Lucene search
K

7115 matches found

exploitpack
exploitpack
added 2002/08/16 12:0 a.m.18 views

SGI IRIX 6.5.x - FAM Arbitrary Root Owned Directory File Listing

SGI IRIX 6.5.x - FAM Arbitrary Root Owned Directory File Listing source: https://www.securityfocus.com/bid/5487/info fam is a freely available, open source file alteration monitor. It is maintained and distributed by SGI, and will work on the Linux and Unix operating systems. It is possible for a...

0.4AI score
Exploits0
NVD
NVD
added 2002/08/12 4:0 a.m.14 views

CVE-2002-0793

Hard link and possibly symbolic link following vulnerabilities in QNX RTOS 4.25 aka QNX4 allow local users to overwrite arbitrary files via 1 the -f argument to the monitor utility, 2 the -d argument to dumper, 3 the -c argument to crttrap, or 4 using the Watcom sample utility...

5.5CVSS5.8AI score0.01343EPSS
Exploits1References9
Cvelist
Cvelist
added 2002/07/26 4:0 a.m.35 views

CVE-2002-0649

Multiple buffer overflows in the Resolution Service for Microsoft SQL Server 2000 and Microsoft Desktop Engine 2000 MSDE allow remote attackers to cause a denial of service or execute arbitrary code via UDP packets to port 1434 in which 1 a 0x04 byte that causes the SQL Monitor thread to generate...

8AI score0.8475EPSS
Exploits7References23
Cvelist
Cvelist
added 2002/07/26 4:0 a.m.15 views

CVE-2002-0793

Hard link and possibly symbolic link following vulnerabilities in QNX RTOS 4.25 aka QNX4 allow local users to overwrite arbitrary files via 1 the -f argument to the monitor utility, 2 the -d argument to dumper, 3 the -c argument to crttrap, or 4 using the Watcom sample utility...

5.8AI score0.01343EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2002/07/26 12:0 a.m.4 views

PT-2002-1814 · Blackberry · Qnx Rtos

Name of the Vulnerable Software and Affected Versions: QNX RTOS version 4.25 Description: The issue allows local users to overwrite arbitrary files via specific arguments to certain utilities, including 1 the -f argument to the monitor utility, 2 the -d argument to dumper, 3 the -c argument to...

5.5CVSS6.6AI score0.01343EPSS
Exploits1References14
CVE
CVE
added 2002/06/25 4:0 a.m.41 views

CVE-2001-1116

CVE-2001-1116 affects Identix BioLogon 2.03 and earlier. On multi-monitor systems running Windows 98/ME, it does not lock secondary displays, allowing an attacker with physical access to bypass authentication via a secondary display. The available sources confirm the affected product/versions and...

4.6CVSS7AI score0.0036EPSS
Exploits0References5Affected Software1
exploitpack
exploitpack
added 2002/05/31 12:0 a.m.17 views

QNX RTOS 4.25 - monitor Arbitrary File Modification

QNX RTOS 4.25 - monitor Arbitrary File Modification source: https://www.securityfocus.com/bid/4902/info The QNX RTOS monitor utility is prone to an issue which may allow local attackers to modify arbitrary system files such as /etc/passwd. monitor is installed setuid root by default. The monitor ...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/05/31 12:0 a.m.30 views

QNX RTOS 4.25 - monitor Arbitrary File Modification

source: https://www.securityfocus.com/bid/4902/info The QNX RTOS monitor utility is prone to an issue which may allow local attackers to modify arbitrary system files such as /etc/passwd. monitor is installed setuid root by default. The monitor -f command line option may be used by a local attack...

7.4AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2001/12/03 12:0 a.m.41 views

Alchemy Eye/Network Monitor Traversal Arbitrary Command Execution

Alchemy Eye and Alchemy Network Monitor are network management tools for Microsoft Windows. The product contains a built-in HTTP server for remote monitoring and control. This HTTP server allows arbitrary commands to be run on the server by a remote attacker. %NASLMINLEVEL 70300 This script was...

7.5CVSS5.5AI score0.02966EPSS
Exploits0References2
securityvulns
securityvulns
added 2001/12/01 12:0 a.m.32 views

Rapid 7 Advisory R7-0001: Alchemy Eye HTTP Remote Command Execution

-----BEGIN PGP SIGNED MESSAGE----- Rapid 7, Inc. Security Advisory Visit http://www.rapid7.com to download NeXposetm, our advanced vulnerability scanner. Linux and Windows 2000 versions are available now! Rapid 7 Advisory R7-0001: Alchemy Eye HTTP Remote Command Execution Published: November 29,...

7.5CVSS1.3AI score0.02966EPSS
Exploits0
Cvelist
Cvelist
added 2001/11/30 5:0 a.m.24 views

CVE-2001-0871

Directory traversal vulnerability in HTTP server for Alchemy Eye and Alchemy Network Monitor allows remote attackers to execute arbitrary commands via an HTTP request containing 1 a .. in versions 2.0 through 2.6.18, or 2 a DOS device name followed by a .. in versions 2.6.19 through 3.0.10...

7.6AI score0.02966EPSS
Exploits0References5
CVE
CVE
added 2001/11/30 5:0 a.m.58 views

CVE-2001-0871

CVE-2001-0871 affects Alchemy Eye and Alchemy Network Monitor’s built-in HTTP server. Versions 2.0–2.6.18 are vulnerable to simple dotdot traversal; versions 2.6.19–3.0.10 are vulnerable to a variant using a DOS device name (e.g., NUL) plus traversal. Successful exploitation allows remote attacke...

7.5CVSS7.6AI score0.02966EPSS
Exploits0References5Affected Software2
CVE
CVE
added 2001/11/30 5:0 a.m.40 views

CVE-2001-0870

The CVE-2001-0870 issue affects Alchemy Eye and Alchemy Network Monitor versions 1.9x through 2.6.18, whose built-in HTTP server is enabled by default and allows remote, unauthenticated access to view monitoring logs by directly requesting the eye.ini file. The vulnerability enables disclosure of...

5CVSS6.5AI score0.02414EPSS
Exploits0References3Affected Software2
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.19 views

CVE-1999-1395

Vulnerability in Monitor utility SYS$SHARE:SPISHR.EXE in VMS 5.0 through 5.4-2 allows local users to gain privileges...

6.6AI score0.06104EPSS
Exploits0References5
CVE
CVE
added 2001/09/12 4:0 a.m.46 views

CVE-1999-1395

CVE-1999-1395 describes a local privilege escalation in the Monitor utility (SYS$SHARE:SPISHR.EXE) affecting VMS 5.0 through 5.4-2. The vulnerability allows local users to gain privileges. The connected documents confirm the affected product and code component but do not provide specific technica...

7.2CVSS6.7AI score0.06104EPSS
Exploits0References5Affected Software1
securityvulns
securityvulns
added 2001/08/03 12:0 a.m.37 views

Identix BioLogon Client security bug

Aug 3rd, 2001 10:56am Vendor: http://www.identix.com Software: BioLogon 2.0 Client see http://www.identix.com/itsecurity/softwareprod.html Security flaw in Indentix BioLogon 2.0 Client for Windows Identix's BioLogon software is used as the software "glue" to tie together various biometric devices...

0.6AI score
Exploits0
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.23 views

CVE-2000-1034

Buffer overflow in the System Monitor ActiveX control in Windows 2000 allows remote attackers to execute arbitrary commands via a long LogFileName parameter in HTML source code, aka the "ActiveX Parameter Validation" vulnerability...

7.6AI score0.29586EPSS
Exploits1References4
CVE
CVE
added 2001/01/22 5:0 a.m.46 views

CVE-2000-1034

The CVE relates to a buffer overflow in the Windows 2000 System Monitor ActiveX control (sysmon.ocx). The vulnerability allows remote code execution by crafting a malicious LogFileName value in HTML/scripted content, permitting exploitation by a user who can load the affected page or message. The...

10CVSS7.7AI score0.29586EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2001/01/22 5:0 a.m.42 views

CVE-2000-0978

The CVE-2000-0978 entry concerns the Big Brother System and Network Monitor (bbd server). It identifies a vulnerability in versions before 1.5c2 where remote attackers could execute arbitrary commands via the shell metacharacter “&”. The impact is remote command execution with the potential for p...

7.5CVSS8.1AI score0.03337EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2001/01/09 5:0 a.m.15 views

CVE-2000-1127

registrar in the HP resource monitor service allows local users to read and modify arbitrary files by renaming the original registrar.log log file and creating a symbolic link to the target file, to which registrar appends log information and sets the permissions to be world readable...

3.6CVSS6.1AI score0.00973EPSS
Exploits1References2
Rows per page
Query Builder