[VulnWatch] iDEFENSE Security Advisory 06.23.05: Veritas Backup Exec Agent CONNECT_CLIENT_AUTH Buffer Overflow Vulnerability

Veritas Backup Exec Agent CONNECTCLIENTAUTH Buffer Overflow Vulnerability iDEFENSE Security Advisory 06.23.05 www.idefense.com/application/poi/display?id=272&type=vulnerabilities June 23, 2005 I. BACKGROUND VERITAS Backup Exec is an advanced backup and restore solution for Microsoft Windows serve...

[VulnWatch] Remote Unauthenticated Heap Overflow VERITAS Backup Exec Server for Windows

Mark Litchfield of NGSSoftware has discovered a high risk vulnerability in the Veritas Backup Exec Server for Windows which can allow remote code execution. Affected Products include - Backup Exec 10.0 for Windows Servers rev. 5484 Backup Exec 9.1 for Windows Servers rev. 4691 Backup Exec 9.0 for...

[VulnWatch] iDEFENSE Security Advisory 06.23.05: Veritas Backup Exec Agent Error Status Remote DoS Vulnerability

Veritas Backup Exec Agent Error Status Remote DoS Vulnerability iDEFENSE Security Advisory 06.23.05 www.idefense.com/application/poi/display?id=271&type=vulnerabilities June 23, 2005 I. BACKGROUND VERITAS Backup Exec is an advanced backup and restore solution for Microsoft Windows server...

[VulnWatch] Veritas Backup Exec Remote Agent NDMLSRVR.DLL DoS Vulnerability: Veritas Backup Exec Remote Agent NDMLSRVR.DLL DoS Vulnerability

Veritas Backup Exec Remote Agent NDMLSRVR.DLL DoS Vulnerability iDEFENSE Security Advisory 06.23.05 www.idefense.com/application/poi/display?id=270&type=vulnerabilities June 23, 2005 I. BACKGROUND VERITAS Backup Exec is an advanced backup and restore solution for Microsoft Windows server...

CVE-2005-0771

VERITAS Backup Exec Server beserver.exe 9.0 through 10.0 for Windows allows remote unauthenticated attackers to modify the registry by calling methods to the RPC interface on TCP port 6106...

VERITAS Backup Exec Agent for Windows CONNECT_CLIENT_AUTH Remote Overflow

The remote host is running a version of VERITAS Backup Exec Agent which is vulnerable to a remote buffer overflow. An attacker may exploit this flaw to execute arbitrary code on the remote host or to disable this service remotely. To exploit this flaw, an attacker would need to send a specially...

CVE-2005-1524

PHP file inclusion vulnerability in topgraphheader.php in Cacti 0.8.6d and possibly earlier versions allows remote attackers to execute arbitrary PHP code via the configlibrarypath parameter...

linux/x86 upload & exec 189 bytes

linux/x86 upload & exec 189 bytes. Shellcode exploit for linx86 platform UPLOAD & EXEC SHELLCODE 1 converting asm to hex 2 asm code 3 hex output 4 upload function This is an 'upload and exec' shellcode for the x86 platform. File has to be in executable format, cool if you know the distribution of...

linux/x86 upload & exec 189 bytes

Exploit for linux/x86 platform in category shellcode ================================= linux/x86 upload & exec 189 bytes ================================= UPLOAD & EXEC SHELLCODE 1 converting asm to hex 2 asm code 3 hex output 4 upload function This is an 'upload and exec' shellcode for the x86...

CVE-2005-0773

Stack-based buffer overflow in VERITAS Backup Exec Remote Agent 9.0 through 10.0 for Windows, and 9.0.4019 through 9.1.307 for Netware allows remote attackers to execute arbitrary code via a CONNECTCLIENTAUTH request with authentication method type 3 Windows credentials and a long password argume...

CVE-2004-1906

Mcafee FreeScan is affected by CVE-2004-1906. A long string in the ScanParam property of a COM object can trigger a buffer overflow, enabling remote attackers to cause a denial of service and potentially execute arbitrary code. The vulnerability impact is noted as Partial availability impact with...

CVE-2004-1491

CVE-2004-1491 affects Opera 7.54 and earlier. The vulnerability arises because Opera uses kfmclient exec to handle unknown MIME types, allowing a remote attacker to execute arbitrary code via a shortcut or launcher containing an Exec entry. Public documents confirm this as a real issue across mul...

RHEL 3 : cups (RHSA-2005:049)

Updated CUPS packages that fixes a security issue are now available. The Common UNIX Printing System provides a portable printing layer for UNIXR operating systems. A buffer overflow flaw was found in the Decrypt::makeFileKey2 function of Xpdf which also affects the CUPS pdftops filter due to a...

Important: Red Hat Security Advisory: less security update

An updated less package that fixes segmentation fault when viewing binary files is now available. The less utility is a text file browser that resembles more, but has extended capabilities. Victor Ashik discovered a heap based buffer overflow in less, caused by a patch added to the less package i...

Important: Red Hat Security Advisory: xpdf security update

Updated Xpdf package that fixes a stack based buffer overflow security issue is now available. Xpdf is an X Window System based viewer for Portable Document Format PDF files. A buffer overflow flaw was found when processing the /Encrypt /Length tag. An attacker could construct a carefully crafted...

RHEL 3 : xpdf (RHSA-2005:059)

Updated Xpdf package that fixes a stack based buffer overflow security issue is now available. Xpdf is an X Window System based viewer for Portable Document Format PDF files. A buffer overflow flaw was found when processing the /Encrypt /Length tag. An attacker could construct a carefully crafted...

Veritas Backup Exec Agent Browser 8.x < 8.60.3878 HF 68 / 9.0.x < 9.0.4454 HF 30 / 9.1.x < 9.1.4691 HF 40 RCE

The version of Veritas Backup Exec Agent Browser installed on the remote host is 8.x prior to 8.60.3878 hotfix 68, 9.0.x prior to 9.0.4454 hotfix 30, or 9.1.x prior to 9.1.4691 hotfix 40. It is, therefore, affected by a remote code execution vulnerability in the registration service benetns.exe d...

VERITAS Backup Exec Agent Browser Registration Request Remote Overflow

The remote host is running a version of VERITAS Backup Exec Agent Browser which is vulnerable to a remote buffer overflow. An attacker may exploit this flaw to execute arbitrary code on the remote host or to disable this service remotely. To exploit this flaw, an attacker would need to send a...

Veritas Backup Exec registration request buffer overflow

Overview Certain versions of Veritas Backup Exec 8.x and 9.x can be remotely exploited to allow execution of arbitrary code on affected servers. Description A buffer overflow exists in Veritas Backup Exec 8.x prior to 8.60.3878 Hotfix 68, and 9.x pritor to 9.1.4691 Hotfix 40. A stack-based buffer...

RHEL 3 : cups (RHSA-2005:013)

Updated CUPS packages that fix several security issues are now available. The Common UNIX Printing System provides a portable printing layer for UNIXR operating systems. A buffer overflow was found in the CUPS pdftops filter, which uses code from the Xpdf package. An attacker who has the ability ...