Searching same software vulnerabilities

Denial of service in SMTP applications such as

applications | Sendmail | attacker | service | remote | Denial | SMTP | such |

Denial of service in SMTP applications such as Sendmail, when a remote attacker (e.g. spammer) uses many "RCPT TO" commands in the same connection.


Vulnerability in phpWebSite before 0.7.9 relate

Vulnerability | phpWebSite | before |

Vulnerability in phpWebSite before 0.7.9 related to running multiple instances in the same domain, which may allow attackers to gain administrative privileges.


The throttle capability in Swatch may fail to r

capability | throttle | certain | report | Swatch | events | fail | may |

The throttle capability in Swatch may fail to report certain events if (1) the same type of event occurs after the throttle period, or (2) when multiple events matching the same "watchfor" expression do not occur after the throttle period, which could allow attackers to avoid detection.


Electronic Code Book (ECB) mode in VTun 2.0 thr

Electronic | Book | Code |

Electronic Code Book (ECB) mode in VTun 2.0 through 2.5 uses a weak encryption algorithm that produces the same ciphertext from the same plaintext blocks, which could allow remote attackers to gain senstive information.


Webmin 0.21 through 1.0 uses the same built-in

Webmin |

Webmin 0.21 through 1.0 uses the same built-in SSL key for all installations, which allows remote attackers to eavesdrop or highjack the SSL session.


Linux 2.4.x allows remote attackers to spoof th

Forwarding | addresses | attackers | packets | bridge | forged | target | allows | source | remote | whose | spoof | Linux | table | same | via | 24x |

Linux 2.4.x allows remote attackers to spoof the bridge Forwarding table via forged packets whose source addresses are the same as the target.


Spider Sales shopping cart stores the private k

shopping | database | private | decrypt | allows | Spider | public | stores | access | users | local | which | Sales | table | cart | same | data | key |

Spider Sales shopping cart stores the private key in the same database and table as the public key, which allows local users with access to the database to decrypt data.


MoinMoin 1.2.1 and earlier allows remote attack

MoinMoin |

MoinMoin 1.2.1 and earlier allows remote attackers to gain privileges by creating a user with the same name as an existing group that has higher privileges.


Unknown vulnerability in ecartis 0.x before 0.1

0129a+100-snap20020514-13 | 100+cvs20030911-8 | administrator | configuration | vulnerability | privileges | attackers | Unknown | ecartis | before | modify | allows | domain | same | gain |

Unknown vulnerability in ecartis 0.x before 0.129a+1.0.0-snapTuesday, May 14, 2002-1.3 and 1.x before 1.0.0+cvs.Thursday, September 11, 2003-8 allows attackers in the same domain to gain administrator privileges and modify configuration.


Xedus 1.0 allows remote attackers to cause a de

attackers | service | denial | allows | remote | Xedus | cause |

Xedus 1.0 allows remote attackers to cause a denial of service (refuse connections) by connecting multiple times from the same IP address.


BadBlue 2.5 allows remote attackers to cause a

attackers | BadBlue | service | denial | allows | remote | cause |

BadBlue 2.5 allows remote attackers to cause a denial of service (refuse HTTP connections) via a large number of connections from the same IP address.


signup_page.php in Mantis bugtracker allows rem

signup_pagephp | bugtracker | attackers | providing | creating | multiple | address | e-mail | remote | allows | Mantis | users | bombs | same | send |

signup_page.php in Mantis bugtracker allows remote attackers to send e-mail bombs by creating multiple users and providing the same e-mail address.


Free Web Chat 2.0 allows remote attackers to ca

attackers | service | remote | denial | allows | cause | Free | Chat | Web |

Free Web Chat 2.0 allows remote attackers to cause a denial of service (CPU consumption) via multiple connections from the same user.


Unknown vulnerability in the delete.asp program

vulnerability | Guestbook | deleteasp | attackers | versions | messages | Unknown | program | certain | delete | ASPjar | allows | remote |

Unknown vulnerability in the delete.asp program in certain versions of ASPjar Guestbook allows remote attackers to delete messages. NOTE: there is insufficient information to know if this is the same issue as CVE-2002-1730.


Linksys WRT54G router uses the same private key

information | certificate | connection | sensitive | attackers | private | Linksys | remote | allows | router | WRT54G | obtain | sniff | every | which | same | uses | SSL | key |

Linksys WRT54G router uses the same private key and certificate for every router, which allows remote attackers to sniff the SSL connection and obtain sensitive information.


KillProcess 2.20 and earlier allows local users

KillProcess |

KillProcess 2.20 and earlier allows local users to bypass kill list restrictions by launching multiple processes at the same time, which are not all killed by KillProcess.


By design, BEA WebLogic Server and WebLogic Exp

administrators | privileges | creating | instance | multiple | intended | WebLogic | machine | created | Express | domains | domain | access | allows | design | Server | could | allow | which | other | were | gain | same | not | BEA | any |

By design, BEA WebLogic Server and WebLogic Express 7.0 and 6.1, when creating multiple domains from the same WebLogic instance on the same machine, allows administrators of any created domain to access other created domains, which could allow administrators to gain privileges that were not intended.


Novell BorderManager 3.8 SP4 generates the same

BorderManager | generates | attackers | cookies | conduct | attacks | service | remote | allows | replay | denial | number | source | ISAKMP | Novell | during | which | same | port | day | SP4 |

Novell BorderManager 3.8 SP4 generates the same ISAKMP cookies for the same source IP and port number during the same day, which allows remote attackers to conduct denial of service and replay attacks. NOTE: this issue might be related to CVE-2006-5286.


Alias Manager in Apple Mac OS X 10.3.9 and 10.4

Manager | Apple | Alias | Mac |

Alias Manager in Apple Mac OS X 10.3.9 and 10.4.9 does not display files with the same name in mounted disk images that have the same name, which might allow user-assisted attackers to trick a user into executing malicious files.


Windows Mail in Microsoft Windows Vista might a

user-assisted | attackers | Microsoft | programs | Windows | certain | execute | remote | Vista | might | allow | link | Mail | via |

Windows Mail in Microsoft Windows Vista might allow user-assisted remote attackers to execute certain programs via a link to a (1) local file or (2) UNC share pathname in which there is a directory with the same base name as an executable program at the same level, as demonstrated using C:/windows/system32/winrm (winrm.cmd) and migwiz (migwiz.exe).


Software vulnerabilities results 1 to 20 of 246     
Page: 12345...13