mtp target software vulnerabilities
vulnerabilities.aspcode.net
Searching mtp target software vulnerabilities
The ffingerd 1.19 allows remote attackers to id
ffingerd
|
The ffingerd 1.19 allows remote attackers to identify users on the target system based on its responses.
ZIP drive for Iomega ZIP-100 disks allows attac
protection
|
replacing
|
attackers
|
inserting
|
manually
|
physical
|
password
|
ZIP-100
|
waiting
|
target
|
Iomega
|
allows
|
access
|
bypass
|
drive
|
power
|
disks
|
known
|
using
|
disk
|
down
|
ZIP
|
ZIP drive for Iomega ZIP-100 disks allows attackers with physical access to the drive to bypass password protection by inserting a known disk with a known password, waiting for the ZIP drive to power down, manually replacing the known disk with the target disk, and using the known password to access the target disk.
TCP/IP implementation in Microsoft Windows 95,
implementation
|
connections
|
Microsoft
|
attackers
|
possibly
|
forcing
|
Windows
|
remote
|
others
|
TCP/IP
|
allows
|
reset
|
TCP/IP implementation in Microsoft Windows 95, Windows NT 4.0, and possibly others, allows remote attackers to reset connections by forcing a reset (RST) via a PSH ACK or other means, obtaining the target's last sequence number from the resulting packet, then spoofing a reset to the target.
The presence of the Distributed GL Daemon (dgld
Distributed
|
presence
|
Daemon
|
The presence of the Distributed GL Daemon (dgld) service on port 5232 on SGI IRIX systems allows remote attackers to identify the target host as an SGI system.
Transsoft Broker 5.9.5.0 allows remote attacker
Transsoft
|
Broker
|
Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file.
RLPDaemon in HP-UX 10.20 and 11.0 allows local
RLPDaemon
|
HP-UX
|
RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privileges by specifying the target file in the -L option.
The SSH-1 protocol allows remote servers conduc
man-in-the-middle
|
corresponding
|
compromised
|
masquerade
|
challenge
|
target's
|
response
|
creating
|
protocol
|
attacker
|
Session
|
private
|
matches
|
compute
|
conduct
|
attacks
|
servers
|
replay
|
weaker
|
remote
|
allows
|
target
|
client
|
public
|
server
|
SSH-1
|
which
|
than
|
pair
|
uses
|
key
|
but
|
use
|
The SSH-1 protocol allows remote servers conduct man-in-the-middle attacks and replay a client challenge response to a target server by creating a Session ID that matches the Session ID of the target, but which uses a public key pair that is weaker than the target's public key, which allows the attacker to compute the corresponding private key and use the target's Session ID with the compromised key pair to masquerade as the target.
network_query.php in Network Query Tool 1.0 all
network_queryphp
|
metacharacters
|
arbitrary
|
attackers
|
parameter
|
commands
|
execute
|
Network
|
remote
|
target
|
allows
|
Query
|
shell
|
Tool
|
via
|
network_query.php in Network Query Tool 1.0 allows remote attackers execute arbitrary commands via shell metacharacters in the target parameter.
comment2.jse in ScriptEase:WebServer allows rem
comment2jse
|
comment2.jse in ScriptEase:WebServer allows remote attackers to read arbitrary files by specifying the target file as an argument in the URL.
NTFS file system in Windows NT 4.0 and Windows
Windows
|
system
|
NTFS
|
file
|
NTFS file system in Windows NT 4.0 and Windows 2000 SP2 allows local attackers to hide file usage activities via a hard link to the target file, which causes the link to be recorded in the audit trail instead of the target file.
CGIscript.net csMailto.cgi program allows remot
form-attachment
|
CGIscriptnet
|
csMailtocgi
|
specifying
|
arbitrary
|
attackers
|
filename
|
program
|
target
|
allows
|
remote
|
field
|
files
|
read
|
CGIscript.net csMailto.cgi program allows remote attackers to read arbitrary files by specifying the target filename in the form-attachment field.
browse.asp in Hosting Controller allows remote
directories
|
Controller
|
specifying
|
parameter
|
arbitrary
|
attackers
|
browseasp
|
pathname
|
FilePath
|
Hosting
|
target
|
allows
|
remote
|
view
|
browse.asp in Hosting Controller allows remote attackers to view arbitrary directories by specifying the target pathname in the FilePath parameter.
The Internet Group Management Protocol (IGMP) a
Management
|
Protocol
|
Internet
|
Group
|
The Internet Group Management Protocol (IGMP) allows local users to cause a denial of service via an IGMP membership report to a target's Ethernet address instead of the Multicast group address, which causes the target to stop sending reports to the router and effectively disconnect the group from the network.
Postfix 1.1.11 and earlier allows remote attack
Postfix
|
Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes Postfix to attempt to use SMTP to communicate with the target on the associated port.
Internet Explorer 5.01, 5.5, and 6 does not pro
Explorer
|
Internet
|
Internet Explorer 5.01, 5.5, and 6 does not properly cache SSL content, which allows remote attackers to obtain information or spoof content via a web site with the same host name as the target web site, whose content is cached and reused when the user visits the target web site.
Integer signedness error in certain older versi
Mtp-Target
|
signedness
|
versions
|
library
|
Integer
|
certain
|
error
|
older
|
used
|
NeL
|
Integer signedness error in certain older versions of the NeL library, as used in Mtp-Target 1.2.2 and earlier, and possibly other products, allows remote attackers to cause a denial of service (memory consumption or server crash) via a negative value in a STLport call, which is not caught by a signed comparison.
login.php in PCXP/TOPPE CMS allows remote attac
authentication
|
privileges
|
PCXP/TOPPE
|
attackers
|
modifying
|
loginphp
|
userid
|
cookie
|
target
|
allows
|
bypass
|
remote
|
match
|
gain
|
CMS
|
login.php in PCXP/TOPPE CMS allows remote attackers to bypass authentication and gain privileges by modifying the cookie to match the target userid.
SQL injection vulnerability in index.php in Boo
vulnerability
|
Barracuda
|
arbitrary
|
injection
|
attackers
|
commands
|
indexphp
|
execute
|
earlier
|
BoonEx
|
remote
|
allows
|
via
|
SQL
|
SQL injection vulnerability in index.php in BoonEx Barracuda 1.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) link_dir_target and (2) link_id_target parameter, possibly involving the link_edit functionality.
Multiple PHP remote file inclusion vulnerabilit
vulnerabilities
|
phpMyWebmin
|
inclusion
|
attackers
|
arbitrary
|
Multiple
|
execute
|
Muheim
|
remote
|
Joshua
|
allow
|
code
|
file
|
URL
|
via
|
PHP
|
Multiple PHP remote file inclusion vulnerabilities in Joshua Muheim phpMyWebmin 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) target and (2) action parameters in window.php, and possibly the (3) target parameter in home.php.
index.php for TorrentFlux 2.2 allows remote att
TorrentFlux
|
specifying
|
attackers
|
parameter
|
filename
|
indexphp
|
delfile
|
target
|
remote
|
allows
|
delete
|
files
|
index.php for TorrentFlux 2.2 allows remote attackers to delete files by specifying the target filename in the delfile parameter.
Software vulnerabilities results 1 to 20 of 147
Page:
1
2
3
4
5
...
8
►