Lucene search
K

184 matches found

Cvelist
Cvelist
added 2010/07/13 10:7 p.m.27 views

CVE-2010-2385

Unspecified vulnerability in Oracle Sun Java System Web Proxy Server 4.0.13 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Administration Server...

5.7AI score0.01502EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2010/07/13 12:0 a.m.28 views

Oracle Secure Backup Administration $other Variable Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary commands on vulnerable installations of Oracle Secure Backup. Authentication is required to exploit this vulnerability. The specific flaw exists in the handling of variables to the propertybox.php script located on the Oracle Secure...

9CVSS4.6AI score0.02243EPSS
Exploits4References1
Zero Day Initiative
Zero Day Initiative
added 2010/07/13 12:0 a.m.33 views

Oracle Secure Backup Administration uname Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Oracle Secure Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of user input to the uname variable of the login.php script running on th...

9.7CVSS2.1AI score0.50625EPSS
Exploits6References1
Zero Day Initiative
Zero Day Initiative
added 2010/07/13 12:0 a.m.31 views

Oracle Secure Backup Administration selector Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to inject arbitrary commands on vulnerable installations of Oracle Secure Backup. Authentication is required to exploit this vulnerability but may be bypassed. The specific flaw exists in the handling of the 'selector0' variable to the script index.php...

10CVSS2.6AI score0.02243EPSS
Exploits12References1
Zero Day Initiative
Zero Day Initiative
added 2010/07/13 12:0 a.m.35 views

Oracle Secure Backup Administration Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to inject arbitrary commands on vulnerable installations of Oracle Secure Backup. Authentication is required to exploit this vulnerability but may be bypassed. The specific flaw exists in the handling of the 'preauth' variable to the script index.php use...

10CVSS2.7AI score0.02243EPSS
Exploits12References1
securityvulns
securityvulns
added 2010/02/22 12:0 a.m.25 views

IBM Cognos Server backdoor

Undocumented Apache Tomcat account for TCP/19300 administration server...

2.8AI score
Exploits0References1
Nmap
Nmap
added 2010/01/28 12:48 a.m.289 views

db2-das-info NSE Script

Connects to the IBM DB2 Administration Server DAS on TCP or UDP port 523 and exports the server profile. No authentication is required for this request. The script will also set the port product and version if a version scan is requested. Example Usage nmap -sV Script Output PORT STATE SERVICE...

10CVSS9.4AI score0.99448EPSS
Exploits33
Tenable Nessus
Tenable Nessus
added 2010/01/06 12:0 a.m.53 views

CentOS 5 : krb5 (CESA-2007:0892)

Updated krb5 packages that correct a security flaw are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers to authenticate t...

10CVSS8.2AI score0.10997EPSS
Exploits4References5
Check Point Advisories
Check Point Advisories
added 2009/09/24 12:0 a.m.37 views

Oracle Secure Backup Administration Server Command Injection (CVE-2009-1978)

Oracle Secure Backup is a backup solution allowing for centralized tape backup management. The vulnerability is due to a flaw in the logic used to authenticate a user to the administration server. Successful exploitation of this vulnerability allows remote attackers to bypass authentication on...

9CVSS6.3AI score0.64694EPSS
Exploits13
0day.today
0day.today
added 2009/09/14 12:0 a.m.64 views

Oracle Secure Backup Server 10.3.0.1.0 Auth Bypass/RCI Exploit

Exploit for windows platform in category remote exploits ============================================================== Oracle Secure Backup Server 10.3.0.1.0 Auth Bypass/RCI Exploit ============================================================== !/bin/bash Oracle Secure Backup Administration Serv...

7.1AI score0.72638EPSS
Exploits13
exploitpack
exploitpack
added 2009/09/14 12:0 a.m.110 views

Oracle Secure Backup Server 10.3.0.1.0 - Authentication Bypass Remote Code Injection

Oracle Secure Backup Server 10.3.0.1.0 - Authentication Bypass Remote Code Injection !/bin/bash Oracle Secure Backup Administration Server authentication bypass, plus command injection vulnerability 1-day exploit for CVE-2009-1977 and CVE-2009-1978 PoC script successfully tested on: Oracle Secure...

10CVSS0.6AI score0.72638EPSS
Exploits13
Tenable Nessus
Tenable Nessus
added 2009/09/14 12:0 a.m.39 views

Oracle Secure Backup Administration Server Authentication Bypass

The remote web server is the Administration Server for Oracle Secure Backup, a centralized tape backup management software application. The installed version of Oracle Secure Backup allows a remote attacker to bypass authentication using a specially crafted username, such as '--fakeoption'. An...

10CVSS5.6AI score0.72638EPSS
Exploits8References4
Zero Day Initiative
Zero Day Initiative
added 2009/08/18 12:0 a.m.39 views

Oracle Secure Backup Administration Server Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Oracle Secure Backup. User interaction is not required to exploit this vulnerability. The specific flaw exists in the logic used to authenticate a user to the administration server running on port...

10CVSS4.9AI score0.72638EPSS
Exploits8References1
Zero Day Initiative
Zero Day Initiative
added 2009/08/18 12:0 a.m.25 views

Oracle Secure Backup Administration Server Multiple Command Injection Vulnerabilities

This vulnerability allows remote attackers to inject arbitrary commands on vulnerable installations of Oracle Secure Backup. User interaction is not required to exploit this vulnerability but an attacker must be authenticated. The specific flaw exists in the handling of various variables to the...

9CVSS2.8AI score0.64694EPSS
Exploits13References1
OpenVAS
OpenVAS
added 2009/05/05 12:0 a.m.25 views

HP-UX Update for Netscape NSS Library Suite SSLv2 HPSBUX01070

Check for the Version of Netscape NSS Library Suite SSLv2 OpenVAS Vulnerability Test HP-UX Update for Netscape NSS Library Suite SSLv2 HPSBUX01070 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...

7.5CVSS6.5AI score0.22525EPSS
Exploits1References2
Check Point Advisories
Check Point Advisories
added 2009/02/23 12:0 a.m.57 views

Oracle Secure Backup Multiple Command Injections (CVE-2008-4006; CVE-2008-5448; CVE-2008-5449)

Oracle Database Server is an enterprise-level relational database application suite. Oracle Secure Backup Administration Server provides a single point of data management across network attached storage NAS devices and distributed hosts. Several command injection vulnerabilities were reported in...

10CVSS7.1AI score0.3857EPSS
Exploits13
Tenable Nessus
Tenable Nessus
added 2009/01/14 12:0 a.m.58 views

Oracle Secure Backup Administration Server login.php Arbitrary Command Injection

The remote version of Oracle Secure Backup Administration Server fails to sanitize user-supplied input to various parameters used in the 'login.php' script before using it. By sending specially crafted arguments an attacker can exploit it to execute code on the remote host with the web server...

10CVSS5.8AI score0.3857EPSS
Exploits13References3
Prion
Prion
added 2008/08/28 5:41 p.m.18 views

Design/Logic Flaw

Unspecified vulnerability in the DB2 Administration Server DAS in the Core DAS function component in IBM DB2 9.1 before Fixpak 5 allows local users to gain privileges, aka a "FILE CREATION VULNERABILITY." NOTE: this may be the same as CVE-2007-5664...

4.6CVSS6.3AI score0.00362EPSS
Exploits1References6Affected Software1
NVD
NVD
added 2008/08/28 5:41 p.m.25 views

CVE-2008-3855

Unspecified vulnerability in the DB2 Administration Server DAS in the Core DAS function component in IBM DB2 9.1 before Fixpak 5 allows local users to gain privileges, aka a "FILE CREATION VULNERABILITY." NOTE: this may be the same as CVE-2007-5664...

4.6CVSS6AI score0.00362EPSS
Exploits0References6
Cvelist
Cvelist
added 2008/08/28 5:0 p.m.27 views

CVE-2008-3855

Unspecified vulnerability in the DB2 Administration Server DAS in the Core DAS function component in IBM DB2 9.1 before Fixpak 5 allows local users to gain privileges, aka a "FILE CREATION VULNERABILITY." NOTE: this may be the same as CVE-2007-5664...

6AI score0.00362EPSS
Exploits0References6
Rows per page
Query Builder