configured software vulnerabilities
vulnerabilities.aspcode.net
Searching configured software vulnerabilities
A mail server is explicitly configured to allow
explicitly
|
configured
|
spammers
|
allows
|
server
|
which
|
relay
|
allow
|
abuse
|
mail
|
SMTP
|
A mail server is explicitly configured to allow SMTP mail relay, which allows abuse by spammers.
A router's configuration service or management
configuration
|
management
|
interface
|
router's
|
service
|
A router's configuration service or management interface (such as a web server or telnet) is configured to allow connections from arbitrary hosts.
HP Laserjet printers with JetDirect cards, when
configured
|
PostScript
|
documents
|
attackers
|
JetDirect
|
directly
|
printers
|
Laserjet
|
sending
|
filters
|
remote
|
TCP/IP
|
bypass
|
ports
|
cards
|
allow
|
print
|
TCP
|
HP Laserjet printers with JetDirect cards, when configured with TCP/IP, allow remote attackers to bypass print filters by directly sending PostScript documents to TCP ports 9099 and 9100.
Vulnerability in Apache httpd before 1.3.11, wh
Vulnerability
|
before
|
Apache
|
httpd
|
Vulnerability in Apache httpd before 1.3.11, when configured for mass virtual hosting using mod_rewrite, or mod_vhost_alias in Apache 1.3.9, allows remote attackers to retrieve arbitrary files.
Vulnerability in CIFS/9000 Server (SAMBA) A.01.
Vulnerability
|
CIFS/9000
|
Server
|
Vulnerability in CIFS/9000 Server (SAMBA) A.01.06 and earlier in HP-UX 11.0 and 11.11, when configured as a print server, allows local users to overwrite arbitrary files by modifying certain resources.
Dynamically Loadable Kernel Module (dlkm) stati
Dynamically
|
Loadable
|
Module
|
Kernel
|
Dynamically Loadable Kernel Module (dlkm) static kernel symbol table in HP-UX 11.11 is not properly configured, which allows local users to gain privileges.
The MAC module in Netfilter in Linux kernel 2.4
Netfilter
|
kernel
|
module
|
Linux
|
MAC
|
The MAC module in Netfilter in Linux kernel 2.4.1 through 2.4.11, when configured to filter based on MAC addresses, allows remote attackers to bypass packet filters via small packets.
Netgear RP114 Cable/DSL Web Safe Router Firmwar
Cable/DSL
|
Firmware
|
Netgear
|
Router
|
RP114
|
Safe
|
Web
|
Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26, when configured to block traffic below port 1024, allows remote attackers to cause a denial of service (hang) via a port scan of the WAN port.
Buffer overflow in Webalizer 2.01-06, when conf
connecting
|
configured
|
attackers
|
monitored
|
arbitrary
|
Webalizer
|
overflow
|
resolves
|
hostname
|
execute
|
address
|
lookups
|
reverse
|
server
|
Buffer
|
remote
|
201-06
|
allows
|
long
|
code
|
DNS
|
use
|
web
|
Buffer overflow in Webalizer 2.01-06, when configured to use reverse DNS lookups, allows remote attackers to execute arbitrary code by connecting to the monitored web server from an IP address that resolves to a long hostname.
PHP, when installed with Apache and configured
configured
|
resulting
|
attackers
|
installed
|
pathname
|
indexphp
|
reveals
|
message
|
OPTIONS
|
default
|
method
|
server
|
obtain
|
Apache
|
search
|
allows
|
remote
|
which
|
error
|
HTTP
|
full
|
page
|
PHP
|
web
|
via
|
PHP, when installed with Apache and configured to search for index.php as a default web page, allows remote attackers to obtain the full pathname of the server via the HTTP OPTIONS method, which reveals the pathname in the resulting error message.
Microsoft SQL Server 2000 SP2, when configured
Microsoft
|
Server
|
SQL
|
Microsoft SQL Server 2000 SP2, when configured as a distributor, allows attackers to execute arbitrary code via the @scriptfile parameter to the sp_MScopyscript stored procedure.
Unknown vulnerability in Nokia IPSO 3.7, config
vulnerability
|
configured
|
attackers
|
Clusters
|
service
|
vectors
|
Unknown
|
denial
|
attack
|
allows
|
remote
|
Nokia
|
cause
|
IPSO
|
via
|
Unknown vulnerability in Nokia IPSO 3.7, configured as IP Clusters, allows remote attackers to cause a denial of service via unknown attack vectors.
phpMyAdmin before 2.6.1, when configured with U
phpMyAdmin
|
before
|
phpMyAdmin before 2.6.1, when configured with UploadDir functionality, allows remote attackers to read arbitrary files via the sql_localfile parameter.
The default configuration for OpenSSH enables A
AllowTcpForwarding
|
authenticated
|
configuration
|
configured
|
anonymous
|
default
|
perform
|
enables
|
OpenSSH
|
AnonCVS
|
program
|
bounce
|
access
|
remote
|
could
|
which
|
allow
|
users
|
port
|
such
|
The default configuration for OpenSSH enables AllowTcpForwarding, which could allow remote authenticated users to perform a port bounce, when configured with an anonymous access program such as AnonCVS.
The Live CD in SUSE LINUX 9.1 Personal edition
configured
|
privileges
|
attackers
|
Personal
|
password
|
without
|
edition
|
allows
|
remote
|
LINUX
|
which
|
gain
|
Live
|
SUSE
|
root
|
SSH
|
via
|
The Live CD in SUSE LINUX 9.1 Personal edition is configured without a password for root, which allows remote attackers to gain privileges via SSH.
GeoHttpServer, when configured to authenticate
authentication
|
GeoHttpServer
|
unauthorized
|
authenticate
|
configured
|
attackers
|
contains
|
%0a%0a
|
access
|
allows
|
remote
|
bypass
|
users
|
files
|
via
|
URL
|
GeoHttpServer, when configured to authenticate users, allows remote attackers to bypass authentication and access unauthorized files via a URL that contains %0a%0a (encoded newlines).
Unknown vulnerability in AIX 5.3.0, when config
vulnerability
|
Unknown
|
AIX
|
Unknown vulnerability in AIX 5.3.0, when configured as an NIS client, allows remote attackers to gain root privileges.
Websense, when configured to permit access to t
Uncategorized
|
configured
|
appending
|
sequence
|
blocking
|
intended
|
category
|
Websense
|
dynamic
|
content
|
permit
|
access
|
allows
|
bypass
|
local
|
users
|
URL
|
"/"
|
Websense, when configured to permit access to the dynamic content category, allows local users to bypass intended blocking of the Uncategorized category by appending a "/?" sequence to a URL.
Unspecified vulnerability in MailDwarf 3.01 and
vulnerability
|
Unspecified
|
MailDwarf
|
Unspecified vulnerability in MailDwarf 3.01 and earlier allows remote attackers to send e-mail to addresses different from the configured addresses.
PHPMailer 1.7, when configured to use sendmail,
classphpmailerphp
|
metacharacters
|
SendmailSend
|
configured
|
attackers
|
PHPMailer
|
arbitrary
|
commands
|
sendmail
|
function
|
execute
|
remote
|
allows
|
shell
|
use
|
via
|
PHPMailer 1.7, when configured to use sendmail, allows remote attackers to execute arbitrary shell commands via shell metacharacters in the SendmailSend function in class.phpmailer.php.
Software vulnerabilities results 1 to 20 of 127
Page:
1
2
3
4
5
...
7
►