Raidsonic NAS Devices Unauthenticated Remote Command Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Raidsonic NAS Devices Unauthenticated...

Raidsonic NAS Devices Unauthenticated Remote Command Execution

Different Raidsonic NAS devices are vulnerable to OS command injection via the web interface. The vulnerability exists in timeHandler.cgi, which is accessible without authentication. This module has been tested with the versions IB-NAS5220 and IB-NAS4220. Since this module is adding a new user an...

Solaris 2.5/2.5.1/2.6/7.0 - 'sadmind' Remote Buffer Overflow (3)

// source: https://www.securityfocus.com/bid/866/info Certain versions of Solaris ship with a version of sadmind which is vulnerable to a remotely exploitable buffer overflow attack. sadmind is the daemon used by Solstice AdminSuite applications to perform distributed system administration...

Data General DGUX 5.4 - inetd Service Exhaustion Denial of Service

Data General DGUX 5.4 - inetd Service Exhaustion Denial of Service source: https://www.securityfocus.com/bid/1071/info A Denial of service DoS attack is possible with the default version of inetd distributed with Data General's DG/UX operating system. By performing a scan utilizing nmap's OS...