Lucene search
K

33 matches found

CVE
CVE
added 2007/08/03 8:0 p.m.60 views

CVE-2007-4152

The CVE-2007-4152 issue affects Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0. The vulnerability allows remote replay of data from the DETAILS and PROCESS sections of a session that schedules an audit. This is the stated impact in the provided documents; no exploitation ...

9.3CVSS7.5AI score0.01826EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2007/08/03 8:0 p.m.27 views

CVE-2007-4151

The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 allows remote attackers to obtain sensitive information via 1 a LOG.ON command, which reveals the logging pathname in the server response; 2 a VER command, which reveals the version number in the server response; and 3 a...

7.3AI score0.01268EPSS
Exploits0References6
CVE
CVE
added 2007/08/03 8:0 p.m.50 views

CVE-2007-4151

The CVE-2007-4151 issue affects Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0. It enables remote information disclosure via (1) LOG.ON (reveals the logging pathname), (2) VER (reveals the server version in responses), and (3) the banner in an initial connection. CVSSv2 b...

4.3CVSS7.3AI score0.01268EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2007/08/03 8:0 p.m.55 views

CVE-2007-4150

The CVE-2007-4150 issue affects Visionsoft Audit 12.4.0.0 (Visionsoft Audit) where weak cryptography (XOR) is used for passwords: during transmission over the network (passwords can be sniffed) and in the configuration file (local read access can reveal passwords). No further exploit details are ...

7.5CVSS7.3AI score0.01046EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2007/08/03 8:0 p.m.25 views

CVE-2007-4150

The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 uses weak cryptography XOR when 1 transmitting passwords, which allows remote attackers to obtain sensitive information by sniffing the network; and 2 storing passwords in the configuration file, which allows local users to...

7.3AI score0.01046EPSS
Exploits0References3
Cvelist
Cvelist
added 2007/08/03 8:0 p.m.21 views

CVE-2007-4149

The Visionsoft Audit on Demand Service VSAOD in Visionsoft Audit 12.4.0.0 does not require authentication for 1 the "LOG." command, which allows remote attackers to create or overwrite arbitrary files; 2 the SETTINGSFILE command, which allows remote attackers to overwrite the ini file, and...

8AI score0.04833EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2007/08/03 12:0 a.m.4 views

PT-2007-5346 · Visionsoft · Visionsoft Audit

Name of the Vulnerable Software and Affected Versions: Visionsoft Audit version 12.4.0.0 Description: The issue concerns the use of weak cryptography, specifically XOR, in two areas: transmitting passwords over the network and storing passwords in a configuration file. This weakness allows remote...

7.5CVSS7.4AI score0.01046EPSS
Exploits0References4
securityvulns
securityvulns
added 2007/07/11 12:0 a.m.41 views

Portcullis Security Advisory 06-041

Portcullis Security Advisory 06-041 Vulnerable System: Visionsoft Audit Vulnerability Title: Ths VSAOD server allows unauthenticated ini file overwrites. Vulnerability discovery and development: Portcullis Security Testing Services discovered this vulnerability during an application assessment...

0.4AI score
Exploits0
securityvulns
securityvulns
added 2007/07/11 12:0 a.m.30 views

VisionSoft Audit multiple security vulnerabilities

Buffer overflow, arbitrary files overwrite, information leak...

3.7AI score
Exploits0References4Affected Software1
securityvulns
securityvulns
added 2007/07/11 12:0 a.m.61 views

Portcullis Security Advisory 06-040

Portcullis Security Advisory Vulnerable System: Visionsoft Audit Vulnerability Title: The VSAOD server has input validation flaws which can result in an unauthenticated heap overflow. Vulnerability discovery and development: Portcullis Security Testing Services discovered this vulnerability durin...

0.5AI score
Exploits0
Packet Storm
Packet Storm
added 2007/07/11 12:0 a.m.52 views

vainifileoverwrite-06_041.txt

Portcullis Security Advisory 06-041 Vulnerable System: Visionsoft Audit Vulnerability Title: Ths VSAOD server allows unauthenticated ini file overwrites. Vulnerability discovery and development: Portcullis Security Testing Services discovered this vulnerability during an application assessment...

7.4AI score
Exploits0
securityvulns
securityvulns
added 2007/07/11 12:0 a.m.48 views

Portcullis Security Advisory 06-046

Portcullis Security Advisory Vulnerable System: Visionsoft Audit Vulnerability Title: The VSAOD server discloses its version. Vulnerability discovery and development: Portcullis Security Testing Services discovered this vulnerability during an application assessment. Further research was then...

0.7AI score
Exploits0
securityvulns
securityvulns
added 2007/07/11 12:0 a.m.50 views

Portcullis Security Advisory 06-039

Portcullis Security Advisory 06-039 Vulnerable System: Visionsoft Audit Vulnerability Title: The VSAOD server allows unauthenticated arbitrary file overwrites. Vulnerability Discovery and Development: Portcullis Security Testing Services during an application assessment. Further research was...

0.1AI score
Exploits0
Rows per page
Query Builder