RSS   Vulnerabilities for 'NTOP'   RSS

2017-01-14
 
CVE-2017-5473

 

 
Cross-site request forgery (CSRF) vulnerability in ntopng through 2.4 allows remote attackers to hijack the authentication of arbitrary users, as demonstrated by admin/add_user.lua, admin/change_user_prefs.lua, admin/delete_user.lua, and admin/password_reset.lua.

 
2014-06-16
 
CVE-2014-4165

CWE-79
 

 
Cross-site scripting (XSS) vulnerability in ntop allows remote attackers to inject arbitrary web script or HTML via the title parameter in a list action to plugins/rrdPlugin.

 
2009-08-21
 
CVE-2009-2732

CWE-119
 

 
The checkHTTPpassword function in http.c in ntop 3.3.10 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an Authorization HTTP header that lacks a : (colon) character in the base64-decoded string.

 

 >>> Vendor: NTOP 4 Products
NTOP
Ntopng
NDIP
NDPI


Copyright 2024, cxsecurity.com

 

Back to Top