Novell NCP Pre-Auth Remote Stack Buffer Overflow

/ Novell NCP Pre-Auth Remote Root Exploit Written by Gary Nilson 11-17-2013 Overview US-CERT/NIST CVES:CVE-2012-0432: Stack-based buffer overflow in the Novell NCP implementation in NetIQ eDirectory 8.8.7.x before 8.8.7.2 allows remote attackers to have an unspecified impact via unknown vectors...

Directory traversal

Directory traversal vulnerability in the Liferay component in Oracle Sun GlassFish Web Space Server before 10.0 Update 7 Patch 2 has unknown impact and attack vectors...

CVE-2012-2387

devotee 0.1 patch 2 uses a 32-bit seed for generating 48-bit random numbers, which makes it easier for remote attackers to obtain the secret monikers via a brute force attack...

CVE-2012-2387

devotee 0.1 patch 2 uses a 32-bit seed for generating 48-bit random numbers, which makes it easier for remote attackers to obtain the secret monikers via a brute force attack...

CVE-2012-2387

devotee 0.1 patch 2 uses a 32-bit seed for generating 48-bit random numbers, which makes it easier for remote attackers to obtain the secret monikers via a brute force attack...

CVE-2011-5058

The CVE-2011-5058 entry affects 3S CoDeSys 3.4 SP4 Patch 2: the CmbWebserver.dll in the Control service allows remote attackers to create arbitrary directories under the web root by specifying a non-existent directory with backslash characters in an HTTP GET request. This is the concrete vulnerab...

CVE-2011-5007

Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 and earlier, as used on the ABB AC500 PLC and possibly other products, allows remote attackers to execute arbitrary code via a long URI to TCP port 8080...

CVE-2011-5008

CVE-2011-5008 is an integer overflow in the GatewayService of 3S CoDeSys (versions affected: CoDeSys 2.3 and 3.4; patched in V3.5 and V2.3.9.32). A large size value in the packet header enables remote attackers to trigger a heap-based buffer overflow and potentially execute arbitrary code. Attack...

SCADA 3S CoDeSys CmpWebServer Stack Buffer Overflow

This module exploits a remote stack buffer overflow vulnerability in 3S-Smart Software Solutions product CoDeSys Scada Web Server Version 1.1.9.9. This vulnerability affects versions 3.4 SP4 Patch 2 and earlier. This module requires Metasploit: https://metasploit.com/download Current source:...

Codesys CmpWebServer Multiple Vulnerabilities

Codesys is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

TeamMate Audit Management Software Suite - mfc71enu.dll DLL Hijacking

TeamMate Audit Management Software Suite - mfc71enu.dll DLL Hijacking / Greetz to :b0nd, Fbih2s,r45c4l,Charles ,j4ckh4x0r, punter,eberly, Charles, Dinesh Arora , Anirban ,Ganesha, Dinesh Arora Site : www.beenuarora.com Exploit Title: TeamMate Audit Management Software Suite DLL Hijacking Date:...

Sun Java System Access Manager 7.1 < Patch 2 Multiple Vulnerabilities

Binary data 5132.prm...

Novell GroupWise Internet Agent e-mail address buffer overflow

Added: 06/05/2009 CVE: CVE-2009-1636 BID: 35064 OSVDB: 54645 Background Novell GroupWise is an e-mail and collaboration product suite. Problem A buffer overflow vulnerability allows a remote attacker to execute arbitrary commands by sending a message containing a specially crafted e-mail address ...

Novell GroupWise Internet Agent e-mail address buffer overflow

Added: 06/05/2009 CVE: CVE-2009-1636 BID: 35064 OSVDB: 54645 Background Novell GroupWise is an e-mail and collaboration product suite. Problem A buffer overflow vulnerability allows a remote attacker to execute arbitrary commands by sending a message containing a specially crafted e-mail address ...

Novell Groupwise Cross Site Scripting

Novell GroupWise Web Access Multiple XSS /============================================\ / SecureState R&D Team - leroy and sasquatch \ / Discovered: 11-24-08, 03-05-09 \ \ Vendor Notified: 01-06-09, 03-05-09 / \ Vendor Publication: 05-21-09 / ============================================/...

Buffer overflow

Multiple buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2- Build 1174 allow remote attackers to execute arbitrary code via a crafted RPC message processed by the 1 the RPCFNActiveRollback function in a stcommon.dll, or the 2 ENGSetRealTimeScanConfigInfo or 3 ENGSendEmail...

CVE-2007-2533

Multiple buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2- Build 1174 allow remote attackers to execute arbitrary code via a crafted RPC message processed by the 1 the RPCFNActiveRollback function in a stcommon.dll, or the 2 ENGSetRealTimeScanConfigInfo or 3 ENGSendEmail...

Stack overflow

Multiple stack-based buffer overflows in Trend Micro ServerProtect 5.58 before Security Patch 2 Build 1174 allow remote attackers to execute arbitrary code via crafted data to 1 TCP port 5168, which triggers an overflow in the CAgRpcClient::CreateBinding function in the AgRpcCln.dll library in...

Mandrake Linux Security Advisory : kdegraphics (MDKSA-2007:024)

The Adobe PDF specification 1.3, as implemented by xpdf 3.0.1 patch 2, kpdf in KDE before 3.5.5, and other products, allows remote attackers to have an unknown impact, possibly including denial of service infinite loop, arbitrary code execution, or memory corruption, via a PDF file with a 1 craft...

VMSA-2006-0004 Cross site scripting vulnerability and other fixes

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - ------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2006-0004 Synopsis: Cross site scripting vulnerability and other fixes Knowledge base URL:http://kb.vmware.com/kb/2118366 Issue date:...