Searching any software vulnerabilities

wu-ftpd FTP daemon allows any user and password

combination | password | wu-ftpd | allows | daemon | user | FTP | any |

wu-ftpd FTP daemon allows any user and password combination.


NFS allows attackers to read and write any file

specifying | attackers | system | allows | false | write | read | file | UID | NFS | any |

NFS allows attackers to read and write any file on the system by specifying a false UID.


Windows NT FTP server (WFTP) with the guest acc

Windows | server | FTP |

Windows NT FTP server (WFTP) with the guest account enabled without a password allows an attacker to log into the FTP server using any username and password.


Denial of service in Linux 2.0.36 allows local

service | Denial | Linux |

Denial of service in Linux 2.0.36 allows local users to prevent any server from listening on any non-privileged port.


A superfluous NFS server is running, but it is

superfluous | importing | exporting | running | systems | server | file | any | NFS | but | not |

A superfluous NFS server is running, but it is not importing or exporting any file systems.


The ARP protocol allows any host to spoof ARP r

spoofing | protocol | conduct | replies | service | address | denial | poison | allows | spoof | cache | host | ARP | any |

The ARP protocol allows any host to spoof ARP replies and poison the ARP cache to conduct IP address spoofing or a denial of service.


The Motorola CableRouter allows any remote user

CableRouter | configure | Motorola | connect | router | allows | remote | user | port | any |

The Motorola CableRouter allows any remote user to connect to and configure the router on port 1024.


Vulnerability in digest in AIX 4.3 allows print

Vulnerability | privileges | creating | modifing | and/or | system | digest | printq | allows | users | file | gain | root | AIX | any |

Vulnerability in digest in AIX 4.3 allows printq users to gain root privileges by creating and/or modifing any file on the system.


Directory traversal vulnerability in Etype Eser

vulnerability | Directory | traversal | Eserv | Etype |

Directory traversal vulnerability in Etype Eserv 2.50 web server allows a remote attacker to read any file in the file system via a .. (dot dot) in a URL.


OpenLDAP 1.2.11 and earlier improperly installs

OpenLDAP |

OpenLDAP 1.2.11 and earlier improperly installs the ud binary with group write permissions, which could allow any user in that group to replace the binary with a Trojan horse.


Veritas Backup agent on Linux allows remote att

establishing | connection | attackers | service | process | without | sending | Veritas | Backup | causes | allows | remote | denial | cause | which | agent | Linux | hang | data | any |

Veritas Backup agent on Linux allows remote attackers to cause a denial of service by establishing a connection without sending any data, which causes the process to hang.


The shared memory scoreboard in the HTTP daemon

scoreboard | daemon | Apache | before | memory | shared | HTTP | 13x |

The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that would not normally be allowed, by modifying the parent[].pid and parent[].last_rtime segments in the scoreboard.


npptnt2.sys in nProtect Gameguard provides unre

unrestricted | privileges | npptnt2sys | Gameguard | nProtect | provides | process | allows | local | users | calls | which | gain | I/O | any |

npptnt2.sys in nProtect Gameguard provides unrestricted I/O to any process that calls it, which allows local users to gain privileges.


singapore 0.9.11 allows remote attackers to obt

singapore |

singapore 0.9.11 allows remote attackers to obtain sensitive information via a direct request to (1) admin.class.php, (2) any .tpl.php file in templates/admin_default/, or (3) any .tpl.php file in templates/default/, which reveal the path in an error message.


User.php in Gallery, as used in Postnuke, allow

privileges | galleries | Postnuke | Gallery | Userphp | access | allows | Admin | users | used | gain | all | any |

User.php in Gallery, as used in Postnuke, allows users with any Admin privileges to gain access to all galleries.


JFacets before 0.2 allows remote attackers to g

privileges | profileID | attackers | modified | JFacets | account | request | before | allows | remote | gain | any | via | GET |

JFacets before 0.2 allows remote attackers to gain privileges as any account via a GET request with a modified account profileID.


Unspecified vulnerability in Lurker 2.0 and ear

vulnerability | Unspecified | directory | attackers | overwrite | writable | earlier | "mbox" | remote | allows | Lurker | create | named | files | any |

Unspecified vulnerability in Lurker 2.0 and earlier allows remote attackers to create or overwrite files in any writable directory that is named "mbox".


Unspecified vulnerability in the HTTP managemen

vulnerability | Unspecified | management | interface | Express | Unity | Cisco | HTTP |

Unspecified vulnerability in the HTTP management interface in Cisco Unity Express (CUE) 2.2(2) and earlier, when running on any CUE Advanced Integration Module (AIM) or Network Module (NM), allows remote authenticated attackers to reset the password for any user with an expired password.


IBM WebSphere Application Server 5.0.2 (or any

Application | WebSphere | Server | IBM |

IBM WebSphere Application Server 5.0.2 (or any earlier cumulative fix) and 5.1.1 (or any earlier cumulative fix) allows EJB access on Solaris systems via a crafted LTPA token.


Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in Mercury SiteScope 8.2 (8.1.2.0) allow remote authenticated users to inject arbitrary web script or HTML via (1) "any field create name field" except "create new group name" or (2) any description field.


Software vulnerabilities results 1 to 20 of 156     
Page: 12345...8