Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:sambar:sambar_server:4.3:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2005-3506 |
Cross-site scripting (XSS) vulnerability in proxy.asp in Sambar Server 6.3 BETA 2 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the (1) Remote Proxy Server or (2) Proxy Filter IPs field. Published: November 05, 2005; 6:02:00 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2001-1106 |
The default configuration of Sambar Server 5 and earlier uses a symmetric key that is compiled into the binary program for encrypting passwords, which could allow local users to break all user passwords by cracking the key or modifying a copy of the sambar program to call the decryption procedure. Published: July 25, 2001; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2000-0835 |
search.dll Sambar ISAPI Search utility in Sambar Server 4.4 Beta 3 allows remote attackers to read arbitrary directories by specifying the directory in the query parameter. Published: November 14, 2000; 12:00:00 AM -0500 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-1999-1523 |
Buffer overflow in Sambar Web Server 4.2.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP GET request. Published: October 04, 1999; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.5 HIGH |