EUVD-2005-3315

Malware in sbrugna...

EUVD-2007-2942

Malware in sbrugna...

Symantec Discovery XFERWAN Service Buffer Overflow (CVE-2007-1173)

Symantec Discovery is a network asset management and configuration suite. This product is deployed in enterprise network to collect information about network computers and devices for management purpose. The product employs numerous communication protocols to access network nodes. One of the...

Symantec Discovery Insecure File Permissions

SUMMARY Insecure default directory and file permissions may allow local users to gain escalated privileges. Severity Low Remote Access | Local network access required ---|--- Local Access | Yes Authentication Required | Yes Exploit publicly available | No AFFECTED PRODUCTS Affected Products Produ...

CVE-2007-2950

CVE-2007-2950 involves Centennial Discovery 2006 Feature Pack 1 (used by Numara Asset Manager 8.0 and Symantec Discovery 6.5) where insecure default directory/file permissions enable local non-privileged users to gain privileges. The Symantec advisory notes the vulnerability arises from improper ...

CVE-2007-2950

Centennial Discovery 2006 Feature Pack 1, which is used by 1 Numara Asset Manager 8.0 and 2 Symantec Discovery 6.5, uses insecure permissions on certain directories, which allows local users to gain privileges...

Stack overflow

Stack-based buffer overflow in XferWan.exe as used in multiple products including 1 Symantec Discovery 6.5, 2 Numara Asset Manager 8.0, and 3 Centennial UK Ltd Discovery 2006 Feature Pack, allows remote attackers to execute arbitrary code via a long request. NOTE: this might be a reservation...

CVE-2007-2514

Stack-based buffer overflow in XferWan.exe as used in multiple products including 1 Symantec Discovery 6.5, 2 Numara Asset Manager 8.0, and 3 Centennial UK Ltd Discovery 2006 Feature Pack, allows remote attackers to execute arbitrary code via a long request. NOTE: this might be a reservation...

CVE-2007-2514

Stack-based buffer overflow in XferWan.exe as used in multiple products including 1 Symantec Discovery 6.5, 2 Numara Asset Manager 8.0, and 3 Centennial UK Ltd Discovery 2006 Feature Pack, allows remote attackers to execute arbitrary code via a long request. NOTE: this might be a reservation...

CVE-2007-2514

CVE-2007-2514 is a stack-based buffer overflow in the CentennialXferWan service (XferWan.exe) used by Centennial Discovery 2006 Feature Pack, Symantec Discovery 6.5, and Numara Asset Manager 8.0. The overflow occurs when processing overly long strings in TCP requests, due to insufficient boundary...

TPTI-07-10: Centennial Software XferWan.exe Stack Overflow Vulnerability

TPTI-07-10: Centennial Software XferWan.exe Stack Overflow Vulnerability http://dvlabs.tippingpoint.com/advisory/TPTI-07-10 June 4, 2007 -- CVE ID: CVE-2007-2514 -- Affected Vendor: Centennial Software -- Affected Products: Symantec Discovery 6.5 -- TippingPointTM IPS Customer Protection:...

Symantec Discovery Server Detection

Binary data 3998.prm...

Buffer overflow

Multiple buffer overflows in the CentennialIPTransferServer service XFERWAN.EXE, as used by 1 Centennial Discovery 2006 Feature Pack 1, 2 Numara Asset Manager 8.0, and 3 Symantec Discovery 6.5, allow remote attackers to execute arbitrary code via long strings in a crafted TCP packet...

CVE-2007-1173

Multiple buffer overflows in the CentennialIPTransferServer service XFERWAN.EXE, as used by 1 Centennial Discovery 2006 Feature Pack 1, 2 Numara Asset Manager 8.0, and 3 Symantec Discovery 6.5, allow remote attackers to execute arbitrary code via long strings in a crafted TCP packet...

CVE-2007-1173

CVE-2007-1173 describes a buffer overflow flaw in the CentennialIPTransferServer (XFERWAN.EXE) used by Centennial Discovery 2006 Feature Pack 1, Numara Asset Manager 8.0, and Symantec Discovery 6.5. The vulnerability arises from processing long strings in crafted TCP packets, enabling remote arbi...

CVE-2005-3316

The installation of ON Symantec Discovery 4.5.x and Symantec Discovery 6.0 creates the 1 DiscoveryWeb and 2 DiscoveryRO database accounts with null passwords, which could allow attackers to gain privileges or prevent Discovery from running by setting another password...

CVE-2005-3316

The installation of ON Symantec Discovery 4.5.x and Symantec Discovery 6.0 creates the 1 DiscoveryWeb and 2 DiscoveryRO database accounts with null passwords, which could allow attackers to gain privileges or prevent Discovery from running by setting another password...

[SA17302] Symantec Discovery Database Accounts Null Password

TITLE: Symantec Discovery Database Accounts Null Password SECUNIA ADVISORY ID: SA17302 VERIFY ADVISORY: http://secunia.com/advisories/17302/ CRITICAL: Moderately critical IMPACT: Manipulation of data, Exposure of sensitive information WHERE: From local network SOFTWARE: Symantec Discovery 6.x...