<![CDATA[ZDI: Published Advisories]]> http://www.zerodayinitiative.com/advisories/published/ Tue Jun 2 22:38:51 2015 +0000 zdi@tippingpoint.com (Author) Tippingpoint, all rights reserved ZDI Bird Feeder en http://blogs.law.harvard.edu/tech/rss <![CDATA[ZDI-15-246: (0Day) Wavelink Emulation ConnectPro TermProxy WLTermProxyService.exe HTTP Request Headers Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/ngq3WLmuo4U/ This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Wavelink Emulation ConnectPro TermProxy. User interaction is not required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/ngq3WLmuo4U" height="1" width="1" alt=""/> Wed, 27 May 2015 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-15-246/ <![CDATA[ZDI-15-245: (0Day) Wavelink Emulation License Server LicenseServer.exe HTTP Request Headers Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/NKmiEbOG6jA/ This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Wavelink Emulation License Server. User interaction is not required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/NKmiEbOG6jA" height="1" width="1" alt=""/> Wed, 27 May 2015 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-15-245/ <![CDATA[ZDI-15-244: Arcserve Unified Data Protection Management Service EdgeServiceImpl getBackupPolicies Information Disclosure Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/NFGleCbsATc/ This vulnerability allows remote attackers to disclose information on vulnerable installations of Arcserve Unified Data Protection. Authentication is not required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/NFGleCbsATc" height="1" width="1" alt=""/> Tue, 26 May 2015 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-15-244/ <![CDATA[ZDI-15-243: Arcserve Unified Data Protection Management Service EdgeServiceImpl getBackupPolicy Information Disclosure Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/OV8j2fD9GSM/ This vulnerability allows remote attackers to disclose information on vulnerable installations of Arcserve Unified Data Protection. Authentication is not required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/OV8j2fD9GSM" height="1" width="1" alt=""/> Tue, 26 May 2015 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-15-243/ <![CDATA[ZDI-15-242: Arcserve Unified Data Protection Management Service exportServlet Directory Traversal Information Disclosure and Denial of Service Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/CxxqPV5u-0s/ This vulnerability allows remote attackers to disclose and delete files on vulnerable installations of Arcserve Unified Data Protection. Authentication is not required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/CxxqPV5u-0s" height="1" width="1" alt=""/> Tue, 26 May 2015 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-15-242/ <![CDATA[ZDI-15-241: Arcserve Unified Data Protection Management Service reportFileServlet Directory Traversal Information Disclosure and Denial of Service Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/MNmtjnSQ_b4/ This vulnerability allows remote attackers to disclose and delete files on vulnerable installations of Arcserve Unified Data Protection. Authentication is not required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/MNmtjnSQ_b4" height="1" width="1" alt=""/> Tue, 26 May 2015 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-15-241/ <![CDATA[ZDI-15-240: Dell NetVault Backup Heap Buffer Overflow Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/y6osEWmyti0/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Dell NetVault Backup. Authentication is not required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/y6osEWmyti0" height="1" width="1" alt=""/> Tue, 26 May 2015 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-15-240/ <![CDATA[ZDI-15-239: Hewlett-Packard SiteScope Log Analyzer Privilege Escalation Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/dNZ6LQNdrLM/ This vulnerability allows remote attackers to read arbitrary files on vulnerable installations of Hewlett-Packard SiteScope. Authentication is required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/dNZ6LQNdrLM" height="1" width="1" alt=""/> Tue, 26 May 2015 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-15-239/ <![CDATA[ZDI-15-238: (0Day) Visual Mining NetCharts Server Arbitrary File Upload Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/NQBgm1QKUBU/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Visual Mining NetCharts Server. Authentication is not required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/NQBgm1QKUBU" height="1" width="1" alt=""/> Fri, 22 May 2015 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-15-238/ <![CDATA[ZDI-15-237: (0Day) Visual Mining NetCharts Server Directory Traversal Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/BWLCbX2xrfc/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Visual Mining NetChart. Authentication is not required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/BWLCbX2xrfc" height="1" width="1" alt=""/> Fri, 22 May 2015 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-15-237/