3178 matches found
EMC Retrospect弱哈希算法口令泄露漏洞
BUGTRAQ ID: 30319,30308 EMC Retrospect是Windows平台下的备份和恢复软件。 Retrospect备份客户端在网络中以明文传输口令哈希。如果远程攻击者向客户端发送了恶意报文的话,客户端的响应信息中就会包含有明文口令,导致损失保密性;此外Retrospect备份服务器的认证模块使用了弱口令哈希算法,攻击者可以较容易的暴力猜测。 EMC Retrospect for Windows 7.5.508 EMC --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...
Important: Red Hat Security Advisory: lspp-eal4-config-ibm and capp-lspp-eal4-config-hp security update
Updated lspp-eal4-config-ibm and capp-lspp-eal4-config-hp packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The lspp-eal4-config-ibm and capp-lspp-eal4-config-h...
linksys-bypass.txt
regurgitated by: meathive url: kinqpinz.info ; Tue, 05 Feb 2008 07:51:41 -0700 CVE-2008-1247 WRT54G firmware version: v1.00.9 Default LAN IP: 192.168.1.1 Default auth: user:blank - pass:admin Authorization: Basic OmFkbWlu php print base64decode"OmFkbWlu"; :admin https://kinqpinz.info/lib/wrt54g/...
Linksys WRT54G (firmware 1.00.9) Security Bypass Vulnerabilities
Exploit for hardware platform in category remote exploits ================================================================ Linksys WRT54G firmware 1.00.9 Security Bypass Vulnerabilities ================================================================ regurgitated by: meathive url: kinqpinz.info ;...
Linksys WRT54G Firmware 1.00.9 - Security Bypass (1)
regurgitated by: meathive url: kinqpinz.info ; Tue, 05 Feb 2008 07:51:41 -0700 CVE-2008-1247 WRT54G firmware version: v1.00.9 Default LAN IP: 192.168.1.1 Default auth: user:blank - pass:admin Authorization: Basic OmFkbWlu php print base64decode"OmFkbWlu"; :admin https://kinqpinz.info/lib/wrt54g/...
CVE-2007-6708
Multiple cross-site request forgery CSRF vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administrators via an arbitrary valid request to an administrative URI, as demonstrated by 1 a Restore Facto...
CVE-2007-6708
Multiple cross-site request forgery CSRF vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administrators via an arbitrary valid request to an administrative URI, as demonstrated by 1 a Restore Facto...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administrators via an arbitrary valid request to an administrative URI, as demonstrated by 1 a Restore Facto...
CVE-2007-6708
Multiple cross-site request forgery CSRF vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administrators via an arbitrary valid request to an administrative URI, as demonstrated by 1 a Restore Facto...
MailMachine Pro 2.2.4 Remote SQL Injection Vulnerability
No description provided by source. --------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | / \ \ | \ \ | | | \ | |/ \ | | // | || | ||| /| / /\ | |||| /| / / &nb...
BT Home Hub 6.2.2.6 - Login procedure Authentication Bypass
BT Home Hub 6.2.2.6 - Login procedure Authentication Bypass source: https://www.securityfocus.com/bid/26333/info BT Home Hub is prone to an authentication-bypass vulnerability. An attacker could exploit this issue to gain unauthorized access to the affected device. BT Home Hub firmware 6.2.2.6 is...
BT Home Hub 6.2.2.6 - Login procedure Authentication Bypass
source: https://www.securityfocus.com/bid/26333/info BT Home Hub is prone to an authentication-bypass vulnerability. An attacker could exploit this issue to gain unauthorized access to the affected device. BT Home Hub firmware 6.2.2.6 is vulnerable; other versions may also be affected. This explo...
CVE-2002-2324
The "System Restore" directory and subdirectories, and possibly other subdirectories in the "System Volume Information" directory on Windows XP Professional, have insecure access control list ACL permissions, which allows local users to access restricted files and modify registry settings...
CVE-2003-1361
The CVE-2003-1361 entry concerns VERITAS Bare Metal Restore (BMR) within Tivoli Storage Manager (TSM) versions 3.1.0 through 3.2.1. It states that a vulnerability could allow remote attackers to gain root privileges on the BMR Main Server. The documents do not provide further technical details on...
CVE-2003-1361
Unknown vulnerability in VERITAS Bare Metal Restore BMR of Tivoli Storage Manager TSM 3.1.0 through 3.2.1 allows remote attackers to gain root privileges on the BMR Main Server...
CVE-2007-5453
Multiple eval injection vulnerabilities in Php-Stats 0.1.9.2 allow remote authenticated administrators to execute arbitrary code by writing PHP sequences to the php-stats-options record in the options table, which is used in an eval function call by 1 admin.php, 2 click.php, 3 download.php, and...
Sql injection
Multiple eval injection vulnerabilities in Php-Stats 0.1.9.2 allow remote authenticated administrators to execute arbitrary code by writing PHP sequences to the php-stats-options record in the options table, which is used in an eval function call by 1 admin.php, 2 click.php, 3 download.php, and...
CVE-2007-5006
CA ARCserve Backup for Laptops and Desktops (L&D) versions r11.0–r11.5 are affected by CVE-2007-5006, an authentication-bypass flaw in the LGServer/rxRPC interface over TCP/1900. The vulnerability arises from command handlers that do not verify peer authentication, enabling remote attackers to ad...
NetVault Process Manager Service Detection
The remote service is an instance of NetVault Process Manager, part of Dell NetVault, a cross-platform backup and restore application. Dell NetVault was formerly known as BakBone NetVault Backup. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid25800;...
Vista inherits the recovery center system vulnerability to bypass all security protective measures-vulnerability warning-the black bar safety net
Everyone knows a very distant Windows design vulnerability: the System Restore Control Center. Through this platform, you can get administrator access, any view hard disk for any file. The most critical is that it actually does not require you to provide any username or password can be used. To u...