17 matches found
EUVD-2011-3653
Malware in sbrugna...
CVE-2011-3694
The Server Administration Console in NetSaro Enterprise Messenger Server 2.0 allows remote attackers to read application source code by appending a %00 character to a URL...
SQL Injection Vulnerability in Enterprise Messenger Operational SMS Platforms
Enterprise Messenger Operational SMS platform is a set of SMS operation system. The product suffers from an SQL injection vulnerability, which can be exploited by attackers to obtain sensitive database information...
CVE-2011-3694
The Server Administration Console in NetSaro Enterprise Messenger Server 2.0 allows remote attackers to read application source code by appending a %00 character to a URL...
Code injection
The Server Administration Console in NetSaro Enterprise Messenger Server 2.0 allows remote attackers to read application source code by appending a %00 character to a URL...
Information disclosure
NetSaro Enterprise Messenger Server 2.0 stores cleartext console credentials in configuration.xml, which allows local users to obtain sensitive information by reading this file and performing a base64 decoding step...
Code injection
NetSaro Enterprise Messenger Server 2.0 allows local users to discover cleartext server credentials by reading the NetSaro.fdb file...
CVE-2011-3694
The CVE-2011-3694 entry concerns NetSaro Enterprise Messenger Server 2.0. The vulnerability is in the Server Administration Console, where appending a null byte (%00) to a URL can cause the server to disclose application source code. This is described consistently across the CVE listing and Red H...
CVE-2011-3693
CVE-2011-3693 affects NetSaro Enterprise Messenger Server 2.0. The vulnerability arises because credentials are stored in the NetSaro.fdb file, which local users can read, leading to cleartext server credentials exposure. The impact is partial confidentiality loss on a local basis; attack vector ...
CVE-2011-3692
CVE-2011-3692 affects NetSaro Enterprise Messenger Server 2.0. The issue is information disclosure: the product stores cleartext console credentials in configuration.xml, allowing local users to read the file and decode credentials via base64. The NVD entry lists a low severity (CVSS v2 base scor...
CVE-2011-3692
NetSaro Enterprise Messenger Server 2.0 stores cleartext console credentials in configuration.xml, which allows local users to obtain sensitive information by reading this file and performing a base64 decoding step...
NetSaro Enterprise Messenger 2.0 - Multiple Vulnerabilities
NetSaro Enterprise Messenger 2.0 - Multiple Vulnerabilities =================================================== Secur-I Research Group Security Advisory SV-2011-004 =================================================== Title: NetSaro Enterprise Messenger v2.0 Multiple Vulnerabilities Product:...
NetSaro Enterprise Messenger Server Administration Console Source Code Disclosure
Vulnerability title: NetSaro Enterprise Messenger Server Administration Console Null Byte Request Source Code Disclosure CVSS Risk Rating: 5 Medium Product: NetSaro Enterprise Messenger Server Application Vendor: SEM Software Vendor URL: http://www.netsaro.com/ Public disclosure date: 8/22/2011...
NetSaro Enterprise Messenger Server Source Code Disclosure Vulnerability
NetSaro Enterprise Messenger Server is prone to source code disclosure vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
NetSaro Enterprise Messenger Server Plaintext Password Storage Vulnerability
NetSaro Enterprise Messenger Server is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NetSaro Enterprise Messenger Server Plaintext Password Storage Vulnerability
NetSaro Enterprise Messenger Server Plaintext Password Storage Vulnerability CVSS Risk Rating: 4.6 Medium Product: NetSaro Enterprise Messenger Server Application Vendor: SEM Software Vendor URL: http://www.netsaro.com/ Public disclosure date: 8/15/2011 Discovered by: Rob Kraus, Jose Hernandez, a...
NetSaro Enterprise Messenger Server Administration Console Weak Cryptographic Password Storage Vulnerability
NetSaro Enterprise Messenger Server Administration Console Weak Cryptographic Password Storage Vulnerability CVSS Risk Rating: 4.6 Medium Product: NetSaro Enterprise Messenger Server Application Vendor: SEM Software Vendor URL: http://www.netsaro.com/ Public disclosure date: 8/15/2011 Discovered...