installs software vulnerabilities
vulnerabilities.aspcode.net
Searching installs software vulnerabilities
Excite for Web Servers (EWS) 1.1 installs the A
Servers
|
Excite
|
Web
|
Excite for Web Servers (EWS) 1.1 installs the Architext.conf authentication file with world-writeable permissions, which allows local users to gain access to Excite accounts by modifying the file.
ARCAD Systemhaus 0.078-5 installs critical prog
world-writeable
|
permissions
|
privileges
|
Systemhaus
|
replacing
|
programs
|
installs
|
critical
|
program
|
0078-5
|
Trojan
|
users
|
horse
|
which
|
files
|
ARCAD
|
could
|
local
|
allow
|
gain
|
ARCAD Systemhaus 0.078-5 installs critical programs and files with world-writeable permissions, which could allow local users to gain privileges by replacing a program with a Trojan horse.
DIT TransferPro installs devices with world-rea
world-readable
|
world-writable
|
TransferPro
|
permissions
|
installs
|
through
|
devices
|
damage
|
driver
|
device
|
disks
|
users
|
could
|
which
|
local
|
allow
|
DIT
|
DIT TransferPro installs devices with world-readable and world-writable permissions, which could allow local users to damage disks through the ff device driver.
Red Hat Linux 6.0 installs the /dev/pts file sy
installs
|
/dev/pts
|
insecure
|
devices
|
system
|
allows
|
local
|
write
|
users
|
other
|
Linux
|
modes
|
which
|
file
|
Red
|
tty
|
Hat
|
Red Hat Linux 6.0 installs the /dev/pts file system with insecure modes, which allows local users to write to other tty devices.
The SuSE aaa_base package installs some system
directories
|
privileges
|
standard
|
accounts
|
creating
|
profiles
|
aaa_base
|
installs
|
package
|
scripts
|
startup
|
allows
|
system
|
those
|
users
|
local
|
which
|
user
|
such
|
some
|
/tmp
|
gain
|
home
|
SuSE
|
set
|
The SuSE aaa_base package installs some system accounts with home directories set to /tmp, which allows local users to gain privileges to those accounts by creating standard user startup scripts such as profiles.
OpenLDAP 1.2.11 and earlier improperly installs
OpenLDAP
|
OpenLDAP 1.2.11 and earlier improperly installs the ud binary with group write permissions, which could allow any user in that group to replace the binary with a Trojan horse.
O'Reilly WebSite Pro 2.3.7 installs the uploade
O'Reilly
|
WebSite
|
Pro
|
O'Reilly WebSite Pro 2.3.7 installs the uploader.exe program with execute permissions for all users, which allows remote attackers to create and execute arbitrary files by directly calling uploader.exe.
The default configuration for PostACI webmail s
/includes/globalinc
|
configuration
|
information
|
attackers
|
usernames
|
sensitive
|
passwords
|
database
|
installs
|
webmail
|
PostACI
|
default
|
request
|
direct
|
allows
|
within
|
remote
|
system
|
which
|
HTTP
|
file
|
such
|
read
|
root
|
GET
|
web
|
via
|
The default configuration for PostACI webmail system installs the /includes/global.inc configuration file within the web root, which allows remote attackers to read sensitive information such as database usernames and passwords via a direct HTTP GET request.
Xitami 2.5b installs the testcgi.exe program by
configuration
|
information
|
testcgiexe
|
accessing
|
directory
|
attackers
|
sensitive
|
installs
|
program
|
default
|
cgi-bin
|
server
|
allows
|
remote
|
Xitami
|
which
|
gain
|
25b
|
web
|
Xitami 2.5b installs the testcgi.exe program by default in the cgi-bin directory, which allows remote attackers to gain sensitive configuration information about the web server by accessing the program.
MicroFocus Cobol 4.1, with the AppTrack feature
permissions
|
privileges
|
MicroFocus
|
directory
|
nolicense
|
modifying
|
insecure
|
installs
|
AppTrack
|
feature
|
enabled
|
mfaslmf
|
allows
|
files
|
Cobol
|
users
|
which
|
local
|
file
|
gain
|
MicroFocus Cobol 4.1, with the AppTrack feature enabled, installs the mfaslmf directory and the nolicense file with insecure permissions, which allows local users to gain privileges by modifying files.
Alcatel 4400 installs the /chetc/shutdown comma
Alcatel
|
Alcatel 4400 installs the /chetc/shutdown command with setgid privileges, which allows many different local users to shut down the system.
Alcatel OmniPCX 4400 installs files with world-
OmniPCX
|
Alcatel
|
Alcatel OmniPCX 4400 installs files with world-writable permissions, which allows local users to reconfigure the system and possibly gain privileges.
Alcatel OmniPCX 4400 installs known user accoun
OmniPCX
|
Alcatel
|
Alcatel OmniPCX 4400 installs known user accounts and passwords in the /etc/password file by default, which allows remote attackers to gain unauthorized access.
nethack 3.4.0 and earlier installs certain setg
nethack
|
nethack 3.4.0 and earlier installs certain setgid binaries with insecure permissions, which allows local users to gain privileges by replacing the original binaries with malicious code.
AppServ 2.5.x and earlier installs a default us
attackers
|
username
|
password
|
installs
|
AppServ
|
earlier
|
default
|
remote
|
access
|
allows
|
which
|
gain
|
25x
|
AppServ 2.5.x and earlier installs a default username and password, which allows remote attackers to gain access.
AS/400 running OS400 5.2 installs and enables L
authenticated
|
performing
|
profiles
|
installs
|
default
|
running
|
enables
|
search
|
obtain
|
OS/400
|
allows
|
AS/400
|
remote
|
OS400
|
which
|
users
|
user
|
LDAP
|
AS/400 running OS400 5.2 installs and enables LDAP by default, which allows remote authenticated users to obtain OS/400 user profiles by performing a search.
The LAM runtime environment package (lam-runtim
environment
|
package
|
runtime
|
LAM
|
The LAM runtime environment package (lam-runtime-7.0.6-2mdk) on Mandrake Linux installs the mpi user without a password, which allows local users to gain privileges.
apt-setup in Debian GNU/Linux installs the apt.
permissions
|
information
|
passwords
|
sensitive
|
GNU/Linux
|
apt-setup
|
installs
|
insecure
|
aptconf
|
obtain
|
Debian
|
allows
|
which
|
local
|
users
|
file
|
such
|
apt-setup in Debian GNU/Linux installs the apt.conf file with insecure permissions, which allows local users to obtain sensitive information such as passwords.
By default Microsoft Windows XP Home Edition in
Administrator
|
attackers
|
Microsoft
|
installs
|
password
|
computer
|
control
|
account
|
default
|
Edition
|
Windows
|
remote
|
allows
|
blank
|
which
|
Home
|
gain
|
By default Microsoft Windows XP Home Edition installs with a blank password for the Administrator account, which allows remote attackers to gain control of the computer.
SafeDisc installs the driver service for the se
configuration
|
permissions
|
privileges
|
malicious
|
secdrvsys
|
reference
|
changing
|
installs
|
SafeDisc
|
insecure
|
service
|
program
|
allows
|
driver
|
which
|
users
|
local
|
gain
|
SafeDisc installs the driver service for the secdrv.sys driver with insecure permissions, which allows local users to gain privileges by changing the configuration to reference a malicious program.
Software vulnerabilities results 1 to 20 of 64
Page:
1
2
3
4
►