Security Issues in FINS protocol

Overview FINS Factory Interface Network Service is a message communication protocol, which is designed to be used in closed FA Factory Automation networks, and is used in FA networks composed of Omron products. FINS commands enable to read/write information, conduct various operations and set the...

SUSE CVE-2008-3214

dnsmasq 2.25 allows remote attackers to cause a denial of service daemon crash by 1 renewing a nonexistent lease or 2 sending a DHCPREQUEST for an IP address that is not in the same network, related to the DHCP NAK response from the daemon...

Cisco ASA-X with FirePOWER Services Authenticated Command Injection

This module exploits an authenticated command injection vulnerability affecting Cisco ASA-X with FirePOWER Services. This exploit is executed through the ASA's ASDM web server and lands in the FirePower Services SFR module's Linux virtual machine as the root user. Access to the virtual machine...

CVE-2022-24582

Accounting Journal Management 1.0 is vulnerable to XSS-PHPSESSID-Hijacking. The parameter manageuser from User lists is vulnerable to XSS-Stored and PHPSESSID attacks. The malicious user can attack the system by using the already session which he has from inside and outside of the network...

samba: smb client vulnerable to filenames containing path separators

A flaw was found in the samba client where a malicious server can supply a pathname to the client with separators. This could allow the client to access files and folders outside of the SMB network pathnames. An attacker could use this vulnerability to create files outside of the current working...

LevelOne AMG-2000 2.00.00 Security Bypass Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/34760/info LevelOne AMG-2000 is prone to a security-bypass vulnerability. Attackers may exploit this issue to gain access to the administrative interface and internal computers from an outside network. This may aid in...