76 matches found
CVE-2015-8268
The up.time agent in Idera Uptime Infrastructure Monitor 7.5 and 7.6 on Linux allows remote attackers to read arbitrary files via unspecified vectors...
Idera Up.time client for Linux Arbitrary File Read Vulnerability
Idera Up.time client for Linux is a server performance monitoring software client for Linux-based platforms. An arbitrary file read vulnerability exists in Idera Up.time client for Linux, which can be exploited by remote attackers to submit a special request to read an arbitrary file...
Up.time agent for Linux does not authenticate a user before allowing read access to the file system
Overview The up.time agent for Linux versions 7.5 and 7.6 may allow an unauthenticated remote attacker to read arbitrary files from a system. Description CWE-306: Missing Authentication for Critical Function - CVE-2015-8268According to the researcher, "The linux based uptime.agent version 7.5...
CVE-2015-2896
The up.time client in Idera Uptime Infrastructure Monitor through 7.6 allows remote attackers to obtain potentially sensitive version, OS, process, and event-log information via a command...
CVE-2015-2894
Format string vulnerability in the up.time client in Idera Uptime Infrastructure Monitor 6.0 and 7.2 allows remote attackers to cause a denial of service application crash via format string specifiers...
Command injection
The up.time client in Idera Uptime Infrastructure Monitor through 7.6 allows remote attackers to obtain potentially sensitive version, OS, process, and event-log information via a command...
Format string
Format string vulnerability in the up.time client in Idera Uptime Infrastructure Monitor 6.0 and 7.2 allows remote attackers to cause a denial of service application crash via format string specifiers...
Buffer overflow
Buffer overflow in the up.time client in Idera Uptime Infrastructure Monitor 7.4 might allow remote attackers to execute arbitrary code via long command input...
CVE-2015-2895
CVE-2015-2895 concerns the Up.time client in Idera Uptime Infrastructure Monitor. The vulnerability is a buffer overflow in the up.time client (7.4) that could allow a remote attacker to trigger arbitrary code execution by sending input longer than a certain size. The CERT advisory notes remediat...
CVE-2015-2896
The up.time client in Idera Uptime Infrastructure Monitor through 7.6 allows remote attackers to obtain potentially sensitive version, OS, process, and event-log information via a command...
CVE-2015-2894
Format string vulnerability in the up.time client in Idera Uptime Infrastructure Monitor 6.0 and 7.2 allows remote attackers to cause a denial of service application crash via format string specifiers...
CVE-2015-2894
Affected software. Up.time Up.time client (Windows) used by Idera Uptime Infrastructure Monitor. The CVE-2015-2894 vulnerability pertains to versions 6.0 and 7.2. Root cause and impact. A format string vulnerability (CWE-134) allows an unauthenticated, remote attacker to cause the application to ...
CVE-2015-2896
The Up.time client for Windows (Idera Uptime Infrastructure Monitor) is affected by CVE-2015-2896. Up to version 7.6, an unauthenticated network attacker can send built-in commands to the Up.time port and obtain potentially sensitive information about the product version, underlying OS, running p...
Idera Up.time agent for Windows buffer overflow vulnerability
Idera Up.time client for Windows is a Windows-based infrastructure performance monitoring software client from Idera Corporation. A buffer overflow vulnerability exists in Idera Up.time client for Windows version 7.2. A remote attacker can exploit this vulnerability by sending commands with large...
Idera Up.time agent for Windows Information Disclosure Vulnerability
Idera Up.time client for Windows is a Windows-based infrastructure performance monitoring software client from Idera Corporation. An information disclosure vulnerability exists in Idera Up.time client for Windows 7.6 and earlier. A remote attacker can exploit this vulnerability by sending built-i...
Up.time agent for Windows contains multiple vulnerabilities
Overview The Up.time client for Windows is vulnerable to an format string attack as well as a buffer overflow, and may allow unauthenticated users to perform certain commands. Description CWE-134: Uncontrolled Format String - CVE-2015-2894For version 6.0 and 7.2, an unauthenticated attacker on th...
Idera Up.Time Monitoring Station 7.4 - 'post2file.php' Arbitrary File Upload (Metasploit)
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'nokogiri' class Metasploit4 'Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload', 'Description' = %q This module exploit...
Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload Exploit
This Metasploit module exploits an arbitrary file upload vulnerability found within the Up.Time monitoring server 7.2 and below. A malicious entity can upload a PHP file into the webroot without authentication, leading to arbitrary code execution. Although the vendor fixed Up.Time to prevent this...
Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload Version 2
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'nokogiri' class Metasploit4 'Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload', 'Description' = %q This module exploit...
Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload
This module exploits a vulnerability found in Uptime version 7.4.0 and 7.5.0. The vulnerability began as a classic arbitrary file upload vulnerability in post2file.php, which can be exploited by exploits/multi/http/uptimefileupload1.rb, but it was mitigated by the vendor. Although the mitigation ...