Lucene search
K

357 matches found

Debian
Debian
added 2002/08/13 4:32 p.m.14 views

[SECURITY] [DSA 150-1] New interchange packages fix illegal file exposition

-------------------------------------------------------------------------- Debian Security Advisory DSA 150-1 [email protected] http://www.debian.org/security/ Martin Schulze August 13th, 2002 - -------------------------------------------------------------------------- Package : interchange...

0.6AI score
Exploits0
exploitpack
exploitpack
added 2002/08/13 12:0 a.m.11 views

RedHat Interchange 4.8.x - Arbitrary File Read

RedHat Interchange 4.8.x - Arbitrary File Read source: https://www.securityfocus.com/bid/5453/info A vulnerability has been reported for Interchange 4.8.5 and earlier. Reportedly, Interchange may disclose contents of files to attackers. The vulnerability occurs due to the placement of the 'doc'...

7.4AI score
Exploits0
OSV
OSV
added 2002/08/13 12:0 a.m.15 views

DSA-150 interchange - illegal file exposition

Bulletin has no description...

5CVSS6.3AI score0.05836EPSS
Exploits0
Exploit DB
Exploit DB
added 2002/08/13 12:0 a.m.17 views

RedHat Interchange 4.8.x - Arbitrary File Read

source: https://www.securityfocus.com/bid/5453/info A vulnerability has been reported for Interchange 4.8.5 and earlier. Reportedly, Interchange may disclose contents of files to attackers. The vulnerability occurs due to the placement of the 'doc' folder. Reportedly, the folder will be installed...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2002/08/11 12:0 a.m.23 views

int.exp.txt

First off, great site ! I appreciate all the work you do. I just wanted to send in a quick and dirty perl script to retrieve any file from a server running RedHat's Interchange commerce system. The temp fix for this can be to use ipchains/iptables to block access to the port from outside the...

7.4AI score
Exploits0
NVD
NVD
added 2001/06/18 4:0 a.m.16 views

CVE-2001-0372

Akopia Interchange 4.5.3 through 4.6.3 installs demo stores with a default group account :backup with no password, which allows a remote attacker to gain administrative access via the demo stores 1 barry, 2 basic, or 3 construct...

10CVSS6.9AI score0.03149EPSS
Exploits1References4
Cvelist
Cvelist
added 2001/05/24 4:0 a.m.22 views

CVE-2001-0372

Akopia Interchange 4.5.3 through 4.6.3 installs demo stores with a default group account :backup with no password, which allows a remote attacker to gain administrative access via the demo stores 1 barry, 2 basic, or 3 construct...

6.9AI score0.03149EPSS
Exploits1References4
CVE
CVE
added 2001/05/24 4:0 a.m.48 views

CVE-2001-0372

CVE-2001-0372 affects Akopia Interchange versions 4.5.3 through 4.6.3. The vulnerability arises because the installation of demo stores creates a default group account named ":backup" with no password, enabling a remote attacker to gain administrative access via the demo stores using the accounts...

10CVSS7.3AI score0.03149EPSS
Exploits1References4Affected Software1
securityvulns
securityvulns
added 2001/03/26 12:0 a.m.37 views

Дырки при установке Interchange (default password)

При установке создаются пользователи с пустыми паролями...

1.2AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2001/03/26 12:0 a.m.34 views

Akopia Interchange E-commerce Package Demo Files Vulnerability

A serious security vulnerability has been found in the default installation of the Interchange demo stores 'barry', 'basic', and 'construct' distributed in Interchange versions 4.5.3 through 4.6.3. Using a group login that had no password set by default, it is possible to log in to the back-end...

0.2AI score
Exploits0
NVD
NVD
added 2001/02/12 5:0 a.m.14 views

CVE-2001-0097

The Web interface for Infinite Interchange 3.6.1 allows remote attackers to cause a denial of service application crash via a large POST request...

5CVSS6.6AI score0.03178EPSS
Exploits1References3
CVE
CVE
added 2001/02/02 5:0 a.m.44 views

CVE-2001-0097

The CVE-2001-0097 entry concerns the Web interface of Infinite Interchange 3.6.1, where remote attackers can trigger a denial-of-service (application crash) by sending a large POST request. The available sources confirm the vulnerable component is the Web interface, and the impact is a partial av...

5CVSS7AI score0.03178EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2001/02/02 5:0 a.m.18 views

CVE-2001-0097

The Web interface for Infinite Interchange 3.6.1 allows remote attackers to cause a denial of service application crash via a large POST request...

6.6AI score0.03178EPSS
Exploits1References3
Packet Storm
Packet Storm
added 2000/12/22 12:0 a.m.26 views

interchange.txt

Strumpf Noir Society Advisories ! Public release ! -- -= Infinite InterChange DoS =- Release date: Thursday, 21 December, 2000 Introduction: Infinite InterChange is a Win95/98/NT/2k mailserver for organizations that need to expand their network messaging. Infinite InterChange has many functions,...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2000/12/22 12:0 a.m.28 views

Infinite InterChange DoS

Strumpf Noir Society Advisories ! Public release ! -- -= Infinite InterChange DoS =- Release date: Thursday, 21 December, 2000 Introduction: Infinite InterChange is a Win95/98/NT/2k mailserver for organizations that need to expand their network messaging. Infinite InterChange has many functions,...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2000/12/22 12:0 a.m.36 views

DoS против Interchange

Переполнение буфера при длинном HTTP POST - запросе в WEB-интерфейсе...

7.2AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 1970/01/01 12:0 a.m.4 views

PT-2007-7486 · Debian +3 · Debian +3

Name of the Vulnerable Software and Affected Versions: Tcl/Tk versions 8.4.13 through 8.4.15 Description: The issue is related to a buffer overflow in the ReadImage function, which can be exploited by remote attackers using multi-frame interlaced GIF files where later frames are smaller than the...

7.8CVSS8.2AI score0.04855EPSS
Exploits3References55
Rows per page
Query Builder