print pipe software vulnerabilities
vulnerabilities.aspcode.net
Searching print pipe software vulnerabilities
In older versions of Sendmail, an attacker coul
character
|
attacker
|
commands
|
versions
|
Sendmail
|
execute
|
older
|
could
|
root
|
pipe
|
use
|
In older versions of Sendmail, an attacker could use a pipe character to execute root commands.
finger .@host on some systems may print informa
information
|
accounts
|
systems
|
finger
|
print
|
@host
|
user
|
some
|
may
|
finger .@host on some systems may print information on some user accounts.
Alibaba web server allows remote attackers to e
attackers
|
character
|
malformed
|
commands
|
execute
|
Alibaba
|
server
|
remote
|
allows
|
pipe
|
URL
|
via
|
web
|
Alibaba web server allows remote attackers to execute commands via a pipe character in a malformed URL.
The dccscan setuid program in LPPlus does not p
permissions
|
specified
|
arbitrary
|
properly
|
program
|
dccscan
|
setuid
|
allows
|
LPPlus
|
which
|
print
|
files
|
users
|
local
|
check
|
does
|
user
|
file
|
not
|
has
|
The dccscan setuid program in LPPlus does not properly check if the user has the permissions to print the file that is specified to dccscan, which allows local users to print arbitrary files.
The default configuration of LPRng print spoole
configuration
|
operating
|
arbitrary
|
Mandrake
|
through
|
accepts
|
systems
|
default
|
spooler
|
remote
|
hosts
|
LPRng
|
print
|
Linux
|
other
|
jobs
|
Hat
|
Red
|
The default configuration of LPRng print spooler in Red Hat Linux 7.0 through 7.3, Mandrake 8.1 and 8.2, and other operating systems, accepts print jobs from arbitrary remote hosts.
The default configuration of Xerox DocuTech 611
configuration
|
DocuTech
|
default
|
Xerox
|
The default configuration of Xerox DocuTech 6110 and DocuTech 6115 allows remote attackers to connect to the web server and (1) submit print jobs directly into the "print now" queue or (2) read the scanner job history.
Kerberos FTP client allows remote FTP sites to
arbitrary
|
Kerberos
|
execute
|
remote
|
client
|
allows
|
sites
|
pipe
|
code
|
FTP
|
via
|
Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client.
Microsoft SQL Server 7, 2000, and MSDE allows l
Microsoft
|
Server
|
SQL
|
Microsoft SQL Server 7, 2000, and MSDE allows local users to gain privileges by hijacking a named pipe during the authentication of another user, aka the "Named Pipe Hijacking" vulnerability.
Microsoft SQL Server 7, 2000, and MSDE allows l
Microsoft
|
Server
|
SQL
|
Microsoft SQL Server 7, 2000, and MSDE allows local or remote authenticated users to cause a denial of service (crash or hang) via a long request to a named pipe.
The rotatelogs program on Apache before 1.3.28,
rotatelogs
|
program
|
before
|
Apache
|
The rotatelogs program on Apache before 1.3.28, for Windows and OS/2 systems, does not properly ignore certain control characters that are received over the pipe, which could allow remote attackers to cause a denial of service.
The print_attr_string function in print-radius.
print_attr_string
|
print-radiusc
|
function
|
tcpdump
|
The print_attr_string function in print-radius.c for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a RADIUS attribute with a large length value.
The EPSF pipe support in enscript 1.6.3 allows
enscript
|
support
|
EPSF
|
pipe
|
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.
The Server service (srvsvc.dll) in Windows XP S
service
|
Server
|
The Server service (srvsvc.dll) in Windows XP SP1 and SP2 allows remote attackers to obtain sensitive information (users who are accessing resources) via an anonymous logon using a named pipe, which is not properly authenticated, aka the "Named Pipe Vulnerability."
The isis_print function, as called by isoclns_p
isoclns_print
|
isis_print
|
function
|
tcpdump
|
called
|
The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero length, as demonstrated using a GRE packet.
Stack-based buffer overflow in the create_named
create_named_pipe
|
Stack-based
|
libmysqlc
|
function
|
overflow
|
buffer
|
PHP
|
Stack-based buffer overflow in the create_named_pipe function in libmysql.c in PHP 4.3.10 and 4.4.x before 4.4.3 for Windows allows attackers to execute arbitrary code via a long (1) arg_host or (2) arg_unix_socket argument, as demonstrated by a long named pipe variable in the host argument to the mysql_connect function.
SQL injection vulnerability in Hitachi EUR Prof
vulnerability
|
authenticated
|
Professional
|
injection
|
arbitrary
|
commands
|
Service
|
unknown
|
vectors
|
Edition
|
Hitachi
|
execute
|
remote
|
attack
|
Viewer
|
allows
|
Print
|
users
|
via
|
SQL
|
EUR
|
ILF
|
SQL injection vulnerability in Hitachi EUR Professional Edition, EUR Viewer, EUR Print Service, and EUR Print Service for ILF allows remote authenticated users to execute arbitrary SQL commands via unknown attack vectors.
Buffer overflow in the Novell Distributed Print
Distributed
|
overflow
|
Services
|
Buffer
|
Novell
|
Print
|
Buffer overflow in the Novell Distributed Print Services (NDPS) Print Provider for Windows component (NDPPNT.DLL) in Novell Client 4.91 has unknown impact and remote attack vectors.
PGP Desktop before 9.5.1 does not validate data
Desktop
|
before
|
PGP
|
PGP Desktop before 9.5.1 does not validate data objects received over the (1) \pipe\pgpserv named pipe for PGPServ.exe or the (2) \pipe\pgpsdkserv named pipe for PGPsdkServ.exe, which allows remote authenticated users to gain privileges by sending a data object representing an absolute pointer, which causes code execution at the corresponding address.
Multiple unspecified scripts in mIRC allow user
user-assisted
|
unspecified
|
attackers
|
arbitrary
|
Multiple
|
scripts
|
execute
|
remote
|
allow
|
code
|
mIRC
|
'|'
|
via
|
Multiple unspecified scripts in mIRC allow user-assisted remote attackers to execute arbitrary code via the '|' (pipe) shell metacharacter in the name of the song in a .mp3 file.
The mIRC Control Plug-in for Winamp allows user
user-assisted
|
attackers
|
arbitrary
|
execute
|
Control
|
Plug-in
|
remote
|
Winamp
|
allows
|
code
|
mIRC
|
'|'
|
via
|
The mIRC Control Plug-in for Winamp allows user-assisted remote attackers to execute arbitrary code via the '|' (pipe) shell metacharacter in the name of the song in a .mp3 file.
Software vulnerabilities results 1 to 20 of 124
Page:
1
2
3
4
5
...
7
►