3995 matches found
CVE-2001-0724
Internet Explorer 5.5 allows remote attackers to bypass security restrictions via malformed URLs that contain dotless IP addresses, which causes Internet Explorer to process the page in the Intranet Zone, which may have fewer security restrictions, aka the "Zone Spoofing Vulnerability variant" of...
SimpleChat
Product : SimpleChat! Version : 1.3 WebSite : http://hot-things.net Problem : Private info viewing Description: ------------ In a directory /data/ the file containing the information on users of a chat lays taking place in a chat at present, to which any interested person can receive access. The...
CVE-2002-1431
CVE-2002-1431 affects Belkin F5D5230-4 4-Port Cable/DSL Gateway Router (firmware 1.20.000). The vulnerability arises when forwarding a request from an internal host to an internal web server: the router modifies the source IP to its external interface, enabling a remote attacker to hide which int...
Sambar Server 5.x - Open Proxy Authentication Bypass
Sambar Server 5.x - Open Proxy Authentication Bypass source: https://www.securityfocus.com/bid/10256/info Sambar improperly validates the IP address of an originating connection and can be used to gain access the administration interface without authorization. Once the remote attacker has gained...
Sambar Server 5.x - Open Proxy / Authentication Bypass
source: https://www.securityfocus.com/bid/10256/info Sambar improperly validates the IP address of an originating connection and can be used to gain access the administration interface without authorization. Once the remote attacker has gained access to the administrative interface, further attac...
CSO Lanifex Outreach Project Tool 0.946b - Request Origin Spoofing
CSO Lanifex Outreach Project Tool 0.946b - Request Origin Spoofing source: https://www.securityfocus.com/bid/6630/info It has been reported that OPT accepts the values supplied supplied by users in HTTP headers as the originating IP address of a request. It is possible for a remote host to supply...
CSO Lanifex Outreach Project Tool 0.946b - Request Origin Spoofing
source: https://www.securityfocus.com/bid/6630/info It has been reported that OPT accepts the values supplied supplied by users in HTTP headers as the originating IP address of a request. It is possible for a remote host to supply a fake IP address in one of these environment variables that would...
CVE-2002-2280
syslogd on OpenBSD 2.9 through 3.2 does not change the source IP address of syslog packets when the machine's IP addressed is changed without rebooting, e.g. via ifconfig, which can cause incorrect information to be sent to the syslog server...
CVE-2002-1943
SafeTP 1.46, when network address translation NAT is being used, leaks the internal IP address of the FTP server in a response to a passive mode PASV file transfer request...
CVE-2002-1877
NETGEAR FM114P allows remote attackers to bypass access restrictions for web sites via a URL that uses the IP address instead of the hostname...
CVE-2002-2184
Digi-Net Technologies DigiChat 3.5 allows chat users to obtain the IP addresses of other chat users via a "Showip" parameter in the chat applet...
CVE-2002-2397
Sygate personal firewall 5.0 could allow remote attackers to bypass firewall filters via spoofed 1 source IP address of 127.0.0.1 or 2 network address of 127.0.0.0...
CVE-2002-2181
SonicWall Content Filtering allows local users to access prohibited web sites via requests to the web site's IP address instead of the domain name...
CVE-2002-2053
The design of the Hot Standby Routing Protocol HSRP, as implemented on Cisco IOS 12.1, when using IRPAS, allows remote attackers to cause a denial of service CPU consumption via a router with the same IP address as the interface on which HSRP is running, which causes a loop...
CVE-2002-1839
Trend Micro InterScan VirusWall for Windows NT 3.52 does not record the sender's IP address in the headers for a mail message when it is passed from VirusWall to the MTA, which allows remote attackers to hide the origin of the message...
CVE-2002-1962
Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to bypass URL access restrictions via a URL with an IP address instead of a hostname...
CVE-2002-2423
Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remote attackers to prevent the IP address from being logged via a long IDENT response...
SonicWALL Content Filtering IP addresses can bypass URL filtering
SonicWall Content Filtering allows local users to access prohibited web sites via requests to the web site's IP address instead of the domain name. CVE: CVE-2002-2181 Last updated: Sept. 5, 2008, 8:32 p.m...
Predictable TCP Initial Sequence Numbers
Title: NetScreen Security Alert 51897 Date: 25 November 2002 Description: Predictable TCP Initial Sequence Numbers Impact: Circumvention of Defined Security Policies Affected Products: All firewall/VPN appliances and systems Affected Software Releases: ScreenOS 1.7, 2.6, 2.8, 3.0, 3.1, 4.0 Summar...
Motorola Cable Modem DOS
I've found it trivial to crash the Motorola Surfboard 4200 Cable modem, as installed default by AT&T Broadband Internet. The modem acts as a bridge, but also has an internal RFC1918 IP address 192.168.100.1. Simply nmap'ing the cable user's IP address, ie: nmap -sS -p 1-1024 12.x.x.x will cause i...