Search:Vulnerability:24.04.2003
news
/
advisories
/
forum
/
software
/
advertising
/
search
/
exploits
[EN]
securityvulns.ru
no-pyccku
Windows NTLM relaying attacks
updated since 14.09.2000
Published:
24.04.2003
Source:
BUGTRAQ
SecurityVulns ID:
542
Type:
client
Level:
7
/10
Description:
Some client program use NTLM authentication with user's permission without user request. It may leak to NTLM credentials and perform choosen challenge attack and comprometation of server's with client credentials by relaying NTLM request.
Affected:
MICROSOFT
:
Windows NT 4.0 Workstation
MICROSOFT
:
Windows NT 4.0 Server
MICROSOFT
:
Windows 2000 Server
MICROSOFT
:
Windows 2000 Advanced Server
MICROSOFT
:
Windows 2000 Professional
MICROSOFT
:
Windows 98
MICROSOFT
:
Windows 95
MICROSOFT
:
Windows ME
MICROSOFT
:
Windows XP
Original document
3APA3A
,
Outlook Express and SPA (Secure Password Authentication)
(
20.10.2001
)
seclab_(at)_ce.aut.ac.ir
,
Authentication flaw in microsoft SMB protocol
(
24.04.2003
)
L0PHT
,
@stake Advisory: NTLM Replaying via Windows 2000 Telnet Client (A 091400-1)
(
15.09.2000
)
MICROSOFT
,
Security Bulletin (MS00-067)
(
15.09.2000
)
monti
,
Win2k Telnet.exe malicious server vulnerability
(
14.09.2000
)
monti
,
Win2k Telnet.exe malicious server vulnerability
(
14.09.2000
)
Files:
Exploit for "Authentication flaw in Windows SMB protocol"
Server for Win2K telnet NTLM response interseption
Prehashed NTLM challenge.
NTLM Rogue Telnet Server (@Stake)
Patch Win2K telnet NTLM Authentication
Discuss:
Read or add your comments to this news (0 comments)
SAMBAR WebMail authentication cleartext passwords
Published:
24.04.2003
Source:
BUGTRAQ
SecurityVulns ID:
2767
Type:
m-i-t-m
Level:
4
/10
Description:
Cleartext poassword authentication in WebMail access.
Affected:
SAMBAR
:
Sambar Server 5.2
SAMBAR
:
Sambar Server 5.3
SAMBAR
:
Sambar Server 6.0
Original document
Gregory Le Bras | Security Corporation
,
[SCSA-018] Disclosure of authentication information in Sambar Server
(
24.04.2003
)
Discuss:
Read or add your comments to this news (0 comments)
Nokia IPSO directory traversal
Published:
24.04.2003
Source:
BUGTRAQ
SecurityVulns ID:
2768
Type:
remote
Level:
5
/10
Description:
Directory traversal in /cgi-bin/readfile.tcl accessible via Web-Interface.
Affected:
NOKIA
:
IPSO 3.6
Original document
Jonas Eriksson
,
Nokia IPSO Vulnerability
(
24.04.2003
)
Discuss:
Read or add your comments to this news (0 comments)
WebWeaver DoS
Published:
24.04.2003
Source:
BUGTRAQ
SecurityVulns ID:
2769
Type:
remote
Level:
5
/10
Description:
Request via FTP to non-existant file causes server to hang.
Affected:
BRS
:
WebWeaver 1.04
Original document
euronymous
,
BRS WebWeaver: Ftpd Lockdown via RETR cmd
(
24.04.2003
)
Discuss:
Read or add your comments to this news (0 comments)
Cisco Secure ACS buffer overflow
updated since 23.04.2003
Published:
24.04.2003
Source:
BUGTRAQ
SecurityVulns ID:
2765
Type:
remote
Level:
6
/10
Description:
Buffer overflow in TCP/2002 web interface port.
Affected:
CISCO
:
Secure ACS for Windows 2.6
CISCO
:
Secure ACS for Windows 3.0
CISCO
:
Secure ACS for Windows 3.1
Original document
NSFOCUS
,
NSFOCUS SA2003-04 : Remote Buffer Overflow Vulnerability in Web Management Interface of Cisco Secure ACS
(
24.04.2003
)
CISCO
,
Cisco Security Advisory: Cisco Secure Access Control Server for Windows Admin Buffer Overflow Vulnerability
(
23.04.2003
)
Discuss:
Read or add your comments to this news (0 comments)
About
|
Terms of use
|
Privacy Policy
©
SecurityVulns
,
3APA3A
, Vladimir Dubrovin
Enter your search terms
Web
securityvulns.com
Submit search form
