Lucene search
K
SaintMost viewed

4305 matches found

Saint
Saint
•added 2006/03/15 12:0 a.m.•20 views

IMail IMAP FETCH command buffer overflow

Added: 03/15/2006 CVE: CVE-2005-3526 BID: 17063 OSVDB: 23796 Background IMail is a mail server for Windows including SMTP, IMAP, and LDAP services. Problem A buffer overflow vulnerability in IMail allows remote authenticated attackers to execute arbitrary commands by sending a specially crafted...

6.5CVSS7.7AI score0.07246EPSS
Exploits4
Saint
Saint
•added 2006/01/04 12:0 a.m.•20 views

IMail IMAP LOGIN special character vulnerability

Added: 01/04/2006 CVE: CVE-2005-1255 BID: 13727 OSVDB: 16804 Background IMail is a mail server for Windows platforms. It includes SMTP, POP, IMAP, and LDAP services, a web interface, and web calendaring. Problem A remote attacker could execute arbitrary commands by sending a long specially crafte...

10CVSS7.5AI score0.42813EPSS
Exploits6
Saint
Saint
•added 2005/11/30 12:0 a.m.•20 views

VERITAS NetBackup Java Administration Console format string vulnerability

Added: 11/30/2005 CVE: CVE-2005-2715 BID: 15079 OSVDB: 19949 Background VERITAS NetBackup is a backup and recovery solution for multiple platforms. Problem The bpjava-msvc component of the Java Administration Console in Veritas NetBackup 4.5 through 6.0 is affected by a format string vulnerabilit...

10CVSS6.5AI score0.60356EPSS
Exploits6
Saint
Saint
•added 2014/09/16 12:0 a.m.•19 views

ALCASAR index.php Crafted HTTP host Header Vulnerability

Added: 09/16/2014 BID: 69662 OSVDB: 111026 Background ALCASAR is a free Network Access Controller that allows network managers to restrict Internet service access to authenticated users. ALCASAR allows control and logging of all network activity by users and/or defined user groups. Problem ALCASA...

1.8AI score
Exploits0
Saint
Saint
•added 2014/06/24 12:0 a.m.•19 views

TRENDnet Shell

Added: 06/24/2014 Background TRENDnet routers are vulnerable to a range of SQL injection, command injection, and buffer overflow vulnerabilities. Current supported devices include: TEW-654TR - Remote Root Shell TEW-732BR - Remote Root Shell Problem A SQL injection vulnerability allows the attacke...

2.7AI score
Exploits0
Saint
Saint
•added 2012/12/27 12:0 a.m.•19 views

WibuKey Runtime WkWin32.dll module DisplayMessageDialog overflow

Added: 12/27/2012 BID: 56678 OSVDB: 87881 Background WibuKey is a software protection and licensing solution. Problem A vulnerability in the WkWin32.dll ActiveX control in WibuKey Runtime allows command execution when a web page calls the DisplayMessageDialog method with a long, specially crafted...

7.4AI score
Exploits0
Saint
Saint
•added 2012/05/11 12:0 a.m.•19 views

Netop Remote Control DWS File Stack Buffer Overflow

Added: 05/11/2012 BID: 47631 OSVDB: 72291 Background NetOp Remote Control provides secure remote control and support for workstations, servers, embedded systems, and mobile devices. Problem NetOp Remote Control is vulnerable to stack buffer overflow as a result of failing to properly sanitize...

8.5AI score
Exploits0
Saint
Saint
•added 2012/05/11 12:0 a.m.•19 views

Netop Remote Control DWS File Stack Buffer Overflow

Added: 05/11/2012 BID: 47631 OSVDB: 72291 Background NetOp Remote Control provides secure remote control and support for workstations, servers, embedded systems, and mobile devices. Problem NetOp Remote Control is vulnerable to stack buffer overflow as a result of failing to properly sanitize...

1.6AI score
Exploits0
Saint
Saint
•added 2012/04/13 12:0 a.m.•19 views

Tivoli Provisioning Manager Express ActiveX RunAndUploadFile vulnerability

Added: 04/13/2012 CVE: CVE-2012-0198 BID: 52252 OSVDB: 79735 Background Tivoli Provisioning Manager Express for Software Distribution is a software inventory and distribution solution. Problem A buffer overflow vulnerability in the RunAndUploadFile method in the Isig.isigCtl.1 ActiveX control...

9.3CVSS7AI score0.37437EPSS
Exploits6
Saint
Saint
•added 2012/03/23 12:0 a.m.•19 views

Dell Webcam Software ActiveX Control CrazyTalk4Native.dll Buffer Overflow

Added: 03/23/2012 BID: 52571 OSVDB: 80205 Background Dell Webcam center was written by Creative and branded by Dell. It includes features to control the Dell laptop's integrated webcam, providing photo capture and video recording capability. It comes bundled with Creative Livecam, which provides...

7.7AI score
Exploits0
Saint
Saint
•added 2012/03/20 12:0 a.m.•19 views

CA Total Defense UNCWS exportReport SQL Injection

Added: 03/20/2012 OSVDB: 78930 Background CA Total Defense is a combined host-based anti-virus, anti-spyware, firewall, and IPS solution. Problem CA Total Defense includes a web service management component, which in version r12 prior to SE3, fails to validate certain parameters. The exportReport...

0.8AI score
Exploits0
Saint
Saint
•added 2011/12/27 12:0 a.m.•19 views

Traq authenticate function remote code execution

Added: 12/27/2011 BID: 50961 OSVDB: 77556 Background Traq is a PHP5+ and MySQL4+ based Project Tracking system with the ability to host multiple projects. Problem The flaw is caused due to admin rights not properly being restricted in the "authenticate" function in admincp/common.php. This can be...

0.8AI score
Exploits0
Saint
Saint
•added 2011/12/12 12:0 a.m.•19 views

BroadWin WebAccess SCADA Client ActiveX Format String

Added: 12/12/2011 OSVDB: 74897 Background BroadWin WebAccess is a web-based SCADA reporting and control solution. Problem BroadWin WebAccess installs an ActiveX Control in the user's browser. The OcxSpool function of this control accepts a parameter that is evaluated using a format string. A form...

7.3AI score
Exploits0
Saint
Saint
•added 2011/11/21 12:0 a.m.•19 views

Oracle Hyperion Financial Management ActiveX Heap Overflow

Added: 11/21/2011 BID: 50565 OSVDB: 76913 Background Oracle Hyperion Financial Management is a web-based financial consolidation, reporting and analysis solution. Problem Hyperion Financial Management webapp installs an ActiveX control on the target system. This control is marked as safe for...

7.1AI score
Exploits0
Saint
Saint
•added 2011/10/24 12:0 a.m.•19 views

ACD Systems Fotoslate PLP File ID Parameter Buffer Overflow

Added: 10/24/2011 CVE: CVE-2011-2595 BID: 49558 OSVDB: 75425 Background ACD Systems FotoSlate 4 Photo Print Studio allows users to create contact sheets or wallet sized prints, choose themed frames, and create custom calendars. Problem Fotoslate 4.0 Build 146 is vulnerable to remote code executio...

10CVSS7AI score0.6128EPSS
Exploits8
Saint
Saint
•added 2011/07/14 12:0 a.m.•19 views

Get OS X 10.7 Hashes

Added: 07/14/2011 Background This tool attempts to retrieve the SHA 512 password hashes stored by OS X Lion 10.7.x Acounts are enumerated using dscl . list /Users/ and password hashes are eunmerated using dscl . read /Users/ Limitations A connection to the target is required to run this tool. The...

0.6AI score
Exploits0
Saint
Saint
•added 2011/03/18 12:0 a.m.•19 views

AOL Desktop .rtx File Buffer Overflow

Added: 03/18/2011 BID: 46129 OSVDB: 70741 Background AOL Desktop is an internet suite that integrates a web browser, media player, and IM client. Problem A heap overflow vulnerability exists in the Rich Text file parser of AOL Desktop 9.x. In documents with HTML links, the parser does not properl...

1AI score
Exploits0
Saint
Saint
•added 2010/12/10 12:0 a.m.•19 views

Disk Pulse Server GetServerInfo buffer overflow

Added: 12/10/2010 BID: 43919 Background Disk Pulse is a disk change monitoring solution. Problem A buffer overflow vulnerability in Disk Pulse Server allows remote attackers to execute arbitrary commands by sending a specially crafted GetServerInfo request to port 9120/TCP. Resolution Upgrade to ...

3.2AI score
Exploits0
Saint
Saint
•added 2010/10/10 12:0 a.m.•19 views

Reverse Shell Applet

Added: 10/10/2010 Background This tool runs an exploit server which delivers a signed java applet, embedded in an HTML page, to the target hosts. The user is presented with a signed digital certificate which, when accepted, establishes a reverse shell connection back to the exploit server. Proble...

0.9AI score
Exploits0
Saint
Saint
•added 2010/09/13 12:0 a.m.•19 views

Touch22 Image22 ActiveX Control Buffer Overflow

Added: 09/13/2010 BID: 41547 Background Touch22 Software Image22 ActiveX enables dynamic graphic creation and image manipulation from within an application. Problem Touch22 Software Image22 ActiveX Control 1.1.1 is vulnerable to buffer overflow due to a boundary error when handling the function...

0.3AI score
Exploits0
Saint
Saint
•added 2010/08/16 12:0 a.m.•19 views

Novell iPrint Client ActiveX Control ExecuteRequest debug buffer overflow

Added: 08/16/2010 BID: 42100 OSVDB: 66960 Background Novell iPrint is an application which allows users to install and manage printers. Novell iPrint installs the Novell iPrint Control ActiveX control named ienipp.ocx. Problem A buffer overflow vulnerability in ienipp.ocx allows command execution...

1.8AI score
Exploits0
Saint
Saint
•added 2010/06/24 12:0 a.m.•19 views

TweakFS Zip Utility for FSX filename buffer overflow

Added: 06/24/2010 CVE: CVE-2010-1458 BID: 39565 OSVDB: 63899 Background The TweakFS Zip Utility is included in the TweakFS Flight Simulator X Utilities. Problem A buffer overflow vulnerability in the TweakFS Zip Utility allows command execution when a user opens a ZIP archive containing a long,...

6.8CVSS6.8AI score0.04668EPSS
Exploits10
Saint
Saint
•added 2010/01/28 12:0 a.m.•19 views

PHP Remote File Inclusion

Added: 01/28/2010 Background PHP scripts support the include and require statements, which cause an outside script to be run within the calling script. The included script can be a local file or, in some configurations, the URL of a remote file. Problem The PHP script is vulnerable to a remote fi...

8.1AI score
Exploits0
Saint
Saint
•added 2010/01/21 12:0 a.m.•19 views

ACD Systems ACDSee Products XBM File Handling Buffer Overflow

Added: 01/21/2010 BID: 37685 Background ACDSee is a suite of products for viewing and organizing photos. Problem A buffer overflow vulnerability in the IDX.apl plug-in allows command execution when a user opens a specially crafted XBM file. Resolution Apply a patch or upgrade when released by the...

0.1AI score
Exploits0
Saint
Saint
•added 2009/11/08 12:0 a.m.•19 views

Serv-U Web Client session cookie handling buffer overflow

Added: 11/08/2009 BID: 36895 OSVDB: 59772 Background Serv-U is an FTP server for Windows platforms. The Serv-U Web Client component provides a browser-based interface to Serv-U. Problem A buffer overflow in the Serv-U Web Client allows remote attackers to execute arbitrary code when overly long...

2.1AI score
Exploits0
Saint
Saint
•added 2009/09/22 12:0 a.m.•19 views

Symantec Altiris eXpress NS SC Download ActiveX control vulnerability

Added: 09/22/2009 BID: 36346 OSVDB: 57893 Background The Altiris eXpress NS SC Download ActiveX control is installed with several products, including Altiris Deployment Solution. Problem The Altiris eXpress NS SC Download ActiveX control allows remote files to be downloaded, saved to arbitrary...

7.4AI score
Exploits0
Saint
Saint
•added 2009/07/06 12:0 a.m.•19 views

Apple iTunes itms: URL buffer overflow

Added: 07/06/2009 CVE: CVE-2009-0950 BID: 35157 OSVDB: 54833 Background iTunes is a free media player for multiple platforms. Problem A buffer overflow vulnerability allows command execution when a user opens a specially crafted itms:// URL. Resolution Upgrade to iTunes 8.2 or higher. References...

9.3CVSS6.8AI score0.28815EPSS
Exploits21
Saint
Saint
•added 2009/05/27 12:0 a.m.•19 views

Password Hash Grabber

Added: 05/27/2009 Background This tool grabs the windows SAM file or password hashes of the target. The SAM file / password hashes can be viewed in the exploit tools previous results section. Results may be used with third party programs to obtain passwords in plain text. Limitations Password Has...

0.5AI score
Exploits0
Saint
Saint
•added 2009/03/05 12:0 a.m.•19 views

Keystroke Logger

Added: 03/05/2009 Background This tool records all keystrokes which are typed at a computer's console. The keystrokes can be viewed in the exploit server's log. Limitations Logger works on Windows targets. A connection to the target is required to run this tool. Platforms Windows...

2.1AI score
Exploits0
Saint
Saint
•added 2009/03/03 12:0 a.m.•19 views

Fujitsu SystemcastWizard Lite PXE service buffer overflow

Added: 03/03/2009 CVE: CVE-2009-0270 BID: 33342 OSVDB: 51486 Background SystemcastWizard Lite is support software for the setup of Primequest systems. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, specially crafted datagram to the...

10CVSS7.8AI score0.05531EPSS
Exploits4
Saint
Saint
•added 2009/01/28 12:0 a.m.•19 views

E-mail attachment execution

Added: 01/28/2009 Background This tool sends an e-mail attachment which, when executed, establishes a command connection. Limitations This tool requires a user to execute the e-mail attachment in order to succeed. This tool requires the IP address of a working mail server which allows relaying of...

1.7AI score
Exploits0
Saint
Saint
•added 2009/01/14 12:0 a.m.•19 views

HP OpenView Network Node Manager getcvdata.exe parameter string buffer overflow

Added: 01/14/2009 CVE: CVE-2008-0067 BID: 33147 Background HP OpenView Network Node Manager is network availability and performance management software. Problem A buffer overflow vulnerability allows remote attackers to execute arbitrary commands by sending an HTTP request for the getcvdata.exe C...

10CVSS7.8AI score0.63419EPSS
Exploits19
Saint
Saint
•added 2008/10/30 12:0 a.m.•19 views

Cyrus IMAP pop3d popsubfolders buffer overflow

Added: 10/30/2008 CVE: CVE-2006-2502 BID: 18056 OSVDB: 25853 Background Cyrus IMAP is an open-source IMAP, POP3, and KPOP server. The popsubfolders configuration option allows POP3 users to access subfolders by specifying the subfolder name when logging in. Problem When the popsubfolders...

5.1CVSS7.9AI score0.53333EPSS
Exploits12
Saint
Saint
•added 2008/08/27 12:0 a.m.•19 views

CMailServer CMailCOM.dll MoveToFolder buffer overflow

Added: 08/27/2008 BID: 30098 OSVDB: 46750 Background CMailServer is a mail and web mail server. The CMailServer web interface includes the CMailCOM.dll component which provides several classes. Problem A buffer overflow vulnerability in the MoveToFolder method of the POP3 class in CMailCOM.dll...

8.6AI score
Exploits0
Saint
Saint
•added 2008/07/18 12:0 a.m.•19 views

Alt-N SecurityGateway username buffer overflow

Added: 07/18/2008 CVE: CVE-2008-4193 BID: 29457 OSVDB: 45854 Background Alt-N SecurityGateway is an e-mail spam firewall for Exchange and SMTP servers. Problem A buffer overflow vulnerability in the web administration interface allows remote attackers to execute arbitrary commands by sending an...

10CVSS7.8AI score0.74612EPSS
Exploits8
Saint
Saint
•added 2008/04/25 12:0 a.m.•19 views

Borland StarTeam Multicast Service parse_request buffer overflow

Added: 04/25/2008 CVE: CVE-2008-0311 BID: 28602 OSVDB: 44039 Background Borland StarTeam is a software change and configuration management system. Problem A buffer overflow vulnerability in the PGMWebHandler::parserequest function in the StarTeam Multicast Service allows remote attackers to execu...

9.3CVSS7.8AI score0.31024EPSS
Exploits8
Saint
Saint
•added 2008/03/18 12:0 a.m.•19 views

RealNetworks Helix Server RTSP Proxy-Require heap overflow

Added: 03/18/2008 CVE: CVE-2008-5911 BID: 33059 Background RealNetworks Helix Server is a media server supporting multiple formats and platforms. Problem A heap overflow vulnerability allows remote attackers to execute arbitrary commands by sending a long, specially crafted Proxy-Require header i...

10CVSS7.6AI score0.06185EPSS
Exploits4
Saint
Saint
•added 2008/03/13 12:0 a.m.•19 views

mIRC PRIVMSG hostname buffer overflow

Added: 03/13/2008 CVE: CVE-2008-4449 BID: 31552 OSVDB: 48752 Background mIRC is an Internet Relay Chat IRC client. Problem A buffer overflow in mIRC allows command execution when a user connects to a malicious IRC server which sends a PRIVMSG message with a long, specially crafted hostname...

9.3CVSS7AI score0.38737EPSS
Exploits8
Saint
Saint
•added 2007/10/05 12:0 a.m.•19 views

Microsoft Visual Basic VBP file buffer overflow

Added: 10/05/2007 CVE: CVE-2007-4776 BID: 25629 OSVDB: 36936 Background Microsoft Visual Basic is a development tool for building Windows applications. Problem A buffer overflow vulnerability in Microsoft Visual Basic allows command execution when a user opens a specially crafted Visual Basic...

9.3CVSS6.8AI score0.48964EPSS
Exploits7
Saint
Saint
•added 2007/09/30 12:0 a.m.•19 views

Microsoft Visual Studio PDWizard.ocx ActiveX vulnerability

Added: 09/30/2007 CVE: CVE-2007-4891 BID: 25638 OSVDB: 37106 Background Microsoft Visual Studio is a product for facilitating software development on Windows operating systems. Problem ActiveX controls contained in the PDWizard.ocx file in Microsoft Visual Studio 6.0 expose the StartProcess metho...

6.8CVSS6.6AI score0.31003EPSS
Exploits6
Saint
Saint
•added 2007/01/19 12:0 a.m.•19 views

BrightStor ARCserve Message Engine opnum 0x2f buffer overflow

Added: 01/19/2007 CVE: CVE-2007-0169 BID: 22005 OSVDB: 31318 Background The BrightStor ARCserve Backup server runs the Message Engine RPC service on ports 6503/TCP and 6504/TCP by default. Problem A buffer overflow in BrightStor ARCserve Backup allows remote attackers to execute arbitrary command...

7.5CVSS7.7AI score0.68809EPSS
Exploits16
Saint
Saint
•added 2006/10/06 12:0 a.m.•19 views

Microsoft Message Queuing buffer overflow

Added: 10/06/2006 CVE: CVE-2005-0059 BID: 13112 OSVDB: 15458 Background Microsoft Message Queuing allows applications which may be running at different times to communicate across a network. Problem A buffer overflow in Microsoft Message Queuing allows remote attackers to execute arbitrary...

10CVSS7.5AI score0.76803EPSS
Exploits10
Saint
Saint
•added 2006/09/22 12:0 a.m.•19 views

WS_FTP XCRC buffer overflow

Added: 09/22/2006 CVE: CVE-2006-4847 BID: 20076 OSVDB: 28939 Background WSFTP Server is an FTP server for Windows platforms. Problem Buffer overflows in multiple FTP commands allow an authenticated attacker to execute arbitrary commands. Resolution Upgrade to WSFTP Server 5.05 Hotfix 1. Reference...

6.5CVSS7.2AI score0.85213EPSS
Exploits10
Saint
Saint
•added 2006/08/07 12:0 a.m.•19 views

BrightStor ARCserve Universal Agent buffer overflow

Added: 08/07/2006 CVE: CVE-2005-1018 BID: 13102 OSVDB: 15471 Background The BrightStor ARCserve Backup family of products includes a Universal Agent which listens for connections on port 6050/TCP. Problem A buffer overflow in the Universal Agent allows remote attackers to execute arbitrary comman...

7.5CVSS7.8AI score0.58983EPSS
Exploits7
Saint
Saint
•added 2006/07/06 12:0 a.m.•19 views

IMail LDAP buffer overflow

Added: 07/06/2006 CVE: CVE-2004-0297 BID: 9682 OSVDB: 3984 Background IMail is an e-mail server for Windows platforms. It includes a service which implements the Lightweight Directory Access Protocol LDAP. Problem A buffer overflow in IMail's LDAP service allows a remote attacker to overwrite the...

10CVSS7.2AI score0.68129EPSS
Exploits8
Saint
Saint
•added 2006/06/23 12:0 a.m.•19 views

BASE base_qry_common.php file include

Added: 06/23/2006 CVE: CVE-2006-2685 BID: 18298 OSVDB: 25770 Background Snort is an open-source intrusion detection system. The Basic Analysis and Security Engine BASE is a web interface for analyzing Snort results. Problem If the registerglobals PHP option is enabled, the baseqrycommon.php scrip...

4CVSS6.5AI score0.49185EPSS
Exploits11
Saint
Saint
•added 2006/06/12 12:0 a.m.•19 views

Cyrus IMAP pop3d popsubfolders buffer overflow

Added: 06/12/2006 CVE: CVE-2006-2502 BID: 18056 OSVDB: 25853 Background Cyrus IMAP is an open-source IMAP, POP3, and KPOP server. The popsubfolders configuration option allows POP3 users to access subfolders by specifying the subfolder name when logging in. Problem When the popsubfolders...

5.1CVSS7.7AI score0.53333EPSS
Exploits12
Saint
Saint
•added 2006/06/01 12:0 a.m.•19 views

IMail IMAP DELETE command buffer overflow

Added: 06/01/2006 CVE: CVE-2004-1520 BID: 11675 OSVDB: 11838 Background IMail is an e-mail server for Windows platforms. Problem A buffer overflow in the IMAP service could allow remote attackers to execute commands by sending a long, specially crafted DELETE command. The attacker would need to...

4.6CVSS7.4AI score0.88509EPSS
Exploits12
Saint
Saint
•added 2006/03/01 12:0 a.m.•19 views

MDaemon IMAP AUTHENTICATE command buffer overflow

Added: 03/01/2006 BID: 14317 OSVDB: 18069 Background MDaemon is an e-mail server for Windows. Problem The IMAP service in MDaemon is affected by buffer overflow vulnerabilities in the AUTHENTICATE LOGIN and AUTHENTICATE CRAM-MD5 commands which can be exploited without logging into the server...

8.1AI score
Exploits0
Saint
Saint
•added 2006/01/31 12:0 a.m.•19 views

Winamp playlist file buffer overflow

Added: 01/31/2006 CVE: CVE-2006-0476 BID: 16410 OSVDB: 22789 Background Winamp is a media player for Windows. Problem A buffer overflow in Winamp allows code execution when a specially crafted playlist file is opened. Resolution Upgrade to Winamp 5.13 or higher. References Limitations Exploit...

7.6CVSS7.1AI score0.74506EPSS
Exploits8
Total number of security vulnerabilities4305