34 matches found
EUVD-2010-0582
Malware in sbrugna...
EUVD-2010-0584
Malware in sbrugna...
EUVD-2010-0585
Malware in sbrugna...
EUVD-2010-0581
Malware in sbrugna...
CVE-2010-0550
admin.htm in Geo++ GNCASTER 1.4.0.7 and earlier does not properly enforce HTTP Digest Authentication, which allows remote authenticated users to use HTTP Basic Authentication, bypassing intended server policy...
CVE-2010-0552
Geo++ GNCASTER 1.4.0.7 and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via multiple requests for a non-existent file using a long URI...
CVE-2010-0554
The HTTP Authentication implementation in Geo++ GNCASTER 1.4.0.7 and earlier uses the same nonce for all authentication, which allows remote attackers to hijack web sessions or bypass authentication via a replay attack...
CVE-2010-0551
HTTP authentication implementation in Geo++ GNCASTER 1.4.0.7 and earlier allows remote attackers to read authentication headers of other users via a large request with an incorrect authentication attempt, which includes sensitive memory in the response. NOTE: this is referred to as a "memory leak...
CVE-2010-0553
Geo++ GNCASTER 1.4.0.7 and earlier allows remote authenticated users to cause a denial of service application crash and possibly execute arbitrary code via a long NMEA data sentence...
Authentication flaw
admin.htm in Geo++ GNCASTER 1.4.0.7 and earlier does not properly enforce HTTP Digest Authentication, which allows remote authenticated users to use HTTP Basic Authentication, bypassing intended server policy...
Design/Logic Flaw
HTTP authentication implementation in Geo++ GNCASTER 1.4.0.7 and earlier allows remote attackers to read authentication headers of other users via a large request with an incorrect authentication attempt, which includes sensitive memory in the response. NOTE: this is referred to as a "memory leak...
Code injection
Geo++ GNCASTER 1.4.0.7 and earlier allows remote attackers to cause a denial of service application crash and possibly execute arbitrary code via multiple requests for a non-existent file using a long URI...
Authentication flaw
The HTTP Authentication implementation in Geo++ GNCASTER 1.4.0.7 and earlier uses the same nonce for all authentication, which allows remote attackers to hijack web sessions or bypass authentication via a replay attack...
Code injection
Geo++ GNCASTER 1.4.0.7 and earlier allows remote authenticated users to cause a denial of service application crash and possibly execute arbitrary code via a long NMEA data sentence...
CVE-2010-0550
The CVE-2010-0550 entry affects Geo++ GNCASTER 1.4.0.7 and earlier. The root issue is a faulty enforcement of HTTP Digest Authentication, allowing remote authenticated users to fall back to HTTP Basic Authentication and bypass the intended server policy. The connected sources confirm the affected...
CVE-2010-0553
CVE-2010-0553 affects Geo++ GNCASTER (versions up to and including 1.4.0.7). The issue allows remote authenticated users to trigger a denial of service (application crash) and possibly execute arbitrary code via a long NMEA data sentence. The NVD entry records a NETWORK attack vector with LOW com...
CVE-2010-0553
Geo++ GNCASTER 1.4.0.7 and earlier allows remote authenticated users to cause a denial of service application crash and possibly execute arbitrary code via a long NMEA data sentence...
CVE-2010-0550
admin.htm in Geo++ GNCASTER 1.4.0.7 and earlier does not properly enforce HTTP Digest Authentication, which allows remote authenticated users to use HTTP Basic Authentication, bypassing intended server policy...
CVE-2010-0552
CVE-2010-0552 affects Geo++ GNCASTER 1.4.0.7 and earlier. Remote attackers can cause a denial of service (application crash) and possibly execute arbitrary code by issuing multiple requests for a non-existent file using a long URI. Root cause indicated is improper handling of long URLs leading to...
CVE-2010-0554
The CVE-2010-0554 entry concerns Geo++ GNCASTER, affected in versions 1.4.0.7 and earlier. The HTTP Authentication implementation uses the same nonce for all authentication attempts, enabling replay attacks that can hijack web sessions or bypass authentication. This is the root cause: nonce reuse...