Buffer Overflows Patched in Yokogawa Control System Products

Patches for critical vulnerabilities in production control system software built by Yokogawa Electric Corp. of Japan are available, according to an advisory issued Tuesday by the Industrial Control System Cyber Emergency Response Team ICS-CERT. The advisory warns that there are publicly available...

VMSA-2013-0014 VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalation (remote check)

VMware Workstation, Fusion, ESXi and ESX patches address a vulnerability in the LGTOSYNC.SYS driver which could result in a privilege escalation on older Windows-based Guest Operating Systems. OpenVAS Vulnerability Test $Id: gbVMSA-2013-0014remote.nasl 6093 2017-05-10 09:03:18Z teissa $...

VMware ESXi and ESX patches address a guest privilege escalation (VMSA-2013-0014) - Remote Version Check

VMware ESXi and ESX patches address a vulnerability in the LGTOSYNC.SYS driver which could result in a privilege escalation on older Windows-based Guest Operating Systems. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are...

ESXi 5.0 < Build 1022489 Multiple Vulnerabilities (remote check)

The remote VMware ESXi 5.0 host is affected by the following vulnerabilities : - An off-by-one overflow condition exists in the xmlXPtrEvalXPtrPart function due to improper validation of user-supplied input. An unauthenticated, remote attacker can exploit this, via a specially crafted XML file, t...

Syslog Watcher Pro &#39;Date&#39; Parameter Cross Site Scripting Vulnerability

Title: Syslog Watcher Pro 'Date' Parameter Cross Site Scripting Vulnerability Software : Syslog Watcher Pro Software Version : v2.8.0.812Jun 15, 2009 Vendor: http://www.snmpsoft.com/ Vulnerability Published : 2013-04-27 Vulnerability Update Time : Status : Impact : MediumCVSS2 Base : 6.4,...

Syslog Watcher Pro 2.8.0.812 - Date Cross-Site Scripting

Syslog Watcher Pro 2.8.0.812 - Date Cross-Site Scripting Title: Syslog Watcher Pro 'Date' Parameter Cross Site Scripting Vulnerability Software : Syslog Watcher Pro Software Version : v2.8.0.812Jun 15, 2009 Vendor: http://www.snmpsoft.com/ Vulnerability Published : 2013-04-27 Vulnerability Update...

Syslog Watcher Pro 2.8.0.812 - &#039;Date&#039; Cross-Site Scripting

Title: Syslog Watcher Pro 'Date' Parameter Cross Site Scripting Vulnerability Software : Syslog Watcher Pro Software Version : v2.8.0.812Jun 15, 2009 Vendor: http://www.snmpsoft.com/ Vulnerability Published : 2013-04-27 Vulnerability Update Time : Status : Impact : MediumCVSS2 Base : 6.4,...

[Resolver 1.0.9] Reverse DNS Lookup for a range of IP’s

Resolver is a windows based tool which designed to preform a reverse DNS Lookup for a given IP address or for a range of IP’s in order to find its PTR. Updated to Version 1.0.3 added dns records brute force. Version 1.0.4 added stop button. Features Resolve a single IP address Resolve a C class I...

Rosewill RSVA11001 - Remote Command Injection

Exploit for hardware platform in category remote exploits I have been hacking on a Rosewill RSVA11001 for a while now, something to suck up my free time. I had pulled apart the firmware previously but did not succeed in finding a way to get a shell on the device. The box is Hi3515 based, I found ...

Rosewill RSVA11001 Remote Code Execution

I have been hacking on a Rosewill RSVA11001 for a while now, something to suck up my free time. I had pulled apart the firmware previously but did not succeed in finding a way to get a shell on the device. The box is Hi3515 based, I found an exploit for another similar box Ray Sharp but it did no...

VMware Workstation 8.x < 8.0.5 / 9.x < 9.0.1 VMCI Privilege Escalation (VMSA-2013-0002)

The version of VMware Workstation installed on the remote host is a version prior to 8.0.5 / 9.0.1. It is, therefore, reportedly affected by a privilege escalation vulnerability in the Virtual Machine Communication Interface VMCI in the 'VMCI.sys' driver. By exploiting this issue, a local attacke...

VMSA-2013-0002 VMware ESX, Workstation, Fusion, and View VMCI privilege escalation vulnerability

The remote ESXi is missing one or more security related Updates from VMSA-2013-0002. OpenVAS Vulnerability Test $Id: gbVMSA-2013-0002.nasl 6086 2017-05-09 09:03:30Z teissa $ VMSA-2013-0002 VMware ESX, Workstation, Fusion, and View VMCI privilege escalation vulnerability Authors: Michael Meyer...

VMware Fixes Privilege Escalation Vulnerability

Virtualization software maker VMware issued an update last Thursday resolving a virtual machine communication interface VMCI vulnerability in its ESX Server, Workstation, Fusion and View products that could lead to a privilege escalation if unpatched. According to the VMware security advisory, a...

VMSA-2013-0002:VMware ESX, Workstation, Fusion, and View VMCI privilege escalation vulnerability

VMSA-2013-0002.1 VMware ESX, Workstation, Fusion, and View VMCI privilege escalation vulnerability VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2013-0002.1 VMware Security Advisory Synopsis: VMware ESX, Workstation, Fusion, and View VMCI privilege escalation vulnerability...

VMware Player Local Privilege Escalation (VMSA-2012-0007)

The VMware Player installation detected on the remote host is 4.0.x earlier than 4.0.2 and thus is potentially affected by a local privilege escalation vulnerability because the access control list of the VMware Tools folder is incorrectly set. By exploiting this issue, a local attacker could...

VMware Products Local Privilege Escalation (VMSA-2012-0007)

The VMware Workstation installation detected on the remote host is 8.x earlier than 8.0.2 and thus is potentially affected by a local privilege escalation vulnerability because the access control list of the VMware Tools folder is incorrectly set. By exploiting this issue, a local attacker could...

VMware ESXi/ESX patches resolve multiple security issues (VMSA-2010-0007)

The remote ESXi is missing one or more security related Updates from VMSA-2010-0007. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

VMSA-2012-0005:VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, ESXi and ESX address several security issues

VMSA-2012-0005.4 VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, Workstation, Player, ESXi and ESX address several security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2012-0005.4 VMware Security Advisory Synopsis: VMware vCenter Server...

Microsoft Office ClickOnce Unsafe Execution

Added: 01/16/2012 CVE: CVE-2012-0013 BID: 51284 OSVDB: 78207 Background ClickOnce is a deployment technology that allows developers to create self-updating Windows-based applications that can be installed and run with minimal user interaction. A ClickOnce application is any Windows Presentation...

SonicWALL ViewPoint Server Detection

SonicWALL ViewPoint Server reporting software was detected on the remote host. ViewPoint Server is a Windows-based software application that utilizes a built-in web server to provide reporting functionality for SonicWALL hardware and virtual appliances. C Tenable Network Security, Inc...