10 matches found
CVE-2011-3694
The Server Administration Console in NetSaro Enterprise Messenger Server 2.0 allows remote attackers to read application source code by appending a %00 character to a URL...
CVE-2011-3694
The Server Administration Console in NetSaro Enterprise Messenger Server 2.0 allows remote attackers to read application source code by appending a %00 character to a URL...
Code injection
The Server Administration Console in NetSaro Enterprise Messenger Server 2.0 allows remote attackers to read application source code by appending a %00 character to a URL...
CVE-2011-3692
CVE-2011-3692 affects NetSaro Enterprise Messenger Server 2.0. The issue is information disclosure: the product stores cleartext console credentials in configuration.xml, allowing local users to read the file and decode credentials via base64. The NVD entry lists a low severity (CVSS v2 base scor...
CVE-2011-3694
The CVE-2011-3694 entry concerns NetSaro Enterprise Messenger Server 2.0. The vulnerability is in the Server Administration Console, where appending a null byte (%00) to a URL can cause the server to disclose application source code. This is described consistently across the CVE listing and Red H...
NetSaro Enterprise Messenger 2.0 - Multiple Vulnerabilities
NetSaro Enterprise Messenger 2.0 - Multiple Vulnerabilities =================================================== Secur-I Research Group Security Advisory SV-2011-004 =================================================== Title: NetSaro Enterprise Messenger v2.0 Multiple Vulnerabilities Product:...
NetSaro Enterprise Messenger Server Source Code Disclosure Vulnerability
NetSaro Enterprise Messenger Server is prone to source code disclosure vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
NetSaro Enterprise Messenger Server Plaintext Password Storage Vulnerability
NetSaro Enterprise Messenger Server is prone to a security bypass vulnerability. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NetSaro Enterprise Messenger Server Plaintext Password Storage Vulnerability
NetSaro Enterprise Messenger Server Plaintext Password Storage Vulnerability CVSS Risk Rating: 4.6 Medium Product: NetSaro Enterprise Messenger Server Application Vendor: SEM Software Vendor URL: http://www.netsaro.com/ Public disclosure date: 8/15/2011 Discovered by: Rob Kraus, Jose Hernandez, a...
NetSaro Enterprise Messenger Server Administration Console Weak Cryptographic Password Storage Vulnerability
NetSaro Enterprise Messenger Server Administration Console Weak Cryptographic Password Storage Vulnerability CVSS Risk Rating: 4.6 Medium Product: NetSaro Enterprise Messenger Server Application Vendor: SEM Software Vendor URL: http://www.netsaro.com/ Public disclosure date: 8/15/2011 Discovered...