13 matches found
Symantec Backup Exec System Recovery Manager 7.0 FileUpload Class Unauthorized File Upload Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/27487/info Symantec Backup Exec System Recovery Manager is prone to a vulnerability that allows arbitrary unauthorized files to be uploaded to any location on the affected server. This issue resides in the Symantec...
Backup Exec System Recovery Manager <= 7.0.1 File Upload Exploit
No description provided by source. ?xml version=1.0? html xmlns=http://www.w3.org/1999/xhtml headtitleFile Upload POC/title/head body h2 Backup Exec System Recovery Manager 7.0brFile Upload POC/h2 form action=https://TARGET:8443/axis/FileUpload method=post enctype=multipart/form-data Remote Path:...
CVE-2008-2512
Directory traversal vulnerability in Symantec Backup Exec System Recovery Manager 7.x before 7.0.4 and 8.x before 8.0.2 allows remote attackers to read arbitrary files via unspecified vectors...
Directory traversal
Directory traversal vulnerability in Symantec Backup Exec System Recovery Manager 7.x before 7.0.4 and 8.x before 8.0.2 allows remote attackers to read arbitrary files via unspecified vectors...
CVE-2008-2512
Directory traversal vulnerability in Symantec Backup Exec System Recovery Manager 7.x before 7.0.4 and 8.x before 8.0.2 allows remote attackers to read arbitrary files via unspecified vectors...
CVE-2008-2512
CVE-2008-2512 is a directory-traversal vulnerability in Symantec Backup Exec System Recovery Manager (BESR) (7.x before 7.0.4 and 8.x before 8.0.2). A remote, unauthenticated attacker can exploit an inadequate sanitization in the Tomcat-based servlet (reportsfile) to read arbitrary files on the a...
Symantec Backup Exec System Recovery Manager Traversal Arbitrary File Access
The remote host appears to be running Symantec Backup Exec System Recovery Manager, a backup manager solution. The Tomcat servlet 'reportsfile' included in the version of Backup Exec System Recovery Manager installed on the remote host fails to properly sanitize user input to the 'filename'...
Symantec Backup Exec系统还原管理器FileUpload类非授权文件上传漏洞
BUGTRAQ ID: 27487 CVECAN ID: CVE-2008-0457 Symantec Backup Exec是一款全面的数据备份解决方案。 Symantec Backup Exec系统还原管理器的运行在Symantec LiveState Apache Tomcat服务器(TCP 8080端口)上的FileUpload类存在安全漏洞。如果远程攻击者向该服务器提交了恶意的HTTP POST请求的话,就可以向公开可访问的web目录上传JSP脚本,导致执行任意代码。 Symantec Backup Exec System Recovery Manager 7.0.1...
Backup Exec System Recovery Manager <= 7.0.1 File Upload Exploit
No description provided by source. ?xml version="1.0"? html xmlns="http://www.w3.org/1999/xhtml" headtitleFile Upload POC/title/head body h2 Backup Exec System Recovery Manager 7.0brFile Upload POC/h2 form action="https://TARGET:8443/axis/FileUpload" method="post" enctype="multipart/form-data"...
backupexec-upload.txt
File Upload POC Backup Exec System Recovery Manager 7.0File Upload POC :8443/axis/FileUpload" method="post" enctype="multipart/form-data" Remote Path: File to upload: cBastardLabs 2008...
Backup Exec System Recovery Manager <= 7.0.1 File Upload Exploit
Exploit for unknown platform in category remote exploits ================================================================ Backup Exec System Recovery Manager File Upload POC Backup Exec System Recovery Manager 7.0File Upload POC :8443/axis/FileUpload" method="post" enctype="multipart/form-data"...
Backup Exec System Recovery Manager 7.0.1 - Arbitrary File Upload
Backup Exec System Recovery Manager 7.0.1 - Arbitrary File Upload File Upload POC Backup Exec System Recovery Manager 7.0File Upload POC :8443/axis/FileUpload" method="post" enctype="multipart/form-data" Remote Path: File to upload: cBastardLabs 2008. milw0rm.com 2008-02-07...
Symantec Backup Exec System Recovery Manager 7.0 - FileUpload Class Unauthorized File Upload
Symantec Backup Exec System Recovery Manager 7.0 - FileUpload Class Unauthorized File Upload source: https://www.securityfocus.com/bid/27487/info Symantec Backup Exec System Recovery Manager is prone to a vulnerability that allows arbitrary unauthorized files to be uploaded to any location on the...