redirect software vulnerabilities
vulnerabilities.aspcode.net
Searching redirect software vulnerabilities
Windows 95, 98, and NT 4.0 allow remote attacke
attackers
|
spoofing
|
messages
|
redirect
|
service
|
Windows
|
routing
|
router
|
causes
|
change
|
denial
|
remote
|
tables
|
cause
|
allow
|
which
|
ICMP
|
its
|
Windows 95, 98, and NT 4.0 allow remote attackers to cause a denial of service by spoofing ICMP redirect messages from a router, which causes Windows to change its routing tables.
Nachuatec D435 and D445 printer allows remote a
attackers
|
Nachuatec
|
redirect
|
service
|
printer
|
denial
|
allows
|
remote
|
storm
|
cause
|
D445
|
D435
|
ICMP
|
via
|
Nachuatec D435 and D445 printer allows remote attackers to cause a denial of service via ICMP redirect storm.
The SSH protocol server sshd allows local users
authentication
|
connection
|
redirect
|
standard
|
database
|
password
|
protocol
|
through
|
service
|
without
|
allows
|
server
|
access
|
system
|
users
|
local
|
shell
|
such
|
uses
|
sshd
|
POP
|
FTP
|
SSH
|
TCP
|
The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP.
SSH before 2.0 disables host key checking when
connections
|
connecting
|
localhost
|
attackers
|
poisoning
|
silently
|
disables
|
client's
|
checking
|
redirect
|
remote
|
before
|
allows
|
cache
|
which
|
host
|
key
|
DNS
|
SSH
|
SSH before 2.0 disables host key checking when connecting to the localhost, which allows remote attackers to silently redirect connections to the localhost by poisoning the client's DNS cache.
Etype Eserv 2.97 allows remote attackers to red
Eserv
|
Etype
|
Etype Eserv 2.97 allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command.
Novell iChain 2.2 before Support Pack 1 does no
accelerator
|
malicious
|
attackers
|
redirects
|
redirect
|
properly
|
Support
|
iChain
|
allows
|
Novell
|
verify
|
before
|
sites
|
which
|
match
|
URLs
|
does
|
Pack
|
name
|
web
|
DNS
|
URL
|
not
|
Novell iChain 2.2 before Support Pack 1 does not properly verify that URL redirects match the DNS name of an accelerator, which allows attackers to redirect URLs to malicious web sites.
mod_cgid in Apache before 2.0.48, when using a
mod_cgid
|
before
|
Apache
|
mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client.
Buffer overflow in Microsoft Internet Informati
Information
|
Microsoft
|
Internet
|
overflow
|
Server
|
Buffer
|
Buffer overflow in Microsoft Internet Information Server (IIS) 4.0 allows local users to execute arbitrary code via the redirect function.
Mozilla before 1.7, Firefox before 0.9, and Thu
Thunderbird
|
attackers
|
sequences
|
encrypted
|
redirect
|
security
|
certain
|
Firefox
|
Mozilla
|
before
|
appear
|
remote
|
makes
|
allow
|
spoof
|
page
|
lock
|
icon
|
use
|
web
|
Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote attackers to use certain redirect sequences to spoof the security lock icon that makes a web page appear to be encrypted.
Multiple cross-site scripting (XSS) vulnerabili
cross-site
|
scripting
|
Multiple
|
Multiple cross-site scripting (XSS) vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) redirect parameter to member.php, (2) to parameter to myhome.php (3) TID parameter to post.php, or (4) redirect parameter to index.php.
Opera Browser 7.23, and other versions before 7
Browser
|
Opera
|
Opera Browser 7.23, and other versions before 7.50, updates the address bar as soon as the user clicks a link, which allows remote attackers to redirect to other sites via the onUnload attribute.
Microsoft Outlook Web Access (OWA), when used w
Microsoft
|
Outlook
|
Access
|
Web
|
Microsoft Outlook Web Access (OWA), when used with Exchange, allows remote attackers to redirect users to arbitrary URLs for login via a link to the owalogon.asp application.
The xvesa code in Novell Netware 6.5 SP2 and SP
GUIMirror/Start
|
authentication
|
attackers
|
redirect
|
xsession
|
Netware
|
without
|
request
|
allows
|
direct
|
remote
|
Novell
|
xvesa
|
code
|
SP2
|
SP3
|
via
|
The xvesa code in Novell Netware 6.5 SP2 and SP3 allows remote attackers to redirect the xsession without authentication via a direct request to GUIMirror/Start.
SqWebMail allows remote attackers to inject arb
parameter
|
arbitrary
|
sequences
|
attackers
|
SqWebMail
|
redirect
|
followed
|
desired
|
inject
|
remote
|
allows
|
script
|
HTML
|
CRLF
|
web
|
via
|
SqWebMail allows remote attackers to inject arbitrary web script or HTML via CRLF sequences in the redirect parameter followed by the desired script or HTML.
The XMLHttpRequest object in Opera 8.0 Final Bu
XMLHttpRequest
|
object
|
Build
|
Final
|
Opera
|
The XMLHttpRequest object in Opera 8.0 Final Build 1095 allows remote attackers to bypass access restrictions and perform unauthorized actions on other domains via a redirect.
mt-comments.cgi in Movable Type before 3.2 allo
mt-commentscgi
|
attackers
|
redirect
|
comments
|
Movable
|
before
|
allows
|
sites
|
other
|
users
|
URLs
|
Type
|
web
|
via
|
mt-comments.cgi in Movable Type before 3.2 allows attackers to redirect users to other web sites via URLs in comments.
jumpto.php in Moodle 1.5.2 allows remote attack
jumptophp
|
Moodle
|
jumpto.php in Moodle 1.5.2 allows remote attackers to redirect users to other sites via the jump parameter.
The FTP server in the NEC MultiWriter 1700C all
MultiWriter
|
attackers
|
redirect
|
traffic
|
remote
|
allows
|
server
|
other
|
1700C
|
sites
|
NEC
|
FTP
|
The FTP server in the NEC MultiWriter 1700C allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command, a variant of CVE-1999-0017.
Portal Search allows remote attackers to redire
attackers
|
arbitrary
|
top-level
|
redirect
|
placing
|
Portal
|
string
|
Search
|
allows
|
remote
|
query
|
site
|
URI
|
URL
|
web
|
Portal Search allows remote attackers to redirect a URL to an arbitrary web site by placing the URL in the query string to the top-level URI.
InoutMailingListManager 3.1 and earlier sends a
InoutMailingListManager
|
functionality
|
authorization
|
restricted
|
arbitrary
|
attackers
|
redirect
|
Location
|
ignoring
|
certain
|
execute
|
earlier
|
allows
|
remote
|
header
|
upload
|
access
|
after
|
sends
|
check
|
which
|
fails
|
code
|
does
|
exit
|
PHP
|
not
|
but
|
InoutMailingListManager 3.1 and earlier sends a Location redirect header but does not exit after an authorization check fails, which allows remote attackers to access certain restricted functionality, and upload and execute arbitrary PHP code, by ignoring the redirect.
Software vulnerabilities results 1 to 20 of 77
Page:
1
2
3
4
►