164 matches found
Imail Cookie Vulnerability (unhashed)
Neither Regular or secure mode of Imail properly give out a hash on cookies leaving the cookies straight readable to any onlookers. No exploit is needed POC: "IMailUserId 1006332dgd2@Someserver" -------------------------- "IMailpassword 1234" Straight From Cookie ^^ edited to protect user Shoutz ...
CVE-2002-1413
RCONAG6 for Novell Netware SP2, while running RconJ in secure mode, allows remote attackers to bypass authentication using the RconJ "Secure IP" SSL option during a connection...
CVE-2002-1413
RCONAG6 for Novell Netware SP2, while running RconJ in secure mode, allows remote attackers to bypass authentication using the RconJ "Secure IP" SSL option during a connection...
LPRng/rhs-printfilters - remote execution of commands
posted to vendor security ppl, no reply, no patch, so posting here. --begin forwarded message-- RedHat 7.0 possibly others If the lpd is listening on 0.0.0.0 and no access controls are in place, it is possible to execute commands as the lp user, assuming tetex-dvips is installed. From man dvips...