Thecus NAS Server N8800信息泄露漏洞

CVECAN ID: CVE-2013-5669 Thecus NAS server N8800是一款网络接入服务器设备。 Thecus NAS server N8800（固件版本5.03.01）对管理员身份验证使用了纯文本的凭证，这可使远程攻击者通过嗅探网络获取敏感信息。 0 thecus NAS Server N8800 5.03.01 厂商补丁： thecus ------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.thecus.com/ http://www.7elements.co.uk/news/cve-2013-5669...

Thecus NAS Server N8800 get_userid OS命令注入漏洞

CVECAN ID: CVE-2013-5667 Thecus NAS server N8800是一款网络接入服务器设备。 Thecus NAS server N8800（固件版本5.03.01）在实现上存在安全漏洞，远程攻击者通过用户名参数内包含元字符的getuserid操作，利用此漏洞可执行任意命令。 0 thecus NAS Server N8800 5.03.01 厂商补丁： thecus ------ 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载： http://www.thecus.com/...

CVE-2013-5667

The Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to execute arbitrary commands via a getuserid action with shell metacharacters in the username parameter...

CVE-2013-5668

The ADS/NT Support page on the Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to discover the administrator credentials by reading this page's cleartext content...

CVE-2013-5669

The Thecus NAS server N8800 with firmware 5.03.01 uses cleartext credentials for administrative authentication, which allows remote attackers to obtain sensitive information by sniffing the network...

Code injection

The ADS/NT Support page on the Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to discover the administrator credentials by reading this page's cleartext content...

Design/Logic Flaw

The Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to execute arbitrary commands via a getuserid action with shell metacharacters in the username parameter...

Design/Logic Flaw

The Thecus NAS server N8800 with firmware 5.03.01 uses cleartext credentials for administrative authentication, which allows remote attackers to obtain sensitive information by sniffing the network...

CVE-2013-5669

The Thecus NAS server N8800 (firmware 5.03.01) uses cleartext credentials for administrative authentication, allowing remote attackers to sniff passwords over the network (CVE-2013-5669). Multiple sources confirm the issue; vendor has released firmware updates (ThecusOS 5.03.02.x and related 64‑b...

CVE-2013-5668

The ADS/NT Support page on the Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to discover the administrator credentials by reading this page's cleartext content...

CVE-2013-5668

CVE-2013-5668 affects Thecus NAS Server N8800 (firmware 5.03.01). The ADS/NT Support page stores/returns the Domain Administrator credentials in cleartext, allowing remote reading of admin credentials by accessing that page. Connected sources reference vendor patches: ThecusOS 5.03.02.4 (and rela...

Thecus NAS Server N8800 contains multiple vulnerabilities

Overview Thecus NAS server N8800 with firmware version 5.03.01, and possibly earlier versions, contains multiple vulnerabilities. Description The 7 Elements advisory states that the Thecus NAS server N8800 device contains the following vulnerabilities:CVE-2013-5667 - Thecus NAS Server N8800...