Page 2 of 9 results (0.033 seconds)

CVSS: 7.2EPSS: 0%CPEs: 4EXPL: 0

Centennial Discovery 2006 Feature Pack 1, which is used by (1) Numara Asset Manager 8.0 and (2) Symantec Discovery 6.5, uses insecure permissions on certain directories, which allows local users to gain privileges. Centennial Discovery 2006 Feature Pack 1, el cual es usado por (1) Numara Asset Manager 8.0 y (2) Symantec Discovery 6.5, utiliza permisos no seguros sobre ciertos directorios, el cual permite a usuarios locales ganar privilegios. • http://secunia.com/advisories/25354 http://secunia.com/advisories/25374 http://secunia.com/advisories/25379 http://secunia.com/secunia_research/2007-58/advisory http://secunia.com/secunia_research/2007-59/advisory http://secunia.com/secunia_research/2007-60/advisory http://www.securityfocus.com/bid/25000 http://www.vupen.com/english/advisories/2007/2599 http://www.vupen.com/english/advisories/2007/2600 http://www.vupen.com/english/advisories/2007/2603 https://exchange.xfor •

CVSS: 9.3EPSS: 1%CPEs: 3EXPL: 0

Stack-based buffer overflow in XferWan.exe as used in multiple products including (1) Symantec Discovery 6.5, (2) Numara Asset Manager 8.0, and (3) Centennial UK Ltd Discovery 2006 Feature Pack, allows remote attackers to execute arbitrary code via a long request. NOTE: this might be a reservation duplicate of CVE-2007-1173. Desbordamiento de búfer basado en pila en el XferWan.exe como el utilizado en múltiples productos incluidos (1) Symantec Discovery 6.5, (2) Numara Asset Manager 8.0 y (3) Centennial UK Ltd Discovery 2006 Feature Pack, permite a atacantes remotos ejecutar código de su elección a través de una petición larga. NOTA: esta vulnerabilidad puede ser una réplica de la CVE-2007-1173. • http://dvlabs.tippingpoint.com/advisory/TPTI-07-10 http://osvdb.org/42059 http://securityreason.com/securityalert/2785 http://www.securityfocus.com/archive/1/470563/100/0/threaded http://www.securityfocus.com/bid/24317 http://www.securitytracker.com/id?1018191 https://exchange.xforce.ibmcloud.com/vulnerabilities/34723 •

CVSS: 10.0EPSS: 82%CPEs: 3EXPL: 0

Multiple buffer overflows in the CentennialIPTransferServer service (XFERWAN.EXE), as used by (1) Centennial Discovery 2006 Feature Pack 1, (2) Numara Asset Manager 8.0, and (3) Symantec Discovery 6.5, allow remote attackers to execute arbitrary code via long strings in a crafted TCP packet. Múltiples desbordamientos de búfer en el servicio CentennialIPTransferServer (XFERWAN.EXE), como el usado por (1) Centennial Discovery 2006 Feature Pack 1, (2) Numara Asset Manager 8.0, y (3) Symantec Discovery 6.5, permite a atacantes remotos ejecutar código de su elección mediante cadenas largas a paquetes TCP manipulados artesanalmente. • http://osvdb.org/35076 http://secunia.com/advisories/24090 http://secunia.com/advisories/24281 http://secunia.com/advisories/24329 http://secunia.com/secunia_research/2007-41/advisory http://secunia.com/secunia_research/2007-42/advisory http://secunia.com/secunia_research/2007-43/advisory http://www.securityfocus.com/bid/24002 http://www.securitytracker.com/id?1018072 http://www.vupen.com/english/advisories/2007/1832 http://www.vupen.com/english/advisories/2007/1833 http: •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

The installation of ON Symantec Discovery 4.5.x and Symantec Discovery 6.0 creates the (1) DiscoveryWeb and (2) DiscoveryRO database accounts with null passwords, which could allow attackers to gain privileges or prevent Discovery from running by setting another password. • http://secunia.com/advisories/17302 http://securityreason.com/securityalert/112 http://securityresponse.symantec.com/avcenter/security/Content/2005.10.24.html http://securitytracker.com/id?1015097 http://www.securityfocus.com/bid/15188 •