3888 matches found
CSO Lanifex Outreach Project Tool 0.946b - Request Origin Spoofing
CSO Lanifex Outreach Project Tool 0.946b - Request Origin Spoofing source: https://www.securityfocus.com/bid/6630/info It has been reported that OPT accepts the values supplied supplied by users in HTTP headers as the originating IP address of a request. It is possible for a remote host to supply...
CVE-2002-1962
Finjan Software SurfinGate 6.0 and 6.0 1 allows remote attackers to bypass URL access restrictions via a URL with an IP address instead of a hostname...
CVE-2002-1877
NETGEAR FM114P allows remote attackers to bypass access restrictions for web sites via a URL that uses the IP address instead of the hostname...
SonicWALL Content Filtering IP addresses can bypass URL filtering
SonicWall Content Filtering allows local users to access prohibited web sites via requests to the web site's IP address instead of the domain name. CVE: CVE-2002-2181 Last updated: Sept. 5, 2008, 8:32 p.m...
CVE-2002-1839
Trend Micro InterScan VirusWall for Windows NT 3.52 does not record the sender's IP address in the headers for a mail message when it is passed from VirusWall to the MTA, which allows remote attackers to hide the origin of the message...
CVE-2002-2397
Sygate personal firewall 5.0 could allow remote attackers to bypass firewall filters via spoofed 1 source IP address of 127.0.0.1 or 2 network address of 127.0.0.0...
CVE-2002-2423
Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remote attackers to prevent the IP address from being logged via a long IDENT response...
CVE-2002-2181
SonicWall Content Filtering allows local users to access prohibited web sites via requests to the web site's IP address instead of the domain name...
CVE-2002-1943
SafeTP 1.46, when network address translation NAT is being used, leaks the internal IP address of the FTP server in a response to a passive mode PASV file transfer request...
CVE-2002-2184
Digi-Net Technologies DigiChat 3.5 allows chat users to obtain the IP addresses of other chat users via a "Showip" parameter in the chat applet...
CVE-2002-2280
syslogd on OpenBSD 2.9 through 3.2 does not change the source IP address of syslog packets when the machine's IP addressed is changed without rebooting, e.g. via ifconfig, which can cause incorrect information to be sent to the syslog server...
CVE-2002-2053
The design of the Hot Standby Routing Protocol HSRP, as implemented on Cisco IOS 12.1, when using IRPAS, allows remote attackers to cause a denial of service CPU consumption via a router with the same IP address as the interface on which HSRP is running, which causes a loop...
Predictable TCP Initial Sequence Numbers
Title: NetScreen Security Alert 51897 Date: 25 November 2002 Description: Predictable TCP Initial Sequence Numbers Impact: Circumvention of Defined Security Policies Affected Products: All firewall/VPN appliances and systems Affected Software Releases: ScreenOS 1.7, 2.6, 2.8, 3.0, 3.1, 4.0 Summar...
Motorola Cable Modem DOS
I've found it trivial to crash the Motorola Surfboard 4200 Cable modem, as installed default by AT&T Broadband Internet. The modem acts as a bridge, but also has an internal RFC1918 IP address 192.168.100.1. Simply nmap'ing the cable user's IP address, ie: nmap -sS -p 1-1024 12.x.x.x will cause i...
SafeTP 1.46 - Passive Mode Internal IP Address Revealing
SafeTP 1.46 - Passive Mode Internal IP Address Revealing source: https://www.securityfocus.com/bid/5822/info SafeTP is a freely available, open source secure ftp client-server software package. It is available for Unix, Linux, and Microsoft Operating Systems. It has been reported that under some...
CVE-2002-0714
FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which allows remote attackers to bypass firewall rules or spoof FTP server responses...
CVE-2002-0714
FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which allows remote attackers to bypass firewall rules or spoof FTP server responses...
CVE-2002-0209
Nortel Alteon ACEdirector WebOS 9.0, with the Server Load Balancing SLB and Cookie-Based Persistence features enabled, allows remote attackers to determine the real IP address of a web server with a half-closed session, which causes ACEdirector to send packets from the server without changing the...
Lotus Domino Web Server discloses IP address
Overview Lotus Domino Web server discloses its IP address to some HTTP requests. Description Lotus Domino can be coerced to reveal its IP address by sending it a crafted HTTP request. --- Impact Attackers can discover limited information about the numbering of the Domino server's network. ---...
CVE-2002-0422
IIS 5 and 5.1 supporting WebDAV methods allows remote attackers to determine the internal IP address of the system which may be obscured by NAT via 1 a PROPFIND HTTP request with a blank Host header, which leaks the address in an HREF property in a 207 Multi-Status response, or 2 via the WRITE or...