23 matches found
EUVD-1999-0703
Malware in sbrugna...
EUVD-2000-0430
Malware in sbrugna...
EUVD-2000-0233
Malware in sbrugna...
EUVD-2000-0116
Malware in sbrugna...
CVE-1999-0722
The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages...
Cobalt RaQ2 cgiwrap
'cgiwrap SPDX-FileCopyrightText: 1999 Mathieu Perrin Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.10041";...
CVE-2000-0117
On Cobalt RaQ2 servers, the siteUserMod.cgi CGI allows a Site Administrator to modify passwords for other users, including other Site Administrators and possibly the admin (root). This is a local vulnerability with high impact (confidentiality, integrity, availability) per CVSS 2.0 base score 7.2...
CVE-2000-0117
The siteUserMod.cgi program in Cobalt RaQ2 servers allows any Site Administrator to modify passwords for other users, site administrators, and possibly admin root...
CVE-2000-0431
Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files...
CVE-2000-0431
Cobalt RaQ2/RaQ3 systems with FrontPage uploads expose a permissions/ownership misconfiguration that allows bypassing cgiwrap and modifying uploaded files. The issue is documented in CVE-2000-0431 with references in NVD/CVE records and corroborated by OpenVAS/Nessus entries mentioning cgiwrap vul...
CVE-2000-0234
The default configuration of Cobalt RaQ2 and RaQ3 as specified in access.conf allows remote attackers to view sensitive contents of a .htaccess file...
CVE-2000-0234
CVE-2000-0234 affects the Cobalt RaQ2 and RaQ3 appliances via the default access.conf configuration, which permits remote attackers to view the contents of a ".htaccess" file. The root cause is the default configuration allowing this exposure, leading to partial confidentiality impact. The connec...
Cobalt Networks - Security Advisory - Frontpage
Cobalt Networks -- Security Advisory -- 5.25.2000 Problem: With the current installation of Frontpage on RaQ2 and RaQ3, the ability to write data to other websites hosted on the same RaQ. This is due to a permissioning issue with the 'httpd' user. Description: Thanks to Chris Adams...
CVE-2000-0431
Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files...
Cobalt apache configuration exposes .htaccess
Following some discussion on the cobalt-users list, it seems that this problem affects both the Raq2 and Raq3. It likely affects other cobalt products, but I haven't confirmed it. I verified this on my Raq2. By default, raq-hosted sites expose .htaccess files to the world. The configuration files...
CVE-2000-0234
The default configuration of Cobalt RaQ2 and RaQ3 as specified in access.conf allows remote attackers to view sensitive contents of a .htaccess file...
Security Advisory -- 03.31.2000
Cobalt Networks -- Security Advisory -- 03.31.2000 Problem: RaQ2 and RaQ3 allow remote users to view the contents of an .htaccess file contained within a public website. Relevant products and architectures Product Architecture Vulnerable Qube1 MIPS No Qube2 MIPS No RaQ1 MIPS No RaQ2 MIPS Yes RaQ3...
CVE-2000-0117
The siteUserMod.cgi program in Cobalt RaQ2 servers allows any Site Administrator to modify passwords for other users, site administrators, and possibly admin root...
CVE-1999-0722
The CVE-1999-0722 entry concerns Cobalt RaQ2 servers. The provided documents state that the default configuration allows remote users to install arbitrary software packages, indicating a permission/config issue in the default setup. No concrete exploit details, affected software versions, root ca...
CVE-1999-0722
The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages...