429 matches found
Unauthorized access via Xerox DocuTech
Default system settings and admin password...
Beck GmbH IPC@Chip FtpD allows an attacker to gain access to the device
Overview There is a vulnerability in the Beck IPC@CHIP that allows an attacker to gain access to the device. Description The Beck IPC@CHIP is a single chip embedded webserver. This device also contains an ftp server that is configured by default to allow anonymous access. Additionally, the device...
Beck GmbH IPC@CHIP HTTPD vulernable to arbitrary file disclosure
Overview The Beck IPC@CHIP web server permits intruders to access files outside the web root. Description The Beck IPC@CHIP is a single chip embedded webserver. The Web Server's root directory is set to / by default. Because of this default setting, an attacker can download arbitrary files from a...
Netscape E.S. Web Publisher ACL Vulnerabilities
Vendor: Netscape Product: Enterprise Server 3.5.1 and others? Specifics: Netscape Web Publisher Vulnerability Briefing: A very wide problem with ACL settings and default settings with Netscape Enterprise Server Publisher. Description: With the default installation of Netscape Enterprise Server...
WinVNC 3.3.x
So, you use WinVNC and Windows NT4 Workstation/Server...? During the InstallShield setup utility, it creates the registry key: HKEYLOCALMACHINESoftwareORLWinVNC3 which is used to store all of WinVNC's default settings. By default, Administrator and SYSTEM have full control, and Everybody has...
CVE-1999-0725
When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote attacker to view the source code of certain files, a.k.a. "Double Byte Code Page"...
oracle.8.passwd.txt
Date: Thu, 4 Mar 1999 15:44:37 -0600 From: James Kivisild To: [email protected] Subject: Oracle Plaintext Password I now know this has been mentioned before, however I've gotten a large number of responses from people about Oracle problems similar to this. As a first time Oracle installer, I...
cobalt.raq.txt
Date: Thu, 25 Feb 1999 07:59:30 -0700 MST From: mea culpa To: InfoSec News Subject: ISN Teenager Finds Web-server hole. Forwarded From: William Knowles http://www.wired.com/news/printversion/technology/story/18109.html?wnpg=all Wired.com 2.25.99 A 17-year-old Pennsylvania high school student has...
WinGate Passwordless Default Installation
Wingate is a program that allows a Windows98 computer to act as a proxy. Unfortunately, the default configuration is too permissive and allows anyone to use this computer to connect anywhere, thus hiding the real IP address. This WinGate server does not ask for any passwords, and thus can be used...