passwd check software vulnerabilities
vulnerabilities.aspcode.net
Searching passwd check software vulnerabilities
The permissions for a system-critical NIS+ tabl
system-critical
|
permissions
|
table
|
NIS+
|
The permissions for a system-critical NIS+ table (e.g. passwd) are inappropriate.
passwd in SunOS 4.1.x allows local users to ove
overwrite
|
arbitrary
|
argument
|
symlink
|
command
|
passwd
|
allows
|
attack
|
files
|
users
|
local
|
SunOS
|
line
|
41x
|
via
|
passwd in SunOS 4.1.x allows local users to overwrite arbitrary files via a symlink attack and the -F command line argument.
Buffer overflow in passwd in BSD based operatin
specifying
|
privileges
|
operating
|
overflow
|
systems
|
earlier
|
allows
|
Buffer
|
passwd
|
field
|
GECOS
|
shell
|
users
|
local
|
based
|
long
|
root
|
gain
|
BSD
|
Buffer overflow in passwd in BSD based operating systems 4.3 and earlier allows local users to gain root privileges by specifying a long shell or GECOS field.
read-passwd and other Lisp functions in Emacs 2
unencrypted
|
read-passwd
|
functions
|
passwords
|
properly
|
recently
|
attacker
|
history
|
allows
|
which
|
other
|
Emacs
|
clear
|
typed
|
Lisp
|
read
|
keys
|
not
|
read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords.
PassWD 1.2 uses weak encryption (trivial encodi
encryption
|
PassWD
|
weak
|
uses
|
PassWD 1.2 uses weak encryption (trivial encoding) to store passwords, which allows an attacker who can read the password file to easliy decrypt the passwords.
nidump on MacOS X before 10.3 allows local user
before
|
nidump
|
MacOS
|
nidump on MacOS X before 10.3 allows local users to read the encrypted passwords from the password file by specifying passwd as a command line argument.
Vulnerability in passwd for HP-UX 11.00 and 11.
Vulnerability
|
passwd
|
HP-UX
|
Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service.
Unknown vulnerability in passwd for VVOS HP-UX
vulnerability
|
Unknown
|
passwd
|
HP-UX
|
VVOS
|
Unknown vulnerability in passwd for VVOS HP-UX 11.04, with unknown impact, related to "Unexpected behavior."
Buffer overflow in passwd for HP UX B.10.20 all
environment
|
privileges
|
arbitrary
|
commands
|
overflow
|
variable
|
execute
|
allows
|
Buffer
|
passwd
|
B1020
|
users
|
local
|
LANG
|
root
|
long
|
via
|
Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable.
ldbm_back_exop_passwd in the back-ldbm backend
ldbm_back_exop_passwd
|
back-ldbm
|
OpenLDAP
|
passwdc
|
backend
|
ldbm_back_exop_passwd in the back-ldbm backend in passwd.c for OpenLDAP 2.1.12 and earlier, when the slap_passwd_parse function does not return LDAP_SUCCESS, attempts to free an uninitialized pointer, which allows remote attackers to cause a denial of service (segmentation fault).
Unknown vulnerability in passwd(1) in Solaris 8
vulnerability
|
Unknown
|
Unknown vulnerability in passwd(1) in Solaris 8.0 and 9.0 allows local users to gain privileges via unknown attack vectors.
Off-by-one error in passwd 0.68 and earlier, wh
Off-by-one
|
passwd
|
error
|
Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks.
passwd 0.68 does not check the return code for
passwd
|
passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent "safe and proper operation" of PAM.
Format string vulnerability in the my_xlog func
vulnerability
|
function
|
my_xlog
|
Server
|
Format
|
string
|
Proxy
|
libc
|
Oops
|
Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwd_mysql and passwd_pgsql modules, may allow attackers to execute arbitrary code via a URL.
settings.php in Reamday Enterprises Magic News
Enterprises
|
settingsphp
|
Reamday
|
Magic
|
Plus
|
News
|
settings.php in Reamday Enterprises Magic News Plus 1.0.3 allows remote attackers to change the administrator password via a change action that specifies identical values for the passwd and admin_password parameters, then declares the new password string in the new_passwd and confirm_passwd parameters.
Buffer overflow in Change passwd 3.1 (chpasswd)
overflow
|
passwd
|
Change
|
Buffer
|
Buffer overflow in Change passwd 3.1 (chpasswd) SquirrelMail plugin allows local users to execute arbitrary code via long command line arguments.
settings.php in Reamday Enterprises Magic Downl
Enterprises
|
settingsphp
|
Downloads
|
Reamday
|
Magic
|
settings.php in Reamday Enterprises Magic Downloads 1.1.3, when register_globals is enabled, allows remote attackers to modify program behavior, potentially bypassing authentication controls, via modified (1) action, (2) passwd, (3) admin_password, (4) new_passwd, and (5) confirm_passwd variables, which are not initialized.
profile.php in Reamday Enterprises Magic News L
Enterprises
|
profilephp
|
Reamday
|
Magic
|
Lite
|
News
|
profile.php in Reamday Enterprises Magic News Lite 1.2.3, when register_globals is enabled, allows remote attackers to modify program behavior, potentially bypassing authentication controls, via modified (1) action, (2) passwd, (3) admin_password, (4) new_passwd, and (5) confirm_passwd variables, which are not initialized.
passwd command in shadow in Ubuntu 5.04 through
command
|
Ubuntu
|
shadow
|
passwd
|
passwd command in shadow in Ubuntu 5.04 through 6.06 LTS, when called with the -f, -g, or -s flag, does not check the return code of a setuid call, which might allow local users to gain root privileges if setuid fails in cases such as PAM failures or resource limits.
SQL injection vulnerability in the login compon
vulnerability
|
Portix-PHP
|
component
|
injection
|
login
|
SQL
|
SQL injection vulnerability in the login component in Portix-PHP 0.4.2 allows remote attackers to execute arbitrary SQL commands via the username and passwd (password) fields.
Software vulnerabilities results 1 to 20 of 353
Page:
1
2
3
4
5
...
18
►