3 results (0.003 seconds)

CVSS: 10.0EPSS: 3%CPEs: 9EXPL: 0

Format string vulnerability in the CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and RSSA Appliance 3.0.2, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in the password parameter. Vulnerabilidad de cadena de formato en el interfaz CLI de Watchguard Firebox Vclass 3.2 y anteriores, RSSA Appliance 3.0.2 permite a atacantes remotos causar una denegación de servicio y posiblemente ejecutar código arbitrario mediante especificadores de cadenas de formateo en el parámetro de contraseña. • http://archives.neohapsis.com/archives/bugtraq/2002-09/0325.html http://archives.neohapsis.com/archives/bugtraq/2002-09/0335.html http://www.iss.net/security_center/static/10217.php http://www.osvdb.org/4924 http://www.securityfocus.com/bid/5814 •

CVSS: 10.0EPSS: 1%CPEs: 9EXPL: 0

The CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and RSSA Appliance 3.0.2, does not properly close the SSH connection when a -N option is provided during authentication, which allows remote attackers to access CLI with administrator privileges. El interfaz CLI de WatchGuard Firebox Vclass 3.2 y anteriores, y RSSA Appliance 3.0.2 no cierra adecuadamente la conexión SSH cuando se provee una opción -N durante autenticación, lo que permite a atacantes remotos acceder a CLI con privilegios de administrador • http://archives.neohapsis.com/archives/bugtraq/2002-09/0325.html http://archives.neohapsis.com/archives/bugtraq/2002-09/0335.html http://www.iss.net/security_center/static/10218.php http://www.osvdb.org/4831 http://www.securityfocus.com/bid/5815 •

CVSS: 10.0EPSS: 0%CPEs: 4EXPL: 0

sshd program in the Rapidstream 2.1 Beta VPN appliance has a hard-coded "rsadmin" account with a null password, which allows remote attackers to execute arbitrary commands via ssh. • http://archives.neohapsis.com/archives/bugtraq/2000-08/0216.html http://www.securityfocus.com/bid/1574 •