SecurityvulnsSECURITYVULNS:DOC:23718NovaStor NovaNet <= 13.0 issues
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
All - many of the following were inexplicably fixed in the latest
version (NovaBACKUP Network 13.0), but still, a 2.5 year run isn't too
bad…
http://digit-labs.org/files/exploits/novanet-own-lnx.c
-
- linux remote root <= 12.0
http://digit-labs.org/files/exploits/novanet-read.c
-
- arbitrary remote dword read <= 12.0
http://digit-labs.org/files/exploits/novanet-own.c
-
- Windows (no-DEP/NX, NovaNet 11.0) remote SYSTEM <= 12.0
(messy, there is a cleaner version)
- Windows (no-DEP/NX, NovaNet 11.0) remote SYSTEM <= 12.0
They seemed to have missed the last one, so it still works on 13.0, but
sadly the most useless :(
http://digit-labs.org/files/exploits/novanet-dos.c
-
- null deref remote DoS <= 13.0
mu-b
([email protected])
"Only a few people will follow the proof. Whoever does will
spend the rest of his life convincing people it is correct."
- Anonymous, "P ?= NP"
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAkvVgfsACgkQY0H9BP42Ejwp6QCfYNp/kFqtFwmwwmDAz0s9gEoO
S2YAoMA5VuJ+2+s+FaZj91TQ11+LEQoS
=lwTl
-----END PGP SIGNATURE-----