Page 43 of 256 results (0.005 seconds)

CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 1

The RMI service in SolarWinds Virtualization Manager 6.3.1 and earlier allows remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the Apache Commons Collections (ACC) library. El servicio RMI en SolarWinds Virtualization Manager 6.3.1 y versiones anteriores permite a atacantes ejecutar comandos arbitrarios a través de un objeto Java serializado manipulado, relacionado con la librería Apache Commons Collections (ACC). Solarwinds Virtualization Manager versions 6.3.1 and below suffer from a java deserialization vulnerability. • http://packetstormsecurity.com/files/137486/Solarwinds-Virtualization-Manager-6.3.1-Java-Deserialization.html http://seclists.org/fulldisclosure/2016/Jun/25 http://seclists.org/fulldisclosure/2016/Jun/29 •

CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 2

SolarWinds Virtualization Manager 6.3.1 and earlier allow local users to gain privileges by leveraging a misconfiguration of sudo, as demonstrated by "sudo cat /etc/passwd." SolarWinds Virtualization Manager 6.3.1 y versiones anteriores permite a usuarios locales obtener privilegios aprovechando una mala configuración de sudo, según lo demostrado por "sudo cat /etc/passwd". Solarwinds Virtualization Manager versions 6.3.1 and below suffer from a privilege escalation vulnerability due to a misconfiguration of sudo. SolarWinds Virtualization Manager allows for privilege escalation through leveraging a misconfiguration of sudo. • https://www.exploit-db.com/exploits/39967 http://packetstormsecurity.com/files/137487/Solarwinds-Virtualization-Manager-6.3.1-Privilege-Escalation.html http://seclists.org/fulldisclosure/2016/Jun/26 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 10.0EPSS: 96%CPEs: 1EXPL: 0

Multiple SQL injection vulnerabilities in the Web Services web server in SolarWinds Storage Resource Monitor (SRM) Profiler (formerly Storage Manager (STM)) before 6.2.3 allow remote attackers to execute arbitrary SQL commands via the (1) ScriptSchedule parameter in the ScriptServlet servlet; the (2) winEventId or (3) winEventLog parameter in the WindowsEventLogsServlet servlet; the (4) processOS parameter in the ProcessesServlet servlet; the (5) group, (6) groupName, or (7) clientName parameter in the BackupExceptionsServlet servlet; the (8) valDB or (9) valFS parameter in the BackupAssociationServlet servlet; the (10) orderBy or (11) orderDir parameter in the HostStorageServlet servlet; the (12) fileName, (13) sortField, or (14) sortDirection parameter in the DuplicateFilesServlet servlet; the (15) orderFld or (16) orderDir parameter in the QuantumMonitorServlet servlet; the (17) exitCode parameter in the NbuErrorMessageServlet servlet; the (18) udfName, (19) displayName, (20) udfDescription, (21) udfDataValue, (22) udfSectionName, or (23) udfId parameter in the UserDefinedFieldConfigServlet servlet; the (24) sortField or (25) sortDirection parameter in the XiotechMonitorServlet servlet; the (26) sortField or (27) sortDirection parameter in the BexDriveUsageSummaryServlet servlet; the (28) state parameter in the ScriptServlet servlet; the (29) assignedNames parameter in the FileActionAssignmentServlet servlet; the (30) winEventSource parameter in the WindowsEventLogsServlet servlet; or the (31) name, (32) ipOne, (33) ipTwo, or (34) ipThree parameter in the XiotechMonitorServlet servlet. Múltiples vulnerabilidades de inyección SQL en el servidor web Web Services en SolarWinds Storage Resource Monitor (SRM) Profiler (anteriormente Storage Manager (STM)) en versiones anteriores a 6.2.3 permiten a atacantes remotos ejecutar comandos SQL arbitrarios a través de el parámetro (1) ScriptSchedule en el servlet ScriptServlet; (2) winEventId o (3) winEventLog en el servlet WindowsEventLogsServlet; (4) processOS en el servlet ProcessesServlet; (5) group, (6) groupName o (7) clientName en el servlet BackupExceptionsServlet; (8) valDB o (9) valFS en el servlet BackupAssociationServlet; (10) orderBy o (11) orderDir en el servlet HostStorageServlet; (12) fileName, (13) sortField o (14) sortDirection en el servlet DuplicateFilesServlet; (15) orderFld o (16) orderDir en el servlet QuantumMonitorServlet; (17) exitCode en el servlet NbuErrorMessageServlet; (18) udfName, (19) displayName, (20) udfDescription, (21) udfDataValue, (22) udfSectionName o (23) udfId en el servlet UserDefinedFieldConfigServlet; (24) sortField o (25) sortDirection en el servlet XiotechMonitorServlet; (26) sortField o (27) sortDirection en el servlet BexDriveUsageSummaryServlet; (28) state en el servlet ScriptServlet; (29) assignedNames en el servlet FileActionAssignmentServlet; (30) winEventSource en el servlet WindowsEventLogsServlet; o (31) name, (32) ipOne, (33) ipTwo o (34) ipThree en el servlet XiotechMonitorServlet. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds Storage Resource Monitor Profiler Module. Authentication is not required to exploit this vulnerability. The specific flaw exists within processing of the XiotechMonitorServlet servlet in the SolarWinds Storage Manager Web Services web server. The parameters name, ipOne, ipTwo, and ipThree are vulnerable to SQL injection when the state parameter is set to saveSite. • http://www.solarwinds.com/documentation/storage/storagemanager/docs/ReleaseNotes/releaseNotes.htm http://www.zerodayinitiative.com/advisories/ZDI-16-249 http://www.zerodayinitiative.com/advisories/ZDI-16-250 http://www.zerodayinitiative.com/advisories/ZDI-16-251 http://www.zerodayinitiative.com/advisories/ZDI-16-252 http://www.zerodayinitiative.com/advisories/ZDI-16-253 http://www.zerodayinitiative.com/advisories/ZDI-16-254 http://www.zerodayinitiative.com/advisories/ZDI-16-255 http://www.zerodayinitiative • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 7.5EPSS: 14%CPEs: 1EXPL: 0

Stack-based buffer overflow in the URI handler in DWRCC.exe in SolarWinds DameWare Mini Remote Control before 12.0 HotFix 1 allows remote attackers to execute arbitrary code via a crafted commandline argument in a link. Desbordamiento de buffer basado en pila en el manejador URI en DWRCC.exe, en SolarWinds DameWare Mini Remote Control en versiones anteriores a 12.0 HotFix 1, permite a atacantes remotos ejecutar código arbitrario a través de un argumento de línea de comandos manipulado en un enlace. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of SolarWinds DameWare Mini Remote Control. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within DWRCC.exe. By crafting a malicious link, an attacker can trigger a stack buffer overflow while parsing the command-line arguments. • http://www.zerodayinitiative.com/advisories/ZDI-15-555 https://thwack.solarwinds.com/message/308973 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.5EPSS: 1%CPEs: 1EXPL: 0

The command line management console (CMC) in SolarWinds Log and Event Manager (LEM) before 6.2.0 allows remote attackers to execute arbitrary code via unspecified vectors involving the ping feature. La consola de administración de linea de comandos (CMC) en SolarWinds Log y Event Manager (LEM) en versiones anteriores a 6.2.0 permite a atacantes remotos ejecutar código arbitrario a través de vectores no especificados involucrando la funcionalidad ping. • http://www.solarwinds.com/documentation/lem/docs/releasenotes/releasenotes.htm https://security.gentoo.org/glsa/201603-11 • CWE-264: Permissions, Privileges, and Access Controls •