runs software vulnerabilities
vulnerabilities.aspcode.net
Searching runs software vulnerabilities
Oracle Webserver 2.1 and earlier runs setuid ro
configuration
|
privileges
|
Webserver
|
modifying
|
arbitrary
|
attacker
|
obtains
|
earlier
|
account
|
remote
|
modify
|
access
|
allows
|
setuid
|
Oracle
|
files
|
owned
|
local
|
which
|
runs
|
root
|
file
|
gain
|
any
|
but
|
Oracle Webserver 2.1 and earlier runs setuid root, but the configuration file is owned by the oracle account, which allows any local or remote attacker who obtains access to the oracle account to gain privileges or modify arbitrary files by modifying the configuration file.
snap command in AIX before 4.3.2 creates the /t
command
|
before
|
snap
|
AIX
|
snap command in AIX before 4.3.2 creates the /tmp/ibmsupt directory with world-readable permissions and does not remove or clear the directory when snap -a is executed, which could allow local users to access the shadowed password file by creating /tmp/ibmsupt/general/passwd before root runs snap -a.
Identix BioLogon 3 allows users with physical a
administrative
|
CTRL-ALT-DEL
|
privileges
|
BioLogon
|
function
|
"Browse"
|
Explorer
|
physical
|
running
|
Identix
|
system
|
access
|
allows
|
which
|
users
|
using
|
runs
|
gain
|
Identix BioLogon 3 allows users with physical access to the system to gain administrative privileges by using CTRL-ALT-DEL and running a "Browse" function, which runs Explorer with SYSTEM privileges.
A regression error in the Debian distributions
distributions
|
apache-ssl
|
regression
|
package
|
Debian
|
error
|
A regression error in the Debian distributions of the apache-ssl package (before 1.3.9 on Debian 2.2, and before 1.3.26 on Debian 3.0), for Apache 1.3.27 and earlier, allows local users to read or modify the Apache password file via a symlink attack on temporary files when the administrator runs (1) htpasswd or (2) htdigest, a re-introduction of a vulnerability that was originally identified and addressed by CVE-2001-0131.
The Cisco Media Gateway Controller (MGC) in (1)
Controller
|
Gateway
|
Cisco
|
Media
|
The Cisco Media Gateway Controller (MGC) in (1) SC2200 7.4 and earlier, (2) VSC3000 9.1 and earlier, (3) PGW 2200 9.1 and earlier, (4) Billing and Management Server (BAMS) and (5) Voice Services Provisioning Tool (VSPT) runs on default installations of Solaris 2.6 with unnecessary services and without the latest security patches, which allows attackers to exploit known vulnerabilities.
Microsoft Internet Explorer allows remote attac
restrictions
|
application
|
attackers
|
Microsoft
|
"%2e%2e"
|
intended
|
Explorer
|
Internet
|
allows
|
access
|
remote
|
bypass
|
cookie
|
via
|
web
|
Microsoft Internet Explorer allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Internet Explorer to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.
Apple Safari allows remote attackers to bypass
restrictions
|
application
|
attackers
|
intended
|
"%2e%2e"
|
access
|
allows
|
Safari
|
bypass
|
remote
|
cookie
|
Apple
|
via
|
web
|
Apple Safari allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Safari to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.
Konqueror in KDE 3.1.3 and earlier (kdelibs) al
Konqueror
|
KDE
|
Konqueror in KDE 3.1.3 and earlier (kdelibs) allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Konqueror to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.
Opera allows remote attackers to bypass intende
restrictions
|
application
|
attackers
|
intended
|
"%2e%2e"
|
access
|
cookie
|
allows
|
remote
|
bypass
|
Opera
|
via
|
web
|
Opera allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Opera to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.
Mozilla allows remote attackers to bypass inten
restrictions
|
application
|
attackers
|
intended
|
"%2e%2e"
|
Mozilla
|
access
|
allows
|
remote
|
cookie
|
bypass
|
via
|
web
|
Mozilla allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application.
Certain Perl scripts in Konversation 0.15 allow
Konversation
|
scripts
|
Certain
|
Perl
|
Certain Perl scripts in Konversation 0.15 allow remote attackers to execute arbitrary commands via shell metacharacters in (1) channel names or (2) song names that are not properly quoted when the user runs IRC sripts.
Firefox before 1.0.5, Thunderbird before 1.0.5,
Firefox
|
before
|
Firefox before 1.0.5, Thunderbird before 1.0.5, Mozilla before 1.7.9, Netscape 8.0.2, and K-Meleon 0.9 runs XBL scripts even when Javascript has been disabled, which makes it easier for remote attackers to bypass such protection.
** SPLIT ** The jlucaller program in LiveUpdate
LiveUpdate
|
AntiVirus
|
jlucaller
|
Symantec
|
program
|
Norton
|
SPLIT
|
** SPLIT ** The jlucaller program in LiveUpdate for Symantec Norton AntiVirus 9.0.3 on Macintosh runs setuid when executing Java programs, which allows local users to gain privileges. NOTE: due to a CNA error, this candidate was also originally assigned to an issue in DiskMountNotify. Use CVE-2005-3270 for the DiskMountNotify issue, and CVE-2005-2759 for the LiveUpdate issue.
yiff server (yiff-server) 2.14.2 on Debian GNU/
server
|
yiff
|
yiff server (yiff-server) 2.14.2 on Debian GNU/Linux runs as root and does not properly verify ownership of files that it opens, which allows local users to read arbitrary files.
Unspecified vulnerability in Solaris 8 and 9 al
Distinguished
|
vulnerability
|
Unspecified
|
Directory
|
Solaris
|
Server
|
obtain
|
allows
|
local
|
users
|
Name
|
LDAP
|
root
|
Unspecified vulnerability in Solaris 8 and 9 allows local users to obtain the LDAP Directory Server root Distinguished Name (rootDN) password when a privileged user (1) runs idsconfig; or "insecurely" runs LDAP2 commands with the -w option, including (2) ldapadd, (3) ldapdelete, (4) ldapmodify, (5) ldapmodrdn, and (6) ldapsearch.
Software vulnerabilities results 1 to 16 of 16
Page:
1