525 matches found
Proxy bypass vulnerability & plain text passwords in LevelOne AMG-2000
SEC Consult Security Advisory 20090429-0 ======================================================================= title: Proxy bypass vulnerability & plain text passwords in LevelOne AMG-2000 product: LevelOne AMG-2000 Wireless AP Management Gateway vulnerable version: Firmware =2.00.00build00600...
SEC Consult SA-20090415-1 :: Nortel Application Gateway 2000 Password Disclosure Vulnerability
SEC Consult Security Advisory 20090415-1 ========================================================================== title: Nortel Application Gateway 2000 Password Disclosure Vulnerability program: Nortel Application Gateway 2000 vulnerable version: 6.3.1 and prior homepage:...
Design/Logic Flaw
Unspecified vulnerability in the Web administration interface in Avaya Communication Manager 3.1.x before CM 3.1.4 SP2 and 4.0.x before 4.0.3 SP1 allows remote authenticated administrators to gain root privileges via unknown vectors related to "configuring data viewing or restoring credentials."...
CVE-2008-6711
Unspecified vulnerability in the Web administration interface in Avaya Communication Manager 3.1.x before CM 3.1.4 SP2 and 4.0.x before 4.0.3 SP1 allows remote authenticated users to execute arbitrary commands via unknown vectors related to "viewing system logs."...
CVE-2008-6710
Unspecified vulnerability in the Web administration interface in Avaya Communication Manager 3.1.x before CM 3.1.4 SP2 and 4.0.x before 4.0.3 SP1 allows remote authenticated administrators to gain root privileges via unknown vectors related to "configuring data viewing or restoring credentials."...
Directory traversal
Directory traversal vulnerability in the HP JetDirect web administration interface in the HP-ChaiSOE 1.0 embedded web server on the LaserJet 9040mfp, LaserJet 9050mfp, and Color LaserJet 9500mfp before firmware 08.110.9; LaserJet 4345mfp and 9200C Digital Sender before firmware 09.120.9; Color...
CVE-2008-4419
Directory traversal vulnerability in the HP JetDirect web administration interface in the HP-ChaiSOE 1.0 embedded web server on the LaserJet 9040mfp, LaserJet 9050mfp, and Color LaserJet 9500mfp before firmware 08.110.9; LaserJet 4345mfp and 9200C Digital Sender before firmware 09.120.9; Color...
[SECURITY] Fedora 10 Update: glpi-0.71.5-1.fc10
GLPI is the Information Resource-Manager with an additional Administration- Interface. You can use it to build up a database with an inventory for your company computer, software, printers.... It has enhanced functions to make the daily life for the administrators easier, like a job-tracking-syst...
[SECURITY] Fedora 9 Update: glpi-0.71.5-1.fc9
GLPI is the Information Resource-Manager with an additional Administration- Interface. You can use it to build up a database with an inventory for your company computer, software, printers.... It has enhanced functions to make the daily life for the administrators easier, like a job-tracking-syst...
Cusci IronPort Encryption Appliance / PostX multiple security vulnerabilities
Unauthorized access to encrypted messages, unauthorized access to administration interface...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allo...
CVE-2009-0055
Cross-site request forgery CSRF vulnerability in the administration interface in Cisco IronPort Encryption Appliance 6.2.4 before 6.2.4.1.1, 6.2.5, 6.2.6, 6.2.7 before 6.2.7.7, 6.3 before 6.3.0.4, and 6.5 before 6.5.0.2; and Cisco IronPort PostX 6.2.1 before 6.2.1.1 and 6.2.2 before 6.2.2.3; allo...
3Com Wireless 8760 Dual-Radio 11abg PoE - Multiple Vulnerabilities
3Com Wireless 8760 Dual-Radio 11abg PoE - Multiple Vulnerabilities source: https://www.securityfocus.com/bid/32358/info 3Com Wireless 8760 Dual-Radio 11a/b/g PoE Access Point is prone to multiple security vulnerabilities, including an HTML-injection issue and an authentication-bypass issue...
3Com Wireless 8760 Dual-Radio 11a/b/g PoE - Multiple Vulnerabilities
source: https://www.securityfocus.com/bid/32358/info 3Com Wireless 8760 Dual-Radio 11a/b/g PoE Access Point is prone to multiple security vulnerabilities, including an HTML-injection issue and an authentication-bypass issue. Successfully exploiting these issues will allow an attacker to obtain...
Stack overflow
Multiple stack-based buffer overflows in the filter service aka k9filter.exe in Blue Coat K9 Web Protection 3.2.44 with Filter 3.2.32 allow 1 remote attackers to execute arbitrary code via a long HTTP Referer header to the K9 Web Protection Administration interface and 2 man-in-the-middle attacke...
CVE-2007-2952
Multiple stack-based buffer overflows in the filter service aka k9filter.exe in Blue Coat K9 Web Protection 3.2.44 with Filter 3.2.32 allow 1 remote attackers to execute arbitrary code via a long HTTP Referer header to the K9 Web Protection Administration interface and 2 man-in-the-middle attacke...
CVE-2007-2952
Multiple stack-based buffer overflows in the filter service aka k9filter.exe in Blue Coat K9 Web Protection 3.2.44 with Filter 3.2.32 allow 1 remote attackers to execute arbitrary code via a long HTTP Referer header to the K9 Web Protection Administration interface and 2 man-in-the-middle attacke...
Alt-N SecurityGateway username buffer overflow
Added: 07/18/2008 CVE: CVE-2008-4193 BID: 29457 OSVDB: 45854 Background Alt-N SecurityGateway is an e-mail spam firewall for Exchange and SMTP servers. Problem A buffer overflow vulnerability in the web administration interface allows remote attackers to execute arbitrary commands by sending an...
Alt-N SecurityGateway username buffer overflow
Added: 07/18/2008 CVE: CVE-2008-4193 BID: 29457 OSVDB: 45854 Background Alt-N SecurityGateway is an e-mail spam firewall for Exchange and SMTP servers. Problem A buffer overflow vulnerability in the web administration interface allows remote attackers to execute arbitrary commands by sending an...
Input validation
Multiple unspecified "input validation" vulnerabilities in the Web management interface aka Messaging Administration interface in Avaya Message Storage Server MSS 3.x and 4.0, and possibly Communication Manager 3.1.x, allow remote authenticated administrators to execute arbitrary commands as user...