Searching read passwd software vulnerabilities

The permissions for a system-critical NIS+ tabl

system-critical | permissions | table | NIS+ |

The permissions for a system-critical NIS+ table (e.g. passwd) are inappropriate.


passwd in SunOS 4.1.x allows local users to ove

overwrite | arbitrary | argument | symlink | command | passwd | allows | attack | files | users | local | SunOS | line | 41x | via |

passwd in SunOS 4.1.x allows local users to overwrite arbitrary files via a symlink attack and the -F command line argument.


Solaris Solstice AdminSuite (AdminSuite) 2.1 in

AdminSuite | Solstice | Solaris |

Solaris Solstice AdminSuite (AdminSuite) 2.1 incorrectly sets write permissions on source files for NIS maps, which could allow local users to gain privileges by modifying /etc/passwd.


Buffer overflow in passwd in BSD based operatin

specifying | privileges | operating | overflow | systems | earlier | allows | Buffer | passwd | field | GECOS | shell | users | local | based | long | root | gain | BSD |

Buffer overflow in passwd in BSD based operating systems 4.3 and earlier allows local users to gain root privileges by specifying a long shell or GECOS field.


PassWD 1.2 uses weak encryption (trivial encodi

encryption | PassWD | weak | uses |

PassWD 1.2 uses weak encryption (trivial encoding) to store passwords, which allows an attacker who can read the password file to easliy decrypt the passwords.


The default PAM files included with passwd in M

passwords | security | Mandrake | included | password | intended | support | default | result | passwd | level | lower | could | Linux | files | which | than | PAM | not | MD5 |

The default PAM files included with passwd in Mandrake Linux 8.1 do not support MD5 passwords, which could result in a lower level of password security than intended.


nidump on MacOS X before 10.3 allows local user

before | nidump | MacOS |

nidump on MacOS X before 10.3 allows local users to read the encrypted passwords from the password file by specifying passwd as a command line argument.


Vulnerability in passwd for HP-UX 11.00 and 11.

Vulnerability | passwd | HP-UX |

Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service.


Unknown vulnerability in passwd for VVOS HP-UX

vulnerability | Unknown | passwd | HP-UX | VVOS |

Unknown vulnerability in passwd for VVOS HP-UX 11.04, with unknown impact, related to "Unexpected behavior."


Buffer overflow in passwd for HP UX B.10.20 all

environment | privileges | arbitrary | commands | overflow | variable | execute | allows | Buffer | passwd | B1020 | users | local | LANG | root | long | via |

Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable.


ldbm_back_exop_passwd in the back-ldbm backend

ldbm_back_exop_passwd | back-ldbm | OpenLDAP | passwdc | backend |

ldbm_back_exop_passwd in the back-ldbm backend in passwd.c for OpenLDAP 2.1.12 and earlier, when the slap_passwd_parse function does not return LDAP_SUCCESS, attempts to free an uninitialized pointer, which allows remote attackers to cause a denial of service (segmentation fault).


Unknown vulnerability in passwd(1) in Solaris 8

vulnerability | Unknown |

Unknown vulnerability in passwd(1) in Solaris 8.0 and 9.0 allows local users to gain privileges via unknown attack vectors.


Off-by-one error in passwd 0.68 and earlier, wh

Off-by-one | passwd | error |

Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks.


Memory leak in passwd 0.68 allows local users t

passwd | Memory | leak |

Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer.


Format string vulnerability in the my_xlog func

vulnerability | function | my_xlog | Server | Format | string | Proxy | libc | Oops |

Format string vulnerability in the my_xlog function in lib.c for Oops! Proxy Server 1.5.23 and earlier, as called by the auth functions in the passwd_mysql and passwd_pgsql modules, may allow attackers to execute arbitrary code via a URL.


settings.php in Reamday Enterprises Magic News

Enterprises | settingsphp | Reamday | Magic | Plus | News |

settings.php in Reamday Enterprises Magic News Plus 1.0.3 allows remote attackers to change the administrator password via a change action that specifies identical values for the passwd and admin_password parameters, then declares the new password string in the new_passwd and confirm_passwd parameters.


Buffer overflow in Change passwd 3.1 (chpasswd)

overflow | passwd | Change | Buffer |

Buffer overflow in Change passwd 3.1 (chpasswd) SquirrelMail plugin allows local users to execute arbitrary code via long command line arguments.


settings.php in Reamday Enterprises Magic Downl

Enterprises | settingsphp | Downloads | Reamday | Magic |

settings.php in Reamday Enterprises Magic Downloads 1.1.3, when register_globals is enabled, allows remote attackers to modify program behavior, potentially bypassing authentication controls, via modified (1) action, (2) passwd, (3) admin_password, (4) new_passwd, and (5) confirm_passwd variables, which are not initialized.


profile.php in Reamday Enterprises Magic News L

Enterprises | profilephp | Reamday | Magic | Lite | News |

profile.php in Reamday Enterprises Magic News Lite 1.2.3, when register_globals is enabled, allows remote attackers to modify program behavior, potentially bypassing authentication controls, via modified (1) action, (2) passwd, (3) admin_password, (4) new_passwd, and (5) confirm_passwd variables, which are not initialized.


SQL injection vulnerability in the login compon

vulnerability | Portix-PHP | component | injection | login | SQL |

SQL injection vulnerability in the login component in Portix-PHP 0.4.2 allows remote attackers to execute arbitrary SQL commands via the username and passwd (password) fields.


Software vulnerabilities results 1 to 20 of 1448     
Page: 12345...73