184 matches found
CVE-2010-2385
Unspecified vulnerability in Oracle Sun Java System Web Proxy Server 4.0.13 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Administration Server...
Oracle Secure Backup Administration $other Variable Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary commands on vulnerable installations of Oracle Secure Backup. Authentication is required to exploit this vulnerability. The specific flaw exists in the handling of variables to the propertybox.php script located on the Oracle Secure...
Oracle Secure Backup Administration uname Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Oracle Secure Backup. Authentication is not required to exploit this vulnerability. The specific flaw exists in the handling of user input to the uname variable of the login.php script running on th...
Oracle Secure Backup Administration selector Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to inject arbitrary commands on vulnerable installations of Oracle Secure Backup. Authentication is required to exploit this vulnerability but may be bypassed. The specific flaw exists in the handling of the 'selector0' variable to the script index.php...
Oracle Secure Backup Administration Command Injection Remote Code Execution Vulnerability
This vulnerability allows remote attackers to inject arbitrary commands on vulnerable installations of Oracle Secure Backup. Authentication is required to exploit this vulnerability but may be bypassed. The specific flaw exists in the handling of the 'preauth' variable to the script index.php use...
IBM Cognos Server backdoor
Undocumented Apache Tomcat account for TCP/19300 administration server...
db2-das-info NSE Script
Connects to the IBM DB2 Administration Server DAS on TCP or UDP port 523 and exports the server profile. No authentication is required for this request. The script will also set the port product and version if a version scan is requested. Example Usage nmap -sV Script Output PORT STATE SERVICE...
CentOS 5 : krb5 (CESA-2007:0892)
Updated krb5 packages that correct a security flaw are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. Kerberos is a network authentication system which allows clients and servers to authenticate t...
Oracle Secure Backup Administration Server Command Injection (CVE-2009-1978)
Oracle Secure Backup is a backup solution allowing for centralized tape backup management. The vulnerability is due to a flaw in the logic used to authenticate a user to the administration server. Successful exploitation of this vulnerability allows remote attackers to bypass authentication on...
Oracle Secure Backup Server 10.3.0.1.0 Auth Bypass/RCI Exploit
Exploit for windows platform in category remote exploits ============================================================== Oracle Secure Backup Server 10.3.0.1.0 Auth Bypass/RCI Exploit ============================================================== !/bin/bash Oracle Secure Backup Administration Serv...
Oracle Secure Backup Server 10.3.0.1.0 - Authentication Bypass Remote Code Injection
Oracle Secure Backup Server 10.3.0.1.0 - Authentication Bypass Remote Code Injection !/bin/bash Oracle Secure Backup Administration Server authentication bypass, plus command injection vulnerability 1-day exploit for CVE-2009-1977 and CVE-2009-1978 PoC script successfully tested on: Oracle Secure...
Oracle Secure Backup Administration Server Authentication Bypass
The remote web server is the Administration Server for Oracle Secure Backup, a centralized tape backup management software application. The installed version of Oracle Secure Backup allows a remote attacker to bypass authentication using a specially crafted username, such as '--fakeoption'. An...
Oracle Secure Backup Administration Server Authentication Bypass Vulnerability
This vulnerability allows remote attackers to bypass authentication on vulnerable installations of Oracle Secure Backup. User interaction is not required to exploit this vulnerability. The specific flaw exists in the logic used to authenticate a user to the administration server running on port...
Oracle Secure Backup Administration Server Multiple Command Injection Vulnerabilities
This vulnerability allows remote attackers to inject arbitrary commands on vulnerable installations of Oracle Secure Backup. User interaction is not required to exploit this vulnerability but an attacker must be authenticated. The specific flaw exists in the handling of various variables to the...
HP-UX Update for Netscape NSS Library Suite SSLv2 HPSBUX01070
Check for the Version of Netscape NSS Library Suite SSLv2 OpenVAS Vulnerability Test HP-UX Update for Netscape NSS Library Suite SSLv2 HPSBUX01070 Authors: System Generated Check Copyright: Copyright c 2009 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can...
Oracle Secure Backup Multiple Command Injections (CVE-2008-4006; CVE-2008-5448; CVE-2008-5449)
Oracle Database Server is an enterprise-level relational database application suite. Oracle Secure Backup Administration Server provides a single point of data management across network attached storage NAS devices and distributed hosts. Several command injection vulnerabilities were reported in...
Oracle Secure Backup Administration Server login.php Arbitrary Command Injection
The remote version of Oracle Secure Backup Administration Server fails to sanitize user-supplied input to various parameters used in the 'login.php' script before using it. By sending specially crafted arguments an attacker can exploit it to execute code on the remote host with the web server...
Design/Logic Flaw
Unspecified vulnerability in the DB2 Administration Server DAS in the Core DAS function component in IBM DB2 9.1 before Fixpak 5 allows local users to gain privileges, aka a "FILE CREATION VULNERABILITY." NOTE: this may be the same as CVE-2007-5664...
CVE-2008-3855
Unspecified vulnerability in the DB2 Administration Server DAS in the Core DAS function component in IBM DB2 9.1 before Fixpak 5 allows local users to gain privileges, aka a "FILE CREATION VULNERABILITY." NOTE: this may be the same as CVE-2007-5664...
CVE-2008-3855
Unspecified vulnerability in the DB2 Administration Server DAS in the Core DAS function component in IBM DB2 9.1 before Fixpak 5 allows local users to gain privileges, aka a "FILE CREATION VULNERABILITY." NOTE: this may be the same as CVE-2007-5664...