prior software vulnerabilities
vulnerabilities.aspcode.net
Searching prior software vulnerabilities
Buffer overflows in Bisonware FTP server prior
attackers
|
arbitrary
|
Bisonware
|
overflows
|
possibly
|
commands
|
service
|
execute
|
denial
|
Buffer
|
remote
|
server
|
prior
|
cause
|
allow
|
long
|
via
|
FTP
|
Buffer overflows in Bisonware FTP server prior to 4.1 allow remote attackers to cause a denial of service, and possibly execute arbitrary commands, via long (1) USER, (2) LIST, or (3) CWD commands.
FlowPoint DSL router firmware versions prior to
FlowPoint
|
firmware
|
versions
|
router
|
prior
|
DSL
|
FlowPoint DSL router firmware versions prior to 3.0.8 allows a remote attacker to exploit a password recovery feature from the network and conduct brute force password guessing, instead of limiting the feature to the serial console port.
fcheck prior to 2.57.59 calls the file signatur
fcheck
|
prior
|
fcheck prior to 2.57.59 calls the file signature checking program insecurely, which can allow a local user to run arbitrary commands via a file name that contains shell metacharacters.
Directory traversal vulnerability in Drummond M
vulnerability
|
arbitrary
|
Directory
|
traversal
|
attacker
|
Drummond
|
A1Stats
|
remote
|
allows
|
files
|
Miles
|
prior
|
read
|
via
|
Directory traversal vulnerability in Drummond Miles A1Stats prior to 1.6 allows a remote attacker to read arbitrary files via a '..' (dot dot) attack in (1) a1disp2.cgi, (2) a1disp3.cgi, or (3) a1disp4.cgi.
a1disp.cgi program in Drummond Miles A1Stats pr
metacharacters
|
specially
|
a1dispcgi
|
commands
|
attacker
|
Drummond
|
includes
|
execute
|
crafted
|
A1Stats
|
program
|
allows
|
remote
|
which
|
Miles
|
prior
|
shell
|
via
|
URL
|
a1disp.cgi program in Drummond Miles A1Stats prior to 1.6 allows a remote attacker to execute commands via a specially crafted URL which includes shell metacharacters.
Watchguard Firebox II prior to 4.6 allows a rem
Watchguard
|
attacker
|
service
|
Firebox
|
denial
|
stream
|
kernel
|
allows
|
remote
|
create
|
large
|
prior
|
via
|
Watchguard Firebox II prior to 4.6 allows a remote attacker to create a denial of service in the kernel via a large stream (>10,000) of malformed ICMP or TCP packets.
Lotus Domino R5 prior to 5.0.7 allows a remote
Domino
|
prior
|
Lotus
|
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeated URL requests with the same HTTP headers, such as (1) Accept, (2) Accept-Charset, (3) Accept-Encoding, (4) Accept-Language, and (5) Content-Type.
Lotus Domino R5 prior to 5.0.7 allows a remote
Domino
|
prior
|
Lotus
|
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via HTTP requests containing certain combinations of UNICODE characters.
Lotus Domino R5 prior to 5.0.7 allows a remote
Domino
|
prior
|
Lotus
|
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeated (>400) URL requests for DOS devices.
Lotus Domino R5 prior to 5.0.7 allows a remote
Domino
|
prior
|
Lotus
|
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeatedly sending large (> 10Kb) amounts of data to the DIIOP - CORBA service on TCP port 63148.
Lotus Domino R5 prior to 5.0.7 allows a remote
Domino
|
prior
|
Lotus
|
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via URL requests (>8Kb) containing a large number of '/' characters.
Headlight Software MyGetright prior to 1.0b all
MyGetright
|
arbitrary
|
overwrite
|
malicious
|
Headlight
|
attacker
|
Software
|
and/or
|
upload
|
remote
|
allows
|
files
|
prior
|
dld
|
10b
|
via
|
Headlight Software MyGetright prior to 1.0b allows a remote attacker to upload and/or overwrite arbitrary files via a malicious .dld (skins-data) file which contains long strings of random data.
A buffer overflow in reggo.dll file used by Tre
InterScan
|
VirusWall
|
reggodll
|
overflow
|
buffer
|
Micro
|
prior
|
Trend
|
file
|
used
|
A buffer overflow in reggo.dll file used by Trend Micro InterScan VirusWall prior to 3.51 build 1349 for Windows NT 3.5 and InterScan WebManager 1.2 allows a local attacker to execute arbitrary code.
Microsoft Site Server 3.0 prior to SP4 installs
LDAP_Anonymous
|
LdapPassword_1
|
attackers
|
Microsoft
|
privilege
|
password
|
locally"
|
installs
|
default
|
allows
|
Server
|
remote
|
prior
|
which
|
"Log
|
Site
|
user
|
SP4
|
Microsoft Site Server 3.0 prior to SP4 installs a default user, LDAP_Anonymous, with a default password of LdapPassword_1, which allows remote attackers the "Log on locally" privilege.
Multiple race conditions in the handling of O_D
conditions
|
handling
|
O_DIRECT
|
Multiple
|
version
|
kernel
|
prior
|
Linux
|
race
|
Multiple race conditions in the handling of O_DIRECT in Linux kernel prior to version 2.4.22 could cause stale data to be returned from the disk when handling sparse files, or cause incorrect data to be returned when a file is truncated as it is being read, which might allow local users to obtain sensitive data that was originally owned by other users, a different vulnerability than CVE-2003-0018.
Apple AirPort Express prior to 6.1.1 and Extrem
Express
|
AirPort
|
prior
|
Apple
|
Apple AirPort Express prior to 6.1.1 and Extreme prior to 5.5.1, configured as a Wireless Data Service (WDS), allows remote attackers to cause a denial of service (device freeze) by connecting to UDP port 161 and before link-state change occurs.
** DISPUTED ** PHP remote file inclusion vulne
install/upgrade_301php
|
vulnerability
|
inclusion
|
vBulletin
|
DISPUTED
|
Jelsoft
|
remote
|
file
|
PHP
|
** DISPUTED ** PHP remote file inclusion vulnerability in install/upgrade_301.php in Jelsoft vBulletin 3.5.4 allows remote attackers to execute arbitrary PHP code via a URL in the step parameter. NOTE: the vendor has disputed this vulnerability, saying "The default vBulletin requires authentication prior to the usage of the upgrade system."
Software vulnerabilities results 1 to 18 of 18
Page:
1