📄 NFR Agent 1.0.1 Arbitrary File Delete

Proof of concept exploit for an arbitrary file deletion vulnerability from 2011 in NFR Agent version 1.0.1. ============================================================================================================================================= | Title : NFR Agent 1.0.1 Arbitrary File Delete...

Repeat Email Notification: "License update interrupted: Paid license is not installed."

Challenge After installing or upgrading to Veeam Backup for Microsoft 365 version 8 using Community Edition or an NFR Not-For-Resale license, email notifications are sent daily that state that state: Veeam Backup for Microsoft 365 Failed to update license License updated interrupted: Paid license...

NFR Agent SRS Record Arbitrary Remote File Access

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NFR Agent SRS Record Arbitrary Remote File Access', 'Description' = %q NFRAgent.exe, a component of Novell File Reporter NFR, allows remote...

NFR Agent FSFUI Record File Upload RCE

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

NFR Agent Heap Overflow (CVE-2012-4956)

...

Novell File Reporter (NFR) Agent - XML Parsing Remote Code Execution

Novell File Reporter NFR Agent - XML Parsing Remote Code Execution wwww.abysssec.com Novell File Reporter Agent XML Parsing Remote Code Execution Vulnerability 0day CVE-2012-4959 @abysssec well just one more of our 0day got published after 2 year here is info :...

NFR Agent Heap Overflow Vulnerability

This module exploits a heap overflow in NFRAgent.exe, a component of Novell File Reporter NFR. The vulnerability occurs when handling requests of name "SRS", where NFRAgent.exe fails to generate a response in a secure way, copying user controlled data into a fixed-length buffer in the heap withou...

NFR Agent FSFUI Record File Upload RCE

NFRAgent.exe, a component of Novell File Reporter NFR, allows remote attackers to upload arbitrary files via a directory traversal while handling requests to /FSF/CMD with FSFUI records with UICMD 130. This module has been tested successfully against NFR Agent 1.0.4.3 File Reporter 1.0.2 and NFR...

NFR Agent FSFUI Record File Upload Remote Command Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'NFR Agent FSFUI Record File Upload...

Novell File Reporter 'SRS' Tag Arbitrary File Deletion Vulnerability

This host is installed with Novell File Reporter and is prone to arbitrary file deletion vulnerability. OpenVAS Vulnerability Test $Id: gbnovellfilereporterfilesdelvulnwin.nasl 8201 2017-12-20 14:28:50Z cfischer $ Novell File Reporter 'SRS' Tag Arbitrary File Deletion Vulnerability Authors: Antu...

Novell File Reporter 'SRS' Tag Arbitrary File Deletion Vulnerability

Novell File Reporter is prone to arbitrary file deletion vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Novell File Reporter Engine RECORD Element Tag Parsing Overflow (credentialed check)

The version of Novell File Reporter NFR Engine installed on the remote Windows host is earlier than 1.0.2.53. As such, it reportedly has a flaw in its handling of HTTP requests to the TCP port used to communicate with the NFR Agent, normally 3035. Specifically, the application fails to check the...

CVE-2011-0994

The CVE-2011-0994 issue affects the Novell File Reporter Agent (NFRAgent.exe). It is a stack/buffer overflow caused by improper boundary handling while parsing XML data, enabling a remote attacker to potentially execute arbitrary code on vulnerable Windows hosts. Public sources consistently refer...

CVE-1999-1503

The CVE-1999-1503 issue affects Network Flight Recorder (NFR) versions 1.5 and 1.6, where the nfrd daemon can crash (denial of service) when processing a TCP packet with a null header and data field. The underlying root cause is not explicitly stated in the provided documents. Impact described is...

CVE-1999-0375

The connected PT-1999-1062 entry confirms a buffer overflow in the webd component of Network Flight Recorder (NFR) version 2.0.2-Research that allows remote command execution. Affected software: Network Flight Recorder (NFR) WebD, version 2.0.2-Research. Root cause: buffer overflow in webd. Impac...