Lucene search
K

556 matches found

CVE
CVE
added 2008/09/11 2:0 p.m.37 views

CVE-2008-4040

CVE-2008-4040 affects Kyocera Command Center integrated in Kyocera FS-118MFP. The vulnerability is a directory traversal flaw that allows remote attackers to read arbitrary files by supplying a .. in the URI. The NVD entry lists a CVSSv2 base score of 7.8 (HIGH) with network access and low attack...

7.8CVSS6.7AI score0.0183EPSS
Exploits1References4Affected Software1
seebug.org
seebug.org
added 2006/12/24 12:0 a.m.59 views

CA eTrust Security Command Center and eTrust Audit 存在多个漏洞

CA eTrust Security Command Center eSCC和eTrust Audit是CA产品安全命令执行和审核程序。 CA eTrust Security Command Center eSCC和eTrust Audit存在多个安全问题,远程攻击者可以利用漏洞获得敏感信息,执行任意文件删除或者重播攻击。 第一个问题是允许攻击者发现在windows平台上的web服务器路径信息,此漏洞影响eTrust Security Command Center Server 1.0, r8, r8 SP1 CR1, 和r8 SP1 CR2版本。...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2006/09/23 12:0 a.m.34 views

RE: Computer Associates eTrust Security Command Center Multiple Vulnerabilities

aushack.com - Vulnerability Advisory ----------------------------------------------- Release Date: 22-Sep-2006 Software: Computer Associates - eTrust Security Command Center http://www3.ca.com/solutions/Product.aspx?ID=4351 "eTrust Security Command Center helps you discover and prioritize relevan...

0.1AI score
Exploits0
NVD
NVD
added 2006/09/22 10:7 p.m.21 views

CVE-2006-4899

The ePPIServlet script in Computer Associates CA eTrust Security Command Center 1.0 and r8 up to SP1 CR2, when running on Windows, allows remote attackers to obtain the web server path via a "'" single quote in the PIProfile function, which leaks the path in an error message...

5CVSS6.6AI score0.09883EPSS
Exploits1References11
NVD
NVD
added 2006/09/22 10:7 p.m.24 views

CVE-2006-4901

Computer Associates CA eTrust Security Command Center 1.0 and r8 up to SP1 CR2, and eTrust Audit 1.5 and r8, allows remote attackers to spoof alerts and conduct replay attacks by invoking eTSAPISend.exe with the desired arguments...

6.4CVSS6.8AI score0.1033EPSS
Exploits1References13
CVE
CVE
added 2006/09/22 10:0 p.m.41 views

CVE-2006-4900

CVE-2006-4900 affects Computer Associates eTrust Security Command Center (SCC) 1.0 and r8 up to SP1 CR2. The vulnerability is a directory traversal in the eSCCAdHocHtmlFile parameter to eSMPAuditServlet caused by improper handling in getadhochtml, allowing remote authenticated users to read and d...

5.5CVSS6.4AI score0.07863EPSS
Exploits1References11Affected Software1
CVE
CVE
added 2006/09/22 10:0 p.m.41 views

CVE-2006-4901

CVE-2006-4901 affects CA eTrust Security Command Center (SCC) 1.0 and r8 up to SP1 CR2 and eTrust Audit 1.5 and r8. The vulnerability allows remote attackers to spoof alerts and perform replay attacks by invoking eTSAPISend.exe with crafted arguments. Affected products include SCC 1.0, SCC r8, SC...

6.4CVSS6.8AI score0.1033EPSS
Exploits1References13Affected Software4
CVE
CVE
added 2006/09/22 10:0 p.m.39 views

CVE-2006-4899

CVE-2006-4899 affects CA eTrust Security Command Center (SCC) 1.0 and r8 up to SP1 CR2 on Windows. The ePPIServlet script’s PIProfile function leaks the web server path via a single quote in an error message, enabling remote attackers to discover the server path. This vulnerability’s impact is th...

5CVSS6.6AI score0.09883EPSS
Exploits1References11Affected Software1
Cvelist
Cvelist
added 2006/09/22 10:0 p.m.24 views

CVE-2006-4901

Computer Associates CA eTrust Security Command Center 1.0 and r8 up to SP1 CR2, and eTrust Audit 1.5 and r8, allows remote attackers to spoof alerts and conduct replay attacks by invoking eTSAPISend.exe with the desired arguments...

6.8AI score0.1033EPSS
Exploits1References13
Exploit DB
Exploit DB
added 2006/09/21 12:0 a.m.25 views

CA eSCC r8/1.0 / eTrust Audit r8/1.5 - Web Server Full Path Disclosure

source: https://www.securityfocus.com/bid/20139/info CA eTrust Security Command Center eSCC and eTrust Audit are prone to multiple vulnerabilities, including: - an information-disclosure issue - an arbitrary-file-deletion issue - a replay issue. These vulnerabilities occur because the software...

7AI score
Exploits0
exploitpack
exploitpack
added 2006/09/21 12:0 a.m.16 views

CA eSCC r81.0 eTrust Audit r81.5 - Arbitrary File Manipulation

CA eSCC r81.0 eTrust Audit r81.5 - Arbitrary File Manipulation source: https://www.securityfocus.com/bid/20139/info CA eTrust Security Command Center eSCC and eTrust Audit are prone to multiple vulnerabilities, including: - an information-disclosure issue - an arbitrary-file-deletion issue - a...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2006/09/21 12:0 a.m.29 views

CA eSCC r81.0 eTrust Audit r81.5 - Web Server Full Path Disclosure

CA eSCC r81.0 eTrust Audit r81.5 - Web Server Full Path Disclosure source: https://www.securityfocus.com/bid/20139/info CA eTrust Security Command Center eSCC and eTrust Audit are prone to multiple vulnerabilities, including: - an information-disclosure issue - an arbitrary-file-deletion issue - ...

0.3AI score
Exploits0
CVE
CVE
added 2005/09/16 4:0 a.m.38 views

CVE-2005-2944

The CVE-2005-2944 entry applies to GNOME Workstation Command Center (gwcc) 0.9.6 and earlier. The vulnerability arises in perform_file_save, where a symlink attack on the temporary file gwcc_out.txt enables local users to create and overwrite arbitrary files. The NVD entry lists a local attack ve...

4.6CVSS6.8AI score0.00328EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2003/12/15 5:0 a.m.11 views

CVE-2003-0974

Applied Watch Command Center allows remote attackers to conduct unauthorized activities without authentication, such as 1 add new users to a console, as demonstrated using appliedsnatch.c, or 2 add spurious IDS rules to sensors, as demonstrated using addrule.c...

7.5CVSS6.7AI score0.03286EPSS
Exploits1References5
CVE
CVE
added 2003/12/02 5:0 a.m.46 views

CVE-2003-0974

The CVE-2003-0974 entry involves Applied Watch Command Center. Affected: the Command Center application allowing remote, unauthenticated actions including adding new users to a console and injecting spurious IDS rules to sensors (via demonstrated payloads appliedsnatch.c and addrule.c). The root ...

7.5CVSS7.1AI score0.03286EPSS
Exploits1References5Affected Software1
Exploit DB
Exploit DB
added 2003/11/28 12:0 a.m.28 views

Applied Watch Command Center 1.0 - Authentication Bypass (2)

// source: https://www.securityfocus.com/bid/9124/info A vulnerability has been identified in the system that may allow an attacker to bypass authentication to add attacker supplied IDS alerts and new user accounts in the console. Successful exploitation of these issues may allow an attacker to...

7.4AI score
Exploits0
Rows per page
Query Builder