exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 25 of 100 RSS Feed

Files

EMC HomeBase Server Arbitrary File Upload
Posted Feb 25, 2010
Site emc.com

EMC HomeBase Server contains a vulnerability that may allow an unauthenticated remote user to upload arbitrary files on the affected HomeBase Server. Versions 6.2.x and 6.3.x are affected.

tags | advisory, remote, arbitrary
advisories | CVE-2010-0620
SHA-256 | 1481b43fd91ee9d43c4ca39ea27c50887e8ea9279062e3564ef9f2bc7328f2f6

Related Files

EMC Documentum Cross Site Scripting
Posted Nov 5, 2013
Site emc.com

A cross site scripting vulnerability exists in a request parameter of EMC Documentum products that could potentially be exploited by a malicious user.

tags | advisory, xss
advisories | CVE-2013-3281
SHA-256 | 07e14a31060060889ad8c141cf858c77a2a9c93806c6fd62b2bd3f847db0de53
EMC NetWorker Information Disclosure
Posted Oct 29, 2013
Site emc.com

A vulnerability exists in EMC NetWorker that could allow exposure of sensitive information under specific circumstances. EMC NetWorker version 8.0.x is affected.

tags | advisory
advisories | CVE-2013-3285
SHA-256 | b065e24f0863cdfea51436716d40a59d9aba6197e39dffe532a7b7eaa0bf18e2
RSA Authentication Agent Bypass
Posted Oct 24, 2013
Site emc.com

In certain circumstances, RSA Authentication Agent for Web for IIS protection can be bypassed due to a fail open flaw in the agent. Versions 7.1 and 7.1.1 are affected.

tags | advisory, web
advisories | CVE-2013-3280
SHA-256 | 1d9bdb134e4d458497e0ceca42b57c05550f4701f6e3aab2e693ee71a6cf1843
EMC Atmos Unauthenticated Database Access
Posted Oct 3, 2013
Site emc.com

Atmos nodes prior to version 2.1.4 allow connections to the remote PostgreSQL database server using a default user account with no password. The PostgreSQL database stores system information data used to administer Atmos nodes.

tags | advisory, remote
advisories | CVE-2013-3279
SHA-256 | 5e4ac6a7e0202c43697bfc3df33ee600bccdb3fee8349f53c8ffe61056868469
EMC VPLEX Information Disclosure
Posted Sep 26, 2013
Site emc.com

EMC VPLEX contains a vulnerability that stores the LDAP/AD bind password in plain text in the VPLEX management server configuration file. This can potentially be exploited by a malicious user who has access to the configuration file to obtain the sensitive password and gain privileged access to protected resources. Affected versions include EMC VPLEX Local/Metro/Geo with GeoSynchrony 5.2 Patch1 and below.

tags | advisory, local
advisories | CVE-2013-3278
SHA-256 | 84420a97ddf942aaec63002319e68c4e2bde47b40f973c04b4e92beb9a06cc3f
RSA Archer GRC 5.4 Open Redirect / Improper Restriction
Posted Sep 4, 2013
Site emc.com

RSA Archer GRC 5.4 platform contains fixes for security vulnerabilities that could potentially be exploited by malicious users to compromise the affected system. These include improper restriction of user login and an open redirect.

tags | advisory, vulnerability
advisories | CVE-2013-3276, CVE-2013-3277
SHA-256 | 20a38a39c53f806a3d8493e1e2c9b80d826f13eaf2beec9a5288eef7dcfe44a8
RSA Authentication Agent For Pam Unlimited Login Attempts
Posted Aug 20, 2013
Site emc.com

RSA Authentication Agent for PAM version 7.0.2 and prior relied on the PAM-enabled application to restrict the number of login attempts that may be made via the agent, rather than natively enforcing such restriction.. This may allow attackers to carry brute-force attacks against the vulnerable systems. RSA Authentication Agent for PAM 7.0.2.1 and 7.1 and later support Exponential Backoff feature that is designed to mitigate this vulnerability.

tags | advisory
advisories | CVE-2013-3271
SHA-256 | 5d2b0b116fffb0415c9496b8b68a5ca4291750689707dd97470b6c058b7b9bde
EMC NetWorker Information Disclosure
Posted Jul 29, 2013
Site emc.com

A vulnerability exists in EMC NetWorker that could allow exposure of certain sensitive configuration information under specific circumstances. Versions affected include EMC NetWorker 8.0.0.x, 8.0.1.x, and 7.6.x.x.

tags | advisory
advisories | CVE-2013-0943
SHA-256 | 9dec0bf3a8508498074bb32c9d7dcad0227b5a46110ee20ca656d7dbb5260323
EMC Avamar 7.0 XSF / Improper Authorization
Posted Jul 18, 2013
Site emc.com

EMC Avamar version 7.0 suffers from improper authorization checks and cross frame scripting vulnerabilities.

tags | advisory, vulnerability
advisories | CVE-2013-3274, CVE-2013-3275
SHA-256 | 2581fa5ef9d8d7bdf1d100067207d09b59c5cfcac21e72f041a71709dafd1897
EMC Replication Manager Information Disclosure
Posted Jul 6, 2013
Site emc.com

Encoded passwords were recorded in EMC Replication Manager log files, prior to version 5.4.4. This could be potentially exploited by malicious user to access vulnerable systems.

tags | advisory
advisories | CVE-2013-3272
SHA-256 | dc04f8a98ba358c5213b178568e4bb5f3d4760eec0fc59330ab5aa99bdd19f4d
RSA Authentication Manager Information Disclosure
Posted Jul 6, 2013
Site emc.com

If the RSA Authentication Manager Software Development Kit (SDK) is used to develop a custom application that connects with RSA Authentication Manager with the trace logging is set to verbose, the administrative account password used by the custom application appears in the trace log file as clear text. Affected products include RSA Authentication Manager version 7.1 and 8.0.

tags | advisory
advisories | CVE-2013-3273
SHA-256 | f9d14eb305ff9ba19dd614f9f03a38fe1e6c49746ddcebc66e23f188e1a07e4c
RSA BSAFE SSL-C SSL/TLS Plaintext Recovery
Posted Jun 20, 2013
Site emc.com

RSA BSAFE SSL-C version 2.8.7 contains a patch that is designed to help ensure that MAC checking is time invariant in servers in order to mitigate Lucky Thirteen attacks.

tags | advisory
advisories | CVE-2013-0169
SHA-256 | 3705ff404e79e528a1d4c4f3b3ef61d1564a3c5b98e8c1e65707ec6fa9ccf3b9
RSA BSAFE SSL-J BEAST / Lucky Thirteen
Posted Jun 19, 2013
Site emc.com

RSA BSAFE SSL-J 6.0.1 and 5.1.2 contain updates designed to prevent BEAST attacks and SSL/TLS Plaintext Recovery (aka Lucky Thirteen) attacks.

tags | advisory
advisories | CVE-2013-0169, CVE-2011-3389
SHA-256 | c4c500343555b143f39e0055e4ce990a4e2809cae8e525b10d41140c0a9e374e
RSA BSAFE SSL/TLS Plaintext Recovery
Posted Jun 19, 2013
Site emc.com

Researchers have discovered a weakness in the handling of CBC cipher suites in SSL, TLS and DTLS for RSA BSAFE Micro Edition Suite for all versions outside of 4.0.3 and 3.2.5. The Lucky Thirteen attack exploits timing differences arising during MAC processing. Vulnerable implementations do not properly consider timing side-channel attacks on a MAC check requirement during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data for crafted packets, aka the "Lucky Thirteen" issue.

tags | advisory, remote
advisories | CVE-2013-0169
SHA-256 | 63d67971616d756f9a24527aece917f871801037a08e76de35be02323baa702a
RSA Authentication Manager 8.0 Injection / Disclosure
Posted May 29, 2013
Site emc.com

RSA Authentication Manager version 8.0 suffers from information disclosure and PostgreSQL argument injection vulnerabilities.

tags | advisory, vulnerability, info disclosure
advisories | CVE-2013-0947, CVE-2013-1899
SHA-256 | 51025b283bf7b06aa4e48a2045497a92ea112092445f55c38c3447b5bb77e3c5
RSA SecurID Sensitive Information Disclosure
Posted May 16, 2013
Site emc.com

The node secret in various RSA products was stored using an encryption key and encryption algorithm that is no longer considered effective by RSA standards. An attacker could potentially exploit this to eavesdrop on or modify network communications.

tags | advisory
advisories | CVE-2013-0941
SHA-256 | ec2e53ead8f95b16862d03dec8d43560ce99aebd13724101d98dc9ab2a022eba
EMC VNX / Celerra Control Station Privilege Escalation
Posted May 16, 2013
Authored by Doug DePerry | Site emc.com

A vulnerability exists in EMC VNX and EMC Celerra Control Station that could result in elevation of privileges by a lower level administrator with access to the system.

tags | advisory
advisories | CVE-2013-3270
SHA-256 | 61f490788c1fe52f910e20b8939b8105eaae8a31ecc8dcc9109db760deb50fbc
RSA Authentication Agent 7.1 Cross Site Scripting
Posted May 10, 2013
Site emc.com

A cross site scripting vulnerability could be potentially exploited by a malicious attacker for conducting scripting attacks in RSA Authentication Agent. The vulnerability could be exploited by getting an authenticated user to click on specially-crafted links that a malicious attacker can embed within an e-mail message, web page, or other source. This may lead to execution of malicious html requests or scripts in the context of the authenticated user.

tags | advisory, web, xss
advisories | CVE-2013-0942
SHA-256 | 60c2408d2fe62788b2cbc510da0866dd0087c1d236f7ee0f72f7e8c309d66045
EMC AlphaStor 4.0 Build 116 Buffer Overflow
Posted May 9, 2013
Site emc.com

A buffer overflow vulnerability exists in EMC AlphaStor that could potentially be exploited by a malicious user to create a denial of service condition or execute arbitrary code.

tags | advisory, denial of service, overflow, arbitrary
advisories | CVE-2013-0946
SHA-256 | 404c2ed57cf66622d085924cf32617827a359da5b06dc524e83d1ec35939780f
EMC Documentum XSS / Session Fixation
Posted May 9, 2013
Site emc.com

Vulnerabilities exist in several EMC Documentum products that could potentially be exploited by a malicious user. Session fixation vulnerability could be potentially exploited by an unauthorized user to gain privileges to perform actions as a valid user by utilizing techniques to steal or gain access to an authenticated session. Cross-site scripting vulnerability could be potentially exploited for conducting malicious scripting by getting an authenticated user to click on specially-crafted links maliciously embedded within an email, web page or other source. This may lead to execution of malicious html requests or scripts in the context of the authenticated user. Cross Frame Scripting vulnerability could potentially be exploited by an attacker to steal sensitive information by inducing the authenticated user to navigate to a web page the attacker controls.

tags | advisory, web, vulnerability, xss
advisories | CVE-2013-0938, CVE-2013-0939, CVE-2013-0937
SHA-256 | 2e4b137f4062d82c49c23eb897561e7f7972d3850a1d59e1a82bc1f0f78a1318
RSA Archer GRC 5.x XSS / Shell Upload
Posted May 6, 2013
Site emc.com

RSA Archer GRC version 5.x suffers from improper authorization, remote shell upload, and cross site scripting vulnerabilities.

tags | advisory, remote, shell, vulnerability, xss
advisories | CVE-2013-0932, CVE-2013-0933, CVE-2013-0934
SHA-256 | 6a8a5e91e1b57ce0408f1ab97e52945082afdc7c31d4610a7ee64b7b5f03ed2e
EMC NetWorker 8.0.1.3 / 7.6.5.2 Privilege Escalation
Posted May 2, 2013
Site emc.com

A vulnerability exists in EMC NetWorker that could result in elevation of privileges by an unauthorized user who has access to a local file system.

tags | advisory, local
advisories | CVE-2013-0940
SHA-256 | 21da0d56fc3b459c3fa2d684fcf9ac54f5b7a89e341c5dd97585db7581f7a7d0
EMC Avamar Client Improper Certificate Validation
Posted May 2, 2013
Site emc.com

When the server to client certificate-based authentication is configured, the EMC Avamar Client does not correctly validate the values in the Common Name (CN) and Subject Alternative Name (SAN) field of the Avamar Server certificate. This could potentially allow spoofing attacks. Versions 6.x and below are affected.

tags | advisory, spoof
advisories | CVE-2013-0945
SHA-256 | 61fee8be51b3f53990f46d2a359d8c0c700dc535d88c28590e9315c215016a62
EMC Avamar Improper Authorization
Posted May 2, 2013
Site emc.com

A vulnerability in the EMC Avamar web based file restore interface could potentially be exploited by a malicious user to access unauthorized files via URL manipulation.

tags | advisory, web
advisories | CVE-2013-0944
SHA-256 | 56dd170b8779011adb569379bb521510fc1abe54526340b3f07db8d83fae1865
EMC Smarts Product Cross Site Scripting
Posted Mar 28, 2013
Site emc.com

EMC Smarts Product versions prior to 9.2 contain a cross site scripting vulnerability that could potentially be exploited by malicious users.

tags | advisory, xss
advisories | CVE-2013-0936
SHA-256 | 883d4810ac2c6054019ce2ac8a31a3711e9315ccc3a0dc8dd3c1d89e8cf6b06d
Page 1 of 4
Back1234Next

File Archive:

August 2022

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Aug 1st
    20 Files
  • 2
    Aug 2nd
    4 Files
  • 3
    Aug 3rd
    6 Files
  • 4
    Aug 4th
    55 Files
  • 5
    Aug 5th
    16 Files
  • 6
    Aug 6th
    0 Files
  • 7
    Aug 7th
    0 Files
  • 8
    Aug 8th
    0 Files
  • 9
    Aug 9th
    0 Files
  • 10
    Aug 10th
    0 Files
  • 11
    Aug 11th
    0 Files
  • 12
    Aug 12th
    0 Files
  • 13
    Aug 13th
    0 Files
  • 14
    Aug 14th
    0 Files
  • 15
    Aug 15th
    0 Files
  • 16
    Aug 16th
    0 Files
  • 17
    Aug 17th
    0 Files
  • 18
    Aug 18th
    0 Files
  • 19
    Aug 19th
    0 Files
  • 20
    Aug 20th
    0 Files
  • 21
    Aug 21st
    0 Files
  • 22
    Aug 22nd
    0 Files
  • 23
    Aug 23rd
    0 Files
  • 24
    Aug 24th
    0 Files
  • 25
    Aug 25th
    0 Files
  • 26
    Aug 26th
    0 Files
  • 27
    Aug 27th
    0 Files
  • 28
    Aug 28th
    0 Files
  • 29
    Aug 29th
    0 Files
  • 30
    Aug 30th
    0 Files
  • 31
    Aug 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Hosting By
Rokasec
close