Geo++ Gncaster@1.4.0.0 Security Vulnerabilities and Issues — Geo++ Gncaster@1.4.0.0 CVE List

Lucene search

GeoppGeo++ Gncaster1.4.0.0

5 matches found

CVE•added 2010/02/04 8:15 p.m.•40 views

CVE-2010-0551

HTTP authentication implementation in Geo++ GNCASTER 1.4.0.7 and earlier allows remote attackers to read authentication headers of other users via a large request with an incorrect authentication attempt, which includes sensitive memory in the response. NOTE: this is referred to as a "memory leak" ...

5CVSS6.8AI score0.00389EPSS

CVE•added 2010/02/04 8:15 p.m.•34 views

CVE-2010-0552

Geo++ GNCASTER 1.4.0.7 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via multiple requests for a non-existent file using a long URI.

7.5CVSS8.1AI score0.063EPSS

CVE•added 2010/02/04 8:15 p.m.•33 views

CVE-2010-0553

Geo++ GNCASTER 1.4.0.7 and earlier allows remote authenticated users to cause a denial of service (application crash) and possibly execute arbitrary code via a long NMEA data sentence.

6.5CVSS7.7AI score0.04862EPSS

CVE•added 2010/02/04 8:15 p.m.•32 views

CVE-2010-0550

admin.htm in Geo++ GNCASTER 1.4.0.7 and earlier does not properly enforce HTTP Digest Authentication, which allows remote authenticated users to use HTTP Basic Authentication, bypassing intended server policy.

4CVSS6.5AI score0.00348EPSS

CVE•added 2010/02/04 8:15 p.m.•32 views

CVE-2010-0554

The HTTP Authentication implementation in Geo++ GNCASTER 1.4.0.7 and earlier uses the same nonce for all authentication, which allows remote attackers to hijack web sessions or bypass authentication via a replay attack.

7.5CVSS7.2AI score0.00167EPSS