269 matches found
Apple Mac OS X may allow network accounts to bypass service access controls
Overview Apple Mac OS X may allow network accounts to bypass service access controls. This vulnerability may allow remote users with a valid network account to bypass LoginWindow service access controls. Description Remote access to a system can be restricted by service access controls via...
CVE-2005-3169
Microsoft Windows 2000 before Update Rollup 1 for SP4, when the "audit directory service access" policy is enabled, does not record a 565 event message for File Delete Child operations on an Active Directory object in the security event log, which could allow attackers to conduct unauthorized...
ST FTP Service Arbitrary File/Directory Access
The remote FTP server is vulnerable to a flaw that allows users to access files that are outside the FTP server root. An attacker may break out of his FTP jail by issuing the command : CWD C: TRUSTED...
rsync Service Detection
The remote rsync server can be accessed remotely. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid11389; scriptversion "$Revision: 1.24 $"; scriptcvsdate"$Date: 2017/06/12 21:52:41 $"; scriptnameenglish:"rsync Service Detection"; scriptsummaryenglish:"Shows the remote...
Cisco 12000 Series Routers Multiple Vulnerabilities (DoS, ACL Bypass)
string "The remote host appears to be a Cisco 12000 Series router. According\n", "to its version number, it has multiple vulnerabilities involving\n", "bypassing access control lists ACLs. A remote attacker could use\n", "these flaws to cause a denial of service, or bypass firewall rules." C...
Standard HTML form implementation allows access to IMAP, SMTP, NNTP, POP3, and other services via crafted HTML page
Overview An intruder can send certain kinds of data to services that he is not ordinarily able to reach. By crafting the data such that it is redirected through any program the victim uses to render the malicious HTML, the intruder is able send that data to any services that the victim can send...
CVE-2001-1428
The 1 FTP and 2 Telnet services in Beck GmbH IPC@Chip are shipped with a default password, which allows remote attackers to gain unauthorized access...
statd bounce vulnerability
Overview statd allows access to RPC services it shouldn't. Description Background rpc.statd and rpc.lockd are designed to work in conjunction with each other to manage NFS lock information in the event of a crash of an NFS client or server. The rpc service rpc.statd is a program designed to...
Pocsag POC32 Remote Service Default Password (password)
It is possible to log into the remote pocsag service and view the streams of decoded pager messages using the password 'password'. An attacker may use this problem to gain some knowledge about the computer user and then trick him by social engineering. C Tenable Network Security, Inc...