14 matches found
EUVD-2007-5731
Malware in sbrugna...
Motorola Netopia Netoctopus SDCS Stack Buffer Overflow
require 'msf/core' class MetasploitModule 'Motorola Netopia Netoctopus SDCS Stack Buffer Overflow', 'Description' = %q This module exploits a vulnerability within the code responsible for parsing client requests. When reading in a request from the network, a 32-bit integer is read in that specifi...
Motorola Netopia Netoctopus SDCS - Remote Stack Buffer Overflow (Metasploit)
Motorola Netopia Netoctopus SDCS - Remote Stack Buffer Overflow Metasploit require 'msf/core' class MetasploitModule 'Motorola Netopia Netoctopus SDCS Stack Buffer Overflow', 'Description' = %q This module exploits a vulnerability within the code responsible for parsing client requests. When...
Motorola Netopia Netoctopus SDCS - Remote Stack Buffer Overflow (Metasploit)
require 'msf/core' class MetasploitModule 'Motorola Netopia Netoctopus SDCS Stack Buffer Overflow', 'Description' = %q This module exploits a vulnerability within the code responsible for parsing client requests. When reading in a request from the network, a 32-bit integer is read in that specifi...
netOctopus Agent nantsys.sys MSR Write Local Privilege Escalation
netOctopus Agent, an asset management agent, is installed on the remote host. The installed version of netOctopus Agent includes a driver, named 'nantsys.sys', that exposes a device interface writable by all local users, allowing them to read and write arbitrary CPU Model Specific Registers MSRs....
netOctopus Agent Detection (UDP)
The remote service is a netOctopus Agent, the agent piece of the netOctopus asset management software suite installed on individual computers. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid29930; scriptversion"1.9"; scriptcvsdate"Date: 2019/11/22";...
netOctopus Agent Detection (TCP)
The remote service is a netOctopus Agent, the agent piece of the netOctopus asset management software suite installed on individual computers. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include"compat.inc"; if description scriptid29929;...
netOctopus Agent Detection (UDP)
Binary data 4342.prm...
netOctopus Server Detection (UDP)
Binary data 4343.prm...
Code injection
The NantSys device 5.0.0.115 in Motorola netOctopus 5.1.2 build 1011 has weak permissions for the \.\NantSys device interface nantsys.sys, which allows local users to gain privileges or cause a denial of service system crash, as demonstrated by modifying the SYSENTEREIPMSR CPU Model Specific...
Motorola netOctopus Agent 'nantsys.sys'本地特权提升漏洞
BUGTRAQ ID: 27175 CVE ID:CVE-2007-5761 CNCVE ID:CNCVE-20075761 Motorola netOctopus是一款资产管理工具。 Motorola netOctopus包含的驱动存在设计问题,本地攻击者可以利用漏洞提升特权。 netOctopus代理软件安装时包括nantsys.sys驱动,驱动输出的设备接口\.\NantSys全用户可写。这个驱动包含读和写任意CPU MSRs,更改MSR值允许调节CPU的级别操作。通过修改SYSENTEREIPMSR,可导致以内核上下文执行任意指令。 Motorola netOctopus...
CVE-2007-5761
The NantSys device 5.0.0.115 in Motorola netOctopus 5.1.2 build 1011 has weak permissions for the \.\NantSys device interface nantsys.sys, which allows local users to gain privileges or cause a denial of service system crash, as demonstrated by modifying the SYSENTEREIPMSR CPU Model Specific...
iDefense Security Advisory 01.07.08: Motorola netOctopus Agent MSR Write Privilege Escalation Vulnerability
iDefense Security Advisory 01.07.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 07, 2008 I. BACKGROUND Motorola netOctopus is an asset management agent. It is used to deploy software, monitor performance, and configure client machines from a central administrative console. More...
Motorola netOctopus agent privileg eescalation
.NantSys system device allows processor registers modification...