1857 matches found
Дырка в cyrus-sasl
Пользователи, прошедшие аутентификацию могут обратиться к любым ресурсам...
CVE-2000-0689
Account Manager LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the amadmin.pl script with the setpasswd parameter...
WFTPD 2.4.1RC11 - STATLIST Denial of Service
WFTPD 2.4.1RC11 - STATLIST Denial of Service source: https://www.securityfocus.com/bid/1506/info WFTPD versions prior to 2.4.1RC11 suffer from a number of vulnerabilities. 1 Issuing a STAT command while a LIST is in progress will cause the ftp server to crash. 2 If the REST command is used to wri...
CVE-2000-0649
IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined...
NetWin dMailWeb Unrestricted Mail Relay
Product: NetWin dMailWeb Type: Unrestricted Mail Relay Severity: Moderate Versions: = 2.6g: Case A All, configuration error: Case B Note: NetWin cwMail also appears vulnerable to the same attacks, and appears to be using exactly the same version numbers. --- Overview dMailWeb is a CGI application...
CVE-2000-0513
CUPS Common Unix Printing System 1.04 and earlier allows remote attackers to cause a denial of service by authenticating with a user name that does not exist or does not have a shadow password...
Infosec.20000617.panda.a
Infosec Security Vulnerability Report No: Infosec.20000617.panda.a ============================ Vulnerability Summary --------------------- Problem: Panda Antivirus has an open console at port 2001 Threat: Remotely run any command on a Netware console Platform: Confirmed on Novell Netware Solutio...
ACC/Ericsson Tigris Accounting Failure
The Tigris is a high-density router/remote-access platform, currently a product of Ericsson, more information on it can be found at: http://www.ericsson.com/datacom/products/wanaccess/tigris/index.shtml There appears to be a bug in the Tigris operating system software that causes Radius accountin...
checkpoint-fw1.vuln.txt
There are two vulnerabilities in FW-1. The first is an authentication issue, the other is a configuration issue. Since I don't have a copy of 4.x FW-1 handy maybe someone can check it for me. 1 The basic authentication used in Checkpoint FW-1 used for inside/outbound and outside/inbound allows...
i2odialogd.txt
Greetings, OVERVIEW Anyone can gain remote root access to a UnixWare 7.1 system by exploiting a vulnerability in the i2odialogd daemon. This daemon is installed and running by default. BACKGROUND I've only tested UnixWare 7.1. OpenServer doesn't feature this particular daemon, so it is not...
CVE-1999-0075
PASV core dump in wu-ftpd daemon when attacker uses a QUOTE PASV command after specifying a username and password...
NetIQ.txt
AppManager 2.0 from NetIQ displays passwords in clear text! AppManager is a product which enables an enterprise to monitor the performance and availability of Windows NT server services such as Exchange, SQL, etc. It does this via an agent on the target machine which reports back to a console. Th...
Verity Search97 2.1 - Security
source: https://www.securityfocus.com/bid/162/info A pair of vulnerabilities exist in Verity's Search97 web interface to the Verity search engine. The first vulnerability is due to cgi-bin scripts, s97cgi and s97rcgi failing to check for the existence of certain shell meta characters. This allows...
PT-1998-1062 · Cisco · Cisco
Name of the Vulnerable Software and Affected Versions: Cisco systems affected versions not specified Description: The issue allows attackers to execute commands without authorization on Cisco systems using AAA authentication. Recommendations: At the moment, there is no information about a newer...
DUO-PSA-2018-002: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2018-002 Publication Date: 2018-05-23 Revision Date: 2018-05-23 Status: Confirmed, Fixed Document Revision: 1 Overview Duo has identified and fixed an issue with the Duo administrative panel. This issue could have allowed for a second-factor bypa...
Security Update for Windows Vista for x64-based Systems (KB2503665)
A security issue has been identified that could allow an authenticated local attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system...
Security Update for Windows XP x64 Edition (KB952069)
A security issue has been identified that could allow an authenticated remote attacker to compromise your system and gain control over it. You can help protect your system by installing this update from Microsoft. After you install this update, you may have to restart your system...