Filtered by vendor Att
Subscriptions
Total
29 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2000-1164 | 1 Att | 1 Winvnc | 2017-10-10 | N/A |
WinVNC installs the WinVNC3 registry key with permissions that give Special Access (read and modify) to the Everybody group, which allows users to read and modify sensitive information such as passwords and gain access to the system. | ||||
CVE-1999-1034 | 1 Att | 1 Svr4 | 2017-10-10 | N/A |
Vulnerability in login in AT&T System V Release 4 allows local users to gain privileges. | ||||
CVE-2017-14116 | 2 Att, Commscope | 2 U-verse Firmware, Arris Nvg599 | 2017-09-13 | N/A |
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG599 device, when IP Passthrough mode is not used, configures WAN access to a caserver https service with the tech account and an empty password, which allows remote attackers to obtain root privileges by establishing a session on port 49955 and then installing new software, such as BusyBox with "nc -l" support. | ||||
CVE-2017-14117 | 2 Att, Commscope | 3 U-verse Firmware, Arris Nvg589, Arris Nvg599 | 2017-09-13 | N/A |
The AT&T U-verse 9.2.2h0d83 firmware for the Arris NVG589 and NVG599 devices, when IP Passthrough mode is not used, configures an unauthenticated proxy service on WAN TCP port 49152, which allows remote attackers to establish arbitrary TCP connections to intranet hosts by sending \x2a\xce\x01 followed by other predictable values. | ||||
CVE-2001-1422 | 1 Att | 1 Winvnc | 2017-07-11 | N/A |
WinVNC 3.3.3 and earlier generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users. | ||||
CVE-2013-6029 | 1 Att | 1 Connect Participant Application | 2016-12-31 | N/A |
Stack-based buffer overflow in the AT&T Connect Participant Application before 9.5.51 on Windows allows remote attackers to execute arbitrary code via a malformed .SVT file. | ||||
CVE-2002-0971 | 3 Att, Tightvnc, Tridia | 3 Winvnc Server, Tightvnc, Tridiavnc | 2016-10-18 | N/A |
Vulnerability in VNC, TightVNC, and TridiaVNC allows local users to execute arbitrary code as LocalSystem by using the Win32 Messaging System to bypass the VNC GUI and access the "Add new clients" dialogue box. | ||||
CVE-2002-1511 | 2 Att, Tightvnc | 2 Vnc, Tightvnc | 2010-05-21 | N/A |
The vncserver wrapper for vnc before 3.3.3r2-21 uses the rand() function instead of srand(), which causes vncserver to generate weak cookies. | ||||
CVE-1999-1059 | 1 Att | 1 Svr4 | 2008-09-05 | N/A |
Vulnerability in rexec daemon (rexecd) in AT&T TCP/IP 4.0 for various SVR4 systems allows remote attackers to execute arbitrary commands. |