33 matches found
EUVD-2007-4132
Malware in sbrugna...
EUVD-2007-4135
Malware in sbrugna...
EUVD-2007-4136
Malware in sbrugna...
Visionsoft Audit Detection
Detection of Visionsoft Audit based on the Visionsoft Audit on Demand Service. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program ...
Visionsoft Audit Multiple Vulnerabilities
Visionsoft Audit is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Tim Brown Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:visionsoft:audit";...
CVE-2007-4150
The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 uses weak cryptography XOR when 1 transmitting passwords, which allows remote attackers to obtain sensitive information by sniffing the network; and 2 storing passwords in the configuration file, which allows local users to...
Design/Logic Flaw
The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 uses weak cryptography XOR when 1 transmitting passwords, which allows remote attackers to obtain sensitive information by sniffing the network; and 2 storing passwords in the configuration file, which allows local users to...
Heap overflow
Heap-based buffer overflow in the Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 allows remote attackers to cause a denial of service persistent daemon crashes or execute arbitrary code via a long filename in a "LOG." command...
Command injection
The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 allows remote attackers to obtain sensitive information via 1 a LOG.ON command, which reveals the logging pathname in the server response; 2 a VER command, which reveals the version number in the server response; and 3 a...
Command injection
The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 does not require authentication for 1 the "LOG." command, which allows remote attackers to create or overwrite arbitrary files; 2 the SETTINGSFILE command, which allows remote attackers to overwrite the ini file, and...
CVE-2007-4150
The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 uses weak cryptography XOR when 1 transmitting passwords, which allows remote attackers to obtain sensitive information by sniffing the network; and 2 storing passwords in the configuration file, which allows local users to...
CVE-2007-4152
The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 allows remote attackers to conduct replay attacks by capturing and resending data from the DETAILS and PROCESS sections of a session that schedules an audit...
CVE-2007-4149
The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 does not require authentication for 1 the "LOG." command, which allows remote attackers to create or overwrite arbitrary files; 2 the SETTINGSFILE command, which allows remote attackers to overwrite the ini file, and...
CVE-2007-4151
The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 allows remote attackers to obtain sensitive information via 1 a LOG.ON command, which reveals the logging pathname in the server response; 2 a VER command, which reveals the version number in the server response; and 3 a...
CVE-2007-4148
Heap-based buffer overflow in the Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 allows remote attackers to cause a denial of service persistent daemon crashes or execute arbitrary code via a long filename in a "LOG." command...
Design/Logic Flaw
The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 allows remote attackers to conduct replay attacks by capturing and resending data from the DETAILS and PROCESS sections of a session that schedules an audit...
CVE-2007-4151
The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 allows remote attackers to obtain sensitive information via 1 a LOG.ON command, which reveals the logging pathname in the server response; 2 a VER command, which reveals the version number in the server response; and 3 a...
CVE-2007-4148
Heap-based buffer overflow in the Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 allows remote attackers to cause a denial of service persistent daemon crashes or execute arbitrary code via a long filename in a "LOG." command...
CVE-2007-4151
The CVE-2007-4151 issue affects Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0. It enables remote information disclosure via (1) LOG.ON (reveals the logging pathname), (2) VER (reveals the server version in responses), and (3) the banner in an initial connection. CVSSv2 b...
CVE-2007-4148
CVE-2007-4148 concerns Visionsoft Audit’s Audit on Demand Service (VSAOD). A heap-based buffer overflow in VSAOD (Visionsoft Audit 12.4.0.0) is triggered by a long filename in a "LOG." command, enabling remote attackers to cause persistent daemon crashes and, per NVD, potentially execute arbitrar...