Lucene search
K

284 matches found

Prion
Prion
added 2010/11/15 11:0 p.m.16 views

Stack overflow

Stack-based buffer overflow in the password-validation functionality in Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via unspecified vectors...

7.5CVSS8.6AI score0.09125EPSS
Exploits3References3Affected Software2
Cvelist
Cvelist
added 2010/11/15 10:0 p.m.42 views

CVE-2010-1840

Stack-based buffer overflow in the password-validation functionality in Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via unspecified vectors...

9.6AI score0.09125EPSS
Exploits3References3
Atlassian
Atlassian
added 2010/10/05 12:52 a.m.24 views

Confluence features that require password confirmation (websudo, captcha) do not work with custom authentication

When user is required to confirm the password, Confluence always checks the entered password against the internally stored user/password. If an instance is configured to use custom authentication which is different from atlassian-user, the password validation will fail. h3. Resolution This is fix...

0.7AI score
Exploits0Affected Software1
CISA
CISA
added 2010/09/21 12:0 a.m.13 views

Apple Releases Security Update 2010-006

Apple has released security update 2010-006 for Mac OS X and Mac OS X Server to address a vulnerability in the AFP package. This vulnerability may allow an attacker to bypass password validation and obtain sensitive information. The article indicates that this vulnerability does not affect system...

6.6AI score
Exploits0References1
securityvulns
securityvulns
added 2010/09/17 12:0 a.m.66 views

Nokia E72 smartphone protection bypass

Keyboard is not locked during password validation...

3AI score
Exploits0References1
securityvulns
securityvulns
added 2010/04/05 12:0 a.m.34 views

Apache CouchDB timing attack

Password validation algorythm allows to guess matching part...

4.3CVSS3.5AI score0.05351EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2010/01/07 7:30 p.m.14 views

Design/Logic Flaw

Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically proximate attackers to access the cleartext drive contents via a modified program...

4.6CVSS7AI score0.00394EPSS
Exploits0References6
Prion
Prion
added 2010/01/07 7:30 p.m.12 views

Design/Logic Flaw

Kingston DataTraveler BlackBox DTBB, DataTraveler Secure Privacy Edition DTSP, and DataTraveler Elite Privacy Edition DTEP USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically proximate attackers to access the...

2.1CVSS7AI score0.00483EPSS
Exploits1References11
Prion
Prion
added 2010/01/07 7:30 p.m.9 views

Design/Logic Flaw

SanDisk Cruzer Enterprise USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically proximate attackers to access the cleartext drive contents via a modified program...

4.6CVSS7AI score0.00372EPSS
Exploits0References11
NVD
NVD
added 2010/01/07 7:30 p.m.15 views

CVE-2010-0221

Kingston DataTraveler BlackBox DTBB, DataTraveler Secure Privacy Edition DTSP, and DataTraveler Elite Privacy Edition DTEP USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically proximate attackers to access the...

2.1CVSS6.5AI score0.00483EPSS
Exploits1References11
CVE
CVE
added 2010/01/07 7:0 p.m.40 views

CVE-2010-0224

The CVE-2010-0224 entry concerns SanDisk Cruzer Enterprise USB flash drives. Affected component: the authentication/password validation conducted by a program running on the host computer instead of the drive’s hardware. Root cause: password verification occurs outside the device hardware, enabli...

4.6CVSS6.7AI score0.00372EPSS
Exploits0References11Affected Software1
Cvelist
Cvelist
added 2010/01/07 7:0 p.m.18 views

CVE-2010-0227

Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically proximate attackers to access the cleartext drive contents via a modified program...

6.5AI score0.00394EPSS
Exploits0References6
Cvelist
Cvelist
added 2010/01/07 7:0 p.m.24 views

CVE-2010-0221

Kingston DataTraveler BlackBox DTBB, DataTraveler Secure Privacy Edition DTSP, and DataTraveler Elite Privacy Edition DTEP USB flash drives validate passwords with a program running on the host computer rather than the device hardware, which allows physically proximate attackers to access the...

6.5AI score0.00483EPSS
Exploits1References11
Exploit DB
Exploit DB
added 2009/05/26 12:0 a.m.38 views

ZeeCareers 2.0 - 'addAdminmembercode.php' Arbitrary Add Admin

ZeeCareers v2.0 addadminmembercode.php Add Admin function validateform ifform.name.value == "" || !isNaNform.username.value alert"Please enter your name correctly."; form.username.focus; return false; ifform.name.value == "" || !isNaNform.fname.value alert"Please enter your name correctly.";...

7AI score
Exploits0
securityvulns
securityvulns
added 2007/01/24 12:0 a.m.32 views

Multiple IP Phones unauthorized access

After administrative login it's possible to access administration interface from any IP without password validation...

9CVSS3.7AI score0.04349EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2005/02/21 5:0 a.m.15 views

CVE-2005-0494

The RgSecurity form in the HTTP server for the Thomson TCW690 cable modem running firmware 2.1 and software ST42.03.0a does not properly validate the password before performing changes, which allows remote attackers on the LAN to gain access via a direct POST request...

7.2AI score0.02583EPSS
Exploits0References3
securityvulns
securityvulns
added 2005/02/20 12:0 a.m.22 views

Thomson TCW690 POST Password Validation Vulnerability

I found a vulnerability in this cablemodem which a malicious user inside LAN can get the control of the cablemodem easily. This cablemodem model is given by the spanish ISP "AUNA". Details ======= Product: Thomson TCW690 cablemodem Affected Version: ST42.03.0a not tested in minor versions Immune...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2005/02/19 12:0 a.m.25 views

Thomson TCW690 - POST Password Validation

Thomson TCW690 - POST Password Validation / Thomson TCW690 POST Password Validation exploit Tested with hardware version 2.1 and software version ST42.03.0a Bug found by: MurDoK Date: 02.19.2005 sh-3.00$ gcc mdktcw690.c -o tcw690 sh-3.00$ ./tcw690 192.168.0.1 123 Thomson TCW690 POST Password...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2005/02/19 12:0 a.m.51 views

Thomson TCW690 - POST Password Validation

/ Thomson TCW690 POST Password Validation exploit Tested with hardware version 2.1 and software version ST42.03.0a Bug found by: MurDoK Date: 02.19.2005 sh-3.00$ gcc mdktcw690.c -o tcw690 sh-3.00$ ./tcw690 192.168.0.1 123 Thomson TCW690 POST Password Validation Change password exploit coded by...

7.4AI score
Exploits0
0day.today
0day.today
added 2005/02/19 12:0 a.m.19 views

Thomson TCW690 POST Password Validation Exploit

Exploit for hardware platform in category remote exploits =============================================== Thomson TCW690 POST Password Validation Exploit =============================================== / Thomson TCW690 POST Password Validation exploit Tested with hardware version 2.1 and software...

7.1AI score
Exploits0
Rows per page
Query Builder