14 matches found
EUVD-2001-0853
Malware in sbrugna...
EUVD-2001-0854
Malware in sbrugna...
Alchemy Eye Detection
Checks whether Alchemy Eye is present on the target system and if so, tries to figure out the installed version. Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it under the terms of the GNU...
Alchemy Eye HTTP Command Execution
Alchemy Eye and Alchemy Network Monitor are network management tools for Microsoft Windows. The product contains a built-in HTTP server for remote monitoring and control. This HTTP server allows arbitrary commands to be run on the server by a remote attacker. SPDX-FileCopyrightText: 2001 HD Moore...
Alchemy Eye HTTP Server does not adequately validate user input thereby allowing remote command execution
Overview Alchemy Eye does not properly validate HTTP requests, allowing arbitrary command execution. Description Alchemy Eye includes an HTTP server for remote system monitoring and control. In versions 2.0 through 2.6 of Alchemy Eye, the HTTP server component does not adequately validate HTTP...
CVE-2001-0871
Directory traversal vulnerability in HTTP server for Alchemy Eye and Alchemy Network Monitor allows remote attackers to execute arbitrary commands via an HTTP request containing 1 a .. in versions 2.0 through 2.6.18, or 2 a DOS device name followed by a .. in versions 2.6.19 through 3.0.10...
CVE-2001-0870
HTTP server in Alchemy Eye and Alchemy Network Monitor 1.9x through 2.6.18 is enabled without authentication by default, which allows remote attackers to obtain network monitoring logs with potentially sensitive information by directly requesting the eye.ini file...
Alchemy Eye/Network Monitor Traversal Arbitrary Command Execution
Alchemy Eye and Alchemy Network Monitor are network management tools for Microsoft Windows. The product contains a built-in HTTP server for remote monitoring and control. This HTTP server allows arbitrary commands to be run on the server by a remote attacker. %NASLMINLEVEL 70300 This script was...
Rapid 7 Advisory R7-0001: Alchemy Eye HTTP Remote Command Execution
-----BEGIN PGP SIGNED MESSAGE----- Rapid 7, Inc. Security Advisory Visit http://www.rapid7.com to download NeXposetm, our advanced vulnerability scanner. Linux and Windows 2000 versions are available now! Rapid 7 Advisory R7-0001: Alchemy Eye HTTP Remote Command Execution Published: November 29,...
Rapid 7 Advisory R7-0002: Alchemy Eye Remote Unauthenticated Log Viewing
-----BEGIN PGP SIGNED MESSAGE----- Rapid 7, Inc. Security Advisory Visit http://www.rapid7.com to download NeXposetm, our advanced vulnerability scanner. Linux and Windows 2000 versions are available now! Rapid 7 Advisory R7-0002: Alchemy Eye Remote Unauthenticated Log Viewing Published: November...
CVE-2001-0871
CVE-2001-0871 affects Alchemy Eye and Alchemy Network Monitor’s built-in HTTP server. Versions 2.0–2.6.18 are vulnerable to simple dotdot traversal; versions 2.6.19–3.0.10 are vulnerable to a variant using a DOS device name (e.g., NUL) plus traversal. Successful exploitation allows remote attacke...
CVE-2001-0870
HTTP server in Alchemy Eye and Alchemy Network Monitor 1.9x through 2.6.18 is enabled without authentication by default, which allows remote attackers to obtain network monitoring logs with potentially sensitive information by directly requesting the eye.ini file...
CVE-2001-0870
The CVE-2001-0870 issue affects Alchemy Eye and Alchemy Network Monitor versions 1.9x through 2.6.18, whose built-in HTTP server is enabled by default and allows remote, unauthenticated access to view monitoring logs by directly requesting the eye.ini file. The vulnerability enables disclosure of...
CVE-2001-0871
Directory traversal vulnerability in HTTP server for Alchemy Eye and Alchemy Network Monitor allows remote attackers to execute arbitrary commands via an HTTP request containing 1 a .. in versions 2.0 through 2.6.18, or 2 a DOS device name followed by a .. in versions 2.6.19 through 3.0.10...