mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-03 04:13:57 +00:00
816 B
816 B
CVE-2014-9576
Description
VDG Security SENSE (formerly DIVA) 2.3.13 has a hardcoded password of (1) ArpaRomaWi for the root Postgres account and !DVService for the (2) postgres and (3) NTP Windows user accounts, which allows remote attackers to obtain access.
POC
Reference
- http://packetstormsecurity.com/files/129656/VDG-Security-SENSE-2.3.13-File-Disclosure-Bypass-Buffer-Overflow.html
- http://seclists.org/fulldisclosure/2014/Dec/76
Github
No PoCs found on GitHub currently.