Lucene search
K

190 matches found

exploitpack
exploitpack
added 2010/08/27 12:0 a.m.16 views

McAfee LinuxShield 1.5.1 - LocalRemote File Inclusion Remote Code Execution

McAfee LinuxShield 1.5.1 - LocalRemote File Inclusion Remote Code Execution !/usr/bin/perl Title: McAfee LinuxShield WARNING: This Exploit deletes the default Update Server Use it only for education or ethical pentesting! The author accepts no liability for damage caused by this tool. use strict;...

0.1AI score
Exploits0
Exploit DB
Exploit DB
added 2010/08/27 12:0 a.m.27 views

McAfee LinuxShield 1.5.1 - Local/Remote File Inclusion / Remote Code Execution

!/usr/bin/perl Title: McAfee LinuxShield WARNING: This Exploit deletes the default Update Server Use it only for education or ethical pentesting! The author accepts no liability for damage caused by this tool. use strict; use IO::Socket::SSL; use Getopt::Std; my %args; my $ack; my $timestamp;...

7AI score
Exploits0
F5 Networks
F5 Networks
added 2010/01/04 12:0 a.m.55 views

SOL10905 - NTP vulnerability - CVE-2009-3563

F5 Product Development has determined that these BIG-IP and Enterprise Manager versions use a vulnerable version of NTP. However, the vulnerable code is not used by default on these BIG-IP or Enterprise Manager systems. These products are only vulnerable if NTP was manually configured and enabled...

6.4CVSS7.5AI score0.32288EPSS
Exploits3
OpenVAS
OpenVAS
added 2009/02/17 12:0 a.m.18 views

Fedora Update for cobbler FEDORA-2008-9745

Check for the Version of cobbler OpenVAS Vulnerability Test Fedora Update for cobbler FEDORA-2008-9745 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

9CVSS0.1AI score0.02145EPSS
Exploits0References2
CERT
CERT
added 2008/12/25 12:0 a.m.26 views

Trend Micro HouseCall ActiveX control does not adequately validate update server parameters

Overview The Trend Micro HouseCall ActiveX control contains a vulnerability that can allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description The Trend Micro HouseCall ActiveX control HousecallActiveX.dll includes an update feature. A web page hosting...

9.3CVSS7.7AI score0.06998EPSS
Exploits0References6
Prion
Prion
added 2008/12/23 6:30 p.m.18 views

Remote code execution

The Trend Micro HouseCall ActiveX control 6.51.0.1028 and 6.6.0.1278 in HousecallActiveX.dll allows remote attackers to download an arbitrary library file onto a client system via a "custom update server" argument. NOTE: this can be leveraged for code execution by writing to a Startup folder...

9.3CVSS7.8AI score0.06998EPSS
Exploits0References10Affected Software1
Fedora
Fedora
added 2008/11/19 2:49 p.m.16 views

[SECURITY] Fedora 8 Update: cobbler-1.2.9-1.fc8

Cobbler is a network boot and update server. Cobbler supports PXE, provisioning virtualized images, and reinstalling existing Linux machines. The last two modes require a helper tool called 'koan' that integrates with cobbler. Cobbler's advanced features include importing distributions from DVDs...

7AI score
Exploits0
Prion
Prion
added 2008/01/23 12:0 p.m.14 views

Directory traversal

Directory traversal vulnerability in BitDefender Update Server http.exe, as used in BitDefender products including Security for Fileservers and Enterprise Manager BDEM, allows remote attackers to read arbitrary files via .. dot dot sequences in an HTTP request...

7.8CVSS7.3AI score0.08531EPSS
Exploits1References8
NVD
NVD
added 2008/01/23 12:0 p.m.21 views

CVE-2008-0396

Directory traversal vulnerability in BitDefender Update Server http.exe, as used in BitDefender products including Security for Fileservers and Enterprise Manager BDEM, allows remote attackers to read arbitrary files via .. dot dot sequences in an HTTP request...

7.8CVSS6.8AI score0.08531EPSS
Exploits1References8
Cvelist
Cvelist
added 2008/01/23 11:0 a.m.19 views

CVE-2008-0396

Directory traversal vulnerability in BitDefender Update Server http.exe, as used in BitDefender products including Security for Fileservers and Enterprise Manager BDEM, allows remote attackers to read arbitrary files via .. dot dot sequences in an HTTP request...

6.8AI score0.08531EPSS
Exploits1References8
CVE
CVE
added 2008/01/23 11:0 a.m.47 views

CVE-2008-0396

CVE-2008-0396 is a directory traversal vulnerability in BitDefender Update Server (http.exe) used by BitDefender products. The vulnerability allows an unauthenticated remote attacker to read arbitrary files by crafting HTTP requests with directory traversal sequences (..). The issue affects the U...

7.8CVSS6.8AI score0.08531EPSS
Exploits1References8Affected Software1
Tenable Nessus
Tenable Nessus
added 2008/01/21 12:0 a.m.48 views

BitDefender Update Server Detection

The remote web server is a BitDefender Update Server, used for centralized updates of BitDefender products on a local network. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid30020; scriptversion"1.15"; scriptsetattributeattribute:"pluginmodificationdate",...

5.5AI score
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2008/01/21 12:0 a.m.20 views

BitDefender Update Server HTTP Request Traversal Arbitrary File Access

The version of BitDefender Update Server running on the remote host fails to sanitize request strings of directory traversal sequences, which allows an unauthenticated attacker to read files outside the web server's document directory. Note that the server runs with LocalSystem privileges by...

7.8CVSS5.5AI score0.08531EPSS
Exploits1References2
securityvulns
securityvulns
added 2008/01/20 12:0 a.m.27 views

BitDefender Update Server directory traversal

HTTP server directory traversal with /../...

1.4AI score
Exploits0References1
securityvulns
securityvulns
added 2008/01/20 12:0 a.m.46 views

BitDefender Update Server - Unauthorized Remote File Access Vulnerability

BitDefender Update Server - Unauthorized Remote File Access Vulnerability ==================================================== Affected Products: - BitDefender Security for Fileservers - BitDefender Enterprise Manager BDEM - All BitDefender Products, using their internal update server product...

0.3AI score
Exploits0
exploitpack
exploitpack
added 2008/01/19 12:0 a.m.9 views

BitDefender Products - Update Server HTTP Daemon Directory Traversal

BitDefender Products - Update Server HTTP Daemon Directory Traversal source: https://www.securityfocus.com/bid/27358/info BitDefender Update Server is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue allows an...

Exploits0
Exploit DB
Exploit DB
added 2008/01/19 12:0 a.m.28 views

BitDefender Products - Update Server HTTP Daemon Directory Traversal

source: https://www.securityfocus.com/bid/27358/info BitDefender Update Server is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data. Exploiting this issue allows an attacker to access potentially sensitive information that could aid in...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2006/07/28 12:0 a.m.83 views

PatchLink Update Server checkprofile.asp checkid Parameter SQL Injection

The remote host is running PatchLink Update Server, a patch and vulnerability management solution. The version of PatchLink Update Server installed on the remote host fails to sanitize user-supplied input to the 'agentid' parameter of the '/dagent/checkprofile.php' script before using it to...

7.5CVSS5.7AI score0.01784EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2006/07/28 12:0 a.m.35 views

PatchLink Update Server nwupload.asp Traversal Arbitrary File Write

The remote host is running PatchLink Update Server, a patch and vulnerability management solution. The version of PatchLink Update Server installed on the remote fails to sanitize input to the '/dagent/nwupload.asp' script of directory traversal sequences and does not require authentication befor...

5CVSS5.7AI score0.02626EPSS
Exploits0References3
NVD
NVD
added 2006/07/07 12:5 a.m.19 views

CVE-2006-3430

SQL injection vulnerability in checkprofile.asp in 1 PatchLink Update Server PLUS before 6.1 P1 and 6.2.x before 6.2 SR1 P1 and 2 Novell ZENworks 6.2 SR1 and earlier, allows remote attackers to execute arbitrary SQL commands via the agentid parameter...

7.5CVSS8.4AI score0.01784EPSS
Exploits0References10
Rows per page
Query Builder