3685 matches found
Sun Management Center 3.03.5 - Error Message Information Disclosure
Sun Management Center 3.03.5 - Error Message Information Disclosure source: https://www.securityfocus.com/bid/8873/info A problem in the handling of error messages has been identified in Sun Management Center. Because of this, an attacker may be able to gain sensitive information about vulnerable...
Microsoft Security Bulletin MS03-034: Flaw in NetBIOS Could Lead to Information Disclosure (Q824105)
-----BEGIN PGP SIGNED MESSAGE----- - ---------------------------------------------------------------------- Title: Flaw in NetBIOS Could Lead to Information Disclosure 824105 Date: 03 September 2003 Software: - Microsoft Windows NT 4.0 Server - Microsoft Windows NT 4.0, Terminal Server Edition -...
Authentication data leak in Congueror
Referer: field may contain URL with authentication data...
Linux ICMP information leak
Because of invalid size calculation for SMTP packet with error code, it contains data from memory...
[FTP Voyager] File List Buffer Overflow Vulnerability
----------------------------------------------------------------------- SUMMARY : FTP Voyager File List Buffer Overflow Vulnerability PRODUCT : FTP Voyager VERSIONS : 9.1.0.3 10.0.0.0 VENDOR : Rhino Software http://www.rhinosoft.com/ SEVERITY : Critical. Code Execution. DISCOVERED BY : nesumin...
CVE-2002-0120
Apple Palm Desktop 4.0b76 and 4.0b77 are affected by CVE-2002-0120: during a hotsync, world-readable backup files/folders can be created, allowing a local user to access sensitive information. The underlying cause is not detailed in the provided documents beyond the behavior. Exploitation status ...
Nokia SGSN DX200 - Remote SNMP Information Disclosure
Nokia SGSN DX200 - Remote SNMP Information Disclosure source: https://www.securityfocus.com/bid/7081/info It has been reported that some models of the SGSN made by Nokia do not properly handle remote requests for information. Vulnerable devices may disclose sensitive information which could enabl...
fws160.txt
Multible vulnerabilities found in Forum Web Server v1.60 http://www.minihttpserver.net Discovered by Dennis Rand www.Infowarfare.dk ------------------------------------------------------------------------ SUMMARY WebForums Server allows you to setup a bulletin board and photo/file xchange web...
FreeBSD-SA-02:39.libkvm
-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-02:39.libkvm Security Advisory The FreeBSD Project Topic: Applications using libkvm may leak sensitive descriptors Category: core Module: libkvm Announced: 2002-09-16...
CVE-2002-0770
Quake 2 Q2 server 3.20 and 3.21 allows remote attackers to obtain sensitive server cvar variables, obtain directory listings, and execute Q2 server admin commands via a client that does not expand "$" macros, which causes the server to expand the macros and leak the information, as demonstrated...
Information leak in Oracle Reports Server
It's possible to obtain system data...
CVE-2002-0409
CVE-2002-0409 involves an issue in orderdetails.aspx used as example code for Microsoft .NET developers, where an attacker can view other users’ orders by tampering the OrderID parameter. The description from NVD/CVE records states that remote attackers can access another user’s orders due to the...
CVE-2002-0524
The CVE-2002-0524 entry affects ASP-Nuke RC2 and earlier . The vulnerability arises from error messages that disclose the server’s absolute path when attackers trigger two conditions: (1) calling database-inc.asp with incorrect cookies, or (2) calling Post.asp with certain arguments. This results...
CVE-2001-0327
The CVE-2001-0327 issue affects iPlanet Web Server Enterprise Edition 4.1 and earlier. It is an information-disclosure vulnerability in which a remote attacker can exploit a crafted URL-encoded Host: header in HTTP requests, causing the server to reveal data from memory in the Location: header. R...
CVE-1999-1259
Technical details about CVE-1999-1259 are not publicly available in the provided documents beyond the high-level description of Office 98 disk space handling; monitor for updates.
CVE-1999-1188
The CVE affects MySQL 3.21, where mysqld creates log files with world-readable permissions. This exposes passwords for newly created users to local users who can read those logs. The issue is a local-privilege-information-disclosure risk due to improper file permissions, allowing exposure of sens...
Cisco Security Advisory: Data Leak with Cisco Express Forwarding
-----BEGIN PGP SIGNED MESSAGE----- Cisco Security Advisory: Data Leak with Cisco Express Forwarding Enabled Revision 1.0 For Public Release 2002 February 27 08:00 UTC -0800 - -------------------------------------------------------------------------- Summary ======= All Cisco devices running Cisco...
Data Leak with Cisco Express Forwarding Enabled
...
Oracle 9iAS allows access to CGI script source code within CGI-BIN directory
Overview Oracle 9i Application Server 9iAS allows remote anonymous users to view source code in CGI scripts stored in the Apache cgi-bin. Attackers may analyze these scripts to discover usernames, passwords, or other proprietary data or methods. Description The default Apache configuration file i...
Утечка данных из RealServer
При обращении по URL вида http://targetserver/admin/includes/ сервер выдает данные из оперативной памяти, которые могут содержать важную информацию...