Sambar: >> Sambar Server >> 4.1 Security Vulnerabilities
Cross-site scripting (XSS) vulnerability in proxy.asp in Sambar Server 6.3 BETA 2 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the (1) Remote Proxy Server or (2) Proxy Filter IPs field.
CVSS Score
4.3
EPSS Score
0.004
Published
2005-11-05
The default configuration of Sambar Server 5 and earlier uses a symmetric key that is compiled into the binary program for encrypting passwords, which could allow local users to break all user passwords by cracking the key or modifying a copy of the sambar program to call the decryption procedure.
CVSS Score
7.5
EPSS Score
0.015
Published
2001-07-25
Buffer overflow in Sambar Web Server 4.2.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP GET request.
CVSS Score
7.5
EPSS Score
0.011
Published
1999-10-04
Sambar Server 4.1 beta allows remote attackers to obtain sensitive information about the server via an HTTP request for the dumpenv.pl script.
CVSS Score
5.0
EPSS Score
0.01
Published
1998-06-10