rules software vulnerabilities
vulnerabilities.aspcode.net
Searching rules software vulnerabilities
IPChains in Linux kernels 2.2.10 and earlier do
IPChains
|
kernels
|
Linux
|
IPChains in Linux kernels 2.2.10 and earlier does not reassemble IP fragments before checking the header information, which allows a remote attacker to bypass the filtering rules using several fragments with 0 offsets.
McAfee WebShield SMTP 4.5 allows remote attacke
characters
|
attachment
|
including
|
attackers
|
WebShield
|
filtering
|
Extended
|
content
|
remote
|
allows
|
McAfee
|
bypass
|
email
|
ASCII
|
rules
|
name
|
SMTP
|
McAfee WebShield SMTP 4.5 allows remote attackers to bypass email content filtering rules by including Extended ASCII characters in name of the attachment.
Watchguard SOHO firewall 5.0.35 unpredictably d
Watchguard
|
firewall
|
SOHO
|
Watchguard SOHO firewall 5.0.35 unpredictably disables certain IP restrictions for customized services that were set before the administrator upgrades to 5.0.35, which could allow remote attackers to bypass the intended access control rules.
DansGuardian before 2.4.5-1 allows remote attac
DansGuardian
|
hex-encoded
|
attackers
|
filtering
|
content
|
bypass
|
before
|
allows
|
remote
|
rules
|
245-1
|
URLs
|
via
|
DansGuardian before 2.4.5-1 allows remote attackers to bypass content filtering rules via hex-encoded URLs.
The SMTP service in Microsoft Internet Informat
Information
|
Microsoft
|
Services
|
Internet
|
service
|
SMTP
|
The SMTP service in Microsoft Internet Information Services (IIS) 4.0 and 5.0 allows remote attackers to bypass anti-relaying rules and send spam or spoofed messages via encapsulated SMTP addresses, a similar vulnerability to CVE-1999-0682.
The iptables ruleset in Gnome-lokkit in Red Hat
Gnome-lokkit
|
restrictions
|
forwarding
|
attackers
|
intended
|
iptables
|
FORWARD
|
enabled
|
include
|
ruleset
|
bypass
|
access
|
packet
|
allow
|
Linux
|
chain
|
rules
|
could
|
which
|
does
|
Red
|
any
|
Hat
|
not
|
The iptables ruleset in Gnome-lokkit in Red Hat Linux 8.0 does not include any rules in the FORWARD chain, which could allow attackers to bypass intended access restrictions if packet forwarding is enabled.
The WebCache component in Oracle Files 9.0.3.1.
component
|
WebCache
|
Oracle
|
Files
|
The WebCache component in Oracle Files 9.0.3.1.0, 9.0.3.2.0, and 9.0.3.3.0 of Oracle Collaboration Suite Release 1 caches files despite the cacheability rules imposed by Oracle Files, which allows local users to gain access.
Unknown vulnerability in Webmin 1.140 allows re
vulnerability
|
Unknown
|
Webmin
|
Unknown vulnerability in Webmin 1.140 allows remote attackers to bypass access control rules and gain read access to configuration information for a module.
Sygate Enforcer 3.5MR1 and earlier passes broad
authentication
|
broadcast
|
attackers
|
filtering
|
Enforcer
|
traffic
|
earlier
|
remote
|
bypass
|
Sygate
|
before
|
passes
|
35MR1
|
rules
|
which
|
allow
|
could
|
Sygate Enforcer 3.5MR1 and earlier passes broadcast traffic before authentication, which could allow remote attackers to bypass filtering rules.
distcc before 2.16, when running on 64-bit plat
before
|
distcc
|
distcc before 2.16, when running on 64-bit platforms, does not interpret IP-based access control rules correctly, which could allow remote attackers to bypass intended restrictions.
Integer underflow in the firewall logging rules
underflow
|
firewall
|
iptables
|
logging
|
Integer
|
before
|
Linux
|
rules
|
Integer underflow in the firewall logging rules for iptables in Linux before 2.6.8 allows remote attackers to cause a denial of service (application crash) via a malformed IP packet.
Iptables before 1.2.11, under certain condition
Iptables
|
before
|
Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers.
OpenBSD 3.3 and 3.4 does not properly parse Acc
restrictions
|
big-endian
|
attackers
|
platforms
|
netmasks
|
properly
|
without
|
OpenBSD
|
SPARC64
|
bypass
|
access
|
remote
|
Accept
|
64-bit
|
allow
|
parse
|
rules
|
which
|
such
|
does
|
Deny
|
not
|
may
|
OpenBSD 3.3 and 3.4 does not properly parse Accept and Deny rules without netmasks on big-endian 64-bit platforms such as SPARC64, which may allow remote attackers to bypass access restrictions.
ACLCHECK module in Novell iChain 2.3 allows att
represented
|
unspecified
|
involving
|
component
|
encoding"
|
"overlong
|
sequences
|
attackers
|
ACLCHECK
|
contains
|
control
|
escape
|
string
|
Novell
|
module
|
iChain
|
access
|
bypass
|
attack
|
allows
|
vector
|
UTF-8
|
rules
|
via
|
ACLCHECK module in Novell iChain 2.3 allows attackers to bypass access control rules of an unspecified component via an unspecified attack vector involving a string that contains escape sequences represented with "overlong UTF-8 encoding."
The netfilter/iptables module in Linux before 2
netfilter/iptables
|
before
|
module
|
Linux
|
The netfilter/iptables module in Linux before 2.6.8.1 allows remote attackers to cause a denial of service (kernel crash) or bypass firewall rules via crafted packets, which are not properly handled by the skb_checksum_help function.
Unknown vulnerability in Kerio Personal Firewal
vulnerability
|
Personal
|
Firewall
|
Unknown
|
Kerio
|
Unknown vulnerability in Kerio Personal Firewall 4.1.2 and earlier allows local users to bypass firewall rules via a malicious process that impersonates a legitimate process that has fewer restrictions.
The Server Admin tool in servermgr_ipfilter for
servermgr_ipfilter
|
Server
|
Admin
|
tool
|
Mac
|
The Server Admin tool in servermgr_ipfilter for Mac OS X 10.4 to 10.4.2, when using multiple subnets and Address Groups, does not always properly write firewall rules to the Active Rules when certain conditions occur, which could result in firewall policies that are less restrictive than intended by the administrator.
The HTTP proxy in Astaro Security Linux 6.0 doe
attackers
|
localhost
|
requests
|
properly
|
firewall
|
services
|
Security
|
CONNECT
|
allows
|
bypass
|
Astaro
|
remote
|
filter
|
rules
|
proxy
|
local
|
Linux
|
which
|
does
|
HTTP
|
not
|
The HTTP proxy in Astaro Security Linux 6.0 does not properly filter HTTP CONNECT requests to localhost, which allows remote attackers to bypass firewall rules and connect to local services.
Mail.app in Mail for Apple Mac OS X 10.3.9 and
Mailapp
|
Apple
|
Mail
|
Mac
|
Mail.app in Mail for Apple Mac OS X 10.3.9 and 10.4.2 includes message contents when using auto-reply rules, which could cause Mail.app to include decrypted message contents for encrypted messages.
phpMyAdmin before 2.9.1.1 allows remote attacke
phpMyAdmin
|
before
|
phpMyAdmin before 2.9.1.1 allows remote attackers to bypass Allow/Deny access rules that use IP addresses via false headers.
Software vulnerabilities results 1 to 20 of 64
Page:
1
2
3
4
►