period software vulnerabilities
vulnerabilities.aspcode.net
Searching period software vulnerabilities
The account lockout capability in Oblix NetPoin
capability
|
passwords
|
attackers
|
specified
|
guessing
|
password
|
NetPoint
|
lockout
|
conduct
|
account
|
without
|
waiting
|
earlier
|
remote
|
locked
|
easier
|
period
|
until
|
again
|
locks
|
being
|
Oblix
|
users
|
which
|
brute
|
makes
|
force
|
only
|
once
|
ends
|
then
|
out
|
The account lockout capability in Oblix NetPoint 5.2 and earlier only locks out users once for the specified lockout period, which makes it easier for remote attackers to conduct brute force password guessing by waiting until the lockout period ends, then guessing passwords without being locked out again.
The throttle capability in Swatch may fail to r
capability
|
throttle
|
certain
|
report
|
Swatch
|
events
|
fail
|
may
|
The throttle capability in Swatch may fail to report certain events if (1) the same type of event occurs after the throttle period, or (2) when multiple events matching the same "watchfor" expression do not occur after the throttle period, which could allow attackers to avoid detection.
The System Preferences capability in Mac OS X b
Preferences
|
capability
|
before
|
System
|
Mac
|
The System Preferences capability in Mac OS X before 10.3 allows local users to access secure Preference Panes for a short period after an administrator has authenticated to the system.
Buffer overflow in Real Networks RealPlayer 10
RealPlayer
|
attackers
|
arbitrary
|
overflow
|
Networks
|
execute
|
number
|
Buffer
|
remote
|
allows
|
large
|
code
|
Real
|
via
|
URL
|
Buffer overflow in Real Networks RealPlayer 10 allows remote attackers to execute arbitrary code via a URL with a large number of "." (period) characters.
The buffer overflow trigger in Cisco Security A
overflow
|
Security
|
trigger
|
buffer
|
Agent
|
Cisco
|
The buffer overflow trigger in Cisco Security Agent (CSA) before 4.0.3 build 728 waits five minutes for a user response before terminating the process, which could allow remote attackers to bypass the buffer overflow protection by sending additional buffer overflow attacks within the five minute timeout period.
Unspecified vulnerability in the Lexmark Printe
vulnerability
|
Unspecified
|
Sharing
|
Service
|
Lexmark
|
Printer
|
Server
|
LexBce
|
Unspecified vulnerability in the Lexmark Printer Sharing LexBce Server Service (LexPPS), possibly 8.29 and 9.41, allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based on a vague initial disclosure; details will be updated after the grace period has ended.
Directory traversal vulnerability in SAP Busine
vulnerability
|
Connector
|
Directory
|
traversal
|
Business
|
SAP
|
Directory traversal vulnerability in SAP Business Connector (BC) 4.6 and 4.7 allows remote attackers to read or delete arbitrary files via the the fullName parameter to (1) sapbc/SAP/chopSAPLog.dsp or (2) invoke/sap.monitor.rfcTrace/deleteSingle. Details will be updated after the grace period has ended. NOTE: SAP Business Connector is an OEM version of webMethods Integration Server. webMethods states that this issue can only occur when the product is installed as root/admin, and if the attacker has access to a general purpose port; however, both are discouraged in the documentation. In addition, the attacker must already have acquired administrative privileges through other means.
Multiple buffer overflows in LISTSERV 14.3 and
overflows
|
LISTSERV
|
Multiple
|
buffer
|
Multiple buffer overflows in LISTSERV 14.3 and 14.4, including LISTSERV Lite and HPO, with the web archive interface enabled, allow remote attackers to execute arbitrary code via unknown attack vectors related to the WA CGI. NOTE: technical details will be released after the grace period has ended on Saturday, June 03, 2006.
Race condition in articles/BitArticle.php in Bi
articles/BitArticlephp
|
temp/articles
|
extensions
|
attackers
|
extension
|
uploading
|
arbitrary
|
directory
|
Bitweaver
|
condition
|
mod_mime
|
webroot
|
execute
|
double
|
stored
|
period
|
allows
|
remote
|
Apache
|
under
|
small
|
files
|
which
|
code
|
Race
|
time
|
run
|
PHP
|
Race condition in articles/BitArticle.php in Bitweaver 1.3, when run on Apache with the mod_mime extension, allows remote attackers to execute arbitrary PHP code by uploading arbitrary files with double extensions, which are stored for a small period of time under the webroot in the temp/articles directory.
Unspecified vulnerability related to a "design
vulnerability
|
Unspecified
|
Graphics
|
Internet
|
Service
|
related
|
"design
|
flaw"
|
SAP
|
Unspecified vulnerability related to a "design flaw" in SAP Internet Graphics Service (IGS) 6.40 and earlier and 7.00 and earlier allows remote attackers to cause a denial of service (service shutdown) via certain HTTP requests. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.
Directory traversal vulnerability in SAP Intern
vulnerability
|
Directory
|
traversal
|
Internet
|
Graphics
|
Service
|
SAP
|
Directory traversal vulnerability in SAP Internet Graphics Service (IGS) 6.40 Patchlevel 16 and earlier, and 7.00 Patchlevel 6 and earlier, allows remote attackers to delete arbitrary files via directory traversal sequences in an HTTP request. NOTE: This information is based upon an initial disclosure. Details will be updated after the grace period has ended. This issue is different from CVE-2006-4133 and CVE-2006-4134.
Unspecified vulnerability in SAP Internet Graph
vulnerability
|
Unspecified
|
Internet
|
Graphics
|
Service
|
SAP
|
Unspecified vulnerability in SAP Internet Graphics Service (IGS) 6.40 Patchlevel 15 and earlier, and 7.00 Patchlevel 3 and earlier, allows remote attackers to cause a denial of service (service shutdown), obtain sensitive information (configuration files), and conduct certain other unauthorized activities, related to "Undocumented Features." NOTE: it is possible that there are multiple issues. This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended. This is likely a different issue than CVE-2006-4134.
Cross-site scripting (XSS) vulnerability in @Ma
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in @Mail WebMail allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.
The TRUSTED_SYSTEM_SECURITY function in the SAP
TRUSTED_SYSTEM_SECURITY
|
function
|
Library
|
RFC
|
SAP
|
The TRUSTED_SYSTEM_SECURITY function in the SAP RFC Library 6.40 and 7.00 before Monday, December 11, 2006 allows remote attackers to verify the existence of users and groups on systems and domains via unspecified vectors, a different vulnerability than CVE-2006-6010. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.
The RFC_START_PROGRAM function in the SAP RFC L
RFC_START_PROGRAM
|
function
|
Library
|
RFC
|
SAP
|
The RFC_START_PROGRAM function in the SAP RFC Library 6.40 and 7.00 before Monday, December 11, 2006 allows remote attackers to obtain sensitive information (external RFC server configuration data) via unspecified vectors, a different vulnerability than CVE-2006-6010. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.
Buffer overflow in the RFC_START_PROGRAM functi
RFC_START_PROGRAM
|
function
|
overflow
|
Library
|
Buffer
|
RFC
|
SAP
|
Buffer overflow in the RFC_START_PROGRAM function in the SAP RFC Library 6.40 and 7.00 before Monday, December 11, 2006 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.
Buffer overflow in the RFC_START_GUI function i
RFC_START_GUI
|
function
|
overflow
|
Library
|
Buffer
|
RFC
|
SAP
|
Buffer overflow in the RFC_START_GUI function in the SAP RFC Library 6.40 and 7.00 before Monday, December 11, 2006 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.
Buffer overflow in the SYSTEM_CREATE_INSTANCE f
SYSTEM_CREATE_INSTANCE
|
function
|
overflow
|
Library
|
Buffer
|
RFC
|
SAP
|
Buffer overflow in the SYSTEM_CREATE_INSTANCE function in the SAP RFC Library 6.40 and 7.00 before Monday, December 11, 2006 allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.
The RFC_SET_REG_SERVER_PROPERTY function in the
RFC_SET_REG_SERVER_PROPERTY
|
function
|
Library
|
RFC
|
SAP
|
The RFC_SET_REG_SERVER_PROPERTY function in the SAP RFC Library 6.40 and 7.00 before Tuesday, January 09, 2007 implements an option for exclusive access to an RFC server, which allows remote attackers to cause a denial of service (client lockout) via unspecified vectors. NOTE: This information is based upon a vague initial disclosure. Details will be updated after the grace period has ended.
NuFW 2.2.3, and certain other versions after 2.
NuFW
|
NuFW 2.2.3, and certain other versions after 2.0, allows remote attackers to bypass time-based packet filtering rules via certain "out of period" choices of packet transmission time.
Software vulnerabilities results 1 to 20 of 21
Page:
1
2
►