24 matches found
Juniper Networks Secure Access 2000 - 'rdremediate.cgi' Cross Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/28034/info Juniper Networks Secure Access 2000 is prone to a cross-site scripting vulnerability because it fails to adequately sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script...
Access online decryption[PHP source code]-vulnerability warning-the black bar safety net
You can only decrypt 2 0 0 0 or 9 7 MDB file ? /site:/ /If reproduced please retain this information / /by:7jdg QQ:7 2 5 9 5 6 1 / $file=$FILES'uploadfile''tmpname'; $oldname =$FILES'uploadfile''name'; $ext =via strtolowersubstrstrrchr$oldname, '.', 1; if $file if $ext != "the mdb" echo "your pas...
hotelresv-sql.txt
Hotel reservation System city.asp city Blind SQL Injection Vulnerability url: http://www.softacid.net/scripts/web-hotel-reservation-system.asp Author: JosS mail: sys-projectathotmaildotcom site: http://spanish-hackers.com team: Spanish Hackers Team - SHT This was written for educational purpose...
Information disclosure
Juniper Networks Secure Access 2000 5.5 R1 build 11711 allows remote attackers to obtain sensitive information via a direct request for remediate.cgi without certain parameters, which reveals the path in an "Execute failed" error message...
CVE-2008-1180
Cross-site scripting XSS vulnerability in dana-na/auth/rdremediate.cgi in Juniper Networks Secure Access 2000 5.5 R1 build 11711 allows remote attackers to inject arbitrary web script or HTML via the deliverymode parameter...
CVE-2008-1181
Juniper Networks Secure Access 2000 5.5 R1 build 11711 allows remote attackers to obtain sensitive information via a direct request for remediate.cgi without certain parameters, which reveals the path in an "Execute failed" error message...
CVE-2008-1180
The vulnerability CVE-2008-1180 affects Juniper Networks Secure Access 2000, version 5.5 R1 build 11711, where a Cross-site Scripting (XSS) flaw exists in dana-na/auth/rdremediate.cgi. The issue allows remote attackers to inject arbitrary web script or HTML via the delivery_mode parameter, implyi...
CVE-2008-1180
Cross-site scripting XSS vulnerability in dana-na/auth/rdremediate.cgi in Juniper Networks Secure Access 2000 5.5 R1 build 11711 allows remote attackers to inject arbitrary web script or HTML via the deliverymode parameter...
Juniper Networks Secure Access 2000 Web Root路径泄露漏洞
BUGTRAQ ID: 28037 Juniper Networks的Secure Access 2000是企业级的SSL VPN接入设备。 Secure Access 2000处理用户请求参数时存在漏洞,远程攻击者可能利用此漏洞获取服务器相关的敏感信息。 如果向Secure Access 2000的remediate.cgi脚本提交了带有特制参数的请求的话,服务器就会在返回的Execute failed消息中包含webroot(/home/webserver/htdocs/)的物理路径。 Juniper Networks Secure Access 2000 5.5R1 build...
Juniper Networks Secure Access 2000 rdremediate.cgi跨站脚本漏洞
BUGTRAQ ID: 28034 Juniper Networks的Secure Access 2000是企业级的SSL VPN接入设备。 Secure Access 2000的/dana-na/auth/rdremediate.cgi服务器端脚本没有正确的验证对deliverymode参数的输入,如果用户向该脚本提交了恶意请求的话,就可能在服务器上执行跨站脚本攻击。 Juniper Networks Secure Access 2000 5.5R1 build 11711 厂商补丁: Juniper Networks ----------------...
PR07-41: XSS on Juniper Networks Secure Access 2000
PR07-41: XSS on Juniper Networks Secure Access 2000 Vulnerability found: 6th December 2007 Vendor informed: 12th December 2007 Severity: Medium-high Description: Juniper Networks Secure Access 2000 is vulnerable to a vanilla XSS. Vulnerable server-side script: '/dana-na/auth/rdremediate.cgi'...
PR07-42: Webroot disclosure on Juniper Networks Secure Access 2000
PR07-42: Webroot disclosure on Juniper Networks Secure Access 2000 Vulnerability found: 6th December 2007 Vendor informed: 12th December 2007 Severity: Low Description: By simply requesting the 'remediate.cgi' script omitting certain parameters, the web server returns the physical path of the...
Juniper Networks Secure Access 2000 Web - Root Full Path Disclosure
Juniper Networks Secure Access 2000 Web - Root Full Path Disclosure source: https://www.securityfocus.com/bid/28037/info Juniper Networks Secure Access 2000 is prone to a path-disclosure vulnerability. Exploiting this issue can allow an attacker to access sensitive data that may be used to launch...
ProCheckUp Security Advisory 2007.41
PR07-41: XSS on Juniper Networks Secure Access 2000 Vulnerability found: 6th December 2007 Vendor informed: 12th December 2007 Severity: Medium-high Description: Juniper Networks Secure Access 2000 is vulnerable to a vanilla XSS. Vulnerable server-side script: '/dana-na/auth/rdremediate.cgi'...
Juniper Networks Secure Access 2000 Web - Root Full Path Disclosure
source: https://www.securityfocus.com/bid/28037/info Juniper Networks Secure Access 2000 is prone to a path-disclosure vulnerability. Exploiting this issue can allow an attacker to access sensitive data that may be used to launch further attacks. Secure Access 2000 5.5R1 Build 11711 is vulnerable...
Microsoft Jet Engine MDB file ColumnName buffer overflow
Added: 11/23/2007 CVE: CVE-2007-6026 BID: 26468 OSVDB: 44880 Background The Microsoft Jet Database Engine provides data access functionality for a number of applications. Problem A buffer overflow vulnerability in the Microsoft Jet Database Engine could lead to command execution when a user opens...
Microsoft Jet Engine MDB file ColumnName buffer overflow
Added: 11/23/2007 CVE: CVE-2007-6026 BID: 26468 OSVDB: 44880 Background The Microsoft Jet Database Engine provides data access functionality for a number of applications. Problem A buffer overflow vulnerability in the Microsoft Jet Database Engine could lead to command execution when a user opens...
CVE-2006-3649
Buffer overflow in Microsoft Visual Basic for Applications VBA SDK 6.0 through 6.4, as used by Microsoft Office 2000 SP3, Office XP SP3, Project 2000 SR1, Project 2002 SP1, Access 2000 Runtime SP3, Visio 2002 SP2, and Works Suite 2004 through 2006, allows user-assisted attackers to execute...
VulnCheck KEV: CVE-2006-3649
Buffer overflow in Microsoft Visual Basic for Applications VBA SDK 6.0 through 6.4, as used by Microsoft Office 2000 SP3, Office XP SP3, Project 2000 SR1, Project 2002 SP1, Access 2000 Runtime SP3, Visio 2002 SP2, and Works Suite 2004 through 2006, allows user-assisted attackers to execute...
Microsoft Security Bulletin MS06-047 Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution (921645)
Microsoft Security Bulletin MS06-047 Vulnerability in Microsoft Visual Basic for Applications Could Allow Remote Code Execution 921645 Published: August 8, 2006 Version: 1.0 Summary Who Should Read this Document: Customers using Microsoft Office applications or applications that use Microsoft...