This module exploits a stack-based buffer overflow in CA BrightStor ARCserve Backup for Windows, allowing remote attackers to execute arbitrary code via a CONNECT_CLIENT_AUTH request with authentication method type 3 (Windows credentials) and a long password argument.
CA ARCserve D2D installs the Apache Axi2 Web services engine with default administrator credentials for the Axis2 administration console. This module will login into the Axis2 administration console and will deploy an .AAR Web service, in order to install an agent on the target machine.
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of software utilizing CATIA. The vulnerability is caused due to a boundary error when copying a user supplied input to a fixed size stack buffer. The copying procedure stops when a null byte is found and no size check is proceeded.
This module exploits a vulnerability in BrightStor ARCserve/Enterprise Backup Server, which can be leveraged by an attacker to compromise a vulnerable system. The vulnerability is caused due to a boundary error in the Discovery Service when processing received network traffic. This can be exploited to cause a buffer overflow by sending an overly large TCP data stream to port 41523.
This module exploits a vulnerability in Computer Associates License Manager Service, which can be exploited by malicious code to compromise a vulnerable system. The vulnerability is caused due to a boundary error in the service when processing received network traffic. This can be exploited to cause a buffer overflow by sending an overly large TCP packet to port 10202, 10203 or 10204.
The _validatePost function in libs/controller/components/security.php in CakePHP 1.3.x through 1.3.5 and 1.2.8 allows remote attackers to modify the internal Cake cache and execute arbitrary code via a crafted data[_Token][fields] value that is processed by the unserialize function, as demonstrated by modifying the file_map cache to execute arbitrary local files.
This module exploits a vulnerability in BrightStor ARCserve/Enterprise Backup, which can be exploited by an attacker to compromise a vulnerable system. The vulnerability is caused by a boundary error in the Discovery Service when processing received network traffic. This can be exploited to cause a buffer overflow by sending an overly large TCP packet to port 41523.
This module exploits a stack buffer overflow in the Computer Associates BrightStor ARCServe Backup Tape Engine service present in a function exposed as Opnum 38 of DCE-RPC interface 62b93df0-8b02-11ce-876c-00805f842837 v1.0.
The OpenBSD IPv6 Stack is vulnerable to a buffer overflow that allows an attacker to run arbitrary code as kernel. This bug can be exploited remotely. The attack must be issued from the same local net of the target host. If the attack is used more than once, it may crash the target host.
This module exploits a buffer overflow vulnerability in the database service (ibserver.exe) of the Borland InterBase 2007 application. The exploit triggers an integer overflow and can cause a stack-based buffer overflow by sending a specially crafted packet to port 3050/TCP of the vulnerable system and installs an agent if successful.