reconfigure software vulnerabilities
vulnerabilities.aspcode.net
Searching reconfigure software vulnerabilities
ZyXEL Prestige 642R and 642R-I routers do not f
reconfigure
|
interface
|
allowing
|
external
|
password
|
computer
|
internal
|
routers'
|
Prestige
|
someone
|
routers
|
access
|
router
|
642R-I
|
inside
|
filter
|
Telnet
|
known
|
ports
|
ZyXEL
|
642R
|
not
|
WAN
|
FTP
|
ZyXEL Prestige 642R and 642R-I routers do not filter the routers' Telnet and FTP ports on the external WAN interface from inside access, allowing someone on an internal computer to reconfigure the router, if the password is known.
Alcatel OmniPCX 4400 installs files with world-
OmniPCX
|
Alcatel
|
Alcatel OmniPCX 4400 installs files with world-writable permissions, which allows local users to reconfigure the system and possibly gain privileges.
The web-based configuration interface for the C
configuration
|
interface
|
web-based
|
Cisco
|
ATA
|
The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the attackers to (1) obtain the password from the login screen, or (2) reconfigure the adaptor by modifying certain request parameters.
Easy Guestbook CGI programs do not authenticate
administrator
|
authenticate
|
Guestbook
|
attackers
|
programs
|
allows
|
remote
|
which
|
Easy
|
CGI
|
not
|
Easy Guestbook CGI programs do not authenticate the administrator, which allows remote attackers to (1) delete entries via direct access of admin.cgi, or (2) reconfigure Guestbook via direct access of config.cgi.
generaloptions.php in Paul Tarjan Stanford Conf
generaloptionsphp
|
Conference
|
Research
|
Stanford
|
Tarjan
|
Forum
|
Paul
|
generaloptions.php in Paul Tarjan Stanford Conference And Research Forum (SCARF) before Tuesday, February 27, 2007 does not require the admin privilege, which allows remote attackers to reconfigure the application or its user accounts.
T-Com Speedport 500V routers with firmware 1.31
Speedport
|
firmware
|
routers
|
T-Com
|
500V
|
T-Com Speedport 500V routers with firmware 1.31 allow remote attackers to bypass authentication and reconfigure the device via a LOGINKEY=TECOM cookie value.
Trend Micro ServerProtect for Linux (SPLX) 1.25
ServerProtect
|
Linux
|
Trend
|
Micro
|
Trend Micro ServerProtect for Linux (SPLX) 1.25, 1.3, and 2.5 before Friday, February 16, 2007 allows remote attackers to access arbitrary web pages and reconfigure the product via HTTP requests with the splx_2376_info cookie to the web interface port (14942/tcp).
McAfee VirusScan for Mac (Virex) before 7.7 pat
VirusScan
|
McAfee
|
Mac
|
McAfee VirusScan for Mac (Virex) before 7.7 patch 1 has weak permissions (0666) for /Library/Application Support/Virex/VShieldExclude.txt, which allows local users to reconfigure Virex to skip scanning of arbitrary files.
Nortel Networks CallPilot and Meridian Mail voi
Identification
|
reconfigure
|
voicemail
|
attackers
|
CallPilot
|
messages
|
retrieve
|
Networks
|
Meridian
|
spoofing
|
Calling
|
enabled
|
mailbox
|
systems
|
Nortel
|
Number
|
remove
|
remote
|
allow
|
logon
|
Mail
|
auto
|
has
|
Nortel Networks CallPilot and Meridian Mail voicemail systems, when a mailbox has auto logon enabled, allow remote attackers to retrieve or remove messages, or reconfigure the mailbox, by spoofing Calling Number Identification (CNID, aka Caller ID).
Sprint Nextel Sprint voice mail systems allow r
Identification
|
reconfigure
|
attackers
|
mailboxes
|
retrieve
|
spoofing
|
messages
|
systems
|
Calling
|
Number
|
Nextel
|
Sprint
|
remote
|
remove
|
voice
|
allow
|
mail
|
Sprint Nextel Sprint voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification (CNID, aka Caller ID).
Alcatel-Lucent Lucent Technologies voice mail s
Identification
|
Alcatel-Lucent
|
Technologies
|
reconfigure
|
attackers
|
mailboxes
|
retrieve
|
messages
|
spoofing
|
Calling
|
systems
|
Number
|
Lucent
|
remove
|
remote
|
voice
|
allow
|
mail
|
Alcatel-Lucent Lucent Technologies voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification (CNID, aka Caller ID).
T-Mobile voice mail systems allow remote attack
Identification
|
reconfigure
|
attackers
|
mailboxes
|
retrieve
|
spoofing
|
messages
|
T-Mobile
|
systems
|
Calling
|
remote
|
remove
|
Number
|
allow
|
voice
|
mail
|
T-Mobile voice mail systems allow remote attackers to retrieve or remove messages, or reconfigure mailboxes, by spoofing Calling Number Identification (CNID, aka Caller ID).
The Visionsoft Audit on Demand Service (VSAOD)
Visionsoft
|
Service
|
Demand
|
Audit
|
The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 does not require authentication for (1) the "LOG." command, which allows remote attackers to create or overwrite arbitrary files; (2) the SETTINGSFILE command, which allows remote attackers to overwrite the ini file, and reconfigure VSAOD or cause a denial of service; or (3) the UNINSTALL command, which allows remote attackers to cause a denial of service (daemon shutdown). NOTE: vector 1 can be leveraged for code execution by writing to a Startup folder.
Software vulnerabilities results 1 to 14 of 14
Page:
1