PT-2010-4286

Name of the Vulnerable Software and Affected Versions Siemens Simatic WinCC and PCS 7 SCADA system affected versions not specified Description The issue concerns a hard-coded password in the system, allowing local users to access a back-end database and gain privileges. This has been demonstrated...

CVE-2010-2073

authdbconfig.py in Pyftpd 0.8.4 contains hard-coded usernames and passwords for the 1 test, 2 user, and 3 roxon accounts, which allows remote attackers to read arbitrary files from the FTP server...

CVE-2010-2073

authdbconfig.py in Pyftpd 0.8.4 contains hard-coded usernames and passwords for the 1 test, 2 user, and 3 roxon accounts, which allows remote attackers to read arbitrary files from the FTP server...

CVE-2010-2073

authdbconfig.py in Pyftpd 0.8.4 contains hard-coded usernames and passwords for the 1 test, 2 user, and 3 roxon accounts, which allows remote attackers to read arbitrary files from the FTP server...

CVE-2010-2073

CVE-2010-2073 affects Pyftpd 0.8.4, where auth_db_config.py contains hard-coded usernames and passwords (test, user, roxon). This enables remote attackers to read arbitrary files from the FTP server due to hard-coded credentials. The issue is documented across multiple sources (NVD entry for CVE-...

CVE-2010-2073

authdbconfig.py in Pyftpd 0.8.4 contains hard-coded usernames and passwords for the 1 test, 2 user, and 3 roxon accounts, which allows remote attackers to read arbitrary files from the FTP server...

CVE-2010-2073

Removed by vendor...

PT-2010-3684 · Pyftpd · Pyftpd

Name of the Vulnerable Software and Affected Versions: Pyftpd version 0.8.4 Description: The issue concerns hard-coded usernames and passwords in the auth db config.py file for the test, user, and roxon accounts. This allows remote attackers to read arbitrary files from the FTP server...

CVE-2010-1573

Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded username Gemtek and password gemtekswd for a debug interface for certain web pages, which allows remote attackers to execute arbitrary commands via the 1 data1, 2 data2, or 3 data3 parameters to a Debugcommandpage.asp and b debug.cgi...

CVE-2010-1573

Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded username Gemtek and password gemtekswd for a debug interface for certain web pages, which allows remote attackers to execute arbitrary commands via the 1 data1, 2 data2, or 3 data3 parameters to a Debugcommandpage.asp and b debug.cgi...

PT-2010-3244 · Linksys · Linksys Wap54Gv3

Name of the Vulnerable Software and Affected Versions: Linksys WAP54Gv3 firmware versions 3.04.03 and earlier Description: The issue allows remote attackers to execute arbitrary commands due to the use of hard-coded credentials for a debug interface on certain web pages. Specifically, the...

IBM Cognos Express Server Backdoor Account Remote Code Execution

Added: 05/25/2010 CVE: CVE-2010-0557 BID: 38084 OSVDB: 62118 Background IBM Cognos Express is an integrated business intelligence BI and planning solution which delivers the essential reporting, analysis, dashboard, scorecard, planning, budgeting and forecasting capabilities that midsize companie...

IBM Cognos Express Server Backdoor Account Remote Code Execution

Added: 05/25/2010 CVE: CVE-2010-0557 BID: 38084 OSVDB: 62118 Background IBM Cognos Express is an integrated business intelligence BI and planning solution which delivers the essential reporting, analysis, dashboard, scorecard, planning, budgeting and forecasting capabilities that midsize companie...

IBM Cognos Express Server Backdoor Account Remote Code Execution

Added: 05/25/2010 CVE: CVE-2010-0557 BID: 38084 OSVDB: 62118 Background IBM Cognos Express is an integrated business intelligence BI and planning solution which delivers the essential reporting, analysis, dashboard, scorecard, planning, budgeting and forecasting capabilities that midsize companie...

IBM Cognos Express Server Backdoor Account Remote Code Execution

Added: 05/25/2010 CVE: CVE-2010-0557 BID: 38084 OSVDB: 62118 Background IBM Cognos Express is an integrated business intelligence BI and planning solution which delivers the essential reporting, analysis, dashboard, scorecard, planning, budgeting and forecasting capabilities that midsize companie...

CVE-2009-4781

TUKEVA Password Reminder before 1.0.0.4 uses a hard-coded password for rem.accdb, which allows local users to discover credentials via a DBI connection...

CVE-2009-4781

TUKEVA Password Reminder (before version 1.0.0.4) stores a hard-coded password for rem.accdb, enabling local users to discover credentials via a DBI connection. Affected: TUKEVA Password Reminder

CVE-2009-4781

TUKEVA Password Reminder before 1.0.0.4 uses a hard-coded password for rem.accdb, which allows local users to discover credentials via a DBI connection...

PT-2010-1590 · Tukeva · Tukeva Password Reminder

Name of the Vulnerable Software and Affected Versions: TUKEVA Password Reminder version 1.0.0.3 and earlier Description: The issue allows local users to discover credentials due to a hard-coded password for rem.accdb. This can be achieved via a DBI connection. Recommendations: For versions prior ...

TEKUVA Authentication Bypass

!/usr/bin/perl Exploit: TEKUVA Password Reminder Authentication Bypass Date: 11/19/2009 Author: iqlusion [email protected] Software Link: http://download.cnet.com/Password-Reminder/3000-20644-10966598.html Version: 1.0.0.1 Info: TEKUVA Password Reminder is a password vault that allows you to...