48 matches found
CVE-2014-9605
WebUpgrade in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and create a system backup tarball, restart the server, or stop the filters on the server via a ' single quote character in the login and password parameters to...
Sql injection
WebUpgrade in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and create a system backup tarball, restart the server, or stop the filters on the server via a ' single quote character in the login and password parameters to...
CVE-2014-9605
WebUpgrade in Netsweeper before 3.1.10, 4.0.x before 4.0.9, and 4.1.x before 4.1.2 allows remote attackers to bypass authentication and create a system backup tarball, restart the server, or stop the filters on the server via a ' single quote character in the login and password parameters to...
Netsweeper 4.0.8 - SQL Injection / Authentication Bypass
+----------------------------------------------------------------+ + Netsweeper 4.0.8 - SQL Injection Authentication Bypass Admin + +----------------------------------------------------------------+ Affected Product: Netsweeper Vendor Homepage : www.netsweeper.com/ Version : 4.0.8 and probably...
[SECURITY] Fedora 21 Update: dump-0.4-0.24.b44.fc21
The dump package contains both dump and restore. Dump examines files in a filesystem, determines which ones need to be backed up, and copies those files to a specified disk, tape, or other storage medium. The restore command performs the inverse function of dump; it can restore a full backup of a...
Create Linux System Backup: Systemback
Create Linux System Backup Systemback makes it easy to create backups of system and users configuration files. In case of problems you can easily restore the previous state of the system. There are extra features like system copying, system installation and Live system creation. Create Linux Syst...
NGS00157 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Password hashes can be recovered from a system backup and easily cracked
Medium Risk Vulnerability in McAfee Email and Web Security Appliance 29 March 2012 Ben Williams of NGS Secure has discovered a medium risk vulnerability in the McAfee Email and Web Security Appliance Impact: Active session tokens of other users are disclosed within the UI Versions affected: All...
IBM Tivoli Storage Manager多个缓冲区溢出漏洞
IBM Tivoli Storage Manager是一款用于系统备份和恢复的解决方案。 IBM Tivoli Storage Manager存在多个安全问题,远程攻击者可以利用漏洞对应用程序进行拒绝服务或缓冲区溢出攻击。 问题一: 初始化sign-on请求包含指定语言的字段,在一般情况下字符串是dscenu.txt,通常情况下服务器验证的语言字符串不超过0x100字节,但是,如果语言字符串第一个字节为0x18,那么这个检查将不发生,而造成固定的缓冲区被溢出。 问题二和三:...