7647 matches found
Cobalt RaQ4 Administrative Interface Command Execution Vulnerability
Description The RaQ4 is a server appliance distributed and maintained by Sun Microsystems. A vulnerability has been reported in the web administration interface of the RaQ4. It is possible for a remote attacker to execute commands. By passing malicious email parameter to the vulnerable CGI script...
Cobalt RaQ4 - Administrative Interface Command Execution
// source: https://www.securityfocus.com/bid/6326/info The RaQ4 is a server appliance distributed and maintained by Sun Microsystems. A vulnerability has been reported in the web administration interface of the RaQ4. It is possible for a remote attacker to execute commands. By passing malicious...
CVE-2002-1235
The kadmserin function in 1 the Kerberos v4compatibility administration daemon kadmind4 in the MIT Kerberos 5 krb5 krb5-1.2.6 and earlier, 2 kadmind in KTH Kerberos 4 eBones before 1.2.1, and 3 kadmind in KTH Kerberos 5 Heimdal before 0.5.1 when compiled with Kerberos 4 support, does not properly...
DEBIAN-CVE-2002-1235
The kadmserin function in 1 the Kerberos v4compatibility administration daemon kadmind4 in the MIT Kerberos 5 krb5 krb5-1.2.6 and earlier, 2 kadmind in KTH Kerberos 4 eBones before 1.2.1, and 3 kadmind in KTH Kerberos 5 Heimdal before 0.5.1 when compiled with Kerberos 4 support, does not properly...
[SECURITY] [DSA 185-1] New heimdal packages fix buffer overflows
-------------------------------------------------------------------------- Debian Security Advisory DSA 185-1 [email protected] http://www.debian.org/security/ Martin Schulze October 31st, 2002 http://www.debian.org/security/faq -...
DSA-185 heimdal - buffer overflow
Bulletin has no description...
CERT Advisory CA-2002-29 Buffer Overflow in Kerberos Administration Daemon
-----BEGIN PGP SIGNED MESSAGE----- CERT Advisory CA-2002-29 Buffer Overflow in Kerberos Administration Daemon Original issue date: October 25, 2002 Last revised: -- Source: CERT/CC A complete revision history is at the end of this file. Systems Affected MIT Kerberos version 4 and version 5 up to...
CVE-2002-1235
The kadmserin function in 1 the Kerberos v4compatibility administration daemon kadmind4 in the MIT Kerberos 5 krb5 krb5-1.2.6 and earlier, 2 kadmind in KTH Kerberos 4 eBones before 1.2.1, and 3 kadmind in KTH Kerberos 5 Heimdal before 0.5.1 when compiled with Kerberos 4 support, does not properly...
Kerberos administration daemon vulnerable to buffer overflow
Overview Multiple Kerberos distributions contain a remotely exploitable buffer overflow in the Kerberos administration daemon. A remote attacker could exploit this vulnerability to gain root privileges on a vulnerable system. Description A remotely exploitable buffer overflow exists in the Kerber...
Multiple bugs in Web602
Directory listing, special device access, administration access...
Oracle 9i Application Server 9.0.2 Web Cache Administration Tool - Denial of Service
Oracle 9i Application Server 9.0.2 Web Cache Administration Tool - Denial of Service source: https://www.securityfocus.com/bid/5902/info Oracle 9i Application Server 9iAS allows remote administration via a web access module. This vulnerability affects Oracle 9iAS running on Microsoft Windows. Whe...
Oracle 9i Application Server 9.0.2 Web Cache Administration Tool - Denial of Service
source: https://www.securityfocus.com/bid/5902/info Oracle 9i Application Server 9iAS allows remote administration via a web access module. This vulnerability affects Oracle 9iAS running on Microsoft Windows. When a custom request is sent to the Web Administration module, the module may react...
CVE-2002-1069
The remote administration capability for the D-Link DI-804 router 4.68 allows remote attackers to bypass authentication and release DHCP addresses or obtain sensitive information via a direct web request to the pages 1 release.htm, 2 Device Status, or 3 Device Information...
CVE-2002-0664
The CVE-2002-0664 entry describes a vulnerability in IBM Lotus Domino ZMerge administration databases where default ACLs allow arbitrary/anonymous users to obtain Manager-level access. This misconfiguration can let an unauthenticated attacker read or modify import/export scripts and disclose serv...
CVE-2002-1069
The remote administration capability for the D-Link DI-804 router 4.68 allows remote attackers to bypass authentication and release DHCP addresses or obtain sensitive information via a direct web request to the pages 1 release.htm, 2 Device Status, or 3 Device Information...
CVE-2002-1069
CVE-2002-1069 concerns the D-Link DI-804 router (firmware 4.68). The weakness allows remote attackers to bypass authentication via direct access to web pages (release.htm, Device Status, Device Information) and perform actions such as releasing DHCP addresses or retrieving sensitive data. The und...
CVE-2002-1080
The CVE-2002-1080 entry affects Abyss Web Server 1.0.3 prior to Patch 2. Remote attackers can gain privileges and modify server configuration through direct requests to CHL files (srvstatus.chl, consport.chl, general.chl, srvparam.chl, advanced.chl). The available sources confirm the affected pro...
Abyss 1.0.3 directory traversal and administration bugs
Auriemma Luigi, PivX security advisory Application: Abyss webserver http://www.aprelium.com Version: 1.0.3 patch 2 and previous, both Windows and Linux, patch 2 fix the administration bug Bug: Directory traversal and administration bugs Risk high: An attacker can view every file in the remote...
CVE-2002-0763
Vulnerability in administration server for HP VirtualVault 4.5 on HP-UX 11.04 allows remote web servers or privileged external processes to bypass access restrictions and establish connections to the server...
CVE-2002-0513
The PHP administration script in poppermod 1.2.1 and earlier relies on Apache .htaccess authentication, which allows remote attackers to gain privileges if the script is not appropriately configured by the administrator...