Lucene search
K

6523 matches found

Tenable Nessus
Tenable Nessus
added 2005/06/15 12:0 a.m.18 views

ViRobot Linux Server addschup Multiple Overflows

The remote host is running ViRobot Linux Server, a commercial anti- virus product for Linux. According to its banner, the installed version of ViRobot Linux Server suffers from a remote buffer overflow vulnerability in its web-based management interface. By passing specially crafted data through...

5CVSS5.9AI score0.05547EPSS
Exploits5References4
Cvelist
Cvelist
added 2005/05/10 4:0 a.m.20 views

CVE-2004-1789

Cross-site scripting XSS vulnerability in the web management interface in ZyWALL 10 4.07 allows remote attackers to inject arbitrary web script or HTML via the rpAuth1 page...

5.7AI score0.11245EPSS
Exploits1References7
CVE
CVE
added 2005/05/10 4:0 a.m.46 views

CVE-2004-1789

CVE-2004-1789 affects ZyWALL 10 (firmware 4.07) and is a reflected XSS in the web management interface via the rpAuth_1 page. The underlying cause is improper handling of user-supplied input in the web interface, allowing remote attackers to inject arbitrary script/HTML. The provided documents do...

4.3CVSS5.9AI score0.11245EPSS
Exploits1References7Affected Software1
CVE
CVE
added 2005/05/10 4:0 a.m.39 views

CVE-2004-1790

This CVE affects Edimax AR-6004 ADSL Routers. The issue is a Cross-site scripting (XSS) vulnerability in the web management interface, allowing remote attackers to inject arbitrary web script or HTML through the URL. The provided documents do not specify affected firmware versions, exact vulnerab...

4.3CVSS6AI score0.01911EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2005/05/10 4:0 a.m.18 views

CVE-2004-1791

The web management interface in Edimax AR-6004 ADSL Routers uses a default administrator name and password, which also appear as the default login text for the management interface, which allows remote attackers to gain access...

6.9AI score0.01708EPSS
Exploits1References3
CVE
CVE
added 2005/02/28 5:0 a.m.47 views

CVE-2004-0945

The CVE covers Mitel 3300 ICP web management interface prior to version 4.2.2.11. The vulnerability allows remote authenticated users to exhaust resources by opening a large number of active sessions, exceeding the system’s maximum and causing a denial of service. The underlying cause is uncontro...

5CVSS6.6AI score0.01574EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2005/02/28 5:0 a.m.25 views

CVE-2004-0945

The web management interface for Mitel 3300 Integrated Communications Platform ICP before 4.2.2.11 allows remote authenticated users to cause a denial of service resource exhaustion via a large number of active sessions, which exceeds ICP's maximum...

6.3AI score0.01574EPSS
Exploits0References3
Cvelist
Cvelist
added 2005/02/28 5:0 a.m.15 views

CVE-2004-0944

The web management interface for Mitel 3300 Integrated Communications Platform ICP before 4.2.2.11 generates easily predictable web session IDs, which allows remote attackers to hijack other sessions via the parentsessionid cookie...

6.7AI score0.01373EPSS
Exploits0References3
NVD
NVD
added 2005/02/28 5:0 a.m.17 views

CVE-2004-0945

The web management interface for Mitel 3300 Integrated Communications Platform ICP before 4.2.2.11 allows remote authenticated users to cause a denial of service resource exhaustion via a large number of active sessions, which exceeds ICP's maximum...

5CVSS6.3AI score0.01574EPSS
Exploits0References3
securityvulns
securityvulns
added 2005/02/28 12:0 a.m.38 views

[VulnWatch] Corsaire Security Advisory - Mitel 3300 ICP web interface session hijacking issue

-- Corsaire Security Advisory -- Title: Mitel 3300 ICP web interface session hijacking issue Date: 17.08.04 Application: Mitel Web Management Interface Environment: Mitel 3300 ICP prior to 4.2.2.11 Author: Stephen de Vries [email protected] Audience: General distribution Reference: c040817-002...

5CVSS0.4AI score0.01373EPSS
Exploits0
CVE
CVE
added 2005/02/20 5:0 a.m.40 views

CVE-2004-1637

The CVE-2004-1637 entry concerns the Hawking Technologies HAR11A modem/router. The affected component is the device itself, where remote attackers can connect to port 254 to view a management interface and information on established connections, exposing sensitive information. The NVD metrics ass...

7.5CVSS6.6AI score0.01532EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2004/12/31 5:0 a.m.15 views

CVE-2004-1789

Cross-site scripting XSS vulnerability in the web management interface in ZyWALL 10 4.07 allows remote attackers to inject arbitrary web script or HTML via the rpAuth1 page...

4.3CVSS5.7AI score0.11245EPSS
Exploits1References7
NVD
NVD
added 2004/12/31 5:0 a.m.19 views

CVE-2004-2691

Unspecified vulnerability in 3Com SuperStack 3 4400 switches with firmware version before 3.31 allows remote attackers to cause a denial of service device reset via a crafted request to the web management interface. NOTE: the provenance of this information is unknown; details are obtained from...

7.1CVSS6.6AI score0.39064EPSS
Exploits2References3
securityvulns
securityvulns
added 2004/10/27 12:0 a.m.21 views

Hawking Technologies HAR11A router considered insecure

The Hawking Technologies HAR11A modem//router is shipped insecure. It suffers from the infamous Conexant security hole http://www.chiark.greenend.org.uk/theom/security/origo.html . You can find lots of references to this in a google search for "conexant port 254". You can see the Hawking...

7AI score
Exploits0
NVD
NVD
added 2004/10/26 4:0 a.m.13 views

CVE-2004-1637

The Hawking Technologies HAR11A modem/router allows remote attackers to obtain sensitive information by connecting to port 254, which displays a management interface and information on established connections...

7.5CVSS6.2AI score0.01532EPSS
Exploits0References3
securityvulns
securityvulns
added 2004/09/14 12:0 a.m.30 views

@stake advisory: Pingtel Xpressa Denial of Service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: Pingtel Xpressa Denial of Service Release Date: 09-13-2004 Device: Xpressa phone Model PX-1 Firmware: Core Apps: 2.1.11.24 Kernel: 2.1.11.24 Severity: An attacker can cause the phone to fai...

0.3AI score
Exploits0
CVE
CVE
added 2004/09/01 4:0 a.m.63 views

CVE-2002-1547

Technical details for CVE-2002-1547 are not provided in the connected documents. The supplied data is limited to the initial description. Monitor for updates in case concrete details (affected products, impact, remediation) are published.

5CVSS6.7AI score0.03547EPSS
Exploits0References8Affected Software1
CERT
CERT
added 2004/03/05 12:0 a.m.14 views

Cisco CSS 11000 Series Content Services Switch vulnerable to DoS via malformed UDP packets

Overview Several models of the Cisco Content Services Switch contain a vulnerability in their management interface that allows an attacker to restart the switch, resulting in a denial of service attack. Description The Cisco CSS 11000 Series Content Services Switches contain a vulnerability in...

6.8AI score
Exploits0References4
NVD
NVD
added 2004/02/28 5:0 a.m.10 views

CVE-2004-0944

The web management interface for Mitel 3300 Integrated Communications Platform ICP before 4.2.2.11 generates easily predictable web session IDs, which allows remote attackers to hijack other sessions via the parentsessionid cookie...

5CVSS6.7AI score0.01373EPSS
Exploits0References3
Exploit DB
Exploit DB
added 2004/01/20 12:0 a.m.33 views

WebTrends Reporting Center 6.1 Management Interface - Full Path Disclosure

source: https://www.securityfocus.com/bid/9460/info The WebTrends Reporting Center management interface discloses installation path information when an invalid argument for an interface URI parameter is requested. This information may permit an attacker to enumerate the layout of the underlying...

7.4AI score
Exploits0
Rows per page
Query Builder