CVE-2010-2944

The authenticate function in LDAPUserFolder/LDAPUserFolder.py in zope-ldapuserfolder 2.9-1 does not verify the password for the emergency account, which allows remote attackers to gain privileges...

tomcat: information disclosure in authentication headers

Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover the server's hostname or IP address by sending a request for a resource that requires 1 BASIC or 2 DIGEST authentication, and then reading the realm field in the WWW-Authenticate header in the rep...

tomcat -- information disclosure vulnerability

The Apache software foundation reports: The "WWW-Authenticate" header for BASIC and DIGEST authentication includes a realm name. If a element is specified for the application in web.xml it will be used. However, a is not specified then Tomcat will generate one. In some circumstances this can expo...

IncrediMail 2.0 Buffer Overflow

IncrediMail 2.0 activeX Authenticate bof poc by d3b4g Tested: incerdiMail 2.0 Vendor url:http://www.incredimail.com/english/splash.aspx Tested on windows XP SP3 1-03-2010 Debugging info -------------- Exception Code: ACCESSVIOLATION Disasm: 678914AE MOV EDX,ECX ImSpoolU.dll Seh Chain:...

IncrediMail 2.0 ActiveX (Authenticate) bof PoC

Exploit for windows platform in category dos / poc ============================================== IncrediMail 2.0 ActiveX Authenticate bof PoC ============================================== IncrediMail 2.0 activeX Authenticate bof poc by d3b4g Tested: incerdiMail 2.0 Vendor...

Squid NTLM Authenticate Overflow

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'Squid NTLM...

CVE-2008-3101

Multiple cross-site scripting XSS vulnerabilities in vtiger CRM 5.0.4 allow remote attackers to inject arbitrary web script or HTML via 1 the parenttab parameter in an index action to the Products module, as reachable through index.php; 2 the userpassword parameter in an Authenticate action to th...

CVE-2008-3101

Multiple cross-site scripting XSS vulnerabilities in vtiger CRM 5.0.4 allow remote attackers to inject arbitrary web script or HTML via 1 the parenttab parameter in an index action to the Products module, as reachable through index.php; 2 the userpassword parameter in an Authenticate action to th...

CVE-2007-5466

Multiple buffer overflows in eXtremail 2.1.1 and earlier allow remote attackers to 1 have an unknown impact by sending multiple long strings to the IMAP port 143/tcp; 2 execute arbitrary code via a long string in an IMAP AUTHENTICATE PLAIN action, involving the ifParseAuthPlain function; 3 execut...

Grandstream Budge Tone-200 IP Phone (Digest domain) DoS Exploit

No description provided by source. !/usr/bin/perl MADYNES Security Advisory http://madynes.loria.fr Title: Grandstream Budge Tone-200 denial of service vulnerability Release Date: 21/03/2007 Severity: High - Denial of Service Advisory ID:KIPH3 Hardware: Grandstream Budge Tone-200 IP Phone...

Grandstream Budge Tone-200 IP Phone (Digest domain) DoS Exploit

Exploit for hardware platform in category dos / poc =============================================================== Grandstream Budge Tone-200 IP Phone Digest domain DoS Exploit =============================================================== !/usr/bin/perl MADYNES Security Advisory...

MailEnable ProfessionalEnterprise 2.37 - Denial of Service

MailEnable ProfessionalEnterprise 2.37 - Denial of Service !/usr/bin/perl maildisable-v7.pl Mail Enable Professional/Enterprise v2.32-7 win32 by mu-b - Wed Feb 14 2007 - Tested on: Mail Enable Professional v2.37 win32 use Getopt::Std; getopts't:', %arg; use Socket; use MIME::Base64; my $target; i...

Squid NTLM Authenticate Overflow

This is an exploit for Squid's NTLM authenticate overflow libntlmssp.c. Due to improper bounds checking in ntlmcheckauth, it is possible to overflow the 'pass' variable on the stack with user controlled data of a user defined length. Props to iDEFENSE for the advisory. This module requires...

PSWD.JS - Insecure Password Hash

/ source: https://www.securityfocus.com/bid/19333/info Applications running pswd.js are prone to an insecure password-hash weakness. This issue is due to a design flaw that results in password hashes being created in an insecure manner. This issue allows attackers to use precomputed password hash...

CVE-2006-2893

index.php in GANTTy 1.0.3 allows remote attackers to obtain the full path of the web server via an invalid lang parameter in an authenticate action...

MDaemon IMAP AUTHENTICATE command buffer overflow

Added: 03/01/2006 BID: 14317 OSVDB: 18069 Background MDaemon is an e-mail server for Windows. Problem The IMAP service in MDaemon is affected by buffer overflow vulnerabilities in the AUTHENTICATE LOGIN and AUTHENTICATE CRAM-MD5 commands which can be exploited without logging into the server...

MDaemon IMAP AUTHENTICATE command buffer overflow

Added: 03/01/2006 BID: 14317 OSVDB: 18069 Background MDaemon is an e-mail server for Windows. Problem The IMAP service in MDaemon is affected by buffer overflow vulnerabilities in the AUTHENTICATE LOGIN and AUTHENTICATE CRAM-MD5 commands which can be exploited without logging into the server...

PHPGedView <= 3.3.7 remote code execution

--- PHPGedView = 3.3.7 Arbitrary local/remote code execution & php injection --- software: site: http://www.phpgedview.net/ description: "PhpGedView is a revolutionary genealogy program which allows you to view and edit your genealogy on your website." - vulnerabilties:...

MailWatch authenticate() Function SQL Injection

The remote host appears to be running MailWatch, a web-based frontend to MailScanner written in PHP. The version of MailWatch installed on the remote host fails to sanitize the username and password before using them in database queries in the 'authenticate' function of 'functions.php'. This issu...

CVE-2005-3470

SQL injection vulnerability in in the authenticate function in MailWatch for MailScanner 1.0.2 allows remote attackers to execute arbitrary SQL commands...