14 matches found
EUVD-2016-4745
Malware in sbrugna...
CVE-2023-46960
Buffer Overflow vulnerability in PyPXE v.1.8.4 allows a remote attacker to cause a denial of service via the handle function in the tftp module...
Buffer Overflow
pypxe is vulnerable to Buffer Overflow. The vulnerability is due to insufficient input validation in the handle function within the tftp module, which allows a remote attacker to cause a Denial of Service...
GHSA-82WX-RXF8-FXCH PyPXE Buffer Overflow vulnerability
Buffer Overflow vulnerability in PyPXE v.1.8.4 allows a remote attacker to cause a denial of service via the handle function in the tftp module...
PyPXE Buffer Overflow vulnerability
Buffer Overflow vulnerability in PyPXE v.1.8.4 allows a remote attacker to cause a denial of service via the handle function in the tftp module...
CVE-2023-46960
Buffer Overflow vulnerability in PyPXE v.1.8.4 allows a remote attacker to cause a denial of service via the handle function in the tftp module...
CVE-2023-46960
PyPXE v1.8.4 is affected by a Buffer Overflow in the tftp module’s handle function, enabling remote denial of service. CVSS v3.1 base score 8.6 (Network, High severity). There is no explicit exploit status in the documents. A potential workaround from PT-2024-13396 is to disable the handle functi...
PT-2024-13396 · Pypxe · Pypxe
Name of the Vulnerable Software and Affected Versions: PyPXE version 1.8.4 Description: The issue allows a remote attacker to cause a denial of service via the handle function in the tftp module. Recommendations: For PyPXE version 1.8.4, consider disabling the handle function in the tftp module a...
CVE-2023-46960
Buffer Overflow vulnerability in PyPXE v.1.8.4 allows a remote attacker to cause a denial of service via the handle function in the tftp module...
TFTP Fetch, Windows x64 Command Shell, Bind TCP Inline
Fetch and execute an x64 payload from a TFTP server. Listen for a connection and spawn a command shell Windows x64 Module Options msf use payload/cmd/windows/tftp/x64/shellbindtcp msf payloadshellbindtcp show actions ...actions... msf payloadshellbindtcp set ACTION msf payloadshellbindtcp show...
CVE-2016-3728
Eval injection vulnerability in tftpapi.rb in the TFTP module in the Smart-Proxy in Foreman before 1.10.4 and 1.11.x before 1.11.2 allows remote attackers to execute arbitrary code via the PXE template type portion of the PATHINFO to tftp/...
Sql injection
Eval injection vulnerability in tftpapi.rb in the TFTP module in the Smart-Proxy in Foreman before 1.10.4 and 1.11.x before 1.11.2 allows remote attackers to execute arbitrary code via the PXE template type portion of the PATHINFO to tftp/...
CVE-2016-3728
Summary: CVE-2016-3728 describes an eval-injection in Foreman’s Smart-Proxy TFTP module (tftp_api.rb) that allows an attacker to execute arbitrary code via the PATH_INFO PXE template type. Affected: Foreman/Smart-Proxy prior to 1.10.4 and 1.11.x prior to 1.11.2. Impact: remote code execution with...
Critical: Red Hat Security Advisory: foreman-proxy security update
An updated foreman-proxy package that fixes one security issue is now available for Red Hat Enterprise Linux OpenStack Platform 3.0 and 4.0. The Red Hat Security Response Team has rated this update as having Critical security impact. A Common Vulnerability Scoring System CVSS base score, which...