CVE-2019-9017 – SolarWinds DameWare Mini Remote Control 10.0 - Denial of Service
https://notcve.org/view.php?id=CVE-2019-9017
DWRCC in SolarWinds DameWare Mini Remote Control 10.0 x64 has a Buffer Overflow associated with the size field for the machine name. DWRCC en SolarWinds DameWare Mini Remote Control 10.0 x64 tiene un desbordamiento de búfer asociado con el campo de tamaño del nombre de la máquina. SolarWinds DameWare Mini Remote Control version 10.0 suffers from a denial of service vulnerability. • https://www.exploit-db.com/exploits/46793 http://packetstormsecurity.com/files/152721/SolarWinds-DameWare-Mini-Remote-Control-10.0-Denial-Of-Service.html http://www.binaryworld.it/guidepoc.asp • CWE-787: Out-of-bounds Write •
CVE-2019-9546
https://notcve.org/view.php?id=CVE-2019-9546
SolarWinds Orion Platform before 2018.4 Hotfix 2 allows privilege escalation through the RabbitMQ service. SolarWinds Orion Platform, en versiones anteriores a la 2018.4 Hotfix 2, permite el escalado de privilegios mediante el servicio RabbitMQ. • https://github.com/active-labs/Advisories/blob/master/2019/ACTIVE-2019-005.md https://support.solarwinds.com/SuccessCenter/s/article/CVE-2019-9546-Orion-Platform-Vulnerability https://support.solarwinds.com/Success_Center/Orion_Platform/Orion_Documentation/Additional_Resources/Orion_Platform_2018-4_Hotfix_2 • CWE-427: Uncontrolled Search Path Element •
CVE-2019-8917
https://notcve.org/view.php?id=CVE-2019-8917
SolarWinds Orion NPM before 12.4 suffers from a SYSTEM remote code execution vulnerability in the OrionModuleEngine service. This service establishes a NetTcpBinding endpoint that allows remote, unauthenticated clients to connect and call publicly exposed methods. The InvokeActionMethod method may be abused by an attacker to execute commands as the SYSTEM user. SolarWinds Orion NPM, en versiones anteriores a la 12.4, sufre de una vulnerabilidad de ejecución remota de código "SYSTEM" en el servicio OrionModuleEngine. Este servicio establece un endpoint NetTcpBinding que permite que los clientes remotos sin autenticar se conecten y llamen a métodos expuestos de forma pública. • http://www.securityfocus.com/bid/107061 https://github.com/VerSprite/research/blob/master/advisories/VS-2019-001.md •
CVE-2018-19934 – SolarWinds Serv-U FTP 15.1.6.25 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2018-19934
SolarWinds Serv-U FTP Server 15.1.6.25 has reflected cross-site scripting (XSS) in the Web management interface via URL path and HTTP POST parameter. SolarWinds Serv-U FTP Server 15.1.6.25 tiene Cross-Site Scripting (XSS) reflejado en la interfaz de gestión web en la interfaz de gestión web mediante una ruta de URL y un parámetro HTTP POST. SolarWinds Serv-U FTP version 15.1.6.25 suffers from a cross site scripting vulnerability. • http://packetstormsecurity.com/files/151474/SolarWinds-Serv-U-FTP-15.1.6.25-Cross-Site-Scripting.html http://seclists.org/fulldisclosure/2019/Feb/5 https://www.themissinglink.com.au/security-advisories-cve-2018-19934 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-15906 – SolarWinds Serv-U FTP 15.1.6 Privilege Escalation
https://notcve.org/view.php?id=CVE-2018-15906
SolarWinds Serv-U FTP Server 15.1.6 allows remote authenticated users to execute arbitrary code by leveraging the Import feature and modifying a CSV file. SolarWinds Serv-U FTP Server 15.1.6 permite que usuarios remotos autenticados ejecuten código arbitrario aprovechando la característica de importación y modificando un archivo CSV. SolarWinds Serv-U FTP Server version 15.1.6 is vulnerable to privilege escalation from remote authenticated users by leveraging the CSV user import function. This leads to obtaining remote code execution under the context of the Windows SYSTEM account in a default installation. • http://packetstormsecurity.com/files/151473/SolarWinds-Serv-U-FTP-15.1.6-Privilege-Escalation.html http://seclists.org/fulldisclosure/2019/Feb/4 http://www.securityfocus.com/bid/106844 •