Searching obtaining software vulnerabilities

Excite for Web Servers (EWS) 1.1 allows local u

Servers | Excite | Web |

Excite for Web Servers (EWS) 1.1 allows local users to gain privileges by obtaining the encrypted password from the world-readable Architext.conf authentication file and replaying the encrypted password in an HTTP request to AT-generated.cgi or AT-admin.cgi.


pgp4pine Pine/PGP interface version 1.75-6 does

interface | obtaining | properly | Pine/PGP | pgp4pine | Privacy | expired | version | public | Guard | check | 175-6 | does | keys | Gnu | via | see | not | has | key |

pgp4pine Pine/PGP interface version 1.75-6 does not properly check to see if a public key has expired when obtaining the keys via Gnu Privacy Guard (GnuPG), which causes the message to be sent in cleartext.


CITRIX Metaframe 1.8 logs the Client Address (I

Metaframe | Address | Client | CITRIX | logs |

CITRIX Metaframe 1.8 logs the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through Network Address Translation (NAT).


An installer program for Oracle9iAS Web Cache 2

configuration | permissions | executable | privileges | Oracle9iAS | installer | insecure | program | creates | allows | local | users | which | Cache | files | gain | 200x | Web |

An installer program for Oracle9iAS Web Cache 2.0.0.x creates executable and configuration files with insecure permissions, which allows local users to gain privileges by (1) running webcached or (2) obtaining the administrator password from webcache.xml.


Cisco ONS15454 and ONS15327 running ONS before

privileges | cleartext | passwords | usernames | obtaining | attackers | database | ONS15327 | ONS15454 | running | stores | backup | before | could | allow | which | image | Cisco | gain | TCC+ | ONS | TCC | XTC |

Cisco ONS15454 and ONS15327 running ONS before 3.4 stores usernames and passwords in cleartext in the image database for the TCC, TCC+ or XTC, which could allow attackers to gain privileges by obtaining the passwords from the image database or a backup.


X-News (x_news) 1.1 and earlier allows attacker

X-News |

X-News (x_news) 1.1 and earlier allows attackers to authenticate as other users by obtaining the MD5 checksum of the password, e.g. via sniffing or the users.txt data file, and providing it in a cookie.


Sendmail 8.9.0 through 8.12.3 allows local user

Sendmail |

Sendmail 8.9.0 through 8.12.3 allows local users to cause a denial of service by obtaining an exclusive lock on the (1) alias, (2) map, (3) statistics, and (4) pid files.


tcptraceroute 1.4 and earlier does not fully dr

vulnerability | tcptraceroute | descriptor | privileges | obtaining | capturing | separate | earlier | packets | access | users | allow | local | which | fully | after | gain | file | does | drop | via | not | may |

tcptraceroute 1.4 and earlier does not fully drop privileges after obtaining a file descriptor for capturing packets, which may allow local users to gain access to the descriptor via a separate vulnerability in tcptraceroute.


Snitz Forums 3.4.03 and earlier allows attacker

Forums | Snitz |

Snitz Forums 3.4.03 and earlier allows attackers to gain privileges as other users by stealing and replaying the encrypted password after obtaining a valid session ID.


Home Ftp Server 1.0.7 stores sensitive user inf

Server | Home | Ftp |

Home Ftp Server 1.0.7 stores sensitive user information and server information in the same directory as the user's home directory, which allows remote authenticated users to obtain sensitive information by obtaining ftpmembers.lst and ftpsettings.lst.


admin_news.php in Archilles Newsworld up to 1.3

admin_newsphp | Newsworld | Archilles |

admin_news.php in Archilles Newsworld up to 1.3.0 allows attackers to bypass authentication by obtaining the password hash for another user, for example through another Newsworld vulnerability, and specifying the hash in the pwd argument.


Text Rider 2.4 allows attackers to bypass authe

authentication | attackers | providing | obtaining | password | without | upload | allows | bypass | valid | Rider | files | hash | Text | MD5 |

Text Rider 2.4 allows attackers to bypass authentication and upload files without providing a valid password by obtaining the MD5 hash of the password (possibly via another vulnerability that reads it from a data file), then including the hash in a cookie.


Invision Power Board 2.1.4 allows remote attack

Invision | Board | Power |

Invision Power Board 2.1.4 allows remote attackers to hijack sessions and possibly gain administrative privileges by obtaining the session ID from the s parameter, then replaying it in another request.


Keychain in Apple Mac OS X 10.3.9 and 10.4.6 mi

Keychain | Apple | Mac |

Keychain in Apple Mac OS X 10.3.9 and 10.4.6 might allow an application to bypass a locked Keychain by first obtaining a reference to the Keychain when it is unlocked, then reusing that reference after the Keychain has been locked.


Secure Elements Class 5 AVR server (aka C5 EVM)

Elements | server | Secure | Class | AVR |

Secure Elements Class 5 AVR server (aka C5 EVM) before 2.8.1 does not validate the peer certificate when obtaining an update, which could allow remote attackers to distribute malicious updates to clients.


setcookie.php for the administration login in P

administration | administrator | Professional | setcookiephp | Guestbook | attackers | obtaining | guessing | password | conduct | records | attacks | allows | cookie | brute | force | login | which | after | Tools | hash | Page | Home |

setcookie.php for the administration login in Professional Home Page Tools Guestbook records the hash of the administrator password in a cookie, which allows attackers to conduct brute force password guessing attacks after obtaining the hash.


Krusader 1.50-beta1 up to 1.70.0 stores passwor

150-beta1 | Krusader |

Krusader 1.50-beta1 up to 1.70.0 stores passwords for remote connections in cleartext in the bookmark file (krbookmarks.xml), which allows attackers to steal passwords by obtaining the file.


Unspecified vulnerability in the CoreServices d

vulnerability | CoreServices | Unspecified | CarbonCore | daemon | Apple | Mac |

Unspecified vulnerability in the CoreServices daemon in CarbonCore in Apple Mac OS X 10.4 through 10.4.9 allows local users to gain privileges via unspecified vectors involving "obtaining a send right to [the] Mach task port."


admin/index.php in Advanced Poll 2.0.0 through

admin/indexphp | Advanced | Poll |

admin/index.php in Advanced Poll 2.0.0 through 2.0.5-dev allows remote attackers to bypass authentication and gain administrator privileges by obtaining a valid session identifier and setting the uid parameter to 1.


Peercast places a cleartext password in a query

information | attackers | sensitive | obtaining | cleartext | password | Peercast | sniffing | history | network | browser | Referer | string | obtain | places | might | which | query | allow |

Peercast places a cleartext password in a query string, which might allow attackers to obtain sensitive information by sniffing the network, or obtaining Referer or browser history information.


Software vulnerabilities results 1 to 20 of 32     
Page: 12