16 matches found
EUVD-2005-2771
Malware in sbrugna...
EUVD-2005-2772
Malware in sbrugna...
NetGain Systems Enterprise Manager TFtpServer Filename Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of NetGain Systems Enterprise Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of WRQ requests. When parsing the Filename field, th...
CVE-2017-7237
The Spiceworks TFTP Server, as distributed with Spiceworks Inventory 7.5, allows remote attackers to access the Spiceworks data\configurations directory by leveraging the unauthenticated nature of the TFTP service for all clients who can reach UDP port 69, as demonstrated by a WRQ aka Write reque...
TFTP Server 1.4 - WRQ Buffer Overflow (Egghunter)
Exploit for windows platform in category remote exploits Exploit Title: TFTP Server 1.4 - WRQ Buffer Overflow Exploit Egghunter Exploit Author: Karn Ganeshen Vendor Homepage: http://sourceforge.net/projects/tftp-server/ Version: 1.4 Tested on: Windows Vista SP2 Coded this for Vista Ultimate,...
TFTP Server for Windows 1.4 ST WRQ Buffer Overflow
This module exploits a vulnerability found in TFTP Server 1.4 ST. The flaw is due to the way TFTP handles the filename parameter extracted from a WRQ request. The server will append the user-supplied filename to TFTP server binary's path without any bounds checking, and then attempt to check this...
CVE-2011-1849
tftpserver.exe in HP Intelligent Management Center IMC 5.0 before E0101L02 allows remote attackers to create or overwrite files, and subsequently execute arbitrary code, via a crafted WRQ request...
HP iMC 5.0 TFTP WRQ "Remote Code Execution" Vulnerability
HP Intelligent Management Center contains a flaw related to thetftpserver.exe component allowing the creation or upload of arbitrary files when handling Write Request packets. This may allow a remote attacker to upload arbitrary files which will allow for the execution of arbitrary code as the...
ZDI-11-161: HP 3COM/H3C Intelligent Management Center tftpserver WRQ Remote Code Execution Vulnerability
ZDI-11-161: HP 3COM/H3C Intelligent Management Center tftpserver WRQ Remote Code Execution Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-11-161 May 10, 2011 -- CVE ID: CVE-2011-1849 -- CVSS: 10, AV:N/AC:L/Au:N/C:C/I:C/A:C -- Affected Vendors: Hewlett-Packard -- Affected Products:...
HP 3COM/H3C Intelligent Management Center tftpserver WRQ Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of HP H3C Intelligent Management Center. Authentication is not required to exploit this vulnerability. The flaw exists within the tftpserver.exe component which listens by default on UDP port 69. When...
[SA18843] WRQ Reflection Secure IT SFTP Format String Vulnerability
TITLE: WRQ Reflection Secure IT SFTP Format String Vulnerability SECUNIA ADVISORY ID: SA18843 VERIFY ADVISORY: http://secunia.com/advisories/18843/ CRITICAL: Moderately critical IMPACT: System access WHERE: From remote SOFTWARE: WRQ Reflection for Secure IT UNIX Server 6.x...
CVE-2005-2771
WRQ Reflection for Secure IT Windows Server 6.0 formerly known as F-Secure SSH server processes access and deny lists in a case-sensitive manner, when previous versions were case-insensitive, which might allow remote attackers to bypass intended restrictions and login to accounts that should be...
CVE-2005-2770
WRQ Reflection for Secure IT Windows Server 6.0 formerly known as F-Secure SSH server does not properly handle when the Windows Administrator or Guest accounts are renamed after SSH key authentication has been configured, which allows remote attackers to use the original names during login...
CVE-2005-2771
WRQ Reflection for Secure IT Windows Server 6.0 formerly known as F-Secure SSH server processes access and deny lists in a case-sensitive manner, when previous versions were case-insensitive, which might allow remote attackers to bypass intended restrictions and login to accounts that should be...
CVE-2005-2770
WRQ Reflection for Secure IT Windows Server 6.0 formerly known as F-Secure SSH server does not properly handle when the Windows Administrator or Guest accounts are renamed after SSH key authentication has been configured, which allows remote attackers to use the original names during login...
CVE-2005-2771
CVE-2005-2771 affects AttachmateWRQ Reflection for Secure IT Server (Windows) prior to 6.0 Build 24. The issue arises because access/deny lists are evaluated case-sensitively in vulnerable versions, whereas earlier versions were case-insensitive, potentially allowing login to accounts that should...