Ultrix 4.5MIPS - dxterm 0 Local Buffer Overflow

Ultrix 4.5MIPS - dxterm 0 Local Buffer Overflow / Ultrix 4.5/MIPS dxterm exploit by ztion in 2004 Greets to: Stok, sidez It wasn't possible to use '/' in the shellcode. Probably dxterm only copies everything after the last slash, as it expects a path. Since everything is pretty much hardcoded, yo...

Ultrix 4.5/MIPS - dxterm 0 Local Buffer Overflow

/ Ultrix 4.5/MIPS dxterm exploit by ztion in 2004 Greets to: Stok, sidez It wasn't possible to use '/' in the shellcode. Probably dxterm only copies everything after the last slash, as it expects a path. Since everything is pretty much hardcoded, you will probably have to tweak it for versions...

[PoC] Nasty bug(s) found in Axis Network Camera/Video Servers

/ Public disclosure due lack of responce from Axis Communications / I have found a couple of bugs in Axis Network Camera/Video Servers. I have all Axis stuff in one e-mail, instead of multiple, lazy me.. ; Vulnerable: Axis 2100/2110/2120/2420/2130 Network Camera, 2400/2401 Video Server. There may...

Axis Network Camera 2.x And Video Server 1-3 - HTTP Authentication Bypass

Axis Network Camera 2.x And Video Server 1-3 - HTTP Authentication Bypass source: https://www.securityfocus.com/bid/11011/info A hardcoded backdoor administrative-user issue allows remote attackers to administer affected devices. This likely cannot be disabled. This issue is reported to affect: -...

Axis Network Camera 2.x And Video Server 1-3 - HTTP Authentication Bypass

source: https://www.securityfocus.com/bid/11011/info A hardcoded backdoor administrative-user issue allows remote attackers to administer affected devices. This likely cannot be disabled. This issue is reported to affect: - Axis StorePoint CD E100 CD-ROM Server with firmware version 5.30 ?php...

eSeSIX.txt

eSeSIX Thintune thin client multiple vulnerabilities IT-Consult, 2004-07-24 Background - -------- Thintune is a series of thin client appliances sold by eSeSIX GmbH, Germany. They offer ICA, RDP, X11 and SSH support based on a customized Linux platform. See http://www.thintune.com for details...

NETGEAR Wireless Access Point Hardcoded Default Password

NETGEAR ships at least one device with a built-in administrator account. This account cannot be changed via the configuration interface and enables a remote attacker to control the NETGEAR device. To duplicate this error, simply point your browser to a vulnerable machine, and log in when prompted...

CVE-2004-0391

Cisco Wireless LAN Solution Engine WLSE 2.0 through 2.5 and Hosting Solution Engine HSE 1.7 through 1.7.3 have a hardcoded username and password, which allows remote attackers to add new users, modify existing users, and change configuration...

[Full-Disclosure] NEW backdoor in X-Micro WLAN 11b Broadband Router

Backdoor in the X-Micro WLAN 11b Broadband Router ALL VERSIONS ARE AFFECTED 1.6.0.1 too Previous bugreport's bugtraq id: 10095 FCC ID: RAFXWL-11BRRG Firmware Version: 1.2.2, 1.2.2.3, 1.2.2.4, 1.6.0.0, 1.6.0.1 Remote: yes, easily expoitable Type: administration password, which always works The...

CVE-2004-0391

Cisco Wireless LAN Solution Engine WLSE 2.0 through 2.5 and Hosting Solution Engine HSE 1.7 through 1.7.3 have a hardcoded username and password, which allows remote attackers to add new users, modify existing users, and change configuration...

CVE-2004-0391

CVE-2004-0391 affects Cisco WLSE (Wireless LAN Solution Engine) versions 2.0–2.5 and HSE (Hosting Solution Engine) 1.7–1.7.3, which contain a hardcoded username and password. The root cause is hardcoded credentials allowing remote attackers to add new users, modify existing users, and change conf...

CVE-2004-1921

X-Micro WLAN 11b Broadband Router 1.6.0.1 has a hardcoded "1502" username and password, which could allow remote attackers to gain access...

CVE-2004-1920

X-Micro WLAN 11b Broadband Router 1.2.2, 1.2.2.3, 1.2.2.4, and 1.6.0.0 has a hardcoded "super" username and password, which could allow remote attackers to gain access...

Cisco WLSE/HSE backdoor account

There hardcoded username/password to access device...

Cisco WLSE and HSE devices contain hardcoded username and password

Overview A default account with a common username and password exists in two Cisco products. An attacker with knowledge of this account information can compromise any of these devices on the network. Description A default account with a known, fixed username and password combination exists in som...

Проблемы с паролем MySQL в vpopmail

Пароль жестко вкомпилирован в исполняемый файл и может быть извлечен оттуда...

Огромная дыра в Interbase

В базу вкомпилян универсальный пароль доступа, дающий удаленный доступ с административными привелегиями. Всвязи с тем что Inprise Borland открыл сорсы пароль теперь известе всем желающим в текстовом виде...

BorlandInprise Interbase 4.05.06.0 - Backdoor Password

BorlandInprise Interbase 4.05.06.0 - Backdoor Password source: https://www.securityfocus.com/bid/2192/info Interbase is an open source relational database offered by Borland Inprise Corporation. Interbase contains a backdoor user account and password called "LOCKSMITH". When accessed this account...

metasearch

Vulnerable Program: Meta Tag Generator meta.pl Platform : UNIX Company : www.cgi-access.com Impact : Remote users can view arbitary files with httpd privilidges Found by : slackette [email protected] Date : 14th November Meta Tag Generator As quoted from their site, "You can now offer your...

jdedwards.app.passwd.txt

Date: Mon, 3 May 1999 15:09:11 -0400 From: "Stout, Bill" To: [email protected] Subject: JDEdwards application passwords Anyone have experience with JDEdwards applicationsWorldVision/OneWorld? The user JDE password JDE is written into multiple places in config files, and is typically installed...