response software vulnerabilities
vulnerabilities.aspcode.net
Searching response software vulnerabilities
Buffer overflow in host command allows a remote
arbitrary
|
attacker
|
commands
|
response
|
overflow
|
execute
|
command
|
Buffer
|
remote
|
allows
|
query
|
AXFR
|
host
|
long
|
via
|
Buffer overflow in host command allows a remote attacker to execute arbitrary commands via a long response to an AXFR query.
Buffer overflow in read_smtp_response of protoc
read_smtp_response
|
protocolc
|
libesmtp
|
overflow
|
before
|
Buffer
|
Buffer overflow in read_smtp_response of protocol.c in libesmtp before 0.8.11 allows a remote SMTP server to (1) execute arbitrary code via a certain response or (2) cause a denial of service via long server responses.
IPFilter 3.1.1 through 3.4.28 allows remote att
IPFilter
|
IPFilter 3.1.1 through 3.4.28 allows remote attckers to bypass firewall rules by sending a PASV command string as the argument of another command to an FTP server, which generates a response that contains the string, causing IPFilter to treat the response as if it were a legitimate PASV command from the server.
Buffer overflow in Trillian 0.73 allows remote
Trillian
|
overflow
|
Buffer
|
Buffer overflow in Trillian 0.73 allows remote IRC servers to execute arbitrary code via a long PING response.
Buffer overflow in LeapFTP 2.7.3.600 allows rem
overflow
|
LeapFTP
|
Buffer
|
Buffer overflow in LeapFTP 2.7.3.600 allows remote FTP servers to execute arbitrary code via a long IP address response to a PASV request.
Multiple heap-based buffer overflows in FTP Des
heap-based
|
overflows
|
malicious
|
arbitrary
|
Multiple
|
possibly
|
versions
|
execute
|
servers
|
Desktop
|
earlier
|
buffer
|
client
|
remote
|
allow
|
code
|
via
|
FTP
|
Multiple heap-based buffer overflows in FTP Desktop client 3.5, and possibly earlier versions, allow remote malicious servers to execute arbitrary code via (1) a long FTP banner, (2) a long response to a USER copmmand, or (3) a long response to a PASS command.
mod_digest for Apache before 1.3.31 does not pr
mod_digest
|
before
|
Apache
|
mod_digest for Apache before 1.3.31 does not properly verify the nonce of a client response by using a AuthNonce secret.
Buffer overflow in CuteFTP 5.0 allows remote at
arbitrary
|
attackers
|
response
|
overflow
|
command
|
execute
|
CuteFTP
|
Buffer
|
remote
|
allows
|
LIST
|
code
|
long
|
via
|
Buffer overflow in CuteFTP 5.0 allows remote attackers to execute arbitrary code via a long response to a LIST command.
Multiple buffer overflows in SmartFTP 1.0.973,
overflows
|
SmartFTP
|
Multiple
|
buffer
|
Multiple buffer overflows in SmartFTP 1.0.973, and other versions before 1.0.976, allow remote attackers to execute arbitrary code via (1) a long response to a PWD command, which triggers a stack-based overflow, and (2) a long line in a response to a file LIST command, which triggers a heap-based overflow.
SalesLogix 6.1 includes usernames, passwords, a
information
|
SalesLogix
|
attackers
|
sensitive
|
usernames
|
passwords
|
response
|
includes
|
headers
|
remote
|
access
|
other
|
allow
|
which
|
could
|
gain
|
HTTP
|
SalesLogix 6.1 includes usernames, passwords, and other sensitive information in the headers of an HTTP response, which could allow remote attackers to gain access.
Off-by-one error in Halo Combat Evolved 1.04 an
Off-by-one
|
Evolved
|
Combat
|
error
|
Halo
|
Off-by-one error in Halo Combat Evolved 1.04 and earlier allows remote attackers to cause a denial of service (server crash) via a long client response.
CRLF injection vulnerability in Ideal Science I
vulnerability
|
injection
|
Science
|
IdealBB
|
Ideal
|
CRLF
|
CRLF injection vulnerability in Ideal Science IdealBB 1.4.9 through 1.5.3 allows remote attackers to conduct HTTP response splitting attacks via unknown vectors.
Squid 2.5 up to 2.5.STABLE7 allows remote attac
splitting
|
attackers
|
25STABLE7
|
response
|
attack
|
poison
|
allows
|
remote
|
cache
|
Squid
|
HTTP
|
via
|
Squid 2.5 up to 2.5.STABLE7 allows remote attackers to poison the cache via an HTTP response splitting attack.
Cisco VPN 3000 Concentrator before 4.1.7.F allo
Cisco
|
VPN
|
Cisco VPN 3000 Concentrator before 4.1.7.F allows remote attackers to determine valid groupnames by sending an IKE Aggressive Mode packet with the groupname in the ID field, which generates a response if the groupname is valid, but does not generate a response for an invalid groupname.
Multiple heap-based buffer overflows in TurboFT
heap-based
|
overflows
|
TurboFTP
|
Multiple
|
buffer
|
Multiple heap-based buffer overflows in TurboFTP 5.30 Build 572 allow remote servers to cause a denial of service via (1) long filename in a response to a LIST command, and (2) a long response to a CWD command.
The LLTD Responder in Microsoft Windows Vista d
network-based
|
arbitrary
|
DISCOVERY
|
attackers
|
condition
|
Responder
|
Microsoft
|
response
|
spoofed
|
another
|
Windows
|
"Total
|
remote
|
allows
|
packet
|
Mapper
|
Spoof"
|
attack
|
hosts
|
Vista
|
spoof
|
first
|
which
|
LLTD
|
race
|
sent
|
host
|
send
|
does
|
via
|
has
|
not
|
aka
|
The LLTD Responder in Microsoft Windows Vista does not send the Mapper a response to a DISCOVERY packet if another host has sent a spoofed response first, which allows remote attackers to spoof arbitrary hosts via a network-based race condition, aka the "Total Spoof" attack.
The handle_response function in chan_sip.c in A
handle_response
|
chan_sipc
|
Asterisk
|
function
|
before
|
The handle_response function in chan_sip.c in Asterisk before 1.2.17 and 1.4.x before 1.4.2 allows remote attackers to cause a denial of service (crash) via a SIP Response code 0 in a SIP packet.
The Visionsoft Audit on Demand Service (VSAOD)
Visionsoft
|
Service
|
Demand
|
Audit
|
The Visionsoft Audit on Demand Service (VSAOD) in Visionsoft Audit 12.4.0.0 allows remote attackers to obtain sensitive information via (1) a LOG.ON command, which reveals the logging pathname in the server response; (2) a VER command, which reveals the version number in the server response; and (3) a connection, which reveals the version number in the banner.
Polipo before 1.0.2 allows remote HTTP servers
before
|
Polipo
|
Polipo before 1.0.2 allows remote HTTP servers to cause a denial of service (daemon crash) by aborting the response to a POST request.
X-Diesel Unreal Commander 0.92 build 565 and 57
Commander
|
X-Diesel
|
Unreal
|
X-Diesel Unreal Commander 0.92 build 565 and 573 does not properly react to an FTP server's behavior after sending a "CWD /" command, which allows remote FTP servers to cause a denial of service (infinite loop) by (1) repeatedly sending a 550 error response, or (2) sending a 550 error response and then disconnecting.
Software vulnerabilities results 1 to 20 of 234
Page:
1
2
3
4
5
...
12
►