Design/Logic Flaw

Untrusted search path vulnerability in Symantec System Recovery 2011 before SP2 and Backup Exec System Recovery 2010 before SP5 allows local users to gain privileges via a Trojan horse DLL in the current working directory...

CVE-2012-0305

The CVE-2012-0305 entry describes an untrusted search path (DLL load) vulnerability in Symantec System Recovery 2011 prior to SP2 and Backup Exec System Recovery 2010 prior to SP5 that allows local privilege escalation via a Trojan horse DLL located in the current working directory. Related Nessu...

CVE-2012-0305

Untrusted search path vulnerability in Symantec System Recovery 2011 before SP2 and Backup Exec System Recovery 2010 before SP5 allows local users to gain privileges via a Trojan horse DLL in the current working directory...

Design/Logic Flaw

The robust futex implementation in the Linux kernel before 2.6.28 does not properly handle processes that make exec system calls, which allows local users to cause a denial of service or possibly gain privileges by writing to a memory location in a child process...

Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection

Exploit for php platform in category web applications This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/...

Symantec Web Gateway 5.0.2.8 ipchange.php Command Injection

This module exploits a command injection vulnerability found in Symantec Web Gateway's HTTP service due to the insecure usage of the exec function. This module abuses the spywall/ipchange.php file to execute arbitrary OS commands without authentication. This module requires Metasploit:...

Symantec Web Gateway Shell Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Symantec Web Gateway. Authentication is not required to exploit this vulnerability. The specific flaw exists due to insufficiently filtered user-supplied data used in a call to exec in multiple...

McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 - ActiveX 'GetObject()' Code Execution

McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 ActiveX Control GetObject Security Bypass Remote Code Execution Vulnerability tested against: Microsoft Windows Vista sp2 Microsoft Windows 2003 r2 sp2 Internet Explorer 7/8/9 product homepage:...

Linux kernel 2.6.x 'exec()'本地拒绝服务漏洞

Bugtraq ID: 51947 CVE ID：CVE-2012-0028 Linux是一款开源的操作系统 Linux Kernel 'exec'存在一个安全漏洞，允许本地非特权用户利用此缺陷进行拒绝服务攻击 0 Linux kernel 2.6.x 厂商解决方案 OpenVZ Project OpenVZ 028stab098.1已经修复此漏洞，建议用户下载使用： http://wiki.openvz.org/Download/kernel/rhel5/028stab098.1...

AlegroCart FredCK-Editor (ASPELL for WinSRV) Remote Command Exec

Exploit for php platform in category web applications 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1 1 /' \ /'\ /\ \ /'\ 0 0 /, \ /\/\ \ \ \ \ ,/\ /\ \ 1 1 //\ \ /' \ /\ //\ Exploit database separated by exploit 0 0 // type local, remote, DoS, etc. 1 1 1 0 +...

kernel: futex: clear robust_list on execve

The robust futex implementation in the Linux kernel before 2.6.28 does not properly handle processes that make exec system calls, which allows local users to cause a denial of service or possibly gain privileges by writing to a memory location in a child process...

Analyzing ASLR in Android Ice Cream Sandwich 4.0

When I first saw the release notes for the new Android Ice Cream Sandwich ICS platform, I was excited to see that Google mentioned that “Android 4.0 now provides address space layout randomization”. For the uninitiated, ASLR randomizes where various areas of memory eg. stack, heap, libs, etc are...

ndmp-version NSE Script

Retrieves version information from the remote Network Data Management Protocol ndmp service. NDMP is a protocol intended to transport data between a NAS device and the backup device, removing the need for the data to pass through the backup server. The following products are known to support the...

ndmp-fs-info NSE Script

Lists remote file systems by querying the remote device using the Network Data Management Protocol ndmp. NDMP is a protocol intended to transport data between a NAS device and the backup device, removing the need for the data to pass through the backup server. The following products are known to...

PT-2012-2251 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 2.6.28 Description: The issue is related to the robust futex implementation in the Linux kernel, which does not properly handle processes that make exec system calls. This can be exploited by local users to caus...

RHEL 4 / 5 / 6 : php (RHSA-2012:0093)

The remote Redhat Enterprise Linux 4 / 5 / 6 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2012:0093 advisory. - php: remote code exec flaw introduced in the CVE-2011-4885 hashdos fix CVE-2012-0830 Note that Nessus has not tested for this issue but has...

Cisco IOS Command EXEC Unspecified Vulnerability

An unspecified vulnerability in Command EXEC allows local users to bypass command restrictions and obtain sensitive information via an unspecified 'variation of an IOS command'. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid17775; scriptversion"1.5";...

FTP Attack - Successful SITE EXEC Command

Binary data 6217.prm...

CVE-2012-0028

The robust futex implementation in the Linux kernel before 2.6.28 does not properly handle processes that make exec system calls, which allows local users to cause a denial of service or possibly gain privileges by writing to a memory location in a child process...

Microsoft Office Excel Remote Code Execution Vulnerability (2640241)

This host is missing an important security update according to Microsoft Bulletin MS11-096. OpenVAS Vulnerability Test $Id: secpodms11-096.nasl 6538 2017-07-05 11:38:27Z cfischer $ Microsoft Office Excel Remote Code Execution Vulnerability 2640241 Authors: Antu Sanadi Copyright: Copyright c 2011...