«
Expand/Collapse
197 items tagged "emc"
Related tags:
security [+],
protection [+],
data [+],
celerra [+],
sourceone [+],
replication manager [+],
potential security vulnerability [+],
administrative privileges [+],
security division [+],
multiple [+],
information disclosure vulnerability [+],
zdi [+],
server [+],
rsa [+],
opcode [+],
malicious user [+],
homebase [+],
division [+],
applicationxtender [+],
application versions [+],
access [+],
windows xp sp3 [+],
windows 2003 sp2 [+],
vulnerabilities [+],
unauthorized access [+],
replication [+],
networker module [+],
microsoft applications [+],
format [+],
code versions [+],
bugtraq [+],
world writable [+],
web [+],
vnx [+],
txt [+],
tiering [+],
smarts [+],
service [+],
safer use [+],
privilege elevation vulnerability [+],
null pointer [+],
network configuration manager [+],
network [+],
module [+],
lifeline [+],
ionix [+],
iomega [+],
format string [+],
emc smarts [+],
einput [+],
domain [+],
content [+],
cloud [+],
captiva [+],
asp [+],
code execution [+],
xplore [+],
upload [+],
unauthorized user [+],
udp protocol [+],
sprintf function [+],
spoofing [+],
server versions [+],
server directory [+],
security control [+],
rpc services [+],
read access [+],
process communications [+],
privilege escalation vulnerability [+],
privilege [+],
port forwarding [+],
nmm [+],
network storage devices [+],
metasploit [+],
manager. affected [+],
malicious users [+],
license server [+],
license [+],
legato [+],
irm [+],
fma [+],
file upload [+],
file [+],
email management [+],
database connection [+],
configuration file [+],
arbitrary files [+],
affected systems [+],
autostart [+],
networker [+],
emc documentum [+],
unified storage [+],
unified [+],
twsl [+],
storage platform [+],
sparc versions [+],
service vulnerability [+],
security advisory [+],
secunia [+],
rpc service [+],
root nfs [+],
rights management [+],
rights [+],
premise [+],
networker server [+],
network attached storage [+],
nas [+],
multiple products [+],
manager [+],
librpc [+],
hackaday [+],
esa [+],
domain administrators [+],
domain administrator [+],
advisory [+],
documentum [+],
ftagent [+],
unspecified [+],
storcenter [+],
session hijacking [+],
security fixes [+],
rich [+],
retired [+],
remote access [+],
overflow [+],
nsrd [+],
nfs [+],
manager client [+],
manager agent [+],
logging code [+],
links [+],
library [+],
keyboard labels [+],
keyboard [+],
indexd [+],
hot fix [+],
escalation [+],
esa [+],
enforcement [+],
emc2 [+],
domain administration [+],
disk library [+],
disk [+],
desktop [+],
cta [+],
content server [+],
connecticut [+],
cnc [+],
bypass [+],
arbitrary [+],
administration [+],
access control [+],
eroom [+],
arbitrary code execution [+],
denial of service [+],
avamar [+],
vulnerability [+],
documentum eroom [+],
code [+],
information [+],
multiple buffer overflow [+],
information disclosure [+],
buffer overflow vulnerabilities [+],
buffer [+],
memory corruption [+],
integer overflow [+],
emc celerra [+],
buffer overflow vulnerability [+]
-
-
23:17
»
Packet Storm Security Advisories
Secunia Security Advisory - A vulnerability has been reported in EMC Data Protection Advisor, which can be exploited by malicious people to disclose certain sensitive information.
-
23:17
»
Packet Storm Security Advisories
Secunia Security Advisory - A vulnerability has been reported in EMC Data Protection Advisor, which can be exploited by malicious people to disclose certain sensitive information.
-
-
14:01
»
Hack a Day
EMC2 CNC keyboard labels If you’ve got a dedicated computer running EMC2 for CNC control you may be interested in these keyboard labels. [Rich] mentions that they use the labels for their engraver at the Connecticut Hackerspace. Just print them out and glue them in the face of the keys. Dev board seminars and freebies [...]
-
-
16:00
»
SecuriTeam
EMC NetWorker is prone to a format-string vulnerability.
-
8:14
»
Packet Storm Security Advisories
EMC Smarts Network Configuration Manager versions prior to 9.1 suffer from hard-coded encryption key and unauthenticated database connection vulnerabilities.
-
8:14
»
Packet Storm Security Recent Files
EMC Smarts Network Configuration Manager versions prior to 9.1 suffer from hard-coded encryption key and unauthenticated database connection vulnerabilities.
-
8:14
»
Packet Storm Security Misc. Files
EMC Smarts Network Configuration Manager versions prior to 9.1 suffer from hard-coded encryption key and unauthenticated database connection vulnerabilities.
-
-
21:17
»
Packet Storm Security Exploits
This Metasploit module exploits a format string vulnerability in the lg_sprintf function as implemented in liblocal.dll on EMC Networker products. This Metasploit module exploits the vulnerability by using a specially crafted RPC call to the program number 0x5F3DD, version 0x02, and procedure 0x06. This Metasploit module has been tested successfully on EMC Networker 7.6 SP3 on Windows XP SP3 and Windows 2003 SP2 (DEP bypass).
-
21:17
»
Packet Storm Security Recent Files
This Metasploit module exploits a format string vulnerability in the lg_sprintf function as implemented in liblocal.dll on EMC Networker products. This Metasploit module exploits the vulnerability by using a specially crafted RPC call to the program number 0x5F3DD, version 0x02, and procedure 0x06. This Metasploit module has been tested successfully on EMC Networker 7.6 SP3 on Windows XP SP3 and Windows 2003 SP2 (DEP bypass).
-
21:17
»
Packet Storm Security Misc. Files
This Metasploit module exploits a format string vulnerability in the lg_sprintf function as implemented in liblocal.dll on EMC Networker products. This Metasploit module exploits the vulnerability by using a specially crafted RPC call to the program number 0x5F3DD, version 0x02, and procedure 0x06. This Metasploit module has been tested successfully on EMC Networker 7.6 SP3 on Windows XP SP3 and Windows 2003 SP2 (DEP bypass).
-
-
16:58
»
Packet Storm Security Advisories
Vulnerabilities exist in EMC NMM that could potentially be exploited by a malicious user to execute arbitrary code. Also, there is a risk that sensitive information could be disclosed under specific circumstances described in the details below.
-
16:58
»
Packet Storm Security Recent Files
Vulnerabilities exist in EMC NMM that could potentially be exploited by a malicious user to execute arbitrary code. Also, there is a risk that sensitive information could be disclosed under specific circumstances described in the details below.
-
16:58
»
Packet Storm Security Misc. Files
Vulnerabilities exist in EMC NMM that could potentially be exploited by a malicious user to execute arbitrary code. Also, there is a risk that sensitive information could be disclosed under specific circumstances described in the details below.
-
-
14:41
»
Packet Storm Security Advisories
A format string vulnerability exists in the EMC NetWorker nsrd RPC service that could potentially be exploited by a malicious user to execute arbitrary code. Versions 8.0, 7.6.4, and 7.6.3 are all affected.
-
14:41
»
Packet Storm Security Recent Files
A format string vulnerability exists in the EMC NetWorker nsrd RPC service that could potentially be exploited by a malicious user to execute arbitrary code. Versions 8.0, 7.6.4, and 7.6.3 are all affected.
-
14:41
»
Packet Storm Security Misc. Files
A format string vulnerability exists in the EMC NetWorker nsrd RPC service that could potentially be exploited by a malicious user to execute arbitrary code. Versions 8.0, 7.6.4, and 7.6.3 are all affected.
-
-
21:28
»
Packet Storm Security Advisories
A vulnerability in EMC Cloud Tiering Appliance aka CTA (formerly EMC FMA) could allow an unauthorized user to log in to the affected system as a GUI user with full administrative privileges by providing a specifically crafted malicious file during authentication process.
-
21:28
»
Packet Storm Security Recent Files
A vulnerability in EMC Cloud Tiering Appliance aka CTA (formerly EMC FMA) could allow an unauthorized user to log in to the affected system as a GUI user with full administrative privileges by providing a specifically crafted malicious file during authentication process.
-
21:28
»
Packet Storm Security Misc. Files
A vulnerability in EMC Cloud Tiering Appliance aka CTA (formerly EMC FMA) could allow an unauthorized user to log in to the affected system as a GUI user with full administrative privileges by providing a specifically crafted malicious file during authentication process.
-
-
20:00
»
Packet Storm Security Advisories
A vulnerability exists in EMC ApplicationXtender products that may allow an attacker to upload arbitrary files on affected systems. EMC ApplicationXtender Web Access .NET versions 6.5 P1 and earlier are affected.
-
20:00
»
Packet Storm Security Recent Files
A vulnerability exists in EMC ApplicationXtender products that may allow an attacker to upload arbitrary files on affected systems. EMC ApplicationXtender Web Access .NET versions 6.5 P1 and earlier are affected.
-
20:00
»
Packet Storm Security Misc. Files
A vulnerability exists in EMC ApplicationXtender products that may allow an attacker to upload arbitrary files on affected systems. EMC ApplicationXtender Web Access .NET versions 6.5 P1 and earlier are affected.
-
-
17:00
»
SecuriTeam
EMC AutoStart is prone to multiple buffer-overflow vulnerabilities.
-
-
19:45
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-161 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the EMC Autostart ftAgent, which is deployed on machines managed by EMC Autostart by default. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing routines for op-codes used by EMC Autostart ftAgent's proprietary network protocol. This ftAgent.exe service listens on TCP port 8045, and performs arithmetic for memory size calculation using values read from the network without validation. This arithmetic is susceptible to integer overflow, causing the memory allocation to be undersized, ultimately allowing for heap-based memory corruption. An attacker can exploit this condition to gain remote code execution as user SYSTEM.
-
19:45
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-161 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the EMC Autostart ftAgent, which is deployed on machines managed by EMC Autostart by default. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing routines for op-codes used by EMC Autostart ftAgent's proprietary network protocol. This ftAgent.exe service listens on TCP port 8045, and performs arithmetic for memory size calculation using values read from the network without validation. This arithmetic is susceptible to integer overflow, causing the memory allocation to be undersized, ultimately allowing for heap-based memory corruption. An attacker can exploit this condition to gain remote code execution as user SYSTEM.
-
19:45
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-161 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the EMC Autostart ftAgent, which is deployed on machines managed by EMC Autostart by default. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing routines for op-codes used by EMC Autostart ftAgent's proprietary network protocol. This ftAgent.exe service listens on TCP port 8045, and performs arithmetic for memory size calculation using values read from the network without validation. This arithmetic is susceptible to integer overflow, causing the memory allocation to be undersized, ultimately allowing for heap-based memory corruption. An attacker can exploit this condition to gain remote code execution as user SYSTEM.
-
19:44
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-160 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the EMC Autostart ftAgent, which is deployed on machines managed by EMC Autostart by default. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing routines for op-codes used by EMC Autostart ftAgent's proprietary network protocol. This ftAgent.exe service listens on TCP port 8045, and performs arithmetic for memory size calculation using values read from the network without validation. This arithmetic is susceptible to integer overflow, causing the memory allocation to be undersized, ultimately allowing for heap-based memory corruption. An attacker can exploit this condition to gain remote code execution as user SYSTEM.
-
19:44
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-160 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the EMC Autostart ftAgent, which is deployed on machines managed by EMC Autostart by default. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing routines for op-codes used by EMC Autostart ftAgent's proprietary network protocol. This ftAgent.exe service listens on TCP port 8045, and performs arithmetic for memory size calculation using values read from the network without validation. This arithmetic is susceptible to integer overflow, causing the memory allocation to be undersized, ultimately allowing for heap-based memory corruption. An attacker can exploit this condition to gain remote code execution as user SYSTEM.
-
19:42
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-159 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the EMC Autostart ftAgent, which is deployed on machines managed by EMC Autostart by default. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing routines for op-codes used by EMC Autostart ftAgent's proprietary network protocol. This ftAgent.exe service listens on TCP port 8045, and performs arithmetic for memory size calculation using values read from the network without validation. This arithmetic is susceptible to integer overflow, causing the memory allocation to be undersized, ultimately allowing for heap-based memory corruption. An attacker can exploit this condition to gain remote code execution as user SYSTEM.
-
19:42
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-159 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the EMC Autostart ftAgent, which is deployed on machines managed by EMC Autostart by default. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing routines for op-codes used by EMC Autostart ftAgent's proprietary network protocol. This ftAgent.exe service listens on TCP port 8045, and performs arithmetic for memory size calculation using values read from the network without validation. This arithmetic is susceptible to integer overflow, causing the memory allocation to be undersized, ultimately allowing for heap-based memory corruption. An attacker can exploit this condition to gain remote code execution as user SYSTEM.
-
19:42
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-159 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the EMC Autostart ftAgent, which is deployed on machines managed by EMC Autostart by default. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing routines for op-codes used by EMC Autostart ftAgent's proprietary network protocol. This ftAgent.exe service listens on TCP port 8045, and performs arithmetic for memory size calculation using values read from the network without validation. This arithmetic is susceptible to integer overflow, causing the memory allocation to be undersized, ultimately allowing for heap-based memory corruption. An attacker can exploit this condition to gain remote code execution as user SYSTEM.
-
-
15:41
»
Packet Storm Security Advisories
Zero Day Initiative Advisory 12-144 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the EMC Autostart ftAgent, which is deployed on machines managed by EMC Autostart by default. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing routines for op-codes used by EMC Autostart ftAgent's proprietary network protocol. This ftAgent.exe service listens on TCP port 8045, and performs arithmetic for memory size calculation using values read from the network without validation. This arithmetic is susceptible to integer overflow, causing the memory allocation to be undersized, ultimately allowing for heap-based memory corruption. An attacker can exploit this condition to gain remote code execution as user SYSTEM.
-
15:41
»
Packet Storm Security Recent Files
Zero Day Initiative Advisory 12-144 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the EMC Autostart ftAgent, which is deployed on machines managed by EMC Autostart by default. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing routines for op-codes used by EMC Autostart ftAgent's proprietary network protocol. This ftAgent.exe service listens on TCP port 8045, and performs arithmetic for memory size calculation using values read from the network without validation. This arithmetic is susceptible to integer overflow, causing the memory allocation to be undersized, ultimately allowing for heap-based memory corruption. An attacker can exploit this condition to gain remote code execution as user SYSTEM.
-
15:41
»
Packet Storm Security Misc. Files
Zero Day Initiative Advisory 12-144 - This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the EMC Autostart ftAgent, which is deployed on machines managed by EMC Autostart by default. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parsing routines for op-codes used by EMC Autostart ftAgent's proprietary network protocol. This ftAgent.exe service listens on TCP port 8045, and performs arithmetic for memory size calculation using values read from the network without validation. This arithmetic is susceptible to integer overflow, causing the memory allocation to be undersized, ultimately allowing for heap-based memory corruption. An attacker can exploit this condition to gain remote code execution as user SYSTEM.
-
-
19:41
»
Packet Storm Security Advisories
A vulnerability exists for Iomega network storage devices with EMC Lifeline firmware that can potentially be exploited to gain unauthorized access to remote shares in certain circumstances. If remote access (including port-forwarding) is enabled on affected Iomega devices, all created shares (including shares on connected USB devices) could potentially be accessed by unauthorized remote users or systems due to access control issues.
-
19:41
»
Packet Storm Security Recent Files
A vulnerability exists for Iomega network storage devices with EMC Lifeline firmware that can potentially be exploited to gain unauthorized access to remote shares in certain circumstances. If remote access (including port-forwarding) is enabled on affected Iomega devices, all created shares (including shares on connected USB devices) could potentially be accessed by unauthorized remote users or systems due to access control issues.
-
19:41
»
Packet Storm Security Misc. Files
A vulnerability exists for Iomega network storage devices with EMC Lifeline firmware that can potentially be exploited to gain unauthorized access to remote shares in certain circumstances. If remote access (including port-forwarding) is enabled on affected Iomega devices, all created shares (including shares on connected USB devices) could potentially be accessed by unauthorized remote users or systems due to access control issues.
-
-
17:00
»
SecuriTeam
EMC Multiple Products are prone to a security-bypass vulnerability.
-
-
19:05
»
Packet Storm Security Advisories
A vulnerability exists in EMC Celerra/VNX/VNXe systems that can be potentially exploited to gain unauthorized access to distributed files and directories. In certain circumstances, NFS v2/3/4 clients with network access to exported file systems may be able to gain unauthorized access to files or directories in that file system due to access control issues.
-
19:05
»
Packet Storm Security Recent Files
A vulnerability exists in EMC Celerra/VNX/VNXe systems that can be potentially exploited to gain unauthorized access to distributed files and directories. In certain circumstances, NFS v2/3/4 clients with network access to exported file systems may be able to gain unauthorized access to files or directories in that file system due to access control issues.
-
19:05
»
Packet Storm Security Misc. Files
A vulnerability exists in EMC Celerra/VNX/VNXe systems that can be potentially exploited to gain unauthorized access to distributed files and directories. In certain circumstances, NFS v2/3/4 clients with network access to exported file systems may be able to gain unauthorized access to files or directories in that file system due to access control issues.
-
-
8:22
»
Packet Storm Security Advisories
EMC AutoStart contains multiple buffer overflow vulnerabilities which can be exploited to potentially cause a denial of service, or possibly, execute arbitrary code within the context of the affected application. Versions 5.3.x and 5.4.x are affected.
-
8:22
»
Packet Storm Security Recent Files
EMC AutoStart contains multiple buffer overflow vulnerabilities which can be exploited to potentially cause a denial of service, or possibly, execute arbitrary code within the context of the affected application. Versions 5.3.x and 5.4.x are affected.
-
8:22
»
Packet Storm Security Misc. Files
EMC AutoStart contains multiple buffer overflow vulnerabilities which can be exploited to potentially cause a denial of service, or possibly, execute arbitrary code within the context of the affected application. Versions 5.3.x and 5.4.x are affected.
-
8:39
»
Packet Storm Security Misc. Files
EMC Information Rights Management (IRM) contains vulnerabilities that can potentially be exploited by malicious users to cause denial of service.
-
-
5:12
»
Packet Storm Security Advisories
EMC Data Protection Advisor (DPA) contains vulnerabilities that can potentially be exploited by malicious users to cause denial of service.
-
-
16:04
»
Packet Storm Security Advisories
EMC Documentum xPlore contains an information disclosure vulnerability that may allow unauthorized users, under certain circumstances, to see certain information on protected objects in an xPlore search result. They will not, however, be allowed to view the objects themselves, or any associated content. Versions 1.0, 1.1 and 1.2 are affected.
-
16:04
»
Packet Storm Security Recent Files
EMC Documentum xPlore contains an information disclosure vulnerability that may allow unauthorized users, under certain circumstances, to see certain information on protected objects in an xPlore search result. They will not, however, be allowed to view the objects themselves, or any associated content. Versions 1.0, 1.1 and 1.2 are affected.
-
16:04
»
Packet Storm Security Misc. Files
EMC Documentum xPlore contains an information disclosure vulnerability that may allow unauthorized users, under certain circumstances, to see certain information on protected objects in an xPlore search result. They will not, however, be allowed to view the objects themselves, or any associated content. Versions 1.0, 1.1 and 1.2 are affected.
-
-
17:54
»
Packet Storm Security Advisories
EMC Documentum Content Server contains a privilege elevation vulnerability that may allow an unauthorized user to obtain highest administrative privileges on the system.
-
17:54
»
Packet Storm Security Recent Files
EMC Documentum Content Server contains a privilege elevation vulnerability that may allow an unauthorized user to obtain highest administrative privileges on the system.
-
17:54
»
Packet Storm Security Misc. Files
EMC Documentum Content Server contains a privilege elevation vulnerability that may allow an unauthorized user to obtain highest administrative privileges on the system.
-
-
13:24
»
Packet Storm Security Recent Files
EMC NetWorker Server 7.5.x and 7.6.x contain a buffer overflow vulnerability which may possibly be exploited to cause a denial of service or, possibly, arbitrary code execution.
-
13:24
»
Packet Storm Security Misc. Files
EMC NetWorker Server 7.5.x and 7.6.x contain a buffer overflow vulnerability which may possibly be exploited to cause a denial of service or, possibly, arbitrary code execution.
-
-
16:54
»
Packet Storm Security Advisories
EMC SourceOne Web Search contains a vulnerability that may, under certain circumstances, log sensitive user credential information in plain text to the OS log of the web server. This can potentially be exploited by an unprivileged user with access to log information to gain access to the protected SourceOne components.
-
16:54
»
Packet Storm Security Recent Files
EMC SourceOne Web Search contains a vulnerability that may, under certain circumstances, log sensitive user credential information in plain text to the OS log of the web server. This can potentially be exploited by an unprivileged user with access to log information to gain access to the protected SourceOne components.
-
16:54
»
Packet Storm Security Misc. Files
EMC SourceOne Web Search contains a vulnerability that may, under certain circumstances, log sensitive user credential information in plain text to the OS log of the web server. This can potentially be exploited by an unprivileged user with access to log information to gain access to the protected SourceOne components.
-
-
15:39
»
SecuriTeam
The EMC Documentum eRoom Indexing Server OpenText HummingBird Connector Code Execution Vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC Documentum eRoom Indexing Server.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
10:00
»
SecurityFocus Vulnerabilities
ESA-2011-036: RSA, The Security Division of EMC, announces the release of a Security Fix for RSA(r) Adaptive Authentication (On-Premise)
-
-
13:14
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC AutoStart High Availability.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
11:34
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC AutoStart.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
11:29
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of EMC AutoStart.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
15:03
»
Packet Storm Security Advisories
A file-blocking feature introduced in EMC Documentum eRoom version 7.3 allows site administrators to employ a security control to block certain file types from being uploaded or opened in eRoom on a site-wide basis. A flaw in validation may allow an authenticated user to bypass this security control and upload arbitrary files to eRoom.
-
15:03
»
Packet Storm Security Recent Files
A file-blocking feature introduced in EMC Documentum eRoom version 7.3 allows site administrators to employ a security control to block certain file types from being uploaded or opened in eRoom on a site-wide basis. A flaw in validation may allow an authenticated user to bypass this security control and upload arbitrary files to eRoom.
-
15:03
»
Packet Storm Security Misc. Files
A file-blocking feature introduced in EMC Documentum eRoom version 7.3 allows site administrators to employ a security control to block certain file types from being uploaded or opened in eRoom on a site-wide basis. A flaw in validation may allow an authenticated user to bypass this security control and upload arbitrary files to eRoom.
-
-
11:39
»
Packet Storm Security Advisories
Multiple EMC Ionix products contain a buffer overflow vulnerability. The vulnerability may allow a remote unauthenticated user to send a specially-crafted message over TCP or UDP to cause a denial of service or, possibly, execute arbitrary code.
-
11:39
»
Packet Storm Security Recent Files
Multiple EMC Ionix products contain a buffer overflow vulnerability. The vulnerability may allow a remote unauthenticated user to send a specially-crafted message over TCP or UDP to cause a denial of service or, possibly, execute arbitrary code.
-
11:39
»
Packet Storm Security Misc. Files
Multiple EMC Ionix products contain a buffer overflow vulnerability. The vulnerability may allow a remote unauthenticated user to send a specially-crafted message over TCP or UDP to cause a denial of service or, possibly, execute arbitrary code.
-
-
13:22
»
Packet Storm Security Recent Files
EMC Avamar software contains a potential privilege enforcement bypass vulnerability. This could allow a domain administrator or operator to restore data from and/or to clients in another domain to which the administrator or operator is not intended to have access rights. This flaw may also allow domain administrators or operators to view information about backup, restore and replication activities associated within another domain. Versions 4.x, 5.0.x, and 6.0.x are affected.
-
13:22
»
Packet Storm Security Misc. Files
EMC Avamar software contains a potential privilege enforcement bypass vulnerability. This could allow a domain administrator or operator to restore data from and/or to clients in another domain to which the administrator or operator is not intended to have access rights. This flaw may also allow domain administrators or operators to view information about backup, restore and replication activities associated within another domain. Versions 4.x, 5.0.x, and 6.0.x are affected.
-
-
18:40
»
Packet Storm Security Advisories
EMC AutoStart contains multiple buffer overflow vulnerabilities which can be exploited to potentially cause a denial of service, or possibly, execute arbitrary code within the context of the affected application. Versions 5.3.x and 5.4.x are affected.
-
18:40
»
Packet Storm Security Recent Files
EMC AutoStart contains multiple buffer overflow vulnerabilities which can be exploited to potentially cause a denial of service, or possibly, execute arbitrary code within the context of the affected application. Versions 5.3.x and 5.4.x are affected.
-
18:40
»
Packet Storm Security Misc. Files
EMC AutoStart contains multiple buffer overflow vulnerabilities which can be exploited to potentially cause a denial of service, or possibly, execute arbitrary code within the context of the affected application. Versions 5.3.x and 5.4.x are affected.
-
-
23:32
»
Packet Storm Security Advisories
A vulnerability exists in EMC Data Protection Advisor versions prior to 5.8.1 in which sensitive information may be exposed in clear text in the configuration file.
-
23:32
»
Packet Storm Security Recent Files
A vulnerability exists in EMC Data Protection Advisor versions prior to 5.8.1 in which sensitive information may be exposed in clear text in the configuration file.
-
23:32
»
Packet Storm Security Misc. Files
A vulnerability exists in EMC Data Protection Advisor versions prior to 5.8.1 in which sensitive information may be exposed in clear text in the configuration file.
-
17:08
»
Packet Storm Security Advisories
EMC Captiva eInput version 2.1.1 contains two vulnerabilities which can be exploited for conducting cross site scripting attacks, retrieving files on an affected system, or causing a denial of service.
-
17:08
»
Packet Storm Security Recent Files
EMC Captiva eInput version 2.1.1 contains two vulnerabilities which can be exploited for conducting cross site scripting attacks, retrieving files on an affected system, or causing a denial of service.
-
17:08
»
Packet Storm Security Misc. Files
EMC Captiva eInput version 2.1.1 contains two vulnerabilities which can be exploited for conducting cross site scripting attacks, retrieving files on an affected system, or causing a denial of service.
-
7:14
»
Packet Storm Security Advisories
EMC Documentum eRoom's Indexing Server contains a buffer overflow vulnerability which can be exploited to cause a denial of service, or possibly, arbitrary code execution. 7.x versions are affected.
-
7:14
»
Packet Storm Security Recent Files
EMC Documentum eRoom's Indexing Server contains a buffer overflow vulnerability which can be exploited to cause a denial of service, or possibly, arbitrary code execution. 7.x versions are affected.
-
7:14
»
Packet Storm Security Misc. Files
EMC Documentum eRoom's Indexing Server contains a buffer overflow vulnerability which can be exploited to cause a denial of service, or possibly, arbitrary code execution. 7.x versions are affected.
-
-
19:16
»
Packet Storm Security Advisories
EMC SourceOne Email Management may allow the disclosure of application-sensitive information using ASP.NET Application Tracing. The ASP.NET application trace is enabled in affected versions of EMC SourceOne Email Management. This trace file may contain application-sensitive information that can be accessed by a remote user. Authentication is required to access the trace file.
-
19:16
»
Packet Storm Security Recent Files
EMC SourceOne Email Management may allow the disclosure of application-sensitive information using ASP.NET Application Tracing. The ASP.NET application trace is enabled in affected versions of EMC SourceOne Email Management. This trace file may contain application-sensitive information that can be accessed by a remote user. Authentication is required to access the trace file.
-
19:16
»
Packet Storm Security Misc. Files
EMC SourceOne Email Management may allow the disclosure of application-sensitive information using ASP.NET Application Tracing. The ASP.NET application trace is enabled in affected versions of EMC SourceOne Email Management. This trace file may contain application-sensitive information that can be accessed by a remote user. Authentication is required to access the trace file.
-
-
16:59
»
Packet Storm Security Recent Files
This Metasploit module exploits a directory traversal and remote code execution flaw in EMC HomeBase Server 6.3.0. Note: This Metasploit module has only been tested against Windows XP SP3 and Windows 2003 SP2.
-
16:59
»
Packet Storm Security Misc. Files
This Metasploit module exploits a directory traversal and remote code execution flaw in EMC HomeBase Server 6.3.0. Note: This Metasploit module has only been tested against Windows XP SP3 and Windows 2003 SP2.
-
-
13:22
»
Packet Storm Security Advisories
EMC NetWorker contains a potential security vulnerability that can be exploited to execute malicious code with elevated privileges on the affected system.
-
13:22
»
Packet Storm Security Recent Files
EMC NetWorker contains a potential security vulnerability that can be exploited to execute malicious code with elevated privileges on the affected system.
-
13:22
»
Packet Storm Security Misc. Files
EMC NetWorker contains a potential security vulnerability that can be exploited to execute malicious code with elevated privileges on the affected system.
-
-
15:46
»
Packet Storm Security Advisories
A vulnerability exists in EMC Replication Manager which is embedded in NetWorker Module for Microsoft Applications (NMM). The vulnerability may allow arbitrary code execution on vulnerable installations of the product. Versions affected include EMC NetWorker Module for Microsoft Applications 2.1.x / 2.2.x.
-
15:46
»
Packet Storm Security Recent Files
A vulnerability exists in EMC Replication Manager which is embedded in NetWorker Module for Microsoft Applications (NMM). The vulnerability may allow arbitrary code execution on vulnerable installations of the product. Versions affected include EMC NetWorker Module for Microsoft Applications 2.1.x / 2.2.x.
-
15:46
»
Packet Storm Security Misc. Files
A vulnerability exists in EMC Replication Manager which is embedded in NetWorker Module for Microsoft Applications (NMM). The vulnerability may allow arbitrary code execution on vulnerable installations of the product. Versions affected include EMC NetWorker Module for Microsoft Applications 2.1.x / 2.2.x.
-
-
10:50
»
Packet Storm Security Recent Files
EMC Data Protection Advisor Collector for Solaris SPARC contains a potential security vulnerability that can be exploited to execute malicious code with elevated privileges on the affected system. EMC Data Protection Advisor Collector for Solaris SPARC versions 5.7 earlier than build 5833 and 5.7.1 earlier than build 5833 are affected.
-
10:50
»
Packet Storm Security Misc. Files
EMC Data Protection Advisor Collector for Solaris SPARC contains a potential security vulnerability that can be exploited to execute malicious code with elevated privileges on the affected system. EMC Data Protection Advisor Collector for Solaris SPARC versions 5.7 earlier than build 5833 and 5.7.1 earlier than build 5833 are affected.
-
-
7:29
»
Packet Storm Security Advisories
EMC Avamar utilizes an internally developed service utility which can potentially transmit customer sensitive information in clear text for certain events to other EMC internal systems as part of normal operations. Also, emails configured to be sent by the customer to notify about these events, may also potentially contain sensitive information. Versions 5.0.0-407 and later but prior to 5.0.4 are affected.
-
7:29
»
Packet Storm Security Recent Files
EMC Avamar utilizes an internally developed service utility which can potentially transmit customer sensitive information in clear text for certain events to other EMC internal systems as part of normal operations. Also, emails configured to be sent by the customer to notify about these events, may also potentially contain sensitive information. Versions 5.0.0-407 and later but prior to 5.0.4 are affected.
-
7:29
»
Packet Storm Security Misc. Files
EMC Avamar utilizes an internally developed service utility which can potentially transmit customer sensitive information in clear text for certain events to other EMC internal systems as part of normal operations. Also, emails configured to be sent by the customer to notify about these events, may also potentially contain sensitive information. Versions 5.0.0-407 and later but prior to 5.0.4 are affected.
-
7:27
»
Packet Storm Security Recent Files
EMC Avamar contains a potential privilege escalation vulnerability that may allow an authenticated user to obtain escalated administrative privileges in the affected system. Versions 5.0.4-26 and below are affected.
-
7:27
»
Packet Storm Security Misc. Files
EMC Avamar contains a potential privilege escalation vulnerability that may allow an authenticated user to obtain escalated administrative privileges in the affected system. Versions 5.0.4-26 and below are affected.
-
-
19:35
»
SecuriTeam
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of the EMC Replication Manager Client.
-
Make your website safer. Use external penetration testing service. First report ready in one hour!
-
-
4:12
»
Packet Storm Security Advisories
EMC Replication Manager contains a potential vulnerability that may allow remote unauthenticated user to execute arbitrary code on vulnerable installations of the EMC Replication Manager. Affected products include EMC Replication Manager versions earlier than 5.3, EMC NetWorker Module for Microsoft Applications versions 2.1.x and 2.2.x.
-
4:12
»
Packet Storm Security Recent Files
EMC Replication Manager contains a potential vulnerability that may allow remote unauthenticated user to execute arbitrary code on vulnerable installations of the EMC Replication Manager. Affected products include EMC Replication Manager versions earlier than 5.3, EMC NetWorker Module for Microsoft Applications versions 2.1.x and 2.2.x.
-
4:12
»
Packet Storm Security Misc. Files
EMC Replication Manager contains a potential vulnerability that may allow remote unauthenticated user to execute arbitrary code on vulnerable installations of the EMC Replication Manager. Affected products include EMC Replication Manager versions earlier than 5.3, EMC NetWorker Module for Microsoft Applications versions 2.1.x and 2.2.x.
-
-
11:11
»
Packet Storm Security Advisories
A vulnerability exists in EMC NetWorker which can be exploited to potentially create a denial of service condition or eavesdrop on process communications. EMC Networker uses an RPC library to provide a portmapper service within nsrexecd. The portmapper restricts access for service commands to the localhost. However, the UDP protocol allows malicious users to spoof the source address of the network packet making it appear it originated from the localhost. This potentially may allow a remote malicious user to unregister existing NetWorker RPC services or register new RPC services. EMC NetWorker versions 7.5.3.5, 7.5 SP4 and later, and 7.6.1.2 and later are affected.
-
11:11
»
Packet Storm Security Recent Files
A vulnerability exists in EMC NetWorker which can be exploited to potentially create a denial of service condition or eavesdrop on process communications. EMC Networker uses an RPC library to provide a portmapper service within nsrexecd. The portmapper restricts access for service commands to the localhost. However, the UDP protocol allows malicious users to spoof the source address of the network packet making it appear it originated from the localhost. This potentially may allow a remote malicious user to unregister existing NetWorker RPC services or register new RPC services. EMC NetWorker versions 7.5.3.5, 7.5 SP4 and later, and 7.6.1.2 and later are affected.
-
11:11
»
Packet Storm Security Misc. Files
A vulnerability exists in EMC NetWorker which can be exploited to potentially create a denial of service condition or eavesdrop on process communications. EMC Networker uses an RPC library to provide a portmapper service within nsrexecd. The portmapper restricts access for service commands to the localhost. However, the UDP protocol allows malicious users to spoof the source address of the network packet making it appear it originated from the localhost. This potentially may allow a remote malicious user to unregister existing NetWorker RPC services or register new RPC services. EMC NetWorker versions 7.5.3.5, 7.5 SP4 and later, and 7.6.1.2 and later are affected.
-
-
9:00
»
SecurityFocus Vulnerabilities
ESA-2010-019: RSA, The Security Division of EMC, is reissuing this advisory regarding a potential cross-site scripting vulnerability that has been identified in RSAR Adaptive Authentication (On Premise) versions 2.x and 5.7.x. Patch 105162
-
-
0:00
»
SecurityFocus Vulnerabilities
EMC Celerra Unified Storage Platform NAS Security Bypass Vulnerability
-
-
21:01
»
Packet Storm Security Recent Files
A vulnerability exists in EMC Celerra which can be exploited to gain unauthorized access to root NFS export on EMC Celerra NAS. NAS Code versions 5.6.50 and below are affected.
-
21:01
»
Packet Storm Security Advisories
A vulnerability exists in EMC Celerra which can be exploited to gain unauthorized access to root NFS export on EMC Celerra NAS. NAS Code versions 5.6.50 and below are affected.
-
-
18:01
»
Packet Storm Security Recent Files
A vulnerability exists in EMC Avamar which can be exploited by an unauthenticated remote user to cause denial of service. Versions 4.1.x and 5.0 are affected.
-
18:00
»
Packet Storm Security Advisories
A vulnerability exists in EMC Avamar which can be exploited by an unauthenticated remote user to cause denial of service. Versions 4.1.x and 5.0 are affected.
0day.today (was: 1337day, Inj3ct0r, 1337db)
OSVDB Vulnerabilities
Exploit-DB
Bugtraq
XSSed
Sophos security news
Penetration Testing
BackTrack Linux Forums
Threatpost
SecDocs
carnal0wnage.attackresearch.com
Carnal0wnage
Darknet
The Exploitant
Wirevolution