86 matches found
Grandstream GXV3275 SSH Key / Command Execution Vulnerability
Grandstream GXV3275 ships with a default root SSH key which could be used a backdoor. It also suffers from an issue where restricted commands can be leveraged to break out into a full shell. The Grandstream GXV3275 is an Android-based VoIP phone. Several vulnerabilities were found affecting this...
Grandstream GXV3275 SSH Key / Command Execution
The Grandstream GXV3275 is an Android-based VoIP phone. Several vulnerabilities were found affecting this device. The device ships with a default root SSH key, which could be used as a backdoor: /system/root/.ssh cat authorizedkeys Public key portion is: ssh-rsa...
Grandstream GXV3275 < 1.0.3.30 - Multiple Vulnerabilities
The Grandstream GXV3275 is an Android-based VoIP phone. Several vulnerabilities were found affecting this device. The device ships with a default root SSH key, which could be used as a backdoor: /system/root/.ssh cat authorizedkeys Public key portion is: ssh-rsa...
PT-2015-3735 · Red Hat · Red Hat Cloudforms
Name of the Vulnerable Software and Affected Versions: Red Hat CloudForms 3.1 Management Engine CFME version 5.3 Description: The issue concerns the customization template in Red Hat CloudForms, which uses a default password for the root account when no password is specified for a new image. This...
CFME: default fallback password in customization_templates.yml
It was found that the CloudForms Management Engine customization template used a default root password for newly created images if no root password was specified...
MobileIron Virtual Smartphone Platform Privilege Escalation Exploit
No description provided by source. MobileIron Virtual Smartphone Platform Privilege Escalation Exploit 0day ======================================================================== The MobileIron Virtual Smartphone Platform is the first solution to combine data-driven smartphone and tablet...
Sagem Router Fast 3304/3464/3504 Telnet Authentication Bypass
No description provided by source. !/home/bin/python Remote Exploit: SAGEM ROUTER FAST 3304/3464/3504 - Telnet Authentication bypass Date: 15-August-2011 Author: Elouafiq Ali Version: 3304-V1 / 3304-V2 / 3464 / 3504 Tested on: Linux Ubuntu 11.04, Linux Backtrack 5 Tested Router: SAGEM FAST 3304-V...
Cisco UCS Director Default Credentials Vulnerability
Cisco has released a security advisory to address a vulnerability in Cisco Unified Computing System UCS Director. This vulnerability could allow an unauthenticated, remote attacker to take complete control of the affected device due to a default root user account created during installation...
Scientific Linux Security Update : pki-core on SL6.x i386/x86_64 (20130221)
Note: The Certificate Authority component provided by this advisory cannot be used as a standalone server. It is installed and operates as a part of Identity Management the IPA component in Scientific Linux. Multiple cross-site scripting flaws were discovered in Certificate System. An attacker...
Moderate: Red Hat Security Advisory: pki-core security, bug fix and enhancement update
Updated pki-core packages that fix multiple security issues, two bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring System CVSS base score,...
Cisco IP Video Phone E20 Default Root Account
THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...
Sagem Router Fast 330434643504 - Telnet Authentication Bypass
Sagem Router Fast 330434643504 - Telnet Authentication Bypass !/home/bin/python Remote Exploit: SAGEM ROUTER FAST 3304/3464/3504 - Telnet Authentication bypass Date: 15-August-2011 Author: Elouafiq Ali Version: 3304-V1 / 3304-V2 / 3464 / 3504 Tested on: Linux Ubuntu 11.04, Linux Backtrack 5 Teste...
CVE-2011-1623
Cisco Media Processing Software before 1.2 on Media Experience Engine MXE 5600 devices has a default root password, which makes it easier for context-dependent attackers to obtain access via 1 the local console, 2 an SSH session, or 3 a TELNET session, aka Bug ID CSCto77737...
Default credentials
Cisco Media Processing Software before 1.2 on Media Experience Engine MXE 5600 devices has a default root password, which makes it easier for context-dependent attackers to obtain access via 1 the local console, 2 an SSH session, or 3 a TELNET session, aka Bug ID CSCto77737...
CVE-2011-1623
Cisco Media Processing Software before 1.2 on Media Experience Engine MXE 5600 devices has a default root password, which makes it easier for context-dependent attackers to obtain access via 1 the local console, 2 an SSH session, or 3 a TELNET session, aka Bug ID CSCto77737...
CVE-2009-1745
Armorlogic Profense Web Application Firewall before 2.2.22, and 2.4.x before 2.4.4, has a default root password hash, and permits password-based root logins over SSH, which makes it easier for remote attackers to obtain access...
CVE-2008-5104
Ubuntu 6.06 LTS, 7.10, 8.04 LTS, and 8.10, when installed as a virtual machine by 1 python-vm-builder or 2 ubuntu-vm-builder in VMBuilder 0.9 in Ubuntu 8.10, have ! exclamation point as the default root password, which allows attackers to bypass intended login restrictions...
CVE-2008-5104
Ubuntu 6.06 LTS, 7.10, 8.04 LTS, and 8.10, when installed as a virtual machine by 1 python-vm-builder or 2 ubuntu-vm-builder in VMBuilder 0.9 in Ubuntu 8.10, have ! exclamation point as the default root password, which allows attackers to bypass intended login restrictions...
CVE-2008-5104
CVE-2008-5104 describes a default root password vulnerability in VMBuilder-based workflows on Ubuntu 6.06 LTS/7.10/8.04 LTS/8.10 when VM images are created with VMBuilder 0.9 in Ubuntu 8.10 (via python-vm-builder or ubuntu-vm-builder). The root password is set to !, allowing an attacker with acce...
CVE-2008-5104
Ubuntu 6.06 LTS, 7.10, 8.04 LTS, and 8.10, when installed as a virtual machine by 1 python-vm-builder or 2 ubuntu-vm-builder in VMBuilder 0.9 in Ubuntu 8.10, have ! exclamation point as the default root password, which allows attackers to bypass intended login restrictions...