📄 NFR Agent 1.0.1 Arbitrary File Delete

Proof of concept exploit for an arbitrary file deletion vulnerability from 2011 in NFR Agent version 1.0.1. ============================================================================================================================================= | Title : NFR Agent 1.0.1 Arbitrary File Delete...

NFR Agent FSFUI Record File Upload RCE

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

NFR Agent Heap Overflow (CVE-2012-4956)

...

Novell File Reporter (NFR) Agent - XML Parsing Remote Code Execution

Novell File Reporter NFR Agent - XML Parsing Remote Code Execution wwww.abysssec.com Novell File Reporter Agent XML Parsing Remote Code Execution Vulnerability 0day CVE-2012-4959 @abysssec well just one more of our 0day got published after 2 year here is info :...

NFR Agent Heap Overflow Vulnerability

This module exploits a heap overflow in NFRAgent.exe, a component of Novell File Reporter NFR. The vulnerability occurs when handling requests of name "SRS", where NFRAgent.exe fails to generate a response in a secure way, copying user controlled data into a fixed-length buffer in the heap withou...

NFR Agent FSFUI Record File Upload RCE

NFRAgent.exe, a component of Novell File Reporter NFR, allows remote attackers to upload arbitrary files via a directory traversal while handling requests to /FSF/CMD with FSFUI records with UICMD 130. This module has been tested successfully against NFR Agent 1.0.4.3 File Reporter 1.0.2 and NFR...

NFR Agent FSFUI Record File Upload Remote Command Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'NFR Agent FSFUI Record File Upload...

Novell File Reporter 'SRS' Tag Arbitrary File Deletion Vulnerability

This host is installed with Novell File Reporter and is prone to arbitrary file deletion vulnerability. OpenVAS Vulnerability Test $Id: gbnovellfilereporterfilesdelvulnwin.nasl 8201 2017-12-20 14:28:50Z cfischer $ Novell File Reporter 'SRS' Tag Arbitrary File Deletion Vulnerability Authors: Antu...

Novell File Reporter 'SRS' Tag Arbitrary File Deletion Vulnerability

Novell File Reporter is prone to arbitrary file deletion vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

Novell File Reporter Engine RECORD Element Tag Parsing Overflow (credentialed check)

The version of Novell File Reporter NFR Engine installed on the remote Windows host is earlier than 1.0.2.53. As such, it reportedly has a flaw in its handling of HTTP requests to the TCP port used to communicate with the NFR Agent, normally 3035. Specifically, the application fails to check the...