18 matches found
EUVD-2001-0693
Malware in sbrugna...
Zimbra Collaboration Suite 安全漏洞
Zimbra Collaboration Suite ZCS is an open source collaboration suite from Zimbra in the United States. The product includes WebMail, Calendar, Address Book and more. A security vulnerability exists in Zimbra Collaboration Suite version 8.8.15, which stems from not encrypting a randomly created...
Junos OS: Unauthenticated remote root access possible when RSH service is enabled
If RSH service is enabled on Junos OS and if the PAM authentication is disabled, a remote unauthenticated attacker can obtain root access to the device. RSH service is disabled by default on Junos. There is no documented CLI command to enable this service. However, an undocumented CLI command...
CVE-2018-0052 Junos OS: Unauthenticated remote root access possible when RSH service is enabled
If RSH service is enabled on Junos OS and if the PAM authentication is disabled, a remote unauthenticated attacker can obtain root access to the device. RSH service is disabled by default on Junos. There is no documented CLI command to enable this service. However, an undocumented CLI command...
HPE Intelligent Management Center (iMC) 7.2 (E0403P10) - Code Execution
Vulnerability Summary The following advisory describes a Stack Buffer Overflow vulnerability found in HPE Intelligent Management Center version v7.2 E0403P10 Enterprise, this vulnerability leads to an exploitable remote code execution. HPE Intelligent Management Center iMC delivers comprehensive...
HPE Intelligent Management Center (iMC) 7.2 (E0403P10) - Code Execution
HPE Intelligent Management Center iMC 7.2 E0403P10 - Code Execution Vulnerability Summary The following advisory describes a Stack Buffer Overflow vulnerability found in HPE Intelligent Management Center version v7.2 E0403P10 Enterprise, this vulnerability leads to an exploitable remote code...
Gratipay: proxy port 7000 and shell port 514 not filtered
port 7000 on assets.gratipay.com was found to be open to the public. The port seems to be working on a proxy module of nginx and i was able to connect to ot by configuring my browser to use it as a proxy. also port 514 is also found to be open and connection to it via rlogin succeeds although no...
Cisco IOS <= 12.0.2 Syslog Crash
No description provided by source. source: http://www.securityfocus.com/bid/675/info Cisco devices running classic IOS are reported prone to a denial of service vulnerability. The issue occurs when a vulnerable device receives and processes a UDP packet on UDP port 514 for syslog. This issue...
CVE-2011-5227
Stack-based buffer overflow in the Syslog service nssyslogd.exe in Enterasys Network Management Suite NMS before 4.1.0.80 allows remote attackers to execute arbitrary code via a long PRIO field in a message to UDP port 514...
Stack overflow
Stack-based buffer overflow in the Syslog service nssyslogd.exe in Enterasys Network Management Suite NMS before 4.1.0.80 allows remote attackers to execute arbitrary code via a long PRIO field in a message to UDP port 514...
CVE-2011-5227
Stack-based buffer overflow in the Syslog service nssyslogd.exe in Enterasys Network Management Suite NMS before 4.1.0.80 allows remote attackers to execute arbitrary code via a long PRIO field in a message to UDP port 514...
ZDI-11-350 : Enterasys NetSight nssyslogd PRI Remote Code Execution Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ZDI-11-350 : Enterasys NetSight nssyslogd PRI Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-350 December 19, 2011 - -- CVE ID: - -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C - -- Affected Vendors: Enterasys - --...
Enterasys NetSight nssyslogd PRI Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Enterasys Netsight. Authentication is not required to exploit this vulnerability. The flaw exists within the nssyslogd.exe component which listens by default on UDP port 514. When parsing a new...
HP 3COM/H3C Intelligent Management Center imcsyslogdm Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP 3com/H3C Intelligent Management Center. Authentication is not required to exploit this vulnerability. The flaw exists within the imcsyslogdm.exe component which listens by default on UDP port 51...
CVE-2007-4005
Stack-based buffer overflow in Mike Dubman Windows RSH daemon rshd 1.7 allows remote attackers to execute arbitrary code via a long string to the shell port 514/tcp. NOTE: this might overlap CVE-2007-4006...
Syslog PRIORITY Field Enforcement
Syslog is a standard for transporting event notification messages over IP networks to event message collectors, or Syslog servers. Syslog is often used for system management and security auditing. Syslog servers, by default, listen on UDP port 514.Also, it is possible to have event message relays...
CVE-2001-0707
CVE-2001-0707 applies to Denicomp RSHD 2.18 and earlier. A remote attacker can trigger a denial of service (crash) by sending a long string to port 514. The provided sources confirm the affected product and the impact but do not document a precise root cause, vulnerable component, or available fi...
CVE-2001-0707
Denicomp RSHD 2.18 and earlier allows a remote attacker to cause a denial of service crash via a long string to port 514...