CVE-2007-6016

CVE-2007-6016 affects the PVATLCalendar.PVCalendar.1 ActiveX control (pvcalendar.ocx) in the Symantec Backup Exec for Windows Server BEWS, specifically the Media Server’s scheduler component. The vulnerability arises from stack-based buffer overflows when long values are written to the properties...

CVE-2007-6017

The PVATLCalendar.PVCalendar.1 ActiveX control in pvcalendar.ocx in the scheduler component in the Media Server in Symantec Backup Exec for Windows Server BEWS 11d 11.0.6235 and 11.0.7170, and 12.0 12.0.1364, exposes the unsafe Save method, which allows remote attackers to cause a denial of servi...

CVE-2007-6017

The PVATLCalendar.PVCalendar.1 ActiveX control (pvcalendar.ocx) in the Media Server component of Symantec Backup Exec for Windows Server (BEWS) 11d/12.0 exposes an unsafe Save method. The vulnerability allows a remote attacker to cause a denial of service (browser crash) or to create/overwrite ar...

Symantec Backup Exec系统还原管理器FileUpload类非授权文件上传漏洞

BUGTRAQ ID: 27487 CVECAN ID: CVE-2008-0457 Symantec Backup Exec是一款全面的数据备份解决方案。 Symantec Backup Exec系统还原管理器的运行在Symantec LiveState Apache Tomcat服务器（TCP 8080端口）上的FileUpload类存在安全漏洞。如果远程攻击者向该服务器提交了恶意的HTTP POST请求的话，就可以向公开可访问的web目录上传JSP脚本，导致执行任意代码。 Symantec Backup Exec System Recovery Manager 7.0.1...

Backup Exec System Recovery Manager <= 7.0.1 File Upload Exploit

No description provided by source. ?xml version="1.0"? html xmlns="http://www.w3.org/1999/xhtml" headtitleFile Upload POC/title/head body h2 Backup Exec System Recovery Manager 7.0brFile Upload POC/h2 form action="https://TARGET:8443/axis/FileUpload" method="post" enctype="multipart/form-data"...

Symantec Backup Exec System Recovery Manager FileUpload Class Unauthorized File Upload

The remote host appears to be running Symantec Backup Exec System Recovery Manager, a backup manager solution. The version of Recovery Manager on the remote host includes the Tomcat Servlet 'FileUpload' that fails to validate the user input. An unauthenticated attacker may be able to exploit this...

backupexec-upload.txt

File Upload POC Backup Exec System Recovery Manager 7.0File Upload POC :8443/axis/FileUpload" method="post" enctype="multipart/form-data" Remote Path: File to upload: cBastardLabs 2008...

ZDI-08-003: Symantec Backup Exec Remote File Upload Vulnerability

ZDI-08-003: Symantec Backup Exec Remote File Upload Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-08-003.html February 6, 2008 -- CVE ID: CVE-2008-0457 -- Affected Vendor: Symantec -- Affected Products: Backup Exec System Recovery Manager 7.0 Backup Exec System Recovery Manager...

Symantec Backup Exec System Recovery Manager unauthorized access

It's possible to upload files with TCP/8080 Web server...

dBpowerAMP Audio Player Release 2 M3U File Buffer Overflow Exploit

No description provided by source. dBpowerAMP Audio Player Release 2 Remote Buffer Overflow Exploit $nop= "x90" x 65; win32exec - CMD=cmd /k net user /add secur frog Size=188 http://metasploit.comhttp://metasploit.com 253 my $shellcode = "x29xc9x83xe9xd7xd9xeexd9x74x24xf4x5bx81x73x13x6c"...

Backup Exec System Recovery Manager <= 7.0.1 File Upload Exploit

Exploit for unknown platform in category remote exploits ================================================================ Backup Exec System Recovery Manager File Upload POC Backup Exec System Recovery Manager 7.0File Upload POC :8443/axis/FileUpload" method="post" enctype="multipart/form-data"...

Backup Exec System Recovery Manager 7.0.1 - Arbitrary File Upload

Backup Exec System Recovery Manager 7.0.1 - Arbitrary File Upload File Upload POC Backup Exec System Recovery Manager 7.0File Upload POC :8443/axis/FileUpload" method="post" enctype="multipart/form-data" Remote Path: File to upload: cBastardLabs 2008. milw0rm.com 2008-02-07...

Backup Exec System Recovery Manager 7.0.1 - Arbitrary File Upload

File Upload POC Backup Exec System Recovery Manager 7.0File Upload POC :8443/axis/FileUpload" method="post" enctype="multipart/form-data" Remote Path: File to upload: cBastardLabs 2008. milw0rm.com 2008-02-07...

Symantec Backup Exec Remote File Upload Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Backup Exec System Recovery Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists in the FileUpload class running on the Symantec LiveState Apache...

win32 Download &amp; Exec Shellcode 226 bytes+

No description provided by source. / \ WINSHELLCODE / :: win32 download & exec shellcode :: \ :: by Darkeagle of Unl0ck Research Team http://exploiterz.org :: / :: to avoid 0x00 use ^^xor^^ : ::...

linux/ppc read &amp; exec shellcode 32 bytes

No description provided by source. / readnexecppc-core.c by Charles Stevenson [email protected] / char hellcode = / read0,stack,1028; stack; linux/ppc by core / "\x7c\x63\x1a\x79" / xor. r3,r3,r3 / "\x38\xa0\x04\x04" / li r5,1028 / "\x30\x05\xfb\xff" / addic r0,r5,-1025 / "\x7c\x24\x0b\x78" / mr...

win xp/2000/2003 Download File and Exec 241 bytes

No description provided by source. / ----------------------------------------------------------------------- downloadurlv31.c - Download file and exec shellcode for Overflow exploit Copyright C 2000-2004 HUC All Rights Reserved. Author : lion : lioncnhonker.net...

Windows平台下的Symantec Backup Exec存在未明远程漏洞

BUGTRAQ ID: 26837 CNCAN ID:CNCAN-2007121405 Symantec Backup Exec是一款集中式管理功能的网络数据保护解决方案。 Window平台下的Symantec Backup Exec存在未明安全问题，远程攻击者可以利用漏洞以应用程序进程权限执行任意指令。 目前没有详细漏洞细节提供。 Symantec Backup Exec for Windows Servers 11d 目前没有详细解决方案提供： http://www.symantec.com/backupexec/index.jsp...

Symantec Backup Exec Job引擎多个整数溢出漏洞

BUGTRAQ ID: 26029 CVECAN ID: CVE-2007-4347 Symantec Backup Exec是一款全面的数据备份解决方案。 Backup Exec的Job引擎服务中存在两个整数溢出漏洞，远程攻击者可能利用此漏洞导致拒绝服务。 如果远程攻击者向该服务的默认5633/TCP端口发送了畸形报文的话，就可能导致服务陷入死循环，耗尽所有可用内存或消耗大量CPU资源。 Symantec Backup Exec for Windows Servers 11d Symantec -------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Symantec Backup Exec Job引擎空指针引用拒绝服务漏洞

BUGTRAQ ID: 26028 CVECAN ID: CVE-2007-4346 Symantec Backup Exec是一款全面的数据备份解决方案。 Backup Exec的Job引擎服务（bengine.exe）中存在空指针引用漏洞，远程攻击者可能利用此漏洞导致服务不可用。 如果远程攻击者向该服务的默认5633/TCP端口发送了畸形报文并触发了异常的话，就可能触发这个漏洞，导致监听的服务崩溃。 Symantec Backup Exec for Windows Servers 11d 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...