<![CDATA[ZDI: Published Advisories]]> http://www.zerodayinitiative.com/advisories/published/ Sun Dec 17 21:42:30 2017 +0000 zdi@hp.com (Author) Tippingpoint, all rights reserved ZDI Bird Feeder en http://blogs.law.harvard.edu/tech/rss <![CDATA[ZDI-17-995: Quest NetVault Backup Server Process Manager Service NVBUJobHistory Get Method SQL Injection Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/dj2tGOlwqJQ/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/dj2tGOlwqJQ" height="1" width="1" alt=""/> Fri, 15 Dec 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-995/ <![CDATA[ZDI-17-994: Quest NetVault Backup Server Process Manager Service NVBUJobDefinitions Get Method SQL Injection Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/NlVfLPaf9CY/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/NlVfLPaf9CY" height="1" width="1" alt=""/> Fri, 15 Dec 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-994/ <![CDATA[ZDI-17-993: Quest NetVault Backup Server Process Manager Service NVBUBackup TimeRange Method SQL Injection Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/253BjHJWznU/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/253BjHJWznU" height="1" width="1" alt=""/> Fri, 15 Dec 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-993/ <![CDATA[ZDI-17-992: Quest NetVault Backup Server Process Manager Service NVBUBackup JobList Method SQL Injection Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/2ER5DB2pc6o/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/2ER5DB2pc6o" height="1" width="1" alt=""/> Fri, 15 Dec 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-992/ <![CDATA[ZDI-17-991: Quest NetVault Backup Server Process Manager Service NVBUBackup PluginList Method SQL Injection Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/bN_aRHiWTiA/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/bN_aRHiWTiA" height="1" width="1" alt=""/> Fri, 15 Dec 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-991/ <![CDATA[ZDI-17-990: Quest NetVault Backup Server Process Manager Service NVBUBackup ClientList Method SQL Injection Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/K2Ggpro5A_Y/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/K2Ggpro5A_Y" height="1" width="1" alt=""/> Fri, 15 Dec 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-990/ <![CDATA[ZDI-17-989: Quest NetVault Backup Server Process Manager Service NVBUBackupOptionSet Get Method SQL Injection Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/X3f9G2PMvLI/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/X3f9G2PMvLI" height="1" width="1" alt=""/> Fri, 15 Dec 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-989/ <![CDATA[ZDI-17-988: Quest NetVault Backup Server Process Manager Service NVBUBackup Count Method SQL Injection Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/zCGb3CjQGXg/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/zCGb3CjQGXg" height="1" width="1" alt=""/> Fri, 15 Dec 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-988/ <![CDATA[ZDI-17-987: Quest NetVault Backup Server Process Manager Service NVBUSourceDeviceSet Get Method SQL Injection Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/qIdlCFinft4/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/qIdlCFinft4" height="1" width="1" alt=""/> Fri, 15 Dec 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-987/ <![CDATA[ZDI-17-986: Quest NetVault Backup Server Process Manager Service NVBUSelectionSet Get Method SQL Injection Remote Code Execution Vulnerability]]> http://feedproxy.google.com/~r/ZDI-Published-Advisories/~3/iBnVU6MJ7Ig/ This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Quest NetVault Backup. Authentication is not required to exploit this vulnerability.<img src="http://feeds.feedburner.com/~r/ZDI-Published-Advisories/~4/iBnVU6MJ7Ig" height="1" width="1" alt=""/> Fri, 15 Dec 2017 12:00:00 +0000 http://www.zerodayinitiative.com/advisories/ZDI-17-986/