Lucene search
K

2948 matches found

Packet Storm
Packet Storm
added 2003/09/18 12:0 a.m.26 views

pandpdos.txt

Denial Of Service in Plug & Play Web FTP Server Introduction: ======== "The Plug and Play Web Server provides all of the tools you need to host your own website. The tools are bundled together in one comprehensive software package that it is incredibly easy to use and maintain." - Vendors...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2003/09/18 12:0 a.m.19 views

pandpdt.txt

Directory traversal in Plug & Play Web Server Introduction: ============= "The Plug and Play Web Server provides all of the tools you need to host your own website. The tools are bundled together in one comprehensive software package that it is incredibly easy to use and maintain." - Vendors...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2003/09/18 12:0 a.m.18 views

Plug and Play Web Server 1.0 002c - Directory Traversal

Plug and Play Web Server 1.0 002c - Directory Traversal source: https://www.securityfocus.com/bid/8645/info It has been reported that Plug and Play Web Server is prone a directory traversal issue allowing a remote attacker to traverse outside the server root directory by using '../' or '..'...

0.1AI score
Exploits0
CERT
CERT
added 2003/07/15 12:0 a.m.50 views

Adobe PDF viewers allow non-certified plug-ins to put viewers into Certified Mode

Overview By default, Adobe PDF viewers will start up and load non-certified plug-ins installed in a local plugins directory. Adobe Reader plug-ins not certified by Adobe, if allowed to load, can execute arbitrary code in the process space of the running viewer. One incremental impact of such...

5CVSS7.1AI score0.0218EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2003/06/17 12:0 a.m.17 views

Trend Micro Emanager Detection

The Trend Micro Emanager software resides on this server. %NASLMINLEVEL 70300 This script was written by John [email protected] See the Nessus Scripts License for details Changes by Tenable: - Removed CVE and bid, changed description 09/24/19 include'deprecatednasllevel.inc';...

7AI score
Exploits0References1
exploitpack
exploitpack
added 2003/04/03 12:0 a.m.15 views

NETGEAR FM114P ProSafe Wireless Router - UPnP Information Disclosure

NETGEAR FM114P ProSafe Wireless Router - UPnP Information Disclosure source: https://www.securityfocus.com/bid/7267/info The Netgear FM114P ProSafe Wireless Router is vulnerable to information disclosure. If Remote Access and Universal Plug and Play are both enabled on the WAN interface, a UPnP...

0.2AI score
Exploits0
exploitpack
exploitpack
added 2003/04/03 12:0 a.m.15 views

NETGEAR FM114P ProSafe Wireless Router - Rule Bypass

NETGEAR FM114P ProSafe Wireless Router - Rule Bypass source: https://www.securityfocus.com/bid/7270/info The Netgear FM114P allows certain ports to be blocked, both for external users attempting to enter the local network and for local users connecting to the WAN. If Remote Access and Universal...

0.2AI score
Exploits0
Exploit DB
Exploit DB
added 2003/04/03 12:0 a.m.34 views

Netgear FM114P ProSafe Wireless Router - Rule Bypass

source: https://www.securityfocus.com/bid/7270/info The Netgear FM114P allows certain ports to be blocked, both for external users attempting to enter the local network and for local users connecting to the WAN. If Remote Access and Universal Plug and Play are both enabled on the WAN interface, a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/04/03 12:0 a.m.32 views

Netgear FM114P ProSafe Wireless Router - UPnP Information Disclosure

source: https://www.securityfocus.com/bid/7267/info The Netgear FM114P ProSafe Wireless Router is vulnerable to information disclosure. If Remote Access and Universal Plug and Play are both enabled on the WAN interface, a UPnP SOAP request can retrieve the username and password for the WAN...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.16 views

CVE-2002-0685

Heap-based buffer overflow in the message decoding functionality for PGP Outlook Encryption Plug-In, as used in NAI PGP Desktop Security 7.0.4, Personal Security 7.0.3, and Freeware 7.0.3, allows remote attackers to modify the heap and gain privileges via a large, malformed mail message...

7.3AI score0.02647EPSS
Exploits0References7
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.21 views

CVE-2002-0688

ZCatalog plug-in index support capability for Zope 2.4.0 through 2.5.1 allows anonymous users and untrusted code to bypass access restrictions and call arbitrary methods of catalog indexes...

6.7AI score0.01427EPSS
Exploits0References5
NVD
NVD
added 2003/04/02 5:0 a.m.22 views

CVE-2002-0030

The digital signature mechanism for the Adobe Acrobat PDF viewer only verifies the PE header of executable code for a plug-in, which can allow attackers to execute arbitrary code in certified mode by making the plug-in appear to be signed by Adobe...

4.6CVSS7.3AI score0.00902EPSS
Exploits0References4
CVE
CVE
added 2003/04/02 5:0 a.m.42 views

CVE-2002-0685

CVE-2002-0685 describes a heap-based buffer overflow in the message decoding function of the PGP Outlook Plug-in used by NAI PGP Desktop Security 7.0.4, Personal Security 7.0.3, and Freeware 7.0.3. A remote attacker could trigger this via a large, malformed email message to modify the heap and ga...

7.5CVSS7.4AI score0.02647EPSS
Exploits0References7Affected Software3
securityvulns
securityvulns
added 2003/03/25 12:0 a.m.27 views

Vulnerability (critical): Digital signature for Adobe Acrobat/Reader plug-in can be forged

-----BEGIN PGP SIGNED MESSAGE----- Hash: MD5 Vulnerability critical: Digital signature for Adobe Acrobat/Reader plug-in can be forged March 24, 2003 SUMMARY =============================================================================== Adobe Acrobat Reader supports plug-ins, i.e. additional...

Exploits0
CERT
CERT
added 2003/03/19 12:0 a.m.29 views

Adobe Acrobat PDF viewers contain flaw when loading and verifying plug-ins

Overview Acrobat plug-ins can be digitally signed to determine whether they should be loaded by Adobe Acrobat Reader at startup. This digital signature mechanism is not cryptographically strong and allows other potentially-malicious plug-in code to pretend to be certified by Adobe and be executed...

4.6CVSS6.7AI score0.00902EPSS
Exploits0References7
securityvulns
securityvulns
added 2003/01/28 12:0 a.m.97 views

Incorrect Certificate Validation in Java Secure Socket Extension

According to SUN it has been reported that: "the Java Secure Socket Extension JSSE may incorrectly validate the digital certificate of a web site. This may result in untrustworthy web sites being authenticated for SSL transactions. The Java Plug-in and Java Web Start may incorrectly validate the...

0.9AI score
Exploits0
NVD
NVD
added 2002/12/31 5:0 a.m.16 views

CVE-2002-1777

NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus NAV 2002 allows remote attackers to bypass e-mail scanning via a filename in the Content-Type field with an excluded extension such as .nch or .dbx, but a malicious extension in the Content-Disposition field, which is use...

7.5CVSS6.6AI score0.02574EPSS
Exploits0References4
NVD
NVD
added 2002/12/31 5:0 a.m.15 views

CVE-2002-1696

Microsoft Outlook plug-in PGP version 7.0, 7.0.3, and 7.0.4 silently saves a decrypted copy of a message to hard disk when "Automatically decrypt/verify when opening messages" option is checked, "Always use Secure Viewer when decrypting" option is not checked, and the user replies to an encrypted...

5.5CVSS5.4AI score0.0025EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2002/12/31 12:0 a.m.4 views

PT-2002-2498 · Symantec +1 · Symantec Norton Antivirus +1

Name of the Vulnerable Software and Affected Versions: Symantec Norton AntiVirus version 2002 Description: The issue allows remote attackers to bypass virus protection via a Word Macro virus with a .nch or .dbx extension, which is automatically recognized and executed as a Microsoft Office...

7.5CVSS7.2AI score0.02574EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2002/12/31 12:0 a.m.4 views

PT-2002-2499 · Symantec +1 · Symantec Norton Antivirus +1

Name of the Vulnerable Software and Affected Versions: Symantec Norton AntiVirus NAV version 2002 Description: The issue allows remote attackers to bypass e-mail scanning via a filename in the Content-Type field with an excluded extension, but a malicious extension in the Content-Disposition fiel...

7.5CVSS7AI score0.02574EPSS
Exploits0References8
Rows per page
Query Builder