Lucene search
K

3178 matches found

seebug.org
seebug.org
added 2008/07/23 12:0 a.m.18 views

EMC Retrospect弱哈希算法口令泄露漏洞

BUGTRAQ ID: 30319,30308 EMC Retrospect是Windows平台下的备份和恢复软件。 Retrospect备份客户端在网络中以明文传输口令哈希。如果远程攻击者向客户端发送了恶意报文的话,客户端的响应信息中就会包含有明文口令,导致损失保密性;此外Retrospect备份服务器的认证模块使用了弱口令哈希算法,攻击者可以较容易的暴力猜测。 EMC Retrospect for Windows 7.5.508 EMC --- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

6.9AI score
Exploits0
RedHat Linux
RedHat Linux
added 2008/04/01 2:24 p.m.8 views

Important: Red Hat Security Advisory: lspp-eal4-config-ibm and capp-lspp-eal4-config-hp security update

Updated lspp-eal4-config-ibm and capp-lspp-eal4-config-hp packages that fix a security issue are now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The lspp-eal4-config-ibm and capp-lspp-eal4-config-h...

6.9CVSS5.6AI score0.00361EPSS
Exploits0References2
Packet Storm
Packet Storm
added 2008/03/26 12:0 a.m.87 views

linksys-bypass.txt

regurgitated by: meathive url: kinqpinz.info ; Tue, 05 Feb 2008 07:51:41 -0700 CVE-2008-1247 WRT54G firmware version: v1.00.9 Default LAN IP: 192.168.1.1 Default auth: user:blank - pass:admin Authorization: Basic OmFkbWlu php print base64decode"OmFkbWlu"; :admin https://kinqpinz.info/lib/wrt54g/...

10CVSS6.5AI score0.05164EPSS
Exploits10
0day.today
0day.today
added 2008/03/26 12:0 a.m.104 views

Linksys WRT54G (firmware 1.00.9) Security Bypass Vulnerabilities

Exploit for hardware platform in category remote exploits ================================================================ Linksys WRT54G firmware 1.00.9 Security Bypass Vulnerabilities ================================================================ regurgitated by: meathive url: kinqpinz.info ;...

7.1AI score0.05164EPSS
Exploits10
Exploit DB
Exploit DB
added 2008/03/26 12:0 a.m.81 views

Linksys WRT54G Firmware 1.00.9 - Security Bypass (1)

regurgitated by: meathive url: kinqpinz.info ; Tue, 05 Feb 2008 07:51:41 -0700 CVE-2008-1247 WRT54G firmware version: v1.00.9 Default LAN IP: 192.168.1.1 Default auth: user:blank - pass:admin Authorization: Basic OmFkbWlu php print base64decode"OmFkbWlu"; :admin https://kinqpinz.info/lib/wrt54g/...

10CVSS6.5AI score0.05164EPSS
Exploits10
NVD
NVD
added 2008/03/13 6:44 p.m.17 views

CVE-2007-6708

Multiple cross-site request forgery CSRF vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administrators via an arbitrary valid request to an administrative URI, as demonstrated by 1 a Restore Facto...

4.3CVSS7.3AI score0.00638EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2008/03/13 6:44 p.m.4 views

CVE-2007-6708

Multiple cross-site request forgery CSRF vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administrators via an arbitrary valid request to an administrative URI, as demonstrated by 1 a Restore Facto...

4.3CVSS5.6AI score0.00638EPSS
Exploits1References9
Prion
Prion
added 2008/03/13 6:44 p.m.16 views

Cross site request forgery (csrf)

Multiple cross-site request forgery CSRF vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administrators via an arbitrary valid request to an administrative URI, as demonstrated by 1 a Restore Facto...

4.3CVSS7.8AI score0.00638EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2008/03/13 6:0 p.m.25 views

CVE-2007-6708

Multiple cross-site request forgery CSRF vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administrators via an arbitrary valid request to an administrative URI, as demonstrated by 1 a Restore Facto...

7.3AI score0.00638EPSS
Exploits1References6
seebug.org
seebug.org
added 2007/12/26 12:0 a.m.22 views

MailMachine Pro 2.2.4 Remote SQL Injection Vulnerability

No description provided by source. --------------------------------------------------------------- / | |\ \ / | / |/ | | |/ \ | | / \ \ | \ \ | | | \ | |/ \ | | // | || | ||| /| / /\ | |||| /| / / &nb...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2007/11/05 12:0 a.m.21 views

BT Home Hub 6.2.2.6 - Login procedure Authentication Bypass

BT Home Hub 6.2.2.6 - Login procedure Authentication Bypass source: https://www.securityfocus.com/bid/26333/info BT Home Hub is prone to an authentication-bypass vulnerability. An attacker could exploit this issue to gain unauthorized access to the affected device. BT Home Hub firmware 6.2.2.6 is...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2007/11/05 12:0 a.m.46 views

BT Home Hub 6.2.2.6 - Login procedure Authentication Bypass

source: https://www.securityfocus.com/bid/26333/info BT Home Hub is prone to an authentication-bypass vulnerability. An attacker could exploit this issue to gain unauthorized access to the affected device. BT Home Hub firmware 6.2.2.6 is vulnerable; other versions may also be affected. This explo...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2007/10/26 7:0 p.m.22 views

CVE-2002-2324

The "System Restore" directory and subdirectories, and possibly other subdirectories in the "System Volume Information" directory on Windows XP Professional, have insecure access control list ACL permissions, which allows local users to access restricted files and modify registry settings...

6.4AI score0.01772EPSS
Exploits1References3
CVE
CVE
added 2007/10/17 1:0 a.m.39 views

CVE-2003-1361

The CVE-2003-1361 entry concerns VERITAS Bare Metal Restore (BMR) within Tivoli Storage Manager (TSM) versions 3.1.0 through 3.2.1. It states that a vulnerability could allow remote attackers to gain root privileges on the BMR Main Server. The documents do not provide further technical details on...

10CVSS7.3AI score0.02237EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2007/10/17 1:0 a.m.25 views

CVE-2003-1361

Unknown vulnerability in VERITAS Bare Metal Restore BMR of Tivoli Storage Manager TSM 3.1.0 through 3.2.1 allows remote attackers to gain root privileges on the BMR Main Server...

6.9AI score0.02237EPSS
Exploits0References5
NVD
NVD
added 2007/10/14 6:17 p.m.23 views

CVE-2007-5453

Multiple eval injection vulnerabilities in Php-Stats 0.1.9.2 allow remote authenticated administrators to execute arbitrary code by writing PHP sequences to the php-stats-options record in the options table, which is used in an eval function call by 1 admin.php, 2 click.php, 3 download.php, and...

8.5CVSS7.8AI score0.0391EPSS
Exploits0References3
Prion
Prion
added 2007/10/14 6:17 p.m.15 views

Sql injection

Multiple eval injection vulnerabilities in Php-Stats 0.1.9.2 allow remote authenticated administrators to execute arbitrary code by writing PHP sequences to the php-stats-options record in the options table, which is used in an eval function call by 1 admin.php, 2 click.php, 3 download.php, and...

8.5CVSS8.3AI score0.0391EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2007/10/01 8:0 p.m.59 views

CVE-2007-5006

CA ARCserve Backup for Laptops and Desktops (L&D) versions r11.0–r11.5 are affected by CVE-2007-5006, an authentication-bypass flaw in the LGServer/rxRPC interface over TCP/1900. The vulnerability arises from command handlers that do not verify peer authentication, enabling remote attackers to ad...

10CVSS6.6AI score0.21175EPSS
Exploits2References8Affected Software3
Tenable Nessus
Tenable Nessus
added 2007/07/28 12:0 a.m.92 views

NetVault Process Manager Service Detection

The remote service is an instance of NetVault Process Manager, part of Dell NetVault, a cross-platform backup and restore application. Dell NetVault was formerly known as BakBone NetVault Backup. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid25800;...

5.5AI score
Exploits0References2
myhack58
myhack58
added 2007/06/27 12:0 a.m.26 views

Vista inherits the recovery center system vulnerability to bypass all security protective measures-vulnerability warning-the black bar safety net

Everyone knows a very distant Windows design vulnerability: the System Restore Control Center. Through this platform, you can get administrator access, any view hard disk for any file. The most critical is that it actually does not require you to provide any username or password can be used. To u...

1AI score
Exploits0
Rows per page
Query Builder