Lucene search
K

477 matches found

Prion
Prion
added 2007/04/26 7:19 p.m.13 views

Default credentials

Cisco Network Services CNS NetFlow Collection Engine NFC before 6.0 has an nfcuser account with the default password nfcuser, which allows remote attackers to modify the product configuration and, when installed on Linux, obtain login access to the host operating system...

10CVSS7.4AI score0.04733EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2007/04/26 7:0 p.m.51 views

CVE-2007-2282

Cisco NetFlow Collection Engine (NFC) before version 6.0 is affected by a default credentials issue: the nfcuser account uses a default password, allowing remote attackers to modify NFC configuration and, on Linux, gain login access to the host OS. This is due to default accounts in NFC prior to ...

10CVSS6.9AI score0.04733EPSS
Exploits0References7Affected Software1
CERT
CERT
added 2007/04/26 12:0 a.m.35 views

Cisco NetFlow Collection Engine contains known default passwords

Overview A vulnerability in the Cisco NetFlow Collection Engine could allow a remote attacker to gain access to a vulnerable system. Description The Cisco Network Services CNS NetFlow Collection Engine NFC is a software package for supported UNIX platforms and is used to collect and monitor NetFl...

10CVSS6.9AI score0.04733EPSS
Exploits0References1
Cisco
Cisco
added 2007/04/25 4:0 p.m.23 views

Default Passwords in NetFlow Collection Engine

THIS DOCUMENT IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. CISCO RESERVES TH...

10CVSS6.3AI score0.04733EPSS
Exploits0References1
securityvulns
securityvulns
added 2007/04/25 12:0 a.m.24 views

Cisco Network Services NetFlow Collection Engine default account

Account with hardcoded password is used for NetFlow information gathering...

2.4AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2007/04/25 12:0 a.m.59 views

Cisco Security Advisory: Default Passwords in NetFlow Collection Engine

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Default Passwords in NetFlow Collection Engine Advisory ID: cisco-sa-20070425-nfc http://www.cisco.com/warp/public/707/cisco-sa-20070425-nfc.shtml Revision 1.0 For Public Release 2007 April 25 1600 UTC GMT -...

7.5AI score
Exploits0
NVD
NVD
added 2005/11/06 11:3 a.m.24 views

CVE-2005-3522

Cross-site scripting XSS vulnerability in index.jsp in ManageEngine Netflow Analyzer 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the grDisp parameter...

4.3CVSS5.7AI score0.01913EPSS
Exploits1References6
Cvelist
Cvelist
added 2005/11/06 11:0 a.m.21 views

CVE-2005-3522

Cross-site scripting XSS vulnerability in index.jsp in ManageEngine Netflow Analyzer 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the grDisp parameter...

5.7AI score0.01913EPSS
Exploits1References6
CVE
CVE
added 2005/11/06 11:0 a.m.46 views

CVE-2005-3522

CVE-2005-3522 affects ManageEngine Netflow Analyzer 4.0.2. The vulnerability is a reflected cross-site scripting (XSS) in index.jsp via the grDisp parameter, allowing an attacker to inject arbitrary web script or HTML. The provided documents do not specify the exact root cause code path, versions...

4.3CVSS6AI score0.01913EPSS
Exploits1References6Affected Software1
securityvulns
securityvulns
added 2005/10/19 12:0 a.m.28 views

NetFlow Analyzer 4 XSS Vulnerability

NetFlow Analyzer 4 http://manageengine.adventnet.com/products/netflow/ I encountered Cross Site Scripting Vulnerabilities in some files of the NetFlow Analyzer 4, with this files, sending a specially crafted url you can execute commands in the client side. Proof of Concept...

0.5AI score
Exploits0
Exploit DB
Exploit DB
added 2005/10/18 12:0 a.m.23 views

NetFlow Analyzer 4 - Cross-Site Scripting

source: https://www.securityfocus.com/bid/15127/info NetFlow Analyzer 4 is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to have arbitrary script code executed in the...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2005/10/18 12:0 a.m.10 views

NetFlow Analyzer 4 - Cross-Site Scripting

NetFlow Analyzer 4 - Cross-Site Scripting source: https://www.securityfocus.com/bid/15127/info NetFlow Analyzer 4 is prone to a cross-site scripting vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. An attacker may leverage this issue to ha...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2005/08/10 12:0 a.m.5 views

Cisco NetFlow Agent Detection

Binary data 3159.prm...

7.3AI score
Exploits0
RedHat Linux
RedHat Linux
added 2004/03/30 5:6 p.m.7 views

security flaw

Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the 1 NetFlow, 2 IGAP, 3 EIGRP, 4 PGM, 5 IrDA, 6 BGP, 7 ISUP, or 8 TCAP dissectors...

5CVSS6.3AI score0.67092EPSS
Exploits0References4
CVE
CVE
added 2004/03/25 5:0 a.m.82 views

CVE-2004-0176

CVE-2004-0176 affects Ethereal 0.8.13–0.10.2; multiple buffer overflows in NetFlow, IGAP, EIGRP, PGM, IrDA, BGP, ISUP, TCAP dissectors allow remote attackers to cause denial of service and possibly execute arbitrary code via crafted packets. The connected documents provide concrete details on aff...

5CVSS7.9AI score0.67092EPSS
Exploits0References26Affected Software1
CERT
CERT
added 2004/03/24 12:0 a.m.37 views

Ethereal fails to properly parse NetFlow UDP packets with an overly large template_entry count

Overview Ethereal fails to properly parse v9template structures in NetFlow UDP packets with an overly large templateentry count. This could allow an attacker to execute arbitrary code. Description Ethereal is a network traffic analysis package. It includes the ability to decode packets containing...

5CVSS7.8AI score0.67092EPSS
Exploits0References3
FreeBSD
FreeBSD
added 2004/03/23 12:0 a.m.29 views

multiple vulnerabilities in ethereal

Stefan Esser of e-matters Security discovered a baker's dozen of buffer overflows in Ethereal's decoders, including: NetFlow IGAP EIGRP PGM IRDA BGP ISUP TCAP UCP In addition, a vulnerability in the RADIUS decoder was found by Jonathan Heusser. Finally, there is one uncredited vulnerability...

6.4AI score
Exploits0References6
Rows per page
Query Builder