Lucene search
K

1751 matches found

Tenable Nessus
Tenable Nessus
added 2001/05/29 12:0 a.m.25 views

Netscape Messenging Server POP3 Error Message User Account Enumeration

The remote POP server allows an attacker to obtain a list of valid logins on the remote host, thanks to a brute-force attack. If the user connects to this port and issues the commands : USER 'someusername' PASS 'whatever' the user will then get a different response whether the account...

5CVSS5.6AI score0.01697EPSS
Exploits1References1
Cvelist
Cvelist
added 2001/05/24 4:0 a.m.20 views

CVE-2001-0421

FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD command, which could release sensitive information such as shadowed...

6.4AI score0.06208EPSS
Exploits1References2
NVD
NVD
added 2001/05/24 4:0 a.m.11 views

CVE-2001-1338

Beck IPC GmbH IPC@CHIP TelnetD server generates different responses when given valid and invalid login names, which allows remote attackers to determine accounts on the system...

5CVSS6.7AI score0.01979EPSS
Exploits0References5
exploitpack
exploitpack
added 2001/04/11 12:0 a.m.16 views

Solaris 2.67.0 - IN.FTPD CWD Username Enumeration

Solaris 2.67.0 - IN.FTPD CWD Username Enumeration source: https://www.securityfocus.com/bid/2564/info Solaris is the variant of the UNIX Operating System distributed by Sun Microsystems. Solaris is a versatile operating system designed for use with machines as small as desktop systems and as larg...

7.4AI score
Exploits0
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.20 views

CVE-2000-0938

Samba Web Administration Tool SWAT in Samba 2.0.7 supplies a different error message when a valid username is provided versus an invalid name, which allows remote attackers to identify valid users on the server...

6.6AI score0.02326EPSS
Exploits1References2
NVD
NVD
added 2000/12/19 5:0 a.m.21 views

CVE-2000-0938

Samba Web Administration Tool SWAT in Samba 2.0.7 supplies a different error message when a valid username is provided versus an invalid name, which allows remote attackers to identify valid users on the server...

5CVSS6.6AI score0.02326EPSS
Exploits1References2
NVD
NVD
added 2000/12/11 5:0 a.m.11 views

CVE-2000-1002

POP3 daemon in Stalker CommuniGate Pro 3.3.2 generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to determine valid email addresses on the server for SPAM attacks...

5CVSS6.7AI score0.07488EPSS
Exploits1References3
NVD
NVD
added 2000/12/11 5:0 a.m.18 views

CVE-2000-1032

The client authentication interface for Check Point Firewall-1 4.0 and earlier generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to identify valid usernames on the firewall...

5CVSS6.9AI score0.01812EPSS
Exploits1References4
NVD
NVD
added 2000/12/11 5:0 a.m.8 views

CVE-2000-1030

CS&T CorporateTime for the Web returns different error messages for invalid usernames and invalid passwords, which allows remote attackers to determine valid usernames on the server...

5CVSS6.7AI score0.01562EPSS
Exploits0References3
NVD
NVD
added 2000/12/11 5:0 a.m.11 views

CVE-2000-1037

Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote attackers to determine valid usernames and guess a password via a brute force attack...

7.5CVSS6.8AI score0.03348EPSS
Exploits1References2
Cvelist
Cvelist
added 2000/11/29 5:0 a.m.17 views

CVE-2000-1017

Webteachers Webdata allows remote attackers with valid Webdata accounts to read arbitrary files by posting a request to import the file into the WebData database...

6.7AI score0.01773EPSS
Exploits1References3
Cvelist
Cvelist
added 2000/11/29 5:0 a.m.13 views

CVE-2000-1030

CS&T CorporateTime for the Web returns different error messages for invalid usernames and invalid passwords, which allows remote attackers to determine valid usernames on the server...

6.7AI score0.01562EPSS
Exploits0References3
CVE
CVE
added 2000/11/29 5:0 a.m.47 views

CVE-2000-1037

The CVE-2000-1037 issue affects Check Point Firewall-1 session agent versions 3.0 through 4.1. The root cause is that the service returns different error messages for invalid usernames versus invalid passwords, enabling remote attackers to enumerate valid usernames and perform brute-force passwor...

7.5CVSS7.2AI score0.03348EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2000/11/29 5:0 a.m.19 views

CVE-2000-1037

Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote attackers to determine valid usernames and guess a password via a brute force attack...

6.8AI score0.03348EPSS
Exploits1References2
securityvulns
securityvulns
added 2000/10/28 12:0 a.m.38 views

I-gear 3.5.x for Microsoft Proxy logging vulnerability + temporary fix.

Hello everyone, this message is generated after several hours with Symantec Tech support and my personal research of the issue. The issue is confirmed to be a problem by Symantec® . Platform: I-gear 3.5.6 and 3.5.7-x for MSP Proxy 2.0 ; Windows NT 4.0 SP6; MSP 2.0 SP1; PowerEdge 2300 dual 450; 51...

6.9AI score
Exploits0
CVE
CVE
added 2000/06/02 4:0 a.m.86 views

CVE-1999-0407

CVE-1999-0407 affects Microsoft IIS 4.0. A default virtual directory /IISADMPWD contains files that can be used as proxies for brute-forcing credentials or identifying valid users. In Nessus data, these files (aexp2.htr, aexp2b.htr, aexp3.htr, aexp4.htr) can enable brute-force login attempts; one...

10CVSS6.7AI score0.05126EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2000/04/26 4:0 a.m.23 views

CVE-2000-0284

Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands...

7.2AI score0.69476EPSS
Exploits5References3
NVD
NVD
added 2000/04/16 4:0 a.m.13 views

CVE-2000-0284

Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands...

7.5CVSS7.2AI score0.69476EPSS
Exploits5References3
exploitpack
exploitpack
added 2000/04/16 12:0 a.m.15 views

University of Washington - imap LSUB Buffer Overflow (Metasploit)

University of Washington - imap LSUB Buffer Overflow Metasploit $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use...

0.5AI score0.69476EPSS
Exploits5
Exploit DB
Exploit DB
added 2000/04/16 12:0 a.m.38 views

University of Washington - imap LSUB Buffer Overflow (Metasploit)

$Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require 'msf/core' class Metasploit3 'UoW IMAP...

7.5CVSS6.7AI score0.69476EPSS
Exploits5
Rows per page
Query Builder