198 matches found
Cisco Security Advisory: Cisco Network Access Control Guest Server System Software Authentication Bypass Vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Cisco Security Advisory: Cisco Network Access Control Guest Server System Software Authentication Bypass Vulnerability Advisory ID: cisco-sa-20110330-nac Revison 1.0 For Public Release 2011 March 30 1600 UTC GMT...
Cisco Network Access Control Guest Server System Software Authentication Bypass
Unauthenticated access to protected network is possible...
Camtron CMNC-200 IP Camera ActiveX Buffer Overflow Vulnerability
Exploit for hardware platform in category dos / poc ================================================================ Camtron CMNC-200 IP Camera ActiveX Buffer Overflow Vulnerability ================================================================ The CMNC-200 IP Camera ActiveX control identified ...
Camtron CMNC-200 IP Camera - ActiveX Buffer Overflow
Camtron CMNC-200 IP Camera - ActiveX Buffer Overflow Finding 1: Buffer Overflow in ActiveX Control CVE: CVE-2010-4230 The CMNC-200 IP Camera ActiveX control identified by CLSID DD01C8CA-5DA0-4B01-9603-B7194E561D32 is vulnerable to a stack overflow on the first argument of the connect method. The...
Camtron CMNC-200 IP Camera - Authentication Bypass
Camtron CMNC-200 IP Camera - Authentication Bypass Finding 3: Web Based Administration Interface Bypass CVE: CVE-2010-4232 The CMNC-200 IP Camera has an administrative web interface that does not handle authentication properly. Using a properly formatted request, an attacker can bypass the...
Camtron CMNC-200 IP Camera - ActiveX Buffer Overflow
Finding 1: Buffer Overflow in ActiveX Control CVE: CVE-2010-4230 The CMNC-200 IP Camera ActiveX control identified by CLSID DD01C8CA-5DA0-4B01-9603-B7194E561D32 is vulnerable to a stack overflow on the first argument of the connect method. The vulnerability can be used to set the EIP register,...
CA eTrust Intrusion Detection Encryption Key Handling Denial of Service (CVE-2007-1005)
CA eTrust Intrusion Detection product offers network access control and monitoring. It monitors and filters the network traffic, detects and blocks viruses or other intrusions. Moreover, it provides centralized monitoring of local and remote stations. There exists a memory corruption vulnerabilit...
Forrester: The Good And Bad of Security Technologies
From SC Magazine Angela Moscaritolo Businesses are using a variety of technologies to help reduce the impact of threats, prevent breaches and meet compliance — but some of these products are more beneficial than others, according to a new Forrester report released Wednesday that examines the stat...
Microsoft Windows Print Spooler 'EnumeratePrintShares()' Remote Stack Buffer Overflow Vulnerability
Description Microsoft Windows is prone to a remote stack-based buffer-overflow vulnerability that affects the Windows Print Spooler. Exploiting this vulnerability allows attackers to execute arbitrary code with system-level privileges. Failed exploit attempts will likely cause denial-of-service...
[Full-disclosure] CORE-2008-0125: CitectSCADA ODBC service vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Core Security Technologies - CoreLabs Advisory http://www.coresecurity.com/corelabs/ CitectSCADA ODBC service vulnerability Advisory Information Title: CitectSCADA ODBC service vulnerability Advisory ID: CORE-2008-0125 Advisory URL:...
HP System Management Homepage cross-site scripting vulnerability
Overview The HP System Management Homepage contains a cross-site scripting vulnerability. Description The HP System Management Homepage SMH server is a web-based interface that can manage HP servers running the Microsoft Windows or Linux operating systems.The SMH contains an unspecified cross-sit...
McAfee HTTP Server vulnerable to buffer overflow
Overview A stack-based buffer overflow exists in the McAfee HTTP server that may allow a remote, unauthenticated attacker to execute arbitrary code. Description The McAfee HTTP server NAISERV.exe is used in McAfee products, such as McAfee ePolicy Orchestrator and Protection Pilot. The McAfee HTTP...
Microsoft Exchange Outlook Web Access HTTP Response Splitting Vulnerability
Description Microsoft Exchange Outlook Web Access OWA is prone to HTTP response splitting attacks. This issue could permit hostile script to be injected into client sessions, which could gain access to properties of the OWA server and Web pages hosted on the site. It is noted that the attacker mu...
Microsoft MDAC Function Broadcast Response Buffer Overrun Vulnerability
Description Microsoft has released an advisory reporting a buffer overrun vulnerability in an MDAC function. This issue is exposed when an application makes a broadcast request to query for SQL Servers on the network and malformed data is returned in the broadcast response. Successful exploitatio...
Pam_SMB Remote Buffer Overflow Vulnerability
Description pamsmb has been reported prone to a buffer overflow vulnerability. It has been reported that systems using pamsmb to authenticate to a remotely accessible service may be vulnerable to a condition that could allow a remote attacker to supply and execute arbitrary code in the context of...
IBM AIX sendmail configured as open mail relay by default
Overview Sendmail shipped with IBM AIX is configured by default as an open mail relay. Unauthenticated, remote users can route mail through such a system. Description Sendmail is a widely used mail transfer agent MTA that is included with IBM AIX. According to IBM:The default configuration files...
PMachine Lib.Inc.PHP Remote Include Command Execution Vulnerability
Description It has been reported that PMachine does not properly handle include files under some circumstances. Because of this, an attacker may be able to remotely execute commands. Technologies Affected PMachine PMachine 2.2.1 Recommendations Block external access at the network boundary, unles...
Working Resources BadBlue 1.7.x/2.x - Unauthorized Proxy Relay
source: https://www.securityfocus.com/bid/11030/info BadBlue is prone to a vulnerability that may let the application be abused as a proxy. This vulnerability presents itself due to the 'Pass Thru' function allowing the server to be used as a proxy. This could be exploited by malicious parties to...