lockout software vulnerabilities
vulnerabilities.aspcode.net
Searching lockout software vulnerabilities
Microsoft Windows 2000 before Service Pack 2 (S
Microsoft
|
Windows
|
Microsoft Windows 2000 before Service Pack 2 (SP2), when running in a non-Windows 2000 domain and using NTLM authentication, and when credentials of an account are locally cached, allows local users to bypass account lockout policies and make an unlimited number of login attempts, aka the "Domain Account Lockout" vulnerability.
Windows XP with fast user switching and account
switching
|
account
|
lockout
|
enabled
|
setting
|
Windows
|
access
|
switch
|
allows
|
local
|
users
|
fast
|
same
|
deny
|
user
|
Windows XP with fast user switching and account lockout enabled allows local users to deny user account access by setting the fast user switch to the same user (self) multiple times, which causes other accounts to be locked out.
The account lockout capability in Oblix NetPoin
capability
|
passwords
|
attackers
|
specified
|
guessing
|
password
|
NetPoint
|
lockout
|
conduct
|
account
|
without
|
waiting
|
earlier
|
remote
|
locked
|
easier
|
period
|
until
|
again
|
locks
|
being
|
Oblix
|
users
|
which
|
brute
|
makes
|
force
|
only
|
once
|
ends
|
then
|
out
|
The account lockout capability in Oblix NetPoint 5.2 and earlier only locks out users once for the specified lockout period, which makes it easier for remote attackers to conduct brute force password guessing by waiting until the lockout period ends, then guessing passwords without being locked out again.
The account lockout functionality in (1) Webmin
functionality
|
lockout
|
account
|
The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote attackers to conduct a brute force attack to guess user IDs and passwords.
profile.php in PunBB 1.2.1 allows remote attack
profilephp
|
PunBB
|
profile.php in PunBB 1.2.1 allows remote attackers to cause a denial of service (account lockout) by setting the user's password to NULL.
The FWDRV driver in Kerio Personal Firewall 4.2
Firewall
|
Personal
|
Server
|
driver
|
FWDRV
|
Kerio
|
The FWDRV driver in Kerio Personal Firewall 4.2 and Server Firewall 1.1.1 allows local users to cause a denial of service (crash) by setting the PAGE_NOACCESS or PAGE_GUARD protection on the Page Environment Block (PEB), which triggers an exception, aka the "PEB lockout vulnerability."
The RFC_SET_REG_SERVER_PROPERTY function in the
RFC_SET_REG_SERVER_PROPERTY
|
function
|
Library
|
RFC
|
SAP
|
The RFC_SET_REG_SERVER_PROPERTY function in the SAP RFC Library 6.40 and 7.00 before Tuesday, January 09, 2007 implements an option for exclusive access to an RFC server, which allows remote attackers to cause a denial of service (client lockout) via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.
Soldat game server 1.4.2 and earlier, and dedic
server
|
Soldat
|
game
|
Soldat game server 1.4.2 and earlier, and dedicated server 2.6.2 and earlier, allows remote attackers to cause a denial of service (client lockout) via a series of UDP join packets from a spoofed IP address, which triggers temporary blacklisting of this IP address.
Software vulnerabilities results 1 to 9 of 9
Page:
1