Searching more software vulnerabilities

A buffer overflow in TenFour TFS Gateway SMTP m

arbitrary | offering | possibly | overflow | attacker | execute | TenFour | Gateway | allows | buffer | server | crash | code | more | mail | SMTP | than | TFS |

A buffer overflow in TenFour TFS Gateway SMTP mail server 3.2 allows an attacker to crash the mail server and possibly execute arbitrary code by offering more than 128 bytes in a MAIL FROM string.


ZoneAlarm sends sensitive system and network in

information | cleartext | sensitive | ZoneAlarm | requests | network | server | system | sends | event | more | Zone | Labs | user |

ZoneAlarm sends sensitive system and network information in cleartext to the Zone Labs server if a user requests more information about an event.


Marconi ASX-1000 ASX switches allow remote atta

attributes | interfaces | management | attackers | malformed | Fragments | ASX-1000 | switches | service | Marconi | SYN-FIN | packet | remote | denial | telnet | allow | cause | More | ASX | set | via | web |

Marconi ASX-1000 ASX switches allow remote attackers to cause a denial of service in the telnet and web management interfaces via a malformed packet with the SYN-FIN and More Fragments attributes set.


Samba before 2.2.0 allows local attackers to ov

before | Samba |

Samba before 2.2.0 allows local attackers to overwrite arbitrary files via a symlink attack using (1) a printer queue query, (2) the more command in smbclient, or (3) the mput command in smbclient.


Netscape Collabra Server 3.5.4 and earlier allo

Collabra | Netscape | Server |

Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service by sending seven or more characters to TCP port 5239.


iptables before 1.2.4 does not accurately conve

iptables | before |

iptables before 1.2.4 does not accurately convert rate limits that are specified on the command line, which could allow attackers or users to generate more or less traffic than intended by the administrator.


WorkforceROI Xpede 4.1 allows remote attackers

datasourceasp | WorkforceROI | attackers | guessing | username | attacker | password | database | conduct | attacks | request | easily | remote | obtain | allows | force | brute | which | Xpede | leaks | more | form | via |

WorkforceROI Xpede 4.1 allows remote attackers to obtain the database username via a request to datasource.asp, which leaks the username in a form and allows the attacker to more easily conduct brute force password guessing attacks.


The library feature for Adobe Content Server 3.

available | accessing | attacker | bookbag" | exceeded | library | feature | reports | maximum | Content | number | allows | remote | Server | copies | Adobe | check | loans | eBook | more | even | "Add | out |

The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook even when the maximum number of loans is exceeded by accessing the "Add to bookbag" feature when the server reports that no more copies are available.


Unknown vulnerability in the login program on A

vulnerability | program | specify | Unknown | remote | before | login | users | could | allow | AIX |

Unknown vulnerability in the login program on AIX before 4.0 could allow remote users to specify 100 or more environment variables when logging on, which exceeds the length of a certain string, possibly triggering a buffer overflow.


KvPoll 1.1 allows remote authenticated users to

clear_cookiesphp | "already_voted" | authenticated | including | various | setting | methods | allows | cookie | KvPoll | direct | remote | users | call | more | vote | once | than |

KvPoll 1.1 allows remote authenticated users to vote more than once by setting the "already_voted" cookie by various methods, including a direct call to clear_cookies.php.


Integer overflow in the NTP daemon (NTPd) befor

overflow | Integer | daemon | NTP |

Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's time.


Race condition in SuSE Linux 8.1 through 9.2, w

unauthorized | condition | "foreign | through | systems | memory | pages" | allow | could | local | Linux | users | read | have | SuSE | Race | than | more | 4GB | SMP | run |

Race condition in SuSE Linux 8.1 through 9.2, when run on SMP systems that have more than 4GB of memory, could allow local users to read unauthorized memory from "foreign memory pages."


mod_python (libapache2-mod-python) 3.1.4 and ea

mod_python |

mod_python (libapache2-mod-python) 3.1.4 and earlier does not properly handle when output filters process more than 16384 bytes, which can cause filter.read to return portions of previously freed memory.


phpMyAdmin 2.6.1 does not properly grant permis

phpMyAdmin |

phpMyAdmin 2.6.1 does not properly grant permissions on tables with an underscore in the name, which grants remote authenticated users more privileges than intended.


Buffer overflow in discdb.c for grip 3.1.2 allo

overflow | discdbc | Buffer | grip |

Buffer overflow in discdb.c for grip 3.1.2 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing the cddb lookup to return more matches than expected.


PROMS 0.11 does not properly handle "certain co

PROMS |

PROMS 0.11 does not properly handle "certain combinations of rights," which gives more rights to users than intended.


Memory leak in Windows Management Instrumentati

Instrumentation | Management | Windows | Memory | leak |

Memory leak in Windows Management Instrumentation (WMI) service allows attackers to cause a denial of service (memory consumption and crash) by creating security contexts more quickly than they can be cleared from the RPC cache.


Buffer overflow in the mms_interp_header functi

mms_interp_header | function | overflow | Ripper | before | Buffer | mmsc | MMS |

Buffer overflow in the mms_interp_header function in mms.c in MMS Ripper before 0.6.4 might allow remote attackers to execute arbitrary code via a file with more than 20 streams.


The default configuration on OpenSSL before 0.9

configuration | OpenSSL | default | before |

The default configuration on OpenSSL before 0.9.8 uses MD5 for creating message digests instead of a more cryptorgaphically strong algorithm, which makes it easier for remote attackers to forge certificates with a valid certificate authority signature.


OpenBSD 3.8, 3.9, and possibly earlier versions

context-dependent | attackers | versions | possibly | OpenBSD | earlier | service | denial | allows | cause |

OpenBSD 3.8, 3.9, and possibly earlier versions allows context-dependent attackers to cause a denial of service (kernel panic) by allocating more semaphores than the default.


Software vulnerabilities results 1 to 20 of 112     
Page: 123456