870 matches found
ZDI-06-029: Ipswitch WS_FTP Server Checksum Command Parsing Buffer Overflow Vulnerabilities
ZDI-06-029: Ipswitch WSFTP Server Checksum Command Parsing Buffer Overflow Vulnerabilities http://www.zerodayinitiative.com/advisories/ZDI-06-029.html September 26, 2006 -- CVE ID: CVE-2006-5000 -- Affected Vendor: Ipswitch -- Affected Products: Ipswitch WSFTP Server v5.04, v5.05 -- TippingPointT...
Immunity Canvas: WS_FTPD_XCRC
Name| wsftpdxcrc ---|--- CVE| CVE-2006-5000 Exploit Pack| CANVAS Description| Ipswitch WSFTP Server XCRC Overflow Notes| CVE Name: CVE-2006-5000 VENDOR: IPSwitch Repeatability: One shot References: http://www.zerodayinitiative.com/advisories/ZDI-06-029.html CVE Url:...
CVE-2006-5000
Ipswitch WS_FTP Server is affected: versions 5.0 through 5.05 before Hotfix 1 contain buffer overflows in the parsing of long arguments to XCRC, XMD5, and XSHA1 commands, leading to a stack overflow. The ZDI advisory notes remote code execution possible with valid or anonymous credentials; vendor...
CVE-2006-0718
The Internet Key Exchange version 1 IKEv1 implementation in Avaya VSU 100, 2000, 7500, 10000, and CSU 5000, when running IPSec, allows remote attackers to cause a denial of service crash via certain IKE packets, as demonstrated by the PROTOS ISAKMP Test Suite for IKEv1. NOTE: due to the lack of...
CVE-2004-0347
Cross-site scripting XSS vulnerability in delhomepage.cgi in NetScreen-SA 5000 Series running firmware 3.3 Patch 1 build 4797 allows remote authenticated users to execute arbitrary script as other users via the row parameter...
CVE-2004-0347
Cross-site scripting XSS vulnerability in delhomepage.cgi in NetScreen-SA 5000 Series running firmware 3.3 Patch 1 build 4797 allows remote authenticated users to execute arbitrary script as other users via the row parameter...
CVE-2002-1492
Buffer overflows in the Cisco VPN 5000 Client before 5.2.7 for Linux, and VPN 5000 Client before 5.2.8 for Solaris, allow local users to gain root privileges via 1 closetunnel and 2 opentunnel...
CVE-2002-1492
Buffer overflows in the Cisco VPN 5000 Client before 5.2.7 for Linux, and VPN 5000 Client before 5.2.8 for Solaris, allow local users to gain root privileges via 1 closetunnel and 2 opentunnel...
Cisco Security Advisory: Cisco VPN 5000 Client Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco VPN 5000 Client Multiple Vulnerabilities Revision 1.0 For Public Release 2002 September 18 08:00 UTC -0800 ---------------------------------------------------------------------- Contents Summary Affected Products Details...
Cisco VPN 5000 Client - Buffer Overrun (2)
// source: https://www.securityfocus.com/bid/5734/info Buffer overrun vulnerabilities have been reported in the Cisco VPN 5000 UNIX clients available for Linux and Solaris systems. The condition affects the binaries 'closetunnel' and 'opentunnel', both installed setuid root by default. Malicious...
Cisco VPN 5000 Client - Buffer Overrun (1)
// source: https://www.securityfocus.com/bid/5734/info Buffer overrun vulnerabilities have been reported in the Cisco VPN 5000 UNIX clients available for Linux and Solaris systems. The condition affects the binaries 'closetunnel' and 'opentunnel', both installed setuid root by default. Malicious...
Cisco VPN 5000 client buffer overflow vulnerabilities.
Subject : Cisco VPN 5000 client buffer overflow vulnerabilities Platforms : Linux and Solaris Versions : Linux versions prior to 5.2.7 and Solaris versions prior to 5.2.8 are affected. The impact: ----------- Abuse of these vulnerabilities can allow local users to gain super-user privileges. The...
Cisco VPN 5000 Client - Buffer Overrun (2)
Cisco VPN 5000 Client - Buffer Overrun 2 // source: https://www.securityfocus.com/bid/5734/info Buffer overrun vulnerabilities have been reported in the Cisco VPN 5000 UNIX clients available for Linux and Solaris systems. The condition affects the binaries 'closetunnel' and 'opentunnel', both...
Cisco VPN 5000 Client - Buffer Overrun (1)
Cisco VPN 5000 Client - Buffer Overrun 1 // source: https://www.securityfocus.com/bid/5734/info Buffer overrun vulnerabilities have been reported in the Cisco VPN 5000 UNIX clients available for Linux and Solaris systems. The condition affects the binaries 'closetunnel' and 'opentunnel', both...
Cisco Catalyst 5000 Series Frame STP Port Broadcast DoS (CSCdt62732)
When an 802.1x IEEE standard for port based network access control frame is received by an affected Catalyst 5000 series switch on a STP Spanning Tree Protocol blocked port it is forwarded in that VLAN Virtual Local Area Network instead of being dropped. This causes a performance impacting 802.1x...
CVE-2001-1007
CVE-2001-1007 affects Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA. The vulnerability arises from a small keyspace for device keys and the absence of a delay on incorrect keys, enabling faster brute-force guessing of the key. The NVD entry lists a MEDIUM base score (5.0/10) with net...
CVE-2001-1005
CVE-2001-1005 affects Starfish Truesync Desktop 2.0b used on the REX 5000 PDA. The underlying issue is weak encryption used to store the user password in a registry key, enabling an attacker with registry access to decrypt the password and gain privileges. NVD lists CVSSv2 base score 7.5 (HIGH) w...
CVE-2001-1006
Starfish Truesync Desktop 2.0b on the REX 5000 PDA stores sensitive files unencrypted and relies solely on password protection, enabling read access via another application. The CVE-2001-1006 entry notes lack of encryption with partial confidentiality impact, network‑level access, and no integrit...
CVE-2001-1007
Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses a small keyspace for device keys and does not impose a delay when an incorrect key is entered, which allows attackers to more quickly guess the key via a brute force attack...
CVE-2001-1006
Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA does not encrypt sensitive files and relies solely on its password feature to restrict access, which allows an attacker to read the files using a different application...