cyclades alterpath manager 1.1 – Multiple Vulnerabilities
漏洞ID | 1054925 | 漏洞类型 | |
发布时间 | 2005-02-24 | 更新时间 | 2005-02-24 |
CVE编号 | N/A |
CNNVD-ID | N/A |
漏洞平台 | JSP | CVSS评分 | N/A |
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
source: http://www.securityfocus.com/bid/12649/info
Cyclades AlterPath Manager is a network device designed to facilitate remote administration of all network-accessible infrastructure resources.
Multiple remote vulnerabilities affect Cyclades AlterPath Manager. These issues are due to various design errors that affect the overall security of the vulnerable device.
The first issue is an information disclosure issue. The second would allow unauthorized access to restricted console resources. Finally the third issue will facilitate privilege escalation.
An attacker may leverage these issues to gain unauthorized access to network-based resources, to gain escalated privileges and to gain access to potentially sensitive information.
It should be noted that although only version 1.1.0 of the software is reported affected by these issues, it is likely earlier versions are affected as well.
To access a restricted console resource:
http://www.example.com/usermode/consoleConnect.jsp?consolename=console_name
To gain escalated privileges:
http://www.example.com/application/saveUser.do?userId=9&password=&userName=my_id&fullName=My+name&department=Security&location=Work&phone=555-1212&mobile=&pager=&email=test%40example.com&status=Enable&localPassword=true&adminUser=true&forward=&action=Save
irssi服务拒绝漏洞 漏洞ID 1202090 漏洞类型 未知 发布时间 2004-01-05 更新时间 2004-01-05 CVE编号 CVE-2003-1020 CNNVD-ID CNNVD-200401-020 漏洞平台 N/A CVSS评分 5.0…
© 版权声明
文章版权归作者所有,未经允许请勿转载。
THE END
喜欢就支持一下吧
恐龙抗狼扛1年前0
kankan啊啊啊啊3年前0
66666666666666