Lucene search
K

571 matches found

Prion
Prion
added 2007/07/05 7:30 p.m.18 views

Authentication flaw

The web interface in Fujitsu-Siemens Computers PRIMERGY BX300 Switch Blade allows remote attackers to obtain sensitive information by canceling the authentication dialog when accessing a sub-page, which still displays the form field contents of the sub-page, as demonstrated using 1...

5CVSS6.9AI score0.01757EPSS
Exploits3References7
NVD
NVD
added 2007/07/05 7:30 p.m.23 views

CVE-2007-3011

The DBAsciiAccess CGI Script in the web interface in Fujitsu-Siemens Computers ServerView before 4.50.09 allows remote attackers to execute arbitrary commands via shell metacharacters in the Servername subparameter of the ParameterList parameter...

7.5CVSS7.5AI score0.04165EPSS
Exploits3References8
CVE
CVE
added 2007/07/05 7:0 p.m.51 views

CVE-2007-3011

Summary (concrete details): CVE-2007-3011 affects Fujitsu-Siemens ServerView prior to v4.50.09 where the DBAsciiAccess CGI script in the web interface processes the Servername subparameter of the ParameterList and fails to sanitize input, enabling remote command execution. An attacker can inject ...

7.5CVSS7.5AI score0.04165EPSS
Exploits3References8Affected Software1
Cvelist
Cvelist
added 2007/07/05 7:0 p.m.23 views

CVE-2007-3012

The web interface in Fujitsu-Siemens Computers PRIMERGY BX300 Switch Blade allows remote attackers to obtain sensitive information by canceling the authentication dialog when accessing a sub-page, which still displays the form field contents of the sub-page, as demonstrated using 1...

6.3AI score0.01757EPSS
Exploits3References7
Cvelist
Cvelist
added 2007/07/05 7:0 p.m.28 views

CVE-2007-3011

The DBAsciiAccess CGI Script in the web interface in Fujitsu-Siemens Computers ServerView before 4.50.09 allows remote attackers to execute arbitrary commands via shell metacharacters in the Servername subparameter of the ParameterList parameter...

7.5AI score0.04165EPSS
Exploits3References8
CVE
CVE
added 2007/07/05 7:0 p.m.42 views

CVE-2007-3012

The CVE-2007-3012 entry describes an information-disclosure vulnerability in the web interface of Fujitsu-Siemens PRIMERGY BX300 Switch Blade. When a remote attacker aborts the HTTP authentication dialog on certain sub-pages, the resulting page still reveals data from form fields, effectively byp...

5CVSS6.3AI score0.01757EPSS
Exploits3References7Affected Software1
seebug.org
seebug.org
added 2007/07/05 12:0 a.m.37 views

Fujitsu ServerView DBASCIIAccess脚本远程代码执行漏洞

BUGTRAQ ID: 24762 CVECAN ID: CVE-2007-3011 ServerView是用于进行自动分析和版本维护的资产管理工具。 ServerView的Web接口处理用户数据时存在输入验证漏洞,远程攻击者可能利用此漏洞在服务器上以Web进程的权限执行任意命令。 DBAsciiAccess CGI脚本提供了ping功能,该脚本Parameterlist参数的Servername子参数给出了所要ping的IP地址,但没有对这个IP地址执行任何检查。如果在IP后添加了拖尾分号,攻击者就可以注入任意shell命令并以Web服务器进程的权限执行。 Fujitsu...

7.5CVSS6.4AI score0.04165EPSS
Exploits3
seebug.org
seebug.org
added 2007/07/05 12:0 a.m.24 views

Fujitsu PRIMERGY BX300刀片服务器信息泄露漏洞

BUGTRAQ ID: 24761 CVECAN ID: CVE-2007-3012 PRIMERGY BX300是非常适用于运算密集应用程序的刀片服务器。 PRIMERGY BX300的Web界面在处理访问认证时存在漏洞,远程攻击者可能利用此漏洞获取服务器相关的敏感信息。 PRIMERGY BX300的Web接口是可以通过HTTP访问的,在访问时默认会要求HTTP...

5CVSS6.4AI score0.01757EPSS
Exploits3
securityvulns
securityvulns
added 2007/07/04 12:0 a.m.67 views

[Full-disclosure] Fujitsu-Siemens ServerView Remote Command Execution

Advisory: Fujitsu-Siemens ServerView Remote Command Execution RedTeam Pentesting discovered a remote command execution in the Fujitsu- Siemens ServerView during a penetration test. The DBAsciiAccess CGI script is vulnerable to a remote command execution because of a parameter which is not properl...

7.5CVSS7.1AI score0.04165EPSS
Exploits3
securityvulns
securityvulns
added 2007/07/04 12:0 a.m.20 views

Fujitsu-Siemens PRIMERGY BX300 switch authentication bypass

It's possible to access some Web interface pages without authentication by their URL...

3.3AI score
Exploits0References1
securityvulns
securityvulns
added 2007/07/04 12:0 a.m.27 views

Fujitsu-Siemens ServerView code execution

Shell characters filtering problem in Web interface "ping" CGI script...

7.5CVSS4AI score0.04165EPSS
Exploits3References1Affected Software1
securityvulns
securityvulns
added 2007/07/04 12:0 a.m.110 views

[Full-disclosure] Fujitsu-Siemens PRIMERGY BX300 Switch Blade Information Disclosure

Advisory: Fujitsu-Siemens PRIMERGY BX300 Switch Blade Information Disclosure RedTeam Pentesting discovered an information disclosure in the Fujitsu- Siemens BX300 Switch Blade during a penetration test. By accessing URLs of the web interface directly and aborting the authentication dialog, one is...

5CVSS6.3AI score0.01757EPSS
Exploits3
exploitpack
exploitpack
added 2007/07/03 12:0 a.m.13 views

Fujitsu ServerView 4.50.8 - DBASCIIAccess Remote Command Execution

Fujitsu ServerView 4.50.8 - DBASCIIAccess Remote Command Execution source: https://www.securityfocus.com/bid/24762/info Fujitsu ServerView is prone to a remote command-execution vulnerability because it fails to adequately sanitize user-supplied data. Attackers can exploit this issue to execute...

1.1AI score
Exploits0
Exploit DB
Exploit DB
added 2007/07/03 12:0 a.m.25 views

Fujitsu ServerView 4.50.8 - DBASCIIAccess Remote Command Execution

source: https://www.securityfocus.com/bid/24762/info Fujitsu ServerView is prone to a remote command-execution vulnerability because it fails to adequately sanitize user-supplied data. Attackers can exploit this issue to execute arbitrary commands with the privileges of the affected application...

7.4AI score
Exploits0
Gentoo Linux
Gentoo Linux
added 2007/06/26 12:0 a.m.35 views

emul-linux-x86-java: Multiple vulnerabilities

Background emul-linux-x86-java is the 32 bit version of the Sun's J2SE Development Kit. Description Chris Evans of the Google Security Team has discovered an integer overflow in the ICC parser, and another vulnerability in the BMP parser. An unspecified vulnerability involving an "incorrect use o...

10CVSS7.3AI score0.18185EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2007/04/18 3:19 a.m.21 views

CVE-2007-1869

lighttpd 1.4.12 and 1.4.13 allows remote attackers to cause a denial of service cpu and resource consumption by disconnecting while lighttpd is parsing CRLF sequences, which triggers an infinite loop and file descriptor consumption...

5CVSS7.1AI score0.03377EPSS
Exploits0References1
seebug.org
seebug.org
added 2007/03/21 12:0 a.m.112 views

Interstage Application Server未明跨站脚本漏洞

Interstage Application Server是一款企业级电子商务解决方案。 Interstage Application Server不正确过滤用户提交的输入,远程攻击者可以利用漏洞进行跨站脚本攻击,获得敏感信息。 目前没有详细漏洞细节提供。 Fujitsu INTERSTAGE Studio Standard-J Edition 8.0.1 Fujitsu INTERSTAGE Studio Enterprise Edition 8.0.1 Fujitsu INTERSTAGE Job Workload Server 8.1 Fujitsu INTERSTAGE...

7.1AI score
Exploits0
Prion
Prion
added 2007/03/19 10:19 p.m.23 views

Information disclosure

Fujitsu FENCE-Pro before V5L01, and Systemwalker Desktop Encryption V12.0L10, V12.0L10A, V12.0L10B, V12.0L20 and V13.0.0 allows local users to obtain sensitive information by extracting the decoding password from certain "self-decoding" file types...

2.1CVSS6.5AI score0.00239EPSS
Exploits0References8Affected Software2
NVD
NVD
added 2007/03/19 10:19 p.m.19 views

CVE-2007-1504

Cross-site scripting XSS vulnerability in the Servlet Service in Fujitsu Interstage Application Server IJServer 8.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, possibly involving web.xml and HTTP 404 and 500 status codes...

4.3CVSS5.8AI score0.01551EPSS
Exploits0References8
NVD
NVD
added 2007/03/19 10:19 p.m.25 views

CVE-2007-1505

Fujitsu FENCE-Pro before V5L01, and Systemwalker Desktop Encryption V12.0L10, V12.0L10A, V12.0L10B, V12.0L20 and V13.0.0 allows local users to obtain sensitive information by extracting the decoding password from certain "self-decoding" file types...

2.1CVSS6AI score0.00239EPSS
Exploits0References8
Rows per page
Query Builder