CVE-2008-1411

The PXE Server pxesrv.exe in Acronis Snap Deploy 2.0.0.1076 and earlier allows remote attackers to cause a denial of service crash via an incomplete TFTP request, which triggers a NULL pointer dereference...

CVE-2008-1411

The CVE-2008-1411 entry affects the PXE Server (pxesrv.exe) in Acronis Snap Deploy 2.0.0.1076 and earlier. The issue is a denial of service (crash) caused by an incomplete TFTP request that triggers a NULL pointer dereference in the PXE server. This is the explicit vulnerability described in the ...

CVE-2008-1410

CVE-2008-1410 affects Acronis Snap Deploy 2.0.0.1076 and earlier, where the PXE Server (pxesrv.exe) is vulnerable to directory traversal via the TFTP service. This allows remote attackers to read arbitrary files from the affected system. The vulnerability is documented with a CVSSv2 base score of...

Acronis Snap Deploy PXE Server TFTP目录遍历和拒绝服务漏洞

BUGTRAQ ID: 28182 CNCAN ID:CNCAN-2008031101 Acronis PXE Server是一款Acronis Snap Deploy服务器的组建，用于配置管理。 Acronis PXE Server不正确处理用户提交的请求，远程攻击者可以利用漏洞对应用程序进行拒绝服务或目录遍历攻击。 PXE Server pxesrv.exe实现的TFTP服务器目录"../"字符缺少过滤，可导致目录遍历问题，以应用程序权限查看系统文件内容。 不完全的TFTP请求可导致NULL指针访问而使系统崩溃。 Acronis Snap Deploy 2.0.0.1076...

acronis pxe server 2.0.0.1076 - Directory Traversal Null Pointer

acronis pxe server 2.0.0.1076 - Directory Traversal Null Pointer Luigi Auriemma Application: Acronis PXE Server http://www.acronis.com/enterprise/products/snapdeploy/ Versions: = 2.0.0.1076 Platforms: Windows Bugs: A directory traversal B NULL pointer Exploitation: remote Date: 08 Mar 2008 Author...

acronis pxe server 2.0.0.1076 - Directory Traversal / Null Pointer

Luigi Auriemma Application: Acronis PXE Server http://www.acronis.com/enterprise/products/snapdeploy/ Versions: = 2.0.0.1076 Platforms: Windows Bugs: A directory traversal B NULL pointer Exploitation: remote Date: 08 Mar 2008 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1...

Oracle 10g R1 pitrig_truncate PLSQL Injection (get users hash)

No description provided by source. // / Oracle 10g R1 xDb.XDBPITRIGPKG.PITRIGTRUNCATE / / SQL Injection Exploit / // / sploit get password Hashes / // / BY Sh2kerr Digital Security / // / tested on oracle 10.1.0.2.0 / // // / Date of Public EXPLOIT: January 28, 2008 / / Written by: &nbsp...

2Wire Routers Cross-Site Request Forgery Vulnerability

Description Multiple 2Wire routers are prone to a cross-site request-forgery vulnerability. Exploiting this issue may allow a remote attacker to execute arbitrary actions on an affected device. Technologies Affected 2Wire 1701HG 3.17.5 2Wire 1701HG 3.7.1 2Wire 1701HG 5.29.51 2Wire 1800HW 3.17.5...

Cisco Security Advisory: Cisco Security Agent Management Center LDAP Administrator Authentication Bypass

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco Security Agent Management Center LDAP Administrator Authentication Bypass Advisory ID: cisco-sa-20061101-csamc http://www.cisco.com/warp/public/707/cisco-sa-20061101-csamc.shtml Revision 1.0 For Public Release 2006...

Oracle 9iAS SOAP Default Configuration Unauthenticated Application Deployment

Binary data 1593.prm...