4191 matches found
MS KB821724: ISA Server 2000 May Send Basic Credentials Over an External HTTP Connection
The remote ISA server is configured in such a way that it may send Basic authentication credentials over an insecure connection. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid18491; scriptversion"1.19"; scriptcvsdate"Date: 2018/11/15 20:50:28"; scriptbugtraqid13955;...
CVE-2004-2027
Buffer overflow in Icecast 2.0.0 and earlier allows remote attackers to cause a denial of service crash via a long Basic Authorization header that triggers an out-of-bounds read...
CVE-2004-2029
The UtilDecodeHTTPAuth function in BNBT BitTorrent Tracker Beta 7.5 Release 2 and earlier allows remote attackers to cause a denial of service crash via a Basic Authorization HTTP request with a "A==" value...
CVE-2002-1654
The CVE affects iPlanet Web Server Enterprise Edition and Netscape Enterprise Server 4.0 and 4.1. A flaw allows remote attackers to initiate HTTP Basic Authentication through the wp-force-auth Web Publisher command, creating a distinct attack vector and potentially making brute-force password gue...
serversAlive.txt
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory information: Title: Servers Alive - Privilege Escalation CVE Candidate Number: CAN-2005-0352 Application: Servers Alive Versions known affected: 4.1, 5.0; other versions not tested. Classification: Privilege Escalation Author: Michael Starks...
Servers Alive: Local Privilege Escalation
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Advisory information: Title: Servers Alive - Privilege Escalation CVE Candidate Number: CAN-2005-0352 Application: Servers Alive Versions known affected: 4.1, 5.0; other versions not tested. Classification: Privilege Escalation Author: Michael Starks...
See-security advisory: Trillian Basic 3.0 PNG Processing Buffer overflow
See-security Technologies ltd. http://www.see-security.com - Product Information Trillian is a fully featured, stand-alone, skinnable chat client that supports AIM, ICQ, MSN, Yahoo Messenger, and IRC. - Vulnerability Description Trillian contains a buffer overflow vulnerability in the way it pars...
Trillian Basic 3.0 - '.png' Image Processing Buffer Overflow
See-security Technologies ltd. http://www.see-security.com Trillian 3.0 PNG Image Processing Buffer overflow Exploit Discovered and coded by: Tal zeltzer import sys import struct Addresses are compatible with Windows XP Service Pack 1 ReturnAddress = 0x77D7A145 Address of "jmp esp" in ntdll.dll...
Trillian Basic 3.0 PNG Image Processing Buffer Overflow Exploit
Exploit for unknown platform in category dos / poc =============================================================== Trillian Basic 3.0 PNG Image Processing Buffer Overflow Exploit =============================================================== See-security Technologies ltd...
Trillian Basic 3.0 PNG Image Processing Buffer Overflow Exploit
No description provided by source. See-security Technologies ltd. http://www.see-security.com Trillian 3.0 PNG Image Processing Buffer overflow Exploit Discovered and coded by: Tal zeltzer import sys import struct Addresses are compatible with Windows XP Service Pack 1 ReturnAddress = 0x77D7A145...
CVE-2001-1414
The Basic Security Module BSM for Solaris 2.5.1, 2.6, 7, and 8 does not log anonymous FTP access, which allows remote attackers to hide their activities, possibly when certain BSM audit files are not present under the FTP root...
CVE-2004-1358
The patches 1 114332-08 and 2 114929-06 for Sun Solaris 9 disable the auditing functionality of the Basic Security Module BSM, which allows attackers to avoid having their activity logged...
CVE-2004-1897
Administration interface in Monit 1.4 through 4.2 allows remote attackers to cause a denial of service segmentation fault by sending a Basic Authentication request without a password, which causes Monit to decrement a null pointer and perform an out-of-bounds read...
DEBIAN-CVE-2004-1897
Administration interface in Monit 1.4 through 4.2 allows remote attackers to cause a denial of service segmentation fault by sending a Basic Authentication request without a password, which causes Monit to decrement a null pointer and perform an out-of-bounds read...
CVE-2004-2306
Sun Solaris 7 through 9, when Basic Security Module BSM is enabled and the SUNWscpu package has been removed as a result of security hardening, disables mail alerts from the auditwarn script, which might allow attackers to escape detection...
CVE-2004-0334
InnoMedia VideoPhone allows remote attackers to bypass Basic Authorization via an HTTP request to 1 videophoneadmindetail.asp, 2 videophonesyscfg.asp, 3 videophoneupgrade.asp, or 4 videophonesysctrl.asp that contains a trailing / slash. NOTE: the original report mentioned AXIS 2100 Network Camera...
Monit 4.2 - Basic Authentication Remote Code Execution
/ THE EYE ON SECURITY RESEARCH GROUP - INDIA http://www.eos-india.net/poc/305monit.c Remote Root Exploit for Monit linuxmailorg - Abhisek Datta abhisekfrontru 06.04.2004 http://www.eos-india.net New Targets : RedHat 9 Fedora Core 2 Slackware 8.1 Update Code :...
Monit <= 4.2 Basic Authentication Remote Root Exploit
Exploit for linux platform in category remote exploits ===================================================== Monit linuxmailorg - Abhisek Datta abhisekfrontru 06.04.2004 http://www.eos-india.net New Targets : RedHat 9 Fedora Core 2 Slackware 8.1 Update Code :...
Monit 4.2 - Basic Authentication Remote Code Execution
Monit 4.2 - Basic Authentication Remote Code Execution / THE EYE ON SECURITY RESEARCH GROUP - INDIA http://www.eos-india.net/poc/305monit.c Remote Root Exploit for Monit linuxmailorg - Abhisek Datta abhisekfrontru 06.04.2004 http://www.eos-india.net New Targets : RedHat 9 Fedora Core 2 Slackware...
Monit <= 4.2 Basic Authentication Remote Root Exploit
No description provided by source. / THE EYE ON SECURITY RESEARCH GROUP - INDIA http://www.eos-india.net/poc/305monit.c Remote Root Exploit for Monit = 4.2 Vulnerability: Buffer overflow in handling of Basic Authentication informations. Server authenticates clients through: Authentication: Basic...