993 matches found
JVN#63999575 NEC MultiWriter 1700C web server authentication bypass vulnerability
Impact A remote attacker could change the system configuration of the printer's built-in web server. Solution Products Affected NEC MultiWriter 1700C model number: PR-L1700C Network Expansion Card PR-L1700C-MC For more information, refer to the vendor's website...
Authentication flaw
The embedded HTTP server in Fuji Xerox Printing Systems FXPS print engine, as used in products including 1 Dell 3000cn through 5110cn and 2 Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, does not properly perform authentication for HTTP requests, which...
CVE-2006-2113
The embedded HTTP server in Fuji Xerox Printing Systems FXPS print engine, as used in products including 1 Dell 3000cn through 5110cn and 2 Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, does not properly perform authentication for HTTP requests, which...
CVE-2006-2113
The embedded HTTP server in Fuji Xerox Printing Systems FXPS print engine, as used in products including 1 Dell 3000cn through 5110cn and 2 Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, does not properly perform authentication for HTTP requests, which...
CVE-2006-2113
Summary: CVE-2006-2113 affects the embedded HTTP server in the FXPS print engine used by Dell 3000cn/3110cn/5110cn and Fuji Xerox DocuPrint firmware prior to 20060628 (and Network Option Card firmware prior to 5.13). The vulnerability stems from improper authentication for HTTP requests, enabling...
barracudeHardcode.txt
Title: Barracuda Hardcoded Password Vulnerability Severity: High Sensitive Information Disclosure Date: 01 August 2006 Version Affected: Barracuda Spam Firewall version 3.3.01.001 to 3.3.03.053 Discovered by: Greg Sinclair [email protected] Discovered on: 28 May 2006 Overview: Barracuda Sp...
About Trojans hidden in the Windows of the new method-vulnerability warning-the black bar safety net
Well known Trojans generally start way: load to the“Start”menu in the“start”entry, recording to the registry HKEYCURRENTUSERSoftwareMicrosoftwindowscurrentversionrun items and HKEYLOCALMACHINESOFTWAREMicrosoftwindowscurrentversionRun key, more advanced Trojans will also be registered as a...
CVE-2005-4659
IPCop aka IPCop Firewall before 1.4.10 has world-readable permissions for the backup.key file, which might allow local users to overwrite system configuration files and gain privileges by creating a malicious encrypted backup archive owned by "nobody", then executing ipcoprscfg to restore from th...
CVE-2005-4660
Race condition in IPCop aka IPCop Firewall before 1.4.10 might allow local users to overwrite system configuration files and gain privileges by replacing a backup archive during the time window when the archive is owned by "nobody" but not yet encrypted, then executing ipcoprscfg to restore from...
CVE-2005-4660
Race condition in IPCop aka IPCop Firewall before 1.4.10 might allow local users to overwrite system configuration files and gain privileges by replacing a backup archive during the time window when the archive is owned by "nobody" but not yet encrypted, then executing ipcoprscfg to restore from...
CVE-2005-4659
IPCop aka IPCop Firewall before 1.4.10 has world-readable permissions for the backup.key file, which might allow local users to overwrite system configuration files and gain privileges by creating a malicious encrypted backup archive owned by "nobody", then executing ipcoprscfg to restore from th...
CVE-2005-4609
index.php in BugPort 1.147 and earlier allows remote attackers to obtain sensitive information such as full path and system configuration via an invalid action parameter...
CVE-2005-2285
WebEOC before 6.0.2 stores sensitive information in locations such as URIs, web pages, and configuration files, which allows remote attackers to obtain information such as Usernames, Passwords, Emergency information, medical information, and system configuration...
CVE-2005-2285
WebEOC before 6.0.2 stores sensitive information in locations such as URIs, web pages, and configuration files, which allows remote attackers to obtain information such as Usernames, Passwords, Emergency information, medical information, and system configuration...
WebEOC handles sensitive information in an insecure manner
Overview WebEOC handles sensitive information in an insecure manor. As a result, sensitive information may be exposed to untrusted parties. Description WebEOC is a web-based crisis information management application that provides functions to gather, coordinate, and disseminate information betwee...
Xerox Document Centre Web Server Unspecified Unauthorized Access (XRX05-003)
According to its model number and software version, the remote host is a Xerox Document Centre or WorkCentre device with an embedded web server that could allow unauthorized access to the web server directory structure, which in turn could enable a remote attacker to gain access rights and to mak...
CVE-2005-1179
Unknown vulnerability in Xerox MicroServer Web Server for various WorkCentre products including M35/M45/M55 2.028.11.000 through 2.97.20.032 and 4.84.16.000 through 4.97.20.032, Pro 35/45/55 3.028.11.000 through 3.97.20.032, Pro 65/75/90 1.001.00.060 through 1.001.02.084, and others, related to...
CVE-2005-0703
Xerox MicroServer Web Server for various WorkCentre products including M35/M45/M55 2.028.11.000 through 2.97.20.032 and 4.84.16.000 through 4.97.20.032, Pro 35/45/55 3.028.11.000 through 3.97.20.032, Pro 65/75/90 1.001.00.060 through 1.001.02.084, and others, has an "unauthenticated account," whi...
CVE-2005-0703
Xerox MicroServer Web Server for various WorkCentre products including M35/M45/M55 2.028.11.000 through 2.97.20.032 and 4.84.16.000 through 4.97.20.032, Pro 35/45/55 3.028.11.000 through 3.97.20.032, Pro 65/75/90 1.001.00.060 through 1.001.02.084, and others, has an "unauthenticated account," whi...
CVE-2004-2739
The setup routine setup.php in PHProjekt 4.2.1 and earlier allows remote attackers to modify system configuration via unknown attack vectors...