276 matches found
NetServe buffer overflow
Directory traversal, configuration access...
Easy File Sharing Web Server multiple bugs
DoS, unauthorized logs and config access...
geeeekShop 1.4 - Information Disclosure
source: https://www.securityfocus.com/bid/8380/info geeeekShop is prone to multiple information disclosure vulnerabilities. Passing invalid data as URI parameters to geeeekShop scripts, will cause an error message to be displayed, which contains installation path information. Additionally it has...
CORE-2003-0403: Axis Network Camera HTTP Authentication Bypass
Core Security Technologies Advisory http://www.coresecurity.com Axis Network Camera HTTP Authentication Bypass Date Published: 2003-05-27 Last Update: 2003-05-23 Advisory ID: CORE-2003-0403 Bugtraq ID: 7652 CVE Name: CAN-2003-0240 Title: Axis Network Camera HTTP Authentication Bypass Class: Acces...
core.axis.txt
Core Security Technologies Advisory http://www.coresecurity.com Axis Network Camera HTTP Authentication Bypass Date Published: 2003-05-27 Last Update: 2003-05-23 Advisory ID: CORE-2003-0403 Bugtraq ID: 7652 CVE Name: CAN-2003-0240 Title: Axis Network Camera HTTP Authentication Bypass Class: Acces...
Axis Network Camera HTTP Authentication Bypass
Advisory ID Internal CORE-2003-0403 Core Security Technologies Advisory http://www.coresecurity.com Date Published: 2003-05-27 Last Update: 2003-05-23 Advisory ID: CORE-2003-0403 Bugtraq ID: 7652 CVE Name: CAN-2003-0240 Title: Axis Network Camera HTTP Authentication Bypass Class: Access Validatio...
Edikon Release 0.6 of PHPShop
Product : Edikon Release 0.6 of PHPShop Version : 0.6.1 WebSite : http://www.phpshop.org Problem : Viewing dbase information Description: ------------ eng In phpShop we can get access to a database of the server as the file of a configuration is accessible to each user. As we can find out a full...
[SECURITY] [DSA 265-1] New bonsai packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 265-1 [email protected] http://www.debian.org/security/ Martin Schulze March 21st, 2003 http://www.debian.org/security/faq -...
[SECURITY] [DSA 265-1] New bonsai packages fix several vulnerabilities
-------------------------------------------------------------------------- Debian Security Advisory DSA 265-1 [email protected] http://www.debian.org/security/ Martin Schulze March 21st, 2003 http://www.debian.org/security/faq -...
DSA-265 bonsai - several vulnerabilities
Bulletin has no description...
Blahz-DNS does not properly authenticate users before granting access to various configuration pages
Overview Blahz-DNS does not properly authenticate users. Description Blahz-DNS does not properly authenticate users. As a result, an attacker can gain access to various configuration pages. For more detailed information, please see the ppp-design advisory. --- Impact An attacker can gain access t...
CVE-2002-0066
Funk Software Proxy Host 3.x before 3.09A creates a Named Pipe that does not require authentication and is installed with insecure access control, which allows local and possibly remote users to use the Proxy Host's configuration utilities and gain privileges...
Cisco ATA-186 admin password can be trivially circumvented
The Cisco ATA-186 Analog Telephone adapter interfaces "legacy" analog telephones to VoIP networks. The adapter can be configured via a web interface, that typically requires a password to access. Unfortunately, this password protection can be trivially circumvented. On two ATA-186s that we tested...
CVE-1999-1420
NBase switches NH2012, NH2012R, NH2015, and NH2048 have a back door password that cannot be disabled, which allows remote attackers to modify the switch's configuration...
Apache mod_info /server-info Information Disclosure
A remote unauthenticated attacker can obtain an overview of the remote Apache web server's configuration by requesting the URL '/server-info'. This overview includes information such as installed modules, their configuration, and assorted run-time settings. C Tenable Network Security, Inc...
ezmlm-cgi
Package : ezmlm-0.53 and below ezmlm-cgi Announced: 2000-12-05 Ezmlm is an easy to use mailing list manager for qmail. It ships with a cgi application to allow for list archiving and reviewal over the web. Documentation states that the cgi should be installed suid root, but in real world...