3869 matches found
Xerox Printer Default / No Credentials (HTTP)
The remote Xerox Printer is using default or no credentials for the HTTP based interface. Copyright C 2013 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later Th...
RHEL 6 : kernel (RHSA-2011:1106)
Updated kernel packages that fix one security issue, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 6.0 Extended Update Support. The Red Hat Security Response Team has rated this update as having moderate security impact. A Common Vulnerability Scoring...
Scientific Linux Security Update : gtk2 on SL5.x i386/x86_64 (20130108)
An integer overflow flaw was found in the X BitMap XBM image file loader in GTK+. A remote attacker could provide a specially crafted XBM image file that, when opened in an application linked against GTK+ such as Nautilus, would cause the application to crash. CVE-2012-2370 This update also fixes...
drupal -- multiple vulnerabilities
Drupal Security Team reports: Cross-site scripting Various core and contributed modules Access bypass Book module printer friendly version Access bypass Image module...
RedHat Update for hplip3 RHSA-2013:0133-01
The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...
RHEL 5 : hplip3 (RHSA-2013:0133)
Updated hplip3 packages that fix one security issue and one bug are now available for Red Hat Enterprise Linux 5. The Red Hat Security Response Team has rated this update as having low security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...
Cisco VoIP Phone Hacked, Turned into Listening Device
Network-enabled devices such as routers and printers are notoriously insecure and fully exploitable gateways leading attackers toward network resources. A researcher and PhD student at Columbia University recently added VoIP phones to the list of pressing concerns. Ang Cui demonstrated an attack...
[security bulletin] HPSBPI02828 SSRT100778 rev.1 - HP LaserJet and Color LaserJet, Cross-Site Scripting (XSS)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Note: the current version of the following document is available here: https://h20566.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emrna-c03556108 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c03556108 Version: 1 HPSBPI02828...
Samsung / Dell Printer SNMP Backdoor
Binary data 6639.prm...
Samsung / Dell Printer SNMP Backdoor
The remote host appears to be a Samsung printer, or a Dell printer manufactured by Samsung. It has a hard-coded SNMP read-write community string that allows access even when SNMP has been disabled in the printer management utility. A remote, unauthenticated attacker can exploit this to take contr...
Samsung 打印机固件管理账号后门
BUGTRAQ ID: 56692 CVECAN ID: CVE-2012-4964 Samsung是韩国三星电子,成立于1969年。 Samsung打印机及某些三星产的Dell打印机包含硬编码的完全读写权限的SNMP community string,即使在打印机管理程序中禁用SNMP,此字符串也是有效的,导致远程攻击者可完全控制受影响设备。2012年10月31日后的发布的模块不受此漏洞的影响。 利用该漏洞,一个远端的未授权的攻击者可以1 以管理权限访问受影响设备 (2)修改受影响设备的配置、访问敏感资源 (3) 代码执行 有报告称已有发布工具利用该漏洞。 0 Samsung...
Samsung printer having secret admin account Backdoor
US CERT warn about Some Samsung printers, including models the Korean company made for Dell, have a backdoor administrator account coded into their firmware. This hard coded admin account in firmware could enable attackers to change their configuration, read their network information or stored...
CVE-2012-4964
The Samsung printer firmware before 20121031 has a hardcoded read-write SNMP community, which makes it easier for remote attackers to obtain administrative access via an SNMP request...
Hardcoded credentials
The Samsung printer firmware before 20121031 has a hardcoded read-write SNMP community, which makes it easier for remote attackers to obtain administrative access via an SNMP request...
CVE-2012-4964
The CVE-2012-4964 vulnerability affects Samsung printer firmware prior to 20121031 that ships with a hardcoded read-write SNMP community string. This enables remote attackers to obtain administrative access over SNMP, potentially taking full control of affected devices (including some Dell-brande...
CVE-2012-4964
The Samsung printer firmware before 20121031 has a hardcoded read-write SNMP community, which makes it easier for remote attackers to obtain administrative access via an SNMP request...
Samsung Printer SNMP Hardcoded Community String Authentication Bypass Vulnerability
Samsung Printers are prone to an authentication bypass vulnerability. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Cross site scripting
Cross-site scripting XSS vulnerability in the Printer, email and PDF versions module 6.x-1.x before 6.x-1.15 and 7.x-1.x before 7.x-1.0 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably the PATHINFO...
CVE-2012-2084
Cross-site scripting XSS vulnerability in the Printer, email and PDF versions module 6.x-1.x before 6.x-1.15 and 7.x-1.x before 7.x-1.0 for Drupal allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, probably the PATHINFO...
CVE-2012-2084
The CVE-2012-2084 case affects Drupal’s Printer, email and PDF versions module (6.x-1.x before 6.x-1.15; 7.x-1.x before 7.x-1.0). The root cause is insufficient escaping of URL elements when rendering content, allowing remote attackers to inject arbitrary scripts/HTML (XSS) via likely PATH_INFO v...