SIGMA Lite & Lite + Security Vulnerabilities
Snapgear Lite+ firewall 1.5.4 and 1.5.3 allows remote attackers to cause a denial of service (crash) via a large number of connections to (1) the HTTP web management port, or (2) the PPTP...
6.7AI Score
0.024EPSS
Snapgear Lite+ firewall 1.5.3 and 1.5.4 allows remote attackers to cause a denial of service (crash) via a large number of packets with malformed IP...
6.6AI Score
0.013EPSS
Wireless Access Point Detection
Nessus has determined that the remote host is a wireless access point (AP). Ensure that proper physical and logical controls are in place for its use. A misconfigured access point may allow an attacker to gain access to an internal network without being physically present on the premises. If the...
0.3AI Score
SNMP Request Cisco Router Information Disclosure
It is possible to determine the model of the remote CISCO system by sending SNMP requests with the OID 1.3.6.1.4.1.9.1. An attacker may use this information to gain more knowledge about the remote...
7.1AI Score
Title: ICQ Lite executable trojaning Affected: ICQLite 2003a Vendor: ICQ Inc Risk: Average Exploitable: Yes Remote: No I. Intro: ICQ Lite is popular internet messenger software. This is only ICQ version which requires no elevated privileges (such as Power User) to work, so, it's often...
4AI Score
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SN-02:02 Security Notice The FreeBSD Project Topic: security issues in ports Announced: 2002-05-13 I. Introduction Several ports in the FreeBSD Ports Collection are affected by.....
1.3AI Score
KPMG-2002017: Snapgear Lite+ Firewall Denial of Service
Title: Snapgear Lite+ Firewall Denial of Service BUG-ID: 2002017 Released: 02nd May 2002 Problem: Several issues with the Snapgear Lite+ Firewall could allow a malicious user to cause a Denial of Service situation, where part of or all of the Firewall would cease to function. Vulnerable: ...
-0.1AI Score
2.2AI Score
Multiple vulnerabilities in SNMPv1 request handling
Overview Multiple vendor SNMPv1 GetRequest, GetNextRequest__, and SetRequest message handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior. If your site uses SNMP in any capacity, the CERT/CC encourages...
AI Score
0.949EPSS
Multiple vulnerabilities in SNMPv1 trap handling
Overview Multiple vendor SNMPv1 _Trap _handling implementations contain vulnerabilities that may allow unauthorized privileged access, denial-of-service conditions, or unstable behavior . If your site uses SNMP in any capacity, the CERT/CC encourages you to read the information provided below....
0.1AI Score
0.949EPSS
Laberatoire Contempt Date : 12/06/2001 Author : Joost Pol alias 'Nohican' ([email protected]) Impact : Minor in most cases. Subject : PHP safe_mode troubles. PHP Version 4.0.5 breaks safe-mode. 1.0 - Description of the problem An extra 5th parameter was added to the mail() command...
-0.3AI Score
Directory traversal vulnerability in Soft Lite ServerWorx 3.00 allows remote attackers to read arbitrary files by inserting a .. (dot dot) or ... into the requested pathname of an HTTP GET...
6.7AI Score
0.05EPSS
Directory traversal vulnerability in Soft Lite ServerWorx 3.00 allows remote attackers to read arbitrary files by inserting a .. (dot dot) or ... into the requested pathname of an HTTP GET...
7.1AI Score
0.05EPSS
vBulletin allows arbitrary code execution
OVERVIEW vBulletin (http://www.vbulletin.com) is a commonly used web forum system written in PHP. One of its key features is use of templates, which allow the board administrator to dynamically modify the look of the board. vBulletin templates are parsed with the eval() function. This could be...
0.5AI Score
Directory traversal vulnerability in Soft Lite ServerWorx 3.00 allows remote attackers to read arbitrary files by inserting a .. (dot dot) or ... into the requested pathname of an HTTP GET...
6.7AI Score
0.05EPSS
CGI Script Center Subscribe Me LITE 2.0 and earlier allows remote attackers to delete arbitrary mailing list users without authentication by directly calling subscribe.pl with the target address as a...
7.4AI Score
0.005EPSS
CGI Script Center Subscribe Me LITE 2.0 and earlier allows remote attackers to delete arbitrary mailing list users without authentication by directly calling subscribe.pl with the target address as a...
7AI Score
0.005EPSS
Vulnerability in Soft Lite ServerWorx
----- Begin Hush Signed Message from [email protected] ----- Vulnerability in Soft Lite ServerWorx Overview Soft Lite ServerWorx v3.00 is a web server available from http://www.zdnet.com and http://www.softlite.net. A vulnerability exists which allows a remote user to break out of the web...
0.4AI Score
0.4AI Score
7.4AI Score
EPSS
CGI Script Center Subscribe Me LITE 2.0 and earlier allows remote attackers to delete arbitrary mailing list users without authentication by directly calling subscribe.pl with the target address as a...
7AI Score
0.005EPSS
0.3AI Score
Security Advisory: Subscribe Me Lite 1.0 - 2.0 Unix or 1.0 - 2.0 NT and below.
note : This is not apparent in the commercial versions, (tested on three different versions ) the author was notified and appropriate changes have since been made. product page - http://www.cgiscriptcenter.com/subscribe/index2.html vendor notice - Security Advisory: Users of Subscribe Me Lite 1.0.....
AI Score
Дырки в почтовых программах под Windows
Дырки во многих программаз работающих через коммандную строку используемых на...
1.2AI Score
XATO Advisory: Win32 Command-Line Mailers
Xato Network Security, Inc. www.xato.net Security Advisory XATO-122000-01 December 12, 2000 - MULTIPLE VENDOR COMMAND-LINE MAILER HOLES - SMTP Command-Line Mailers on Win32 Web Servers Systems...
-0.7AI Score
Subscribe Me LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the subscribe.pl script with the setpwd...
6.9AI Score
0.024EPSS
Account Manager LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the amadmin.pl script with the setpasswd...
7.3AI Score
0.036EPSS
Account Manager LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the amadmin.pl script with the setpasswd...
6.9AI Score
0.036EPSS
Subscribe Me LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the subscribe.pl script with the setpwd...
7.3AI Score
0.024EPSS
-0.1AI Score
0.037EPSS
Account Manager LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the amadmin.pl script with the setpasswd...
6.9AI Score
0.036EPSS
Subscribe Me LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the subscribe.pl script with the setpwd...
6.9AI Score
0.024EPSS
7.4AI Score
EPSS
CGI Script Center Auction Weaver 1.0.2 - Remote Command Execution
CGI Script Center Auction Weaver 1.0.2 - Remote Command...
1.2AI Score
Hi, I don't know if this has been reported before. Auction Weaver allow you to read files from server. Remote users can view source of files on server. http://www.cgiscriptcenter.com/cgi-bin/awl/auctionweaver.pl?flag1=1&catdir=c at17&fromfile=967251278%2Edat...
2.4AI Score
Product: Subscribe Me Versions: ALL version numbers LITE only OS: Unix and Winnt Vendor: Notified, http://www.cgiscriptcenter.com/ The Problem: Yet again the script allows a remote user to overwrite the Admin Passwd file with any password they see fit. Therefore giving them Admin access to the...
0.4AI Score
Account Manager CGI Vulnerability
Product: Account Manager Versions: ALL including LITE and PRO haven't been able to test ENTERPRISE OS: Unix and Winnt Vendor: Notified, http://www.cgiscriptcenter.com/ The Problem: The Script allows any remote user access to the Administration Control Panel through overwriting the Admin Password...
1.1AI Score
CGI Script Center Subscribe Me Lite 2.0 - Administrative Password Alteration (1)
CGI Script Center Subscribe Me Lite 2.0 - Administrative Password Alteration...
0.5AI Score
CGI Script Center Account Manager 1.0 LITE PRO - Administrative Password Alteration (2)
CGI Script Center Account Manager 1.0 LITE PRO - Administrative Password Alteration...
0.8AI Score
CGI Script Center Account Manager 1.0 LITE PRO - Administrative Password Alteration (1)
CGI Script Center Account Manager 1.0 LITE PRO - Administrative Password Alteration...
0.9AI Score
CGI Script Center Account Manager 1.0 LITE / PRO - Administrative Password Alteration (2)
...
7.4AI Score
EPSS
CGI Script Center Account Manager 1.0 LITE / PRO - Administrative Password Alteration (1)
...
7.4AI Score
EPSS
CGI Script Center Subscribe Me Lite 2.0 - Administrative Password Alteration (2)
CGI Script Center Subscribe Me Lite 2.0 - Administrative Password Alteration...
0.5AI Score
7.4AI Score
EPSS
7.4AI Score
EPSS
QuickCommerce 2.53.0 Cart32 2.5 a3.0 Shop Express 1.0 StoreCreator 3.0 Web Shopping Cart - Hidden Form...
0.1AI Score
7.4AI Score
EPSS
AI Score
7.4AI Score
EPSS
FreeBSD 3.03.13.2 - vfs_cache Denial of Service
FreeBSD 3.03.13.2 - vfs_cache Denial of...
-0.2AI Score