22 matches found
EUVD-2002-0390
Malware in sbrugna...
EUVD-2002-0393
Malware in sbrugna...
EUVD-2002-0392
Malware in sbrugna...
EUVD-2002-0395
Malware in sbrugna...
CVE-2002-0398
CVE-2002-0398 affects Red-M 1050AP (Bluetooth Access Point) PPP server. The vulnerability allows bonded users to cause a denial of service and, per description, possibly execute arbitrary code via a long user name. This is tied to the PPP authentication path and the device’s management interface....
CVE-2002-0397
The Red-M 1050 Bluetooth Access Point publicly broadcasts device identifiers (name, IP, etc.) via UDP to the broadcast address on port 8887, enabling any on-network host to observe potentially sensitive AP information. Root cause appears to be information exposure through unauthenticated UDP broa...
CVE-2002-0396
The CVE-2002-0396 issue affects Red-M 1050 AP web management server. It does not require site-wide credentials for every request; session state is not tied to a logged-in user, enabling an attacker from the same IP as a valid session to access the management interface. The impact is described as ...
CVE-2002-0396
The web management server for Red-M 1050 Bluetooth Access Point does not use session-based credentials to authenticate users, which allows attackers to connect to the server from the same IP address as a user who has already established a session...
CVE-2002-0395
CVE-2002-0395 affects the Red-M 1050 Bluetooth Access Point: its TFTP server supply chain cannot be disabled, enabling an attacker to crack the administration password via UDP-based attacks. The vulnerability comes from the TFTP server being always active, which, combined with weak admin-password...
CVE-2002-0395
The TFTP server for Red-M 1050 Bluetooth Access Point can not be disabled and makes it easier for remote attackers to crack the administration password via brute force methods...
CVE-2002-0394
Red-M 1050 Bluetooth Access Point uses case insensitive passwords, which makes it easier for attackers to conduct a brute force guessing attack due to the smaller space of possible passwords...
CVE-2002-0394
The CVE-2002-0394 entry refers to Red-M 1050 Access Point vulnerabilities. Affected device: Red-M 1050AP; issue: case-insensitive administrative passwords with max length 16 and allowed chars [a–z0–9], enabling quicker brute-force attempts. Related issues documented include Management Web Server ...
CVE-2002-0395
The TFTP server for Red-M 1050 Bluetooth Access Point can not be disabled and makes it easier for remote attackers to crack the administration password via brute force methods...
CVE-2002-0393
Buffer overflow in Red-M 1050 Bluetooth Access Point management web interface allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long administration password...
CVE-2002-0398
Red-M 1050 Bluetooth Access Point PPP server allows bonded users to cause a denial of service and possibly execute arbitrary code via a long user name...
CVE-2002-0396
The web management server for Red-M 1050 Bluetooth Access Point does not use session-based credentials to authenticate users, which allows attackers to connect to the server from the same IP address as a user who has already established a session...
@stake advisory: Multiple Red-M 1050 Blue Tooth Access Point Vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 @stake, Inc. www.atstake.com Security Advisory Advisory Name: Multiple Red-M 1050 Blue Tooth Access Point Vulnerabilities Issues: Red-M 1050 Access Point Management Web Server DoS Red-M 1050 Access Point Case Insensitive Passwords Red-M 1050 Access...
Multiple RED-M 1050 bugs
No description provided...
CVE-2002-0393
Buffer overflow in Red-M 1050 Bluetooth Access Point management web interface allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long administration password...
CVE-2002-0393
Affected product: Red-M 1050 Bluetooth Access Point (management web interface). Vulnerable component: the management web server where a buffer overflow can be triggered by a long administration password, leading to remote DoS and potentially arbitrary code execution. Exploitation details are not ...