14 matches found
EUVD-2004-2318
Malware in sbrugna...
EUVD-2006-2044
Malware in sbrugna...
EUVD-2006-2045
Malware in sbrugna...
IP3 Networks IP3 NetAccess Appliance SQL Injection Vulnerability
No description provided by source. source: http://www.securityfocus.com/bid/9858/info The IP3 NetAccess Appliance is reported prone to a remote SQL-injection vulnerability. This issue is due to the application's failure to properly sanitize user input. This issue may allow an attacker to gain ful...
Default credentials
na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 has a default username of admin and a default password of admin...
Command injection
na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 allows local users to gain Unix shell access via "" backtick characters in the appliance's command line interface CLI...
CVE-2006-2043
na-img-4.0.34.bin for the IP3 Networks NetAccess NA75 allows local users to gain Unix shell access via "" backtick characters in the appliance's command line interface CLI...
CVE-2006-2045
CVE-2006-2045 concerns IP3 Networks NetAccess NA75. The shadow password file in na-img-4.0.34.bin is world-readable, enabling local users to view encrypted passwords; the NetAccess database file is world-readable and world-writable, enabling local users to view sensitive data and modify it. No ex...
CVE-2006-2043
CVE-2006-2043 affects IP3 Networks NetAccess NA75 with the na-img-4.0.34.bin image; backtick characters in the appliance CLI enable local users to gain Unix shell access, indicating a command-injection-style vulnerability in the CLI parsing. No remediation details are provided in the supplied doc...
Multiple vulnerabilities in IP3 Networks 'NetAccess' NA75 appliance
-------------------- Multiple vulnerabilities have been identified in IP3 Networks 'NetAccess' NA75 appliance. -------------------- KPMG recommends that owners of a NetAccess NA75 take steps to ensure the security of the device, and that IP3 Networks is contacted to acquire the new firmware that...
Multiple IP3 Networks NetAccess security vulnerabilities
SQL injections, unfiltered shell characters, etc...
CVE-2004-2326
The CVE-2004-2326 entry documents a SQL injection vulnerability in the IP3 Networks NetAccess Appliance that allows remote attackers to bypass authentication via the login or password fields. Affected firmware versions are listed as before 3.1.18b13, with a note that 4.0.34 is also affected. The ...
CVE-2004-2326
SQL injection vulnerability in IP3 Networks NetAccess Appliance before firmware 3.1.18b13 allows remote attackers to bypass authentication via the 1 login or 2 password. NOTE: this issue was later reported to also affect firmware 4.0.34...
CVE-2004-2326
SQL injection vulnerability in IP3 Networks NetAccess Appliance before firmware 3.1.18b13 allows remote attackers to bypass authentication via the 1 login or 2 password. NOTE: this issue was later reported to also affect firmware 4.0.34...