Lucene search
+L

3766 matches found

Tenable Nessus
Tenable Nessus
added 2003/01/22 12:0 a.m.160 views

Apache Tomcat Default Accounts

This host appears to be the running the Apache Tomcat Servlet engine with the default accounts still configured. A potential intruder could reconfigure this service in a way that grants system access. %NASLMINLEVEL 70300 This script was written by Orlando Padilla See the Nessus Scripts License fo...

4.6CVSS8.1AI score0.0356EPSS
Exploits3References1
securityvulns
securityvulns
added 2002/11/23 12:0 a.m.44 views

[LSD] Java and JVM security vulnerabilities

We would like to inform you about several security vulnerabilities in Java Virtual Machine implementations that we have found during our research. These vulnerabilities affect at least JVMs used in Netscape Communicator and Microsoft Internet Explorer web browsers. Below you can find their brief...

8.1AI score
Exploits0
securityvulns
securityvulns
added 2002/11/15 12:0 a.m.27 views

Opera 7 vulnerabilities

We've done some basic security tests, in cooperation with Tom Gilder, on the new Opera 7 beta release and found two major security vulnerabilities. These vulnerabilities are quite obvious and likely to be discovered by malicious users. Combined, they allow full read access to a victim's file syst...

1.8AI score
Exploits0
securityvulns
securityvulns
added 2002/11/11 12:0 a.m.41 views

benchmark tool for HTTP pages.

ezhttpbench.php eZ httpbench version 1.1http://developer.ez.no - benchmark tool for HTTP pages. A security vulnerability in the product allows remote attackers to download any file on the local system that the eZ httpbench has read access to. Vulnerable systems: eZ httpbench version 1.1 eZ...

1.7AI score
Exploits0
securityvulns
securityvulns
added 2002/10/15 12:0 a.m.29 views

Directory traversal in Daniel Arenz' Mini Server

Hi! There is a directory traversal flaw in Daniel Arenz' Mini Server 2.1.6 tested on Windows XP Professional. It could be that prior versions are also affected. It's possible to show every by the web server readable file on the target system by using one of the following URLs:...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2002/08/25 12:0 a.m.33 views

UTStarcom B-NAS 1000 / B-RAS 1000 Major Security Flaw

== Overview == UTStarcom http://www.ustar.com is a broadband DSLAM and DSL SMS hardware vendor. Their products are used to manage DSL through PPPoE, PPPoA, bridge mode etc. == Vulnerability == The vendor UTStarcom has placed 2 backdoor accounts with full system access in their BAS-1000 system B-R...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2002/07/29 12:0 a.m.38 views

Phenoelit Advisory #0815 +--

Phenoelit Advisory wir-haben-auch-mal-was-gefunden 0815 +-- Authors FX [email protected] FtR [email protected] kim0 [email protected] DasIch [email protected] Phenoelit Group http://www.phenoelit.de Advisory http://www.phenoelit.de/stuff/HPChai.txt Affected Products Hewlett Packard HP ChaiVM HP 90...

0.8AI score
Exploits0
exploitpack
exploitpack
added 2002/07/24 12:0 a.m.20 views

Cobalt Qube 3.0 - Authentication Bypass

Cobalt Qube 3.0 - Authentication Bypass source: https://www.securityfocus.com/bid/5297/info A vulnerability has been reported for Cobalt Qube that may allow an attacker to bypass the authentication mechanism and obtain administrative privileges. The vulnerability occurs because of a weak...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2002/06/01 12:0 a.m.48 views

File system access in imap-uw

By design it's possible to access any file readable by user's account...

3AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2002/05/08 12:0 a.m.77 views

Multiple Vulnerabilities in MDaemon + WorldClient

Advisory Title: Multiple Vulnerabilities in MDaemon + WorldClient Release Date: 07/05/2002 Application: WorldClient and MDaemon Platform: Windows Clients. Version: MDaemon/WorldClient 5.0.5.0 - and probably earlier versions Severity: Several Vulnerabilities - one of which gives system access...

0.4AI score
Exploits0
Cvelist
Cvelist
added 2002/05/03 4:0 a.m.18 views

CVE-2002-0268

Identix BioLogon 3 allows users with physical access to the system to gain administrative privileges by using CTRL-ALT-DEL and running a "Browse" function, which runs Explorer with SYSTEM privileges...

6.6AI score0.00419EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2002/03/15 12:0 a.m.56 views

Microsoft Windows 'Administrators' Group User List

Using the supplied credentials, it is possible to extract the member list of the 'Administrators' group. Members of this group have complete access to the remote system. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid10902; scriptversion"1.23"; scriptcvsdate"Date:...

5.5AI score
Exploits0
exploitpack
exploitpack
added 2002/02/04 12:0 a.m.20 views

Portix-PHP 0.4 - view.php Directory Traversal

Portix-PHP 0.4 - view.php Directory Traversal source: https://www.securityfocus.com/bid/4039/info Portix-PHP is freely available web portal software. It is written in PHP and will run on most Unix and Linux variants. Portix-PHP is prone to directory traversal attacks. The script view.php does not...

Exploits0
Exploit DB
Exploit DB
added 2001/09/12 12:0 a.m.34 views

EFTP 2.0.7 337 - Remote Buffer Overflow Code Execution / Denial of Service

// source: https://www.securityfocus.com/bid/3330/info Encrypted FTP EFTP is both an FTP client and server application for Windows platforms. A malicious user with upload permissions to the target host can cause a buffer overflow in EFTP to execute code of the attacker's choosing. The attacker ca...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/08/25 12:0 a.m.52 views

Проблемы с Java Plugin 1.4 (file reading)

Апплеты не имеющие корректного сертификата тем не менее могут обращаться к файловой системе...

0.7AI score
Exploits0References1Affected Software2
Tenable Nessus
Tenable Nessus
added 2001/06/19 12:0 a.m.35 views

Microsoft IIS .IDA ISAPI Filter Enabled

The IIS server appears to have the .IDA ISAPI filter mapped. At least one remote vulnerability has been discovered for the .IDA indexing service filter. This is detailed in Microsoft Advisory MS01-033, and gives remote SYSTEM level access to the web server. It is recommended that even if you have...

5.5AI score
Exploits0
Exploit DB
Exploit DB
added 2001/06/18 12:0 a.m.222 views

Microsoft Index Server 2.0 / Indexing Service (Windows 2000) - ISAPI Extension Buffer Overflow (4)

source: https://www.securityfocus.com/bid/2880/info Windows Index Server ships with Windows NT 4.0 Option Pack; Windows Indexing Service ships with Windows 2000. An unchecked buffer resides in the 'idq.dll' ISAPI extension associated with each service. A maliciously crafted request could allow...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2001/04/25 12:0 a.m.39 views

IPSwitch IMail 6.06 SMTP Remote System Access Vulnerability

IPSwitch IMail 6.06 SMTP Remote System Access Vulnerability Release Date: April 24, 2001 Severity: High Systems Affected: Systems running IPSwitch's IMail 6.06 SMTP daemon. Prior versions are most likely vulnerable. Description: There exists a vulnerability within IMail that allows remote attacke...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2001/03/23 12:0 a.m.39 views

Проблемы в файловых системах (ufs/ext2fs data recovery)

Локальный пользователь может получить доступ к содержимому файлов, которые были удалены...

0.8AI score
Exploits0References1Affected Software1
exploitpack
exploitpack
added 2001/01/07 12:0 a.m.25 views

eXtropia bbs_forum.cgi 1.0 - Arbitrary Command Execution

eXtropia bbsforum.cgi 1.0 - Arbitrary Command Execution source: https://www.securityfocus.com/bid/2177/info bbsforum.cgi is a popular Perl cgi script from eXtropia.com. It supports the creation and maintenance of web-based threaded discussion forums. Version 1.0 of bbsforum.cgi fails to properly...

0.9AI score
Exploits0
Rows per page
Query Builder