12 matches found
SUSE CVE-2007-5360
Buffer overflow in OpenPegasus Management server, when compiled to use PAM and with PEGASUSUSEPAMSTANDALONEPROC defined, as used in VMWare ESX Server 3.0.1 and 3.0.2, might allow remote attackers to execute arbitrary code via vectors related to PAM authentication, a different vulnerability than...
VMSA-2008-0001 : Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages
I Service Console package security updates a. OpenPegasus PAM Authentication Buffer Overflow Alexander Sotirov from VMware Security Research discovered a buffer overflow vulnerability in the OpenPegasus Management server. This flaw could be exploited by a malicious remote user on the service...
HP-UX PHSS_37704 : HP-UX running WBEM Services, Remote Execution of Arbitrary Code, Gain Extended Privileges (HPSBMA02331 SSRT080000 rev.3)
s700800 11.31 HP WBEM Services A.02.05.08 : Potential security vulnerabilities have been identified with HP-UX running WBEM Services. These vulnerabilities could be exploited remotely to execute arbitrary code or to gain extended privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Th...
HP-UX PHSS_37702 : HP-UX running WBEM Services, Remote Execution of Arbitrary Code, Gain Extended Privileges (HPSBMA02331 SSRT080000 rev.3)
s700800 11.11 HP WBEM Services A.02.05.08 : Potential security vulnerabilities have been identified with HP-UX running WBEM Services. These vulnerabilities could be exploited remotely to execute arbitrary code or to gain extended privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Th...
HP-UX PHSS_37703 : HP-UX running WBEM Services, Remote Execution of Arbitrary Code, Gain Extended Privileges (HPSBMA02331 SSRT080000 rev.3)
s700800 11.23 HP WBEM Services A.02.05.08 : Potential security vulnerabilities have been identified with HP-UX running WBEM Services. These vulnerabilities could be exploited remotely to execute arbitrary code or to gain extended privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. Th...
HP-UX PHSS_37891 : HP-UX running WBEM Services, Remote Execution of Arbitrary Code, Gain Extended Privileges (HPSBMA02331 SSRT080000 rev.3)
s700800 11.31 HP WBEM Services A.02.07 : Potential security vulnerabilities have been identified with HP-UX running WBEM Services. These vulnerabilities could be exploited remotely to execute arbitrary code or to gain extended privileges. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...
[security bulletin] HPSBMA02331 SSRT080000 rev.1 - HP-UX running WBEM Services, Remote Execution of Arbitrary Code, Gain Extended Privileges
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c01438409 Version: 1 HPSBMA02331 SSRT080000 rev.1 - HP-UX running WBEM Services, Remote Execution of Arbitrary Code, Gain Extended Privileges NOTICE: The information in this Security Bulletin shou...
OpenPegasus管理服务器PAM认证模块远程栈溢出漏洞
BUGTRAQ ID: 27188,27172 CVECAN ID: CVE-2008-0003,CVE-2007-5360 OpenPegasus是一个开源项目,用于实现DMTF CIM和WBEM企业管理标准。 OpenPegasus的PAM认证模块实现上存在缓冲区溢出漏洞,远程攻击者可能利用此漏洞控制服务器。 OpenPegasus的PAM认证模块中的PAMBasicAuthenticator::PAMCallback函数存在缓冲区溢出漏洞: // // copy the user password // respi-resp = char mallocPAMMAXMSGSIZE;...
DSquare Exploit Pack: D2SEC_VMWARE_PEGASUS
Name| d2secvmwarepegasus ---|--- CVE| CVE-2007-5360 Exploit Pack| D2ExploitPack Description| VMware ESX Server OpenPegasus overflow Notes|...
DSquare Exploit Pack: D2SEC_VMPEGASUS
Name| d2secvmpegasus ---|--- CVE| CVE-2007-5360 Exploit Pack| D2ExploitPack Description| VMware ESX Server OpenPegasus overflow Notes|...
CVE-2007-5360
CVE-2007-5360 : A stack-based buffer overflow in the PAM-authenticated OpenPegasus Management server can allow a remote attacker to execute arbitrary code when OpenPegasus is compiled with PAM support (PEGASUS_USE_PAM_STANDALONE_PROC not defined). This affects VMware ESX Server 3.0.1/3.0.2 deploy...
VMSA-2008-0001 Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2008-0001 Synopsis: Moderate OpenPegasus PAM Authentication Buffer Overflow and updated service console packages Issue date: 2008-01-07...