399 matches found
3Com Web Management Interface Default Credentials
The remote 3Com Web Management Interface that uses a set of known, default credentials. Knowing these, an attacker can gain control of the device. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid73190;...
3Com Switch Default Admin Credentials
The remote device is a 3Com Switch that uses a set of known, default credentials. Knowing these, an attacker able to connect to the service can gain control of the device. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
HP / 3COM / H3C switches security vulnerabilities
Code execution, information leakage...
[security bulletin] HPSBHF02888 rev.1 - HP ProCurve, H3C, 3COM Routers and Switches, Remote Information Disclosure and Code Execution
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03808969 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03808969 Version: 1 HPSBHF02888 rev....
CVE-2013-2340
Unspecified vulnerability on the HP ProCurve JCA, JCB, JDA, JDB, JEA, JFA, JFB, JFC, JGA, 658250-B21, and 658247-B21; HP 3COM routers and switches; and HP H3C routers and switches allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors...
CVE-2013-2341
Unspecified vulnerability on the HP ProCurve JCA, JCB, JDA, JDB, JEA, JFA, JFB, JFC, JGA, 658250-B21, and 658247-B21; HP 3COM routers and switches; and HP H3C routers and switches allows remote authenticated users to execute arbitrary code or obtain sensitive information via unknown vectors...
Code injection
Unspecified vulnerability on the HP ProCurve JCA, JCB, JDA, JDB, JEA, JFA, JFB, JFC, JGA, 658250-B21, and 658247-B21; HP 3COM routers and switches; and HP H3C routers and switches allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors...
Code injection
Unspecified vulnerability on the HP ProCurve JCA, JCB, JDA, JDB, JEA, JFA, JFB, JFC, JGA, 658250-B21, and 658247-B21; HP 3COM routers and switches; and HP H3C routers and switches allows remote authenticated users to execute arbitrary code or obtain sensitive information via unknown vectors...
CVE-2013-2340
CVE-2013-2340 applies to HP ProCurve/3Com/H3C network devices (JC###A/JC###B/JD###A/JD###B/JE###A/JF###A/JF###B/JF###C/JG###A, plus 658250-B21 and 658247-B21). Affected products include HP ProCurve, 3Com, and HP H3C routers and switches; vulnerability allows remote code execution or sensitive inf...
CVE-2013-2341
CVE-2013-2341 affects HP ProCurve/3Com/H3C network devices (HP ProCurve JC###A/JC###B/JD###A/JD###B/JE###A/JF###A/JF###B/JF###C/JG###A and related 658250-B21/658247-B21) across multiple switch/router families. The vulnerability is described as unspecified and allows remote authenticated users to ...
CVE-2013-2341
Unspecified vulnerability on the HP ProCurve JCA, JCB, JDA, JDB, JEA, JFA, JFB, JFC, JGA, 658250-B21, and 658247-B21; HP 3COM routers and switches; and HP H3C routers and switches allows remote authenticated users to execute arbitrary code or obtain sensitive information via unknown vectors...
CVE-2013-2340
Unspecified vulnerability on the HP ProCurve JCA, JCB, JDA, JDB, JEA, JFA, JFB, JFC, JGA, 658250-B21, and 658247-B21; HP 3COM routers and switches; and HP H3C routers and switches allows remote attackers to execute arbitrary code or obtain sensitive information via unknown vectors...
VxWorks R5_0_31 Data Disclosure
Known Affected Versions: R5031 Created March 1st, 2007 Date Discovered: November 13, 2012 Obviously not anything new to get sensitive data out via the VxWorks remote debugger, but this seemed to warrant specific attention since it did allow for the disclosure of call logs and full access to all...
3Com OfficeConnect VPN Firewall Default Credentials (HTTP)
The remote 3Com OfficeConnect VPN Firewall is using known default credentials. Copyright C 2013 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program ...
3Com OfficeConnect VPN Firewall Detection (HTTP)
HTTP based detection of a 3Com OfficeConnect VPN Firewall. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
DefenseCode Security Advisory: Cisco Linksys Remote Preauth 0day Root Exploit Follow-Up
A few weeks ago, we have announced remote preauth root access exploit for Cisco Linksys http://www.youtube.com/watch?v=cv-MbL7KFKE. Vulnerability details were disclosed here: http://www.defensecode.com/public/DefenseCodeBroadcomSecurityAdvisory.pdf During further research, we have discovered that...
CVE-2012-3268
Certain HP Access Controller, Fabric Module, Firewall, Router, Switch, and UTM Appliance products; certain HP 3Com Access Controller, Router, and Switch products; certain HP H3C Access Controller, Firewall, Router, Switch, and Switch and Route Processing Unit products; and certain Huawei...
[security bulletin] HPSBHF02819 SSRT100920 rev.2 - HP, 3COM, and H3C Routers & Switches, Remote Disclosure of Information
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03515685 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03515685 Version: 2 HPSBHF02819...
3CTftpSvc TFTP Server 2.0.1 Long Mode Buffer Overflow Vulnerability - Active Check
3CTftpSvc TFTP Server is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet - Directory Traversal
ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet - Directory Traversal ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet Unauthenticated Remote Directory Traversal Database Backup / auth-conf.xml Disclosure Exploit product homepage:...