Lucene search
+L

6715 matches found

Symantec
Symantec
added 2003/07/01 12:0 a.m.29 views

InterSystems Cache Insecure Default Permissions Vulnerability

Description It has been reported that the permissions set by default on the files and directories comprising InterSystems Cache are insecure. The permissions on directories allegedly allow for any user to overwrite any file. This creates many opportunities for local attackers to obtain root...

2.1AI score
Exploits0References3Affected Software1
securityvulns
securityvulns
added 2003/05/28 12:0 a.m.28 views

PalmVNC 1.40 Insecure Records

Flurnet Security ---------------- Application: PalmVNC 1.40 Developers: Harkan Software http://www.harakan.btinternet.co.uk/PalmVNC/ Vladimir Minenko http://www.wind-networks.de/PalmVNC/ Scope: VNC passwords saved in plaintext with backup bit. Tested on: PalmVNC 1.40 older versions probably...

7.3AI score
Exploits0
Symantec
Symantec
added 2003/04/11 12:0 a.m.26 views

Oracle E-Business Suite RRA/FNDFS Arbitrary File Disclosure Vulnerability

Description Oracle E-Business suite RRA/FNDFS server has been reported prone to an arbitrary file disclosure vulnerability. The Oracle FNDFS server is used in usual circumstances, by Oracle utilities, to retrieve and extract report data from Concurrent Manager server. It has been reported that...

0.6AI score
Exploits0References5Affected Software2
securityvulns
securityvulns
added 2003/03/27 12:0 a.m.22 views

CERT Advisory CA-2003-11 Multiple Vulnerabilities in Lotus Notes and Domino

-----BEGIN PGP SIGNED MESSAGE----- CERT Advisory CA-2003-11 Multiple Vulnerabilities in Lotus Notes and Domino Original release date: March 26, 2003 Last revised: -- Source: CERT/CC A complete revision history can be found at the end of this file. Systems Affected Lotus Notes and Domino versions...

0.2AI score
Exploits0
CERT
CERT
added 2003/03/13 12:0 a.m.27 views

Protegrity Secure.Data for Microsoft SQL Server 2000 contains buffer overflows in extended stored procedures

Overview Protegrity Secure.Data for Microsoft SQL Server 2000 includes several extended stored procedures that contain buffer overflow vulnerabilities. These vulnerabilities could allow a remote attacker to execute arbitrary code, gain access to databases, or cause a denial of service. Descriptio...

10CVSS8.3AI score0.04751EPSS
Exploits0References6
CERT
CERT
added 2003/03/13 12:0 a.m.21 views

Lotus Domino Web Retriever contains a buffer overflow vulnerability

Overview A buffer overflow vulnerability may be exploited via the Lotus Domino Web Retriever. Versions prior to 5.0.12 and 6.0 are affected. Description According to the Rapid7 Advisory:The Lotus Notes/Domino Web Retriever task is responsible for retrieving web pages on behalf of Notes users who...

7.6AI score
Exploits0References2
Symantec
Symantec
added 2003/02/04 12:0 a.m.27 views

Opera Cross Domain Scripting Vulnerability

Description A vulnerability has been reported reported for Opera 7 browsers for Microsoft Windows operating systems. Due to flaws in Opera, it is possible for functions in different domains to be accessed and executed by an attacker with the credentials of the victim user. This vulnerability is...

1.2AI score
Exploits0References1Affected Software1
Cisco
Cisco
added 2003/01/25 2:0 p.m.17 views

MS SQL Worm Mitigation Recommendations

...

1.4AI score
Exploits0References1
Symantec
Symantec
added 2002/12/12 12:0 a.m.37 views

Microsoft Internet Explorer PNG Deflate Heap Corruption Vulnerability

Description A heap corruption vulnerability has been reported for Microsoft Internet Explorer. The vulnerability is related to the way that Microsoft Internet Explorer interprets PNG image data. The function that handles the deflation of PNG images does not properly handle some invalid data withi...

7.4AI score
Exploits0References1Affected Software1
Symantec
Symantec
added 2002/11/20 12:0 a.m.26 views

Microsoft Data Access Components RDS Buffer Overflow Vulnerability

Description Microsoft Data Access Components MDAC contains a buffer overflow in a Remote Data Services RDS component. The server side RDS component affected is called the RDS Data Stub, while the client side is called the Data Space control. Successful exploitation of this vulnerability could all...

0.6AI score
Exploits0References3Affected Software1
Symantec
Symantec
added 2002/11/13 12:0 a.m.25 views

TCPDump / LIBPCap Trojan Horse Vulnerability

Description It has been announced that the server hosting tcpdump and libpcap, www.tcpdump.org, was compromised recently. It has been reported that the intruder made modifications to the source code of tcpdump and libpcap to include trojan horse code. Downloads of the source code of tcpdump and...

7.3AI score
Exploits0References1Affected Software2
Debian
Debian
added 2002/10/18 2:0 p.m.32 views

[SECURITY] [DSA 179-1] New gnome-gv packages fix buffer overflow

-------------------------------------------------------------------------- Debian Security Advisory DSA 179-1 [email protected] http://www.debian.org/security/ Martin Schulze October 18th, 2002 http://www.debian.org/security/faq -...

4.6CVSS0.6AI score0.02025EPSS
Exploits1
securityvulns
securityvulns
added 2002/10/16 12:0 a.m.39 views

Undocumented account vulnerability in Avaya P550R/P580/P880/P882 switches

Undocumented account vulnerability in Avaya P550R/P580/P880/P882 switches 1. Problem Description Two undocummented accounts with default passwords allow access via telnet and the web interface to Cajun P550R/P580/P880/P882 switches. Both accounts give developer access to the switch. The...

1AI score
Exploits0
securityvulns
securityvulns
added 2002/09/28 12:0 a.m.24 views

JSP source code exposure in Tomcat 4.x

Tomcat 4.x JSP source exposure security advisory 1. Summary Tomcat 4.0.4 and 4.1.10 probably all other earlier versions also are vulnerable to source code exposure by using the default servlet org.apache.catalina.servlets.DefaultServlet. 2. Details: Let say you have valid URL like...

7.4AI score
Exploits0
Symantec
Symantec
added 2002/09/26 12:0 a.m.19 views

Multiple OpenVMS WASD HTTP Server Vulnerabilities

Description Multiple vulnerabilities have been reported in WASD HTTP Server for OpenVMS. The consequences of successful exploitation of these issues may range from information disclosure to varying degrees of remote compromise. Technologies Affected WASD WASD HTTP Server 7.1.0 WASD WASD HTTP Serv...

0.7AI score
Exploits0References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2002/08/18 12:0 a.m.20 views

AppSocket Half-open Connection Remote DoS

It seems that it is possible to lock out your printer from the network by opening a few connections and keeping them open. Note that the AppSocket protocol is so crude that Nessus cannot check if it is really running behind this port. C Tenable Network Security, Inc. include"compat.inc"; if...

5.5AI score
Exploits0
securityvulns
securityvulns
added 2002/06/12 12:0 a.m.49 views

Xinet K-Talk Appletalk(tm) xkas vulnerability on IRIX

-----BEGIN PGP SIGNED MESSAGE----- SGI Security Advisory Title: Xinet K-Talk Appletalktm xkas vulnerability Number: 20020604-01-I Date: June 10, 2002 Reference: CAN-2002-0213 - ----------------------- - --- Issue Specifics --- - ----------------------- It's been reported that the Appletalktm...

2.1CVSS0.2AI score0.00345EPSS
Exploits0
securityvulns
securityvulns
added 2002/01/03 12:0 a.m.49 views

blackshell2: zml.cgi remote exploit

-----BEGIN PGP SIGNED MESSAGE----- --blackshell security advisory no2-- --zml.cgi remote exploit-- vendor details & history zml.cgi for webservers by jero.cc http://www.jero.cc/zml/zml.html details of exploit this is a classic CGI bug which uses ../../../../ to read remote files. example:...

0.8AI score
Exploits0
securityvulns
securityvulns
added 2001/11/13 12:0 a.m.33 views

RADIX1112200101

Team RADIX Research Report: RADIX1112200101 Date Published: 11-12-2001 Research Report ID: RADIX1112200101 Bugtraq ID: 3185 CVE CAN: N/A Title: RunAs Service Pipe Authentication Failure Class: Privilege Escalation and Information Disclosure Remotely Exploitable: No Locally Exploitable: Yes...

Exploits0
Packet Storm
Packet Storm
added 2001/09/19 12:0 a.m.35 views

majordomo.1.94.4.txt

Hi, I found something to discuss, this time involving majordomo. This was tested on a Slackware linux 8.0 kernel 2.4.8; majordomo version 1.94.4, I also tested the other versions and all default installs had the same problem, note that the versions 1.94.1 an 1.94.2 should NOT be used anymore, tho...

7.4AI score
Exploits0
Rows per page
Query Builder