255 matches found
CVE-2002-0250
Web configuration utility in HP AdvanceStack hubs J3200A through J3210A with firmware version A.03.07 and earlier, allows unauthorized users to bypass authentication via a direct HTTP request to the webaccess.html file, which allows the user to change the switch's configuration and modify the...
CVE-2000-0859
The CVE-2000-0859 entry describes a DoS in the NTMail web configuration server for NTMail V5 and V6 caused by remote attackers sending a sequence of partial HTTP requests. The impact is denial of service (availability) with no confidentiality or integrity impact stated, and the CVSS vector indica...
CVE-2001-1065
Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack...
CVE-2000-0945
The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the /exec/ directory...
CVE-2001-1065
Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack...
Cisco IOS HTTP Configuration Unauthorized Administrative Access
It is possible to execute arbitrary commands on the remote Cisco router. An attacker may leverage this issue to disable network access via this device or lock legitimate users out of the router. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10700; scriptversion "1.38...
CVE-2001-0448
Web configuration server in 602Pro LAN SUITE allows remote attackers to cause a denial of service via an HTTP GET HTTP request to the aux directory, and possibly other directories with legacy DOS device names...
CVE-2001-0447
Web configuration server in 602Pro LAN SUITE allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request containing "%2e" dot dot characters...
CVE-2000-0859
The web configuration server for NTMail V5 and V6 allows remote attackers to cause a denial of service via a series of partial HTTP requests...
CVE-2000-0416
NTMail 5.x allows network users to bypass the NTMail proxy restrictions by redirecting their requests to NTMail's web configuration server...
NTMail Proxy Exploit
NTmail version 5.x possibly other versions, I haven't checked has two web functions. One is a web configuration server which lets you configure the mail server via a browser. The other is it can also work as a proxy server. These two functions are set by default to use two different ports 8000 fo...
CVE-2000-0416
NTMail 5.x allows network users to bypass the NTMail proxy restrictions by redirecting their requests to NTMail's web configuration server...
openlink.3.2.txt
Overview: A serious security hole has been found in the web configuration utility that comes with OpenLink 3.2. This hole will allow remote users to execute arbitrary code as the user id under which the web configurator is run inherited from the request broker, oplrqb. The hole is a run-of-the-mi...
OpenLink Software OpenLink 3.2 - Remote Buffer Overflow
OpenLink Software OpenLink 3.2 - Remote Buffer Overflow // source: https://www.securityfocus.com/bid/720/info Both the Unix and WindowsNT versions of OpenLink 3.2 are vulnerable to a remotely exploitable buffer overflow attack. The problem is in their web configuration utility, and is the result ...
OpenLink Software OpenLink 3.2 - Remote Buffer Overflow
// source: https://www.securityfocus.com/bid/720/info Both the Unix and WindowsNT versions of OpenLink 3.2 are vulnerable to a remotely exploitable buffer overflow attack. The problem is in their web configuration utility, and is the result of an unchecked strcpy call. The consequence is the...