203 matches found
GLSA-200502-12 : Webmin: Information leak in Gentoo binary package
The remote host is affected by the vulnerability described in GLSA-200502-12 Webmin: Information leak in Gentoo binary package Tavis Ormandy of the Gentoo Linux Security Audit Team discovered that the Webmin ebuild contains a design flaw. It imports the encrypted local root password into the...
Linux ncpfs Local Exploit
Exploit for linux platform in category local exploits ========================= Linux ncpfs Local Exploit ========================= !/bin/sh Had to remove local -r to get it to work via sh on my box Root's encrypted password was in toupper form but the super stated it worked fine for him Gentoo...
[UNIX] WebAPP Directory Traversal and Encrypted DES Disclosure
The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com - - promotion The SecuriTeam alerts list - Free, Accurate, Independent. Get your security news from a reliable source...
WebAPP directory traversal and ability to retrieve the DES encrypted password hash
WebAPP is advertised as the internet's most feature rich, easy to run PERL based portal system. Its home site is at http://www.web-app.org/ Some features are : -Easy to Install on standard Unix servers! Windows user-supported only! -User Profiles -Message forums -Private messaging between members...
Mandrake Linux Security Advisory : samba (MDKSA-2002:081)
A vulnerability in samba versions 2.2.2 through 2.2.6 was discovered by the Debian samba maintainers. A bug in the length checking for encrypted password change requests from clients could be exploited using a buffer overrun attack on the smbd stack. This attack would have to crafted in such a wa...
Spaiz-Nuke/PHP-nuke multiple bugs
SQL injection during authentication, SQL injection in web-link module, SQL injection in download module, access with encrypted password...
CVE-2003-0493
Snitz Forums 3.4.03 and earlier allows attackers to gain privileges as other users by stealing and replaying the encrypted password after obtaining a valid session ID...
CVE-2003-0493
Snitz Forums 3.4.03 and earlier allows attackers to gain privileges as other users by stealing and replaying the encrypted password after obtaining a valid session ID...
CVE-2002-1318
Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string...
DEBIAN-CVE-2002-1318
Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string...
CVE-2002-0790
clchkspuser and clpasswdremote in AIX expose an encrypted password in the cspoc.log file, which could allow local users to gain privileges...
CVE-2001-1151
Affected product : Trend Micro OfficeScan Corporate Edition (Virus Buster Corporate Edition). Vulnerability : Remote disclosure of sensitive configuration data via unauthenticated access to /officescan/hotdownload, specifically reading the configuration file ofcscan.ini which contains a weakly en...
Vulnerabilty in PaintBBS v1.2
PaintBBS Server v1.2 Advisory Author: John Bissell A.K.A. HighT1mes Vulnerable: PaintBBS Server Ver.1.2 Build 010514 Impact: PaintBBS Server 0wn3d Release Date: January, 22, 2002 Contact: [email protected] Vendor Homepage: http://www.ax.sakura.ne.jp/aotama/...
CVE-1999-1073
Technical details about CVE-1999-1073 are not publicly provided in the supplied documents. Monitor for updates from NVD/CVE listings.
CVE-1999-1072
Excite for Web Servers EWS 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted password in an HTTP request to AT-generated.cgi or AT-admin.cgi...
CVE-1999-1072
Excite for Web Servers (EWS) 1.1 is affected by a local-privilege escalation where an attacker who can read Architext.conf (world-readable) can obtain the encrypted password and replay it in an HTTP request to AT-generated.cgi or AT-admin.cgi to gain privileges. Root cause: the password is stored...
SSH Secure Shell sshd2 does not adequately authenticate logins to accounts with encrypted password fields containing two or fewer characters
Overview A vulnerability exists in SSH Secure Shell that allows an intruder to log to an account which contains a stored encrypted password of two or fewer characters in length. An intruder may leverage the privileges of such an account to gain full control of the system. Description Certain Unix...
MySQL < 3.23.36 Multiple Vulnerabilities
The installed version of MySQL is older than version 3.23.36. Such versions are potentially affected by multiple vulnerabilities : - It is possible to modify arbitrary files and gain privileges by creating a database with '..' characters. CVE-2001-0407 - Users with a MySQL account can use the 'SH...
Дырка в Banner Rotation 01
Файл adpassword.txt открытый на чтение содаржит шифрованный DES пароль администрирования. Кроме того по-умолчанию используется пароль admin...
excite-web.txt
Date: Mon, 30 Nov 1998 17:20:04 -0600 From: Michael Gerdts Subject: Security bugs in Excite for Web Servers 1.1 On November 11 I reported the folloing problmes to [email protected]. I have only recieved an automated reply. I have found numerous security concerns with EWS 1.1 which can lead to an...