Searching options software vulnerabilities

ypbind with -ypset and -ypsetme options activat

Slackware | activated | attackers | overwrite | -ypsetme | options | allows | ypbind | remote | -ypset | files | Linux | SunOS | local | via |

ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. (dot dot) attack.


Multiple buffer overflows in ISC DHCP Distribut

Distribution | overflows | Multiple | server | buffer | DHCP | ISC |

Multiple buffer overflows in ISC DHCP Distribution server (dhcpd) 1.0 and 2.0 allow a remote attacker to cause a denial of service (crash) and possibly execute arbitrary commands via long options.


The on-line help system options in Cisco router

non-privileged | information | sensitive | "enabled" | without | routers | command | options | on-line | access | obtain | system | allows | Cisco | users | show | help | via |

The on-line help system options in Cisco routers allows non-privileged users without "enabled" access to obtain sensitive information via the show command.


Buffer overflows in pgxconfig in the Raptor GFX

configuration | privileges | pgxconfig | overflows | command | options | Buffer | Raptor | users | allow | local | tool | line | gain | GFX | via |

Buffer overflows in pgxconfig in the Raptor GFX configuration tool allow local users to gain privileges via command line options.


The BAIR program does not properly restrict acc

modifying | properly | restrict | Internet | registry | Explorer | options | program | obtain | allows | starts | access | users | local | which | BAIR | does | menu | not | key |

The BAIR program does not properly restrict access to the Internet Explorer Internet options menu, which allows local users to obtain access to the menu by modifying the registry key that starts BAIR.


load_prefs.php and supporting include files in

load_prefsphp | SquirrelMail | supporting | include | files |

load_prefs.php and supporting include files in SquirrelMail 1.0.4 and earlier do not properly initialize certain PHP variables, which allows remote attackers to (1) view sensitive files via the config_php and data_dir options, and (2) execute arbitrary code by using options_order.php to upload a message that could be interpreted as PHP.


mandb in the man-db package before 2.3.16-3 all

overwrite | arbitrary | command | options | package | allows | before | man-db | 2316-3 | files | local | mandb | users | line | via |

mandb in the man-db package before 2.3.16-3 allows local users to overwrite arbitrary files via the command line options (1) -u or (2) -c, which do not drop privileges and follow symlinks.


Buffer overflow in the LDAP naming services lib

overflow | services | library | Buffer | naming | LDAP |

Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that uses libsldap.


PHP, when installed with Apache and configured

configured | resulting | attackers | installed | pathname | indexphp | reveals | message | OPTIONS | default | method | server | obtain | Apache | search | allows | remote | which | error | HTTP | full | page | PHP | web | via |

PHP, when installed with Apache and configured to search for index.php as a default web page, allows remote attackers to obtain the full pathname of the server via the HTTP OPTIONS method, which reveals the pathname in the resulting error message.


Watchguard SOHO firewall before 5.0.35 allows r

Watchguard | firewall | before | SOHO |

Watchguard SOHO firewall before 5.0.35 allows remote attackers to cause a denial of service (crash and reboot) when SOHO forwards a packet with bad IP options.


Snapgear Lite+ firewall 1.5.3 and 1.5.4 allows

firewall | Snapgear | Lite+ |

Snapgear Lite+ firewall 1.5.3 and 1.5.4 allows remote attackers to cause a denial of service (crash) via a large number of packets with malformed IP options.


Cross-site scripting vulnerability in Mailman b

vulnerability | Cross-site | scripting | Mailman | before |

Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature.


Open Bulletin Board (OpenBB) 1.0.0 RC3 allows r

Bulletin | Board | Open |

Open Bulletin Board (OpenBB) 1.0.0 RC3 allows remote attackers to bypass authentication and access modifier options via a direct request to moderator.php with the action and ismod parameters.


Multiple buffer overflows in Options Parsing To

overflows | Multiple | Parsing | Options | buffer | Tool |

Multiple buffer overflows in Options Parsing Tool (OPT) shared library 3.18 and earlier, when used in setuid programs, may allow local users to execute arbitrary code via long command line options that are fed into macros such as opt_warn_2, as used in functions such as opt_atoi.


Mbedthis AppWeb HTTP server before 1.0.2 allows

Mbedthis | server | before | AppWeb | HTTP |

Mbedthis AppWeb HTTP server before 1.0.2 allows remote attackers to cause a denial of service (crash) via an empty OPTIONS request.


The DecodeTCPOptions function in decode.c in Sn

DecodeTCPOptions | function | decodec | before | Snort |

The DecodeTCPOptions function in decode.c in Snort before 2.3.0, when printing TCP/IP options using FAST output or verbose mode, allows remote attackers to cause a denial of service (crash) via packets with invalid TCP/IP options, which trigger a null dereference.


Multiple directory traversal vulnerabilities in

vulnerabilities | overwrite | arbitrary | attackers | traversal | directory | Multiple | before | files | allow | YaMT | 05_2 | via |

Multiple directory traversal vulnerabilities in YaMT before 0.5_2 allow attackers to overwrite arbitrary files via the (1) rename or (2) sort options.


Multiple buffer overflows in YaMT before 0.5_2

attackers | arbitrary | overflows | Multiple | execute | buffer | before | allow | code | YaMT | 05_2 | via |

Multiple buffer overflows in YaMT before 0.5_2 allow attackers to execute arbitrary code via the (1) rename or (2) sort options.


eStara SIP softphone allows remote attackers to

softphone | attackers | service | denial | remote | eStara | allows | cause | SIP |

eStara SIP softphone allows remote attackers to cause a denial of service (crash) via a SIP OPTIONS request with a negative Expires field.


Multiple PHP remote file inclusion vulnerabilit

vulnerabilities | inclusion | Multiple | Services | remote | file | PHP | PMB |

Multiple PHP remote file inclusion vulnerabilities in PMB Services 3.0.13 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) class_path parameter to (a) includes/resa_func.inc.php (b) admin/notices/perso.inc.php, or (c) admin/quotas/main.inc.php; the (2) base_path parameter to (d) opac_css/rec_panier.php or (e) opac_css/includes/author_see.inc.php; or the (3) include_path parameter to (f) bull_info.inc.php or (g) misc.inc.php in includes/; (h) options_date_box.php, (i) options_file_box.php, (j) options_list.php, (k) options_query_list.php, or (l) options_text.php in includes/options/; (m) options.php, (n) options_comment.php, (o) options_date_box.php, (p) options_list.php, (q) options_query_list.php, or (r) options_text.php in includes/options_empr/; or (s) admin/import/iimport_expl.php, (t) admin/netbase/clean.php, (u) admin/param/param_func.inc.php, (v) admin/sauvegarde/lieux.inc.php, (w) autorites.php, (x) account.php, (y) cart.php, or (z) edit.php.


Software vulnerabilities results 1 to 20 of 96     
Page: 12345