53 matches found
EUVD-2002-0344
Malware in sbrugna...
EUVD-2002-0345
Malware in sbrugna...
EUVD-2002-0343
Malware in sbrugna...
EUVD-1999-0408
Malware in sbrugna...
EUVD-1999-1511
Malware in sbrugna...
CVE-1999-0408
Files created from interactive shell sessions in Cobalt RaQ microservers e.g. .bashhistory are world readable, and thus are accessible from the web server...
Cobalt RaQ 2.0/3.0,qpopper 2.52/2.53 'EUIDL' Format String Input Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1242/info A vulnerability exists in version 2.53 and prior of qpopper, a popular POP server, from Qualcomm. By placing machine executable code in the X-UIDL header field, supplying formatting strings in the From: field in...
Cobalt RaQ authenticate Local Privilege Escalation Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/5695/info Sun has released an advisory warning that it is possible for local users to escalate priveleges on Sun/Cobalt RaQ or Qube systems, by exploiting a vulnerability located in /usr/lib/authenticate. !/bin/sh Cobalt...
Sun Cobalt RaQ 1.1/2.0/3.0/4.0 Message.CGI Cross-Site Scripting Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/8757/info A problem with message.cgi script used by Cobalt RaQ appliances could lead to cross-site scripting. This could result in attacks attempting to steal authentication information...
Cobalt RaQ 2.0/3.0/4.0 XTR MultiFileUpload.php Authentication Bypass Vulnerability (1)
No description provided by source. source: http://www.securityfocus.com/bid/4252/info Cobalt RaQ is a server appliance for Internet-based services. It is distributed and maintained by Sun Microsystems. The 'MultiFileUpload.php' script is not sufficiently protected from outside access. While other...
Cobalt RaQ 2.0/3.0 Apache .htaccess Disclosure Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/1083/info The default configuration of Cobalt Raq2 and Raq3 servers allows remote access to .htaccess files. This could lead to unauthorized retrieval of username and password information for restricted portions of a...
Cobalt RaQ 2.0/3.0/4.0 XTR MultiFileUpload.php Authentication Bypass Vulnerability (2)
No description provided by source. source: http://www.securityfocus.com/bid/4252/info Cobalt RaQ is a server appliance for Internet-based services. It is distributed and maintained by Sun Microsystems. The 'MultiFileUpload.php' script is not sufficiently protected from outside access. While other...
Sun Cobalt RAQ Server Detection
Binary data 2741.prm...
CVE-2002-1361
overflow.cgi CGI script in Sun Cobalt RaQ 4 with the SHP Security Hardening Patch installed allows remote attackers to execute arbitrary code via a POST request with shell metacharacters in the email parameter...
CVE-2002-1361
CVE-2002-1361 affects Sun Cobalt RaQ4 with the Security Hardening Patch (SHP) installed. The overflow.cgi CGI script did not properly filter input, allowing a POST to set the email parameter to shell metacharacters and enabling remote code execution with superuser privileges. Public sources descr...
Cobalt RAQ alert.cgi XSS
Binary data 1640.prm...
Sun Cobalt RaQ 1.12.03.04.0 - Message.cgi Cross-Site Scripting
Sun Cobalt RaQ 1.12.03.04.0 - Message.cgi Cross-Site Scripting source: https://www.securityfocus.com/bid/8757/info A problem with message.cgi script used by Cobalt RaQ appliances could lead to cross-site scripting. This could result in attacks attempting to steal authentication information...
[Full-Disclosure] Sun Cobalt RaQ Control Panel Multiple Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sun Cobalt RaQ Control Panel Multiple Vulnerabilities - ------ PRODUCT: Cobalt RaQ Web Control Panel VENDOR: Sun - Cobal Networks VULNERABLE VERSIONS: - Sun Cobalt RaQ Servers Web Control Panel T.I.N.P - Tested in a default configurated Sun Cobalt RaQ...
Sun Cobalt RaQ Control Panel crossite scripting
Crossite scripting in message.cgi...
Sun Cobalt RaQ 1.1/2.0/3.0/4.0 - 'Message.cgi' Cross-Site Scripting
source: https://www.securityfocus.com/bid/8757/info A problem with message.cgi script used by Cobalt RaQ appliances could lead to cross-site scripting. This could result in attacks attempting to steal authentication information...