7170 matches found
Слабое шифрование в Datek Streamer (weak encryption)
Часть важных данных о пользователе уходит по незащищенному каналу...
Stock portfolio sent via clear text in Datek Streamer® application
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 S4R - A Managed Services Company Security - Systems - Storage - Solutions http://www.s4r.com [email protected] Title: Stock portfolio sent via clear text in Datek Streamer® application Date: November 9, 2001 1. Description Although the user's primary Datek...
IBM AS/400 HTTP Server '/' attack
IBM's HTTP Server on the AS/400 platform is vulnerable to an attack that will show the source code of the page -- such as an .html or .jsp page -- by attaching an '/' to the end of a URL. Compare these two URL's: http://www.foo.com/getsource.jsp http://www.foo.com/getsource.jsp/ The later URL wil...
Сбор информации о пользователях Check Point VPN-1 (information leakage)
Различные диагностические сообщение на неверное имя пользователя и пароль...
CVE-2000-1199
CVE-2000-1199 affects PostgreSQL: usernames and passwords are stored in plaintext in (1) pg_shadow and (2) pg_pwd, enabling attackers with sufficient privileges to access databases. This root cause is plaintext credential storage; impact is described as partial confidentiality, partial integrity,...
CVE-1999-1322
The CVE concerns the installation of 1ArcServe Backup and Inoculan AV client modules for Exchange, which can create a log file exchverify.log that stores usernames and passwords in plaintext. Affected components: the Exchange-related client modules for 1ArcServe Backup and Inoculan AV. Underlying...
Очередные проблемы в CGI
Недостаточная проверка shell символов в данных пользователя при вызове внешней команды...
Possible Issue with Netinfo and Mac OS X
Hi, I have been using Mac OS X for quite a while now, and I have just found something that concerns me a little. As you probably know Mac OS X is based on BSD and by default does not have any services running though it is not hard to turn these on thefore is reasonably secure out of the box. Now ...
security hole in os groupware suite PHProjekt
Overview PHProjekt is an open source groupware suite written in PHP4 with mysql/postgres/oracle/informix/ms-sql support: www.PHProjekt.com The security hole concernes the several modules. Details By modifying the ID number in links an user can view, moduify or delete data of other users randomly...
tdforum 1.2 Messageboard
Examination of the program "TDForum 1.2", a guest book style, unthreaded messageboard, for sale at http://www.tdscripts.com http://www.tdavidscripts.com/ aliases the same, revealed a serious client-side security risk to the users of the forum. Because user supplied data is not being sanitized,...
Microsoft Outlook View Control allows execution of arbitrary code and manipulation of user data
Overview A vulnerability exists in an ActiveX control supplied with Microsoft Outlook 2002 that could allow malicious code on a web page or in an HTML email message to manipulate Outlook data or execute arbitrary code as the user running Outlook. Description Microsoft Outlook 2002 installs an...
TWIG SQL query bugs
I can't find the person who really in charge on developing twig, so I mail about this bug to the person who announce new version of twig about two month ago. -------------------------------------------------------------------------- Subject: Unquoted SQL query = potential damage Software package:...
DCForum 6.0 - Remote Admin Privilege Arbitrary Commands
source: https://www.securityfocus.com/bid/2728/info DCForum is a commercial cgi script from DCScripts which is designed to facilitate web-based threaded discussion forums. Versions of DCForum are vulnerable to attacks which can yield an elevation of privileges and remote execution of arbitrary...
RaidenFTPd 2.1 - Directory Traversal
RaidenFTPd 2.1 - Directory Traversal source: https://www.securityfocus.com/bid/2655/info Raiden FTPD is susceptible to directory traversal attacks using multiple dots in submitted commands specifying file paths. If the request is properly composed, RaidenFTPD will serve files outside of the...
RaidenFTPd 2.1 - Directory Traversal
source: https://www.securityfocus.com/bid/2655/info Raiden FTPD is susceptible to directory traversal attacks using multiple dots in submitted commands specifying file paths. If the request is properly composed, RaidenFTPD will serve files outside of the intended webroot, potentially compromising...
FreeBSD 4.2-stable - FTPd glob() Remote Buffer Overflow
FreeBSD 4.2-stable - FTPd glob Remote Buffer Overflow source: https://www.securityfocus.com/bid/2548/info The BSD ftp daemon and derivatives such as IRIX ftpd or the ftp daemon shipped with Kerberos 5 contain a number of buffer overflows that may lead to a compromise of root access to malicious...
OpenBSD 2.x < 2.8 FTPd - 'glob()' Remote Buffer Overflow
// source: https://www.securityfocus.com/bid/2548/info The BSD ftp daemon and derivatives such as IRIX ftpd or the ftp daemon shipped with Kerberos 5 contain a number of buffer overflows that may lead to a compromise of root access to malicious users. During parsing operations, the ftp daemon...
Apache Tomcat 3.0 - Directory Traversal
source: https://www.securityfocus.com/bid/2518/info Apache Tomcat in a Windows NT environment could be led to traverse the normal directory structure and return requested files from outside of the document root. By including '/../' sequences along with specially chosen characters in requested URL...
anaconda clipper 3.3 - Directory Traversal
source: https://www.securityfocus.com/bid/2512/info Clipper is a headline-gathering tool from Anaconda! Partners which, in certain versions, is vulnerable to directory traversal attacks. By including '/../' sequences in requested URLs, an attacker can cause the retrieval of arbitrary files,...
Aspseek Buffer Overflow
|---------------------------------------------------------------------------------------| / Product: Aspseek Search Engine. Vendor URL: www.aspseek.org / Tested on: v1.0.0 - v1.0.3 Freeware Linux Vendor Contact: Mailed on 8th March NO Reply Vendor Patched though / |-- The Problem,...