6544 matches found
CVE-2007-3151
rpttop.htm in the web management interface in Packeteer PacketShaper 7.3.0g2 and 7.5.0g1 allows remote attackers to cause a denial of service device reboot via a request with empty values of the OP.MEAS.DATAQUERY and MEAS.TYPE parameters...
CVE-2007-3151
Affected software: Packeteer PacketShaper Web Management interface (7.3.0g2, 7.5.0g1). Vulnerability: Crafted requests to rpttop.htm can trigger a denial of service, causing the device to reboot when OP.MEAS.DATAQUERY and MEAS.TYPE are empty. Impact: Denial of service with potential reboot; authe...
Cross site scripting
Cross-site scripting XSS vulnerability in the management interface in Canon Network Camera Server VB100 and VB101 with firmware 3.0 R69 and earlier, and VB150 with firmware 1.1 R39 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Windows DNS server RPC management interface buffer overflow
Added: 04/16/2007 CVE: CVE-2007-1748 BID: 23470 OSVDB: 34100 Background The Windows DNS service runs an RPC management interface which listens on a dynamically assigned TCP port. Problem A buffer overflow vulnerability in the Windows DNS service allows remote attackers to execute arbitrary comman...
Remote Management Interface Discovery
This module can be used to obtain information from the Remote Management Interface DCERPC service. This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Remote Management Interface Discovery',...
Data Domain管理接口本地特权提升漏洞
Data Domain的DDX阵列系列是业界第一个企业数据中心级的基于“重复数据删除Deduplication"技术数据保护阵列。 Data Domain传递数据到UNIX SHELL执行时不正确过滤用户输入,本地攻击者可以利用漏洞提升特权。 Data Domain管理接口的多个命令简单的调用UNIX命令,如ping, ifconfig, date, netstat, uptime等,传递给这些命令的参数缺少验证,通过特殊构建参数,可导致注入特殊SHELL字符而执行SHELL命令。 Data Domain Data Domain OS 3.0 Data Domain Data Domai...
Intel® Enterprise Southbridge 2 Baseboard Management Controller Denial of Service
Summary: A denial of service vulnerability exists in the Intel® Enterprise Southbridge 2 Baseboard Management Controller which may allow malicious users to connect to a server system within a local area network and issue any Intelligent Platform Management Interface command. If proper external...
CVE-2006-5744
Multiple SQL injection vulnerabilities in Highwall Enterprise and Highwall Endpoint 4.0.2.11045 management interface allow remote attackers to execute arbitrary SQL commands via an Access Point with a crafted SSID, and via unspecified vectors related to a malicious system operator...
CVE-2006-5409
Multiple SQL injection vulnerabilities in the wireless IDS management interface for Highwall Enterprise and Highwall Endpoint 4.0.2.11045 allow remote attackers to execute arbitrary SQL commands via unspecified vectors...
Multiple vulnerabilities in Highwall Enterprise and Highwall Endpoint management interface
Multiple vulnerabilities in Highwall Enterprise and Highwall Endpoint 4.0.2.11045 management interface SUMMARY Highwall Enterprise and Highwall Endpoint wireless IDS management interface contain multiple vulnerabilities which can lead to privilege escalation and code execution. DETAILS Web...
CVE-2006-4523
CVE-2006-4523 affects 2Wire HomePortal and OfficePortal Series modems/routers: the web-based management interface is vulnerable to a DoS via a CRLF sequence in a GET request, causing a crash. Root cause is input parsing of CRLF within the request; impact is partial availability loss. Connected do...
CVE-2006-4228
Symantec Veritas NetBackup PureDisk Remote Office Edition 6.0 before MP1 20060816 allows remote attackers to bypass authentication and gain privileges via unknown attack vectors in the management interface...
SYM06-16 Symantec NetBackup PureDisk Remote Office Edition Elevation of Privilege
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Symantec Security Advisory SYM06-015 16 August 2006 Symantec NetBackup PureDisk: Non-Privileged User Authentication Bypass Elevation of Privilege Revision History None Severity Medium highly dependent on network configuration Remote Access Yes Local...
VMWare ESX Server crossite scripting and password leak
Management Interface crossite scripting. Additionally, cleartext password is contained in session cookie and server log files...
VMware ESX 2.x - Multiple Information Disclosure Vulnerabilities
VMware ESX 2.x - Multiple Information Disclosure Vulnerabilities source: https://www.securityfocus.com/bid/19249/info VMware ESX is prone to multiple information-disclosure vulnerabilities. These issues are due to a design error in the application. The following issues were reported: 1. An...
VMware ESX 2.x - Multiple Information Disclosure Vulnerabilities
source: https://www.securityfocus.com/bid/19249/info VMware ESX is prone to multiple information-disclosure vulnerabilities. These issues are due to a design error in the application. The following issues were reported: 1. An information disclosure vulnerability that could disclose the session ID...
Corsaire Security Advisory - VMware ESX Server Cross Site Scripting issue
-- Corsaire Security Advisory -- Title: VMware ESX Server Cross Site Scripting issue Date: 14.11.05 Application: VMware ESX prior to 2.5.2 upgrade patch 2 VMware ESX prior to 2.1.2 upgrade patch 6 VMware ESX prior to 2.0.1 upgrade patch 6 Environment: VMware ESX Author: Stephen de Vries...
CVE-2006-0993
The web management interface in 3Com TippingPoint SMS Server before 2.2.1.4478 does not restrict access to certain directories, which might allow remote attackers to obtain potentially sensitive information such as configuration settings...
CVE-2006-0993
The web management interface in 3Com TippingPoint SMS Server before 2.2.1.4478 does not restrict access to certain directories, which might allow remote attackers to obtain potentially sensitive information such as configuration settings...
ZDI-06-013: 3Com TippingPoint SMS Server Information Disclosure Vulnerability
ZDI-06-013: 3Com TippingPoint SMS Server Information Disclosure Vulnerability http://www.zerodayinitiative.com/advisories/ZDI-06-013.html May 9, 2006 -- CVE ID: CVE-2006-0993 -- Affected Vendor: 3Com TippingPoint -- Affected Products: TippingPoint SMS Server -- Vulnerability Details: This...