6523 matches found
ViRobot Linux Server addschup Multiple Overflows
The remote host is running ViRobot Linux Server, a commercial anti- virus product for Linux. According to its banner, the installed version of ViRobot Linux Server suffers from a remote buffer overflow vulnerability in its web-based management interface. By passing specially crafted data through...
CVE-2004-1789
Cross-site scripting XSS vulnerability in the web management interface in ZyWALL 10 4.07 allows remote attackers to inject arbitrary web script or HTML via the rpAuth1 page...
CVE-2004-1789
CVE-2004-1789 affects ZyWALL 10 (firmware 4.07) and is a reflected XSS in the web management interface via the rpAuth_1 page. The underlying cause is improper handling of user-supplied input in the web interface, allowing remote attackers to inject arbitrary script/HTML. The provided documents do...
CVE-2004-1790
This CVE affects Edimax AR-6004 ADSL Routers. The issue is a Cross-site scripting (XSS) vulnerability in the web management interface, allowing remote attackers to inject arbitrary web script or HTML through the URL. The provided documents do not specify affected firmware versions, exact vulnerab...
CVE-2004-1791
The web management interface in Edimax AR-6004 ADSL Routers uses a default administrator name and password, which also appear as the default login text for the management interface, which allows remote attackers to gain access...
CVE-2004-0945
The CVE covers Mitel 3300 ICP web management interface prior to version 4.2.2.11. The vulnerability allows remote authenticated users to exhaust resources by opening a large number of active sessions, exceeding the system’s maximum and causing a denial of service. The underlying cause is uncontro...
CVE-2004-0945
The web management interface for Mitel 3300 Integrated Communications Platform ICP before 4.2.2.11 allows remote authenticated users to cause a denial of service resource exhaustion via a large number of active sessions, which exceeds ICP's maximum...
CVE-2004-0944
The web management interface for Mitel 3300 Integrated Communications Platform ICP before 4.2.2.11 generates easily predictable web session IDs, which allows remote attackers to hijack other sessions via the parentsessionid cookie...
CVE-2004-0945
The web management interface for Mitel 3300 Integrated Communications Platform ICP before 4.2.2.11 allows remote authenticated users to cause a denial of service resource exhaustion via a large number of active sessions, which exceeds ICP's maximum...
[VulnWatch] Corsaire Security Advisory - Mitel 3300 ICP web interface session hijacking issue
-- Corsaire Security Advisory -- Title: Mitel 3300 ICP web interface session hijacking issue Date: 17.08.04 Application: Mitel Web Management Interface Environment: Mitel 3300 ICP prior to 4.2.2.11 Author: Stephen de Vries [email protected] Audience: General distribution Reference: c040817-002...
CVE-2004-1637
The CVE-2004-1637 entry concerns the Hawking Technologies HAR11A modem/router. The affected component is the device itself, where remote attackers can connect to port 254 to view a management interface and information on established connections, exposing sensitive information. The NVD metrics ass...
CVE-2004-1789
Cross-site scripting XSS vulnerability in the web management interface in ZyWALL 10 4.07 allows remote attackers to inject arbitrary web script or HTML via the rpAuth1 page...
CVE-2004-2691
Unspecified vulnerability in 3Com SuperStack 3 4400 switches with firmware version before 3.31 allows remote attackers to cause a denial of service device reset via a crafted request to the web management interface. NOTE: the provenance of this information is unknown; details are obtained from...
Hawking Technologies HAR11A router considered insecure
The Hawking Technologies HAR11A modem//router is shipped insecure. It suffers from the infamous Conexant security hole http://www.chiark.greenend.org.uk/theom/security/origo.html . You can find lots of references to this in a google search for "conexant port 254". You can see the Hawking...
CVE-2004-1637
The Hawking Technologies HAR11A modem/router allows remote attackers to obtain sensitive information by connecting to port 254, which displays a management interface and information on established connections...
@stake advisory: Pingtel Xpressa Denial of Service
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: Pingtel Xpressa Denial of Service Release Date: 09-13-2004 Device: Xpressa phone Model PX-1 Firmware: Core Apps: 2.1.11.24 Kernel: 2.1.11.24 Severity: An attacker can cause the phone to fai...
CVE-2002-1547
Technical details for CVE-2002-1547 are not provided in the connected documents. The supplied data is limited to the initial description. Monitor for updates in case concrete details (affected products, impact, remediation) are published.
Cisco CSS 11000 Series Content Services Switch vulnerable to DoS via malformed UDP packets
Overview Several models of the Cisco Content Services Switch contain a vulnerability in their management interface that allows an attacker to restart the switch, resulting in a denial of service attack. Description The Cisco CSS 11000 Series Content Services Switches contain a vulnerability in...
CVE-2004-0944
The web management interface for Mitel 3300 Integrated Communications Platform ICP before 4.2.2.11 generates easily predictable web session IDs, which allows remote attackers to hijack other sessions via the parentsessionid cookie...
WebTrends Reporting Center 6.1 Management Interface - Full Path Disclosure
source: https://www.securityfocus.com/bid/9460/info The WebTrends Reporting Center management interface discloses installation path information when an invalid argument for an interface URI parameter is requested. This information may permit an attacker to enumerate the layout of the underlying...