Symantec Backup Exec for Windows Server ActiveX Control Multiple Buffer Overflow Vulnerabilities

Overview The PVATLCalendar.PVCalendar.1 pvcalendar.ocx ActiveX control, a scheduler component of the Media Server in Symantec Backup Exec for Windows Server BEWS, includes the insecure Save method that mishandles long strings assigned to various properties listed below, which can be exploited to...

Symantec Backup Exec for Windows Server ActiveX Control Multiple Vulnerabilities

Overview The PVATLCalendar.PVCalendar.1 pvcalendar.ocx ActiveX control, a scheduler component of the Media Server in Symantec Backup Exec for Windows Server BEWS, includes the insecure Save method that mishandles strings assigned to certain properties listed below, which can be exploited to cause...

Fedora 7 : zoneminder-1.22.3-8.fc7 (2008-3516)

Bug 444434 - CVE-2008-1381 zoneminder: command injection via unescaped php exec calls Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

phpTournois G4 - Arbitrary File Upload Code Execution

phpTournois G4 - Arbitrary File Upload Code Execution Date: 04-06-08 - Remote Code Execution - Remote File Upload When testing if we are admin, phpTournois checks if $grade'a'=='a'. But when we are not loggued in, this var is not defined. So, using registerglobals, we can define it and let the CM...

Symantec Backup Exec Server Scheduler ActiveX Control Buffer Overflow (CVE-2007-6016)

Symantec Backup Exec is a data backup and recovery system for Windows. A buffer overflow vulnerability has been reported in the Symantec Backup Exec for Windows Servers. The vulnerability is due to a boundary error in the Symantec Backup Exec ActiveX control of the Scheduler component. To trigger...

Apache Tomcat Connector jk2-2.0.2 (mod_jk2) Remote Overflow Exploit

No description provided by source. / Fedora Core 6,7,8 exec-shield based Apache Tomcat Connector jk2-2.0.2modjk2 remote overflow exploit by INetCop Security Advanced exploitation in exec-shield Fedora Core case study URL: http://www.milw0rm.com/papers/151 IOActive Security Advisory:...

Apache Tomcat Connector jk2-2.0.2 (mod_jk2) Remote Overflow Exploit

Exploit for linux platform in category remote exploits =================================================================== Apache Tomcat Connector jk2-2.0.2 modjk2 Remote Overflow Exploit =================================================================== / Fedora Core 6,7,8 exec-shield based...

Apache Tomcat Connector jk2-2.0.2 mod_jk2 - Remote Overflow

/ Fedora Core 6,7,8 exec-shield based Apache Tomcat Connector jk2-2.0.2modjk2 remote overflow exploit by INetCop Security Advanced exploitation in exec-shield Fedora Core case study URL: http://www.milw0rm.com/papers/151 IOActive Security Advisory: http://www.securityfocus.com/archive/1/487983...

Apache Tomcat Connector jk2-2.0.2 mod_jk2 - Remote Overflow

Apache Tomcat Connector jk2-2.0.2 modjk2 - Remote Overflow / Fedora Core 6,7,8 exec-shield based Apache Tomcat Connector jk2-2.0.2modjk2 remote overflow exploit by INetCop Security Advanced exploitation in exec-shield Fedora Core case study URL: http://www.milw0rm.com/papers/151 IOActive Security...

Symantec Backup Exec for Windows Servers scheduler ActiveX buffer overflow

Added: 03/21/2008 CVE: CVE-2007-6016 BID: 26904 OSVDB: 42358 Background Symantec Backup Exec for Windows Servers is a backup and recovery solution for Windows servers. Problem An ActiveX buffer overflow vulnerability in pvcalendar.ocx in the scheduler component of Symantec Backup Exec for Windows...

Symantec Backup Exec for Windows Servers scheduler ActiveX buffer overflow

Added: 03/21/2008 CVE: CVE-2007-6016 BID: 26904 OSVDB: 42358 Background Symantec Backup Exec for Windows Servers is a backup and recovery solution for Windows servers. Problem An ActiveX buffer overflow vulnerability in pvcalendar.ocx in the scheduler component of Symantec Backup Exec for Windows...

Symantec Backup Exec for Windows Servers scheduler ActiveX buffer overflow

Added: 03/21/2008 CVE: CVE-2007-6016 BID: 26904 OSVDB: 42358 Background Symantec Backup Exec for Windows Servers is a backup and recovery solution for Windows servers. Problem An ActiveX buffer overflow vulnerability in pvcalendar.ocx in the scheduler component of Symantec Backup Exec for Windows...

Symantec Backup Exec for Windows Servers scheduler ActiveX buffer overflow

Added: 03/21/2008 CVE: CVE-2007-6016 BID: 26904 OSVDB: 42358 Background Symantec Backup Exec for Windows Servers is a backup and recovery solution for Windows servers. Problem An ActiveX buffer overflow vulnerability in pvcalendar.ocx in the scheduler component of Symantec Backup Exec for Windows...

Symantec Backup Exec Calendar ActiveX Control Multiple Vulnerabilities (SYM08-007)

The remote host contains the PVATLCalendar.PVCalendar.1 ActiveX control distributed with Symantec Backup Exec for Windows Servers. The installed version of that control reportedly contains two stack-based buffer overflows and allows for corrupting or saving malicious script code, and overwriting...

ghostscript-poc.txt

/ A proof of concept exploit for ghostscript 8.61 and earlier. Vulnerability discovered by Chris Evans Author: [email protected] Will Drewry Affects: All versions of ghostscript that support .seticcspace. Tested on: Ubuntu gs-esp-8.15.2.dfsg.0ubuntu1-0ubuntu1 x86 Ghostscript 8.61 2007-11-21 x86...

Symantec Backup Exec调度程序ActiveX栈溢出及文件覆盖漏洞

BUGTRAQ ID: 28008,26904 CVECAN ID: CVE-2007-6016,CVE-2007-6017 Symantec Backup Exec是一款全面的数据备份解决方案。 Symantec Backup Exec for Windows Server（BEWS）的调度程序组件所安装的ActiveX控件中存在多个栈溢出和不安全函数调用漏洞，远程攻击者可能利用此漏洞控制用户系统。...

Authentication flaw

The PVATLCalendar.PVCalendar.1 ActiveX control in pvcalendar.ocx in the scheduler component in the Media Server in Symantec Backup Exec for Windows Server BEWS 11d 11.0.6235 and 11.0.7170, and 12.0 12.0.1364, exposes the unsafe Save method, which allows remote attackers to cause a denial of servi...

CVE-2007-6017

The PVATLCalendar.PVCalendar.1 ActiveX control in pvcalendar.ocx in the scheduler component in the Media Server in Symantec Backup Exec for Windows Server BEWS 11d 11.0.6235 and 11.0.7170, and 12.0 12.0.1364, exposes the unsafe Save method, which allows remote attackers to cause a denial of servi...

CVE-2007-6016

Multiple stack-based buffer overflows in the PVATLCalendar.PVCalendar.1 ActiveX control in pvcalendar.ocx in the scheduler component in the Media Server in Symantec Backup Exec for Windows Server BEWS 11d 11.0.6235 and 11.0.7170, and 12.0 12.0.1364, allow remote attackers to execute arbitrary cod...

Stack overflow

Multiple stack-based buffer overflows in the PVATLCalendar.PVCalendar.1 ActiveX control in pvcalendar.ocx in the scheduler component in the Media Server in Symantec Backup Exec for Windows Server BEWS 11d 11.0.6235 and 11.0.7170, and 12.0 12.0.1364, allow remote attackers to execute arbitrary cod...