Searching activities software vulnerabilities

A service may include useful information in its

information | function | service | include | banner | useful | help | may | its |

A service may include useful information in its banner or help function (such as the name and version), making it useful for information gathering activities.


SGI MachineInfo CGI program, installed by defau

potentially | information | MachineInfo | activities | sensitive | gathering | attackers | installed | program | default | servers | status | remote | prints | system | could | which | some | used | CGI | web | SGI |

SGI MachineInfo CGI program, installed by default on some web servers, prints potentially sensitive system status information, which could be used by remote attackers for information gathering activities.


Ascom Timeplex router allows remote attackers t

unauthorized | information | activities | characters | attackers | sensitive | sequence | Timeplex | entering | through | conduct | router | allows | CTRL-D | obtain | remote | debug | Ascom | mode |

Ascom Timeplex router allows remote attackers to obtain sensitive information or conduct unauthorized activities by entering debug mode through a sequence of CTRL-D characters.


Buffer overflows in htimage.exe and Imagemap.ex

vulnerability | "Server-Side | Components" | Imagemapexe | Extensions | htimageexe | activities | otherwise | available | FrontPage | overflows | through | conduct | Server | Buffer | Image | allow | user | site | Map | not | web | aka |

Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 98 Server Extensions allow a user to conduct activities that are not otherwise available through the web site, aka the "Server-Side Image Map Components" vulnerability.


Tiny Personal Firewall (TPF) 2.0.15, under cert

Firewall | Personal | Tiny |

Tiny Personal Firewall (TPF) 2.0.15, under certain configurations, will pop up an alert to the system even when the screen is locked, which could allow an attacker with physical access to the machine to hide activities or bypass access restrictions.


Polycom ViewStation before 7.2.4 has a default

ViewStation | Polycom | before |

Polycom ViewStation before 7.2.4 has a default null password for the administrator account, which allows arbitrary users to conduct unauthorized activities.


Vulnerability in Compaq ProLiant BL e-Class Int

Administrator | Vulnerability | Integrated | ProLiant | e-Class | Compaq |

Vulnerability in Compaq ProLiant BL e-Class Integrated Administrator 1.0 and 1.10, allows authenticated users with Telnet, SSH, or console access to conduct unauthorized activities.


SQL injection vulnerability in index.php for My

vulnerability | MyHelpDesk | injection | indexphp | SQL |

SQL injection vulnerability in index.php for MyHelpDesk Thursday, May 09, 2002, and possibly other versions, allows remote attackers to conduct unauthorized activities via SQL code in the "id" parameter for the operations (1) detailticket, (2) editticket, or (3) updateticketlog.


Multiple SQL injection vulnerabilities in ezCon

vulnerabilities | ezContents | injection | Multiple | SQL |

Multiple SQL injection vulnerabilities in ezContents 1.41 and earlier allow remote attackers to conduct unauthorized activities.


The default configuration in MySQL 3.20.32 thro

configuration | default | MySQL |

The default configuration in MySQL 3.20.32 through 3.23.52, when running on Windows, does not have logging enabled, which could allow remote attackers to conduct activities without detection.


Database of Our Owlish Wisdom (DOOW) 0.1 throug

Database | Owlish | Wisdom | Our |

Database of Our Owlish Wisdom (DOOW) 0.1 through 0.2.1 does not properly verify user permissions, which allows remote attackers to perform unauthorized activities.


Multiple SQL injection vulnerabilities in IMP 2

vulnerabilities | injection | Multiple | IMP | SQL |

Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3.


The secldapclntd daemon in AIX 4.3, 5.1 and 5.2

communicating | unauthorized | secldapclntd | loadmodule | activities | attackers | directly | Internet | connect | conduct | daemon | socket | remote | allows | which | uses | AIX |

The secldapclntd daemon in AIX 4.3, 5.1 and 5.2 uses an Internet socket when communicating with the loadmodule, which allows remote attackers to directly connect to the daemon and conduct unauthorized activities.


The web interface for SOHO Routefinder 550 firm

Routefinder | interface | SOHO | web |

The web interface for SOHO Routefinder 550 firmware 4.63 and earlier, and possibly later versions, has a default "admin" account with a blank password, which could allow attackers on the LAN side to conduct unauthorized activities.


Sun ONE Application Server 7.0 for Windows 2000

Application | activities | attackers | malicious | complete | Windows | request | 2000/XP | remote | Server | which | could | allow | does | hide | long | HTTP | ONE | Sun | not | URI | log |

Sun ONE Application Server 7.0 for Windows 2000/XP does not log the complete URI of a long HTTP request, which could allow remote attackers to hide malicious activities.


Certain scripts in OpenServer before 5.0.6 allo

OpenServer | scripts | Certain | before |

Certain scripts in OpenServer before 5.0.6 allow local users to overwrite files and conduct other unauthorized activities via a symlink attack on temporary files.


The Web Database Manager in web-tools for SAP D

web-tools | Database | Manager | before | SAP | Web |

The Web Database Manager in web-tools for SAP DB before 7.4.03.30 generates predictable session IDs, which allows remote attackers to conduct unauthorized activities.


Cross-site scripting (XSS) vulnerability in the

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities.


SQL injection vulnerability in groupcp.php for

vulnerability | groupcpphp | injection | phpBB | SQL |

SQL injection vulnerability in groupcp.php for phpBB 2.0.6 and earlier allows group moderators to perform unauthorized activities via the sql_in parameter.


Unknown vulnerability in chroot on SCO UnixWare

vulnerability | UnixWare | Unknown | chroot | SCO |

Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities.


Software vulnerabilities results 1 to 20 of 84     
Page: 12345