6 matches found
CVE-2005-4149
CVE-2005-4149 affects Lyris ListManager 8.8–8.9b, where remote attackers can trigger errors in TML scripts to leak sensitive data in diagnostic messages (installation path, SQL queries, product code). Impact is information disclosure via error messages exposed by normal requests to nonexistent pa...
CVE-2005-4148
CVE-2005-4148 affects Lyris ListManager 8.5 and possibly earlier than 8.8. The flaw is an information disclosure where sensitive data is exposed via an env hidden variable; a remote attacker can cause the server to return a non-existent page and read the env variable from the error page, revealin...
CVE-2005-4147
The TCLHTTPd component of Lyris ListManager (pre-8.9b) is vulnerable: remote attackers can obtain source code for arbitrary .tml TCL files via a request containing a trailing null byte (%00), with a possible authentication bypass involving a username ending in “@”. Affected product/version: ListM...
CVE-2005-4145
Lyris ListManager MSDE (MSDE-backed ListManager 5.0–8.9b) exposes a weak sa password: “lyris” followed by up to five digits (likely the installer’s process ID). This enables remote brute-force access to the SA account in the SQL Server backend, allowing database administrator access. Public sourc...
CVE-2005-4142
CVE-2005-4142 affects Lyris ListManager 5.0–8.8b. The vulnerability lies in the web-based subscription form where the pw parameter can be crafted to inject arbitrary list-administration commands via LFCR sequences, exploiting insufficient input sanitization. This can allow an unauthenticated atta...
CVE-2005-4146
CVE-2005-4146 affects Lyris ListManager prior to version 8.9b. The vulnerability resides in the TCLHTTPd status module, which can be queried remotely to disclose sensitive server configuration information. The issue enables an unauthenticated, remote attacker to obtain partial confidentiality imp...