hide software vulnerabilities
vulnerabilities.aspcode.net
Searching hide software vulnerabilities
The Basic Security Module (BSM) for Solaris 2.5
Security
|
Module
|
Basic
|
The Basic Security Module (BSM) for Solaris 2.5.1, 2.6, 7, and 8 does not log anonymous FTP access, which allows remote attackers to hide their activities, possibly when certain BSM audit files are not present under the FTP root.
The log files in Apache web server contain info
information
|
characters
|
addresses
|
attackers
|
directly
|
requests
|
supplied
|
programs
|
control
|
clients
|
contain
|
viewed
|
remote
|
Apache
|
source
|
server
|
filter
|
spoof
|
allow
|
quote
|
files
|
could
|
which
|
logs
|
such
|
UNIX
|
tail
|
HTTP
|
hide
|
does
|
grep
|
cat
|
not
|
web
|
log
|
The log files in Apache web server contain information directly supplied by clients and does not filter or quote control characters, which could allow remote attackers to hide HTTP requests and spoof source IP addresses when logs are viewed with UNIX programs such as cat, tail, and grep.
Tiny Personal Firewall (TPF) 2.0.15, under cert
Firewall
|
Personal
|
Tiny
|
Tiny Personal Firewall (TPF) 2.0.15, under certain configurations, will pop up an alert to the system even when the screen is locked, which could allow an attacker with physical access to the machine to hide activities or bypass access restrictions.
NTFS file system in Windows NT 4.0 and Windows
Windows
|
system
|
NTFS
|
file
|
NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local attackers to hide file usage activities via a hard link to the target file, which causes the link to be recorded in the audit trail instead of the target file.
Belkin F5D5230-4 4-Port Cable/DSL Gateway Route
Cable/DSL
|
F5D5230-4
|
Gateway
|
Router
|
Belkin
|
4-Port
|
Belkin F5D5230-4 4-Port Cable/DSL Gateway Router 1.20.000 modifies the source IP address of internal packets to that of the router's external interface when forwarding a request from an internal host to an internal web server, which allows remote attackers to hide which host is being used to access the web server.
Trend Micro InterScan VirusWall for Windows NT
InterScan
|
VirusWall
|
Windows
|
Trend
|
Micro
|
Trend Micro InterScan VirusWall for Windows NT 3.52 does not record the sender's IP address in the headers for a mail message when it is passed from VirusWall to the MTA, which allows remote attackers to hide the origin of the message.
Apache before 1.3.24, when writing to the log f
before
|
Apache
|
Apache before 1.3.24, when writing to the log file, records a spoofed hostname from the reverse lookup of an IP address, even when a double-reverse lookup fails, which allows remote attackers to hide the original source of activities.
Sun ONE Application Server 7.0 for Windows 2000
Application
|
activities
|
attackers
|
malicious
|
complete
|
Windows
|
request
|
2000/XP
|
remote
|
Server
|
which
|
could
|
allow
|
does
|
hide
|
long
|
HTTP
|
ONE
|
Sun
|
not
|
URI
|
log
|
Sun ONE Application Server 7.0 for Windows 2000/XP does not log the complete URI of a long HTTP request, which could allow remote attackers to hide malicious activities.
Symbol Access Portable Data Terminal (PDT) 8100
Portable
|
Terminal
|
Symbol
|
Access
|
Data
|
Symbol Access Portable Data Terminal (PDT) 8100 does not hide the default WEP keys if they are not changed, which could allow attackers to retrieve the keys and gain access to the wireless network.
Unknown vulnerability in (1) duplicates.cgi and
vulnerability
|
Unknown
|
Unknown vulnerability in (1) duplicates.cgi and (2) buglist.cgi in Bugzilla 2.16.x before 2.16.6, 2.18 before 2.18rc1, when configured to hide products, allows remote attackers to view hidden products.
Multiple unknown vulnerabilities in viewcvs bef
vulnerabilities
|
Multiple
|
viewcvs
|
unknown
|
before
|
Multiple unknown vulnerabilities in viewcvs before 0.9.2, when exporting a repository as a tar archive, does not properly implement the hide_cvsroot and forbidden settings, which could allow remote attackers to gain sensitive information.
The Secure Shell (SSH) Daemon (SSHD) in Sun Sol
Secure
|
Shell
|
The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0.0.0.0, which makes it easier for remote attackers to hide the source of their activities.
Chat Anywhere 2.72 and earlier allows remote at
Anywhere
|
Chat
|
Chat Anywhere 2.72 and earlier allows remote attackers to hide their IP address by using %00 before the nickname, which causes the IP address to be displayed as $IP$ on the administration web page.
SQL injection vulnerability in register.php in
vulnerability
|
registerphp
|
injection
|
before
|
Phorum
|
SQL
|
SQL injection vulnerability in register.php in Phorum before 3.4.6 allows remote attackers to execute arbitrary SQL commands via the hide_email parameter.
CRLF injection vulnerability in the cmdIS.DLL p
vulnerability
|
sequences
|
attackers
|
injection
|
possibly
|
cmdISDLL
|
injected
|
entries
|
request
|
command
|
logfile
|
Server
|
plugin
|
allows
|
remote
|
using
|
spoof
|
files
|
HTTPD
|
HTTP
|
type
|
142n
|
CRLF
|
hide
|
read
|
via
|
CRLF injection vulnerability in the cmdIS.DLL plugin for AN HTTPD Server 1.42n allows remote attackers to spoof or hide entries in the logfile, and possibly read files using an injected type command, via CRLF sequences in an HTTP request.
Serendipity before 0.8 allows Chief users to "h
Serendipity
|
installed
|
plugins
|
users"
|
before
|
allows
|
other
|
Chief
|
users
|
"hide
|
Serendipity before 0.8 allows Chief users to "hide plugins installed by other users."
EnCase Forensic Edition 4.18a does not support
Configuration
|
Overlays
|
Forensic
|
support
|
Edition
|
Device
|
EnCase
|
418a
|
does
|
not
|
EnCase Forensic Edition 4.18a does not support Device Configuration Overlays (DCO), which allows attackers to hide information without detection.
Cross-site scripting (XSS) vulnerability in Pra
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in Pragma Systems Telnetserver 6.0 allows remote attackers to inject arbitrary web script or HTML, and hide activities in log files, via a " Software vulnerabilities results 1 to 20 of 35
Page:
1
2
►