Citrix NetScaler Default Credentials (SSH)

The remote Citrix NetScaler system is using known default credentials for the SSH login. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Apache Axis2 Default Credentials (HTTP) - Active Check

The remote Apache Axis2 web interface is using known default credentials. SPDX-FileCopyrightText: 2015 SCHUTZWERK GmbH SPDX-FileCopyrightText: Reworked detection code since 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective...

F5 Networks BIG-IQ Webinterface Default Credentials (HTTP)

The remote F5 BIG-IQ web interface is using known default credentials. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

F5 BIG-IP Default Credentials (HTTP)

The remote F5 BIG-IP device is using known default credentials for the HTTP login. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

XEROX Multiple Product Unauthenticated Remote Firmware Injection Vulnerability

Added: 12/19/2014 BID: 52483 OSVDB: 80096 Background Some Xerox Multifunction Printers MFP utilize Dynamic Loadable Modules DLM for patching, upgrading and cloning. The DLMs can be delivered to the printer via the Jet Direct printer service on TCP port 9100. Problem Multiple Xerox products are...

XEROX Multiple Product Unauthenticated Remote Firmware Injection Vulnerability

Added: 12/19/2014 BID: 52483 OSVDB: 80096 Background Some Xerox Multifunction Printers MFP utilize Dynamic Loadable Modules DLM for patching, upgrading and cloning. The DLMs can be delivered to the printer via the Jet Direct printer service on TCP port 9100. Problem Multiple Xerox products are...

[CVE-2014-7301] SGI Tempo System Database Password Exposure

SGI Tempo System Database Password Exposure Software: SGI Tempo SGI ICE-X Supercomputers Affected Versions: Unknown CVE Reference: CVE-2014-7301 Author: John Fitzpatrick, MWR Labs Severity: Medium Risk Vendor: Silicon Graphics International Corp SGI Vendor Response: Uncooperative Description It i...

Thomson Reuters Fixed Assets CS 13.1.4 - Local Privilege Escalation

Exploit Title: Thomson Reuters Fixed Assets CS Windows 7, Windows 8 CVE : 2014-9141 Product Affected: Fixed Assets CS =13.1.4 Workstation Install Note: 2003/2008 Terminal Services/Published apps may be vulnerable, depending on system configuration. This vulnerability has been reference checked...

Device42 DCIM Appliance Manager Default Credentials (HTTP)

The remote Device42 DCIM Appliance Manager web interface is using known default credentials. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

openSUSE Security Update : bash (openSUSE-SU-2014:1229-1) (Shellshock)

The command-line shell 'bash' evaluates environment variables, which allows the injection of characters and might be used to access files on the system in some circumstances CVE-2014-7169. Please note that this issue is different from a previously fixed vulnerability tracked under CVE-2014-6271 a...

openSUSE Security Update : bash (openSUSE-SU-2014:1242-1) (Shellshock)

The command-line shell 'bash' evaluates environment variables, which allows the injection of characters and might be used to access files on the system in some circumstances CVE-2014-7169. Please note that this issue is different from a previously fixed vulnerability tracked under CVE-2014-6271 a...

OpenMediaVault Default Admin Credentials (HTTP)

The remote OpenMediaVault web interface is using known default credentials. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SAP HANA metadata.xsjs - SQL injection

Application: SAP HANA Versions Affected: 1.00.60.379371 Vendor URL: http://www.sap.com Bugs: SQL injection Exploits: YES Reported: 09.04.2014 Vendor response: 10.04.2014 Date of Public Advisory: 17.10.2014 Reference: SAP Security Note 2067972 Author: Dmitry Chastukhin ERPScan Description SQL...

Default credentials

ZOLL Defibrillator / Monitor M Series, E Series, and R Series have a default password for System Configuration mode, which allows physically proximate attackers to modify device configuration and cause a denial of service adverse human health effects...

CVE-2007-6756

ZOLL Defibrillator / Monitor M Series, E Series, and R Series have a default password for System Configuration mode, which allows physically proximate attackers to modify device configuration and cause a denial of service adverse human health effects...

Mobotix Cameras Default Admin Credentials (HTTP)

The remote Mobotix camera web interface is using default credentials. This VT has been deprecated as a duplicate of the VT SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

nas4free Default Admin Credentials (HTTP)

The remote nas4free web interface is using known default credentials. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

HP-UX 10.20/11.0 SNMPD File Permission Vulnerabilities

No description provided by source. source: http://www.securityfocus.com/bid/1327/info A vulnerability exists in the snmpd included with HPUX 11, from Hewlett Packard. The configuration file for the snmpd is world writable. This could allow any user on the system to view and/or alter the settings ...

MetaDot Portal Server 5.6.x index.pl Information Disclosure

No description provided by source. source: http://www.securityfocus.com/bid/9439/info A number of vulnerabilities have been found in all version of MetaDot Corporation's MetaDot Portal Server. Due to a failure of the software to properly validate user input, an attacker may be able to corrupt dat...

Broadcom PIPA C211 - Sensitive Information Disclosure

No description provided by source. Vulnerability title: Unauthenticated Credential And Configuration Retrieval In Broadcom Ltd PIPA C211 CVE: CVE-2014-2046 Vendor: Broadcom Ltd Product: PIPA C211 Affected version: Soft Rev: SR1.1, HW Rev: PIPA C211 rev2 Fixed version: N/A Reported by: Jerzy Krama...