does software vulnerabilities
vulnerabilities.aspcode.net
Searching does software vulnerabilities
A URL for a WWW directory allows auto-indexing,
auto-indexing
|
indexhtml
|
directory
|
provides
|
contain
|
allows
|
files
|
which
|
file
|
does
|
list
|
URL
|
not
|
all
|
A URL for a WWW directory allows auto-indexing, which provides a list of all files in that directory if it does not contain an index.html file.
A Windows NT system's file audit policy does no
security-critical
|
directories
|
system's
|
failure
|
Windows
|
success
|
policy
|
audit
|
event
|
files
|
file
|
does
|
not
|
log
|
A Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories.
A Windows NT system's file audit policy does no
non-critical
|
directories
|
system's
|
failure
|
Windows
|
success
|
policy
|
audit
|
event
|
files
|
file
|
does
|
not
|
log
|
A Windows NT system's file audit policy does not log an event success or failure for non-critical files or directories.
A Windows NT system's registry audit policy doe
security-critical
|
registry
|
system's
|
failure
|
success
|
Windows
|
policy
|
event
|
audit
|
does
|
keys
|
not
|
log
|
A Windows NT system's registry audit policy does not log an event success or failure for security-critical registry keys.
A Windows NT system's registry audit policy doe
non-critical
|
registry
|
system's
|
failure
|
success
|
Windows
|
policy
|
event
|
audit
|
does
|
keys
|
not
|
log
|
A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys.
A Windows NT system does not restrict access to
removable
|
restrict
|
Windows
|
floppy
|
drives
|
access
|
system
|
CDROM
|
drive
|
media
|
does
|
disk
|
such
|
not
|
A Windows NT system does not restrict access to removable media drives such as a floppy disk drive or CDROM drive.
A Windows NT system does not clear the system p
information
|
sensitive
|
shutdown
|
recorded
|
Windows
|
during
|
system
|
might
|
allow
|
which
|
clear
|
does
|
file
|
page
|
not
|
A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded.
A Windows NT account policy does not forcibly d
disconnect
|
forcibly
|
Windows
|
account
|
remote
|
expire
|
server
|
policy
|
logon
|
hours
|
their
|
users
|
does
|
not
|
A Windows NT account policy does not forcibly disconnect remote users from the server when their logon hours expire.
A network intrusion detection system (IDS) does
detection
|
intrusion
|
network
|
system
|
A network intrusion detection system (IDS) does not properly handle packets that are sent out of order, allowing an attacker to escape detection.
A network intrusion detection system (IDS) does
detection
|
intrusion
|
network
|
system
|
A network intrusion detection system (IDS) does not properly handle packets with improper sequence numbers.
A network intrusion detection system (IDS) does
detection
|
intrusion
|
network
|
system
|
A network intrusion detection system (IDS) does not verify the checksum on a packet.
A network intrusion detection system (IDS) does
detection
|
intrusion
|
network
|
system
|
A network intrusion detection system (IDS) does not properly reassemble fragmented packets.
Beck GmbH IPC@Chip TelnetD service supports onl
administrator
|
connection
|
disconnect
|
connecting
|
attackers
|
complete
|
IPC@Chip
|
supports
|
TelnetD
|
service
|
process
|
account
|
allows
|
remote
|
which
|
login
|
lock
|
GmbH
|
only
|
does
|
user
|
Beck
|
not
|
one
|
out
|
Beck GmbH IPC@Chip TelnetD service supports only one connection and does not disconnect a user who does not complete the login process, which allows remote attackers to lock out the administrator account by connecting to the service.
One-Time Passwords In Everything (a.k.a OPIE) 2
Everything
|
Passwords
|
One-Time
|
One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows remote attackers to determine the existence of user accounts by printing random passphrases if the user account does not exist and static passphrases if the user account does exist.
tcpdump does not properly drop privileges to th
privileges
|
properly
|
starting
|
tcpdump
|
pcap
|
user
|
does
|
drop
|
not
|
tcpdump does not properly drop privileges to the pcap user when starting up.
The xatitv program in the gatos package does no
metacharacters
|
configuration
|
privileges
|
arbitrary
|
properly
|
commands
|
execute
|
program
|
package
|
allows
|
xatitv
|
system
|
shell
|
local
|
users
|
gatos
|
exist
|
which
|
does
|
call
|
root
|
file
|
drop
|
via
|
not
|
The xatitv program in the gatos package does not properly drop root privileges when the configuration file does not exist, which allows local users to execute arbitrary commands via shell metacharacters in a system call.
CVS 1.12 and earlier on Debian GNU/Linux does n
CVS
|
CVS 1.12 and earlier on Debian GNU/Linux does not properly handle when a mapping for the current repository does not exist in the cvs-repouids file, which allows remote attackers to cause a denial of service (server crash).
AFP Server for Mac OS X 10.4.1, when using an A
Server
|
Mac
|
AFP
|
AFP Server for Mac OS X 10.4.1, when using an ACL enabled volume, does not properly remove an ACL when a file is copied to a directory that does not use ACLs, which will override the POSIX file permissions for that ACL.
Apache Derby before 10.2.1.6 does not determine
before
|
Apache
|
Derby
|
Apache Derby before 10.2.1.6 does not determine privilege requirements for lock table statements at compilation time, and consequently does not enforce privilege requirements at execution time, which allows remote authenticated users to lock arbitrary tables.
Safari in Apple iPhone 1.1.1, when requested to
iPhone
|
Safari
|
Apple
|
Safari in Apple iPhone 1.1.1, when requested to disable Javascript, does not disable it until Safari is restarted, which might leave Safari open to attacks that the user does not expect.
Software vulnerabilities results 1 to 20 of 1732
Page:
1
2
3
4
5
...
87
►