21 matches found
EUVD-2015-7760
Malware in sbrugna...
EUVD-2015-7759
Malware in sbrugna...
EUVD-2015-7761
Malware in sbrugna...
HP Client Automation and Radia Client Automation is vulnerable to remote code execution
Overview Radia Client Automation previously sold under the name HP Client Automation agent prior to version 9.1 is vulnerable to arbitrary remote code execution. Description According to ZDI's advisory for ZDI-15-363, which has been assigned CVE-2015-7860: "This vulnerability allows remote...
CVE-2015-7863
The default configuration of Persistent Accelerite Radia Client Automation formerly HP Client Automation 7.9 through 9.1 before 2015-02-19 enables a remote Notify capability without the Extended Notify Security features, which might allow remote attackers to bypass intended access restrictions vi...
CVE-2015-7861
Persistent Accelerite Radia Client Automation formerly HP Client Automation, possibly before 9.1, allows remote attackers to execute arbitrary code by sending unspecified commands in an environment that lacks relationship-based firewalling...
CVE-2015-7860
Stack-based buffer overflow in the agent in Persistent Accelerite Radia Client Automation formerly HP Client Automation, possibly before 9.1, allows remote attackers to execute arbitrary code by sending a large amount of data in an environment that lacks relationship-based firewalling...
Design/Logic Flaw
Persistent Accelerite Radia Client Automation formerly HP Client Automation, possibly before 9.1, allows remote attackers to execute arbitrary code by sending unspecified commands in an environment that lacks relationship-based firewalling...
Improper access control
Persistent Accelerite Radia Client Automation formerly HP Client Automation 7.9 through 9.1 before 2015-02-19 improperly implements the Role Based Access Control feature, which might allow remote attackers to modify an account's role assignments via unspecified vectors...
Stack overflow
Stack-based buffer overflow in the agent in Persistent Accelerite Radia Client Automation formerly HP Client Automation, possibly before 9.1, allows remote attackers to execute arbitrary code by sending a large amount of data in an environment that lacks relationship-based firewalling...
CVE-2015-7862
Persistent Accelerite Radia Client Automation formerly HP Client Automation 7.9 through 9.1 before 2015-02-19 improperly implements the Role Based Access Control feature, which might allow remote attackers to modify an account's role assignments via unspecified vectors...
CVE-2015-7861
Persistent Accelerite Radia Client Automation formerly HP Client Automation, possibly before 9.1, allows remote attackers to execute arbitrary code by sending unspecified commands in an environment that lacks relationship-based firewalling...
CVE-2015-7860
The CVE-2015-7860 issue affects Persistent Accelerite Radia Client Automation (formerly HP Client Automation) — specifically the Radia/Client Automation agent prior to version 9.1. The vulnerability is a stack-based buffer overflow in the agent that can be exploited remotely by sending a large am...
CVE-2015-7863
The default configuration of Persistent Accelerite Radia Client Automation formerly HP Client Automation 7.9 through 9.1 before 2015-02-19 enables a remote Notify capability without the Extended Notify Security features, which might allow remote attackers to bypass intended access restrictions vi...
CVE-2015-7862
CVE-2015-7862 affects Persistent Accelerite Radia Client Automation (formerly HP Client Automation) versions 7.9–9.1 prior to 2015-02-19. The vulnerability stems from improper implementation of Role Based Access Control, allowing a remote attacker to modify an account’s role assignments via unspe...
CVE-2015-7861
The CVE-2015-7861 vulnerability affects Hewlett-Packard/Radia Client Automation agent (formerly HP Client Automation) before version 9.1. An unauthenticated attacker could remotely execute arbitrary code by sending arbitrary commands to the agent, potentially gaining SYSTEM privileges. Exploitati...
CVE-2015-7863
CVE-2015-7863 affects Persistent Accelerite Radia Client Automation (formerly HP Client Automation) versions 7.9–9.1 prior to 2015-02-19. The root cause is the default configuration failing to protect the Remote Notify feature with Extended Notify Security, allowing a remote attacker to bypass ac...
Persistent Systems Radia Client Automation Agent Command Injection
The Persistent Systems Radia Client Automation formerly HP Client Automation agent listening on the remote port is affected by a command execution vulnerability due to a flaw in the radexecd.exe component. An unauthenticated, remote attacker can exploit this to execute arbitrary commands in the...
Radia Client Automation radexecd.exe command injection
Added: 02/25/2015 CVE: CVE-2015-1497 BID: 72612 OSVDB: 118382 Background Radia Client Automation is an endpoint management solution. Problem The radexecd.exe daemon does not properly authenticate or sanitize user requests, allowing remote attackers to execute arbitrary commands. Resolution Use th...
Radia Client Automation radexecd.exe command injection
Added: 02/25/2015 CVE: CVE-2015-1497 BID: 72612 OSVDB: 118382 Background Radia Client Automation is an endpoint management solution. Problem The radexecd.exe daemon does not properly authenticate or sanitize user requests, allowing remote attackers to execute arbitrary commands. Resolution Use th...