respond software vulnerabilities
vulnerabilities.aspcode.net
Searching respond software vulnerabilities
Microsoft email clients in Outlook, Exchange, a
automatically
|
distribution
|
redirected
|
Messaging
|
Microsoft
|
responses
|
attacker
|
Exchange
|
Delivery
|
forging
|
request
|
Windows
|
Outlook
|
clients
|
Receipt
|
respond
|
system
|
large
|
could
|
which
|
email
|
flood
|
allow
|
mail
|
list
|
tags
|
Read
|
Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Receipt and Delivery Receipt tags, which could allow an attacker to flood a mail system with responses by forging a Read Receipt request that is redirected to a large distribution list.
** DISPUTED ** RunAs (runas.exe) in Windows 200
DISPUTED
|
RunAs
|
** DISPUTED ** RunAs (runas.exe) in Windows 2000 stores cleartext authentication information in memory, which could allow attackers to obtain usernames and passwords by executing a process that is allocated the same memory page after termination of a RunAs command. NOTE: the vendor disputes this issue, saying that administrative privileges are already required to exploit it, and the original researcher did not respond to requests for additional information.
Firefox before 1.0 and Mozilla before 1.7.5, wh
Mozilla
|
Firefox
|
before
|
Firefox before 1.0 and Mozilla before 1.7.5, when configured to use a proxy, respond to 407 proxy auth requests from arbitrary servers, which allows remote attackers to steal NTLM or SPNEGO credentials.
Lpanel 1.59 and earlier, and other versions bef
Lpanel
|
Lpanel 1.59 and earlier, and other versions before 1.597, allows remote authenticated users to modify certain critical variables and (1) modify DNS settings for arbitrary domains via the domain parameter to diagnose.php, (2) close, open, or respond to arbitrary support tickets via the close, open, or pid parameter to view_ticket.php, (3) obtain sensitive information on arbitrary invoices via the inv parameter to viewreceipt.php, or (4) modify domain information for arbitrary domains via the editdomain parameter to domains.php.
Behavioral discrepancy information leak in Juni
information
|
discrepancy
|
Behavioral
|
Netscreen
|
ScreenOS
|
running
|
Juniper
|
leak
|
VPN
|
Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates a response if the username is valid but does not respond when the username is invalid.
Software vulnerabilities results 1 to 6 of 6
Page:
1