EMC RepliStor rep_srv and ctrlservice Denial of Service (CVE-2009-3744)

EMC RepliStor is a data recovery and protection system exclusively for Microsoft Windows. Recovery and protection are achieved by providing easy to use data replication to multiple sources in real-time or on a schedule. Files, directories, volumes and shares can be replicated as long as TCP/IP...

iPhone Worm Was Simple, Yet Effective, Analysis Shows

The iKee worm that was infecting jailbroken iPhones last month was a simple, yet effective, piece of software that shows how easy it might be for an attacker to create a fairly large, functioning botnet comprising mobile devices, an analysis of the worm shows. Researchers at SRI International’s...

Oracle Advanced Replication组件REPCAT_RPC.VALIDATE_REMOTE_RC()函数权限提升漏洞

BUGTRAQ ID: 35685 CVE ID: CVE-2009-1021 Oracle Database是一款商业性质大型数据库系统。 Oracle数据库Advanced Replication组件中的REPCATRPC.VALIDATEREMOTERC函数执行了可能受控的匿名PL/SQL。该函数取当前登录用户名为第一个参数，第二个参数VALIDATESTRING直接放到了PLSQL的匿名块中并执行： ... ... SQLCURSOR := DBMSSQL.OPENCURSOR; DBMSSQL.PARSESQLCURSOR, 'BEGIN ' || ' :err :=...

Phishing Tool

Added: 09/23/2009 Background This tool serves an HTML form which collects information from users. It allows you to either replicate a real web page, or specify a custom header graphic, a custom footer graphic, and an introductory text message. For best results, design the HTML form to look like a...

EMC Replication Manager irccd.exe RunProgram Message Handling Arbitrary Command Execution

Binary data emcrmcclient.nbin...

EMC Replication Manager Client Detection

Binary data emcrmcclientdetect.nbin...

EMC Replication Manager Server Detection

Binary data emcrmcsrvdetect.nbin...

VulnCheck KEV: CVE-2009-1923

Heap-based buffer overflow in the Windows Internet Name Service WINS component for Microsoft Windows 2000 SP4 and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted WINS replication packet that triggers an incorrect buffer-length calculation, aka "WINS Heap Overflow...

CVE-2009-1923

Heap-based buffer overflow in the Windows Internet Name Service WINS component for Microsoft Windows 2000 SP4 and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted WINS replication packet that triggers an incorrect buffer-length calculation, aka "WINS Heap Overflow...

CVE-2009-1923

Heap-based buffer overflow in the Windows Internet Name Service WINS component for Microsoft Windows 2000 SP4 and Server 2003 SP2 allows remote attackers to execute arbitrary code via a crafted WINS replication packet that triggers an incorrect buffer-length calculation, aka "WINS Heap Overflow...

CVE-2009-1924

Integer overflow in the Windows Internet Name Service WINS component for Microsoft Windows 2000 SP4 allows remote WINS replication partners to execute arbitrary code via crafted data structures in a packet, aka "WINS Integer Overflow Vulnerability."...

EMC Replication Manager code execution

Application execution via XML-based service on TCP/6700...

ZDI-09-051: EMC Replication Manager Client Control Service Remove Code Execution Vulnerability

ZDI-09-051: EMC Replication Manager Client Control Service Remove Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-09-051 August 7, 2009 -- Affected Vendors: EMC -- Affected Products: EMC Replication Manager -- TippingPointTM IPS Customer Protection: TippingPoint IPS...

EMC Replication Manager Client Control Service Remove Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the EMC Replication Manager Client. Authentication is not required to exploit this vulnerability. The specific flaw exists within the irccd.exe process which listens by default on a TCP port around...

Information disclosure

Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...

CVE-2009-1021

CVE-2009-1021 affects Oracle Database Advanced Replication (REPCAT_RPC.VALIDATE_REMOTE_RC) and can be exploited by remote authenticated users to impact confidentiality and integrity. Affected versions include Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3. The vulnerability arises fro...

CVE-2009-1021

Unspecified vulnerability in the Advanced Replication component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, and 10.2.0.3 allows remote authenticated users to affect confidentiality and integrity via unknown vectors...

Fedora 10 : phpMyAdmin-3.2.0.1-1.fc10 (2009-7340)

The first security release for phpMyAdmin 3.2.0: - security XSS: Insufficient output sanitizing in bookmarks This version contains a number of small new features and some bug fixes: - core better support for vendor customisation based on what Debian needs - rfe warn when session.gcmaxlifetime is...

Fedora 9 : phpMyAdmin-3.2.0.1-1.fc9 (2009-7337)

The first security release for phpMyAdmin 3.2.0: - security XSS: Insufficient output sanitizing in bookmarks This version contains a number of small new features and some bug fixes: - core better support for vendor customisation based on what Debian needs - rfe warn when session.gcmaxlifetime is...

HP StorageWorks Storage Mirroring Software存在多个远程漏洞

BUGTRAQ ID: 34611 CVE ID：CVE-2009-0716 CVE-2009-0717 CVE-2009-0718 CNCVE ID：CNCVE-20090716 CNCVE-20090717 CNCVE-20090718 HP StorageWorks Storage Mirroring存储镜像软件是一款基于主机的连续复制解决方案。 HP StorageWorks Storage Mirroring软件存在多个安全问题，远程攻击者可以利用漏洞进行任意代码执行，拒绝服务和未授权访问攻击。 目前没有详细漏洞细节提供。 HP HP StorageWorks Storage...