33 matches found
EUVD-2007-4132
Malware in sbrugna...
EUVD-2007-4136
Malware in sbrugna...
EUVD-2007-4135
Malware in sbrugna...
Visionsoft Audit Detection
Detection of Visionsoft Audit based on the Visionsoft Audit on Demand Service. Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program ...
Visionsoft Audit Multiple Vulnerabilities
Visionsoft Audit is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2009 Tim Brown Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:visionsoft:audit";...
CVE-2007-4150
The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 uses weak cryptography XOR when 1 transmitting passwords, which allows remote attackers to obtain sensitive information by sniffing the network; and 2 storing passwords in the configuration file, which allows local users to...
Command injection
The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 allows remote attackers to obtain sensitive information via 1 a LOG.ON command, which reveals the logging pathname in the server response; 2 a VER command, which reveals the version number in the server response; and 3 a...
Design/Logic Flaw
The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 uses weak cryptography XOR when 1 transmitting passwords, which allows remote attackers to obtain sensitive information by sniffing the network; and 2 storing passwords in the configuration file, which allows local users to...
CVE-2007-4150
The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 uses weak cryptography XOR when 1 transmitting passwords, which allows remote attackers to obtain sensitive information by sniffing the network; and 2 storing passwords in the configuration file, which allows local users to...
CVE-2007-4151
The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 allows remote attackers to obtain sensitive information via 1 a LOG.ON command, which reveals the logging pathname in the server response; 2 a VER command, which reveals the version number in the server response; and 3 a...
Design/Logic Flaw
The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 allows remote attackers to conduct replay attacks by capturing and resending data from the DETAILS and PROCESS sections of a session that schedules an audit...
CVE-2007-4148
Heap-based buffer overflow in the Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 allows remote attackers to cause a denial of service persistent daemon crashes or execute arbitrary code via a long filename in a "LOG." command...
CVE-2007-4149
The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 does not require authentication for 1 the "LOG." command, which allows remote attackers to create or overwrite arbitrary files; 2 the SETTINGSFILE command, which allows remote attackers to overwrite the ini file, and...
Heap overflow
Heap-based buffer overflow in the Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 allows remote attackers to cause a denial of service persistent daemon crashes or execute arbitrary code via a long filename in a "LOG." command...
CVE-2007-4152
The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 allows remote attackers to conduct replay attacks by capturing and resending data from the DETAILS and PROCESS sections of a session that schedules an audit...
Command injection
The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 does not require authentication for 1 the "LOG." command, which allows remote attackers to create or overwrite arbitrary files; 2 the SETTINGSFILE command, which allows remote attackers to overwrite the ini file, and...
CVE-2007-4152
The CVE-2007-4152 issue affects Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0. The vulnerability allows remote replay of data from the DETAILS and PROCESS sections of a session that schedules an audit. This is the stated impact in the provided documents; no exploitation ...
CVE-2007-4148
Heap-based buffer overflow in the Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 allows remote attackers to cause a denial of service persistent daemon crashes or execute arbitrary code via a long filename in a "LOG." command...
CVE-2007-4150
The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 uses weak cryptography XOR when 1 transmitting passwords, which allows remote attackers to obtain sensitive information by sniffing the network; and 2 storing passwords in the configuration file, which allows local users to...
CVE-2007-4151
The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 allows remote attackers to obtain sensitive information via 1 a LOG.ON command, which reveals the logging pathname in the server response; 2 a VER command, which reveals the version number in the server response; and 3 a...