6 results (0.009 seconds)

CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 1

npvmgr.exe in BakBone NetVault Backup 8.22 Build 29 allows remote attackers to cause a denial of service (daemon crash) via a packet to (1) TCP or (2) UDP port 20031 with a large value in an unspecified size field, which is not properly handled in a malloc operation. NOTE: some of these details are obtained from third party information. npvmgr.exe en BakBone NetVault Backup v8.22 Build 29 permite a atacantes remotos provocar una denegación de servicio (caída del demonio) a través de paquetes (1) TCP o (2) UDP puerto 20031 con un valor largo en un campo de tamaño sin especipicar, que no es manejado adecuadamente en una operación alloc. NOTA: algunos de estos detalles han sido obtenidos a partir de información de terceros. • http://osvdb.org/58329 http://secunia.com/advisories/36847 http://www.insight-tech.org/index.php?p=bakbone-netvault-backup-8-22-build-29-remote-dos http://www.securityfocus.com/bid/36489 http://www.securitytracker.com/id?1022941 https://exchange.xforce.ibmcloud.com/vulnerabilities/53434 • CWE-20: Improper Input Validation •

CVSS: 10.0EPSS: 62%CPEs: 1EXPL: 0

Multiple heap-based buffer overflows in (1) clsscheduler.exe (aka scheduler client) and (2) srvscheduler.exe (aka scheduler server) in BakBone NetVault Reporter 3.5 before Update4 allow remote attackers to execute arbitrary code via long filename arguments in HTTP requests. Múltiples desbordamientos de búfer basados en pila en (1) clsscheduler.exe (también conocido como scheduler client) y (2) srvscheduler.exe (también conocido comoscheduler server) en BakBone NetVault Reporter 3.5 anterior a Update4 permite a atacantes remotos ejecutar código de su elección a través de argumentos con nombres de archivos largos en respuestas HTTP. This vulnerability allows remote attackers to execute arbitrary code on systems with affected installations of BakBone NetVault Reporter. User interaction is not required to exploit this vulnerability. The specific flaw exists both within the scheduler client (clsscheduler.exe) listening on TCP port 7978 and the scheduler server (srvscheduler.exe) listening on TCP port 7977. In both cases an exploitable heap corruption can occur during the processing of overly long filename arguments to the "GET" and "POST" requests. • http://secunia.com/advisories/26222 http://securityreason.com/securityalert/2954 http://www.securityfocus.com/archive/1/474626/100/0/threaded http://www.securityfocus.com/bid/25068 http://www.securitytracker.com/id?1018460 http://www.vupen.com/english/advisories/2007/2658 http://www.zerodayinitiative.com/advisories/ZDI-07-044.html https://exchange.xforce.ibmcloud.com/vulnerabilities/35588 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 32%CPEs: 2EXPL: 2

Buffer overflow in fbserver.exe in Firebird SQL 2 before 2.0.1 allows remote attackers to execute arbitrary code via a large p_cnct_count value in a p_cnct structure in a connect (0x01) request to port 3050/tcp, related to "an InterBase version of gds32.dll." Desbordamiento de búfer en fbserver.exe de Firebird SQL 2 before 2.0.1 permite a atacantes remotos ejecutar código de su elección mediante un valor p_cnct_count grande en una estructura p_cnct structure en una petición de conexión (0x01) al puerto 3050/tcp, relacionado con "una versión InterBase de gds32.dll". • https://www.exploit-db.com/exploits/30186 http://dvlabs.tippingpoint.com/advisory/TPTI-07-11 http://osvdb.org/37231 http://secunia.com/advisories/25601 http://secunia.com/advisories/25872 http://secunia.com/advisories/29501 http://security.gentoo.org/glsa/glsa-200707-01.xml http://www.debian.org/security/2008/dsa-1529 http://www.firebirdsql.org/rlsnotes/Firebird-2.0.1-ReleaseNotes.pdf http://www.securityfocus.com/bid/24436 http://www.vupen.com/english/advisories/2007 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

Heap-based buffer overflow in the demo version of Bakbone Netvault, and possibly other versions, allows remote attackers to execute arbitrary commands via a large packet to port 20031. • https://www.exploit-db.com/exploits/990 http://marc.info/?l=bugtraq&m=111600439331242&w=2 •

CVSS: 4.6EPSS: 0%CPEs: 2EXPL: 2

nvstatsmngr.exe process in BakBone NetVault 7.1 does not properly drop privileges before opening files, which allows local users to gain privileges via the Help menu. • https://www.exploit-db.com/exploits/1161 http://marc.info/?l=bugtraq&m=111464410324243&w=2 http://secunia.com/advisories/15158 http://www.osvdb.org/15900 http://www.securityfocus.com/bid/13408 http://www.vupen.com/english/advisories/2005/0420 https://exchange.xforce.ibmcloud.com/vulnerabilities/20302 •