832 matches found
CVE-2000-0964
The CVE-2000-0964 entry concerns the HiNet LP5100 IP-phone. The affected component is the web administration service, and the root cause is a buffer overflow triggered by a long GET request. The documented impact is a denial of service and potential execution of arbitrary commands by remote attac...
CVE-2001-0133
The web administration interface for Interscan VirusWall 3.6.x and earlier does not use encryption, which could allow remote attackers to obtain the administrator password to sniff the administrator password via the setpasswd.cgi program or other HTTP GET requests that contain base64 encoded...
CVE-2001-0007
Buffer overflow in NetScreen Firewall WebUI allows remote attackers to cause a denial of service via a long URL request to the web administration interface...
Cisco (Multiple Products) - Automated Tool
Cisco Multiple Products - Automated Tool !/usr/bin/perl Written by hypoclear - http://hypoclear.cjb.net Thong-th-thong-th-thong.pl AKA thong.pl is a PERL script which automates several attacks against various Cisco products. To be specific: 12-13-00 - Cisco Catalyst ssh Protocol Mismatch DoS...
CVE-2000-0935
Samba Web Administration Tool SWAT in Samba 2.0.7 allows local users to overwrite arbitrary files via a symlink attack on the cgi.log file...
CVE-2000-0936
Samba Web Administration Tool SWAT in Samba 2.0.7 installs the cgi.log logging file with world readable permissions, which allows local users to read sensitive information such as user names and passwords...
CVE-2000-0937
Samba Web Administration Tool SWAT in Samba 2.0.7 does not log login attempts in which the username is correct but the password is wrong, which allows remote attackers to conduct brute force password guessing attacks...
CVE-2000-0938
Samba Web Administration Tool SWAT in Samba 2.0.7 supplies a different error message when a valid username is provided versus an invalid name, which allows remote attackers to identify valid users on the server...
CVE-2000-1038
The web administration interface for IBM AS/400 Firewall allows remote attackers to cause a denial of service via an empty GET request...
CVE-2000-1115
Buffer overflow in remote web administration component webprox.dll of 602Pro LAN SUITE before 2000.0.1.33 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request...
Samba Web Administration Tool (SWAT) Error Message Username Enumeration
The remote SWAT server replies with different error codes when it is issued a bad user name or a bad password. An attacker may use this flaw to obtain the list of user names of the remote host by a brute-force attack. As SWAT does not log login attempts, an attacker may use this flaw even more...
CVE-2000-0939
Samba Web Administration Tool SWAT in Samba 2.0.7 allows remote attackers to cause a denial of service by repeatedly submitting a nonstandard URL in the GET HTTP request and forcing it to restart...
CVE-2000-0938
Samba Web Administration Tool SWAT in Samba 2.0.7 supplies a different error message when a valid username is provided versus an invalid name, which allows remote attackers to identify valid users on the server...
CVE-2000-0936
Samba Web Administration Tool SWAT in Samba 2.0.7 installs the cgi.log logging file with world readable permissions, which allows local users to read sensitive information such as user names and passwords...
CVE-2000-0935
Samba Web Administration Tool SWAT in Samba 2.0.7 allows local users to overwrite arbitrary files via a symlink attack on the cgi.log file...
CVE-2000-0937
Samba Web Administration Tool SWAT in Samba 2.0.7 does not log login attempts in which the username is correct but the password is wrong, which allows remote attackers to conduct brute force password guessing attacks...
CVE-2000-1038
The web administration interface for IBM AS/400 Firewall allows remote attackers to cause a denial of service via an empty GET request...
Cisco 675 Denial of Service Attack
OK, since everyone is up-in-arms over vendor notification and their response times, here's an example of what happens if you give a vendor too -much- time. ----------------- Title : Cisco 675 Web Administration Denial of Service Device: Cisco 675 DSL Router Class : Denial of Service remote Vendor...
CVE-2000-0939
Samba Web Administration Tool SWAT in Samba 2.0.7 allows remote attackers to cause a denial of service by repeatedly submitting a nonstandard URL in the GET HTTP request and forcing it to restart...
602Pro Lan Suite Web Admin Overflow
Strumpf Noir Society Advisories ! Public release ! -- -= 602Pro Lan Suite Web Administration Overflow =- Release date: Wednesday, November 22, 2000 Introduction: Lan Suite is an cost-effective all-in-one application providing connection sharing, email and fax services for networks. It offers remo...