Page 67 of 671 results (0.006 seconds)

CVSS: 10.0EPSS: 95%CPEs: 3EXPL: 2

CVE-2010-4323 – Novell ZenWorks TFTPD Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2010-4323

Heap-based buffer overflow in novell-tftp.exe in Novell ZENworks Configuration Manager (ZCM) 10.3.1, 10.3.2, and 11.0, and earlier versions, allows remote attackers to execute arbitrary code via a long TFTP request. Desbordamiento de búfer basado en memoria dinámica en novell-tftp.exe en Novell ZENworks Configuration Manager (ZCM) v10.3.1, v10.3.2, y v11.0 y versiones anteriores, permite a atacantes remotos ejecutar código arbitrario a través de una consulta TFTP demasiado larga. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell Zenworks Configuration Manager. Authentication is not required to exploit this vulnerability. The flaw exists within the novell-tftp.exe component which listens by default on UDP port 69. When handling a request the process blindly copies user supplied data into a fixed-length buffer on the heap. • https://www.exploit-db.com/exploits/16191 http://secunia.com/advisories/43379 http://securityreason.com/securityalert/8092 http://securityreason.com/securityalert/8094 http://www.novell.com/support/viewContent.do?externalId=7007896 http://www.securityfocus.com/archive/1/516524/100/0/threaded http://www.securityfocus.com/bid/46434 http://www.securitytracker.com/id?1025092 http://www.vupen.com/english/advisories/2011/0425 http://www.zerodayinitiative.com/advisories/ZDI-11-089 https:/ • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.0EPSS: 93%CPEs: 2EXPL: 1

CVE-2010-4328 – Novell iPrint LPD Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2010-4328

Multiple stack-based buffer overflows in opt/novell/iprint/bin/ipsmd in Novell iPrint for Linux Open Enterprise Server 2 SP2 and SP3 allow remote attackers to execute arbitrary code via unspecified LPR opcodes. Múltiples desbordamientos de búfer basados en pila en opt/novell/iPrint/bin/ipsmd en Novell iPrint para Linux Open Enterprise Server v2 SP2 y SP3 permiten a atacantes remotos ejecutar código de su elección a través de códigos de operación LPR no especificados. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Server. Authentication is not required to exploit this vulnerability. The flaw exists within the '/opt/novell/iprint/bin/ipsmd' component this component communicates with 'ilprsrvd' which listens on TCP port 515. When handling multiple LPR opcodes the process blindly copies user supplied data into a fixed-length buffer on the stack. • https://www.exploit-db.com/exploits/16192 http://download.novell.com/Download?buildid=KloKR_CmrBs~ http://osvdb.org/70852 http://secunia.com/advisories/43281 http://securityreason.com/securityalert/8096 http://www.novell.com/support/viewContent.do?externalId=7007858&sliceId=1 http://www.securityfocus.com/archive/1/516506/100/0/threaded http://www.securityfocus.com/bid/46309 http://www.securitytracker.com/id?1025074 http://www.vupen.com/english/advisories/2011/0353 http://ww • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 10.0EPSS: 85%CPEs: 25EXPL: 0

CVE-2011-4187 – Novell iPrint Client nipplib.dll GetDriverSettings realm Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2011-4187

Buffer overflow in the GetDriverSettings function in nipplib.dll in Novell iPrint Client before 5.78 on Windows allows remote attackers to execute arbitrary code via a long realm field, a different vulnerability than CVE-2011-3173. Desbordamiento de búfer en la función GetDriverSettings en ??nipplib.dll en el cliente de Novell iPrint antes de v5.78 en Windows permite a atacantes remotos ejecutar código de su elección a través de un campo de dominio de largo. Se trata de una vulnerabilidad diferente a CVE-2011-3173. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell iPrint Client. • http://www.novell.com/support/viewContent.do?externalId=7008708 http://www.novell.com/support/viewContent.do?externalId=7010143 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.0EPSS: 12%CPEs: 2EXPL: 0

CVE-2010-4327 – Novell eDirectory Malformed NCP Request Denial of Service Vulnerability

https://notcve.org/view.php?id=CVE-2010-4327

Unspecified vulnerability in the NCP service in Novell eDirectory 8.8.5 before 8.8.5.6 and 8.8.6 before 8.8.6.2 allows remote attackers to cause a denial of service (hang) via a malformed FileSetLock request to port 524. Vulnerabilidad no especificada en el servicio NPC en Novell eDirectory v8.8.5 anterior a v8.8.5.6 y v8.8.6 anterior a v8.8.6.2, permite a atacantes remotos provocar una denegación de servicio (cuelgue) a través de una petición FileSetLock mal formada al puerto 524. This vulnerability allows attackers to deny services on vulnerable installations of Novell eDirectory. Authentication is not required in order to trigger this vulnerability. The flaw exists within Novell's eDirectory Server's NCP implementation. Novell's eDirectory Server binds to port 524 for processing NCP requests. • http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-novell http://secunia.com/advisories/43186 http://securityreason.com/securityalert/8071 http://www.novell.com/support/viewContent.do?externalId=7007781&sliceId=2 http://www.securityfocus.com/archive/1/516279/100/0/threaded http://www.securityfocus.com/bid/46263 http://www.vupen.com/english/advisories/2011/0305 http://www.zerodayinitiative.com/advisories/ZDI-11-060 •

CVSS: 10.0EPSS: 80%CPEs: 1EXPL: 0

CVE-2011-0742

https://notcve.org/view.php?id=CVE-2011-0742

Buffer overflow in ZfHIPCND.exe in Novell ZENworks Handheld Management 7.0 allows remote attackers to execute arbitrary code via a crafted IP Conduit packet to TCP port 2400. Desbordamiento de búfer en ZfHIPCND.exe para Novell ZENworks Handheld Management v7.0 permite a atacantes remotos ejecutar código de su elección a través de un IP Conduit manipulado al puerto TCP 2400. • http://osvdb.org/70694 http://secunia.com/advisories/43094 http://telussecuritylabs.com/threats/show/FSC20110125-06 http://www.novell.com/support/viewContent.do?externalId=7007663 http://www.securityfocus.com/archive/1/516045/100/0/threaded http://www.securityfocus.com/bid/46024 http://www.securitytracker.com/id?1024993 http://www.vupen.com/english/advisories/2011/0221 http://www.zerodayinitiative.com/advisories/ZDI-11-026 https://exchange.xforce.ibmcloud.com/vulnerabilities/64930 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •