Barracuda Networks垃圾邮件防火墙多个安全漏洞

Barracuda Spam Firewall是用于保护邮件服务器的集成硬件和软件垃圾邮件解决方案。 Barracuda垃圾邮件防火墙Login.pm脚本中的guest帐号有硬编码的口令bnadmin99。尽管guest帐号仅有有限的访问能力，但还是可以获取以下信息： 系统配置，包括IP地址、管理员IP ACL； 邮件消息日志（但没有消息的内容）； 垃圾邮件/杀毒定义的版本信息和系统固件版本。...

CVE-2006-5038

The FiWin SS28S WiFi VoIP SIP/Skype Phone, firmware version 010207, has a hard-coded username and password, which allows remote attackers to gain administrative access via telnet...

CVE-2006-4001

Login.pm in Barracuda Spam Firewall BSF 3.3.01.001 through 3.3.03.053 contains a hard-coded password for the guest account, which allows remote attackers to read sensitive information such as e-mail logs, and possibly e-mail contents and the admin password...

CVE-2006-4001

Login.pm in Barracuda Spam Firewall BSF 3.3.01.001 through 3.3.03.053 contains a hard-coded password for the guest account, which allows remote attackers to read sensitive information such as e-mail logs, and possibly e-mail contents and the admin password...

Barracuda Spam Firewall Default Credentials

The firmware version of the Barracuda Spam Firewall detected on the remote device contains a hard-coded password for the 'guest' user account. Additionally, the device reportedly also contains a hard-coded password for the 'admin' account as well as the device fails to properly filter user-suppli...

CVE-2006-3286

The internal database in Cisco Wireless Control System WCS for Linux and Windows before 3.263 stores a hard-coded username and password in plaintext within unspecified files, which allows remote authenticated users to access the database aka bug CSCsd15951...

CVE-2006-3286

The internal database in Cisco Wireless Control System WCS for Linux and Windows before 3.263 stores a hard-coded username and password in plaintext within unspecified files, which allows remote authenticated users to access the database aka bug CSCsd15951...

CVE-2006-3286

The CVE-2006-3286 entry concerns Cisco Wireless Control System (WCS) for Linux and Windows prior to 3.2(63). The vulnerability arises from a hard-coded username and password stored in plaintext in unspecified files within the WCS database, enabling remote authenticated users to access the databas...

CVE-2006-3285

The internal database in Cisco Wireless Control System WCS for Linux and Windows before 3.251 uses an undocumented, hard-coded username and password, which allows remote authenticated users to read, and possibly modify, sensitive configuration data aka bugs CSCsd15955...

CVE-2006-2716

Secure Elements Class 5 AVR server aka C5 EVM before 2.8.1 uses a hard-coded user ID and password, which allows remote attackers to gain access to the server...

Secure Elements Class 5 AVR server contains hard-coded user ID and password

Overview The Secure Elements Class 5 AVR server contains a hard-coded user ID and password. This may allow a remote unauthenticated attacker to gain access to the server. Description Class 5 AVR Secure Elements Class 5 AVR Automated Vulnerability Remediation is a security product that monitors an...

CVE-2005-3803

Cisco IP Phone 7920 (VoIP) 1.0(8) is affected by hard-coded public and private SNMP community strings that cannot be changed, enabling potential remote information disclosure. The issue is documented across NVD/Nessus and Cisco advisories, with a vendor alert suggesting that fixed SNMP communitie...

CVE-2005-3803

Cisco IP Phone VoIP 7920 1.08 contains certain hard-coded "fixed" public and private SNMP community strings that cannot be changed, which allows remote attackers to obtain sensitive information...

CVE-2005-3719

Hitachi IP5000 VOIP WIFI Phone 1.5.6 has a hard-coded administrator password of "0000", which allows attackers with physical access to obtain sensitive information and modify the phone's configuration...

CVE-2005-3716

The SNMP daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 has hard-coded public credentials that cannot be changed, which allows attackers to obtain sensitive information...

CVE-2005-3716

The SNMP daemon in UTStarcom F1000 VOIP WIFI Phone s2.0 running VxWorks 5.5.1 with kernel WIND 2.6 has hard-coded public credentials that cannot be changed, which allows attackers to obtain sensitive information...

CVE-2005-3716

CVE-2005-3716 affects UTStarcom F1000 VOIP WIFI Phone (s2.0, VxWorks 5.5.1, WIND 2.6). The SNMP daemon uses hard-coded public credentials that cannot be changed, enabling attackers to obtain sensitive information. No exploit details are provided in the documents, and the impact is reported as par...

CVE-2005-3719

Hitachi IP5000 VOIP WIFI Phone 1.5.6 has a hard-coded administrator password of "0000", which allows attackers with physical access to obtain sensitive information and modify the phone's configuration...

CVE-2005-3719

CVE-2005-3719 affects Hitachi IP5000 VOIP/WiFi Phone (firmware ~1.5.6). The issue stems from a hard-coded administrator password of “0000” that, combined with local access, allows an attacker to view sensitive information and modify configuration. Related documentation in JVNDB notes multiple vul...

FileZilla 2.2.15 - FTP Client Hard-Coded Cipher Key

// source: https://www.securityfocus.com/bid/14730/info FileZilla FTP client may allow local attackers to obtain user passwords and access remote servers. The application uses a hard-coded cipher key to decrypt the password, which is stored in an XML file or the Windows Registry. This can allow t...