CVE-2011-0887

The web management portal on the SMC SMCD3G-CCR aka Comcast Business Gateway with firmware before 1.4.0.49.2 uses predictable session IDs based on time values, which makes it easier for remote attackers to hijack sessions via a brute-force attack on the userid cookie...

CVE-2011-0887

The CVE-2011-0887 entry refers to the Comcast DOCSIS 3.0 Business Gateway (SMCD3G-CCR) web management portal. Affected firmware prior to 1.4.0.49.2 uses a predictable session ID (“userid” cookie) derived from epoch time, enabling brute-forcing to hijack active sessions. Trustwave’s SpiderLabs adv...

RealNetworks Real Player Predictable Temporary File Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of RealNetworks RealPlayer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The flaw exists within the temporary fil...

CVE-2011-0755

Integer overflow in the mtrand function in PHP before 5.3.4 might make it easier for context-dependent attackers to predict the return values by leveraging a script's use of a large max parameter, as demonstrated by a value that exceeds mtgetrandmax...

libuser creates LDAP users with a default password

libuser before 0.57 uses a cleartext password value of 1 !! or 2 x for new LDAP user accounts, which makes it easier for remote attackers to obtain access by specifying one of these values...

Debian DSA-2147-1 : pimd - insecure temporary files

Vincent Bernat discovered that pimd, a multicast routing daemon, creates files with predictable names upon the receipt of particular signals. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory...

DSA-2147-1 pimd - insecure temporary files

Bulletin has no description...

Microsoft Windows DNS Client Service Response Spoofing Vulnerability (945553)

This host is missing a critical security update according to Microsoft Bulletin MS08-020. SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Nmap NSE: DNS Random TXID

This script attempts to check a DNS server for the predictable-TXID DNS recursion vulnerability. This is a wrapper on the Nmap Security Scanner's http://nmap.org dns-random-txid.nse. OpenVAS Vulnerability Test $Id: gbnmapdnsrandomtxid.nasl 7006 2017-08-25 11:51:20Z teissa $ Wrapper for Nmap DNS...

CVE-2010-4304

The web interface in Cisco Unified Videoconferencing UVC System 3545, 5110, 5115, and 5230; Unified Videoconferencing 3527 Primary Rate Interface PRI Gateway; Unified Videoconferencing 3522 Basic Rate Interfaces BRI Gateway; and Unified Videoconferencing 3515 Multipoint Control Unit MCU uses...

Command injection

The web interface in Cisco Unified Videoconferencing UVC System 3545, 5110, 5115, and 5230; Unified Videoconferencing 3527 Primary Rate Interface PRI Gateway; Unified Videoconferencing 3522 Basic Rate Interfaces BRI Gateway; and Unified Videoconferencing 3515 Multipoint Control Unit MCU uses...

CVE-2010-4304

The CVE affects Cisco Unified Videoconferencing (UVC) System components: 3545, 5110, 5115, 5230; 3527 PRI Gateway; 3522 BRI Gateway; and 3515 MCU. Root cause is predictable session IDs based on time values, enabling remote attackers to hijack sessions through brute-force. No exploit details are p...

CVE-2010-4304

The web interface in Cisco Unified Videoconferencing UVC System 3545, 5110, 5115, and 5230; Unified Videoconferencing 3527 Primary Rate Interface PRI Gateway; Unified Videoconferencing 3522 Basic Rate Interfaces BRI Gateway; and Unified Videoconferencing 3515 Multipoint Control Unit MCU uses...

Code injection

The Old Charts implementation in Bugzilla 2.12 through 3.2.8, 3.4.8, 3.6.2, 3.7.3, and 4.1 creates graph files with predictable names in graphs/, which allows remote attackers to obtain sensitive information via a modified URL...

CVE-2010-3764

The Old Charts implementation in Bugzilla 2.12 through 3.2.8, 3.4.8, 3.6.2, 3.7.3, and 4.1 creates graph files with predictable names in graphs/, which allows remote attackers to obtain sensitive information via a modified URL...

CVE-2010-3764

Affected software/versions: Bugzilla 2.12–3.2.8, 3.4.8, 3.6.2, 3.7.3, 4.1.** Root cause / vulnerability:** Old Charts implementation creates graph files in graphs/ with predictable names, enabling remote attackers to retrieve sensitive information via a modified URL.** Impact:** Unauthorized disc...

Mandriva Linux Security Advisory : firefox (MDVSA-2009:294)

Security issues were identified and fixed in firefox 3.5.x : Security researcher Alin Rad Pop of Secunia Research reported a heap-based buffer overflow in Mozilla's string to floating point number conversion routines. Using this vulnerability an attacker could craft some malicious JavaScript code...

Multiple Vulnerabilities in DT Centrepiece

High-Tech Bridge SA Security Research Lab has discovered multiple vulnerabilities in DT Centrepiece which could be exploited to perform cross-site scripting attacks and bypass certain security restrictions. 1 Cross-site scripting XSS vulnerabilities in DT Centrepiece 1.1 The vulnerability exists...

CVE-2010-2466

The S2 Security NetBox, possibly 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAccess, does not properly prevent downloading of database backups, which allows remote attackers to obtain sensitive information via requests for full.dar files with predictable filenames...

CVE-2010-2072

Pyftpd 0.8.4 creates log files with predictable names in a temporary directory, which allows local users to cause a denial of service and obtain sensitive information...