36 matches found
CVE-2018-7791
A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product all references, all versions prior to firmware V1.6.2.0. The vulnerability allows unauthorized users to overwrite the original password with their password. If an attacker exploits this...
CVE-2018-7791
A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product all references, all versions prior to firmware V1.6.2.0. The vulnerability allows unauthorized users to overwrite the original password with their password. If an attacker exploits this...
CVE-2018-7791
A Permissions, Privileges, and Access Control vulnerability exists in Schneider Electric's Modicon M221 product all references, all versions prior to firmware V1.6.2.0. The vulnerability allows unauthorized users to overwrite the original password with their password. If an attacker exploits this...
Schneider Electric Modicon M221 Privilege Permission and Access Control Vulnerability
The Modicon M221 is a logic controller from Schneider Electric. A privilege-granting and access-control vulnerability exists in the Schneider Electric Modicon M221 with firmware versions lower than 1.6.2.0, which can be exploited by an unauthorized user to overwrite the original password, allowin...
PT-2018-1524
Name of the Vulnerable Software and Affected Versions Modicon M221 versions prior to V1.6.2.0 Description A Permissions, Privileges, and Access Control issue exists, allowing unauthorized users to overwrite the original password with their own. This could enable an attacker to upload the original...
Herospeed - TelnetSwitch Remote Stack Overflow / Overwrite Password / Enable TelnetD Exploit
Exploit for hardware platform in category remote exploits !/usr/bin/env python2.7 Herospeed TelnetSwitch daemon running on TCP/787, for allowing enable of the telnetd. Where one small stack overflow allows us to overwrite the dynamicly generated password and enable telnetd. Verified 1 Fullhan IPC...
Herospeed - TelnetSwitch Remote Stack Overflow Overwrite Password Enable TelnetD
Herospeed - TelnetSwitch Remote Stack Overflow Overwrite Password Enable TelnetD !/usr/bin/env python2.7 Herospeed TelnetSwitch daemon running on TCP/787, for allowing enable of the telnetd. Where one small stack overflow allows us to overwrite the dynamicly generated password and enable telnetd...
Herospeed - 'TelnetSwitch' Remote Stack Overflow / Overwrite Password / Enable TelnetD
!/usr/bin/env python2.7 Herospeed TelnetSwitch daemon running on TCP/787, for allowing enable of the telnetd. Where one small stack overflow allows us to overwrite the dynamicly generated password and enable telnetd. Verified 1 Fullhan IPC FH8830F22W7.1.42.1 2 Fullhan FH8830AR0330FISHEYEW7.1.37.5...
Ignition 1.3 - Remote Code Execution Exploit
No description provided by source. ?php / Ignition 1.3 Remote Code Execution Exploit by cOndemned download: http://launchpad.net/ignition/trunk/1.3/+download/ignition-1.3.tar.gz source of i-options.php 1. ?php 2. sessionstart; 3. if $POST'submit' 4. if $FH = @fopen'data/settings.php', 'w' 5...
FreeBSD Ports: samba
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Boa 0.93.15 - Administrator Password Overwrite Authentication Bypass
source: https://www.securityfocus.com/bid/25676/info Boa is prone to an authentication-bypass vulnerability because the application fails to ensure that passwords are not overwritten by specially crafted HTTP Requests. An attacker can exploit this issue to gain unauthorized access to the affected...
CVE-2006-3833
index.php in EJ3 TOPo 2.2.178 allows remote attackers to overwrite existing entries and establish new passwords for the overwritten entries via a URL with a modified entry ID...
CVE-2004-0082
The mksmbpasswd shell script mksmbpasswd.sh in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite the user password with an uninitialized buffer, which could enable the account with a more easily guessable password...
CVE-2004-0082
The mksmbpasswd shell script mksmbpasswd.sh in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite the user password with an uninitialized buffer, which could enable the account with a more easily guessable password...
CVE-2004-0082
The mksmbpasswd shell script mksmbpasswd.sh in Samba 3.0.0 and 3.0.1, when creating an account but marking it as disabled, may overwrite the user password with an uninitialized buffer, which could enable the account with a more easily guessable password...
Low: Red Hat Security Advisory: samba security update
Updated Samba packages that fix a security vulnerability are now available. Samba provides file and printer sharing services to SMB/CIFS clients. The Samba team discovered an issue that affects version 3.0.0 and 3.0.1 of Samba. If an account for a user is created, but marked as disabled using the...