protected software vulnerabilities
vulnerabilities.aspcode.net
Searching protected software vulnerabilities
The Economist screen saver 1999 with the "Passw
Economist
|
screen
|
saver
|
The Economist screen saver 1999 with the "Password Protected" option enabled allows users with physical access to the machine to bypass the screen saver and read files by running Internet Explorer while the screen is still locked.
Macromedia "The Matrix" screen saver on Windows
protected"
|
Macromedia
|
attackers
|
"Password
|
physical
|
pressing
|
password
|
enabled
|
machine
|
Windows
|
Matrix"
|
screen
|
bypass
|
prompt
|
allows
|
option
|
access
|
saver
|
"The
|
ESC
|
Macromedia "The Matrix" screen saver on Windows 95 with the "Password protected" option enabled allows attackers with physical access to the machine to bypass the password prompt by pressing the ESC (Escape) key.
IIS 4.0 allows remote attackers to obtain the i
authentication
|
attackers
|
protected
|
internal
|
address
|
request
|
defined
|
remote
|
allows
|
obtain
|
server
|
which
|
realm
|
basic
|
HTTP
|
page
|
via
|
IIS
|
web
|
has
|
IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined.
Authentix Authentix100 allows remote attackers
authentication
|
Authentix100
|
attackers
|
Authentix
|
inserting
|
bypass
|
allows
|
remote
|
Authentix Authentix100 allows remote attackers to bypass authentication by inserting a . (dot) into the URL for a protected directory.
Crystal Reports, when displaying data for a pas
displaying
|
attackers
|
protected
|
passwords
|
cleartext
|
username
|
database
|
password
|
Reports
|
Crystal
|
allows
|
obtain
|
remote
|
embeds
|
pages
|
using
|
which
|
data
|
HTML
|
page
|
URL
|
Crystal Reports, when displaying data for a password protected database using HTML pages, embeds the username and password in cleartext in the HTML page and the URL, which allows remote attackers to obtain passwords.
AOL AOLserver 3.4.2 Win32 allows remote attacke
AOLserver
|
AOL
|
AOL AOLserver 3.4.2 Win32 allows remote attackers to bypass authentication and read password-protected files via a URL that directly references the file.
Etype Eserv 2.97 allows remote attackers to vie
Eserv
|
Etype
|
Etype Eserv 2.97 allows remote attackers to view password protected files via /./ in the URL.
Lil HTTP Server 2.1 allows remote attackers to
password-protected
|
attackers
|
request
|
remote
|
Server
|
allows
|
files
|
HTTP
|
read
|
Lil
|
via
|
Lil HTTP Server 2.1 allows remote attackers to read password-protected files via a /./ in the HTTP request.
Directory traversal vulnerability in Cobalt RAQ
password-protected
|
vulnerability
|
attackers
|
traversal
|
Directory
|
possibly
|
outside
|
Cobalt
|
allows
|
remote
|
files
|
root
|
read
|
via
|
RAQ
|
web
|
Directory traversal vulnerability in Cobalt RAQ 4 allows remote attackers to read password-protected files, and possibly files outside the web root, via a .. (dot dot) in an HTTP request.
Falcon web server 2.0.0.1021 and earlier allows
server
|
Falcon
|
web
|
Falcon web server 2.0.0.1021 and earlier allows remote attackers to bypass access restrictions for protected files via a URL whose directory portion ends in a . (dot).
Savant Web Server 3.1 and earlier allows remote
authentication
|
attackers
|
protected
|
password
|
earlier
|
folders
|
encoded
|
Server
|
Savant
|
allows
|
remote
|
bypass
|
space
|
user
|
hex
|
Web
|
via
|
URL
|
Savant Web Server 3.1 and earlier allows remote attackers to bypass authentication for password protected user folders via a URL with a hex encoded space (%20) and a '.' (%2e) at the end of the filename.
The Czech edition of Software602's Web Server b
Software602's
|
edition
|
before
|
Server
|
Czech
|
Web
|
The Czech edition of Software602's Web Server before 2002.0.02.0916 allows remote attackers to gain administrator privileges via direct HTTP requests to the /admin/ directory, which is not password protected.
The component for the Virtual DOS Machine (VDM)
component
|
Machine
|
Virtual
|
DOS
|
The component for the Virtual DOS Machine (VDM) subsystem in Windows NT 4.0 and Windows 2000 does not properly validate system structures, which allows local users to access protected kernel memory and execute arbitrary code.
Lexar Safe Guard for JumpDrive Secure 1.0 store
insecurely
|
encryption
|
protected
|
JumpDrive
|
password
|
directly
|
access
|
device
|
allows
|
stores
|
Secure
|
memory
|
users
|
drive
|
local
|
Guard
|
using
|
Lexar
|
which
|
part
|
Safe
|
read
|
XOR
|
Lexar Safe Guard for JumpDrive Secure 1.0 stores the password insecurely in memory using XOR encryption, which allows local users to read the password directly from the device and access the password protected part of the drive.
The conference menu in ActivePost Standard 3.1
password-protected
|
information
|
conference
|
ActivePost
|
connection
|
cleartext
|
attackers
|
sensitive
|
passwords
|
Standard
|
sniffing
|
network
|
remote
|
which
|
rooms
|
sends
|
allow
|
could
|
menu
|
gain
|
The conference menu in ActivePost Standard 3.1 sends passwords of password-protected rooms in cleartext, which could allow remote attackers to gain sensitive information by sniffing the network connection.
Computer Associates eTrust Antivirus EE 6.0 thr
password-protected
|
Associates
|
attackers
|
including
|
protected
|
Antivirus
|
scanning
|
password
|
Computer
|
through
|
causes
|
eTrust
|
bypass
|
remote
|
allows
|
which
|
other
|
virus
|
files
|
skip
|
file
|
scan
|
only
|
ZIP
|
Computer Associates eTrust Antivirus EE 6.0 through 7.0 allows remote attackers to bypass virus scanning by including a password-protected file in a ZIP file, which causes eTrust to scan only the password protected file and skip the other files.
Windows Media Player 9 and 10, in certain cases
Management
|
protected
|
Digital
|
content
|
Windows
|
certain
|
Rights
|
Player
|
allows
|
Media
|
cases
|
Windows Media Player 9 and 10, in certain cases, allows content protected by Windows Media Digital Rights Management (WMDRM) to redirect the user to a web site to obtain a license, even when the "Acquire licenses automatically for protected content" setting is not enabled.
VSNS Lemon 3.2.0 allows remote attackers to byp
Lemon
|
VSNS
|
VSNS Lemon 3.2.0 allows remote attackers to bypass authentication and access password-protected articles by setting the vsns[topic_id] cookie to the targeted topic.
Siemens Speedstream Wireless Router 2624 allows
Speedstream
|
Wireless
|
Siemens
|
Router
|
Siemens Speedstream Wireless Router 2624 allows local users to bypass authentication and access protected files by using the Universal Plug and Play UPnP/1.0 component.
VNC server on the AK-Systems Windows Terminal 1
AK-Systems
|
Terminal
|
Windows
|
server
|
VNC
|
VNC server on the AK-Systems Windows Terminal 1.2.5 ExVLP is not password protected, which allows remote attackers to login and view RDP or Citrix sessions.
Software vulnerabilities results 1 to 20 of 62
Page:
1
2
3
4
►