CVE-2017-10932

All versions prior to V12.17.20 of the ZTE Microwave NR8000 series products - NR8120, NR8120A, NR8120, NR8150, NR8250, NR8000 TR and NR8950 are the applications of C/S architecture using the Java RMI service in which the servers use the Apache Commons Collections ACC library that may result in Ja...

OpenJDK: incorrect handling of references in DGC (RMI, 8163958)

It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle references. A remote attacker could possibly use this flaw to execute arbitrary code with the privileges of RMI registry or a Java RMI application...

ManageEngine Applications Manager < 13200 Multiple Vulnerabilities

ManageEngine Applications Manager is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Remote code execution

EMC Network Configuration Manager NCM 9.3.x, EMC Network Configuration Manager NCM 9.4.0.x, EMC Network Configuration Manager NCM 9.4.1.x, EMC Network Configuration Manager NCM 9.4.2.x contains a Java RMI Remote Code Execution vulnerability that could potentially be exploited by malicious users t...

CVE-2017-2767

EMC Network Configuration Manager NCM 9.3.x, EMC Network Configuration Manager NCM 9.4.0.x, EMC Network Configuration Manager NCM 9.4.1.x, EMC Network Configuration Manager NCM 9.4.2.x contains a Java RMI Remote Code Execution vulnerability that could potentially be exploited by malicious users t...

CVE-2017-2767

EMC Network Configuration Manager NCM 9.3.x, EMC Network Configuration Manager NCM 9.4.0.x, EMC Network Configuration Manager NCM 9.4.1.x, EMC Network Configuration Manager NCM 9.4.2.x contains a Java RMI Remote Code Execution vulnerability that could potentially be exploited by malicious users t...

CVE-2017-2767

EMC Network Configuration Manager (NCM) versions 9.3.x, 9.4.0.x, 9.4.1.x, and 9.4.2.x are associated with a Java RMI remote code execution vulnerability. The connected CNVD/NVD records describe a remote code execution flaw that could allow a malicious attacker to take control of an affected syste...

CVE-2017-3241

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE subcomponent: RMI. Supported versions that are affected are Java SE: 6u131, 7u121 and 8u112; Java SE Embedded: 8u111; JRockit: R28.3.12. Difficult to exploit vulnerability allows unauthenticated attacker with...

Java RMI Server Insecure Default Configuration RCE Vulnerability - Active Check

Multiple Java products that implement the RMI Server contain a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code remote code execution/RCE on a targeted system with elevated privileges. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions mig...

New Relic: Java RMI (Remote Code Execution)

hello Guys while i was testing your site i found an interesting domain of newrelic which is pinger-master.newrelic.com and when i visit that domain it says unable to connect with the host the i quickly do nslookup and i got this results fish@punt $ nslookup pinger-master.newrelic.com Server:...

Jenkins RCE 2(CVE-2 0 1 6-0 7 8 8)analysis and use-vulnerability and early warning-the black bar safety net

Foreign security researchers Moritz Bechler in 2 months found a Jenkins remote command execution vulnerability the vulnerability without having to login you can use, that is, the CVE-2 0 1 6-0 7 8 8 is. The official announcement is such description of this vulnerability: A vulnerability in the...

. NET Remoting remote code execution vulnerability explore-exploit warning-the black bar safety net

This is an article on . NET Remoting the security of the Coptic text, in the article will use a simple RCE exploit and provide the right case will be described. This paper mainly has the following content: 1. The . NET Remoting technology made a brief introduction 2. Use VS 编写 一 个 简单 的 .NET...

Java RMI services remote command execution exploit-vulnerability warning-the black bar safety net

Java RMI service is a remote method call Remote Method Invocation in. It is a mechanism that is able to make in a java virtual machine on the object calling another Java virtual machine object. In Java Web, many places will use RMI to communicate with each other to call. For example, many large...

Java RMI Registry Interfaces Enumeration

This module gathers information from an RMI endpoint running an RMI registry interface. It enumerates the names bound in a registry and looks up each remote reference. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework...

Buffer overflow

Unspecified vulnerability in Oracle Java SE 5.0u75, 6u85, 7u72, and 8u25 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to RMI...

GE Proficy Real-Time Information Portal Information Disclosure Vulnerabilities

Overview This advisory provides mitigation details for multiple vulnerabilities that impact the GE Intelligent Platforms Proficy Real-Time Information Portal. General Electric GE has addressed two vulnerabilities in the GE Intelligent Platforms Proficy Real-Time Information Portal. Exploitation o...

Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2011-10) (BEAST)

A flaw was found in the Java RMI Remote Method Invocation registry implementation. A remote RMI client could use this flaw to execute arbitrary code on the RMI server running the registry. CVE-2011-3556 A flaw was found in the Java RMI registry implementation. A remote RMI client could use this...

CVE-2013-3274

EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly determine authorization for calls to Java RMI methods, which allows remote authenticated users to execute arbitrary code via unspecified vectors...

Authorization

EMC Avamar Server and Avamar Virtual Edition before 7.0 on Data Store Gen3, Gen4, and Gen4s platforms do not properly determine authorization for calls to Java RMI methods, which allows remote authenticated users to execute arbitrary code via unspecified vectors...

ESA-2013-055: EMC Avamar Multiple Vulnerabilities

ESA-2013-055.txt -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ESA-2013-055: EMC Avamar Multiple Vulnerabilities EMC Identifier: ESA-2013-055 CVE Identifier: CVE-2013-3274, CVE-2013-3275 Severity Rating: See below for individual scores Affected products: All EMC Avamar Server and Avamar Virtual...