responds software vulnerabilities
vulnerabilities.aspcode.net
Searching responds software vulnerabilities
Quake 1 server responds to an initial UDP game
connection
|
attackers
|
amplifier
|
spoofing
|
responds
|
traffic
|
"Smurf"
|
request
|
another
|
initial
|
remote
|
server
|
allows
|
attack
|
amount
|
style
|
large
|
which
|
Quake
|
host
|
game
|
use
|
UDP
|
Quake 1 server responds to an initial UDP game connection request with a large amount of traffic, which allows remote attackers to use the server as an amplifier in a "Smurf" style attack on another host, by spoofing the connection request.
Small HTTP Server 2.01 allows remote attackers
Server
|
Small
|
HTTP
|
Small HTTP Server 2.01 allows remote attackers to cause a denial of service by connecting to the server and sending out multiple GET, HEAD, or POST requests and closing the connection before the server responds to the requests.
The DNS server for Cisco Content Service Switch
Service
|
Content
|
Switch
|
server
|
Cisco
|
DNS
|
The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or "Name Error") instead of response code 0 ("No Error"), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server.
ProFTPD 1.2.x, including 1.2.8 and 1.2.10, resp
including
|
ProFTPD
|
12x
|
ProFTPD 1.2.x, including 1.2.8 and 1.2.10, responds in a different amount of time when a given username exists, which allows remote attackers to identify valid usernames by timing the server response.
The default configuration of BEA WebLogic Serve
configuration
|
information
|
cross-site
|
attackers
|
responds
|
WebLogic
|
request
|
tracing
|
default
|
through
|
earlier
|
Express
|
remote
|
Server
|
using
|
allow
|
which
|
TRACE
|
steal
|
SP13
|
HTTP
|
SP2
|
BEA
|
SP6
|
SP4
|
can
|
The default configuration of BEA WebLogic Server and Express 8.1 SP2 and earlier, 7.0 SP4 and earlier, 6.1 through SP6, and 5.1 through SP13 responds to the HTTP TRACE request, which can allow remote attackers to steal information using cross-site tracing (XST) attacks in applications that are vulnerable to cross-site scripting.
Microsoft Outlook Express 6.0 leaks the default
conversation
|
information
|
"watched"
|
sensitive
|
attackers
|
Microsoft
|
responds
|
default
|
Express
|
Outlook
|
account
|
remote
|
obtain
|
thread
|
server
|
leaks
|
which
|
allow
|
could
|
news
|
user
|
Microsoft Outlook Express 6.0 leaks the default news server account when a user responds to a "watched" conversation thread, which could allow remote attackers to obtain sensitive information.
pam_ldap in nss_ldap on Red Hat Enterprise Linu
PasswordPolicyResponse
|
pam_authenticate
|
authentication
|
distributions
|
xscreensaver
|
originally
|
Enterprise
|
condition
|
directory
|
responds
|
function
|
response
|
nss_ldap
|
possibly
|
pam_ldap
|
reported
|
control
|
success
|
earlier
|
causes
|
return
|
failed
|
Fedora
|
server
|
Linux
|
other
|
error
|
which
|
even
|
does
|
LDAP
|
Core
|
code
|
Hat
|
Red
|
has
|
not
|
pam_ldap in nss_ldap on Red Hat Enterprise Linux 4, Fedora Core 3 and earlier, and possibly other distributions does not return an error condition when an LDAP directory server responds with a PasswordPolicyResponse control response, which causes the pam_authenticate function to return a success code even if authentication has failed, as originally reported for xscreensaver.
Software vulnerabilities results 1 to 8 of 8
Page:
1