Searching contain software vulnerabilities

A URL for a WWW directory allows auto-indexing,

auto-indexing | indexhtml | directory | provides | contain | allows | files | which | file | does | list | URL | not | all |

A URL for a WWW directory allows auto-indexing, which provides a list of all files in that directory if it does not contain an index.html file.


spaceball program in SpaceWare 7.3 v1.0 in IRIX

environmental | privileges | SpaceWare | spaceball | HOSTNAME | variable | executed | commands | contain | program | setting | allows | local | users | IRIX | gain | root | v10 |

spaceball program in SpaceWare 7.3 v1.0 in IRIX 6.2 allows local users to gain root privileges by setting the HOSTNAME environmental variable to contain the commands to be executed.


Windows NT and Windows 2000 hosts allow a remot

Windows |

Windows NT and Windows 2000 hosts allow a remote attacker to cause a denial of service via malformed DCE/RPC SMBwriteX requests that contain an invalid data length.


The telnet proxy in RideWay PN proxy server all

connections | malformed | attackers | requests | service | RideWay | contain | denial | server | telnet | remote | allows | cause | proxy | flood | via |

The telnet proxy in RideWay PN proxy server allows remote attackers to cause a denial of service via a flood of connections that contain malformed requests.


Perception LiteServe 1.25 allows remote attacke

Perception | LiteServe |

Perception LiteServe 1.25 allows remote attackers to obtain source code of CGI scripts via URLs that contain MS-DOS conventions such as (1) upper case letters or (2) 8.3 file names.


BEA Systems Weblogic Server 6.1 allows remote a

attackers | Weblogic | requests | contain | service | Systems | series | device | MS-DOS | Server | allows | denial | remote | files | cause | name | via | BEA | JSP |

BEA Systems Weblogic Server 6.1 allows remote attackers to cause a denial of service via a series of requests to .JSP files that contain an MS-DOS device name.


Avaya Cajun switches P880, P882, P580, and P550

switches | P550R | Avaya | Cajun | P580 | P880 | P882 |

Avaya Cajun switches P880, P882, P580, and P550R 5.2.14 and earlier contain undocumented accounts (1) manuf and (2) diag with default passwords, which allows remote attackers to gain privileges.


Cisco ONS15454 and ONS15327 running ONS before

attackers | ONS15327 | ONS15454 | service | running | denial | allows | before | Cisco | cause | ONS |

Cisco ONS15454 and ONS15327 running ONS before 3.4 allows attackers to cause a denial of service (reset to TCC, TCC+, TCCi or XTC) via a malformed HTTP request that does not contain a leading / (slash) character.


irssi IRC client 0.8.4, when downloaded after 1

client | irssi | IRC |

irssi IRC client 0.8.4, when downloaded after 14-March-2002, could contain a backdoor in the configuration file, which allows remote attackers to access the system.


configure for Dsniff 2.3, fragroute 1.2, and fr

fragrouter | downloaded | configure | monkeyorg | fragroute | Dsniff | May |

configure for Dsniff 2.3, fragroute 1.2, and fragrouter 1.6, when downloaded from monkey.org on May 17, 2002, has been modified to contain a backdoor, which allows remote attackers to access the system.


gkrellm-newsticker gkrellm plugin before 0.3-3.

gkrellm-newsticker | attackers | service | gkrellm | remote | denial | before | plugin | allows | 03-31 | cause |

gkrellm-newsticker gkrellm plugin before 0.3-3.1 allows remote attackers to cause a denial of service (crash) via (1) link or (2) title elements that contain multiple lines.


Apple QuickTime / Darwin Streaming Server befor

attackers | Streaming | QuickTime | service | allows | denial | remote | Darwin | Server | before | Apple | cause | 413f |

Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to cause a denial of service (crash) via a request to view_broadcast.cgi that does not contain the required parameters.


The Administration Console for BEA Tuxedo 8.1 a

Administration | attackers | earlier | Console | service | denial | remote | Tuxedo | allows | cause | BEA |

The Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to cause a denial of service (hang) via pathname arguments that contain MS-DOS device names such as CON and AUX.


Buffer overflow in defang in libhttpd.c for tht

libhttpdc | overflow | thttpd | Buffer | defang |

Buffer overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 allows remote attackers to execute arbitrary code via requests that contain '<' or '>' characters, which trigger the overflow when the characters are expanded to "<" and ">" sequences.


exit.c in Linux kernel 2.6-test9-CVS, as stored

__WCLONE|__WALL | kernelbkbitsnet | 26-test9-CVS | privileges | sys_wait4 | backdoor | modified | function | passing | elevate | contain | stored | kernel | their | which | Linux | exitc | could | users | local | allow |

exit.c in Linux kernel 2.6-test9-CVS, as stored on kernel.bkbits.net, was modified to contain a backdoor, which could allow local users to elevate their privileges by passing __WCLONE|__WALL to the sys_wait4 function.


login.php in phpGedView 2.65 and earlier allows

phpGedView | loginphp |

login.php in phpGedView 2.65 and earlier allows remote attackers to obtain sensitive information via an HTTP request to login.php that does not contain the required username or password parameters, which causes the information to be leaked in an error message.


Utempter allows device names that contain .. (d

Utempter | contain | device | allows | names |

Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files.


The download_selection_recursive() function in


The download_selection_recursive() function in ftplist.c for IglooFTP 0.6.1 allows remote malicious FTP servers to overwrite arbitrary files via filenames that contain / (slash) characters.


scp in OpenSSH 4.2p1 allows attackers to execut

metacharacters | attackers | arbitrary | filenames | expanded | commands | OpenSSH | contain | execute | spaces | allows | which | twice | shell | 42p1 | scp | via |

scp in OpenSSH 4.2p1 allows attackers to execute arbitrary commands via filenames that contain shell metacharacters or spaces, which are expanded twice.


Multiple unspecified vulnerabilities in Dia bef

vulnerabilities | CVE-2007-1351 | CVE-2007-2754 | unspecified | vulnerable | libraries | involving | FreeType | probably | Multiple | contain | vectors | and/or | attack | 0961-6 | before | impact | have | Dia | use |

Multiple unspecified vulnerabilities in Dia before 0.96.1-6 have unspecified attack vectors and impact, probably involving the use of vulnerable FreeType libraries that contain CVE-2007-2754 and/or CVE-2007-1351.


Software vulnerabilities results 1 to 20 of 95     
Page: 12345