pressing software vulnerabilities
vulnerabilities.aspcode.net
Searching pressing software vulnerabilities
Macromedia "The Matrix" screen saver on Windows
protected"
|
Macromedia
|
attackers
|
"Password
|
physical
|
pressing
|
password
|
enabled
|
machine
|
Windows
|
Matrix"
|
screen
|
bypass
|
prompt
|
allows
|
option
|
access
|
saver
|
"The
|
ESC
|
Macromedia "The Matrix" screen saver on Windows 95 with the "Password protected" option enabled allows attackers with physical access to the machine to bypass the password prompt by pressing the ESC (Escape) key.
Windows 2000 and Windows NT allows local users
Windows
|
Windows 2000 and Windows NT allows local users to cause a denial of service (reboot) by executing a command at the command prompt and pressing the F7 and enter keys several times while the command is executing, possibly related to an exception handling error in csrss.exe.
Microsoft Internet Explorer 4.0 through 6.0 cou
non-alphanumeric
|
differentiate
|
alphanumeric
|
brute-force
|
characters
|
Microsoft
|
password
|
Explorer
|
Internet
|
guessing
|
pressing
|
certain
|
control
|
conduct
|
between
|
through
|
attack
|
easier
|
which
|
makes
|
users
|
could
|
allow
|
local
|
used
|
keys
|
jump
|
Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanumeric and non-alphanumeric characters used in a password by pressing certain control keys that jump between non-alphanumeric characters, which makes it easier to conduct a brute-force password guessing attack.
Samsung SmartEther SS6215S switch, and possibly
administrative
|
SmartEther
|
attackers
|
resulting
|
providing
|
followed
|
username
|
pressing
|
password
|
possibly
|
switches
|
maximum
|
allowed
|
message
|
Samsung
|
SS6215S
|
access
|
switch
|
length
|
remote
|
allows
|
enter
|
after
|
users
|
other
|
admin
|
local
|
error
|
gain
|
then
|
key
|
Samsung SmartEther SS6215S switch, and possibly other Samsung switches, allows remote attackers and local users to gain administrative access by providing the admin username followed by a password that is the maximum allowed length, then pressing the enter key after the resulting error message.
eSeSIX Thintune thin clients running firmware 2
firmware
|
Thintune
|
running
|
clients
|
eSeSIX
|
thin
|
eSeSIX Thintune thin clients running firmware 2.4.38 and earlier allow local users to gain privileges by pressing CTRL-SHIFT-ALT-DEL and entering the "maertsJ" password, which is hard-coded into lshell.
Bay Technical Associates RPC-3 Telnet Host 3.05
Associates
|
Technical
|
Telnet
|
RPC-3
|
Host
|
Bay
|
Bay Technical Associates RPC-3 Telnet Host 3.05 allows remote attackers to bypass authentication by pressing the escape and enter keys at the username prompt.
Acrowave AAP-3100AR wireless router allows remo
authentication
|
AAP-3100AR
|
attackers
|
pressing
|
password
|
username
|
Acrowave
|
wireless
|
restart
|
session
|
bypass
|
telnet
|
remote
|
causes
|
CTRL-C
|
router
|
prompt
|
allows
|
leave
|
crash
|
which
|
shell
|
user
|
then
|
new
|
Acrowave AAP-3100AR wireless router allows remote attackers to bypass authentication by pressing CTRL-C at the username or password prompt in a telnet session, which causes the shell to crash and restart, then leave the user in the new shell.
The Motorola PEBL U6 08.83.76R, the Motorola V6
user-assisted
|
"Blueline"
|
connecting
|
connection
|
P2K-based
|
phonebook
|
Bluetooth
|
attackers
|
Motorola
|
messages
|
tricking
|
pressing
|
possibly
|
Gateway
|
entries
|
service
|
require
|
channel
|
088376R
|
Headset
|
related
|
pairing
|
attack
|
access
|
obtain
|
allows
|
remote
|
phones
|
other
|
Audio
|
Grant
|
level
|
which
|
saved
|
into
|
PEBL
|
V600
|
E398
|
view
|
does
|
user
|
SMS
|
not
|
aka
|
The Motorola PEBL U6 08.83.76R, the Motorola V600, and possibly the Motorola E398 and other Motorola P2K-based phones does not require pairing for a connection related to the Headset Audio Gateway service, which allows user-assisted remote attackers to obtain AT level access and view phonebook entries and saved SMS messages by connecting on Bluetooth channel 3 and tricking the user into pressing Grant, aka a "Blueline" attack. NOTE: while user-assisted, the attack is made more feasible because of a GUI misrepresentation issue that allows a default message to be replaced by an attacker-specified one.
Microsoft Internet Explorer before Windows XP S
Microsoft
|
Explorer
|
Internet
|
Windows
|
Service
|
Server
|
before
|
Pack
|
Microsoft Internet Explorer before Windows XP Service Pack 2 and Windows Server 2003 Service Pack 1, when Prompt is configured in Security Settings, uses modal dialogs to verify that a user wishes to run an ActiveX control or perform other risky actions, which allows user-assisted remote attackers to construct a race condition that tricks a user into clicking an object or pressing keys that are actually applied to a "Yes" approval for executing the control.
Simpliciti Locked Browser does not properly lim
CTRL-SHIFT-ESC
|
unauthorized
|
environment
|
Simpliciti
|
windowblur
|
JavaScript
|
Internet
|
intended
|
Explorer
|
executes
|
visiting
|
properly
|
pressing
|
perform
|
Manager
|
Browser
|
actions
|
invoke
|
remove
|
user's
|
within
|
window
|
Locked
|
allows
|
focus
|
local
|
which
|
limit
|
users
|
site
|
Task
|
does
|
ones
|
loop
|
then
|
web
|
not
|
Simpliciti Locked Browser does not properly limit a user's actions to ones within the intended Internet Explorer environment, which allows local users to perform unauthorized actions by visiting a web site that executes a JavaScript window.blur loop to remove focus from the browser window, then pressing CTRL-SHIFT-ESC to invoke the Task Manager.
The Find feature in Palm OS Treo smart phones o
information
|
attackers
|
sensitive
|
operates
|
password
|
physical
|
despite
|
feature
|
allows
|
access
|
obtain
|
phones
|
system
|
smart
|
which
|
Find
|
lock
|
Treo
|
Palm
|
The Find feature in Palm OS Treo smart phones operates despite the system password lock, which allows attackers with physical access to obtain sensitive information (memory contents) by doing (1) text searches or (2) paste operations after pressing certain keyboard shortcut keys.
Software vulnerabilities results 1 to 12 of 12
Page:
1