728 matches found
DWebPro 8.4.2 - Multiple Vulnerabilities
Exploit for windows platform in category remote exploits Exploit Title: DWebPro 8.4.2 Remote Binary Execution Date: 01/10/2016 Exploit Author: Tulpa Contact: email protected Author website: www.tulpa-security.com Author twitter: @tulpasecurity Vendor Homepage: http://www.dwebpro.com/ Software Lin...
The vulnerability of the Linter Bastion database management system allows a malicious individual to control any service on a remote computer.
The RPC call with number 0x0A "0x0040AF25" allows a malicious individual to control any Windows service on a remote computer where linstmgr.exe is running, even though they have no authority to do so. This could enable the malicious individual to interfere with the normal operation of the service...
Huawei Mobile Broadband HL Service 22.001.25.00.03 Local Privilege Escalation
Huawei Mobile Broadband HL Service Local Privilege Escalation Metadata =================================================== Release Date: 12-05-2016 Author: Florian Bogner @ Kapsch BusinessCom AG https://www.kapsch.net/kbc Affected versions: up to the current 22.001.25.00.03 on x86 and x64 Tested...
Solarwinds Dameware Remote Mini Controller Windows service is vulnerable to stack buffer overflow
Overview The Solarwinds Dameware Remote Mini Controller Windows service is vulnerable to stack buffer overflow. Description CWE-121: Stack-based Buffer Overflow - CVE-2016-2345Solarwinds Dameware Remote Mini Controller is a software for assisting in remote desktop connections for helpdesk support...
Polycom BTOE Connector 2.3.0 Local Privilege Escalation
Title: Polycom BToE Connector up to version 2.3.0 allows unprivileged windows users to execute arbitrary code with SYSTEM privileges. Type of vulnerability: Privilege Escalation Exploitation vector: local Attack outcome: Code execution with SYSTEM privileges. Impact: CVSS Base Score 6,2 CVSS v2...
Tibbo AggreGate SCADA/HMI Server Service uploadDirectory Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Tibbo AggreGate SCADA/HMI. Authentication is not required to exploit this vulnerability. The specific flaw exists within the Windows service "AggreGate Server Service" agserverservice.exe. Through...
HP-UX PHSS_43690 : s700_800 11.31 X/Motif Runtime Patch
s700800 11.31 X/Motif Runtime Patch : Potential security vulnerabilities has been identified with HP-UX running the X Windows Service libraries. These vulnerabilities could be exploited remotely to create a Denial of Service DoS or execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network...
ESA-2015-044: EMC Documentum xMS Sensitive Information Disclosure Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2015-044: EMC Documentum xMS Sensitive Information Disclosure Vulnerability EMC Identifier: ESA-2015-044 CVE Identifier: CVE-2015-0527 Severity Rating: CVSS v2 Base Score: 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C Affected products: • EMC Documentum xCelerat...
CVE-2015-0527
EMC Documentum xCelerated Management System xMS 1.1 before P14 stores cleartext Windows Service credentials in a batch file during Documentum Platform and xCelerated Composition Platform xCP provisioning, which allows local users to obtain sensitive information by reading a file...
Design/Logic Flaw
EMC Documentum xCelerated Management System xMS 1.1 before P14 stores cleartext Windows Service credentials in a batch file during Documentum Platform and xCelerated Composition Platform xCP provisioning, which allows local users to obtain sensitive information by reading a file...
CVE-2015-0527
EMC Documentum xCelerated Management System xMS 1.1 before P14 stores cleartext Windows Service credentials in a batch file during Documentum Platform and xCelerated Composition Platform xCP provisioning, which allows local users to obtain sensitive information by reading a file...
CVE-2015-0527
EMC Documentum xCelerated Management System (xMS) 1.1 prior to P14 contains a sensitive information disclosure vulnerability where Windows Service credentials are stored in plaintext in batch files during provisioning of Documentum Platform or xCP. Local users can read these files to obtain crede...
CA ARCserve Backup DB Engine Denial of Service - Ver2 (CVE-2008-4399)
CA ARCserve Backup products offer data protection for distributed servers, clients,databases and applications. They provide centralized control over a series of distributed operationsincluding Backup and Restore, Data Migration, and Threat Management. There exists a denial of service vulnerabilit...
CA ARCserve Backup DB Engine Denial of Service - Ver2 (CVE-2008-4399)
CA ARCserve Backup products offer data protection for distributed servers, clients,databases and applications. They provide centralized control over a series of distributed operationsincluding Backup and Restore, Data Migration, and Threat Management. There exists a denial of service vulnerabilit...
CVE-2014-5455
Unquoted Windows search path vulnerability in the ptservice service prior to PrivateTunnel version 3.0 Windows and OpenVPN Connect version 3.1 Windows allows local users to gain privileges via a crafted program.exe file in the %SYSTEMDRIVE% folder...
Job Fails to Start Due to Timeout Caused by Desktop Heap Allocation Failure
Article Applicability The timeout error displayed in Veeam Backup & Replication can be caused by various factors. This article explicitly addresses a scenario where the Windows OS experiences a 'heap allocation' failure. Please note that the solution provided in this article is only applicable if...
CVE-2013-2278
Unspecified vulnerability in War FTP Daemon warftpd 1.82, when running as a Windows service, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors related to log messages and the "internal log handler to the Windows Event log."...
Code injection
Unspecified vulnerability in War FTP Daemon warftpd 1.82, when running as a Windows service, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors related to log messages and the "internal log handler to the Windows Event log."...
CVE-2013-2278
Unspecified vulnerability in War FTP Daemon warftpd 1.82, when running as a Windows service, allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via unknown vectors related to log messages and the "internal log handler to the Windows Event log."...
Windows Manage Driver Loader
This module loads a KMD Kernel Mode Driver using the Windows Service API. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SERVICEDEMANDSTART', 'boot' = 'SERVICEBOOTSTART', 'auto' =...