Lucene search
K

870 matches found

securityvulns
securityvulns
added 2006/09/27 12:0 a.m.44 views

ZDI-06-029: Ipswitch WS_FTP Server Checksum Command Parsing Buffer Overflow Vulnerabilities

ZDI-06-029: Ipswitch WSFTP Server Checksum Command Parsing Buffer Overflow Vulnerabilities http://www.zerodayinitiative.com/advisories/ZDI-06-029.html September 26, 2006 -- CVE ID: CVE-2006-5000 -- Affected Vendor: Ipswitch -- Affected Products: Ipswitch WSFTP Server v5.04, v5.05 -- TippingPointT...

6.5CVSS0.5AI score0.63838EPSS
Exploits1
canvas
canvas
added 2006/09/26 8:7 p.m.34 views

Immunity Canvas: WS_FTPD_XCRC

Name| wsftpdxcrc ---|--- CVE| CVE-2006-5000 Exploit Pack| CANVAS Description| Ipswitch WSFTP Server XCRC Overflow Notes| CVE Name: CVE-2006-5000 VENDOR: IPSwitch Repeatability: One shot References: http://www.zerodayinitiative.com/advisories/ZDI-06-029.html CVE Url:...

6.5CVSS0.8AI score0.63838EPSS
Exploits1
cve
cve
added 2006/09/26 8:0 p.m.50 views

CVE-2006-5000

Ipswitch WS_FTP Server is affected: versions 5.0 through 5.05 before Hotfix 1 contain buffer overflows in the parsing of long arguments to XCRC, XMD5, and XSHA1 commands, leading to a stack overflow. The ZDI advisory notes remote code execution possible with valid or anonymous credentials; vendor...

6.5CVSS6.6AI score0.63838EPSS
Exploits1References5Affected Software2
cvelist
cvelist
added 2006/02/15 9:0 p.m.30 views

CVE-2006-0718

The Internet Key Exchange version 1 IKEv1 implementation in Avaya VSU 100, 2000, 7500, 10000, and CSU 5000, when running IPSec, allows remote attackers to cause a denial of service crash via certain IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of...

6.2AI score0.02008EPSS
Exploits0References4
nvd
nvd
added 2004/11/23 5:0 a.m.21 views

CVE-2004-0347

Cross-site scripting XSS vulnerability in delhomepage.cgi in NetScreen-SA 5000 Series running firmware 3.3 Patch 1 build 4797 allows remote authenticated users to execute arbitrary script as other users via the row parameter...

6CVSS6AI score0.02069EPSS
Exploits0References6
cvelist
cvelist
added 2004/09/01 4:0 a.m.26 views

CVE-2004-0347

Cross-site scripting XSS vulnerability in delhomepage.cgi in NetScreen-SA 5000 Series running firmware 3.3 Patch 1 build 4797 allows remote authenticated users to execute arbitrary script as other users via the row parameter...

6AI score0.02069EPSS
Exploits0References6
nvd
nvd
added 2003/04/02 5:0 a.m.11 views

CVE-2002-1492

Buffer overflows in the Cisco VPN 5000 Client before 5.2.7 for Linux, and VPN 5000 Client before 5.2.8 for Solaris, allow local users to gain root privileges via 1 closetunnel and 2 opentunnel...

7.2CVSS6.7AI score0.01716EPSS
Exploits1References3
cvelist
cvelist
added 2003/03/18 5:0 a.m.16 views

CVE-2002-1492

Buffer overflows in the Cisco VPN 5000 Client before 5.2.7 for Linux, and VPN 5000 Client before 5.2.8 for Solaris, allow local users to gain root privileges via 1 closetunnel and 2 opentunnel...

6.7AI score0.01716EPSS
Exploits1References3
securityvulns
securityvulns
added 2002/09/19 12:0 a.m.37 views

Cisco Security Advisory: Cisco VPN 5000 Client Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco VPN 5000 Client Multiple Vulnerabilities Revision 1.0 For Public Release 2002 September 18 08:00 UTC -0800 ---------------------------------------------------------------------- Contents Summary Affected Products Details...

7.9AI score
Exploits0
exploitdb
exploitdb
added 2002/09/18 12:0 a.m.20 views

Cisco VPN 5000 Client - Buffer Overrun (2)

// source: https://www.securityfocus.com/bid/5734/info Buffer overrun vulnerabilities have been reported in the Cisco VPN 5000 UNIX clients available for Linux and Solaris systems. The condition affects the binaries 'closetunnel' and 'opentunnel', both installed setuid root by default. Malicious...

7.4AI score
Exploits0
exploitdb
exploitdb
added 2002/09/18 12:0 a.m.18 views

Cisco VPN 5000 Client - Buffer Overrun (1)

// source: https://www.securityfocus.com/bid/5734/info Buffer overrun vulnerabilities have been reported in the Cisco VPN 5000 UNIX clients available for Linux and Solaris systems. The condition affects the binaries 'closetunnel' and 'opentunnel', both installed setuid root by default. Malicious...

7AI score
Exploits0
securityvulns
securityvulns
added 2002/09/18 12:0 a.m.33 views

Cisco VPN 5000 client buffer overflow vulnerabilities.

Subject : Cisco VPN 5000 client buffer overflow vulnerabilities Platforms : Linux and Solaris Versions : Linux versions prior to 5.2.7 and Solaris versions prior to 5.2.8 are affected. The impact: ----------- Abuse of these vulnerabilities can allow local users to gain super-user privileges. The...

2.4AI score
Exploits0
exploitpack
exploitpack
added 2002/09/18 12:0 a.m.18 views

Cisco VPN 5000 Client - Buffer Overrun (2)

Cisco VPN 5000 Client - Buffer Overrun 2 // source: https://www.securityfocus.com/bid/5734/info Buffer overrun vulnerabilities have been reported in the Cisco VPN 5000 UNIX clients available for Linux and Solaris systems. The condition affects the binaries 'closetunnel' and 'opentunnel', both...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2002/09/18 12:0 a.m.10 views

Cisco VPN 5000 Client - Buffer Overrun (1)

Cisco VPN 5000 Client - Buffer Overrun 1 // source: https://www.securityfocus.com/bid/5734/info Buffer overrun vulnerabilities have been reported in the Cisco VPN 5000 UNIX clients available for Linux and Solaris systems. The condition affects the binaries 'closetunnel' and 'opentunnel', both...

0.5AI score
Exploits0
nessus
nessus
added 2002/06/05 12:0 a.m.21 views

Cisco Catalyst 5000 Series Frame STP Port Broadcast DoS (CSCdt62732)

When an 802.1x IEEE standard for port based network access control frame is received by an affected Catalyst 5000 series switch on a STP Spanning Tree Protocol blocked port it is forwarded in that VLAN Virtual Local Area Network instead of being dropped. This causes a performance impacting 802.1x...

5CVSS5.5AI score0.01435EPSS
Exploits0References1
cve
cve
added 2002/02/02 5:0 a.m.45 views

CVE-2001-1007

CVE-2001-1007 affects Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA. The vulnerability arises from a small keyspace for device keys and the absence of a delay on incorrect keys, enabling faster brute-force guessing of the key. The NVD entry lists a MEDIUM base score (5.0/10) with net...

5CVSS6.9AI score0.01065EPSS
Exploits0References1Affected Software1
cve
cve
added 2002/02/02 5:0 a.m.69 views

CVE-2001-1005

CVE-2001-1005 affects Starfish Truesync Desktop 2.0b used on the REX 5000 PDA. The underlying issue is weak encryption used to store the user password in a registry key, enabling an attacker with registry access to decrypt the password and gain privileges. NVD lists CVSSv2 base score 7.5 (HIGH) w...

7.5CVSS7.2AI score0.00714EPSS
Exploits0References2Affected Software1
cve
cve
added 2002/02/02 5:0 a.m.48 views

CVE-2001-1006

Starfish Truesync Desktop 2.0b on the REX 5000 PDA stores sensitive files unencrypted and relies solely on password protection, enabling read access via another application. The CVE-2001-1006 entry notes lack of encryption with partial confidentiality impact, network‑level access, and no integrit...

5CVSS6.9AI score0.01096EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2002/02/02 5:0 a.m.17 views

CVE-2001-1007

Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses a small keyspace for device keys and does not impose a delay when an incorrect key is entered, which allows attackers to more quickly guess the key via a brute force attack...

6.5AI score0.01065EPSS
Exploits0References1
cvelist
cvelist
added 2002/02/02 5:0 a.m.21 views

CVE-2001-1006

Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA does not encrypt sensitive files and relies solely on its password feature to restrict access, which allows an attacker to read the files using a different application...

6.5AI score0.01096EPSS
Exploits0References2
Rows per page
Query Builder