175 matches found
Design/Logic Flaw
The Agent Control Interface in the management server in Symantec Critical System Protection SCSP 5.2.9 before MP6 and Symantec Data Center Security: Server Advanced SDCS:SA 6.0.x before 6.0 MP1 allows remote authenticated users to execute arbitrary commands by leveraging client-system access to...
CVE-2014-3440
The Agent Control Interface in the management server in Symantec Critical System Protection SCSP 5.2.9 before MP6 and Symantec Data Center Security: Server Advanced SDCS:SA 6.0.x before 6.0 MP1 allows remote authenticated users to execute arbitrary commands by leveraging client-system access to...
Design/Logic Flaw
The management server in Symantec Critical System Protection SCSP 5.2.9 through MP6 and Symantec Data Center Security: Server Advanced SDCS:SA 6.0.x through 6.0 MP1 allows local users to bypass intended Protection Policies via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in the ajaxswing webui in the Management Console server in the management server in Symantec Critical System Protection SCSP 5.2.9 through MP6 and Symantec Data Center Security: Server Advanced SDCS:SA 6.0.x through 6.0 MP1 allows remote authenticated users ...
CVE-2014-9226
CVE-2014-9226 affects Symantec Data Center Security: Server Advanced (SDCS:SA) version 6.0 MP1 and Symantec Critical System Protection (SCSP) 5.2.9 MP6. The SEC Consult advisory documents multiple default Protection Policy bypasses in the SDCS:SA Client and related components that allow an unauth...
Multiple Symantec Products Cross-Site Scripting Vulnerabilities
Symantec Critical System Protection is a suite of intrusion detection software that defends against zero-day threats, strengthens systems, and assists in maintaining compliance.Symantec Data Center Security: Server Advanced is a system protection software from Symantec. A cross-site scripting...
Multiple Symantec Product Remote Code Execution Vulnerabilities
Symantec Critical System Protection is a suite of intrusion detection software that defends against zero-day threats, strengthens systems, and assists in maintaining compliance.Symantec Data Center Security: Server Advanced is a system protection software from Symantec. A remote code execution...
Multiple Symantec Product Local Security Bypass Vulnerabilities
Symantec Critical System Protection is a suite of intrusion detection software that defends against zero-day threats, strengthens systems, and assists in maintaining compliance.Symantec Data Center Security: Server Advanced is a system protection software from Symantec. Multiple Symantec products...
Multiple Symantec Product SQL Injection Vulnerabilities
Symantec Critical System Protection is a suite of intrusion detection software that defends against zero-day threats, strengthens systems, and assists in maintaining compliance.Symantec Data Center Security: Server Advanced is a system protection software from Symantec. A SQL injection...
Multiple Symantec Product Information Disclosure Vulnerabilities
Symantec Critical System Protection is a suite of intrusion detection software that defends against zero-day threats, strengthens systems, and assists in maintaining compliance.Symantec Data Center Security: Server Advanced is a system protection software from Symantec. An information disclosure...
ARCservIT 6.61/6.63 Client asagent.tmp Arbitrary File Overwrite Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2741/info ARCservIT from Computer Associates contains a vulnerability which may allow malicious local users to overwrite arbitrary files. When it runs for the first time, 'asagent', opens and truncates it if it exists a...
Mac OS X <= 10.4.6 (launchd) Local Format String Exploit (ppc)
No description provided by source. !/usr/bin/perl http://www.digitalmunition.com/FailureToLaunch-ppc.pl Code by Kevin Finisterre kflistsatdigitalmunitiondotcom Much appreciation goes to John H for all kindsa random shit like exploiting Veritas and other random things in the past core... where the...
ARCservIT 6.61/6.63 Client inetd.tmp Arbitrary File Overwrite Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2748/info ARCservIT from Computer Associates contains a vulnerability which may allow malicious local users to corrupt arbitrary files. When it runs with the parameters 'inet add', 'asagent', opens and overwrites it if it...
Symantec Critical System Protection Installed
Binary data symanteccriticalsystemprotectioninstalled.nbin...
Symantec Critical System Protection for Windows Security Bypass (SYM14-008)
The version of Symantec Critical System Protection installed on the remote Windows host is a version prior to 5.2.9. It is, therefore, potentially affected by a security bypass vulnerability. The default policy settings are affected by a policy bypass when installed on an unpatched Windows host. ...
CVE-2013-5016
Symantec Critical System Protection SCSP before 5.2.9, when installed on an unpatched Windows Server 2003 R2 platform, allows remote attackers to bypass policy settings via unspecified vectors...
Design/Logic Flaw
Symantec Critical System Protection SCSP before 5.2.9, when installed on an unpatched Windows Server 2003 R2 platform, allows remote attackers to bypass policy settings via unspecified vectors...
CVE-2013-5016
Symantec Critical System Protection SCSP before 5.2.9, when installed on an unpatched Windows Server 2003 R2 platform, allows remote attackers to bypass policy settings via unspecified vectors...
SAP NetWeaver - SMB Relay
Application: SAP Vendor URL: http://www.sap.com Bugs: Security Bypass, Directory Traversal, SMB Relay Exploits: YES Reported: 01.07.2014 Vendor response: 02.07.2014 Date of Public Advisory: 15.12.2014 Reference: SAP Security Note 2056333 Author: Vahagn Vardanyan ERPScan VULNERABILITY INFORMATION...
World Economic Forum Sees Dark Side To Connectivity
The latest edition World Economic Forum’s Global Risks Report takes a dim view of our hyper connected world. At the group’s annual meeting in Davos, Switzerland, members wrestled with the consequences of ubiquitous Internet connectivity, concluding that groups or individuals with few resources ar...