20 matches found
EUVD-2004-2161
Malware in sbrugna...
EUVD-2009-1462
Malware in sbrugna...
EUVD-2009-1463
Malware in sbrugna...
Design/Logic Flaw
Application Access Server A-A-S 2.0.48 stores 1 passwords and 2 the port keyword in cleartext in aas.ini, which allows local users to obtain sensitive information by reading this file...
CVE-2009-1466
Application Access Server A-A-S 2.0.48 stores 1 passwords and 2 the port keyword in cleartext in aas.ini, which allows local users to obtain sensitive information by reading this file...
CVE-2009-1464
Multiple cross-site request forgery CSRF vulnerabilities in index.aas in Application Access Server A-A-S 2.0.48 allow remote attackers to hijack the authentication of administrators for requests that 1 execute arbitrary programs via a command job, 2 stop services via a setservice job, or 3...
Cross site request forgery (csrf)
Multiple cross-site request forgery CSRF vulnerabilities in index.aas in Application Access Server A-A-S 2.0.48 allow remote attackers to hijack the authentication of administrators for requests that 1 execute arbitrary programs via a command job, 2 stop services via a setservice job, or 3...
CVE-2009-1465
CVE-2009-1465 affects Application Access Server (A-A-S) 2.0.48, where the admin account uses the default password “wildbat,” enabling remote attackers to obtain administrative access. The provided documents confirm the component and default credential issue but do not specify a fixed version or o...
CVE-2009-1465
Application Access Server A-A-S 2.0.48 has "wildbat" as its default password for the admin account, which makes it easier for remote attackers to obtain access...
CVE-2009-1466
CVE-2009-1466 affects Application Access Server (A-A-S) 2.0.48, where the passwords and the port keyword are stored in cleartext in aas.ini. Local users reading aas.ini can obtain sensitive data. The issue is caused by insecure password/port storage in the configuration file. Remediation details ...
CVE-2009-1466
Application Access Server A-A-S 2.0.48 stores 1 passwords and 2 the port keyword in cleartext in aas.ini, which allows local users to obtain sensitive information by reading this file...
A-A-S Application Access Server Default Admin Password
The remote installation of A-A-S Application Access Server is configured to use default credentials to control administrative access. Knowing these, an attacker can gain administrative control of the affected application and host. C Tenable Network Security, Inc. include"compat.inc"; if descripti...
PT-2009-3967 · A A S · Application Access Server
Name of the Vulnerable Software and Affected Versions: Application Access Server A-A-S version 2.0.48 Description: The issue allows local users to obtain sensitive information, including passwords and the port keyword, by reading the aas.ini file, as this information is stored in cleartext...
Syhunt: A-A-S (Application Access Server) Multiple Security Vulnerabilities
Syhunt: A-A-S Application Access Server Multiple Security Vulnerabilities Advisory-ID: 200905111 Discovery Date: 3.23.2009 Release Date: 5.11.2009 Affected Applications: A-A-S 2.0.48 and possibly older versions Class: XSRF Cross Site Request Forgery Arbitrary Command Execution, Undocumented Defau...
A-A-S Application Access Server Multiple Vulnerabilities
According to its version number, the remote version of A-A-S Application Access Server is prone to multiple security issues including a cross-site request-forgery vulnerability, an insecure-default-password vulnerability and an information-disclosure vulnerability. Attackers can exploit these...
A-A-S Application Access Server Detection (HTTP)
HTTP based detection of A-A-S Application Access Server. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only if description...
A A S Application Access Server Server Detection
The A A S Application Access Server is running at this port. The A A S Application Access Server makes the PC administration possible over LAN and WANs. OpenVAS Vulnerability Test $Id: aasdetect.nasl 6032 2017-04-26 09:02:50Z teissa $ A A S Application Access Server Detection Authors: Michael Mey...
CVE-2004-2169
Application Access Server A-A-S 1.0.37 and earlier allows remote authenticated users to cause a denial of service application crash via a long file request...
CVE-2004-2169
CVE-2004-2169 affects Application Access Server (A-A-S) 1.0.37 and earlier. Remote authenticated users can trigger a denial of service (application crash) by issuing a long file request. No remediation or fixes are detailed in the provided documents.
CVE-2004-2169
Application Access Server A-A-S 1.0.37 and earlier allows remote authenticated users to cause a denial of service application crash via a long file request...