Alt-N WebAdmin Multiple Remote Vulnerabilities (XSS, Bypass Access)

The remote host is running Alt-N WebAdmin, a web interface to MDaemon mail server. The remote version of this software is affected by cross-site scripting vulnerabilities due to a lack of filtering on user-supplied input in the file 'usereditaccount.wdm' and the file 'modalframe.wdm'. An attacker...

CVE-2004-2369

Directory traversal vulnerability in webadmin.nsf for Lotus Domino R6 6.5.1 allows attackers to create and detect directories via a .. dot dot in the directory creation command...

HP-UX ObAM WebAdmin unauthorized access

No description provided...

[security bulletin] SSRT4758 rev. 0 HP-UX ObAM WebAdmin unauthorized access

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 HP SECURITY BULLETIN HPSBUX01047 REVISION: 0 SSRT4758 rev. 0 HP-UX ObAM WebAdmin unauthorized access ----------------------------------------------------------------- NOTICE: There are no restrictions for distribution of this Bulletin provided that it...

CVE-2003-1463

Absolute path traversal vulnerability in Alt-N Technologies WebAdmin 2.0.0 through 2.0.2 allows remote attackers with administrator privileges to 1 determine the installation path by reading the contents of the Name parameter in a link, and 2 read arbitrary files via an absolute path in the Name...

PSCS VPOP3 2.0 Email Server WebAdmin - Cross-Site Scripting

source: https://www.securityfocus.com/bid/8869/info It has been reported that PSCS VPOP3 Email Server may be prone to a cross-site scripting vulnerability that may allow a remote attacker to embed malicious HTML and script code in a link. The issue is reported to be present in the WebAdmin utilit...

FloosieTek FTGatePro 1.2 - WebAdmin Interface Information Disclosure

FloosieTek FTGatePro 1.2 - WebAdmin Interface Information Disclosure source: https://www.securityfocus.com/bid/8578/info A weakness has been reported in the FTGatePro WebAdmin Interface that could allow an unauthorized user to gain sensitive information. The problem is believed to occur due to...

CVE-2003-0471

Buffer overflow in WebAdmin.exe for WebAdmin allows remote attackers to execute arbitrary code via an HTTP request to WebAdmin.dll with a long USER argument...

CVE-2003-0471

Alt-N WebAdmin is affected by a remote buffer overflow in the USER parameter of WebAdmin.exe/WebAdmin.dll, enabling arbitrary code execution as described in CVE-2003-0471. Public artifacts include references in Exploit-DB and Metasploit modules showing a buffer overflow condition that could allow...

CVE-2003-0471

Buffer overflow in WebAdmin.exe for WebAdmin allows remote attackers to execute arbitrary code via an HTTP request to WebAdmin.dll with a long USER argument...

Alt-N WebAdmin buffer overflow

Buffer overflow in username...

Alt-N WebAdmin 2.0.x - USER Remote Buffer Overflow (1)

Alt-N WebAdmin 2.0.x - USER Remote Buffer Overflow 1 // source: https://www.securityfocus.com/bid/8024/info Alt-N WebAdmin is prone to a buffer overflow condition. This is due to insufficient bounds checking on the USER parameter. Successful exploitation could result in code execution with SYSTEM...

Alt-N WebAdmin Multiple Vulnerabilities

webadmin.dll was found on the web server. Old versions of this CGI suffered from numerous problems: - installation path disclosure - directory traversal, allowing anybody with administrative permission on WebAdmin to read any file - buffer overflow, allowing anybody to run arbitrary code on the...

Alt-N WebAdmin 2.0.x - USER Remote Buffer Overflow (2)

Alt-N WebAdmin 2.0.x - USER Remote Buffer Overflow 2 // source: https://www.securityfocus.com/bid/8024/info Alt-N WebAdmin is prone to a buffer overflow condition. This is due to insufficient bounds checking on the USER parameter. Successful exploitation could result in code execution with SYSTEM...

Alt-N WebAdmin 2.0.x - 'USER' Remote Buffer Overflow (1)

// source: https://www.securityfocus.com/bid/8024/info Alt-N WebAdmin is prone to a buffer overflow condition. This is due to insufficient bounds checking on the USER parameter. Successful exploitation could result in code execution with SYSTEM level privileges. / WebAdmin.dll remote proof of...

Path disclosure and file access on WebAdmin

WebAdmin is a web application to administer MDaemon and RelayFax. It can be run on its own or as an ISAPI application under Microsoft Internet Information Services IIS. MDaemon is an e-mail server for Microsoft Windows. RelayFax is a fax server also for Microsoft Windows. Both applications have...

Alt-N WebAdmin 2.0.x - Remote File Disclosure

source: https://www.securityfocus.com/bid/7439/info Reportedly, remote users can discover the installation directory of certain software on the underlying system by submitting an HTTP request to the WebAdmin server. This could allow an attacker to obtain sensitive information...

Alt-N WebAdmin 2.0.x - Remote File Viewing

source: https://www.securityfocus.com/bid/7438/info Alt-N WebAdmin allows a remote user to access files that they should not be able to access. The remote user can submit an HTTP request that will return the contents of any webserver-readable file on the system. NOTE: The user must have...

Alt-N WebAdmin 2.0.x - Remote File Viewing

Alt-N WebAdmin 2.0.x - Remote File Viewing source: https://www.securityfocus.com/bid/7438/info Alt-N WebAdmin allows a remote user to access files that they should not be able to access. The remote user can submit an HTTP request that will return the contents of any webserver-readable file on the...