2948 matches found
pandpdos.txt
Denial Of Service in Plug & Play Web FTP Server Introduction: ======== "The Plug and Play Web Server provides all of the tools you need to host your own website. The tools are bundled together in one comprehensive software package that it is incredibly easy to use and maintain." - Vendors...
pandpdt.txt
Directory traversal in Plug & Play Web Server Introduction: ============= "The Plug and Play Web Server provides all of the tools you need to host your own website. The tools are bundled together in one comprehensive software package that it is incredibly easy to use and maintain." - Vendors...
Plug and Play Web Server 1.0 002c - Directory Traversal
Plug and Play Web Server 1.0 002c - Directory Traversal source: https://www.securityfocus.com/bid/8645/info It has been reported that Plug and Play Web Server is prone a directory traversal issue allowing a remote attacker to traverse outside the server root directory by using '../' or '..'...
Adobe PDF viewers allow non-certified plug-ins to put viewers into Certified Mode
Overview By default, Adobe PDF viewers will start up and load non-certified plug-ins installed in a local plugins directory. Adobe Reader plug-ins not certified by Adobe, if allowed to load, can execute arbitrary code in the process space of the running viewer. One incremental impact of such...
Trend Micro Emanager Detection
The Trend Micro Emanager software resides on this server. %NASLMINLEVEL 70300 This script was written by John [email protected] See the Nessus Scripts License for details Changes by Tenable: - Removed CVE and bid, changed description 09/24/19 include'deprecatednasllevel.inc';...
NETGEAR FM114P ProSafe Wireless Router - UPnP Information Disclosure
NETGEAR FM114P ProSafe Wireless Router - UPnP Information Disclosure source: https://www.securityfocus.com/bid/7267/info The Netgear FM114P ProSafe Wireless Router is vulnerable to information disclosure. If Remote Access and Universal Plug and Play are both enabled on the WAN interface, a UPnP...
NETGEAR FM114P ProSafe Wireless Router - Rule Bypass
NETGEAR FM114P ProSafe Wireless Router - Rule Bypass source: https://www.securityfocus.com/bid/7270/info The Netgear FM114P allows certain ports to be blocked, both for external users attempting to enter the local network and for local users connecting to the WAN. If Remote Access and Universal...
Netgear FM114P ProSafe Wireless Router - Rule Bypass
source: https://www.securityfocus.com/bid/7270/info The Netgear FM114P allows certain ports to be blocked, both for external users attempting to enter the local network and for local users connecting to the WAN. If Remote Access and Universal Plug and Play are both enabled on the WAN interface, a...
Netgear FM114P ProSafe Wireless Router - UPnP Information Disclosure
source: https://www.securityfocus.com/bid/7267/info The Netgear FM114P ProSafe Wireless Router is vulnerable to information disclosure. If Remote Access and Universal Plug and Play are both enabled on the WAN interface, a UPnP SOAP request can retrieve the username and password for the WAN...
CVE-2002-0685
Heap-based buffer overflow in the message decoding functionality for PGP Outlook Encryption Plug-In, as used in NAI PGP Desktop Security 7.0.4, Personal Security 7.0.3, and Freeware 7.0.3, allows remote attackers to modify the heap and gain privileges via a large, malformed mail message...
CVE-2002-0688
ZCatalog plug-in index support capability for Zope 2.4.0 through 2.5.1 allows anonymous users and untrusted code to bypass access restrictions and call arbitrary methods of catalog indexes...
CVE-2002-0030
The digital signature mechanism for the Adobe Acrobat PDF viewer only verifies the PE header of executable code for a plug-in, which can allow attackers to execute arbitrary code in certified mode by making the plug-in appear to be signed by Adobe...
CVE-2002-0685
CVE-2002-0685 describes a heap-based buffer overflow in the message decoding function of the PGP Outlook Plug-in used by NAI PGP Desktop Security 7.0.4, Personal Security 7.0.3, and Freeware 7.0.3. A remote attacker could trigger this via a large, malformed email message to modify the heap and ga...
Vulnerability (critical): Digital signature for Adobe Acrobat/Reader plug-in can be forged
-----BEGIN PGP SIGNED MESSAGE----- Hash: MD5 Vulnerability critical: Digital signature for Adobe Acrobat/Reader plug-in can be forged March 24, 2003 SUMMARY =============================================================================== Adobe Acrobat Reader supports plug-ins, i.e. additional...
Adobe Acrobat PDF viewers contain flaw when loading and verifying plug-ins
Overview Acrobat plug-ins can be digitally signed to determine whether they should be loaded by Adobe Acrobat Reader at startup. This digital signature mechanism is not cryptographically strong and allows other potentially-malicious plug-in code to pretend to be certified by Adobe and be executed...
Incorrect Certificate Validation in Java Secure Socket Extension
According to SUN it has been reported that: "the Java Secure Socket Extension JSSE may incorrectly validate the digital certificate of a web site. This may result in untrustworthy web sites being authenticated for SSL transactions. The Java Plug-in and Java Web Start may incorrectly validate the...
CVE-2002-1777
NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus NAV 2002 allows remote attackers to bypass e-mail scanning via a filename in the Content-Type field with an excluded extension such as .nch or .dbx, but a malicious extension in the Content-Disposition field, which is use...
CVE-2002-1696
Microsoft Outlook plug-in PGP version 7.0, 7.0.3, and 7.0.4 silently saves a decrypted copy of a message to hard disk when "Automatically decrypt/verify when opening messages" option is checked, "Always use Secure Viewer when decrypting" option is not checked, and the user replies to an encrypted...
PT-2002-2498 · Symantec +1 · Symantec Norton Antivirus +1
Name of the Vulnerable Software and Affected Versions: Symantec Norton AntiVirus version 2002 Description: The issue allows remote attackers to bypass virus protection via a Word Macro virus with a .nch or .dbx extension, which is automatically recognized and executed as a Microsoft Office...
PT-2002-2499 · Symantec +1 · Symantec Norton Antivirus +1
Name of the Vulnerable Software and Affected Versions: Symantec Norton AntiVirus NAV version 2002 Description: The issue allows remote attackers to bypass e-mail scanning via a filename in the Content-Type field with an excluded extension, but a malicious extension in the Content-Disposition fiel...