Lucene search
K

76 matches found

Cvelist
Cvelist
added 2016/06/10 1:0 a.m.19 views

CVE-2015-8268

The up.time agent in Idera Uptime Infrastructure Monitor 7.5 and 7.6 on Linux allows remote attackers to read arbitrary files via unspecified vectors...

7.5AI score0.02976EPSS
Exploits0References3
CNVD
CNVD
added 2016/05/21 12:0 a.m.4 views

Idera Up.time client for Linux Arbitrary File Read Vulnerability

Idera Up.time client for Linux is a server performance monitoring software client for Linux-based platforms. An arbitrary file read vulnerability exists in Idera Up.time client for Linux, which can be exploited by remote attackers to submit a special request to read an arbitrary file...

7.5CVSS7AI score0.02976EPSS
Exploits0References1
CERT
CERT
added 2016/05/19 12:0 a.m.28 views

Up.time agent for Linux does not authenticate a user before allowing read access to the file system

Overview The up.time agent for Linux versions 7.5 and 7.6 may allow an unauthenticated remote attacker to read arbitrary files from a system. Description CWE-306: Missing Authentication for Critical Function - CVE-2015-8268According to the researcher, "The linux based uptime.agent version 7.5...

7.5CVSS8.1AI score0.02976EPSS
Exploits0References2
NVD
NVD
added 2015/12/31 5:59 a.m.20 views

CVE-2015-2896

The up.time client in Idera Uptime Infrastructure Monitor through 7.6 allows remote attackers to obtain potentially sensitive version, OS, process, and event-log information via a command...

5.3CVSS5.1AI score0.01184EPSS
Exploits0References1
NVD
NVD
added 2015/12/31 5:59 a.m.16 views

CVE-2015-2894

Format string vulnerability in the up.time client in Idera Uptime Infrastructure Monitor 6.0 and 7.2 allows remote attackers to cause a denial of service application crash via format string specifiers...

5.3CVSS5.3AI score0.01421EPSS
Exploits0References1
Prion
Prion
added 2015/12/31 5:59 a.m.17 views

Command injection

The up.time client in Idera Uptime Infrastructure Monitor through 7.6 allows remote attackers to obtain potentially sensitive version, OS, process, and event-log information via a command...

5CVSS6.7AI score0.01184EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2015/12/31 5:59 a.m.16 views

Format string

Format string vulnerability in the up.time client in Idera Uptime Infrastructure Monitor 6.0 and 7.2 allows remote attackers to cause a denial of service application crash via format string specifiers...

5CVSS7.1AI score0.01421EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2015/12/31 5:59 a.m.17 views

Buffer overflow

Buffer overflow in the up.time client in Idera Uptime Infrastructure Monitor 7.4 might allow remote attackers to execute arbitrary code via long command input...

7.5CVSS8.7AI score0.01902EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2015/12/31 2:0 a.m.54 views

CVE-2015-2895

CVE-2015-2895 concerns the Up.time client in Idera Uptime Infrastructure Monitor. The vulnerability is a buffer overflow in the up.time client (7.4) that could allow a remote attacker to trigger arbitrary code execution by sending input longer than a certain size. The CERT advisory notes remediat...

7.5CVSS7.7AI score0.01902EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2015/12/31 2:0 a.m.26 views

CVE-2015-2896

The up.time client in Idera Uptime Infrastructure Monitor through 7.6 allows remote attackers to obtain potentially sensitive version, OS, process, and event-log information via a command...

5.4AI score0.01184EPSS
Exploits0References1
Cvelist
Cvelist
added 2015/12/31 2:0 a.m.24 views

CVE-2015-2894

Format string vulnerability in the up.time client in Idera Uptime Infrastructure Monitor 6.0 and 7.2 allows remote attackers to cause a denial of service application crash via format string specifiers...

5.6AI score0.01421EPSS
Exploits0References1
CVE
CVE
added 2015/12/31 2:0 a.m.53 views

CVE-2015-2894

Affected software. Up.time Up.time client (Windows) used by Idera Uptime Infrastructure Monitor. The CVE-2015-2894 vulnerability pertains to versions 6.0 and 7.2. Root cause and impact. A format string vulnerability (CWE-134) allows an unauthenticated, remote attacker to cause the application to ...

5.3CVSS5.8AI score0.01421EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2015/12/31 2:0 a.m.57 views

CVE-2015-2896

The Up.time client for Windows (Idera Uptime Infrastructure Monitor) is affected by CVE-2015-2896. Up to version 7.6, an unauthenticated network attacker can send built-in commands to the Up.time port and obtain potentially sensitive information about the product version, underlying OS, running p...

5.3CVSS5.6AI score0.01184EPSS
Exploits0References1Affected Software1
CNVD
CNVD
added 2015/12/24 12:0 a.m.4 views

Idera Up.time agent for Windows buffer overflow vulnerability

Idera Up.time client for Windows is a Windows-based infrastructure performance monitoring software client from Idera Corporation. A buffer overflow vulnerability exists in Idera Up.time client for Windows version 7.2. A remote attacker can exploit this vulnerability by sending commands with large...

7.5CVSS7.9AI score0.01902EPSS
Exploits0References1
CNVD
CNVD
added 2015/12/24 12:0 a.m.5 views

Idera Up.time agent for Windows Information Disclosure Vulnerability

Idera Up.time client for Windows is a Windows-based infrastructure performance monitoring software client from Idera Corporation. An information disclosure vulnerability exists in Idera Up.time client for Windows 7.6 and earlier. A remote attacker can exploit this vulnerability by sending built-i...

5.3CVSS6.5AI score0.01184EPSS
Exploits0References1
CERT
CERT
added 2015/12/08 12:0 a.m.30 views

Up.time agent for Windows contains multiple vulnerabilities

Overview The Up.time client for Windows is vulnerable to an format string attack as well as a buffer overflow, and may allow unauthenticated users to perform certain commands. Description CWE-134: Uncontrolled Format String - CVE-2015-2894For version 6.0 and 7.2, an unauthenticated attacker on th...

7.5CVSS6.8AI score0.01902EPSS
Exploits0References2
Exploit DB
Exploit DB
added 2015/11/16 12:0 a.m.28 views

Idera Up.Time Monitoring Station 7.4 - 'post2file.php' Arbitrary File Upload (Metasploit)

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'nokogiri' class Metasploit4 'Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload', 'Description' = %q This module exploit...

7.4AI score
Exploits0
0day.today
0day.today
added 2015/11/14 12:0 a.m.32 views

Idera Up.Time Monitoring Station 7.0 post2file.php Arbitrary File Upload Exploit

This Metasploit module exploits an arbitrary file upload vulnerability found within the Up.Time monitoring server 7.2 and below. A malicious entity can upload a PHP file into the webroot without authentication, leading to arbitrary code execution. Although the vendor fixed Up.Time to prevent this...

7.8AI score
Exploits0
Packet Storm
Packet Storm
added 2015/11/13 12:0 a.m.36 views

Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload Version 2

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'nokogiri' class Metasploit4 'Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload', 'Description' = %q This module exploit...

0.3AI score
Exploits0
Metasploit
Metasploit
added 2015/10/27 10:31 p.m.28 views

Idera Up.Time Monitoring Station 7.4 post2file.php Arbitrary File Upload

This module exploits a vulnerability found in Uptime version 7.4.0 and 7.5.0. The vulnerability began as a classic arbitrary file upload vulnerability in post2file.php, which can be exploited by exploits/multi/http/uptimefileupload1.rb, but it was mitigated by the vendor. Although the mitigation ...

0.8AI score
Exploits0
Rows per page
Query Builder