Lucene search
K

898 matches found

NVD
NVD
added 2006/12/18 2:28 a.m.19 views

CVE-2006-6614

The saveloglocal function in Fully Automatic Installation FAI 2.10.1, and possibly 3.1.2, when verbose mode is enabled, stores the root password hash in /var/log/fai/current/fai.log, whose file permissions allow it to be copied to other hosts when fai-savelog is called and allows attackers to...

1.9CVSS6.7AI score0.00397EPSS
Exploits1References5
CVE
CVE
added 2006/12/18 2:0 a.m.59 views

CVE-2006-6614

The CVE-2006-6614 issue affects Fully Automatic Installation (FAI) 2.10.1 (and possibly 3.1.2). When verbose mode is enabled, the save_log_local function writes the root password hash to /var/log/fai/current/fai.log, and the log file’s permissions permit copying to other hosts when fai-savelog is...

1.9CVSS6.8AI score0.00397EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2006/12/18 2:0 a.m.25 views

CVE-2006-6614

The saveloglocal function in Fully Automatic Installation FAI 2.10.1, and possibly 3.1.2, when verbose mode is enabled, stores the root password hash in /var/log/fai/current/fai.log, whose file permissions allow it to be copied to other hosts when fai-savelog is called and allows attackers to...

6.7AI score0.00397EPSS
Exploits1References5
seebug.org
seebug.org
added 2006/10/31 12:0 a.m.16 views

Sun iPlanet Messaging Server 5.2 HotFix 1.16 Root Password Disclosure

No description provided by source. Date: 14 Jun 2006 Vendor: Sun Microsystems, Inc. Name: iPlanet Messaging Server Version: 5.2 HotFix 1.16 built May 14 2003 Vuln: msg.conf symlink attack Severity: high Software description ---------------- The iPlanet Messaging Server is a software product that...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2006/10/24 12:0 a.m.22 views

Linux imapd Remote Overflow File Retrieve Exploit

No description provided by source. / This is the remote exploit of the hole in the imap daemon, for Linux. The instruction code is doing open, write, and close system calls, and it adds a line root::0:0.. at the beggining of /etc/passwd change to /etc/shadow if needed. The code needs to be self...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2006/07/25 12:0 a.m.42 views

Opsware NAS 6.0 reveals MySQL 'root' password

The Opsware Network Automation System NAS version 6.0 installation places an 'init' style startup script in /etc/init.d/mysqll and places the 'root' password that you choose for the MySQL MAX database during installation. The permissions on this small shell script are world readable, allowing any...

1.5AI score
Exploits0
NVD
NVD
added 2006/07/18 3:37 p.m.22 views

CVE-2006-3597

passwd before 1:4.0.13 on Ubuntu 6.06 LTS leaves the root password blank instead of locking it when the administrator selects the "Go Back" option after the final "Installation complete" message and uses the main menu, which causes the password to be zeroed out in the installer's memory...

7.2CVSS6.7AI score0.00536EPSS
Exploits1References3
Cvelist
Cvelist
added 2006/07/14 8:0 p.m.18 views

CVE-2006-3597

passwd before 1:4.0.13 on Ubuntu 6.06 LTS leaves the root password blank instead of locking it when the administrator selects the "Go Back" option after the final "Installation complete" message and uses the main menu, which causes the password to be zeroed out in the installer's memory...

6.6AI score0.00536EPSS
Exploits1References3
CVE
CVE
added 2006/07/14 8:0 p.m.56 views

CVE-2006-3597

CVE-2006-3597 is substantiated by Ubuntu USN-316-1: on Ubuntu 6.06 LTS, the installer for alternate/server CDs could leave the root password blank instead of locking it when the user selects Go Back after Installation complete and continues from the main menu. The root password was zeroed in the ...

7.2CVSS6.7AI score0.00536EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2006/07/14 8:0 p.m.24 views

CVE-2006-3597

passwd before 1:4.0.13 on Ubuntu 6.06 LTS leaves the root password blank instead of locking it when the administrator selects the "Go Back" option after the final "Installation complete" message and uses the main menu, which causes the password to be zeroed out in the installer's memory...

7.2CVSS1.8AI score0.00536EPSS
Exploits1
Ubuntu
Ubuntu
added 2006/07/13 12:56 a.m.30 views

USN-316-1: installer vulnerability

Iwan Pieterse discovered that, if you select "Go Back" at the final message displayed by the alternate or server CD installer "Installation complete" and then continue with the installation from the installer's main menu, the root password is left blank rather than locked. This was due to an erro...

5.4AI score
Exploits0References1
exploitpack
exploitpack
added 2006/06/18 12:0 a.m.16 views

Sun iPlanet Messaging Server 5.2 HotFix 1.16 - Root Password Disclosure

Sun iPlanet Messaging Server 5.2 HotFix 1.16 - Root Password Disclosure Date: 14 Jun 2006 Vendor: Sun Microsystems, Inc. Name: iPlanet Messaging Server Version: 5.2 HotFix 1.16 built May 14 2003 Vuln: msg.conf symlink attack Severity: high Software description ---------------- The iPlanet Messagi...

0.7AI score
Exploits0
0day.today
0day.today
added 2006/06/18 12:0 a.m.27 views

Sun iPlanet Messaging Server 5.2 HotFix 1.16 Root Password Disclosure

Exploit for multiple platform in category local exploits ===================================================================== Sun iPlanet Messaging Server 5.2 HotFix 1.16 Root Password Disclosure ===================================================================== Date: 14 Jun 2006 Vendor: Sun...

6.9AI score
Exploits0
Exploit DB
Exploit DB
added 2006/06/18 12:0 a.m.35 views

Sun iPlanet Messaging Server 5.2 HotFix 1.16 - Root Password Disclosure

Date: 14 Jun 2006 Vendor: Sun Microsystems, Inc. Name: iPlanet Messaging Server Version: 5.2 HotFix 1.16 built May 14 2003 Vuln: msg.conf symlink attack Severity: high Software description ---------------- The iPlanet Messaging Server is a software product that provides a centralized location for...

7.4AI score
Exploits0
NVD
NVD
added 2006/06/09 10:2 a.m.16 views

CVE-2006-2452

GNOME GDM 2.8, 2.12, 2.14, and 2.15, when the "face browser" feature is enabled, allows local users to access the "Configure Login Manager" functionality using their own password instead of the root password, which can be leveraged to gain additional privileges...

3.7CVSS6.5AI score0.0036EPSS
Exploits0References14
UbuntuCve
UbuntuCve
added 2006/06/09 10:2 a.m.19 views

CVE-2006-2452

GNOME GDM 2.8, 2.12, 2.14, and 2.15, when the "face browser" feature is enabled, allows local users to access the "Configure Login Manager" functionality using their own password instead of the root password, which can be leveraged to gain additional privileges...

3.7CVSS5.9AI score0.0036EPSS
Exploits0References2
Prion
Prion
added 2006/05/12 9:2 p.m.16 views

Default credentials

MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does not use the "New MySQL root password" that is provided, which causes the MySQL root password to be blank and allows local users to gain full privileges to that database...

7.2CVSS6.4AI score0.00399EPSS
Exploits0References8Affected Software1
OSV
OSV
added 2006/01/09 11:3 p.m.10 views

CVE-2006-0146

The server.php test script in ADOdb for PHP before 4.70, as used in multiple products including 1 Mantis, 2 PostNuke, 3 Moodle, 4 Cacti, 5 Xaraya, 6 PHPOpenChat, 7 MAXdev MD-Pro, and 8 MediaBeez, when the MySQL root password is empty, allows remote attackers to execute arbitrary SQL commands via...

8.1AI score
Exploits0References59
Cvelist
Cvelist
added 2005/06/28 4:0 a.m.28 views

CVE-2002-1809

The default configuration of the Windows binary release of MySQL 3.23.2 through 3.23.52 has a NULL root password, which could allow remote attackers to gain unauthorized root access to the MySQL database...

6.8AI score0.16118EPSS
Exploits1References3
Packet Storm
Packet Storm
added 2005/03/22 12:0 a.m.34 views

Exploit Labs Security Advisory 2005.2

------------------------------------------------------------ - EXPL-A-2005-002 exploitlabs.com Advisory 031 - ------------------------------------------------------------ - Samsung ADSL Modem - AFFECTED PRODUCTS ================= Samsung ADSL Modem Samgsung Eletronics http://www.samsung.com DETAI...

0.3AI score
Exploits0
Rows per page
Query Builder