FreeBSD : froxlor -- database password information leak (9ee72858-4159-11e5-93ad-002590263bf5)

[email protected] reports : An unauthenticated remote attacker is able to get the database password via webaccess due to wrong file permissions of the /logs/ folder in froxlor version 0.9.33.1 and earlier. The plain SQL password and username may be stored in the /logs/sql-error.log file...

Froxlor 0.9.33.1 MySQL Login Disclosure

------------------------------------------------------------------------------------------ Exploit Title: Froxlor Server Management Panel - MySQL Login Information Disclosure Date: Jul 30 2015 Exploit Author: Dustin Dörr Vendor Homepage: https://www.froxlor.org/ Version:...

Debian DSA-555-1 : freenet6 - wrong file permissions

Simon Josefsson noticed that the tspc.conf configuration file in freenet6, a client to configure an IPv6 tunnel to freenet6.net, is set world readable. This file can contain the username and the password used to contact the IPv6 tunnelbroker freenet6.net. %NASLMINLEVEL 70300 C Tenable Network...

[SECURITY] [DSA 555-1] New frenet6 packages fix potential information leak

-------------------------------------------------------------------------- Debian Security Advisory DSA 555-1 [email protected] http://www.debian.org/security/ Martin Schulze September 30th, 2004 http://www.debian.org/security/faq -...

[SECURITY] [DSA 555-1] New frenet6 packages fix potential information leak

-------------------------------------------------------------------------- Debian Security Advisory DSA 555-1 [email protected] http://www.debian.org/security/ Martin Schulze September 30th, 2004 http://www.debian.org/security/faq -...