CVE-2008-4905

Typo 5.1.3 and earlier uses a hard-coded salt for calculating password hashes, which makes it easier for attackers to guess passwords via a brute force attack...

Hardcoded credentials

Typo 5.1.3 and earlier uses a hard-coded salt for calculating password hashes, which makes it easier for attackers to guess passwords via a brute force attack...

CVE-2008-4905

Typo 5.1.3 and earlier uses a hard-coded salt for calculating password hashes, which makes it easier for attackers to guess passwords via a brute force attack...

PT-2008-6083 · Typo · Typo

Name of the Vulnerable Software and Affected Versions: Typo versions 5.1.3 and earlier Description: The issue allows attackers to more easily guess passwords via a brute force attack because it uses a hard-coded salt for calculating password hashes. Recommendations: For Typo versions 5.1.3 and...

CVE-2008-4905

CVE-2008-4905 affects Typo (versions 5.1.3 and earlier) and is caused by a hard-coded salt used to hash passwords. This weakens brute-force resistance, making password guessing easier for attackers. Connected sources (NVD, UBUNTU, CVE listings) confirm the condition, but none provide a concrete f...

Maran PHP Shop - admin.php Insecure Cookie Handling

Maran PHP Shop - admin.php Insecure Cookie Handling Maran PHP Shop admin.php Insecure Cookie Handling Vulnerability url: http://www.maran.pamil-visions.com/maranshop.php Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was writte...

CVE-2008-2369

manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key, which allows remote attackers to connect to the server and obtain sensitive information about user accounts and entitlements...

Satellite: information disclosure via manzier.pxt RPC script

manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key, which allows remote attackers to connect to the server and obtain sensitive information about user accounts and entitlements...

Cisco IOS Connectback shellcode v1.0

Exploit for hardware platform in category shellcode ==================================== Cisco IOS Connectback shellcode v1.0 ==================================== ---------------------------------------------------------------------------------------- Cisco IOS Connectback shellcode v1.0 c 2007 I...

Cisco IOS 12.3(18) FTP Server Remote Exploit (attached to gdb)

No description provided by source. / Cisco IOS FTP server remote exploit by Andy Davis 2008 Cisco Advisory ID: cisco-sa-20070509-iosftp - May 2007 Specific hard-coded addresses for IOS 12.318 on a 2621XM router Removes the requirement to authenticate and escalates to level 15 To protect the...

Cisco IOS 12.3(18) (FTP Server) - Remote (Attached to GDB)

Cisco IOS 12.318 FTP Server - Remote Attached to GDB / Cisco IOS FTP server remote exploit by Andy Davis 2008 Cisco Advisory ID: cisco-sa-20070509-iosftp - May 2007 Specific hard-coded addresses for IOS 12.318 on a 2621XM router Removes the requirement to authenticate and escalates to level 15 To...

Cisco IOS 12.3(18) FTP Server Remote Exploit (attached to gdb)

Exploit for hardware platform in category remote exploits ============================================================== Cisco IOS 12.318 FTP Server Remote Exploit attached to gdb ============================================================== / Cisco IOS FTP server remote exploit by Andy Davis 20...

Cisco IOS 12.3(18) (FTP Server) - Remote (Attached to GDB)

/ Cisco IOS FTP server remote exploit by Andy Davis 2008 Cisco Advisory ID: cisco-sa-20070509-iosftp - May 2007 Specific hard-coded addresses for IOS 12.318 on a 2621XM router Removes the requirement to authenticate and escalates to level 15 To protect the innocent a critical step has been omitte...

CVE-2008-0961

EMV DiskXtender 6.20.060 has a hard-coded login and password, which allows remote attackers to bypass authentication via the RPC interface...

PT-2008-2569 · Emv · Emc Diskxtender

Name of the Vulnerable Software and Affected Versions: EMV DiskXtender version 6.20.060 Description: The issue allows remote attackers to bypass authentication due to a hard-coded login and password. This can be exploited via the RPC interface. Recommendations: For version 6.20.060, consider...

CVE-2008-1160

ZyXEL ZyWALL 1050 has a hard-coded password for the Quagga and Zebra processes that is not changed when it is set by a user, which allows remote attackers to gain privileges...

CVE-2008-1160

ZyXEL ZyWALL 1050 is affected by CVE-2008-1160 due to a hard-coded default password for the Quagga/Zebra routing daemons. The vulnerability allows remote attackers to gain privileges by authenticating with the default credentials (password: zebra) on Quagga/RIP ports 2601 and 2602 and Quagga/OSPF...

PT-2008-1001 · Zyxel +1 · Zywall Usg 300 +3

Name of the Vulnerable Software and Affected Versions: ZyXEL ZyWALL 1050 affected versions not specified ZyXEL ZyWALL USG 300 affected versions not specified Description: The issue is related to a hard-coded password for the Quagga and Zebra processes in the ZyXEL ZyWALL firewall/router operating...

CVE-2008-1079

The outboxWriteUnsent function in FTPThread.class in SendFile.jar for Beehive Software SendFile.NET uses hard-coded credentials for an FTP server, which allows remote attackers to gain privileges...

CVE-2008-1079

CVE-2008-1079 affects Beehive Software SendFile.NET. The outboxWriteUnsent function in FTPThread.class within SendFile.jar uses hard-coded credentials for an FTP server, allowing remote attackers to gain privileges. The provided documents do not specify a patch or workaround; exploitation details...