Remote DoS attack in Symantec's Email protection in NAV2000. The Protection program leaves a pop server running on the local workstation NAV2000 is installed on, which is vulnerable to a buffer overflow in a long user name.
aaccfd8e405ec8b7ba562a2709ab7e65d5140e07269bdaa79017d2aff4dbcb5dThis is a proof of concept exploit for the Apple macOS remote events remote memory corruption vulnerability. It serves as a toolkit to help debug and trigger crashes.
b71c042ede4f92abca7d1cc98ba26d58de335a31e253ab82c25fea5b3120ba80Navigate CMS version 2.9.4 suffers from a server-side request forgery vulnerability.
b7226d321fd7655199172564ee0fff7ad92f385fbf3e94875e8877905cb9c8f9The Navy Federal site at navyfederal.org suffered from a cross site scripting vulnerability.
9139d239aff0e11b1a88e1a4303fccf0bce34f1d49073a50d2a694b0640107e6Navigate CMS version 2.8.7 suffers from a cross site request forgery vulnerability.
8961bc4b73d4b971e3607195eec88ef23a82d04fa182498a545278923bf0f714Navigate CMS version 2.8.7 suffers from an authenticated directory traversal vulnerability.
574f4aff0804ec6c6a6b6b7a761deacb09295697b33a4a7f345b0cbc98bceec8Navigate CMS version 2.8.7 suffers from an authenticated remote SQL injection vulnerability.
bc463f84cf232eeecdf5aafff0ea41dc037175be44f827c9344363813fcd22faNavicat for Oracle version 12.1.15 suffers from a denial of service vulnerability.
2e3961dca146afb514786a5b9789088ad93369b7111de39f4d3e394bb93bc263Navicat version 12.0.29 denial of service proof of concept exploit.
231a26c8ddf8d51e24d21c34c2162be365afa17b01ffef4cad7713c384d4744dNavigate CMS version 2.8.5 suffers from an arbitrary file download vulnerability.
d94c48701b35c9e133b1e87004ac915eac005fb1c835c9c3b5f97f1da42e3a43This Metasploit module exploits insufficient sanitization in the database::protect method, of Navigate CMS versions 2.8 and prior, to bypass authentication. The module then uses a path traversal vulnerability in navigate_upload.php that allows authenticated users to upload PHP files to arbitrary locations. Together these vulnerabilities allow an unauthenticated attacker to execute arbitrary PHP code remotely. This Metasploit module was tested against Navigate CMS 2.8.
22f02998938d92be75a2c237be95f9c8c05395976f93aa44cc1307be7bab509bNavigate CMS version 2.8 suffers from a cross site scripting vulnerability.
3d1e3889791ee5704ddeff2642ffee9046f531575bac136689cc52a4551e35bbNavicat versions prior to 12.0.27 suffer from an oracle connection overflow vulnerability.
8d035b1e096be2a42ad3e4c182c90e91021be26b95e6eb871a04a9cc4a24f909Navarino Infinity versions prior to 2.2 suffer from session fixation and remote blind SQL injection vulnerabilities.
50cedc41f213355cd0d39ab12b744492186d722f2834bfa6a6272fcfd6ed97deRed Hat Security Advisory 2017-2648-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Security Fix: An unsigned int wrap around leading to a buffer over-read was found when parsing OFPT_QUEUE_GET_CONFIG_REPLY messages in Open vSwitch. An attacker could use this flaw to cause a remote DoS. In Open vSwitch, while parsing an OpenFlow role status message there is a call to the abort() function for undefined role status reasons in the function `ofp_print_role_status_message` in `lib/ofp-print.c` that may be leveraged toward a remote DoS attack by a malicious switch.
a89207e2a95563240c607a5d5422b72c90ed390784fb1efbcfddd8431ef00b24Red Hat Security Advisory 2017-2553-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Security Fix: An unsigned int wrap around leading to a buffer over-read was found when parsing OFPT_QUEUE_GET_CONFIG_REPLY messages in Open vSwitch. An attacker could use this flaw to cause a remote DoS. In Open vSwitch, while parsing an OpenFlow role status message there is a call to the abort() function for undefined role status reasons in the function `ofp_print_role_status_message` in `lib/ofp-print.c` that may be leveraged toward a remote DoS attack by a malicious switch.
56936320101a5b922f34ab434526419eab4c9e3ba19796ee3ceb3cb4ad530d0eNavicat Premium version 11.2.11 suffers from a local password disclosure vulnerability.
b879ec40891b563a273a3f910a10a46e8fce278ea2f895630a02d4fe93e24cc7Navis WebAccess Express version suffers from a remote SQL injection vulnerability.
e899d00245120e747625fd30545843a978d667c1473a63886f8676872038a3e8This Metasploit module exploits a stack overflow in NaviCOPA 2.0.1. The vulnerability is caused due to a boundary error within the handling of URL parameters.
75680b769706862d0c31aac17dd41320d97dfec071bab960223e9a44b506e6e2NaviCOPA versions 3.0.1.2 and below suffer from a remote source disclosure vulnerability.
3fc6e9da9a800d9bf3d42dbffadb1678a521d4c9617fb7f80e73ec9f6667301fNaviCopa Web Server version 3.01 remote buffer overflow exploit.
038ee52ab25d2b0fa80e2112950039b27704f29bb5177b9354dbabde2ad881c6NaviCopa webserver version 3.0.1 suffers from source disclosure and buffer overflow vulnerabilities.
3b04be82c1095329390188b9472a4ef89fc76ea58b7e27c221acf84b9dbf63f8Whitepaper discussing anonymous navigation of the Internet. Written in Spanish.
0b41da26eab88d13fad3fbc57615b994397df2dcf6b72b8b1ea628f55bd15e1dNavBoard version 16 suffers from multiple local file inclusion and cross site scripting vulnerabilities.
7b885728709d032b398a0528f8689d5d5a5d35668a4802114a6bb5737182ed09NavBoard version 2.6.0 remote code execution exploit.
d3bddb1ef1269c02ed7550c96e90d98c361648ebd2ebf4574bb697d762190f11This Metasploit module exploits a stack overflow in the NaviCopa HTTP server 2.01 (release version 6th October 2006 or earlier). It is not the same vulnerability as the one described in BID 20250.
03ab5a966da5ebd65eb577481b7da91c6901aace800c5a1d15f6ca54195a3da2
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed