numbers software vulnerabilities
vulnerabilities.aspcode.net
Searching numbers software vulnerabilities
A network intrusion detection system (IDS) does
detection
|
intrusion
|
network
|
system
|
A network intrusion detection system (IDS) does not properly handle packets with improper sequence numbers.
ORBit and esound in Red Hat Linux 6.1 do not us
authentication
|
sufficiently
|
numbers
|
allows
|
random
|
esound
|
local
|
users
|
ORBit
|
guess
|
which
|
Linux
|
keys
|
not
|
use
|
Hat
|
Red
|
ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys.
FreeBSD 4.1.1 and earlier, and possibly other B
FreeBSD
|
FreeBSD 4.1.1 and earlier, and possibly other BSD-based OSes, uses an insufficient random number generator to generate initial TCP sequence numbers (ISN), which allows remote attackers to spoof TCP connections.
Microsys CyberPatrol uses weak encryption (triv
CyberPatrol
|
encryption
|
Microsys
|
weak
|
uses
|
Microsys CyberPatrol uses weak encryption (trivial encoding) for credit card numbers and uses no encryption for the remainder of the information during registration, which could allow attackers to sniff network traffic and obtain this sensitive information.
WinCE 3.0.9348 generates predictable TCP Initia
WinCE
|
WinCE 3.0.9348 generates predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.
Cisco AP340 base station produces predictable T
predictable
|
produces
|
Sequence
|
Initial
|
Numbers
|
station
|
Cisco
|
AP340
|
base
|
TCP
|
Cisco AP340 base station produces predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.
SonicWALL SOHO uses easily predictable TCP sequ
predictable
|
attackers
|
SonicWALL
|
sequence
|
sessions
|
numbers
|
allows
|
remote
|
hijack
|
easily
|
spoof
|
which
|
SOHO
|
uses
|
TCP
|
SonicWALL SOHO uses easily predictable TCP sequence numbers, which allows remote attackers to spoof or hijack sessions.
AmTote International homebet program stores the
International
|
homebetlog
|
directory
|
attackers
|
homebet/
|
virtual
|
account
|
numbers
|
program
|
homebet
|
remote
|
AmTote
|
stores
|
allows
|
steal
|
which
|
file
|
PIN
|
AmTote International homebet program stores the homebet.log file in the homebet/ virtual directory, which allows remote attackers to steal account and PIN numbers.
Multiple signedness errors (mixed signed and un
signedness
|
Multiple
|
errors
|
Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server.
MetaCart2.sql stores the user database under th
MetaCart2sql
|
information
|
metacartmdb
|
passwords
|
attackers
|
sensitive
|
controls
|
document
|
database
|
request
|
numbers
|
without
|
obtain
|
direct
|
credit
|
stores
|
access
|
remote
|
allows
|
under
|
which
|
user
|
root
|
such
|
card
|
web
|
via
|
MetaCart2.sql stores the user database under the web document root without access controls, which allows remote attackers to obtain sensitive information such as passwords and credit card numbers via a direct request for metacart.mdb.
Integer overflow in the TCP stream reassembly m
reassembly
|
overflow
|
Integer
|
stream
|
module
|
TCP
|
Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.
saned in sane-backends 1.0.7 and earlier does n
sane-backends
|
saned
|
saned in sane-backends 1.0.7 and earlier does not properly "check the validity of the RPC numbers it gets before getting the parameters," with unknown consequences.
Perl 5.8.1 on Fedora Core does not properly ini
Perl
|
Perl 5.8.1 on Fedora Core does not properly initialize the random number generator when forking, which makes it easier for attackers to predict random numbers.
Thomson SpeedTouch 510 ADSL Router with firmwar
SpeedTouch
|
Thomson
|
Thomson SpeedTouch 510 ADSL Router with firmware GV8BAA3.270, and possibly earlier versions, generates predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.
Unknown vulnerability in Sun StorEdge 6130 Arra
vulnerability
|
StorEdge
|
Unknown
|
Sun
|
Unknown vulnerability in Sun StorEdge 6130 Arrays (SE6130) with serial numbers between 0451AWF00G and 0513AWF00J allows local users and remote attackers to delete data.
The iTAN Online-Banking Security System allows
man-in-the-middle
|
Online-Banking
|
attackers
|
Security
|
numbers
|
obtain
|
System
|
allows
|
remote
|
iTAN
|
via
|
TAN
|
The iTAN Online-Banking Security System allows remote attackers to obtain TAN numbers via a man-in-the-middle (MITM) attack while the transaction is taking place, which facilitates a "phishing" attack.
Unspecified vulnerability in the ONC RPC dissec
vulnerability
|
Unspecified
|
dissector
|
Ethereal
|
ONC
|
RPC
|
Unspecified vulnerability in the ONC RPC dissector in Ethereal 0.10.3 to 0.10.12, when the "Dissect unknown RPC program numbers" option is enabled, allows remote attackers to cause a denial of service (memory consumption).
The cryptographic module in ScatterChat 1.0.x a
cryptographic
|
identifying
|
ScatterChat
|
collisions
|
encryption
|
attackers
|
mechanism
|
messages
|
birthday
|
patterns
|
identify
|
padding
|
numbers
|
custom
|
module
|
attack
|
allows
|
large
|
using
|
mode
|
10x
|
ECB
|
The cryptographic module in ScatterChat 1.0.x allows attackers to identify patterns in large numbers of messages by identifying collisions using a birthday attack on the custom padding mechanism for ECB mode encryption.
Panda Platinum Internet Security 2006 10.02.01
Internet
|
Security
|
Platinum
|
Panda
|
Panda Platinum Internet Security 2006 10.02.01 and 2007 11.00.00 uses sequential message numbers in generated URLs that are not filtered if the user replies to a message, which might allow remote attackers to determine mail usage patterns.
viewcart in Midicart accepts negative numbers i
negative
|
Midicart
|
viewcart
|
numbers
|
accepts
|
Qty
|
viewcart in Midicart accepts negative numbers in the Qty (quantity) field, which allows remote attackers to obtain a smaller total price for a shopping cart.
Software vulnerabilities results 1 to 20 of 52
Page:
1
2
3
►