Searching mode software vulnerabilities

A system is operating in "promiscuous" mode whi

"promiscuous" | operating | sniffing | perform | allows | system | packet | which | mode |

A system is operating in "promiscuous" mode which allows it to perform packet sniffing.


Snort 1.6, when running in straight ASCII packe

attackers | straight | selected | service | decoded | logging | running | allows | denial | remote | packet | cause | Snort | ASCII | mode | IDS |

Snort 1.6, when running in straight ASCII packet logging mode or IDS mode with straight decoded ASCII packet logging selected, allows remote attackers to cause a denial of service (crash) by sending non-IP protocols that Snort does not know about, as demonstrated by an nmap protocol scan.


The "Configure Your Server" tool in Microsoft 2

"Configure | Microsoft | Server" | Your | tool |

The "Configure Your Server" tool in Microsoft 2000 domain controllers installs a blank password for the Directory Service Restore Mode, which allows attackers with physical access to the controller to install malicious programs, aka the "Directory Service Restore Mode Password" vulnerability.


The uipc system calls (uipc_syscalls.c) in Open

system | calls | uipc |

The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of versus rval kernel mode values to the fdrelease function, which allows local users to cause a denial of service and trigger a null dereference.


Safe Mode feature (safe_mode) in PHP 3.0 throug

feature | Mode | Safe |

Safe Mode feature (safe_mode) in PHP 3.0 through 4.1.0 allows attackers with access to the MySQL database to bypass Safe Mode access restrictions and read arbitrary files using "LOAD DATA INFILE LOCAL" SQL statements.


Vulnerability in Interchange 4.8.6, 4.8.3, and

Vulnerability | Interchange |

Vulnerability in Interchange 4.8.6, 4.8.3, and other versions, when running in INET mode, allows remote attackers to read arbitrary files.


ifconfig, when used on the Linux kernel 2.2 and

PACKET_MR_PROMISC | demonstrated | promiscuous | attackers | detection | interface | ifconfig | libpcap | network | without | report | kernel | which | allow | could | Linux | later | using | sniff | does | mode | used | put | not |

ifconfig, when used on the Linux kernel 2.2 and later, does not report when the network interface is in promiscuous mode if it was put in promiscuous mode using PACKET_MR_PROMISC, which could allow attackers to sniff the network without detection, as demonstrated using libpcap.


The php_check_safe_mode_include_dir function in

php_check_safe_mode_include_dir | fopen_wrappersc | function | success | returns | value | PHP | 43x |

The php_check_safe_mode_include_dir function in fopen_wrappers.c of PHP 4.3.x returns a success value (0) when the safe_mode_include_dir variable is not specified in configuration, which differs from the previous failure value and may allow remote attackers to exploit file include vulnerabilities in PHP applications.


newsscript.pl for NewsScript allows remote atta

newsscriptpl | privileges | NewsScript | parameter | attachers | setting | allows | remote | admin | gain | mode |

newsscript.pl for NewsScript allows remote attachers to gain privileges by setting the mode parameter to admin.


Buffer overflow in Yahoo! Messenger allows remo

Messenger | attackers | arbitrary | overflow | execute | offline | Buffer | allows | remote | Yahoo | mode | code | via |

Buffer overflow in Yahoo! Messenger allows remote attackers to execute arbitrary code via the offline mode.


Multiple SQL injection vulnerabilities in myBlo

vulnerabilities | myBloggie | injection | Multiple | SQL |

Multiple SQL injection vulnerabilities in myBloggie 2.1.1 allow remote attackers to execute arbitrary SQL commands via (1) the keyword parameter in search.php; or (2) the date_no parameter in viewdate mode, (3) the cat_id parameter in viewcat mode, the (4) month_no or (5) year parameter in viewmonth mode, or (6) post_id parameter in viewid mode to index.php. NOTE: item (1) was discovered to affect 2.1.3 as well.


Multiple SQL injection vulnerabilities in Quali

vulnerabilities | Qualiteam | injection | Multiple | X-Cart | SQL |

Multiple SQL injection vulnerabilities in Qualiteam X-Cart 4.0.8 allow remote attackers to execute arbitrary SQL commands via the (1) cat or (2) printable parameter to home.php, (3) productid or (4) mode parameter to product.php, (5) id parameter to error_message.php, (6) section parameter to help.php, (7) mode parameter to orders.php, (8) mode parameter to register.php, (9) mode parameter to search.php, or the (10) gcid or (11) gcindex parameter to giftcert.php.


Multiple cross-site scripting (XSS) vulnerabili

cross-site | scripting | Multiple |

Multiple cross-site scripting (XSS) vulnerabilities in Qualiteam X-Cart 4.0.8 allow remote attackers to inject arbitrary web script or HTML via the (1) cat or (2) printable parameter to home.php, (3) productid or (4) mode parameter to product.php, (5) id parameter to error_message.php, (6) section parameter to help.php, (7) mode parameter to orders.php, (8) mode parameter to register.php, (9) mode parameter to search.php, or the (10) gcid or (11) gcindex parameter to giftcert.php.


Network Appliance Data ONTAP 7.0 and earlier al

authentication | Initiators | Appliance | modified | Security | Network | earlier | client | bypass | allows | ONTAP | skips | iSCSI | Data | via |

Network Appliance Data ONTAP 7.0 and earlier allows iSCSI Initiators to bypass iSCSI authentication via a modified client that skips the Security (Start) mode, as required by the Login Negotiation protocol, and uses Operational mode without proving identity.


index.php in ezUpload Pro 2.2 and earlier allow

parameter | attackers | indexphp | ezUpload | include | earlier | allows | remote | files | mode | Pro | via |

index.php in ezUpload Pro 2.2 and earlier allows remote attackers to include files via the mode parameter.


The error_log function in basic_functions.c in

basic_functionsc | error_log | function | before | PHP |

The error_log function in basic_functions.c in PHP before 4.4.4 and 5.x before 5.1.5 allows local users to bypass safe mode and open_basedir restrictions via a "php://" or other scheme in the third argument, which disables safe mode.


Kaspersky Anti-Hacker 1.8.180, when Stealth Mod

Anti-Hacker | Kaspersky |

Kaspersky Anti-Hacker 1.8.180, when Stealth Mode is enabled, allows remote attackers to obtain responses to ICMP (1) timestamp and (2) netmask requests, which is inconsistent with the documented behavior of Stealth Mode.


Cross-site scripting (XSS) vulnerability in ind

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in index.php in HLStats 1.34 allows remote attackers to inject arbitrary web script or HTML via the (1) game parameter in players mode, the (2) weapon parameter in weaponinfo mode, the (3) st parameter in search mode, the (4) action parameter in actioninfo mode, and the (5) map parameter in mapinfo mode.


Unspecified vulnerability in ReactOS 0.3.1 has

vulnerability | Unspecified | ReactOS |

Unspecified vulnerability in ReactOS 0.3.1 has unknown impact and attack vectors, related to a fix for "dozens of win32k bugs and failures," in which the fix itself introduces a vulnerability, possibly related to user-mode and kernel-mode copy failures.


Stack-based buffer overflow in BitchX 1.1 Final

Stack-based | arbitrary | overflow | variable | execute | servers | related | command | p_mode | BitchX | string | buffer | remote | allows | Final | MODE | code | long | IRC | via |

Stack-based buffer overflow in BitchX 1.1 Final allows remote IRC servers to execute arbitrary code via a long string in a MODE command, related to the p_mode variable.


Software vulnerabilities results 1 to 20 of 235     
Page: 12345...12