Alt-N SecurityGateway username Buffer Overflow

$Id: altnsecuritygateway.rb 8010 2009-12-28 20:38:50Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

X.Org X Font Server Handlers Integer Overflow (CVE-2007-4568)

X.Org foundation's X Window System commonly X11 or X Window is a networking and display protocol which provides windowing on bitmap displays. It provides the standard toolkit and protocol to build graphical user interfaces GUIs on Unix-like operating systems and OpenVMS, and is supported by almos...

Alt-N SecurityGateway username Buffer Overflow

Alt-N SecurityGateway is prone to a buffer overflow condition. This is due to insufficient bounds checking on the "username" parameter. Successful exploitation could result in code execution with SYSTEM level privileges. NOTE: This service doesn't restart, you'll only get one shot. However, it...

BakBone NetVault Messages Buffer Overflow (CVE-2005-1009)

NetVault is a multi-platform backup and restore software suite produced by BakBone Software. The product uses a client-server architecture and is capable of networked backup tasks. The product has separate network communication mechanisms to facilitate backup and management functions. The client...

Novell ZENworks Asset Management Msg.dll Buffer Overflow (CVE-2006-6299)

ZENworks Asset Management is an IT asset management suite developed by Novell. The product integrates asset inventory, software usage and license reconciliation functionality. The ZENworks Asset Management suite is based on a client/server architecture. A set of management servers collects data o...

Alt-N WebAdmin USER Buffer Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Alt-N WebAdm...

EMC Legato NetWorker Remote Execution Service Buffer Overflow (CVE-2007-3618)

EMC Legato NetWorker is an enterprise level backup and recovery suite product. It provides backup functionality for Windows, Linux, Unix, Netware, and VMS environments. EMC Legato NetWorker is designed with a Server-Agent principle. The communication between nodes is facilitated via a series of...

Microsoft Windows Web Services on Devices API Remote Code Execution Vulnerability

Description Microsoft Windows is prone to a remote code-execution vulnerability. An attacker can exploit this issue to execute code with SYSTEM-level privileges. Failed exploit attempts will likely cause denial-of-service conditions. Technologies Affected Microsoft Windows Server 2008 Datacenter...

Microsoft Windows License Logging Server Remote Heap Buffer Overflow Vulnerability

Description The Microsoft Windows License Logging Server is prone to a remote heap-based buffer-overflow vulnerability because the application fails to perform adequate boundary checks on user-supplied data. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges...

MailEnable IMAP STATUS Command Buffer Overflow (CVE-2005-2278)

The Internet Message Access Protocol IMAP specifies a protocol for the access and manipulation of electronic mail. The protocol permits the manipulation of mailboxes on a remote server and allows a remote client, among other operations, to create, delete, or rename mailboxes on the server side. T...

Symantec VERITAS Storage Foundation Administrator Service Buffer Overflow (CVE-2008-0638)

Symantec VERITAS Storage Foundation, provides a complete solution for heterogeneous online storage management. Storage Foundation Management Server allows centralized storage management capabilities across a broad array of operating systems and storage hardware. There exists a buffer overflow...

Trend Micro ServerProtect TMregChange Stack Overflow (CVE-2007-4731)

Trend Micro ServerProtect offers anti-virus scanning for servers, detecting and removing viruses from files and compressed files. The product provides centralized control over a Windows-based management console for control of virus outbreaks, virus scanning, virus pattern file updates,...

Castle Rock Computing SNMPc Network Manager Community String Buffer Overflow (CVE-2008-2214)

SNMPc is a secure distributed network management system developed by Castle Rock Computing. SNMPc uses Simple Network Management Protocol SNMP to communicate with other network entities. A buffer overflow vulnerability exists in Castle Rock Computing SNMPc Network Manager. The vulnerability can b...

Microsoft Windows Kernel NULL Pointer Dereference Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. The vulnerability stems from a NULL-pointer dereference. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will resu...

Microsoft Windows Kernel Integer Underflow Local Privilege Escalation Vulnerability

Description Microsoft Windows is prone to a local privilege-escalation vulnerability that occurs in the Windows kernel. The vulnerability is caused by an integer-underflow issue. An attacker can exploit this issue to execute arbitrary code with SYSTEM-level privileges. Successful exploits will...

Symantec AntiVirus RAR Archive Decompression Buffer Overflow (CVE-2005-4438)

Symantec antivirus scanning products are designed for enterprise and home environments for protection from potentially malicious files and network traffic. Numerous Symantec products that incorporate the antivirus scanning capabilities share among them common components and libraries. One such...

Apple Mac OS X Installer Package Filename Format String (CVE-2007-0465)

Apple Computer Mac OS X is the operating system shipped with Apple Macintosh computers. The Installer component is an application included in Mac OS X systems which extracts and installs applications from installation packages. The installer provides features which allow developers to customize...

Trend Micro OfficeScan Server cgiRecvFile Buffer Overflow (CVE-2008-2437)

Trend Micro OfficeScan is a centralized virus and security scan management system. It is meant to consolidate the coordination of security scan actions and the management of Trend Micro virus scanner products installed on nodes of an enterprise network. The product is a central command centre for...

Microsoft Windows SMB2 '_Smb2ValidateProviderCallback()' Remote Code Execution Vulnerability

Microsoft Windows is prone to a remote code-execution vulnerability when processing the protocol headers for the Server Message Block SMB Negotiate Protocol Request. NOTE: Reportedly, for this issue to be exploitable, file sharing must be enabled. An attacker can exploit this issue to execute cod...

Adobe RoboHelp Server 8 - Authentication Bypass

source: https://www.securityfocus.com/bid/36245/info Adobe RoboHelp Server is prone to an authentication-bypass vulnerability. An attacker can exploit this issue to upload and execute arbitrary code with SYSTEM-level privileges. RoboHelp Server 8.0 is affected; other versions may also be...