lowercase software vulnerabilities
vulnerabilities.aspcode.net
Searching lowercase software vulnerabilities
Sun ONE Application Server 7.0 for Windows 2000
Application
|
attackers
|
uppercase
|
extension
|
lowercase
|
instead
|
request
|
2000/XP
|
Windows
|
source
|
allows
|
Server
|
remote
|
obtain
|
"JSP"
|
code
|
uses
|
ONE
|
Sun
|
via
|
JSP
|
Sun ONE Application Server 7.0 for Windows 2000/XP allows remote attackers to obtain JSP source code via a request that uses the uppercase ".JSP" extension instead of the lowercase .jsp extension.
CUPS before 1.1.21rc1 treats a Location directi
containing
|
attackers
|
sensitive
|
uppercase
|
specified
|
different
|
lowercase
|
directive
|
cupsdconf
|
intended
|
Location
|
letters
|
1121rc1
|
printer
|
treats
|
before
|
allows
|
bypass
|
which
|
ACLs
|
case
|
name
|
CUPS
|
via
|
CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive.
Multiple buffer overflows in EnderUNIX isoqlog
overflows
|
EnderUNIX
|
Multiple
|
isoqlog
|
buffer
|
Multiple buffer overflows in EnderUNIX isoqlog 2.1.1 allow remote attackers to execute arbitrary code via the (1) parseQmailFromBytesLine, (2) parseQmailToRemoteLine, (3) parseQmailToLocalLine, (4) parseSendmailFromBytesLine, (5) parseSendmailToLine, (6) parseEximFromBytesLine, and (7) parseEximToLine functions in Parser.c; allow local users to execute arbitrary code via the (8) lowercase and (9) check_syslog_date functions in Parser.c, and (10) unspecified functions in Dir.c; and allow unspecified attackers to execute arbitrary code via the (11) loadconfig and (12) removespaces functions in loadconfig.c, the (13) loadLang function in LangCfg.c, and (14) unspecified functions in Html.c.
webadmin-apache.conf in Novell Web Manager of N
webadmin-apacheconf
|
inconsistent
|
uppercase
|
lowercase
|
attackers
|
directory
|
NetWare
|
Manager
|
control
|
WEB-INF
|
allows
|
remote
|
Novell
|
bypass
|
folder
|
access
|
volume
|
Alias
|
which
|
uses
|
Web
|
tag
|
webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder.
The file extension check in GNUBoard 3.40 and e
extension
|
GNUBoard
|
check
|
file
|
The file extension check in GNUBoard 3.40 and earlier only verifies extensions that contain all lowercase letters, which allows remote attackers to upload arbitrary files via file extensions that include uppercase letters.
DeluxeBB 1.07 and earlier allows remote attacke
DeluxeBB
|
DeluxeBB 1.07 and earlier allows remote attackers to bypass SQL injection protection mechanisms via the login variable and certain other variables, by using lowercase "union select" or possibly other statements that do not match the uppercase "UNION SELECT."
The eyeHome function in apps/eyeHome.eyeapp/apl
apps/eyeHomeeyeapp/aplicphp
|
extensions
|
dangerous
|
arbitrary
|
attackers
|
operation
|
cleansing
|
lowercase
|
function
|
bypasses
|
eyeHome
|
execute
|
remote
|
before
|
allows
|
upload
|
EyeOS
|
which
|
093-3
|
file
|
code
|
all
|
via
|
not
|
The eyeHome function in apps/eyeHome.eyeapp/aplic.php in EyeOS before 0.9.3-3 allows remote attackers to upload and execute arbitrary code via dangerous file extensions that are not all lowercase, which bypasses a cleansing operation.
Incomplete blacklist vulnerability in index.php
vulnerability
|
phpMyAdmin
|
Incomplete
|
blacklist
|
indexphp
|
Incomplete blacklist vulnerability in index.php in phpMyAdmin 2.8.0 through 2.9.2 allows remote attackers to conduct cross-site scripting (XSS) attacks by injecting arbitrary JavaScript or HTML in a (1) db or (2) table parameter value followed by an uppercase end tag, which bypasses the protection against lowercase .
Software vulnerabilities results 1 to 9 of 9
Page:
1