Sysax versions 5.60 and below suffer from a buffer overflow vulnerability when creating an SSL certificate.
25b09a6e92ff4d9c00a80eaae87713ec5fe32db0a7d9c1c488dd9ed1a7a31810Sysax FTP Automation version 6.9.0 suffers from a privilege escalation vulnerability.
0d1f128c36b76104f0a93acb426524279136ba031351dd6693ec4853837a0875Sysax MultiServer version 6.90 suffers from a cross site scripting vulnerability.
ed3d06b6a83507f557a739c44f4278c3ac358d7c4c64027179099ce40a4b96cbSysax Multi Server version 5.50 suffers from a denial of service vulnerability.
b34b8a7546ee09efdaaa9a53f6f6efd84147a3ee518dbf8b1da21b551b77ac99Sysax Multi Server version 6.50 HTTP file share SEH overflow remote code execution exploit.
c00ceddd52d084e84687306a20618247ce5e46f255ec2f4e36d4c94b92151b3fSysax Multi Server version 6.10 suffers from an SSH denial of service vulnerability.
50cbbd9b67f7808e61c6265a8082071e7d09c673279aac4a56165ac92bd9fc96Secunia Security Advisory - Craig Freyman has discovered a security issue in Sysax FTP Automation, which can be exploited by malicious, local users to gain escalated privileges.
9e91cffe066f63c143bdb28036111e8893c4ae042e7cba29651cc45ab9b17536Sysax FTP Automation Server version 5.33 suffers from a local privilege escalation vulnerability.
9da75d5d121541879919ac465b91055fed3c2f21871f370c68a97149904b4bfaThis Metasploit module exploits a stack buffer overflow in the create folder function in Sysax Multi Server 5.64. This issue was fixed in 5.66. In order to trigger the vulnerability valid credentials with the create folder permission must be provided. The HTTP option must be enabled on Sysax too. This Metasploit module will log into the server, get a SID token, find the root folder, and then proceed to exploit the server. Successful exploits result in SYSTEM access. This exploit works on XP SP3, and Server 2003 SP1-SP2.
422ebcc0706927fdc0d3540364b547ee04c57ddb23038a64dcb8dc6be41b6f88Secunia Security Advisory - Matt Andreko has discovered a vulnerability in Sysax Multi Server, which can be exploited by malicious users to compromise a vulnerable system.
71fe00730c13e486b11af93f71da030e282f264f8d07e2095ab2d8eaaf66fbbfThis Metasploit module exploits a stack buffer overflow in the create folder function in Sysax Multi Server 5.64. This issue was fixed in 5.66. You must have valid credentials to trigger the vulnerability. Your credentials must also have the create folder permission and the HTTP option has to be enabled. This Metasploit module will log into the server, get your a SID token and then proceed to exploit the server. Successful exploits result in LOCALSYSTEM access. This exploit works on XP SP3, and Server 2003 SP1-SP2.
121e5304fc0c68efcbe91a4bd17f067fad4fef74c609ee089fb5929981de2e57Sysax versions 5.62 ad below administrative interface local buffer overflow exploit that binds a shell to port 4444.
7efb7cd16bdaabc3ae5c671cbe33491c4a4f524a9fb6e3dd1b168c19d3339372Secunia Security Advisory - Craig Freyman has discovered a vulnerability in Sysax Multi Server, which can be exploited by malicious users to disclose potentially sensitive information.
f288c93885351df570fbcd01c3d30ede8b250249ef9249f5888f522e06f97078Sysax Multi Server versions 5.57 and below remote directory traversal tool that requires authentication.
a7afbf931d01a29f94a41708a24d2f4c3bf1d3ead791e9f5fb51183c4d5fa32bThis Metasploit module exploits a vulnerability found in Sysax's SSH service. By supplying a long username, the SSH server will copy that data on the stack without any proper bounds checking, therefore allowing remote code execution under the context of the user. Please note that previous versions (before 5.53) are also affected by this bug.
4c79bc67dd01aa9c6f086a33e5e924a0b8feec60ac0ce68bacb83a81e643b256Secunia Security Advisory - Craig Freyman has reported two vulnerabilities in Sysax Multi Server, which can be exploited by malicious users and malicious people to compromise a vulnerable system.
e62be4301271219c16257a438baa9cb0ad944ec9deb4232035aaf72d120e32f5Sysax Multi Server versions 5.53 and below SSH username buffer overflow pre-authentication remote code execution exploit with egghunter shellcode that binds a shell to port 4444.
1a9e244ba23211e8a0745f4370e9f10d0e94ad75ca261b64e8e40b6e0606839fSysax Multi Server version 5.53 SFTP post authentication SEH exploit with egghunter shellcode that binds a shell to port 4444.
e3ee80f9e583422dca0ef40fef6b1c192c1da12311e53628b885e95e7f419bbeSysax Multi Server version 5.52 and below file rename buffer overflow exploit with egghunter shellcode that spawns a shell on port 4444.
fd8d36251f2ddc9fcea601c55652a9a591bf0d2d18d9d9b24252773e06529a61This Metasploit module exploits a stack buffer overflow in the create folder function in Sysax Multi Server 5.50. This issue was fixed in 5.52. You must have valid credentials to trigger the vulnerability. Your credentials must also have the create folder permission and the HTTP option has to be enabled. This Metasploit module will log into the server, get your a SID token and then proceed to exploit the server. Successful exploits result in LOCALSYSTEM access. This exploit works on XP and 2003.
9c89a9721eaaf34e5b28601af5c5497ccf1f5855860d05b1399eb663bcde037cSysax Multi Server version 5.50 create folder buffer overflow exploit with bindshell code for port 4444.
adb60108b3c26535f2e749d1b39e34638903b0dd0688adf1d5ebfc97c819ccc6Sysax Multi Server add administrator exploit.
4d877af9359446ddc4f840c14fddf8079898e34129c55edb20886240b3e22148Secunia Security Advisory - leinakesi has discovered some vulnerabilities in Sysax Multi Server, which can be exploited by malicious users to compromise a vulnerable system.
655c161c303d57643c77c006d75d4d24129b963b15b42f05f383e61138fca655Sysax Multi Server version 5.25 suffers from denial of service vulnerabilities.
38e28b8ca34f7d09b76c40fd944821c5776f8cfafd638821d08b74cf4dd71b62Secunia Security Advisory - Jonathan Salwan has discovered a vulnerability in Sysax Multi Server, which can be exploited by malicious users to bypass certain security restrictions, disclose sensitive information, and potentially compromise a vulnerable system.
81a041b04579607d1f824ea5398912e8447e40d340748eef091fdc6baf5e21c9Sysax Multi Server version 4.3 remote arbitrary file deletion exploit.
bcff2726d61f79159743a1a6d83e1e1297ac107021d5af54664905682a92e38e
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Subscribe to an RSS Feed