RSS   Vulnerabilities for 'Chilisoft'   RSS

2001-08-22
 
CVE-2001-0634

 

 
Sun Chili!Soft ASP has weak permissions on various configuration files, which allows a local attacker to gain additional privileges and create a denial of service.

 
 
CVE-2001-0633

 

 
Directory traversal vulnerability in Sun Chili!Soft ASP on multiple Unixes allows a remote attacker to read arbitrary files above the web root via a '..' (dot dot) attack in the sample script 'codebrws.asp'.

 
 
CVE-2001-0632

 

 
Sun Chili!Soft 3.5.2 on Linux and 3.6 on AIX creates a default admin username and password in the default installation, which can allow a remote attacker to gain additional privileges.

 
2001-05-03
 
CVE-2001-0229

 

 
Chili!Soft ASP for Linux before 3.6 does not properly set group privileges when running in inherited mode, which could allow attackers to gain privileges via malicious scripts.

 

 >>> Vendor: SUN 200 Products
Linux
Solaris
Dtmail
Sunos
NFS
JAVA
Cobalt raq
Rpc.ruserd
Cobalt raq 2
Java virtual machine
Cobalt raq 3i
Sparc
Web-based enterprise management
Solstice adminsuite
Forte
Netbeans developer
Openwindows
Solstice backup
Solaris isp server
Staroffice
Iplanet web server
Workshop
Java system web server
Solaris answerbook2
Hotjava browser
Iplanet certificate management system
JDK
Cluster
Chilisoft
Sun ftp
Javaserver web dev kit
Sunvts
Netdynamics
Java plug-in
JRE
Iplanet directory server
Management+center
SDK
Cobalt raq 4
One application server
Sun pci ii driver
I-runbook
One web server
Cobalt raq xtr
Sunone starter kit
Java web start
Ray server software
Solaris pc netlink
Patchpro
Enterprise authentication mechanism
One directory server
Sun fire
JMF
J2EE
Change manager
Crypto accelerator 4000
SEAM
Java system calendar server
Java desktop system
Java enterprise system
Java system application server
Enterprise storage manager
Storedge 3310 scsi array
Storedge 3510 fc array
Java system web proxy server
Patch manager
JSSE
Netra 1280
Sunforum
Storedge qfs
Storedge sam-qfs
Storeedge performance suite
Storeedge utilization suite
Iplanet messaging server
One messaging server
RTE
Storedge enterprise backup software
J2SE
Secure global desktop
Javamail
Storedge 6130 arrays
Java system directory proxy server
Java system directory server
One administration server
Java system communications express
Java communications services delegated administrator
Wbem services
Grid engine
Java system access manager
N1 grid engine
Java studio enterprise
N1 system manager
Storage automated diagnostic environment
Java system content delivery server
NSS
Java system messaging server
Iplanet messaging server messenger express
Java system messenger express
Chainkey java code protection
Java dynamic management kit
See all Products for Vendor SUN


Copyright 2024, cxsecurity.com

 

Back to Top