3456 matches found
Cisco Small Business Wireless Access Points SSID Validation Vulnerability
Cisco Small Business Wireless Access Points contain a vulnerability that could allow an unauthenticated, adjacent attacker cause a denial of service DoS condition. The vulnerability is due to improper validation of the Service Set Identifier SSID when the affected product is performing a "site...
JGroups diagnostics service enabled by default with no authentication when a JGroups channel is started
JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnostics information via a...
Design/Logic Flaw
JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnostics information via a...
CVE-2012-2377
JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnostics information via a...
JGroups diagnostics service enabled by default with no authentication when a JGroups channel is started
JGroups diagnostics service in JBoss Enterprise Portal Platform before 5.2.2, SOA Platform before 5.3.0, and BRMS Platform before 5.3.0, is enabled without authentication when started by the JGroups channel, which allows remote attackers in adjacent networks to read diagnostics information via a...
Mozilla: Multiple Use-after-free issues (MFSA 2012-58)
Use-after-free vulnerability in the nsHTMLEditor::CollapseAdjacentTextNodes function in Mozilla Firefox before 15.0, Firefox ESR 10.x before 10.0.7, Thunderbird before 15.0, Thunderbird ESR 10.x before 10.0.7, and SeaMonkey before 2.12 allows remote attackers to execute arbitrary code or cause a...
Cisco IOS Software Crafted IPv6 over MPLS Denial of Service Vulnerability
Cisco IOS Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service DoS on a targeted device. The vulnerability is due to the processing of IP version 6 IPv6 packets by the vulnerable version of software on an affected device. If an...
HP OpenView Network Node Manager execvp_nc Buffer Overflow
This module exploits a stack buffer overflow in HP OpenView Network Node Manager 7.53 prior to NNM01207 or NNM01206 without the SSRT100025 hotfix. By specifying a long 'sel' parameter when calling methods within the 'webappmon.exe' CGI program, an attacker can cause a stack-based buffer overflow...
CVE-2010-4052
Stack consumption vulnerability in the regcomp implementation in the GNU C Library aka glibc or libc6 through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service resource exhaustion via a regular expression containing adjacent repetition operators, a...
DEBIAN-CVE-2010-4052
Stack consumption vulnerability in the regcomp implementation in the GNU C Library aka glibc or libc6 through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service resource exhaustion via a regular expression containing adjacent repetition operators, a...
CVE-2010-4051
The regcomp implementation in the GNU C Library aka glibc or libc6 through 2.11.3, and 2.12.x through 2.12.2, allows context-dependent attackers to cause a denial of service application crash via a regular expression containing adjacent bounded repetitions that bypass the intended REDUPMAX...
RIP Poisoning Routing Table Modification (Adjacent Network)
It was possible to poison the remote host routing tables through the RIP protocol. An attacker may use this to hijack network connections. Several RIP agents reject routes that are not sent by a neighbor, so this flaw may not be exploitable from a non-adjacent network. C Tenable Network Security,...
CVE-2007-5851
CVE-2007-5851 affects Apple Mac OS X 10.4.11's iChat. The issue allows network-adjacent remote attackers to automatically initiate a video connection to another user via unknown vectors. The OpenVAS/NVD entries reference Mac OS X Security Update 2007-009 as a remediation path, but the provided do...
Heap overflow
Heap-based buffer overflow in the UPnP IGD Internet Gateway Device Standardized Device Control Protocol implementation in mDNSResponder on Apple Mac OS X 10.4.10 before 20070731 allows network-adjacent remote attackers to execute arbitrary code via a crafted packet...
CVE-2007-3748
Buffer overflow in the UPnP IGD Internet Gateway Device Standardized Device Control Protocol implementation in iChat on Apple Mac OS X 10.3.9 and 10.4.10 allows network-adjacent remote attackers to execute arbitrary code via a crafted packet...
In the WEBSHELL, the clever use of file sharing to perform system commands-bug warning-the black bar safety net
Recently in the invasion of Win2003 when found default case not use the system comes with the cmd. exe files to execute system commands, upload the cmd. exe file because the file is too big to fail, then I pass a station adjacent to the machine's file share successfully upload the cmd. exe file,...