3063 matches found
CVE-2001-0003
Web Extender Client WEC in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication"...
Authentication By-Pass Vulnerability in OpenSSH-2.3.1 (devel snapshot)
Please, check http://www.openssh.com/security.html for a full summary of security related issues in OpenSSH. ---------------------------------------------------------------------------- OpenBSD Security Advisory February 8, 2001 Authentication By-Pass Vulnerability in OpenSSH-2.3.1...
SSH authentication agent follows symlinks via a UNIX domain socket
Overview Older versions of SSH allow local attackers to to establish ssh sessions as the victim user without authentication. Description The text of this document was originally released on January 20, 1998, as SNI-23, developed by Secure Networks, Inc. SNI. To more widely broadcast this...
CVE-2000-1097
The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via a long username in the authentication page...
CVE-2000-0843
Buffer overflow in pamsmb and pamntdom pluggable authentication modules PAM allow remote attackers to execute arbitrary commands via a login with a long user name...
SystemWizard Registry Object ActiveX Control lacks authentication
Overview Description The SystemWizard "Registry Object" ActiveX Control may allow attackers to modify the registry on systems where the control is installed. This control was shipped on HP Pavilion computers running Windows 98, as part of a diagnostic application named "SystemWizard" produced by...
[CORE SDI ADVISORY] MySQL weak authentication
CORE SDI http://www.core-sdi.com Vulnerability Report for MySQL Authentication Vulnerability Date Published: 2000-10-23 Advisory ID: CORE-20001023 Bugtraq ID: 1826 CVE CAN: Not currently assigned. Title: MySQL Authentication Vulnerability Class: Design Error Remotely Exploitable: Yes Locally...
CVE-2000-0757
The sysgen service in Aptis Totalbill does not perform authentication, which allows remote attackers to gain root privileges by connecting to the service and specifying the commands to be executed...
CVE-2000-0696
The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly calling the admin CGI script...
CVE-2000-0627
BlackBoard CourseInfo 4.0 does not properly authenticate users, which allows local users to modify CourseInfo database information and gain privileges by directly calling the supporting CGI programs such as userupdatepasswd.pl and userupdateadmin.pl...
CVE-2000-0673
The NetBIOS Name Server NBNS protocol does not perform authentication, which allows remote attackers to cause a denial of service by sending a spoofed Name Conflict or Name Release datagram, aka the "NetBIOS Name Server Protocol Spoofing" vulnerability...
telnet and rlogin URLs disclose sensitive information, including Environment variables
Overview Some telnet clients may disclose sensitive information in environment variables Description Web browsers can be configured to respond to certian protocol types through the use of a helper application. In this case, web browsers can respond to telnet: URLs with the use of a helper...
CVE-2000-0688
Subscribe Me LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the subscribe.pl script with the setpwd parameter...
Kerberos 4 4.0/5 5.0 - KDC Spoofing
source: https://www.securityfocus.com/bid/1616/info Kerberos is a cryptographic authentication protocol that allows users of a network to access services without transmitting cleartext passwords. A common implementation of the protocol includes a login service which is vulnerable to an attack whi...
Darxite daemon remote exploit/DoS problem
Darxite daemon remote exploit/DoS problem + Advisory by dethy www.synnergy.net |=============================================| Vulnerable: Darxite All versions up to and including 0.4 Discovery : [email protected] Exploits : Scrippie & dethy Description ----------- "Darxite" is a daemon, written...
PHP-Nuke 1.0/2.5 - Administrative Privileges
source: https://www.securityfocus.com/bid/1592/info PHP-Nuke is a website creation/maintainence tool written in PHP3. It is possible to elevate priviliges in this system from normal user to administrator due to a flaw in authentication code. The problem occurs here: $aid = variable holding author...
VIGILANTE-2000005.txt
Watchguard Firebox Authentication DoS Advisory Code: VIGILANTE-2000005 Release Date: August 15, 2000 Systems Affected: Tested on the newest version of the Watchguard Firebox II that was on the 22nd of June, but it is very likely that this bug exists in all prior versions that include the...
Sun AnswerBook2 1.4.21.4.31.4.4 - Administration Interface Access
Sun AnswerBook2 1.4.21.4.31.4.4 - Administration Interface Access source: https://www.securityfocus.com/bid/1554/info A lack of authentication checks for certain scripts within the administration interface of AnswerBook2 versions 1.4.2 and prior, for Solaris, allows remote users to create...
ipop2d fold Command Arbitrary File Access
The remote pop2 server allows the reading of arbitrary files for authenticated users, using the 'fold' command. C Tenable Network Security, Inc. Theory : - log into the remote server - fold /etc/passwd - read 1 - retr We only check the banner for this flaw include"compat.inc"; ifdescription...
CVE-2000-0673
The NetBIOS Name Server NBNS protocol does not perform authentication, which allows remote attackers to cause a denial of service by sending a spoofed Name Conflict or Name Release datagram, aka the "NetBIOS Name Server Protocol Spoofing" vulnerability...