CVE-2007-4614

BEA WebLogic Server 9.1 does not properly handle propagation of an admin server's security policy change log to temporarily unavailable managed servers, which might allow attackers to bypass intended restrictions, a different vulnerability than CVE-2007-0426...

CVE-2007-4614

CVE-2007-4614 describes BEA WebLogic-related vulnerability where an admin server security policy change log is not properly propagated to temporarily unavailable managed servers, potentially allowing attackers to bypass applied restrictions. The connected records indicate a related entry (CVE-200...

McAfee E-Business Admin Server DoS

Read access to unallocated memory during authentication...

[SA18939] Fedora Directory Server Admin Server Password Disclosure

TITLE: Fedora Directory Server Admin Server Password Disclosure SECUNIA ADVISORY ID: SA18939 VERIFY ADVISORY: http://secunia.com/advisories/18939/ CRITICAL: Moderately critical IMPACT: Exposure of sensitive information WHERE: From local network SOFTWARE: Fedora Directory Server 1.x...

Eudora Internet Mail Server Admin Server Detection

The remote host is running Eudora Internet Mail Server, a mail server for Macs, and its Admin server is listening on this port. Since the Admin server is used to administer the mail server, possibly remotely, you should limit access to it. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...

CVE-2002-1316

importInfo in the Admin Server for iPlanet WebServer 4.x, up to SP11, allows the web administrator to execute arbitrary commands via shell metacharacters in the dir parameter, and possibly allows remote attackers to exploit this vulnerability via a separate XSS issue CVE-2002-1315...

CVE-2002-1315

The CVE-2002-1315 entry describes a Cross-site scripting (XSS) vulnerability in the Admin Server for iPlanet WebServer 4.x up to SP11, allowing remote attackers to inject and execute script/HTML as the iPlanet administrator by placing the script in error logs; it may enable privilege escalation w...

CVE-2001-0950

CVE-2001-0950 concerns the ValiCert Enterprise Validation Authority (EVA) Administration Server, version 3.3–4.2.1. The root cause is the use of insufficiently random data: session tokens for HSMs are generated with the C rand() function, and certificate/key generation may rely on /dev/urandom in...

CVE-2001-0620

iPlanet Calendar Server 5.0p2 and earlier allows a local attacker to gain access to the Netscape Admin Server NAS LDAP database and read arbitrary files by obtaining the cleartext administrator username and password from the configuration file, which has insecure permissions...

iplanet calendar server 5.0p2 exposes Netscape Admin Server master password

at the time of writing, 5.0p2 is the currently available revision on iplanet's download site. the problem: the standard install of iPlanet Calendar server stores the NAS LDAP admin username and password in plaintext in the world readable file: -rw-r--r-- 1 icsuser icsgroup 37882 Feb 20 10:18...