EUVD-2021-14143

Malware in sbrugna...

Design/Logic Flaw

SINAMICS medium voltage routable products are affected by a vulnerability in the Sm@rtServer component for remote access that could allow an unauthenticated attacker to cause a denial-of-service condition, and/or execution of limited configuration modifications and/or execution of limited control...

CVE-2021-27388

SINAMICS medium voltage routable products are affected by a vulnerability in the Sm@rtServer component for remote access that could allow an unauthenticated attacker to cause a denial-of-service condition, and/or execution of limited configuration modifications and/or execution of limited control...

CVE-2021-27388

The CVE-2021-27388 entry affects Siemens SINAMICS medium voltage remote-access products (SINAMICS SL150, SM150, SM150i). A vulnerability in the Sm@rtServer component allows unauthenticated remote access that can cause a denial-of-service and may enable limited configuration modifications or execu...

SmartSockets RTServer多个远程不可信任循环边界漏洞

BUGTRAQ ID: 27293 CVECAN ID: CVE-2007-5656 TIBCO SmartSockets是用于通过独立通道传输消息的传送框架，RTserver是其中的服务器组件。 TIBCO SmartSockets在处理畸形数据时存在漏洞，远程攻击者可能利用此漏洞导致拒绝服务或执行任意指令。 在处理请求时，SmartSockets使用了一些来自请求的值控制一些循环的重复次数，而在这些循环中可以执行各种内存操作。由于攻击者可以控制这些值，因此可能会触发一些可利用的情况，导致RTserver拒绝服务或以系统权限执行任意指令。 TIBCO SmartSockets 6.8...

TIBCO SmartSockets指针偏移远程代码执行漏洞

BUGTRAQ ID: 27295 CVECAN ID: CVE-2007-5657 TIBCO SmartSockets是用于通过独立通道传输消息的传送框架，RTserver是其中的服务器组件。 SmartSockets在处理请求时使用了来自请求的值作为添加到有效指针的偏移，然后在各种内存操作中用到了所生成的指针值。由于攻击者可以控制偏移值，因此可能触发可利用的情况，导致RTserver拒绝服务或以系统权限执行任意指令。 TIBCO SmartSockets 6.8 TIBCO ----- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

CVE-2007-5658

Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service EMS 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing size and copy-length values that trigger the overflow...

CVE-2007-5656

TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service EMS 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted requests that control loop operations related to memory...

Buffer overflow

TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service EMS 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointer offsets...

Design/Logic Flaw

TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service EMS 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted requests that control loop operations related to memory...

CVE-2007-5657

TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service EMS 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointer offsets...

CVE-2007-5655

CVE-2007-5655 affects TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and EMS 4.0.0–4.4.1. The vulnerability allows remote attackers to execute arbitrary code by sending crafted requests that include values used as pointers, which are then treated in memory operations. The iD...

CVE-2007-5657

CVE-2007-5657 affects TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and EMS 4.0.0–4.4.1. The root cause is using values from requests as offsets to valid pointers during memory operations, enabling a remote attacker to execute arbitrary code or crash the service with SYSTEM...

CVE-2007-5656

TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service EMS 4.0.0 through 4.4.1 allows remote attackers to cause a denial of service crash and possibly execute arbitrary code via crafted requests that control loop operations related to memory...

CVE-2007-5655

TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service EMS 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing values that are used as pointers...

CVE-2007-5658

Heap-based buffer overflow in TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and Enterprise Message Service EMS 4.0.0 through 4.4.1 allows remote attackers to execute arbitrary code via crafted requests containing size and copy-length values that trigger the overflow...

CVE-2007-5656

CVE-2007-5656 affects TIBCO SmartSockets RTserver 6.8.0 and earlier, RTworks before 4.0.4, and EMS 4.0.0–4.4.1. A remote attacker can send crafted requests that control the iteration counts of loops used during memory operations, potentially crashing RTserver and possibly allowing arbitrary code ...

iDefense Security Advisory 01.15.08: TIBCO SmartSockets RTserver Heap Overflow Vulnerability

iDefense Security Advisory 01.15.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 15, 2008 I. BACKGROUND TIBCO SmartSockets is a message passing framework used to transport messages over disparate channels. The RTserver is the server component of the framework. More information can b...

iDefense Security Advisory 01.15.08: TIBCO SmartSockets RTServer Multiple Untrusted Loop Bounds Vulnerabilities

iDefense Security Advisory 01.15.08 http://labs.idefense.com/intelligence/vulnerabilities/ Jan 15, 2008 I. BACKGROUND TIBCO SmartSockets is a message passing framework used to transport messages over disparate channels. The RTserver is the server component of the framework. More information can b...

TIBCO SmartSockets RTserver multiple security vulnerabilities

Buffer overflows, arrays overflows, pointers manipulation...