34 matches found
EUVD-2010-0585
Malware in sbrugna...
EUVD-2010-0581
Malware in sbrugna...
EUVD-2010-0584
Malware in sbrugna...
EUVD-2010-0582
Malware in sbrugna...
CVE-2010-0551
HTTP authentication implementation in Geo++ GNCASTER 1.4.0.7 and earlier allows remote attackers to read authentication headers of other users via a large request with an incorrect authentication attempt, which includes sensitive memory in the response. NOTE: this is referred to as a "memory leak...
CVE-2010-0550
admin.htm in Geo++ GNCASTER 1.4.0.7 and earlier does not properly enforce HTTP Digest Authentication, which allows remote authenticated users to use HTTP Basic Authentication, bypassing intended server policy...
CVE-2010-0554
The HTTP Authentication implementation in Geo++ GNCASTER 1.4.0.7 and earlier uses the same nonce for all authentication, which allows remote attackers to hijack web sessions or bypass authentication via a replay attack...
CVE-2010-0553
Geo++ GNCASTER 1.4.0.7 and earlier allows remote authenticated users to cause a denial of service application crash and possibly execute arbitrary code via a long NMEA data sentence...
CVE-2010-0552
Geo++ GNCASTER 1.4.0.7 and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via multiple requests for a non-existent file using a long URI...
Authentication flaw
The HTTP Authentication implementation in Geo++ GNCASTER 1.4.0.7 and earlier uses the same nonce for all authentication, which allows remote attackers to hijack web sessions or bypass authentication via a replay attack...
Code injection
Geo++ GNCASTER 1.4.0.7 and earlier allows remote authenticated users to cause a denial of service application crash and possibly execute arbitrary code via a long NMEA data sentence...
Authentication flaw
admin.htm in Geo++ GNCASTER 1.4.0.7 and earlier does not properly enforce HTTP Digest Authentication, which allows remote authenticated users to use HTTP Basic Authentication, bypassing intended server policy...
Design/Logic Flaw
HTTP authentication implementation in Geo++ GNCASTER 1.4.0.7 and earlier allows remote attackers to read authentication headers of other users via a large request with an incorrect authentication attempt, which includes sensitive memory in the response. NOTE: this is referred to as a "memory leak...
Code injection
Geo++ GNCASTER 1.4.0.7 and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via multiple requests for a non-existent file using a long URI...
CVE-2010-0554
The HTTP Authentication implementation in Geo++ GNCASTER 1.4.0.7 and earlier uses the same nonce for all authentication, which allows remote attackers to hijack web sessions or bypass authentication via a replay attack...
CVE-2010-0553
Geo++ GNCASTER 1.4.0.7 and earlier allows remote authenticated users to cause a denial of service application crash and possibly execute arbitrary code via a long NMEA data sentence...
CVE-2010-0550
admin.htm in Geo++ GNCASTER 1.4.0.7 and earlier does not properly enforce HTTP Digest Authentication, which allows remote authenticated users to use HTTP Basic Authentication, bypassing intended server policy...
CVE-2010-0551
CVE-2010-0551 affects Geo++ GNCASTER 1.4.0.7 and earlier. The HTTP authentication implementation allows remote attackers to read authentication headers from other users by sending a large request with an incorrect authentication attempt, resulting in memory disclosure (often called a memory leak)...
CVE-2010-0550
The CVE-2010-0550 entry affects Geo++ GNCASTER 1.4.0.7 and earlier. The root issue is a faulty enforcement of HTTP Digest Authentication, allowing remote authenticated users to fall back to HTTP Basic Authentication and bypass the intended server policy. The connected sources confirm the affected...
CVE-2010-0552
CVE-2010-0552 affects Geo++ GNCASTER 1.4.0.7 and earlier. Remote attackers can cause a denial of service (application crash) and possibly execute arbitrary code by issuing multiple requests for a non-existent file using a long URI. Root cause indicated is improper handling of long URLs leading to...