partition software vulnerabilities
vulnerabilities.aspcode.net
Searching partition software vulnerabilities
FTP server in Solaris 8 and earlier allows loca
world-readable
|
information
|
permissions
|
attackers
|
sensitive
|
directory
|
providing
|
passwords
|
partition
|
followed
|
possibly
|
password
|
username
|
shadowed
|
invalid
|
command
|
Solaris
|
earlier
|
release
|
server
|
remote
|
allows
|
could
|
which
|
local
|
valid
|
cause
|
disk
|
fill
|
such
|
root
|
dump
|
core
|
FTP
|
CWD
|
FTP server in Solaris 8 and earlier allows local and remote attackers to cause a core dump in the root directory, possibly with world-readable permissions, by providing a valid username with an invalid password followed by a CWD ~ command, which could release sensitive information such as shadowed passwords, or fill the disk partition.
Microsoft IIS 4.0 and before, when installed on
partition
|
installed
|
Microsoft
|
attacker
|
encoded
|
Unicode
|
obtain
|
source
|
allows
|
before
|
remote
|
files
|
code
|
URL
|
FAT
|
IIS
|
ASP
|
via
|
Microsoft IIS 4.0 and before, when installed on a FAT partition, allows a remote attacker to obtain source code of ASP files via a URL encoded with Unicode.
Partition Manager (parmgr) in HP-UX B.11.23 doe
Partition
|
Manager
|
Partition Manager (parmgr) in HP-UX B.11.23 does not properly validate certificates that are provided by the cimserver, which allows attackers to obtain sensitive data or gain privileges.
An error in the Toshiba ACPI BIOS 1.6 causes th
Toshiba
|
examine
|
causes
|
Master
|
Record
|
error
|
first
|
Boot
|
slot
|
ACPI
|
BIOS
|
only
|
An error in the Toshiba ACPI BIOS 1.6 causes the BIOS to only examine the first slot in the Master Boot Record (MBR) table for an active partition, which prevents the system from booting even though the MBR is not malformed. NOTE: it has been debated as to whether or not this issue poses a security vulnerability, since administrative privileges would be required, and other DoS attacks are possible with such privileges.
** DISPUTED ** Guidance Software EnCase does n
Software
|
properly
|
DISPUTED
|
Guidance
|
handle
|
EnCase
|
does
|
not
|
** DISPUTED ** Guidance Software EnCase does not properly handle (1) certain malformed MBR partition tables with many entries, which allows remote attackers to prevent logical collection of a disk image; (2) NTFS filesystems with directory loops, which allows remote attackers to prevent examination of certain directory contents; and (3) certain other malformed NTFS filesystems, which allows remote attackers to prevent examination of corrupted records. NOTE: the vendor disputes the significance of these issues, because physical collection can be used instead, because the vendor believes that relevant attackers typically do not corrupt an MBR or a filesystem, and because detection of a loop is valuable on its own.
Software vulnerabilities results 1 to 6 of 6
Page:
1