vantage6-server node accepts non-whitelisted algorithms from malicious server

Impact A node does not check if an image is allowed to run if a parentid is set. A malicious party that breaches the server may modify it to set a fake parentid and send a task of a non-whitelisted algorithm. The node will then execute it because the parentid that is set prevents checks from bein...

CVE-2001-1425

The challenge-response authentication of the EXPERT user for Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 allows remote attackers to gain privileges by directly computing the response based on information that is provided by the device during login...