detection software vulnerabilities
vulnerabilities.aspcode.net
Searching detection software vulnerabilities
A network intrusion detection system (IDS) does
detection
|
intrusion
|
network
|
system
|
A network intrusion detection system (IDS) does not properly handle packets with improper sequence numbers.
A network intrusion detection system (IDS) does
detection
|
intrusion
|
network
|
system
|
A network intrusion detection system (IDS) does not verify the checksum on a packet.
A network intrusion detection system (IDS) does
detection
|
intrusion
|
network
|
system
|
A network intrusion detection system (IDS) does not properly handle data within TCP handshake packets.
A network intrusion detection system (IDS) does
detection
|
intrusion
|
network
|
system
|
A network intrusion detection system (IDS) does not properly reassemble fragmented packets.
The default configurations for McAfee Virus Sca
configurations
|
Anti-Virus
|
malicious
|
attackers
|
detection
|
checkers
|
RECYCLED
|
Recycle
|
without
|
Windows
|
default
|
utility
|
allows
|
Norton
|
McAfee
|
folder
|
Virus
|
store
|
which
|
files
|
check
|
code
|
Scan
|
used
|
Bin
|
not
|
The default configurations for McAfee Virus Scan and Norton Anti-Virus virus checkers do not check files in the RECYCLED folder that is used by the Windows Recycle Bin utility, which allows attackers to store malicious code without detection.
eTrust Intrusion Detection System (formerly Ses
Detection
|
Intrusion
|
System
|
eTrust
|
eTrust Intrusion Detection System (formerly SessionWall-3) uses weak encryption (XOR) to store administrative passwords in the registry, which allows local users to easily decrypt the passwords.
SSH daemon version 1 (aka SSHD-1 or SSH-1) 1.2.
version
|
daemon
|
SSH
|
SSH daemon version 1 (aka SSHD-1 or SSH-1) 1.2.30 and earlier does not log repeated login attempts, which could allow remote attackers to compromise accounts without detection via a brute force attack.
Various Intrusion Detection Systems (IDS) inclu
Detection
|
Intrusion
|
Systems
|
Various
|
Various Intrusion Detection Systems (IDS) including (1) Cisco Secure Intrusion Detection System, (2) Cisco Catalyst 6000 Intrusion Detection System Module, (3) Dragon Sensor 4.x, (4) Snort before 1.8.1, (5) ISS RealSecure Network Sensor 5.x and 6.x before XPU 3.2, and (6) ISS RealSecure Server Sensor 5.5 and 6.0 for Windows, allow remote attackers to evade detection of HTTP attacks via non-standard "%u" Unicode encoding of ASCII characters in the requested URL.
The RC4 stream cipher as used by SSH1 allows re
redundancy
|
attackers
|
message's
|
detection
|
messages
|
original
|
without
|
cyclic
|
XORing
|
stream
|
cipher
|
allows
|
modify
|
remote
|
check
|
SSH1
|
used
|
RC4
|
The RC4 stream cipher as used by SSH1 allows remote attackers to modify messages without detection by XORing the original message's cyclic redundancy check (CRC) with the CRC of a mask consisting of all the bits of the original message that were modified.
The IDEA cipher as implemented by SSH1 does not
modification
|
implemented
|
redundancy
|
detection
|
attackers
|
changing
|
message
|
without
|
against
|
protect
|
allows
|
remote
|
cipher
|
cyclic
|
modify
|
check
|
block
|
final
|
which
|
does
|
SSH1
|
IDEA
|
its
|
not
|
The IDEA cipher as implemented by SSH1 does not protect the final block of a message against modification, which allows remote attackers to modify the block without detection by changing its cyclic redundancy check (CRC) to match the modifications to the message.
Alcatel Speed Touch Home ADSL Modem allows remo
attackers
|
service
|
Alcatel
|
remote
|
denial
|
allows
|
cause
|
Touch
|
Speed
|
Modem
|
ADSL
|
Home
|
Alcatel Speed Touch Home ADSL Modem allows remote attackers to cause a denial of service (reboot) via a network scan with unusual packets, such as nmap with OS detection.
Vtun 2.5b1 does not authenticate forwarded pack
cut-and-paste
|
authenticate
|
forwarded
|
attackers
|
detection
|
sessions
|
possibly
|
contents
|
attacks
|
without
|
control
|
packets
|
allows
|
inject
|
remote
|
which
|
does
|
25b1
|
Vtun
|
user
|
into
|
data
|
ECB
|
not
|
via
|
Vtun 2.5b1 does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on ECB.
tinc 1.0pre3 and 1.0pre4 VPN does not authentic
cut-and-paste
|
authenticate
|
detection
|
forwarded
|
attackers
|
sessions
|
contents
|
possibly
|
without
|
attacks
|
control
|
packets
|
inject
|
10pre4
|
allows
|
remote
|
10pre3
|
which
|
tinc
|
into
|
data
|
user
|
does
|
CBC
|
not
|
VPN
|
via
|
tinc 1.0pre3 and 1.0pre4 VPN does not authenticate forwarded packets, which allows remote attackers to inject data into user sessions without detection, and possibly control the data contents via cut-and-paste attacks on CBC.
The default aide.conf file in Advanced Intrusio
Environment
|
Intrusion
|
Detection
|
Advanced
|
aideconf
|
default
|
file
|
The default aide.conf file in Advanced Intrusion Detection Environment (AIDE) before 0.7_1 on FreeBSD before 2002-08-28 does not properly check subdirectories, which could allow local users to bypass detection.
Buffer overflow in the Client Detection Tool (C
Detection
|
overflow
|
Client
|
Buffer
|
Tool
|
Buffer overflow in the Client Detection Tool (CDT) plugin (npcdt.dll) for Netscape 7.02 allows remote attackers to execute arbitrary code via an attachment with a long filename.
EnCase Forensic Edition 4.18a does not support
Configuration
|
Overlays
|
Forensic
|
support
|
Edition
|
Device
|
EnCase
|
418a
|
does
|
not
|
EnCase Forensic Edition 4.18a does not support Device Configuration Overlays (DCO), which allows attackers to hide information without detection.
Unknown vulnerability in MailScanner 4.41.3 and
vulnerability
|
MailScanner
|
Unknown
|
Unknown vulnerability in MailScanner 4.41.3 and earlier, related to "incomplete reporting of viruses in zip files," allows remote attackers to bypass virus detection.
SpamAssassin 3.0.4 allows attackers to bypass s
SpamAssassin
|
SpamAssassin 3.0.4 allows attackers to bypass spam detection via an e-mail with a large number of recipients ("To" addresses), which triggers a bus error in Perl.
The hardware detection functionality in the Win
functionality
|
Professional
|
Microsoft
|
detection
|
hardware
|
Windows
|
Server
|
Shell
|
SP2
|
The hardware detection functionality in the Windows Shell in Microsoft Windows XP SP2 and Professional, and Server 2003 SP1 allows local users to gain privileges via an unvalidated parameter to a function related to the "detection and registration of new hardware."
The virus detection engine in Sophos Anti-Virus
Anti-Virus
|
detection
|
before
|
Sophos
|
engine
|
virus
|
The virus detection engine in Sophos Anti-Virus before 2.49.0 does not properly process malformed (1) CAB, (2) LZH, and (3) RAR files with modified headers, which might allow remote attackers to bypass malware detection.
Software vulnerabilities results 1 to 20 of 114
Page:
1
2
3
4
5
6
►