3722 matches found
SOL15310 - Data Manager SQL Injection Remote Code Execution vulnerability CVE-2014-2949
Vulnerability Recommended Actions To mitigate this vulnerability, you can stop the Data Manager Service when not in use. To do so, perform the following procedure: Impact of action: Performing the following procedure should not have a negative impact on your system. 1. Log in as admin to Data...
CVE-2013-6744
The Stored Procedure infrastructure in IBM DB2 9.5, 9.7 before FP9a, 10.1 before FP3a, and 10.5 before FP3a on Windows allows remote authenticated users to gain privileges by leveraging the CONNECT privilege and the CREATEEXTERNALROUTINE authority...
Design/Logic Flaw
The Stored Procedure infrastructure in IBM DB2 9.5, 9.7 before FP9a, 10.1 before FP3a, and 10.5 before FP3a on Windows allows remote authenticated users to gain privileges by leveraging the CONNECT privilege and the CREATEEXTERNALROUTINE authority...
CVE-2013-6744
The Stored Procedure infrastructure in IBM DB2 9.5, 9.7 before FP9a, 10.1 before FP3a, and 10.5 before FP3a on Windows allows remote authenticated users to gain privileges by leveraging the CONNECT privilege and the CREATEEXTERNALROUTINE authority...
CVE-2014-0159
Buffer overflow in the GetStatistics64 remote procedure call RPC in OpenAFS 1.4.8 before 1.6.7 allows remote attackers to cause a denial of service crash via a crafted statsVersion argument...
hadoop: man-in-the-middle vulnerability
The RPC protocol implementation in Apache Hadoop 2.x before 2.0.6-alpha, 0.23.x before 0.23.9, and 1.x before 1.2.1, when the Kerberos security features are enabled, allows man-in-the-middle attackers to disable bidirectional authentication and obtain sensitive information by forcing a downgrade ...
Faceless: Blocking yourself
I dont know if it's eligible but it is a bug that you can block your self in Faceless. Procedure: I made a post then I comment in that post then I hold the comment I made and there's a new window prompted and I block myself and another prompt saying that "You will no longer recieve messages from...
Scientific Linux Security Update : openafs on SL5.x, SL6.x i386/x86_64 (20140411)
An attacker with the ability to connect to an OpenAFS fileserver can trigger a buffer overflow, crashing the server. The GetStatistics64 remote procedure call RPC was introduced in OpenAFS 1.4.8 as part of the support for fileserver partitions larger than 2 TiB. The GetStatistics64 RPC is used by...
Windows TrackPopupMenuEx Win32k NULL Page
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'msf/core/post/windows/reflectivedllinjection' require 'rex' class Metasploit3 'Windows TrackPopupMenuEx Win32k NULL Page', 'Description' = %q...
Cisco TelePresence System Software Command Execution
According to the self-reported device name of the remote device, it may be a Cisco TelePresence System device. Nessus cannot determine the version of the software running on this device, but it may be affected by a vulnerability that could allow an unauthorized user to execute arbitrary commands...
Solaris 9 (x86) : 150507-01
Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: Remote Procedure Call RPC. Supported versions that are affected are 8, 9, 10 and 11.1. Easily exploitable vulnerability requiring logon to Operating System. Successful attack of this vulnerability can...
Solaris 8 (x86) : 150509-01
Vulnerability in the Solaris component of Oracle and Sun Systems Products Suite subcomponent: Remote Procedure Call RPC. Supported versions that are affected are 8, 9, 10 and 11.1. Easily exploitable vulnerability requiring logon to Operating System. Successful attack of this vulnerability can...
MySQL 5.6.x < 5.6.14 Multiple Vulnerabilities
The version of MySQL installed on the remote host is 5.6.x older than 5.6.14. As such, it is reportedly affected by vulnerabilities in the following components : - FTS - InnoDB - Locking - Optimizer - Partition - Performance Schema - Stored Procedure - Thread Pooling C Tenable Network Security,...
CA BrightStor ARCserve Backup Media Server SUN-RPC Procedure Code Execution - Ver2 (CVE-2007-1785)
Computer Associates BrightStor ARCserve Backup products offer data protection for distributed servers, clients, databases and applications. They provide centralized control over a series of distributed operations including Backup and Restore, Data Migration, and Threat Management. There exists a...
samba: Heap-based buffer overflow due to incorrect DCE-RPC fragment length field check
Heap-based buffer overflow in the dcerpcreadncacnpacketdone function in librpc/rpc/dcerpcutil.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet...
Microsoft Windows Local Procedure Call Local Privilege Escalation Vulnerability (2898715)
This host is missing an important security update according to Microsoft Bulletin MS13-102. OpenVAS Vulnerability Test $Id: secpodms13-102.nasl 6115 2017-05-12 09:03:25Z teissa $ Microsoft Windows Local Procedure Call Local Privilege Escalation Vulnerability 2898715 Authors: Antu Sanadi Copyright...
Microsoft Windows Local Procedure Call Local Privilege Escalation Vulnerability (2898715)
This host is missing an important security update according to Microsoft Bulletin MS13-102. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
samba: Heap-based buffer overflow due to incorrect DCE-RPC fragment length field check
Heap-based buffer overflow in the dcerpcreadncacnpacketdone function in librpc/rpc/dcerpcutil.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet...
Microsoft Windows Local Procedure Call CVE-2013-3878 Local Privilege Escalation Vulnerability
Description Microsoft Windows is prone to a local privilege-escalation vulnerability that affects the Local Procedure Call LPC component. A local attacker can exploit this issue to execute arbitrary code with elevated privileges. Successful exploits will result in the complete compromise of...
UBUNTU-CVE-2013-4408
Heap-based buffer overflow in the dcerpcreadncacnpacketdone function in librpc/rpc/dcerpcutil.c in winbindd in Samba 3.x before 3.6.22, 4.0.x before 4.0.13, and 4.1.x before 4.1.3 allows remote AD domain controllers to execute arbitrary code via an invalid fragment length in a DCE-RPC packet...