1073 matches found
Clickjacking attacks may be carried out against internal opera: URLs – Opera Security Advisories
Clickjacking attacks may be carried out against internal opera: URLs – Opera Security Advisories OPCOM Team | January 25, 2011 Severity High Description Internal opera: URLs which may be used to modify the Opera configuration have some intentional restrictions that are designed to mitigate possib...
Getting Started
To get started with these configuration changes, open Firefox and select Tools, then Options...
CVE-2009-4821
The D-Link DIR-615 with firmware 3.10NA does not require administrative authentication for apply.cgi, which allows remote attackers to 1 change the admin password via the adminpassword parameter, 2 disable the security requirement for the Wi-Fi network via unspecified vectors, or 3 modify DNS...
McAfee LinuxShield remote/local Code Execution Vulnerability
Exploit for unknown platform in category remote exploits ============================================================ McAfee LinuxShield remote/local Code Execution Vulnerability ============================================================ Title: McAfee LinuxShield remote/local code execution...
A link to Re-Indexing is visible to users even if they are not sys admin
I saw this on EACJ where I am not a sys admin quote XXXX made configuration changes in section 'Custom Fields' at 01/Feb/10 1:16 PM. It is recommended that you perform a re-index. For more information, please click the Help icon. To perform the re-index now, please go to the 'Indexing' section...
A link to Re-Indexing is visible to users even if they are not sys admin
I saw this on EACJ where I am not a sys admin quote XXXX made configuration changes in section 'Custom Fields' at 01/Feb/10 1:16 PM. It is recommended that you perform a re-index. For more information, please click the Help icon. To perform the re-index now, please go to the 'Indexing' section...
A link to Re-Indexing is visible to users even if they are not sys admin
I saw this on EACJ where I am not a sys admin quote XXXX made configuration changes in section 'Custom Fields' at 01/Feb/10 1:16 PM. It is recommended that you perform a re-index. For more information, please click the Help icon. To perform the re-index now, please go to the 'Indexing' section...
HP Laserjet multiple models web management CSRF vulnerability & insecure default configuration
Louhi Networks Oy -= Security Advisory =- Advisory: HP LaserJet multiple models web management CSRF vulnerability & insecure default configuration Release Date: 2009-03-17 Last Modified: 2009-03-17 Authors: Henri Lindberg, CISA henri d0t lindberg at louhi d0t fi Application: HP Embedded Web Serve...
CVE-2009-0616
Cisco Application Networking Manager ANM before 2.0 uses default usernames and passwords, which makes it easier for remote attackers to access the application, or cause a denial of service via configuration changes, related to "default user credentials during installation."...
Default credentials
Cisco Application Networking Manager ANM before 2.0 uses default usernames and passwords, which makes it easier for remote attackers to access the application, or cause a denial of service via configuration changes, related to "default user credentials during installation."...
CVE-2009-0620
Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A21.1 uses default 1 usernames and 2 passwords for a the administrator and b web management, which makes it easier for remote attackers to perform configuration changes or obtain operating-system access...
CVE-2009-0620
Cisco ACE vulnerabilities (CVE-2009-0620, and related CVEs in the same advisory) affect the Cisco ACE Application Control Engine Module for Catalyst 6500/7600 and the Cisco ACE 4710 Appliance. The core issue is default credentials: default administrator and web-management accounts are used, enabl...
CVE-2009-0616
Cisco Application Networking Manager ANM before 2.0 uses default usernames and passwords, which makes it easier for remote attackers to access the application, or cause a denial of service via configuration changes, related to "default user credentials during installation."...
Will the real [Breach X] please stand up?
Do you remember that classic game show “To Tell the Truth?” It was great and trying to figure out who was the “real” person was always a challenge. Unfortunately Visa and MasterCard are making all of us play the same game of late. There have been recent rumors running rampant alliteration anyone?...
I-O DATA DEVICE HDL-F series cross-site request forgery vulnerability
Overview The HDL-F series products from I-O DATA DEVICE, INC. are LAN connectable hard disk drives. The web interface for administration in the products contains a cross-site request forgery vulnerability. The HDL-F series products provided by I-O DATA DEVICE, INC. are LAN connectable hard disk...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in 1 System Consultants La!Cooda WIZ 1.4.0 and earlier and 2 SpaceTag LacoodaST 2.1.3 and earlier allow remote attackers to hijack the authentication of arbitrary users for requests that a change passwords or b change configurations...
Moderate: Red Hat Security Advisory: condor security and bug fix update
Updated condor packages that fix a security issue and several bugs are now available for Red Hat Enterprise MRG. This update has been rated as having moderate security impact by the Red Hat Security Response Team. Condor is a specialized workload management system for compute-intensive jobs. It...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in Blackboard Academic Suite 8.0.260.7 allow remote attackers to hijack the authentication of student users for requests that change configuration and enrollments via unspecified input to 1 updatemodule.jsp, 2 enrollcourse.pl, and 3...
Linksys WRT54G (firmware 1.00.9) Security Bypass Vulnerabilities (2)
Exploit for hardware platform in category remote exploits ==================================================================== Linksys WRT54G firmware 1.00.9 Security Bypass Vulnerabilities 2 ==================================================================== | l/ l j| \ / \ | \l j| \ | T l j| \...
CVE-2008-2824
Unspecified vulnerability in the Extensible Interface Platform in Web Services in Xerox WorkCentre 7655, 7665, and 7675 allows remote attackers to make configuration changes via unknown vectors...