Searching read software vulnerabilities

Windows NT 4.0 beta allows users to read and de

Windows | delete | allows | shares | users | beta | read |

Windows NT 4.0 beta allows users to read and delete shares.


Race condition in Linux mailx command allows lo

condition | command | allows | local | users | files | Linux | mailx | user | Race | read |

Race condition in Linux mailx command allows local users to read user files.


IIS 2.0 and 3.0 allows remote attackers to read

attackers | appending | source | allows | remote | pages | code | read | IIS | ASP |

IIS 2.0 and 3.0 allows remote attackers to read the source code for ASP pages by appending a . (dot) to the end of the URL.


NFS allows attackers to read and write any file

specifying | attackers | system | allows | false | write | read | file | UID | NFS | any |

NFS allows attackers to read and write any file on the system by specifying a false UID.


read-passwd and other Lisp functions in Emacs 2

unencrypted | read-passwd | functions | passwords | properly | recently | attacker | history | allows | which | other | Emacs | clear | typed | Lisp | read | keys | not |

read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords.


Unknown vulnerability or vulnerabilities in HP

vulnerabilities | vulnerability | OpenView | EMANATE | Unknown |

Unknown vulnerability or vulnerabilities in HP OpenView EMANATE 14.2 snmpModules allow the SNMP read-write community name to be exposed, related to (1) "'read-only' community access," and/or (2) an easily guessable community name.


Linksys WAP55AG 1.07 allows remote attackers wi

WAP55AG | Linksys |

Linksys WAP55AG 1.07 allows remote attackers with access to an SNMP read only community string to gain access to read/write communtiy strings via a query for OID 1.3.6.1.4.1.3955.2.1.13.1.2.


Cisco VACM (View-based Access Control MIB) for

Cisco | VACM |

Cisco VACM (View-based Access Control MIB) for Catalyst Operating Software (CatOS) 5.5 and 6.1 and IOS 12.0 and 12.1 allows remote attackers to read and modify device configuration via the read-write community string.


Citadel/UX 5.00 through 6.14 installs the datab

Citadel/UX |

Citadel/UX 5.00 through 6.14 installs the database directory and files with world-read permissions, which could allow local users to bypass access controls and read unauthorized messages.


Race condition in the sysfs_read_file and sysfs

sysfs_write_file | sysfs_read_file | functions | condition | kernel | before | Linux | Race |

Race condition in the sysfs_read_file and sysfs_write_file functions in Linux kernel before 2.6.10 allows local users to read kernel memory and cause a denial of service (crash) via large offsets in sysfs files.


Signedness error in the copy_from_read_buf func

copy_from_read_buf | Signedness | function | kernel | n_ttyc | error | Linux |

Signedness error in the copy_from_read_buf function in n_tty.c for Linux kernel 2.6.10 and 2.6.11rc1 allows local users to read kernel memory via a negative argument.


Directory traversal vulnerability in index.php

vulnerability | RadScripts | attackers | parameter | arbitrary | traversal | Directory | indexphp | RadBids | allows | remote | files | Gold | read | via |

Directory traversal vulnerability in index.php for RadScripts RadBids Gold 2 allows remote attackers to read arbitrary files via the read parameter.


Directory traversal vulnerability in FlatNuke 2

vulnerability | traversal | Directory | FlatNuke |

Directory traversal vulnerability in FlatNuke 2.5.6 and possibly earlier allows remote attackers to read arbtirary files via ".." sequences and "%00" (trailing null byte) characters in the id parameter to the read mod in index.php.


Directory traversal vulnerability in index.php

vulnerability | Alstrasoft | arbitrary | attackers | traversal | Directory | indexphp | earlier | remote | allows | files | Epay | read | via | Pro |

Directory traversal vulnerability in index.php in Alstrasoft Epay Pro 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the read parameter.


The XML parser in Mozilla Firefox before 1.5.0.

Mozilla | Firefox | before | parser | XML |

The XML parser in Mozilla Firefox before 1.5.0.1 and SeaMonkey before 1.0 allows remote attackers to cause a denial of service (crash) and possibly read sensitive data via unknown attack vectors that trigger an out-of-bounds read.


Directory traversal vulnerability in popup.php

vulnerability | RadScripts | attackers | arbitrary | traversal | Directory | RadLance | popupphp | remote | allows | files | Gold | read | via |

Directory traversal vulnerability in popup.php in RadScripts RadLance Gold 7.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the read parameter.


Microsoft Windows XP has weak permissions (FILE

permissions | Microsoft | Windows | weak | has |

Microsoft Windows XP has weak permissions (FILE_WRITE_DATA and FILE_READ_DATA for Everyone) for %WINDIR%\pchealth\ERRORREP\QHEADLES, which allows local users to write and read files in this folder, as demonstrated by an ASP shell that has write access by IWAM_machine and read access by IUSR_Machine.


Directory traversal vulnerability in index.php

vulnerability | attackers | Directory | traversal | SolarPay | indexphp | certain | allows | remote | files | read | via |

Directory traversal vulnerability in index.php in SolarPay allows remote attackers to read certain files via a .. (dot dot) in the read parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.


The AJP connector in Apache Tomcat 5.5.15 uses

connector | Tomcat | Apache | AJP |

The AJP connector in Apache Tomcat 5.5.15 uses an incorrect length for chunks, which can cause a buffer over-read in the ajp_process_callback in mod_jk, which allows remote attackers to read portions of sensitive memory.


The SNMP implementation in the Cisco Wireless L

implementation | Controller | Wireless | Cisco | SNMP | LAN |

The SNMP implementation in the Cisco Wireless LAN Controller (WLC) before Thursday, April 19, 2007 uses the default read-only community public, and the default read-write community private, which allows remote attackers to read and modify SNMP variables, aka Bug ID CSCse02384.


Software vulnerabilities results 1 to 20 of 1399     
Page: 12345...70