Lucene search
K

6578 matches found

securityvulns
securityvulns
added 2004/07/08 12:0 a.m.21 views

Eudora 6.1.2 attachment spoof

Eudora 6.1.2 for Windows was released on 21 June 2004. The release notes http://www.eudora.com/download/eudora/windows/6.1.2/RelNotes.txt say: SECURITY Fixed case where attachments could be spoofed via base64 encoded plain-text, inline MIME parts. Not so. Harmless demo below. Cheers, Paul Szabo -...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2004/05/22 12:0 a.m.25 views

BNBT memory corruption

Memory corruption on incomplete base64 string...

2.2AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2004/05/11 12:0 a.m.32 views

[Full-Disclosure] Icecast 2.0.0 preauth overflow

There exists a remotely exploitable heap overflow in Icecast 2.0.0. The bug exists in the handling of base64 Authorization request. This bug was found in about 40 seconds during a HTTP audit of the web component of Icecast with the fuzzer SMUDGE http://felinemenace.org/nd/SMUDGE/ People complaine...

0.6AI score
Exploits0
securityvulns
securityvulns
added 2004/04/14 12:0 a.m.26 views

ServerAlive weak encryption

Passwords are stored in text file in base64 format...

1.8AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2004/04/14 12:0 a.m.44 views

Server Alive week password encryption

Product Description : Servers Alive is an end-to-end network monitor program. Among the many checks it can do: it can monitor any Winsock service, ping a host, check if an NT service/process is running, check the available disk space on a server, retrieve an URL, check your database engine, and...

0.5AI score
Exploits0
securityvulns
securityvulns
added 2004/04/13 12:0 a.m.50 views

[waraxe-2004-SA#018 - Admin-level authentication bypass in phpnuke 6.x-7.2]

================================================================================ waraxe-2004-SA018 ================================================================================ Admin-level authentication bypass in phpnuke 6.x-7.2...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2004/04/13 12:0 a.m.34 views

[waraxe-2004-SA#017 - User-level authentication bypass in phpnuke 6.x-7.2]

================================================================================ waraxe-2004-SA017 ================================================================================ User-level authentication bypass in phpnuke 6.x-7.2...

7.6AI score
Exploits0
NVD
NVD
added 2004/04/12 4:0 a.m.17 views

CVE-2004-1932

SQL injection vulnerability in 1 auth.php and 2 admin.php in PHP-Nuke 6.x through 7.2 allows remote attackers to execute arbitrary SQL code and create an administrator account via base64-encoded SQL in the admin parameter...

7.5CVSS8.3AI score0.02067EPSS
Exploits1References3
exploitpack
exploitpack
added 2003/06/08 12:0 a.m.21 views

Apache 2.0.45 - APR Crash

Apache 2.0.45 - APR Crash !/usr/bin/perl Apache 2.0.37 - 2.0.45 APR Exploit Written By Matthew Murphy This Perl script will successfully exploit any un-patched Apache 2.x servers. Base64 Encoder If you want authentication with the server via HTTP's lame Basic auth, put the proper string to encode...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/06/08 12:0 a.m.53 views

Apache 2.0.45 - 'APR' Crash

!/usr/bin/perl Apache 2.0.37 - 2.0.45 APR Exploit Written By Matthew Murphy This Perl script will successfully exploit any un-patched Apache 2.x servers. Base64 Encoder If you want authentication with the server via HTTP's lame Basic auth, put the proper string to encode BASE64 content, and use...

7.4AI score
Exploits0
0day.today
0day.today
added 2003/06/08 12:0 a.m.35 views

Apache <= 2.0.45 APR Remote Exploit -Apache-Knacker.pl

Exploit for linux platform in category remote exploits ====================================================== Apache ; $host =...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2003/05/31 12:0 a.m.36 views

W3Mail multiple bugs

delete.cgi invokes external program though system call without escaping shell characters. It's possible to change server configuration without administrator's permissions. All passwords are stored in Base64 encoding...

2.2AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2002/08/16 12:0 a.m.31 views

PHP-Nuke v5.6 - Users can compromise admin accts.

Tested on PHP-Nuke v5.6 with Mozilla on Linux should work on past versions and on most browsers Impact: --------------------------------------------- Allows any user to get admin access to a PHP-Nuke site. Summary: ---------------------------------------------- Due to a XSS flaw in PHPNuke's...

6.1AI score
Exploits0
NVD
NVD
added 2002/07/23 4:0 a.m.16 views

CVE-2002-0670

The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 uses Base64 encoded usernames and passwords for HTTP basic authentication, which allows remote attackers to steal and easily decode the passwords via sniffing...

7.5CVSS6.8AI score0.01635EPSS
Exploits0References3
Cvelist
Cvelist
added 2002/07/15 4:0 a.m.17 views

CVE-2002-0670

The web interface for Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 uses Base64 encoded usernames and passwords for HTTP basic authentication, which allows remote attackers to steal and easily decode the passwords via sniffing...

6.8AI score0.01635EPSS
Exploits0References3
CVE
CVE
added 2002/07/15 4:0 a.m.53 views

CVE-2002-0670

The CVE-2002-0670 issue affects Pingtel xpressa SIP phones (software versions 1.2.5–1.2.7.4). The web interface uses HTTP Basic authentication with Base64-encoded credentials, allowing remote attackers to sniff and decode usernames/passwords in transit. Documents confirm the risk is tied to unenc...

7.5CVSS6.8AI score0.01635EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2002/03/09 5:0 a.m.57 views

CVE-2001-0692

The vulnerability CVE-2001-0692 affects WatchGuard Firebox SMTP proxy in models 2500 and 4500 running versions 4.5 and 4.6. A remote attacker can bypass firewall filtering by sending a base64 MIME email attachment whose boundary name ends with two dashes, exploiting how the SMTP proxy processes M...

7.5CVSS7AI score0.01786EPSS
Exploits1References4Affected Software2
securityvulns
securityvulns
added 2001/11/22 12:0 a.m.37 views

PhpNuke Admin password can be stolen !

PhpNuke Admin password can be stolen ! by Cabezon Aurйlien | [email protected] http://www.isecurelabs.com/article.php?sid=229 FR VERSION + screen shot Vulnerable : PhpNuke 5.1 Other version : not tested PostNuke : not tested 1 Introduction I have found a way to stole PhpNuke Admin...

6.8AI score
Exploits0
securityvulns
securityvulns
added 2001/11/22 12:0 a.m.27 views

Слабое шифрование в PHP-Nuke &#40;weak encryption&#41;

Вместо исопльзование сеансовых cookie, cookie содержат пароль администратора в base64...

1AI score
Exploits0References1Affected Software1
Packet Storm
Packet Storm
added 2001/11/22 12:0 a.m.24 views

php-nuke.5.1.txt

PhpNuke Admin password can be stolen ! by Cabezon Aurélien | [email protected] http://www.isecurelabs.com/article.php?sid=229 FR VERSION + screen shot Vulnerable : PhpNuke 5.1 Other version : not tested PostNuke : not tested 1 Introduction I have found a way to stole PhpNuke Admin...

7.4AI score
Exploits0
Rows per page
Query Builder