maximum software vulnerabilities
vulnerabilities.aspcode.net
Searching maximum software vulnerabilities
SSH server (sshd2) before 2.0.12 does not prope
server
|
SSH
|
SSH server (sshd2) before 2.0.12 does not properly record login attempts if the connection is closed before the maximum number of tries, allowing a remote attacker to guess the password without showing up in the audit logs.
Multiple TCP implementations could allow remote
implementations
|
attackers
|
Multiple
|
service
|
remote
|
denial
|
cause
|
could
|
allow
|
TCP
|
Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth and CPU exhaustion) by setting the maximum segment size (MSS) to a very small number and requesting large amounts of data, which generates more packets with less TCP-level data that amplify network traffic and consume more server CPU to process.
IBM AIX 430 does not properly unlock IPPMTU_LOC
AIX
|
IBM
|
IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote attackers to cause a denial of service (hang) via Path Maximum Transmit Unit (PMTU) IP packets.
NetScreen ScreenOS before 2.6.1 does not suppor
NetScreen
|
ScreenOS
|
before
|
NetScreen ScreenOS before 2.6.1 does not support a maximum number of concurrent sessions for a system, which allows an attacker on the trusted network to cause a denial of service (resource exhaustion) via a port scan to an external network, which consumes all available connections.
The library feature for Adobe Content Server 3.
available
|
accessing
|
attacker
|
bookbag"
|
exceeded
|
library
|
feature
|
reports
|
maximum
|
Content
|
number
|
allows
|
remote
|
Server
|
copies
|
Adobe
|
check
|
loans
|
eBook
|
more
|
even
|
"Add
|
out
|
The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook even when the maximum number of loans is exceeded by accessing the "Add to bookbag" feature when the server reports that no more copies are available.
Microsoft Windows XP and Windows 2000, when con
Microsoft
|
Windows
|
Microsoft Windows XP and Windows 2000, when configured to send administrative alerts and the "Do not overwrite events (clear log manually)" option is set, does not notify the administrator when the log reaches its maximum size, which allows local users and remote attackers to avoid detection.
The accept_client function in PureFTPd 1.0.18 a
accept_client
|
PureFTPd
|
function
|
The accept_client function in PureFTPd 1.0.18 and earlier allows remote attackers to cause a denial of service by exceeding the maximum number of connections.
Buffer overflow in the QFILEPATHINFO request ha
QFILEPATHINFO
|
overflow
|
handler
|
through
|
request
|
Buffer
|
Samba
|
30x
|
Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value.
The web management interface for Mitel 3300 Int
management
|
interface
|
Mitel
|
web
|
The web management interface for Mitel 3300 Integrated Communications Platform (ICP) before 4.2.2.11 allows remote authenticated users to cause a denial of service (resource exhaustion) via a large number of active sessions, which exceeds ICP's maximum.
Samsung SmartEther SS6215S switch, and possibly
administrative
|
SmartEther
|
attackers
|
resulting
|
providing
|
followed
|
username
|
pressing
|
password
|
possibly
|
switches
|
maximum
|
allowed
|
message
|
Samsung
|
SS6215S
|
access
|
switch
|
length
|
remote
|
allows
|
enter
|
after
|
users
|
other
|
admin
|
local
|
error
|
gain
|
then
|
key
|
Samsung SmartEther SS6215S switch, and possibly other Samsung switches, allows remote attackers and local users to gain administrative access by providing the admin username followed by a password that is the maximum allowed length, then pressing the enter key after the resulting error message.
asycpict.dll, as used in Microsoft products suc
asycpictdll
|
Microsoft
|
attackers
|
products
|
service
|
allows
|
remote
|
denial
|
Front
|
cause
|
used
|
such
|
Page
|
asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values.
Multiple integer signedness errors in the sg_sc
copy_from_user
|
sg_scsi_ioctl
|
copy_to_user
|
scsi_ioctlc
|
signedness
|
functions
|
arguments
|
negative
|
integers
|
Multiple
|
function
|
integer
|
maximum
|
calling
|
before
|
bypass
|
length
|
kernel
|
modify
|
errors
|
memory
|
users
|
local
|
check
|
allow
|
Linux
|
ioctl
|
which
|
scsi
|
read
|
via
|
26x
|
Multiple integer signedness errors in the sg_scsi_ioctl function in scsi_ioctl.c for Linux 2.6.x allow local users to read or modify kernel memory via negative integers in arguments to the scsi ioctl, which bypass a maximum length check before calling the copy_from_user and copy_to_user functions.
PictureViewer in QuickTime for Windows 6.5.2 al
PictureViewer
|
QuickTime
|
Windows
|
PictureViewer in QuickTime for Windows 6.5.2 allows remote attackers to cause a denial of service (application crash) via a GIF image with the maximum depth start value, possibly triggering an integer overflow.
BEA WebLogic Server and WebLogic Express 8.1 SP
username/password
|
authentication
|
attackers
|
username
|
WebLogic
|
password
|
attempts
|
Express
|
maximum
|
earlier
|
invalid
|
easier
|
number
|
Server
|
remote
|
login
|
makes
|
which
|
guess
|
after
|
using
|
lock
|
does
|
SP5
|
BEA
|
SP6
|
out
|
not
|
BEA WebLogic Server and WebLogic Express 8.1 SP5 and earlier, and 7.0 SP6 and earlier, when using username/password authentication, does not lock out a username after the maximum number of invalid login attempts, which makes it easier for remote attackers to guess the password.
The winbind plugin in pppd for ppp 2.4.4 and ea
winbind
|
plugin
|
pppd
|
ppp
|
The winbind plugin in pppd for ppp 2.4.4 and earlier does not check the return code from the setuid function call, which might allow local users to gain privileges by causing setuid to fail, such as exceeding PAM limits for the maximum number of user processes, which prevents the winbind NTLM authentication helper from dropping privileges.
Darren's $5 Script Archive osDate 1.1.7 and ear
Darren's
|
Archive
|
osDate
|
Script
|
Darren's $5 Script Archive osDate 1.1.7 and earlier allows users to boost their own ratings via a txtrating parameter with a score greater than the intended maximum of 10.
Integer signedness error in FreeBSD 6.0-RELEASE
signedness
|
60-RELEASE
|
FreeBSD
|
Integer
|
service
|
denial
|
allows
|
error
|
cause
|
local
|
users
|
Integer signedness error in FreeBSD 6.0-RELEASE allows local users to cause a denial of service (memory corruption and kernel panic) via a PT_LWPINFO ptrace command with a large negative data value that satisfies a signed maximum value check but is used in an unsigned copyout function call.
connections.c in lighttpd before 1.4.16 might a
connectionsc
|
lighttpd
|
before
|
connections.c in lighttpd before 1.4.16 might accept more connections than the configured maximum, which allows remote attackers to cause a denial of service (failed assertion) via a large number of connection attempts.
The pop3 Proxy in Astaro Security Gateway (ASG)
Security
|
Gateway
|
Astaro
|
Proxy
|
pop3
|
The pop3 Proxy in Astaro Security Gateway (ASG) 7 does not perform virus scanning of attachments that exceed the maximum attachment size, and passes these attachments, which allows remote attackers to bypass this scanning via a large attachment.
Stack-based buffer overflow in the cons_options
cons_options
|
Stack-based
|
arbitrary
|
attackers
|
optionsc
|
overflow
|
function
|
service
|
execute
|
through
|
OpenBSD
|
buffer
|
denial
|
remote
|
allows
|
cause
|
dhcpd
|
code
|
Stack-based buffer overflow in the cons_options function in options.c in dhcpd in OpenBSD 4.0 through 4.2 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a DHCP request specifying a maximum message size smaller than the minimum IP MTU.
Software vulnerabilities results 1 to 20 of 28
Page:
1
2
►