7 matches found
EUVD-2021-34727
OpenBMCS 2.4 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive files by exploiting directory listing functionality. Attackers can browse directories like /debug/ and /php/ to discover configuration files, database credentials, and system...
CVE-2021-47718
OpenBMCS 2.4 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive files by exploiting directory listing functionality. Attackers can browse directories like /debug/ and /php/ to discover configuration files, database credentials, and system...
CVE-2021-47718 OpenBMCS Directory Listing Information Disclosure
OpenBMCS 2.4 contains an information disclosure vulnerability that allows unauthenticated attackers to access sensitive files by exploiting directory listing functionality. Attackers can browse directories like /debug/ and /php/ to discover configuration files, database credentials, and system...
PT-2025-50242
Name of the Vulnerable Software and Affected Versions OpenBMCS version 2.4 Description An information disclosure issue exists in OpenBMCS version 2.4 that allows unauthenticated attackers to access sensitive files. This is possible through exploitation of directory listing functionality. Attacker...
PortEx - Java Library To Analyse Portable Executable Files With A Special Focus On Malware Analysis And PE Malformation Robustness
PortEx is a Java library for static malware analysis of Portable Executable files. Its focus is on PE malformation robustness, and anomaly detection. PortEx is written in Java and Scala, and targeted at Java applications. Features Reading header information from: MSDOS Header, COFF File Header,...
PEframe - Tool to perform static analysis on Portable Executable malware
PEframe is a open source tool to perform static analysis on Portable Executable malware. Usage $ peframe malware.exe $ peframe --option malware.exe Options --json Output in json --import Imported function and dll --export Exported function and dll --dir-import Import directory --dir-export Export...
MS Windows XP Workstation Service Remote Exploit (MS03-049)
漏洞描述:Microsoft DCE/RPC服务可以提供网络管理功能,这些功能提供管理用户帐户和网络资源管理的功能。部分网络管理功能在Windows目录下的"debug"子目录会生成调试日志文件。Microsoft Workstation服务在处理日志记录时缺少充分的边界缓冲区检查,远程攻击者可以利用这个漏洞提供超长参数触发缓冲区溢出,以SYSTEM权限在系统上执行任意指令。 日志功能中使用vsprintf在日志文件中生成字符串,日志文件名为"NetSetup.LOG",其保存在Windows "debug"目录中。...