open software vulnerabilities
vulnerabilities.aspcode.net
Searching open software vulnerabilities
A vulnerability in Caldera Open Administration
Administration
|
vulnerability
|
Caldera
|
System
|
Open
|
A vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable.
Buffer overflow in pppattach and other linked P
pppattach
|
utilities
|
UnixWare
|
overflow
|
Caldera
|
Buffer
|
linked
|
other
|
Unix
|
Open
|
PPP
|
Buffer overflow in pppattach and other linked PPP utilities in Caldera Open Unix 8.0 and UnixWare 7.1.0 and 7.1.1 allows local users to gain privileges.
Buffer overflow in xlock in UnixWare 7.1.0 and
UnixWare
|
overflow
|
Buffer
|
xlock
|
Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix 8.0.0 allows local users to execute arbitrary code.
Vulnerability in (1) inews or (2) rnews for INN
Vulnerability
|
Vulnerability in (1) inews or (2) rnews for INN 2.2.3 and earlier, related to insecure open() calls.
Venturi Client before 2.2, as used in certain F
protocols
|
including
|
Fourelle
|
Wireless
|
products
|
spammers
|
various
|
Venturi
|
certain
|
Client
|
abused
|
before
|
allows
|
which
|
relay
|
proxy
|
used
|
open
|
SMTP
|
can
|
Venturi Client before 2.2, as used in certain Fourelle and Venturi Wireless products, can be used as an open proxy for various protocols, including an open relay for SMTP, which allows it to be abused by spammers.
SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0
UnixWare
|
SCO
|
SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open to the user.
TsFtpSrv.exe in Broker FTP 6.1.0.0 allows remot
TsFtpSrvexe
|
Broker
|
FTP
|
TsFtpSrv.exe in Broker FTP 6.1.0.0 allows remote attackers to cause a denial of service (CPU consumption) via an open idle connection.
Mozilla allows remote attackers to cause Mozill
attackers
|
different
|
character
|
expected
|
Mozilla
|
allows
|
remote
|
cause
|
than
|
null
|
open
|
MIME
|
type
|
URI
|
via
|
Mozilla allows remote attackers to cause Mozilla to open a URI as a different MIME type than expected via a null character (%00) in an FTP URI.
Buffer overflow in Open Dc Hub 0.7.14 allows re
overflow
|
Buffer
|
Open
|
Hub
|
Buffer overflow in Open Dc Hub 0.7.14 allows remote attackers, with administrator privileges, to execute arbitrary code via a long RedirectAll command.
Buffer overflow in the bsb_open_header function
bsb_open_header
|
function
|
overflow
|
bsb2ppm
|
libbsb
|
Buffer
|
Buffer overflow in the bsb_open_header function in libbsb for bsb2ppm 0.0.6 allows remote attackers to execute arbitrary code via crafted BSB pictures.
The readmsg action in myhome.php in Open Bullet
myhomephp
|
Bulletin
|
readmsg
|
action
|
Board
|
Open
|
The readmsg action in myhome.php in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to read arbitrary messages by modifying the id parameter.
Open WebMail (OWM) before 2.51 20050430 allows
WebMail
|
Open
|
Open WebMail (OWM) before 2.51 Saturday, April 30, 2005 allows remote authenticated users to execute arbitrary commands via shell metacharacters in a filename.
Free SMTP Server 2.2 allows remote attackers to
attackers
|
allows
|
remote
|
Server
|
relay
|
open
|
mail
|
SMTP
|
Free
|
use
|
Free SMTP Server 2.2 allows remote attackers to use the server as an open mail relay (spam proxy).
The mq_open system call in Linux kernel 2.6.9,
mq_open
|
kernel
|
system
|
Linux
|
call
|
The mq_open system call in Linux kernel 2.6.9, in certain situations, can decrement a counter twice ("double decrement") as a result of multiple calls to the mntput function when the dentry_open function call fails, which allows local users to cause a denial of service (panic) via unspecified attack vectors.
AppServ Open Project 2.5.3 allows remote attack
Project
|
AppServ
|
Open
|
AppServ Open Project 2.5.3 allows remote attackers to cause a denial of service via a large HTTP request.
The open source version of Open-Xchange 0.8.2 a
Open-Xchange
|
version
|
source
|
open
|
The open source version of Open-Xchange 0.8.2 and earlier uses a static default username and password with a valid login shell in the initfile for the ldap-server, which allows remote attackers to access any server where the default has not been changed.
cPanel does not automatically synchronize the P
automatically
|
configuration
|
restrictions
|
open_basedir
|
directories
|
synchronize
|
directive
|
physical
|
virtual
|
between
|
bypass
|
access
|
cPanel
|
server
|
script
|
allow
|
other
|
local
|
might
|
hosts
|
share
|
which
|
uses
|
does
|
user
|
main
|
URL
|
PHP
|
not
|
via
|
cPanel does not automatically synchronize the PHP open_basedir configuration directive between the main server and virtual hosts that share physical directories, which might allow a local user to bypass open_basedir restrictions and access other virtual hosts via a PHP script that uses a main server URL (such as ~username) that is blocked by the user's own open_basedir directive, but not the main server's open_basedir directive.
The (1) file_exists and (2) imap_reopen functio
The (1) file_exists and (2) imap_reopen functions in PHP before 5.1.5 do not check for the safe_mode and open_basedir settings, which allows local users to bypass the settings. NOTE: the error_log function is covered by CVE-2006-3011, and the imap_open function is covered by CVE-2006-1017.
Buffer overflow in Open Movie Editor 0.0.200609
overflow
|
Editor
|
Buffer
|
Movie
|
Open
|
Buffer overflow in Open Movie Editor 0.0.Friday, September 01, 2006 allows local users to cause a denial of service (system crash) or execute arbitrary code via a long project name in an open_movie_editor_project XML tag.
XORP (eXtensible Open Router Platform) 1.2 and
XORP
|
XORP (eXtensible Open Router Platform) 1.2 and 1.3 allows remote attackers to cause a denial of service (application crash) via an Open Shortest Path First (OSPF) Link State Advertisement (LSA) with an invalid LSA length field.
Software vulnerabilities results 1 to 20 of 269
Page:
1
2
3
4
5
...
14
►