2133 matches found
Air Messenger LAN Server (AMLServer) stores usernames and passwords in plaintext
Overview Air Messenger LAN Server AMLServer stores usernames and passwords in plaintext. Description AMLServer for windows is a paging gateway that allows users on a TCP/IP LAN to communicate with mobile devices such as phones and pagers. Access to AMLServer's services is protected by a user...
PostNuke 0.6 - User Login
PostNuke 0.6 - User Login source: https://www.securityfocus.com/bid/3435/info PostNuke, successor to PHPNuke, is a content management system written in PHP. PostNuke versions 0.62 to 0.64 suffer from a vulnerability that allows a remote user to log-in as any user with known username and ID withou...
CVE-1999-1133
CVE-1999-1133 affects HP-UX 9.x and 10.x running X Windows. Local attackers can gain privileges via the unauthenticated components vuefile, vuepad, dtfile, or dtpad. The provided sources describe the vulnerable components and the privilege escalation vector but do not specify a patch or remediati...
ISS Security Advisory: Remote Buffer Overflow in Multiple RADIUS Implementations
Internet Security Systems Security Advisory July 5, 2001 Remote Buffer Overflow in Multiple RADIUS Implementations Synopsis: ISS X-Force has discovered buffer overflow vulnerabilities in two popular Remote Authentication Dial-In User Server RADIUS implementations. RADIUS was originally designed t...
Несанкционированный доступ через HTTP в Cisco (unauthorized access).
Можно обойти проверку имени/пароля пользователя...
Rumpus FTP Server 1.3.x2.0.3 - Stack Overflow Denial of Service
Rumpus FTP Server 1.3.x2.0.3 - Stack Overflow Denial of Service source: https://www.securityfocus.com/bid/2864/info Rumpus FTP Server is an implementation for MacOS which allows file-sharing across TCP/IP connections. Rumpus FTP is prone to a denial of service. An ftp user can engage the attack b...
More on Ultimate Bullering Board
In response to Scott Ashman's post about UBB. After i discovered this bug last week i tried to contact infopop on 3 email adresses from their contact page i finally managed to find one that didn't bounce, but i haven't recieved any response yet. Anyway, Scott describes a way to retrieve other...
Adcycle 0.78b Authentication
|---------------------------------------------------------------------------------| / Product: Adcycle Banner Rotation. Vendor URL: www.adcycle.com / Tested on: v0.77 - 0.78b Freeware Linux Vendor Contact: Mailed on 15th January i think Twice with NO reply / Other: Commericial version NOT tested...
WebMaster ConferenceRoom 1.8 Developer Edition - Denial of Service
WebMaster ConferenceRoom 1.8 Developer Edition - Denial of Service source: https://www.securityfocus.com/bid/2178/info WebMaster ConferenceRoom Developer Edition is a chat package which enables a large community of users to chat together. ConferenceRoom has a wide range of capabilities and a user...
Decrypting passwords for SmartServer 3
Product: Smart Server 3 by NetCPlus Version: 3.75 others? OS: Windows NT/2000/9x Description: SmartServer3 SS3 is a small business email server from NetCPlus. It installs by default in C:Program Filessmartserver3 . In this folder it stores a configuration file called 'dialsrv.ini' . This file is...
Brute Forcing FTP Servers with enabled anti-hammering (anti brute-force) modus
Brute Forcing FTP Servers with enabled anti-hammering ant brute-force modus ----------------------------------------------------------------------------- While playing around with Serv-U FTP Server, I found out that it is possible to bypass it's hammering protection which should protect accounts...
CVE-2000-0627
BlackBoard CourseInfo 4.0 is affected by an authentication flaw that allows local users to modify CourseInfo database information and gain privileges by directly calling supporting CGI programs such as user_update_passwd.pl and user_update_admin.pl. The provided documents do not include remediati...
CVE-2000-0627
BlackBoard CourseInfo 4.0 does not properly authenticate users, which allows local users to modify CourseInfo database information and gain privileges by directly calling the supporting CGI programs such as userupdatepasswd.pl and userupdateadmin.pl...
Darxite 0.4 - Login Buffer Overflow
Darxite 0.4 - Login Buffer Overflow // source: https://www.securityfocus.com/bid/1598/info Darxite 0.4 does not do proper bounds checking on user-supplied data during the login process, relying on sprintf to deliver the data into a 256 character buffer. Therefore, it is possible for an attacker t...
Проблема в Firewall-1 Session Agent
При авторизации отдельно проверяется имя пользователя и пароль, кроме того не установлено максимальное число попыток...
CVE-2000-0278
The SalesLogix Eviewer allows remote attackers to cause a denial of service by accessing the URL for the slxweb.dll administration program, which does not authenticate the user...
WFTPD 2.4.1RC11 - STATLIST Denial of Service
WFTPD 2.4.1RC11 - STATLIST Denial of Service source: https://www.securityfocus.com/bid/1506/info WFTPD versions prior to 2.4.1RC11 suffer from a number of vulnerabilities. 1 Issuing a STAT command while a LIST is in progress will cause the ftp server to crash. 2 If the REST command is used to wri...
Blackboard Courseinfo v4.0 User Authentication
Apparently Courseinfo or at least the implementation I was playing with has no user authentication, meaning that anyone can force feed their own form values and Perl with merrily modify the database. So for instance running: all form input is in caps for readability...
Дыра в AllManage
Возможно обойти авторизацию пользователя, получить доступ к административному паролю и конфигурационным файлам...
CVE-2000-0244
The CVE-2000-0244 entry concerns the Citrix ICA (Independent Computing Architecture) protocol, which uses weak encryption (XOR) for user authentication. According to the provided data, the vulnerability has a CVSS v2 base score of 10.0 (HIGH) with network attack vector, no authentication required...