross Site Scripting XSS attack via the service parameter to the /soap URI, triggering an invalid attempt to generate WSDL...

CVE-2017-16665

RemObjects Remoting SDK 9 1.0.0.0 for Delphi is vulnerable to a reflected Cross Site Scripting XSS attack via the service parameter to the /soap URI, triggering an invalid attempt to generate WSDL...

Cross site scripting

RemObjects Remoting SDK 9 1.0.0.0 for Delphi is vulnerable to a reflected Cross Site Scripting XSS attack via the service parameter to the /soap URI, triggering an invalid attempt to generate WSDL...

CVE-2017-16665

RemObjects Remoting SDK 9 1.0.0.0 for Delphi is vulnerable to a reflected Cross Site Scripting XSS attack via the service parameter to the /soap URI, triggering an invalid attempt to generate WSDL...

CVE-2017-16665

RemObjects Remoting SDK 9 1.0.0.0 for Delphi is vulnerable to a reflected Cross Site Scripting (XSS) attack via the service parameter to the /soap URI, as described in CVE-2017-16665. The issue arises when processing a request that triggers an invalid attempt to generate WSDL, enabling injection ...

HPE Operations Orchestration central-remoting Insecure Deserialization (CVE-2017-8994)

An insecure deserialization vulnerability in HPE Operations Orchestration. The vulnerability is due to the deserialization of untrusted data in central-remoting servlets. A remote, unauthenticated attacker can exploit this vulnerability by sending crafted serialized data to the target application...

Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 (KB 4040974)

Security and Quality Rollup for .NET Framework 4.5.2 for Windows 8.1, Windows RT 8.1, and Windows Server 2012 R2 KB 4040974 Notice This update is included in the Security and Quality Rollup that's dated November 14, 2017. This update was previously released as part of the Preview of Quality Rollu...

Hewlett Packard Enterprise Operations Orchestration Central-Remoting Deserialization of Untrusted Data Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Hewlett Packard Enterprise Operations Orchestration. Authentication is not required to exploit this vulnerability. The specific flaw exists within the central-remoting servlet. The issue lies in th...

CVE-2017-1000034

Akka versions =2.4.16 and 2.5-M1 are vulnerable to a java deserialization attack in its Remoting component resulting in remote code execution in the context of the ActorSystem...

Akka Remoting Component Remote Code Execution Vulnerability

Akka is an open source toolkit for building highly concurrent and distributed message-driven applications.Remoting component is one of the remote interaction component. A security vulnerability exists in the Remoting component in Akka versions 2.4.16 and earlier and 2.5-M1. A remote attacker can...

Deserialization of untrusted data

Akka versions =2.4.16 and 2.5-M1 are vulnerable to a java deserialization attack in its Remoting component resulting in remote code execution in the context of the ActorSystem...