6 matches found
Backdoor.Win32.Onalf Missing Authentication
Discovery / credits: Malvuln - malvuln.com c 2021 Original source: https://malvuln.com/advisory/ba815d409cd714c0eac010b5970f6408.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Backdoor.Win32.Onalf Vulnerability: Missing Authentication Description: WinRemoteShell Onalf listens...
CVE-2010-4121
The TCP-to-ODBC gateway in IBM Tivoli Provisioning Manager for OS Deployment 7.1.1.3 does not require authentication for SQL statements, which allows remote attackers to modify, create, or read database records via a session on TCP port 2020. NOTE: the vendor disputes this issue, stating that the...
Authentication flaw
The TCP-to-ODBC gateway in IBM Tivoli Provisioning Manager for OS Deployment 7.1.1.3 does not require authentication for SQL statements, which allows remote attackers to modify, create, or read database records via a session on TCP port 2020. NOTE: the vendor disputes this issue, stating that the...
CVE-2010-4121
The TCP-to-ODBC gateway in IBM Tivoli Provisioning Manager for OS Deployment 7.1.1.3 does not require authentication for SQL statements, which allows remote attackers to modify, create, or read database records via a session on TCP port 2020. NOTE: the vendor disputes this issue, stating that the...
PT-2010-5313 · Ibm +1 · Ibm Tivoli Provisioning Manager For Os Deployment +1
Name of the Vulnerable Software and Affected Versions: IBM Tivoli Provisioning Manager for OS Deployment version 7.1.1.3 Description: The TCP-to-ODBC gateway does not require authentication for SQL statements, allowing remote attackers to modify, create, or read database records via a session on...
IBM Tivoli Provisioning Manager for OS Deployment TCP to ODBC Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary SQL queries on vulnerable installations of Tivoli Provisioning Manager. Authentication is not required to exploit this vulnerability. The specific flaw exists within the TCP to ODBC gateway component which listens by default on TCP...