2665 matches found
CVE-2005-4050
Buffer overflow in multiple Multi-Tech Systems MultiVOIP devices with firmware before x.08 allows remote attackers to execute arbitrary code via a long INVITE field in a Session Initiation Protocol SIP packet...
CVE-2005-4050
Buffer overflow in multiple Multi-Tech Systems MultiVOIP devices with firmware before x.08 allows remote attackers to execute arbitrary code via a long INVITE field in a Session Initiation Protocol SIP packet...
CVE-2005-4050
CVE-2005-4050 describes a buffer overflow in multiple Multi-Tech Systems MultiVOIP devices with firmware before x.08. The vulnerability arises from processing a long SIP INVITE field, allowing a remote attacker to execute arbitrary code. Affected product family: MultiVOIP devices (vendor: Multi-T...
OASYS Lite 1.0 "search.asp" XSS vuln.
OASYS Lite 1.0 "search.asp" XSS vuln. Vuln. dicovered by : r0t Date: 25 nov. 2005 Original advisory:http://pridels.blogspot.com/2005/11/oasys-lite-10-searchasp-xss-vuln.html Vendor:www.onlinetechtools.com Product link:http://www.onlinetechtools.com/products/oasyslite/ affected vesion: 1.0 and pri...
Crack disc encryption: the DVD of the blockbuster copy to the hard-vulnerability warning-the black bar safety net
A few years ago VCD legitimate popular, we will often VCD, Mpegav directory under the file copy directly to the hard disk, so not only can reduce drive wear and tear, but also to ensure the VCD of smooth playback. Now, when we play a DVD movie when the DVD drive is more busy, if you can spend som...
citypostXSS.txt
sNKenjoi's Security Advisory: XSS Vunerabilities in Multiple CityPost Software Security Advisory: XSS Vunerabilities in Multiple CityPost Software Severity: Medium Title: XSS Vunerabilities in Simple PHP Upload, Simple Image Editor and Automated Link Exchange Vendor: Allen Kim Vendor Website:...
CVE-2002-1629
Multi-Tech ProxyServer products MTPSR1-100, MTPSR1-120, MTPSR1-202ST, MTPSR2-201, and MTPSR3-200 ship with a null password, which allows remote attackers to gain administrative privileges via Telnet or HTTP...
CVE-2002-1629
CVE-2002-1629 affects multiple MultiTech ProxyServer models (MTPSR1-100, MTPSR1-120, MTPSR1-202ST, MTPSR2-201, MTPSR3-200). The issue is caused by a default/null password on the remote administration account (supervisor), allowing remote attackers to gain administrative privileges via Telnet or H...
Cisco 'tech-support' Anonymous User Debugging Information Disclosure
Binary data 2497.prm...
Unsecure Ftpd on HP PSC 2510 Printer
Product Name: HP PSC 2510 Summary: Ftp print service is not configurable This printer comes with an ftp daemon which allows anonymous access, and drops the user into a write only directory. By default anyone from anywhere can drop a file into this directory and the printer will print the document...
FlexWATCH-Webs 2.2 (NTSC) Authorization Bypass
Application: FlexWATCH-Webs Vendors: Seyeon TECH Co., Ltd. http://www.flexwatch.com/ http://www.seyeon.co.kr Versions: = 2.2 NTSC Platforms: Windows Bug: Authorization Bypass Risk: Very High Exploitation: Remote with browser Date: 26 Jan 2004 Author: Rafel Ivgi, The-Insider e-mail:...
Multiple Vulnerabilities In P-Synch Password Management
Multiple Vulnerabilities In P-Synch Password Management ------------------------------------------------------- The other night I came across a server running P-Synch. I had never heard of it so i was curious to poke around on it a bit. Within an hour i found the vulns listed below. Im pretty sur...
M-TECH P-Synch 6.2.5 - 'nph-psf.exe?css' Remote File Inclusion
source: https://www.securityfocus.com/bid/7747/info A remote file include vulnerability has been reported for P-Synch. Due to insufficient sanitization of some user-supplied URI variables, it is possible for a remote attacker to include a malicious file in a URL. An attacker may exploit this by...
Multi-Tech ProxyServers ship with null password for administrative access
Overview Some versions of the Multi-Tech ProxyServer products ship without a default password for the administrative interface. Description Some versions of the Multi-Tech ProxyServer products ships without a default password for the administrative interface permitting unauthenticated access via...
CVE-2002-1629
Multi-Tech ProxyServer products MTPSR1-100, MTPSR1-120, MTPSR1-202ST, MTPSR2-201, and MTPSR3-200 ship with a null password, which allows remote attackers to gain administrative privileges via Telnet or HTTP...
CVE-2002-0305
Zero One Tech ZOT P100s print server does not properly disable the SNMP service or change the default password, which could leave the server open to attack without the administrator's knowledge...
CVE-2002-0305
Zero One Tech ZOT P100s print server does not properly disable the SNMP service or change the default password, which could leave the server open to attack without the administrator's knowledge...
CVE-1999-1533
The CVE-1999-1533 issue affects the Eicon Technology Diva LAN ISDN modem. A remote attacker can cause a denial-of-service (hang/crash) by sending a long password to the login.htm HTTP page, likely due to a buffer overflow in the login handling. Exploitation is remote via the login page parameter,...
Novell Groupwise Client Vulnerability
Novell GroupWise Client read file/view vulnerability gw5.5epsp2--file view problems-- OS Affected Win 95/98/NT/2000/ME all sp levels Programs Affected GroupWise 5.5ep sp1 other versions of GroupWise 5 are probably vulnerable Discussion with zen polices or NT Polices installed properly on a window...
IBM DB2 SQL DOS
1.Description The DB2 Universal Database builds upon the stability and performance of DB2 on the mainframe and provides the features required in a distributed database product. DB2 Universal Database UDB is IBM's relational database server solution for the UNIX, OS/2 and Windows NT/2000 operating...