Lucene search
+L

3053 matches found

prion
prion
added 2011/12/25 1:55 a.m.13 views

Stack overflow

Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 and earlier, as used on the ABB AC500 PLC and possibly other products, allows remote attackers to execute arbitrary code via a long URI to TCP port 8080...

10CVSS8.7AI score0.72582EPSS
Exploits6References8Affected Software1
cvelist
cvelist
added 2011/12/25 1:0 a.m.21 views

CVE-2011-5007

Stack-based buffer overflow in the CmpWebServer component in 3S CoDeSys 3.4 SP4 Patch 2 and earlier, as used on the ABB AC500 PLC and possibly other products, allows remote attackers to execute arbitrary code via a long URI to TCP port 8080...

7.9AI score0.72582EPSS
Exploits6References8
exploitdb
exploitdb
added 2011/11/14 12:0 a.m.44 views

optima apiftp server 1.5.2.13 - Multiple Vulnerabilities

Luigi Auriemma Application: Optima APIFTP Server http://www.optimalog.com/home.html Versions: = 1.5.2.13 Platforms: Windows Bugs: A NULL pointer B endless loop Exploitation: remote Date: 13 Nov 2011 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bugs 3 The Co...

7.4AI score
Exploits0
thn
thn
added 2011/11/13 9:37 p.m.6 views

Duqu computer virus Detected by Iran civil defense organization

Duqu computer virus Detected by Iran civil defense organization The virus is called W32.Duqu, or just Duqu create fear after the opening Pandora's Box of Stuxnet. The head of Iran's civil defense organization told the official IRNA news agency that computers at all main sites at risk were being...

6.8AI score
Exploits0
exploitdb
exploitdb
added 2011/10/10 12:0 a.m.45 views

IRAI AUTOMGEN 8.0.0.7 - Use-After-Free

Luigi Auriemma Application: IRAI AUTOMGEN http://www.irai.com/a8e/ Versions: = 8.0.0.7 aka 8.022 Platforms: Windows Bug: use after free Exploitation: file Date: 10 Oct 2011 Author: Luigi Auriemma e-mail: [email protected] web: aluigi.org 1 Introduction 2 Bug 3 The Code 4 Fix =============== 1...

7.4AI score
Exploits0
threatpost
threatpost
added 2011/09/06 4:52 p.m.15 views

Researcher Will Demo Crippling Siemens Attack Using Metasploit

For years, there’s been an argument that the sophistication of industrial control systems is enough to keep script kiddies – or low-skilled hackers – away. Well, so much for that. Researcher Ralph Langer says that he will use a presentation at an upcoming security conference in Washington D.C. to...

0.1AI score
Exploits0References8
thn
thn
added 2011/07/03 8:5 a.m.24 views

Stuxnet Source Code Released Online - Download Now

Stuxnet Source Code Released Online - Download Now Stuxnet is a Microsoft Windows computer worm discovered in July 2010 that targets industrial software and equipment. While it is not the first time that crackers have targeted industrial systems,it is the first discovered malware that spies on an...

6.9AI score
Exploits0
threatpost
threatpost
added 2011/05/23 4:53 p.m.12 views

Metasploit Holding On Siemens Exploits

UPDATE: A week after a security researcher decided to cancel a technical discussion of security holes in industrial control software from Siemens, Inc., public exploits for the vulnerabilities are on hold while the company works to shore up systems running its Simatic programmable logic controlle...

7.5AI score
Exploits0References4
threatpost
threatpost
added 2011/05/19 4:12 p.m.10 views

SCADA Holes Allowed Remote Takedown of Siemens Systems

Security researcher Dillon Beresford decided not to present a talk at the TakedownCon in Dallas on Thursday, citing concerns about mayhem that could have resulted. But in an e-mail, he told Threatpost that the vulnerabilities could allow remote attackers to start or stop Siemens Programmable Logi...

0.5AI score
Exploits0References5
openvas
openvas
added 2011/01/11 12:0 a.m.25 views

Fedora Update for wordpress-mu FEDORA-2010-19329

Check for the Version of wordpress-mu OpenVAS Vulnerability Test Fedora Update for wordpress-mu FEDORA-2010-19329 Authors: System Generated Check Copyright: Copyright c 2010 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it...

6CVSS0.09855EPSS
Exploits0References2
threatpost
threatpost
added 2010/10/01 12:52 a.m.22 views

Researcher Demonstrates Stuxnet At Work

We know Stuxnet has caused some major disruptions in nations like Iran and India. But how, exactly, does it work? In this video, Symantec researcher Liam O’Murchu demonstrates how a Stuxnet infected programmable logic controller PLC by Siemens can instruct a piece of machinery to run out of...

2.5AI score
Exploits0References1
ics
ics
added 2010/03/10 12:0 a.m.41 views

Rockwell PLC5/SLC5/0x/RSLogix Security Vulnerability

Overview Rockwell Automation has identified a security vulnerability in the programming and configuration client software authentication mechanism employed by certain versions of the PLC-5 and SLC 5/0x family of programmable controllers. Affected Products Rockwell PLC-5 and SLC 5/0x controllers a...

0.4AI score
Exploits0References19
securityvulns
securityvulns
added 2010/01/17 12:0 a.m.49 views

C4 SCADA Security Advisory - Rockwell Automation (Allen Bradley) Multiple Vulnerabilities in Micrologix 1100 & 1400 Series Controllers

Background ----------------- Vendor product information, from www.ab.com : With online editing and a built-in 10/100 Mbps EtherNet/IP port for peer-to-peer messaging, the MicroLogix 1100 controller adds greater connectivity and application coverage to the MicroLogix family of Allen-Bradley...

10CVSS0.3AI score0.04342EPSS
Exploits0
openvas
openvas
added 2009/02/17 12:0 a.m.32 views

Fedora Update for net-snmp FEDORA-2008-5224

Check for the Version of net-snmp OpenVAS Vulnerability Test Fedora Update for net-snmp FEDORA-2008-5224 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the...

10CVSS6.8AI score0.6879EPSS
Exploits15References2
symantec
symantec
added 2008/10/20 8:0 a.m.19 views

Symantec Altiris Deployment Solution Local Access Elevation of Privilege in Client GUI

SUMMARY A local access elevation of privilege issue has been identified and resolved in the Symantec Altiris Deployment Solution Client GUI. Successful exploitation could result in unauthorized local system access on a client system. Severity Medium Remote Access adjacent network | No ---|--- Loc...

7.2AI score
Exploits0Affected Software1
packetstorm
packetstorm
added 2008/10/07 12:0 a.m.44 views

verisign-xss.txt

VeriSign Kontiki Delivery Management System DMS Cross-Site Scripting Vulnerability CVE Number: CVE-2008-4393 Vulnerability Type / Importance: XSS / Medium Problem discovered: September 24th 2007 Vendor contacted: September 26th 2007 Advisory published: March 28th 2008 Abstract The Kontiki Deliver...

4.3CVSS6.7AI score0.0179EPSS
Exploits2
symantec
symantec
added 2008/06/17 8:0 a.m.18 views

Symantec Altiris Notification Server Agent GUI Local Elevation of Privilege

SUMMARY A non-privileged user can leverage the Symantec Altiris Notification Server Agent Graphical User Interface GUI to gain privileged access to the system. Severity Medium Remote Access adjacent network | No ---|--- Local Access | Yes Authentication Required | Yes Exploit available | No...

0.4AI score
Exploits0Affected Software1
securityvulns
securityvulns
added 2008/05/24 12:0 a.m.72 views

IRM Security Advisory : Barracuda Networks Spam Firewall Cross-Site Scripting Vulnerability

Barracuda Networks Spam Firewall Cross-Site Scripting Vulnerability CVE Number: CVE-2008-2333 Vulnerability Type / Importance: Cross-Site Scripting Reflected / Medium Problem Discovered 24 April 2008 Vendor Contacted 24 April 2008 Advisory Published 22 May 2008 Abstract The Barracuda Spam Firewal...

4.3CVSS0.2AI score0.04529EPSS
Exploits2
securityvulns
securityvulns
added 2007/11/30 12:0 a.m.39 views

IRM025: TIBCO Rendezvous RVD Daemon Remote Memory Leak DoS

-------------------------------------------------------- IRM Security Advisory 025 TIBCO Rendezvous RVD Daemon Remote Memory Leak DoS Vulnerability Type / Importance: Remote DoS / High Problem Discovered: 16 April 2007 Vendor Contacted: 16 April 2007 Advisory Published: 29 November 2007...

7.1AI score
Exploits0
seebug
seebug
added 2007/02/08 12:0 a.m.20 views

X-Kryptor Secure Client本地权限提升漏洞

X-Kryptor Secure Client是基于软件的VPN客户端,允许将家庭或移动的工作机连接到安全的局域网。 X-Kryptor Secure Client在处理认证操作时存在漏洞,本地攻击者可能利用此漏洞获取非授权访问。 如果在Microsoft Windows上使用X-Kryptor Secure...

7.1AI score
Exploits0
Rows per page
Query Builder