258 matches found
Fedora 20 : libreswan-3.7-1.fc20 (2013-23250)
Security fix for CVE-2013-4564, extended AES-GCM and AES-CCM Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
Cisco CNS Network Registrar Denial of Service (CVE-2004-1164)
CNS Network Registrar is a product suite developed by Cisco Systems that implements DNS, DHCP, and TFTP services for medium to large IP-based networks. The product suite provides a management architecture that allow for the configuration and management of one or more clusters of CNS Network...
CVE-2007-5413
HP OpenView Radia Integration Server, specifically httpd.tkd, is affected in CM Infrastructure v4.0–4.2i and CCM v2.0. The vulnerability arises from insufficient validation of URLs containing tilde references (e.g., ~root) in the HTTP server bound to TCP port 3465, enabling remote attackers to re...
[security bulletin] HPSBMA02167 SSRT061262 rev.2 - HP OpenView Client Configuration Manager (CCM), Remote Unauthorized Arbitrary Code Execution or Denial of Service (DoS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c00795552 Version: 2 HPSBMA02167 SSRT061262 rev.2 - HP OpenView Client Configuration Manager CCM, Remote Unauthorized Arbitrary Code Execution or Denial of Service DoS NOTICE: The information in...
CVE-2006-5782
radexecd.exe in HP OpenView Client Configuraton Manager CCM does not require authentication before executing commands in the installation directory, which allows remote attackers to cause a denial of service reboot by calling radbootw.exe or create arbitrary files by calling radcrecv...
CVE-2006-5782
CVE-2006-5782 affects HP OpenView Client Configuration Manager (CCM) 1.0. The vulnerability exists in the Radia Notify Daemon, radexecd.exe, which binds to TCP port 3465 and allows remote attackers to execute commands in the radexecd.exe install directory without authentication. Exploitation can ...
HP OpenView客户端配置管理器远程执行代码和拒绝服务漏洞
HP OpenView客户端配置管理器(CCM)是一套简单易用的软件和HP硬件管理解决方案。 HP OpenView CCM的Radia Notify守护程序radexecd.exe存在安全漏洞,远程攻击者可能利用此漏洞执行任意指令。 这个守护程序默认绑定在TCP 3465端口上,接收以下格式的数据: port\x00username\x00password\x00command...
CVE-2005-2984
Avocent CCM console server running firmware 2.1 CCM4850 allows remote authenticated attackers to bypass port restrictions by connecting to the server via SSH and using the connect command to access the serial port...
CVE-2005-2984
Avocent CCM console server running firmware 2.1 CCM4850 allows remote authenticated attackers to bypass port restrictions by connecting to the server via SSH and using the connect command to access the serial port...
CVE-2005-2984
CVE-2005-2984 affects Avocent CCM console server (firmware 2.1 CCM4850). The issue allows bypassing port restrictions by connecting to the server via SSH and using the connect command to access the serial port. CVSS 2.0 base score 4.6 (AV:L/AC:L/Au:N/C:P/I:P/A:P). Practical impact is partial conf...
Avocents CCM console server protection bypass
It's possible to bypass port access control...
Avocent CCM: Port Access Control Bypass Vulnerability
Hi, this is another bug I found during my research on console servers which is presumably fixed by now. So here you go: Summary: Port Access Control Bypass Vulnerability Details: Avocents CCM console server have a flaw which enables users to bypass access control by using ssh with standard passwo...
CVE-2005-2243
Cisco CallManager (CCM) memory leak: inetinfo.exe vulnerability affects CCM v3.2 and earlier, v3.3 before 3.3(5), v4.0 before 4.0(2a)SR2b, and v4.1 before 4.1(3)SR1, with MLA enabled. Remote attackers can cause memory exhaustion/DoS by triggering a large number of failing Admin Service Tool (AST)...
CVE-2005-2242
Cisco CallManager (CCM) versions affected: 3.2 and earlier; 3.3 before 3.3(5); 4.0 before 4.0(2a)SR2b; and 4.1 before 4.1(3)SR1. The issue allows remote attackers to cause a denial of service (memory consumption and restart) by sending crafted packets to CTI Manager (ctimgr.exe) or CallManager (c...
CVE-2004-1694
The CVE-2004-1694 entry concerns Symantec ON Command CCM 5.4.x and iCommand 3.0.x that ships with four default usernames and passwords, including one hardcoded credential. This design allows remote attackers to gain unauthorized access. Public references confirm the issue, but the provided docume...
CVE-2004-1163
CVE-2004-1163 affects Cisco CNS Network Registrar Central Configuration Management (CCM) server, versions 6.0 through 6.1.1.3. The issue allows a remote attacker to cause a denial-of-service by closing a connection after sending a specific sequence of packets, resulting in CPU consumption (availa...
Default username/password pairs in ON Command CCM 5.x database backend
Security advisory ================= Advisory name: Default username/password pairs in ON Command CCM 5.x database backend Release date: 2004-09-20 Application: ON Command CCM 5.x Platform: Linux, Solaris, Windows Severity: An intruder can gain access to all administrator passwords and other...
ON Command CCM default pasword
Few accounts with default passwords for Sybase database...