142 matches found
CVE-2011-3337
eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 for eEye Retina Network Security Scanner on HP-UX, IRIX, and Solaris allows local users to gain privileges via a Trojan horse gauntlet program in an arbitrary directory under /usr/local/...
Code injection
eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 for eEye Retina Network Security Scanner on HP-UX, IRIX, and Solaris allows local users to gain privileges via a Trojan horse gauntlet program in an arbitrary directory under /usr/local/...
CVE-2011-3337
eEye Audit ID 2499 in eEye Digital Security Audits 2406 through 2423 for eEye Retina Network Security Scanner on HP-UX, IRIX, and Solaris allows local users to gain privileges via a Trojan horse gauntlet program in an arbitrary directory under /usr/local/...
CVE-2011-3337
CVE-2011-3337 affects eEye Retina Network Security Scanner (HP-UX, IRIX, Solaris). An audit script (Audit ID 2499) can execute arbitrary code via a Trojan gauntlet placed under /usr/local, enabling local privilege escalation to the same privileges as the Retina scanner. The issue stems from the a...
eEye Retina Audit ID 2499权限提升漏洞
CVE ID: CVE-2011-3337 eEye Retina Network Security Scanner可针对目标系统执行多种审查,进行安全漏洞评估测试。 eEye Retina在实现上存在安全漏洞,可被恶意本地用户利用获取提升的权限。 此漏洞源于Audit ID 2499 "Gauntlet Firewall For UNIX Buffer Overflow"在"/usr/local"文件夹中执行特定文件,可通过在 "/usr/local"文件夹中放置恶意文件执行任意代码。 eEye Retina Network Security Scanner 5.x 厂商补丁: eEy...
eEye Retina audit script could execute untrusted programs as root
Overview eEye Retina audit scripts have the capability to run remote shell scripts in order to determine vulnerable applications. One audit script in particular audit ID 2499 uses find1 and execute -exec when assessing a vulnerability within Gauntlet Firewall. An attacker who can write an...
Microsoft Windows - ASN.1 Library Bitstring Heap Overflow (MS04-007) (Metasploit)
$Id: ms04007killbill.rb 9929 2010-07-25 21:37:54Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framewor...
Q&A: Marc Maiffret of eEye
Marc Maiffret, a security researcher known for his controversial opinions on software security and his efforts to get Microsoft specifically to improve the security of its products, is returning to eEye Digital Security, the vulnerability management company he helped found more than a decade ago...
Microsoft LSASS Service - DsRolerUpgradeDownlevelServer Overflow (MS04-011) (Metasploit)
$Id: ms04011lsass.rb 9669 2010-07-03 03:13:45Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...
Buffer overflow
Buffer overflow in eEye Retina WiFi Scanner 1.0.8.68, as used in Retina Network Security Scanner 5.10.14, allows user-assisted remote attackers to cause a denial of service application crash or execute arbitrary code via a .rws file with a long RWS010 entry...
CVE-2009-3859
Buffer overflow in eEye Retina WiFi Scanner 1.0.8.68, as used in Retina Network Security Scanner 5.10.14, allows user-assisted remote attackers to cause a denial of service application crash or execute arbitrary code via a .rws file with a long RWS010 entry...
CVE-2009-3859
Buffer overflow in eEye Retina WiFi Scanner 1.0.8.68, as used in Retina Network Security Scanner 5.10.14, allows user-assisted remote attackers to cause a denial of service application crash or execute arbitrary code via a .rws file with a long RWS010 entry...
CVE-2009-3859
CVE-2009-3859 is a buffer overflow in eEye Retina WiFi Scanner 1.0.8.68 (used in Retina Network Security Scanner 5.10.14) triggered by processing a specially crafted .rws file with a long RWS010 entry. The issue can cause a denial of service (application crash) and, per sources, may allow arbitra...
KLA10417 ACE vulnerability in eEye Retina Network Security
A buffer overflow was found in eEye Retina Network Security. By exploiting this vulnerability malicious users can cause denial of service or execute arbitrary code. This vulnerability can be exploited remotely via a specially designed RWS file. Original advisories - Exploitation Public exploits...
eEye Retina Wireless Scanner (Standalone) Detection
Retina Wireless Scanner is installed on the remote host. This program is currently installed as a standalone application. Please note it is no longer distributed in this manner, and is now included with Retina Network Security Scanner. C Tenable Network Security, Inc. include"compat.inc"; if...
eEye Retina Wireless Scanner .rws Handling Buffer Overflow
The version of Retina Wireless Scanner installed on the remote host has a local buffer overflow vulnerability. A remote attacker could exploit this issue by tricking a user into opening a malformed .rws file. This could cause the program to crash or possibly result in the execution of arbitrary...
eEye Retina Network Security Scanner Detection
Retina Network Security Scanner is installed on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid39807; scriptversion"1.13"; scriptsetattributeattribute:"pluginmodificationdate", value:"2023/02/06"; scriptnameenglish:"eEye Retina Network Security Scann...
eEye Retina WiFi Scanner '.rws'文件缓冲区溢出漏洞
Bugraq ID: 35624 eEye Retina WiFi Scanner是一款eEye公司开发的无线检测工具。 eEye Retina WiFi Scanner不正确解析'.rws'文件,远程攻击者可以利用漏洞以应用程序权限执行任意指令。 构建包含超长"RWS010"条目的".rws"文件,诱使用户打开,可导致在.data段触发缓冲区溢出,可能导致以应用程序权限执行任意指令。 eEye Digital Security Retina WiFi Scanner 1.0.8 68 目前没有解决方案提供: http://www.eeye.com/ !/usr/bin/python...
eEye Retina WiFi Security Scanner 1.0 (.rws Parsing) Buffer Overflow PoC
Exploit for unknown platform in category dos / poc ======================================================================== eEye Retina WiFi Security Scanner 1.0 .rws Parsing Buffer Overflow PoC ======================================================================== !/usr/bin/python Title: Retin...
eEye Retina WiFi Security Scanner 1.0 (.rws Parsing) Buffer Overflow PoC
Summary Retina WiFi Scanner is a tool to be used to detect IEEE 802.11 WiFi based devices. Note: The tool is implemented as part of the eEye's Retina Network Security Scanner package. Description A vulnerability has been identified in eEye Retina WiFi Scanner, which could be exploited by attacker...