Intevydis

11 exploits Active since Sep 2009
EIP-2026-114752 EXPLOITDB python WORKING POC
IBM Tivoli Directory Server 6.2 - 'ibmdiradm' Null Pointer Dereference Denial of Service
CVE-2010-0387 EXPLOITDB text WORKING POC
Sun Java System Web Server 7.0 Update 7 - Heap-Based Buffer Overflow via Long Digest Authorization Header
Multiple heap-based buffer overflows in (1) webservd and (2) the admin server in Sun Java System Web Server 7.0 Update 7 allow remote attackers to cause a denial of service (daemon crash) and possibly have unspecified other impact via a long string in an "Authorization: Digest" HTTP header.
CVE-2009-4188 EXPLOITDB text WRITEUP
HP Operations Dashboard - Unauthenticated Remote Code Execution via Default j2deployer Credentials
HP Operations Dashboard has a default password of j2deployer for the j2deployer account, which allows remote attackers to execute arbitrary code via a session that uses the manager role to conduct unrestricted file upload attacks against the /manager servlet in the Tomcat servlet container. NOTE: this might overlap CVE-2009-3098.
CVE-2009-3099 EXPLOITDB text WRITEUP
HP OpenView Operations Manager 8.1 - Info Disclosure
Unspecified vulnerability in HP OpenView Operations Manager 8.1 on Windows Server 2003 SP2 allows remote attackers to have an unknown impact, related to a "Remote exploit," as demonstrated by a certain module in VulnDisco Pack Professional 8.11, a different vulnerability than CVE-2007-3872. NOTE: as of 20090903, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes.
CVE-2010-0359 EXPLOITDB python WORKING POC
Zeus Web Server - Buffer Overflow via SSLv2 Client Hello Message
Buffer overflow in the SSLv2 support in Zeus Web Server before 4.3r5 allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a long string in an invalid Client Hello message.
EIP-2026-103669 EXPLOITDB text STUB
Sun Java System Web Server 7.0 Update 6 - 'admin' Server Denial of Service
EIP-2026-103618 EXPLOITDB text WORKING POC
Oracle Internet Directory 10.1.2.0.2 - 'oidldapd' Remote Memory Corruption
CVE-2010-0313 EXPLOITDB python WORKING POC
Sun Java System Directory Server Enterprise Edition 7.0 - Denial of Service via LDAP Search Request
The core_get_proxyauth_dn function in ns-slapd in Sun Java System Directory Server Enterprise Edition 7.0 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a crafted LDAP Search Request message.
CVE-2010-0388 EXPLOITDB text STUB
Sun Java System Web Server 7.0 Update 6 - Denial of Service via WebDAV PROPFIND Request Format String
Format string vulnerability in the WebDAV implementation in webservd in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denial of service (daemon crash) and possibly have unspecified other impact via format string specifiers in the encoding attribute of the XML declaration in a PROPFIND request.
CVE-2010-0442 EXPLOITDB text WORKING POC
PostgreSQL 7.4-7.4.28 - Denial of Service via Negative Integer in bitsubstr Function
The bitsubstr function in backend/utils/adt/varbit.c in PostgreSQL 8.0.23, 8.1.11, and 8.3.8 allows remote authenticated users to cause a denial of service (daemon crash) or have unspecified other impact via vectors involving a negative integer in the third argument, as demonstrated by a SELECT statement that contains a call to the substring function for a bit string, related to an "overflow."
CVE-2009-3068 EXPLOITDB text WORKING POC
Adobe RoboHelp Server 8 - Unauthenticated Arbitrary File Upload and Remote Code Execution via JSP File Upload
Unrestricted file upload vulnerability in the RoboHelpServer Servlet (robohelp/server) in Adobe RoboHelp Server 8 allows remote attackers to execute arbitrary code by uploading a Java Archive (.jsp) file during a PUBLISH action, then accessing it via a direct request to the file in the robohelp/robo/reserved/web directory under its sessionid subdirectory, as demonstrated by the vd_adobe module in VulnDisco Pack Professional 8.7 through 8.11.