2 results (0.003 seconds)

CVSS: 10.0EPSS: 0%CPEs: 2EXPL: 0

Network Associates PGP Keyserver 7.0 allows remote attackers to bypass authentication and access the administrative web interface via URLs that directly access cgi-bin instead of keyserver/cgi-bin for the programs (1) console, (2) cs, (3) multi_config and (4) directory. • http://archives.neohapsis.com/archives/bugtraq/2001-09/0230.html http://www.iss.net/security_center/static/7203.php http://www.osvdb.org/1955 http://www.osvdb.org/4193 http://www.pgp.com/support/product-advisories/keyserver.asp http://www.securityfocus.com/bid/3375 •

CVSS: 7.5EPSS: 43%CPEs: 1EXPL: 1

Network Associates PGP Keyserver 7.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via exceptional BER encodings (possibly buffer overflows), as demonstrated by the PROTOS LDAPv3 test suite. • https://www.exploit-db.com/exploits/16823 http://ciac.llnl.gov/ciac/bulletins/l-116.shtml http://www.cert.org/advisories/CA-2001-18.html http://www.ee.oulu.fi/research/ouspg/protos/testing/c06/ldapv3 http://www.kb.cert.org/vuls/id/765256 http://www.kb.cert.org/vuls/id/JPLA-4WESNK http://www.securityfocus.com/bid/3046 https://exchange.xforce.ibmcloud.com/vulnerabilities/6900 •