Konica Minolta FTP Utility buffer overflow

Added: 10/01/2015 Background The Konica Minolta FTP Utility is an FTP server for Windows 98 through XP. Problem A vulnerability in the FTP Utility allows remote, unauthenticated attackers to execute arbitrary commands by sending a long, specially crafted argument to any command. Resolution Remove...

Konica Minolta FTP Utility buffer overflow

Added: 10/01/2015 Background The Konica Minolta FTP Utility is an FTP server for Windows 98 through XP. Problem A vulnerability in the FTP Utility allows remote, unauthenticated attackers to execute arbitrary commands by sending a long, specially crafted argument to any command. Resolution Remove...

Konica Minolta FTP Utility buffer overflow

Added: 10/01/2015 Background The Konica Minolta FTP Utility is an FTP server for Windows 98 through XP. Problem A vulnerability in the FTP Utility allows remote, unauthenticated attackers to execute arbitrary commands by sending a long, specially crafted argument to any command. Resolution Remove...

Konica Minolta FTP Utility buffer overflow

Added: 10/01/2015 Background The Konica Minolta FTP Utility is an FTP server for Windows 98 through XP. Problem A vulnerability in the FTP Utility allows remote, unauthenticated attackers to execute arbitrary commands by sending a long, specially crafted argument to any command. Resolution Remove...

Windows Media Center command execution

Added: 09/15/2015 CVE: CVE-2015-2509 Background Windows Media Center is software for watching DVDs and TV channels on Windows systems. Problem A vulnerability in Windows Media Center could allow command execution when a user opens an .mcl file which references an executable file supplied by an...

Windows Media Center command execution

Added: 09/15/2015 CVE: CVE-2015-2509 Background Windows Media Center is software for watching DVDs and TV channels on Windows systems. Problem A vulnerability in Windows Media Center could allow command execution when a user opens an .mcl file which references an executable file supplied by an...

Windows Media Center command execution

Added: 09/15/2015 CVE: CVE-2015-2509 Background Windows Media Center is software for watching DVDs and TV channels on Windows systems. Problem A vulnerability in Windows Media Center could allow command execution when a user opens an .mcl file which references an executable file supplied by an...

Windows Media Center command execution

Added: 09/15/2015 CVE: CVE-2015-2509 Background Windows Media Center is software for watching DVDs and TV channels on Windows systems. Problem A vulnerability in Windows Media Center could allow command execution when a user opens an .mcl file which references an executable file supplied by an...

Symantec Endpoint Protection Manager authentication bypass

Added: 08/26/2015 CVE: CVE-2015-1486 BID: 76074 Background Symantec Endpoint Protection, by Symantec Corporation, is an antivirus and personal firewall product designed to be centrally managed in corporate environments by the Symantec Endpoint Protection Manager SEPM. Problem Symantec Endpoint...

Symantec Endpoint Protection Manager authentication bypass

Added: 08/26/2015 CVE: CVE-2015-1486 BID: 76074 Background Symantec Endpoint Protection, by Symantec Corporation, is an antivirus and personal firewall product designed to be centrally managed in corporate environments by the Symantec Endpoint Protection Manager SEPM. Problem Symantec Endpoint...

Symantec Endpoint Protection Manager authentication bypass

Added: 08/26/2015 CVE: CVE-2015-1486 BID: 76074 Background Symantec Endpoint Protection, by Symantec Corporation, is an antivirus and personal firewall product designed to be centrally managed in corporate environments by the Symantec Endpoint Protection Manager SEPM. Problem Symantec Endpoint...

Symantec Endpoint Protection Manager authentication bypass

Added: 08/26/2015 CVE: CVE-2015-1486 BID: 76074 Background Symantec Endpoint Protection, by Symantec Corporation, is an antivirus and personal firewall product designed to be centrally managed in corporate environments by the Symantec Endpoint Protection Manager SEPM. Problem Symantec Endpoint...

PCMan FTP Server PUT buffer overflow

Added: 08/13/2015 Background PCMan's FTP Server is a free FTP server for Windows. Problem A buffer overflow vulnerability in PCMan's FTP Server allows remote attackers to execute arbitrary commands. Resolution There is no known fix for this vulnerability. Use a different FTP server, or block acce...

PCMan FTP Server PUT buffer overflow

Added: 08/13/2015 Background PCMan's FTP Server is a free FTP server for Windows. Problem A buffer overflow vulnerability in PCMan's FTP Server allows remote attackers to execute arbitrary commands. Resolution There is no known fix for this vulnerability. Use a different FTP server, or block acce...

PCMan FTP Server PUT buffer overflow

Added: 08/13/2015 Background PCMan's FTP Server is a free FTP server for Windows. Problem A buffer overflow vulnerability in PCMan's FTP Server allows remote attackers to execute arbitrary commands. Resolution There is no known fix for this vulnerability. Use a different FTP server, or block acce...

PCMan FTP Server PUT buffer overflow

Added: 08/13/2015 Background PCMan's FTP Server is a free FTP server for Windows. Problem A buffer overflow vulnerability in PCMan's FTP Server allows remote attackers to execute arbitrary commands. Resolution There is no known fix for this vulnerability. Use a different FTP server, or block acce...

D-Link Cookie command injection

Added: 07/30/2015 Background D-Link produces a variety of routers, switches, and other network equipment for home users and businesses. Problem A command injection vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted cookie in an HTTP request...

D-Link Cookie command injection

Added: 07/30/2015 Background D-Link produces a variety of routers, switches, and other network equipment for home users and businesses. Problem A command injection vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted cookie in an HTTP request...

D-Link Cookie command injection

Added: 07/30/2015 Background D-Link produces a variety of routers, switches, and other network equipment for home users and businesses. Problem A command injection vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted cookie in an HTTP request...

D-Link Cookie command injection

Added: 07/30/2015 Background D-Link produces a variety of routers, switches, and other network equipment for home users and businesses. Problem A command injection vulnerability allows remote attackers to execute arbitrary commands by sending a specially crafted cookie in an HTTP request...

Accellion FTA getStatus command injection

Added: 07/16/2015 CVE: CVE-2015-2857 Background The Accellion File Transfer Appliance is a solution for secure file sharing. Problem A command injection vulnerability allows remote attackers to execute arbitrary commands contained in the oauthtoken parameter to the getStatus action. Resolution...

Accellion FTA getStatus command injection

Added: 07/16/2015 CVE: CVE-2015-2857 Background The Accellion File Transfer Appliance is a solution for secure file sharing. Problem A command injection vulnerability allows remote attackers to execute arbitrary commands contained in the oauthtoken parameter to the getStatus action. Resolution...

Accellion FTA getStatus command injection

Added: 07/16/2015 CVE: CVE-2015-2857 Background The Accellion File Transfer Appliance is a solution for secure file sharing. Problem A command injection vulnerability allows remote attackers to execute arbitrary commands contained in the oauthtoken parameter to the getStatus action. Resolution...

Accellion FTA getStatus command injection

Added: 07/16/2015 CVE: CVE-2015-2857 Background The Accellion File Transfer Appliance is a solution for secure file sharing. Problem A command injection vulnerability allows remote attackers to execute arbitrary commands contained in the oauthtoken parameter to the getStatus action. Resolution...

Ubuntu overlayfs privilege elevation

Added: 06/26/2015 CVE: CVE-2015-1328 BID: 75206 Background Overlayfs is a type of file system for Linux which implements a union mount. Problem In Ubuntu, overlayfs fails to correctly check file permissions when creating new files in the upper filesystem directory. This can be exploited by an...

Ubuntu overlayfs privilege elevation

Added: 06/26/2015 CVE: CVE-2015-1328 BID: 75206 Background Overlayfs is a type of file system for Linux which implements a union mount. Problem In Ubuntu, overlayfs fails to correctly check file permissions when creating new files in the upper filesystem directory. This can be exploited by an...

Ubuntu overlayfs privilege elevation

Added: 06/26/2015 CVE: CVE-2015-1328 BID: 75206 Background Overlayfs is a type of file system for Linux which implements a union mount. Problem In Ubuntu, overlayfs fails to correctly check file permissions when creating new files in the upper filesystem directory. This can be exploited by an...

Ubuntu overlayfs privilege elevation

Added: 06/26/2015 CVE: CVE-2015-1328 BID: 75206 Background Overlayfs is a type of file system for Linux which implements a union mount. Problem In Ubuntu, overlayfs fails to correctly check file permissions when creating new files in the upper filesystem directory. This can be exploited by an...

Seagate Central unauthenticated file upload

Added: 06/09/2015 Background Seagate Central is a personal cloud storage device which can be connected to a wireless router. Problem Seagate Central has no root password, allowing unauthenticated users to upload arbitrary files via PHP. This can be leveraged to execute arbitrary commands by...

Seagate Central unauthenticated file upload

Added: 06/09/2015 Background Seagate Central is a personal cloud storage device which can be connected to a wireless router. Problem Seagate Central has no root password, allowing unauthenticated users to upload arbitrary files via PHP. This can be leveraged to execute arbitrary commands by...

Seagate Central unauthenticated file upload

Added: 06/09/2015 Background Seagate Central is a personal cloud storage device which can be connected to a wireless router. Problem Seagate Central has no root password, allowing unauthenticated users to upload arbitrary files via PHP. This can be leveraged to execute arbitrary commands by...

Seagate Central unauthenticated file upload

Added: 06/09/2015 Background Seagate Central is a personal cloud storage device which can be connected to a wireless router. Problem Seagate Central has no root password, allowing unauthenticated users to upload arbitrary files via PHP. This can be leveraged to execute arbitrary commands by...

ProFTPD mod_copy command execution

Added: 05/29/2015 CVE: CVE-2015-3306 BID: 74238 OSVDB: 120834 Background ProFTPD is free FTP Server software for Unix and Linux platforms. Problem The modcopy extension, if enabled in ProFTPD, allows unauthenticated attackers to read and write arbitrary files using the SITE CPFR and SITE CPTO...

ProFTPD mod_copy command execution

Added: 05/29/2015 CVE: CVE-2015-3306 BID: 74238 OSVDB: 120834 Background ProFTPD is free FTP Server software for Unix and Linux platforms. Problem The modcopy extension, if enabled in ProFTPD, allows unauthenticated attackers to read and write arbitrary files using the SITE CPFR and SITE CPTO...

ProFTPD mod_copy command execution

Added: 05/29/2015 CVE: CVE-2015-3306 BID: 74238 OSVDB: 120834 Background ProFTPD is free FTP Server software for Unix and Linux platforms. Problem The modcopy extension, if enabled in ProFTPD, allows unauthenticated attackers to read and write arbitrary files using the SITE CPFR and SITE CPTO...

ProFTPD mod_copy command execution

Added: 05/29/2015 CVE: CVE-2015-3306 BID: 74238 OSVDB: 120834 Background ProFTPD is free FTP Server software for Unix and Linux platforms. Problem The modcopy extension, if enabled in ProFTPD, allows unauthenticated attackers to read and write arbitrary files using the SITE CPFR and SITE CPTO...

iTunes .PLS Title buffer overflow

Added: 05/11/2015 Background iTunes is a free media player for multiple platforms. Problem A buffer overflow vulnerability in iTunes allows command execution when a .PLS file containing a specially crafted Title parameter is opened. Resolution Do not open untrusted .PLS files. References...

iTunes .PLS Title buffer overflow

Added: 05/11/2015 Background iTunes is a free media player for multiple platforms. Problem A buffer overflow vulnerability in iTunes allows command execution when a .PLS file containing a specially crafted Title parameter is opened. Resolution Do not open untrusted .PLS files. References...

iTunes .PLS Title buffer overflow

Added: 05/11/2015 Background iTunes is a free media player for multiple platforms. Problem A buffer overflow vulnerability in iTunes allows command execution when a .PLS file containing a specially crafted Title parameter is opened. Resolution Do not open untrusted .PLS files. References...

iTunes .PLS Title buffer overflow

Added: 05/11/2015 Background iTunes is a free media player for multiple platforms. Problem A buffer overflow vulnerability in iTunes allows command execution when a .PLS file containing a specially crafted Title parameter is opened. Resolution Do not open untrusted .PLS files. References...

Samsung iPOLiS Device Manager ReadConfigValue vulnerability

Added: 04/27/2015 CVE: CVE-2015-0555 OSVDB: 118668 Background Samsung iPOLiS Device Manager is software for managing network devices. It comes with an ActiveX control called XnsSdkDeviceIpInstaller.ocx. Problem A buffer overflow vulnerability in the ReadConfigValue and WriteConfigValue methods in...

Samsung iPOLiS Device Manager ReadConfigValue vulnerability

Added: 04/27/2015 CVE: CVE-2015-0555 OSVDB: 118668 Background Samsung iPOLiS Device Manager is software for managing network devices. It comes with an ActiveX control called XnsSdkDeviceIpInstaller.ocx. Problem A buffer overflow vulnerability in the ReadConfigValue and WriteConfigValue methods in...

Samsung iPOLiS Device Manager ReadConfigValue vulnerability

Added: 04/27/2015 CVE: CVE-2015-0555 OSVDB: 118668 Background Samsung iPOLiS Device Manager is software for managing network devices. It comes with an ActiveX control called XnsSdkDeviceIpInstaller.ocx. Problem A buffer overflow vulnerability in the ReadConfigValue and WriteConfigValue methods in...

Samsung iPOLiS Device Manager ReadConfigValue vulnerability

Added: 04/27/2015 CVE: CVE-2015-0555 OSVDB: 118668 Background Samsung iPOLiS Device Manager is software for managing network devices. It comes with an ActiveX control called XnsSdkDeviceIpInstaller.ocx. Problem A buffer overflow vulnerability in the ReadConfigValue and WriteConfigValue methods in...

OS X rootpipe privilege elevation

Added: 04/14/2015 CVE: CVE-2015-1130 BID: 73982 OSVDB: 120418 Background OS X is an operating system for Mac computers. Problem The Admin framework in OS X contains a hidden backdoor API which allows local users to gain root privileges. Resolution Upgrade to OS X 10.10.3 or apply security update...

OS X rootpipe privilege elevation

Added: 04/14/2015 CVE: CVE-2015-1130 BID: 73982 OSVDB: 120418 Background OS X is an operating system for Mac computers. Problem The Admin framework in OS X contains a hidden backdoor API which allows local users to gain root privileges. Resolution Upgrade to OS X 10.10.3 or apply security update...

OS X rootpipe privilege elevation

Added: 04/14/2015 CVE: CVE-2015-1130 BID: 73982 OSVDB: 120418 Background OS X is an operating system for Mac computers. Problem The Admin framework in OS X contains a hidden backdoor API which allows local users to gain root privileges. Resolution Upgrade to OS X 10.10.3 or apply security update...

OS X rootpipe privilege elevation

Added: 04/14/2015 CVE: CVE-2015-1130 BID: 73982 OSVDB: 120418 Background OS X is an operating system for Mac computers. Problem The Admin framework in OS X contains a hidden backdoor API which allows local users to gain root privileges. Resolution Upgrade to OS X 10.10.3 or apply security update...

TWiki View Script debugenableplugins Request Parameter Vulnerability

Added: 03/30/2015 CVE: CVE-2014-7236 BID: 70372 OSVDB: 112977 Background TWiki is a web-based collaboration platform written in PERL. Problem The TWiki view script does not properly sanitize the debugenableplugins parameter before using it. Resolution Upgrade to TWiki-6.0.1 or higher, or apply th...

TWiki View Script debugenableplugins Request Parameter Vulnerability

Added: 03/30/2015 CVE: CVE-2014-7236 BID: 70372 OSVDB: 112977 Background TWiki is a web-based collaboration platform written in PERL. Problem The TWiki view script does not properly sanitize the debugenableplugins parameter before using it. Resolution Upgrade to TWiki-6.0.1 or higher, or apply th...