program software vulnerabilities
vulnerabilities.aspcode.net
Searching program software vulnerabilities
Command execution in Sun systems via buffer ove
execution
|
overflow
|
program
|
systems
|
Command
|
buffer
|
via
|
Sun
|
Command execution in Sun systems via buffer overflow in the at program.
Windows NT RSHSVC program allows remote users t
arbitrary
|
commands
|
execute
|
Windows
|
program
|
allows
|
RSHSVC
|
remote
|
users
|
Windows NT RSHSVC program allows remote users to execute arbitrary commands.
buffer overflow in HP xlock program.
overflow
|
program
|
buffer
|
xlock
|
buffer overflow in HP xlock program.
A Sendmail alias allows input to be piped to a
Sendmail
|
program
|
allows
|
alias
|
piped
|
input
|
A Sendmail alias allows input to be piped to a program.
An incorrect configuration of the SoftCart CGI
configuration
|
"SoftCartexe"
|
information
|
incorrect
|
disclose
|
SoftCart
|
private
|
program
|
could
|
CGI
|
An incorrect configuration of the SoftCart CGI program "SoftCart.exe" could disclose private information.
An incorrect configuration of the Webcart CGI p
configuration
|
information
|
incorrect
|
disclose
|
private
|
Webcart
|
program
|
could
|
CGI
|
An incorrect configuration of the Webcart CGI program could disclose private information.
Buffer overflow in FreeBSD gdc program.
overflow
|
program
|
FreeBSD
|
Buffer
|
gdc
|
Buffer overflow in FreeBSD gdc program.
serial_ports administrative program in IRIX 4.x
administrative
|
environmental
|
serial_ports
|
privileges
|
variable
|
execute
|
program
|
Trojan
|
allows
|
user's
|
trusts
|
horse
|
users
|
local
|
which
|
find
|
PATH
|
IRIX
|
gain
|
root
|
via
|
serial_ports administrative program in IRIX 4.x and 5.x trusts the user's PATH environmental variable to find and execute the ls program, which allows local users to gain root privileges via a Trojan horse ls program.
abuse.console in Red Hat 2.1 uses relative path
abuseconsole
|
pathnames
|
arbitrary
|
commands
|
relative
|
program
|
execute
|
points
|
allows
|
Trojan
|
users
|
horse
|
local
|
undrv
|
which
|
path
|
uses
|
find
|
Red
|
Hat
|
via
|
abuse.console in Red Hat 2.1 uses relative pathnames to find and execute the undrv program, which allows local users to execute arbitrary commands via a path that points to a Trojan horse program.
The recover program in Solstice Backup allows l
sensitive
|
Solstice
|
restore
|
recover
|
program
|
allows
|
Backup
|
files
|
local
|
users
|
The recover program in Solstice Backup allows local users to restore sensitive files.
document.d2w CGI program in the IBM Net.Data db
nonexistent
|
documentd2w
|
attackers
|
determine
|
physical
|
package
|
program
|
command
|
NetData
|
sending
|
server
|
allows
|
db2www
|
remote
|
path
|
CGI
|
IBM
|
web
|
document.d2w CGI program in the IBM Net.Data db2www package allows remote attackers to determine the physical path of the web server by sending a nonexistent command to the program.
The default configuration of McAfee VirusScan 4
configuration
|
"commonexe"
|
improperly
|
ImagePath
|
VirusScan
|
variable
|
program
|
default
|
search
|
allows
|
Trojan
|
McAfee
|
place
|
users
|
horse
|
quote
|
which
|
local
|
does
|
sets
|
path
|
not
|
The default configuration of McAfee VirusScan 4.5 does not quote the ImagePath variable, which improperly sets the search path and allows local users to place a Trojan horse "common.exe" program in the C:\Program Files directory.
The installation of AdCycle banner management s
web-accessible
|
installation
|
management
|
directory
|
databases
|
passwords
|
attackers
|
buildcgi
|
execute
|
AdCycle
|
program
|
banner
|
delete
|
system
|
allows
|
leaves
|
remote
|
which
|
view
|
The installation of AdCycle banner management system leaves the build.cgi program in a web-accessible directory, which allows remote attackers to execute the program and view passwords or delete databases.
AIX sysback before 4.2.1.13 uses a relative pat
sysback
|
before
|
AIX
|
AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program.
Xitami 2.5b installs the testcgi.exe program by
configuration
|
information
|
testcgiexe
|
accessing
|
directory
|
attackers
|
sensitive
|
installs
|
program
|
default
|
cgi-bin
|
server
|
allows
|
remote
|
Xitami
|
which
|
gain
|
25b
|
web
|
Xitami 2.5b installs the testcgi.exe program by default in the cgi-bin directory, which allows remote attackers to gain sensitive configuration information about the web server by accessing the program.
register.cgi in Ikonboard 2.1.7b and earlier al
registercgi
|
references
|
overwrites
|
attackers
|
Ikonboard
|
arbitrary
|
SEND_MAIL
|
parameter
|
executed
|
variable
|
internal
|
commands
|
execute
|
program
|
earlier
|
allows
|
remote
|
which
|
217b
|
via
|
register.cgi in Ikonboard 2.1.7b and earlier allows remote attackers to execute arbitrary commands via the SEND_MAIL parameter, which overwrites an internal program variable that references a program to be executed.
itetris/xitetris 1.6.2 and earlier trusts the P
itetris/xitetris
|
itetris/xitetris 1.6.2 and earlier trusts the PATH environmental variable to find and execute the gunzip program, which allows local users to gain root privileges by changing their PATH so that it points to a malicious gunzip program.
UploadServlet in Bajie HTTP JServer 0.78 allows
UploadServlet
|
JServer
|
Bajie
|
HTTP
|
UploadServlet in Bajie HTTP JServer 0.78 allows remote attackers to execute arbitrary commands by calling the servlet to upload a program, then using a ... (modified ..) to access the file that was created for the program.
Client Firewall in NCP Network Communication Se
Communication
|
Firewall
|
Network
|
Client
|
Secure
|
NCP
|
Client Firewall in NCP Network Communication Secure Client 8.11 Build 146, and possibly other versions, allows local users to bypass firewall program execution rules by replacing an allowed program with an arbitrary program.
Multiple unspecified vulnerabilities in chetcpa
vulnerabilities
|
chetcpasswd
|
unspecified
|
Multiple
|
Multiple unspecified vulnerabilities in chetcpasswd 2.4.1 allow local users to gain privileges via unspecified vectors related to executing (1) the cp program, (2) the mail program, or (3) the program specified in the post_change configuration line.
Software vulnerabilities results 1 to 20 of 429
Page:
1
2
3
4
5
...
22
►