CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

No description provided by source. source: http://www.securityfocus.com/bid/9618/info Problems in various abilities have been identified in the Red-M Red-Alert network monitors. Because of this issues, an attacker may be able to crash a vulnerable device and eliminate logs, gain unauthorized acce...

7.1AI score

Exploits0

CVE•added 2005/05/19 4:0 a.m.•40 views

CVE-2004-2078

Red-M Red-Alert 2.7.5 with software 3.1 build 24 is affected. A remote attacker can trigger a denial of service (reboot and loss of logged events) by sending a long request to TCP port 80, potentially causing a buffer overflow. No explicit exploitation details or mitigations are provided in the s...

5CVSS7.3AI score0.18247EPSS

Exploits1References9Affected Software1

CVE•added 2005/05/19 4:0 a.m.•38 views

CVE-2004-2079

Red-M Red-Alert 2.7.5 with software 3.1 build 24 is affected: authentication is bound to client IPs, allowing remote attackers to bypass authentication by connecting from the same IP as an active authenticated user. No explicit root cause, affected components, versions beyond what's stated are pr...

7.5CVSS7.2AI score0.01008EPSS

Exploits1References8Affected Software1

CVE•added 2005/05/19 4:0 a.m.•42 views

CVE-2004-2080

CVE-2004-2080 affects Red-M Red-Alert 2.7.5 with software 3.1 build 24. The issue is that multiple spaces in an SSID are collapsed to a single space, which prevents Red-Alert from correctly identifying the SSID. The connected documents confirm the affected product/version and the underlying cause...

5CVSS6.9AI score0.00786EPSS

Exploits1References8Affected Software1

Cvelist•added 2005/05/19 4:0 a.m.•13 views

CVE-2004-2078

Red-M Red-Alert 2.7.5 with software 3.1 build 24 allows remote attackers to cause a denial of service reboot and loss of logged events via a long request to TCP port 80, possibly triggering a buffer overflow...

7AI score0.18247EPSS

Exploits1References9

Cvelist•added 2005/05/19 4:0 a.m.•16 views

CVE-2004-2079

Red-M Red-Alert 2.7.5 with software 3.1 build 24 binds authentication to IP addresses, which allows remote attackers to bypass authentication by connecting from the same IP address as an active authenticated user...

6.8AI score0.01008EPSS

Exploits1References8

CVE•added 2004/09/01 4:0 a.m.•47 views

CVE-2002-0395

CVE-2002-0395 affects the Red-M 1050 Bluetooth Access Point: its TFTP server supply chain cannot be disabled, enabling an attacker to crack the administration password via UDP-based attacks. The vulnerability comes from the TFTP server being always active, which, combined with weak admin-password...

10CVSS6.8AI score0.01214EPSS

Exploits1References2Affected Software1

CVE•added 2004/09/01 4:0 a.m.•45 views

CVE-2002-0396

The CVE-2002-0396 issue affects Red-M 1050 AP web management server. It does not require site-wide credentials for every request; session state is not tied to a logged-in user, enabling an attacker from the same IP as a valid session to access the management interface. The impact is described as ...

7.5CVSS6.6AI score0.00527EPSS

Exploits1References3Affected Software1

Cvelist•added 2004/09/01 4:0 a.m.•15 views

CVE-2002-0395

The TFTP server for Red-M 1050 Bluetooth Access Point can not be disabled and makes it easier for remote attackers to crack the administration password via brute force methods...

6.8AI score0.01214EPSS

Exploits1References2

CVE•added 2004/09/01 4:0 a.m.•47 views

CVE-2002-0398

CVE-2002-0398 affects Red-M 1050AP (Bluetooth Access Point) PPP server. The vulnerability allows bonded users to cause a denial of service and, per description, possibly execute arbitrary code via a long user name. This is tied to the PPP authentication path and the device’s management interface....

10CVSS7.6AI score0.00817EPSS

Exploits1References3Affected Software1

Cvelist•added 2004/09/01 4:0 a.m.•15 views

CVE-2002-0396

The web management server for Red-M 1050 Bluetooth Access Point does not use session-based credentials to authenticate users, which allows attackers to connect to the server from the same IP address as a user who has already established a session...

6.5AI score0.00527EPSS

Exploits1References3

CVE•added 2004/09/01 4:0 a.m.•47 views

CVE-2002-0397

The Red-M 1050 Bluetooth Access Point publicly broadcasts device identifiers (name, IP, etc.) via UDP to the broadcast address on port 8887, enabling any on-network host to observe potentially sensitive AP information. Root cause appears to be information exposure through unauthenticated UDP broa...

5CVSS6AI score0.00502EPSS

Exploits1References2Affected Software1