559 matches found
CVE-2007-4529
The CVE concerns TeamSpeak Server 2.0.20.1 WebAdmin: remote authenticated users with the ServerAdmin flag can elevate privileges beyond their own servers. By issuing requests to .tscmd URIs with a modified serverid (e.g., add_server.tscmd, ask_delete_server.tscmd, start_server.tscmd, stop_server....
RaidenHTTPD workspace.php ulang Parameter Local File Inclusion
Binary data 5103.prm...
[Full-disclosure] Teamspeak Server 2.0.20.1 Vulnerabilities
Hi everyone, several months ago I discovered some vulnerabilities in TeamSpeak Server WebAdmin interface. I sent the advisory and exploit to the developers about two months ago 11 03 2007, but the server is still vulnerable, today. Affected software: Teamspeak Server 2.0.20.1 Looks like the beta...
ghh-disclose.txt
By Cr@zyKing [email protected] Biyosecurity.Net & Expw0rm.Com Thanks : Liz0 & DarkXBoyZ & Eno7 & ApAci & Uyuss & CrackersChild & Th343k1R & Xoron & Ajannn Portal : GHH Wersion : 1.1 GHH Portal 1.1 passwd.txt Remote Password Disclosure Vulnerability Demo : http://ghh.sourceforge.net/demo Vuln :...
GHH Portal 1.1 (passwd.txt) Remote Password Disclosure Vulnerability
By Cr@zyKing [email protected] Biyosecurity.Net & Expw0rm.Com Thanks : Liz0 & DarkXBoyZ & Eno7 & ApAci & Uyuss & CrackersChild & Th343k1R & Xoron & Ajannn Portal : GHH Wersion : 1.1 GHH Portal 1.1 passwd.txt Remote Password Disclosure Vulnerability Demo : http://ghh.sourceforge.net/demo Vuln :...
NetMail WebAdmin username buffer overflow
Added: 03/16/2007 CVE: CVE-2007-1350 BID: 22857 OSVDB: 33886 Background Novell NetMail WebAdmin is a web-based administration interface which runs an HTTP server on port 89/TCP. Problem A buffer overflow vulnerability in Novell NetMail WebAdmin allows remote attackers to execute arbitrary command...
NetMail WebAdmin username buffer overflow
Added: 03/16/2007 CVE: CVE-2007-1350 BID: 22857 OSVDB: 33886 Background Novell NetMail WebAdmin is a web-based administration interface which runs an HTTP server on port 89/TCP. Problem A buffer overflow vulnerability in Novell NetMail WebAdmin allows remote attackers to execute arbitrary command...
NetMail WebAdmin username buffer overflow
Added: 03/16/2007 CVE: CVE-2007-1350 BID: 22857 OSVDB: 33886 Background Novell NetMail WebAdmin is a web-based administration interface which runs an HTTP server on port 89/TCP. Problem A buffer overflow vulnerability in Novell NetMail WebAdmin allows remote attackers to execute arbitrary command...
NetMail WebAdmin username buffer overflow
Added: 03/16/2007 CVE: CVE-2007-1350 BID: 22857 OSVDB: 33886 Background Novell NetMail WebAdmin is a web-based administration interface which runs an HTTP server on port 89/TCP. Problem A buffer overflow vulnerability in Novell NetMail WebAdmin allows remote attackers to execute arbitrary command...
Novell NetMail WebAdmin Username Stack Buffer Overflow (CVE-2007-1350)
Novell NetMail is an electronic mail server product that supports various email access and exchange protocols, including IMAP Internet Message Access Protocol and NMAP Network Messaging Application Protocol.WebAdmin is a browser based administrative tool used to manage NetMail...
Novell NetMail WebAdmin buffer overflow
TCP/89 HTTP Basic authentication buffer overflow...
Immunity Canvas: NETMAIL_WEBADMIN
Name| netmailwebadmin ---|--- CVE| CVE-2007-1350 Exploit Pack| CANVAS Description| Novell Netmail WebAdmin Overflow Notes| CVE Name: CVE-2007-1350 VENDOR: Novell VersionsAffected: Repeatability: References: http://www.zerodayinitiative.com/advisories/ZDI-07-009.html CVE Url:...
Stack overflow
Stack-based buffer overflow in webadmin.exe in Novell NetMail 3.5.2 allows remote attackers to execute arbitrary code via a long username during HTTP Basic authentication...
CVE-2006-6704
Cross-site scripting XSS vulnerability in the Webadmin in @Mail before 4.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving "unescaped data in the database."...
CVE-2006-6704
CVE-2006-6704 : The NVD entry describes a cross-site scripting (XSS) vulnerability in the Webadmin component of @Mail prior to version 4.6. The issue allows remote attackers to inject arbitrary web script or HTML via vectors involving unescaped data stored in the database. The provided sources in...
CVE-2006-6704
Cross-site scripting XSS vulnerability in the Webadmin in @Mail before 4.6 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving "unescaped data in the database."...
MailEnable WebAdmin绕过认证漏洞
MailEnable是一款商业性质的POP3和SMTP服务器。 MailEnable的WebAdmin登录进程实现上存在安全漏洞,攻击者可能利用此漏洞无需口令便可成功登录,获得非授权访问。 MailEnable MailEnable Professional Edition 2.32 MailEnable MailEnable Enterprise Edition 2.32 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载: http://www.mailenable.com/hotfix/ME-10019.ZIP...
MDaemon WebAdmin模块权限提升漏洞
WebAdmin是Alt-N开发的管理MDaemon、RelayFax和WorldClient的WEB应用程序。 由于没有正确的过滤管理界面的logfileview.wdm和configfileview.wdm文件,导致已认证的全局管理员可以通过类似于以下的方式访问基础文件系统: http://mdaemon:1000/configfileview.wdm?file=../../autoexec.bat http://mdaemon:1000/logfileview.wdm?type=webadmin&file=../../App/userlist.dat...
CVE-2006-4620
The usereditaccount.wdm module in Alt-N WebAdmin 3.2.5 running with MDaemon 9.0.6, and possibly earlier versions, allows remote authenticated domain administrators to gain privileges and obtain access to the system mail queue by modifying the mailbox of the MDaemon user account to use the mailbox...
CVE-2006-4620
The usereditaccount.wdm module in Alt-N WebAdmin 3.2.5 running with MDaemon 9.0.6, and possibly earlier versions, allows remote authenticated domain administrators to gain privileges and obtain access to the system mail queue by modifying the mailbox of the MDaemon user account to use the mailbox...