31 matches found
CVE-2011-4046
The Dell KACE K2000 System Deployment Appliance stores the recovery account password in cleartext within a PHP script, which allows context-dependent attackers to obtain sensitive information by examining script source code...
CVE-2011-4047
The Dell KACE K2000 System Deployment Appliance allows remote attackers to execute arbitrary commands by leveraging database write access...
CVE-2011-4436
Multiple cross-site scripting XSS vulnerabilities in the administrative web interface on the Dell KACE K2000 System Deployment Appliance allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Dell KACE K2000 < 3.3.52857 Multiple Vulnerabilities
The remote Dell KACE K2000 appliance is affected by multiple vulnerabilities : - The appliance stores the recovery account password in plaintext within a PHP script. CVE-2011-4046 - The appliance can allow arbitrary command execution by leveraging database write access. CVE-2011-4047 - An...
CVE-2011-4046
The Dell KACE K2000 System Deployment Appliance stores the recovery account password in cleartext within a PHP script, which allows context-dependent attackers to obtain sensitive information by examining script source code...
CVE-2011-4048
The Dell KACE K2000 System Deployment Appliance has a default username and password for the read-only reporting account, which makes it easier for remote attackers to obtain sensitive information from the database by leveraging the default credentials...
CVE-2011-4436
Multiple cross-site scripting XSS vulnerabilities in the administrative web interface on the Dell KACE K2000 System Deployment Appliance allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2011-4047
The Dell KACE K2000 System Deployment Appliance allows remote attackers to execute arbitrary commands by leveraging database write access...
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in the administrative web interface on the Dell KACE K2000 System Deployment Appliance allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Code injection
The Dell KACE K2000 System Deployment Appliance stores the recovery account password in cleartext within a PHP script, which allows context-dependent attackers to obtain sensitive information by examining script source code...
Default credentials
The Dell KACE K2000 System Deployment Appliance has a default username and password for the read-only reporting account, which makes it easier for remote attackers to obtain sensitive information from the database by leveraging the default credentials...
CVE-2011-4046
The Dell KACE K2000 System Deployment Appliance stores the recovery account password in cleartext within a PHP script, which allows context-dependent attackers to obtain sensitive information by examining script source code...
CVE-2011-4436
Multiple cross-site scripting XSS vulnerabilities in the administrative web interface on the Dell KACE K2000 System Deployment Appliance allow remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2011-4047
The Dell KACE K2000 System Deployment Appliance allows remote attackers to execute arbitrary commands by leveraging database write access...
CVE-2011-4048
The Dell KACE K2000 System Deployment Appliance has a default username and password for the read-only reporting account, which makes it easier for remote attackers to obtain sensitive information from the database by leveraging the default credentials...
Dell KACE K2000 Backdoor
The Dell KACE K2000 System Deployment Appliance contains a hidden administrator account that allow a remote attacker to take control of an affected device. OpenVAS Vulnerability Test $Id: gbdellkace2000backdoor.nasl 3117 2016-04-19 10:19:37Z benallard $ Dell KACE K2000 Backdoor Authors: Michael...
Dell KACE K2000 Detection
The web interface for the Dell KACE K2000 is running at this Host. OpenVAS Vulnerability Test $Id: gbdellkace2000webdetect.nasl 6701 2017-07-12 13:04:06Z cfischer $ Dell KACE K2000 Detection Authors: Michael Meyer Copyright: Copyright c 2011 Greenbone Networks GmbH This program is free software;...
Quest / Dell KACE K2000 Systems Deployment Appliance (SDA) < 3.7 Hardcoded Credentials (HTTP)
The Quest / Dell KACE K2000 System Deployment Appliance SDA contains a hidden administrator account that allows a remote attacker to take control of an affected device. Copyright C 2011 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright ...
Dell KACE K2000 Web Backdoor Account
Nessus was able to log into the remote Dell KACE K2000 system using a hidden account. The hidden account, 'kbox1248163264128256', also has administrator privileges. A remote, unauthenticated attacker could exploit this issue to gain administrative access to the K2000 device. After gaining...
Dell KACE K2000 Appliance read-only database account allows account information disclosure
Overview A vulnerability in the database component of the Dell KACE K2000 Deployment Appliance may allow a remote attacker to read account information from an affected device. Description The Dell KACE K2000 Deployment Appliance is an integrated systems provisioning product for large-scale...