Page 3 of 18 results (0.004 seconds)

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

IBM Director before 5.10 allows remote attackers to obtain sensitive information from HTTP headers via HTTP TRACE. IBM Director anterior a 5.10 permite a un atacante remoto obtener información sensible de cabeceras HTTP a través de HTTP TRACE. • ftp://ftp.software.ibm.com/pc/pccbbs/pc_servers_pdf/dir5.10_docs_relnotes.pdf http://secunia.com/advisories/21802 http://www.securityfocus.com/bid/19915 http://www.vupen.com/english/advisories/2006/3532 •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 4

Directory traversal vulnerability in Redirect.bat in IBM Director before 5.10 allows remote attackers to read arbitrary files via a .. (dot dot) sequence in the file parameter. Vulnerabilidad de atravesamiento de directorios en Redirect.bat de IBM Director anterior a 5.10 permite a un atacante remoto leer ficheros de sue elección a través de la secuencia ..(punto punto) en el parámetro file. • https://www.exploit-db.com/exploits/2320 ftp://ftp.software.ibm.com/pc/pccbbs/pc_servers_pdf/dir5.10_docs_relnotes.pdf http://secunia.com/advisories/21802 http://securitytracker.com/id?1016815 http://www.securityfocus.com/bid/19898 http://www.vupen.com/english/advisories/2006/3532 https://exchange.xforce.ibmcloud.com/vulnerabilities/28836 •

CVSS: 5.0EPSS: 3%CPEs: 1EXPL: 0

Multiple unspecified vulnerabilities in IBM Director before 5.10 allow remote attackers to cause a denial of service (crash) via unspecified vectors involving (1) malformed WMI CIM server requests and (2) malformed packets. Múltiples vulnerabilidades no especificadas en IMB Director anterior a 5.10 permite a un atacante remoto provocar denegación de servicio (caida) a través de vectores no especificados implicando a (1) las respuestas de servidor mal formadas del WMI CIM y (2) paquetes mal formados. • ftp://ftp.software.ibm.com/pc/pccbbs/pc_servers_pdf/dir5.10_docs_relnotes.pdf http://secunia.com/advisories/21802 http://www.securityfocus.com/bid/19915 http://www.vupen.com/english/advisories/2006/3532 •

CVSS: 7.5EPSS: 1%CPEs: 10EXPL: 0

Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1, Configuration Manager 4.2, Configuration Manager for Automated Teller Machines 2.1.0, and IBM WebSphere Everyplace Server, Service Provider Offering for Multi-platforms 2.1.3 to 2.15 allow remote attackers to hijack sessions of authenticated users via unknown attack vectors involving certain cookies, aka "Potential Credential Impersonation Attack." • http://secunia.com/advisories/11761 http://www-1.ibm.com/support/docview.wss?uid=swg21168762 http://www.securityfocus.com/bid/10449 https://exchange.xforce.ibmcloud.com/vulnerabilities/16315 •

CVSS: 10.0EPSS: 1%CPEs: 34EXPL: 0

The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247. • http://secunia.com/advisories/10696 http://www.ciac.org/ciac/bulletins/o-066.shtml http://www.cisco.com/warp/public/707/cisco-sa-20040121-voice.shtml http://www.kb.cert.org/vuls/id/602734 http://www.osvdb.org/3692 http://www.securityfocus.com/bid/9468 http://www.securitytracker.com/id?1008814 https://exchange.xforce.ibmcloud.com/vulnerabilities/14900 • CWE-287: Improper Authentication •