400 matches found
CVE-2017-5671
Honeywell Intermec PM23, PM42, PM43, PC23, PC43, PD43, and PC42 industrial printers before 10.11.013310 and 10.12.x before 10.12.013309 have /usr/bin/lua installed setuid to the itadmin account, which allows local users to conduct a BusyBox jailbreak attack and obtain root privileges by overwriti...
CVE-2017-5671
CVE-2017-5671 affects Honeywell Intermec PM23/PM42/PM43/PC23/PC43/PD43/PC42 printers (firmware before 10.11.013310 and 10.12.x before 10.12.013309). The vulnerability arises because /usr/bin/lua is installed setuid to the itadmin account, enabling local users to perform a BusyBox jailbreak and es...
CVE-2016-3151
Directory traversal vulnerability in the wallpaper parsing functionality in Barco ClickShare CSC-1 devices with firmware before 01.09.03, CSM-1 devices with firmware before 01.06.02, and CSE-200 devices with firmware before 01.03.02 allows remote attackers to read /etc/shadow via unspecified...
Arbitrary File Read Vulnerability in Video Conferencing System of Tangqiao Technology (Hangzhou) Co.
Tangqiao Technology Hangzhou Co., Ltd. is the world's leading provider of converged video communication cloud services, video conferencing system is a remote collaborative video software. The product has an arbitrary file reading vulnerability, which can be exploited by an attacker to read server...
CVE-2016-5709
SolarWinds Virtualization Manager 6.3.1 and earlier uses weak encryption to store passwords in /etc/shadow, which allows local users with superuser privileges to obtain user passwords via a brute force attack...
Solarwinds Virtualization Manager Information Disclosure Vulnerability
Solarwinds Virtualization Manager is a suite of software from SolarWinds, Inc. that is used to manage and monitor virtualization products. The software provides capacity management, performance monitoring, and configuration management. A security vulnerability exists in Solarwinds Virtualization...
CHETCPASSWD System Shadow File Disclosure - Ver2 (CVE-2002-2219)
An information disclosure vulnerability has been reported in CHETCPASSWD. The vulnerability may potentially cause the tail end of the local shadow file to be disclosed to a remote attacker...
Desktop Linux Password Stealer / Privilege Escalation
This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' require 'rex' require 'msf/core/exploit/exe' require 'base64' require 'metasm' class Metasploit4 'Desktop Linux Password Stealer and Privilege...
Device42 Embedded Credentials
Remote Authenticated Root in Device42 DCIM Appliance Manager v5.10 and v6.0 http://www.device42.com/download/ Device42 ships virtual appliances ready for production use as a trial essentially dictated by the license provided. The Appliance Manager listens on HTTP no SSL on port 4242 with default...
Desktop Linux Password Stealer and Privilege Escalation
This module steals the user password of an administrative user on a desktop Linux system when it is entered for unlocking the screen or for doing administrative actions using PolicyKit. Then, it escalates to root privileges using sudo and the stolen user password. It exploits the design weakness...
Solaris 2.6 FTP Core Dump Shadow Password Recovery Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/2601/info Solaris is the variant of the UNIX Operating System distributed by Sun Microsystems. Solaris is designed as a scalable operating system for the Intel x86 and Sun Sparc platforms, and operates on machines varying...
SSH2 3.0 Short Password Login Vulnerability
source: http://www.securityfocus.com/bid/3078/info An input validation error exists in version 3.0.0 of the SSH daemon sshd running on Unix platforms. It may be possible for remote users to log in to accounts for which there are two or less characters in the password field of the system password...
CHETCPASSWD 1.12 Shadow File Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/6472/info CHETCPASSWD is prone to a vulnerability that may potentially cause the tail end of the local shadow file to be disclosed to a remote attacker. It is possible to exploit this issue by sending an overly long strin...
openSUSE Security Update : aaa_base (openSUSE-SU-2013:1955-1)
On systems installed via the Live Media that /etc/shadow file was readable by the 'users' group, which was not intended. bnc843230, CVE-2013-3713 Reason for this was that the user 'root' was put into the 'users' group. Also a commandline completion bug was fixed : - Use only bash and readline...
CVE-2014-0644
EMC Cloud Tiering Appliance CTA 10 through SP1 allows remote attackers to read arbitrary files via an api/login request containing an XML external entity declaration in conjunction with an entity reference, related to an XML External Entity XXE issue, as demonstrated by reading the /etc/shadow fi...
Quantum DXi V1000 2.2.1 - Static SSH Key
Quantum DXi® V-Series is a virtual deduplication backup appliance that protects physical and virtual data across remote sites, the datacenter and cloud deployments. Details: ---------- 0x01 - Default root user The root user has a hardcoded password that is unknown and not changeable. Normally...
Website url filtering is not strictly caused by downloading any file vulnerability-vulnerability warning-the black bar safety net
At the end of a very busy and recently have been dealing with security issues, of which one example is more representative, and thus wanted to come up with to talk. Probably is such a site in a directory under the provided pdf document to download, but with security, by the path and file name of...
DEBIAN-CVE-2011-4966
modules/rlmunix/rlmunix.c in FreeRADIUS before 2.2.0, when unix mode is enabled for user authentication, does not properly check the password expiration in /etc/shadow, which allows remote authenticated users to authenticate using an expired password...
freeradius: does not respect expired passwords when using the unix module
modules/rlmunix/rlmunix.c in FreeRADIUS before 2.2.0, when unix mode is enabled for user authentication, does not properly check the password expiration in /etc/shadow, which allows remote authenticated users to authenticate using an expired password...
Oracle Exadata Leaf Switch Weak Logins
Oracle Exadata leaf switch logins From Oracle.com "Oracle Exadata is the only database machine that provides extreme performance for both data warehousing and OLTP applications, making it the ideal platform for consolidating on private clouds. It is a complete package of servers, storage,...