Barracuda Spam Firewall <= 3.3.03.053 Remote Code Execution (extra)

No description provided by source. Title: Barracuda Arbitrary File Disclosure + Command Execution Severity: High Sensitive Information Disclosure Date: 01 August 2006 Version Affected: Barracuda Spam Firewall version 3.3.01.001 to 3.3.03.053 Discovered by: Greg Sinclair Credits: Matthew Hall...

Cisco Access Point Web Browser Interface contains a vulnerability

Overview A vulnerability in the HTTP management interface for some configurations of Cisco wireless access points could allow a remote attacker to take complete control over the affected device. Description Cisco wireless access points allow administrators to create more than one set of...

FreeBSD : awstats -- arbitrary code execution vulnerability (e86fbb5f-0d04-11da-bc08-0001020eed82)

An iDEFENSE Security Advisory reports : Remote exploitation of an input validation vulnerability in AWStats allows remote attackers to execute arbitrary commands. The problem specifically exists because of insufficient input filtering before passing user-supplied data to an eval function. As part...

Authentication flaw

Cisco PIX/ASA 7.1.x before 7.12 and 7.0.x before 7.05, PIX 6.3.x before 6.3.5112, and FWSM 2.3.x before 2.34 and 3.x before 3.17, when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which...

CVE-2006-0515

Cisco PIX/ASA 7.1.x before 7.12 and 7.0.x before 7.05, PIX 6.3.x before 6.3.5112, and FWSM 2.3.x before 2.34 and 3.x before 3.17, when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which...

CVE-2006-0515

Cisco PIX/ASA 7.1.x before 7.12 and 7.0.x before 7.05, PIX 6.3.x before 6.3.5112, and FWSM 2.3.x before 2.34 and 3.x before 3.17, when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which...

Ubuntu 4.10 / 5.04 : squid vulnerability (USN-122-1)

Michael Bhola discovered that errors in the httpaccess configuration, in particular missing or invalid ACLs, did not cause a fatal error. This could lead to wider access permissions than intended by the administrator. Note that Tenable Network Security has extracted the preceding description bloc...

DSA-721-1 squid - design flaw

Bulletin has no description...

Phenoelit Advisory 0815 ++ /+ HP ProCurve

Phenoelit Advisory wir-haben-auch-mal-was-gefunden 0815 +-+- Authors FX [email protected] kim0 [email protected] Zet [email protected] Phenoelit Group http://www.phenoelit.de Advisory http://www.phenoelit.de/stuff/HPProCurve.txt Affected Products Hewlett Packard HP ProCurve Switch Tested on HP J4121A...

Oracle 9iAS Java Process Manager /oprocmgr-status Anonymous Process Manipulation

The remote host is an Oracle 9iAS server. By default, accessing the location /oprocmgr-status via HTTP lets an attacker obtain the list of processes running on the remote host, and even to to start or stop them. %NASLMINLEVEL 70300 This script was written by Matt Moore Script audit and...

CVE-1999-1264

The CVE-1999-1264 entry describes a vulnerability in WebRamp M3 routers where remote access (telnet/HTTP) is not disabled as configured, allowing access to the device despite explicit disablement. The NVD entry lists a CVSS 2.0 base score of 7.5 (HIGH) with network impact across confidentiality, ...

CVE-1999-1264

WebRamp M3 router does not disable remote telnet or HTTP access to itself, even when access has been explicitly disabled...

CVE-1999-1264

WebRamp M3 router does not disable remote telnet or HTTP access to itself, even when access has been explicitly disabled...