debugger software vulnerabilities
vulnerabilities.aspcode.net
Searching debugger software vulnerabilities
Idle locking function in MacOS 9 allows local a
programmer's
|
protection
|
attackers
|
sessions
|
debugger
|
attacker
|
keyboard
|
sequence
|
password
|
function
|
CMD-PWR
|
disable
|
locking
|
bypass
|
brings
|
allows
|
switch
|
idled
|
which
|
MacOS
|
local
|
lock
|
Idle
|
use
|
via
|
can
|
Idle locking function in MacOS 9 allows local attackers to bypass the password protection of idled sessions via the programmer's switch or CMD-PWR keyboard sequence, which brings up a debugger that the attacker can use to disable the lock.
The "AEDebug" registry key is installed with in
automatically
|
permissions
|
installed
|
"AEDebug"
|
executed
|
debugger
|
registry
|
insecure
|
specify
|
Trojan
|
modify
|
system
|
allows
|
crash
|
local
|
which
|
Horse
|
users
|
key
|
The "AEDebug" registry key is installed with insecure permissions, which allows local users to modify the key to specify a Trojan Horse debugger which is automatically executed on a system crash.
Race condition in exec in OpenBSD 4.0 and earli
condition
|
OpenBSD
|
earlier
|
NetBSD
|
Race
|
exec
|
Race condition in exec in OpenBSD 4.0 and earlier, NetBSD 1.5.2 and earlier, and FreeBSD 4.4 and earlier allows local users to gain privileges by attaching a debugger to a process before the kernel has determined that the process is setuid or setgid.
Buffer overflow in the GNU DataDisplay Debugger
DataDisplay
|
Debugger
|
overflow
|
Buffer
|
GNU
|
Buffer overflow in the GNU DataDisplay Debugger (DDD) 3.3.1 allows local users to execute arbitrary code and possibly gain privileges via a long HOME environment variable. NOTE: since DDD is not installed setuid or setgid, perhaps this issue should not be included in CVE.
Format string vulnerability in DataRescue Inter
vulnerability
|
Disassembler
|
Interactive
|
DataRescue
|
Debugger
|
Format
|
string
|
Format string vulnerability in DataRescue Interactive Disassembler and Debugger (IDA) Pro 4.7.0.830 allows remote attackers or local users to cause a denial of service (CPU consumption or application crash) and possibly execute arbitrary code via format string specifiers in a dynamic link library (DLL) name.
grpWise.exe for Novell GroupWise client 5.5 thr
grpWiseexe
|
GroupWise
|
through
|
client
|
Novell
|
grpWise.exe for Novell GroupWise client 5.5 through 6.5.2 stores the password in plaintext in memory, which allows attackers to obtain the password using a debugger or another mechanism to read process memory.
Whisper 32 1.16, and possibly earlier versions,
Whisper
|
Whisper 32 1.16, and possibly earlier versions, stores passwords in plaintext in memory, which allows local users to obtain the password using a debugger or another mechanism to read process memory.
Senao SI-680H Wireless VoIP Phone Firmware 0.03
Wireless
|
Firmware
|
SI-680H
|
Phone
|
Senao
|
VoIP
|
Senao SI-680H Wireless VoIP Phone Firmware 0.03.0839 leaves the VxWorks debugger UDP port 17185 available without authentication, which allows attackers to access the phone OS, obtain sensitive information, and cause a denial of service.
Cisco IP Phone (VoIP) 7920 1.0(8) listens to UD
Phone
|
Cisco
|
Cisco IP Phone (VoIP) 7920 1.0(8) listens to UDP port 17185 to support a VxWorks debugger, which allows remote attackers to obtain sensitive information and cause a denial of service.
NetBSD 1.6, NetBSD 2.0 through 2.1, and NetBSD-
NetBSD-current
|
through
|
before
|
NetBSD
|
NetBSD 1.6, NetBSD 2.0 through 2.1, and NetBSD-current before Monday, October 31, 2005 allows local users to gain privileges by attaching a debugger to a setuid/setgid (P_SUGID) process that performs an exec without a reset of real credentials.
sysinfo.cgi in sysinfo 1.21 allows remote attac
sysinfocgi
|
sysinfo
|
sysinfo.cgi in sysinfo 1.21 allows remote attackers to obtain the installation path via the debugger action.
Unspecified vulnerability in the kernel debugge
vulnerability
|
Unspecified
|
debugger
|
kernel
|
Unspecified vulnerability in the kernel debugger (kmdb) in Sun Solaris 10, when running on x86, allows local users to cause a denial of service (system hang) via unspecified vectors.
Buffer overflow in the (1) DWARF (dwarfread.c)
overflow
|
Buffer
|
Buffer overflow in the (1) DWARF (dwarfread.c) and (2) DWARF2 (dwarf2read.c) debugging code in GNU Debugger (GDB) 6.5 allows user-assisted attackers, or restricted users, to execute arbitrary code via a crafted file with a location block (DW_FORM_block) that contains a large number of operations.
The processor_request function in the debugger
processor_request
|
perform_request
|
authentication
|
unauthorized
|
DataRescue
|
attackers
|
debugger
|
function
|
invoking
|
actions
|
perform
|
before
|
allows
|
remote
|
verify
|
server
|
place
|
which
|
taken
|
does
|
Pro
|
IDA
|
has
|
not
|
The processor_request function in the debugger server for DataRescue IDA Pro 5.0 and 5.1 does not verify that authentication has taken place before invoking the perform_request function, which allows remote attackers to perform unauthorized actions.
Software vulnerabilities results 1 to 15 of 15
Page:
1