26 matches found
Oracle VM Server Virtual Server Agent Command Injection
No description provided by source. $Id: oraclevmagentutl.rb 10821 2010-10-25 20:58:49Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms o...
Oracle Virtual Server Agent Command Injection
Added: 11/26/2010 CVE: CVE-2010-3582 BID: 44031 Background Oracle VM software provides virtualization technology that allows running multiple instances of x86 virtual computers simultaneously within the host operating system. It supports many Oracle and non-Oracle based systems such as Windows,...
[Onapsis Security Advisory 2010-010] Oracle Virtual Server Agent Local Privilege Escalation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Onapsis Security Advisory 2010-0010: Oracle Virtual Server Agent Local Privilege Escalation This advisory can be downloaded in PDF format from http://www.onapsis.com/research.html. By downloading this advisory from the Onapsis Resource Center, you wil...
Oracle VM Server Virtual Server Agent Command Injection
$Id: oraclevmagentutl.rb 10821 2010-10-25 20:58:49Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Oracle VM Server Virtual Server Agent - Command Injection (Metasploit)
$Id: oraclevmagentutl.rb 10821 2010-10-25 20:58:49Z jduck $ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...
Oracle VM Server Virtual Server Agent Command Injection
This module exploits a command injection flaw within Oracle's VM Server Virtual Server Agent ovs-agent service. By including shell meta characters within the second parameter to the 'utltesturl' XML-RPC methodCall, an attacker can execute arbitrary commands. The service typically runs with root...