prints software vulnerabilities
vulnerabilities.aspcode.net
Searching prints software vulnerabilities
ip_print procedure in Tcpdump 3.4a allows remot
procedure
|
attackers
|
infinite
|
ip_print
|
service
|
Tcpdump
|
length
|
packet
|
causes
|
header
|
denial
|
allows
|
remote
|
prints
|
which
|
cause
|
core
|
loop
|
dump
|
zero
|
34a
|
via
|
ip_print procedure in Tcpdump 3.4a allows remote attackers to cause a denial of service via a packet with a zero length header, which causes an infinite loop and core dump when tcpdump prints the packet.
SGI MachineInfo CGI program, installed by defau
potentially
|
information
|
MachineInfo
|
activities
|
sensitive
|
gathering
|
attackers
|
installed
|
program
|
default
|
servers
|
status
|
remote
|
prints
|
system
|
could
|
which
|
some
|
used
|
CGI
|
web
|
SGI
|
SGI MachineInfo CGI program, installed by default on some web servers, prints potentially sensitive system status information, which could be used by remote attackers for information gathering activities.
The Nirvana Editor (NEdit) 5.1.1 and earlier al
Nirvana
|
Editor
|
The Nirvana Editor (NEdit) 5.1.1 and earlier allows a local attacker to overwrite other users' files via a symlink attack on (1) backup files or (2) temporary files used when nedit prints a file or portions of a file.
efax 0.9 and earlier, when installed setuid roo
installed
|
arbitrary
|
contents
|
warning
|
message
|
earlier
|
prints
|
option
|
setuid
|
allows
|
which
|
local
|
users
|
files
|
root
|
file
|
efax
|
read
|
via
|
efax 0.9 and earlier, when installed setuid root, allows local users to read arbitrary files via the -d option, which prints the contents of the file in a warning message.
Cross-site scripting vulnerability in PowerBASI
vulnerability
|
urlcountcgi
|
Cross-site
|
PowerBASIC
|
capability
|
attackers
|
scripting
|
arbitrary
|
browsers
|
contains
|
original
|
included
|
filtered
|
request
|
execute
|
server
|
allows
|
prints
|
REPORT
|
script
|
remote
|
other
|
which
|
Lil'
|
HTTP
|
via
|
not
|
web
|
Cross-site scripting vulnerability in PowerBASIC urlcount.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via a request to urlcount.cgi that contains the script, which is not filtered when the REPORT capability prints the original request.
gr_osview in SGI IRIX 6.5.22, and possibly othe
gr_osview
|
IRIX
|
SGI
|
gr_osview in SGI IRIX 6.5.22, and possibly other 6.5 versions, does not drop privileges when opening description files while in debug mode, which allows local users to read a line from arbitrary files via the -d and -D options, which prints the line as a formatting error.
The UserLogin control in BEA WebLogic Portal 8.
attackers
|
incorrect
|
UserLogin
|
password
|
standard
|
WebLogic
|
attempt
|
correct
|
control
|
through
|
Service
|
easier
|
prints
|
Portal
|
output
|
could
|
guess
|
login
|
which
|
made
|
make
|
Pack
|
BEA
|
The UserLogin control in BEA WebLogic Portal 8.1 through Service Pack 3 prints the password to standard output when an incorrect login attempt is made, which could make it easier for attackers to guess the correct password.
member.php in MyBB (aka MyBulletinBoard), when
memberphp
|
MyBB
|
member.php in MyBB (aka MyBulletinBoard), when debug mode is available, allows remote authenticated users to change the password of any account by providing the account's registered e-mail address in a debug request for a do_lostpw action, which prints the change password verification code in the debug output.
admin/send_mod.php in Gregory Kokanosky phpMyNe
admin/send_modphp
|
phpMyNewsletter
|
administrative
|
credentials
|
Kokanosky
|
attackers
|
Location
|
subject
|
compose
|
message
|
missing
|
request
|
earlier
|
Gregory
|
list_id
|
fields;
|
admin/
|
format
|
direct
|
e-mail
|
header
|
prints
|
remote
|
allows
|
MsgId
|
value
|
which
|
beta5
|
under
|
send
|
post
|
exit
|
does
|
via
|
but
|
not
|
admin/send_mod.php in Gregory Kokanosky phpMyNewsletter 0.8 beta5 and earlier prints a Location header but does not exit when administrative credentials are missing, which allows remote attackers to compose an e-mail message via a post with the subject, message, format, and list_id fields; and send the message via a direct request for the MsgId value under admin/.
The "You are not allowed..." error handler in X
authenticated
|
associates
|
regardless
|
documents
|
arbitrary
|
attribute
|
document
|
metadata
|
variable
|
allowed"
|
handler
|
content
|
allows
|
remote
|
prints
|
custom
|
rights
|
user's
|
entire
|
error
|
XWiki
|
users
|
which
|
skin
|
read
|
view
|
"You
|
not
|
doc
|
via
|
The "You are not allowed..." error handler in XWiki 1.0 B1 and 1.0 B2 associates the doc variable with the entire document content and metadata regardless of a user's view rights, which allows remote authenticated users to read arbitrary documents via a custom skin that prints the content attribute of the doc variable.
Software vulnerabilities results 1 to 11 of 11
Page:
1