CVE-2009-0644

CVE-2009-0644 concerns the HTTP interface of the Swann DVR4-SecuraNet platform, where a default administrative username/password exists. The available documents indicate this flaw can allow remote attackers to obtain privileged access. The entries do not specify affected versions, exploit details...

Gentoo Security Advisory GLSA 200404-16 (monit)

The remote host is missing updates announced in advisory GLSA 200404-16. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

Asterisk multiple security vulnerabilities

Multiple format string vulnerabilities, buffer overflow on RTP handling, HTTP interface sessions spoofing, unauthorized SIP calls...

CVE-2007-4159

CVE-2007-4159 affects TIBCO Rendezvous RV 7.5.2 where index.html in the HTTP administration interface can disclose sensitive information (e.g., user names and IP addresses) via a direct request. The connected documents confirm the component and impact but do not provide exploitation details beyon...

eFileCabinet Authentication Bypass

Title ----- eFileCabinet Authentication Bypass Severity -------- Medium Date Discovered --------------- 12/20/2006 Vendor Notified --------------- 3/26/2007 Discovered By ------------- Digital Defense, Inc. Vulnerability Research Team - sxkeebler Vulnerability Description ------------------------...

tk53-advisory-1.txt

======================================================================== TK53 Advisory 1 01/07/2007 - CenterICQ remote DoS buffer overflow in Livejournal handling ======================================================================== Authors: Lolek of TK53 , Roflek of TK53 Affected program:...

CVE-2006-5196

The HTTP interface in the Motorola SURFboard SB4200 Cable Modem allows remote attackers to cause a denial of service device crash via a request with MfcISAPICommand set to SecretProc and a long string in the Secret parameter...

CVE-2006-5196

The HTTP interface in the Motorola SURFboard SB4200 Cable Modem allows remote attackers to cause a denial of service device crash via a request with MfcISAPICommand set to SecretProc and a long string in the Secret parameter...

CVE-2006-3289

Cross-site scripting XSS vulnerability in the login page of the HTTP interface for the Cisco Wireless Control System WCS for Linux and Windows before 3.251 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving a "malicious URL"...

Novell eDirectory 8.8 NDS Server Buffer Overflow Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Novell eDirectory. Exploitation does not require authentication. The specific flaw exists within the iMonitor NDS Server, which by default exposes an HTTP interface on TCP port 8028 and an HTTPS...

[SA20452] TIBCO Rendezvous HTTP Administrative Interface Buffer Overflow

---------------------------------------------------------------------- Want to join the Secunia Security Team? Secunia offers a position as a security specialist, where your daily work involves reverse engineering of software and exploit code, auditing of source code, and analysis of vulnerabilit...

Buffer overflow

Buffer overflow in TIBCO Rendezvous before 7.5.1, TIBCO Runtime Agent TRA before 5.4, and Hawk before 4.6.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the HTTP administrative interface...

CVE-2006-2830

Buffer overflow in TIBCO Rendezvous before 7.5.1, TIBCO Runtime Agent TRA before 5.4, and Hawk before 4.6.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the HTTP administrative interface...

CVE-2006-2830

Buffer overflow in TIBCO Rendezvous before 7.5.1, TIBCO Runtime Agent TRA before 5.4, and Hawk before 4.6.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via the HTTP administrative interface...

CVE-2006-2166

Unspecified vulnerability in the HTTP management interface in Cisco Unity Express CUE 2.22 and earlier, when running on any CUE Advanced Integration Module AIM or Network Module NM, allows remote authenticated attackers to reset the password for any user with an expired password...

CVE-2000-1239

The HTTP interface of Tivoli Lightweight Client Framework LCF in IBM Tivoli Management Framework 3.7.1 sets httpdisable to zero at install time, which allows remote authenticated users to bypass file permissions on Tivoli Endpoint Configuration data files via an unspecified manipulation of log...

GLSA-200404-16 : Multiple new security vulnerabilities in monit

The remote host is affected by the vulnerability described in GLSA-200404-16 Multiple new security vulnerabilities in monit Monit has several vulnerabilities in its HTTP interface : a buffer overflow vulnerability in the authentication handling code and a off-by-one error in the POST method...

Multiple new security vulnerabilities in monit

Background Monit is a system administration utility that allows management and monitoring of processes, files, directories and devices on a Unix system. Description Monit has several vulnerabilities in its HTTP interface : a buffer overflow vulnerability in the authentication handling code and a...

Moni HTTP interface multiple bugs

Buffer overflow, DoS...

[Full-Disclosure] Monit 4.1 HTTP interface multiple security vulnerabilities

S-Quadra Advisory 2003-11-24 Topic: Monit 4.1 HTTP interface Multiple Security Vulnerabilities Severity: High Vendor URL: http://www.tildeslash.com/monit/ Advisory URL: http://www.s-quadra.com/advisories/Adv-20031124.txt Release date: 22 Nov 2003 1. DESCRIPTION Monit...