patches software vulnerabilities
vulnerabilities.aspcode.net
Searching patches software vulnerabilities
Vulnerability in (1) diskalign and (2) diskperf
Vulnerability
|
Vulnerability in (1) diskalign and (2) diskperf in IRIX 6.4 patches 2291 and 2848 allow a local user to create root-owned files leading to a root compromise.
The Microsoft MS01-014 and MS01-016 patches for
introduce
|
attackers
|
Microsoft
|
requests
|
MS01-016
|
MS01-014
|
patches
|
service
|
earlier
|
denial
|
allows
|
series
|
memory
|
which
|
cause
|
leak
|
IIS
|
via
|
The Microsoft MS01-014 and MS01-016 patches for IIS 5.0 and earlier introduce a memory leak which allows attackers to cause a denial of service via a series of requests.
Unknown vulnerability in ndd for HP-UX 11.11 wi
vulnerability
|
Unknown
|
HP-UX
|
ndd
|
Unknown vulnerability in ndd for HP-UX 11.11 with certain TRANSPORT patches allows attackers to cause a denial of service.
Microsoft Windows XP Professional upgrade editi
Professional
|
overwrites
|
previously
|
Microsoft
|
installed
|
unpatched
|
Internet
|
Explorer
|
leaving
|
upgrade
|
Windows
|
patches
|
edition
|
Microsoft Windows XP Professional upgrade edition overwrites previously installed patches for Internet Explorer 6.0, leaving Internet Explorer unpatched.
The Cisco Media Gateway Controller (MGC) in (1)
Controller
|
Gateway
|
Cisco
|
Media
|
The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and earlier, (2) VSC3000 9.1 and earlier, (3) PGW 2200 9.1 and earlier, (4) Billing and Management Server (BAMS) and (5) Voice Services Provisioning Tool (VSPT) runs on default installations of Solaris 2.6 with unnecessary services and without the latest security patches, which allows attackers to exploit known vulnerabilities.
The patches (1) 105693-13, (2) 108800-02, (3) 1
patches
|
The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2.6 and 7 overwrite the inetd.conf file, which may silently reenable services and allow remote attackers to bypass the intended security policy.
Unknown vulnerability in patches 108993-14 thro
vulnerability
|
108993-19
|
108994-14
|
108994-19
|
108993-14
|
Solaris
|
service
|
Unknown
|
through
|
patches
|
denial
|
cause
|
users
|
allow
|
local
|
may
|
Unknown vulnerability in patches 108993-14 through 108993-19 and 108994-14 through 108994-19 for Solaris 8 may allow local users to cause a denial of service (automountd crash).
The tcp_find_option function of the netfilter s
tcp_find_option
|
subsystem
|
netfilter
|
function
|
Linux
|
SUSE
|
IPv6
|
The tcp_find_option function of the netfilter subsystem for IPv6 in the SUSE Linux 2.6.5 kernel with USAGI patches, when using iptables and TCP options rules, allows remote attackers to cause a denial of service (CPU consumption by infinite loop) via a large option length that produces a negative integer after a casting operation to the char type, a similar flaw to CVE-2004-0626.
The patches (1) 114332-08 and (2) 114929-06 for
patches
|
The patches (1) 114332-08 and (2) 114929-06 for Sun Solaris 9 disable the auditing functionality of the Basic Security Module (BSM), which allows attackers to avoid having their activity logged.
The Solaris 9 patches 113579-02 through 113579-
passwdadjunctbyname
|
restricting
|
114342-02
|
114342-05
|
113579-05
|
113579-02
|
contents
|
properly
|
extract
|
ypmatch
|
patches
|
Solaris
|
prevent
|
through
|
allows
|
access
|
secure
|
ypserv
|
ypxfrd
|
ypcat
|
local
|
which
|
users
|
maps
|
such
|
map
|
use
|
NIS
|
The Solaris 9 patches 113579-02 through 113579-05, and 114342-02 through 114342-05, prevent ypserv and ypxfrd from properly restricting access to secure NIS maps, which allows local users to use ypcat or ypmatch to extract the contents of a secure map such as passwd.adjunct.byname.
The arch_get_unmapped_area function in mmap.c i
arch_get_unmapped_area
|
Randomization
|
function
|
patches
|
Address
|
kernel
|
Layout
|
Space
|
mmapc
|
Linux
|
PaX
|
The arch_get_unmapped_area function in mmap.c in the PaX patches for Linux kernel 2.6, when Address Space Layout Randomization (ASLR) is enabled, allows local users to cause a denial of service (infinite loop) via unknown attack vectors.
Apple QuickTime Player 7.0 on Mac OS X 10.4 all
QuickTime
|
Player
|
Apple
|
Mac
|
Apple QuickTime Player 7.0 on Mac OS X 10.4 allows remote attackers to obtain sensitive information via a .mov file with a Quartz Composer composition (.qtz) file that uses certain patches to read local information, then other patches to send the information to the attacker.
Software vulnerabilities results 1 to 13 of 13
Page:
1