scheduler software vulnerabilities
vulnerabilities.aspcode.net
Searching scheduler software vulnerabilities
The setup wizard (ie5setup.exe) for Internet Ex
wizard
|
setup
|
The setup wizard (ie5setup.exe) for Internet Explorer 5.0 disables (1) the screen saver, which could leave the system open to users with physical access if a failure occurs during an unattended installation, and (2) the Task Scheduler Service, which might prevent the scheduled execution of security-critical programs.
The Windows NT scheduler uses the drive mapping
interactive
|
privileges
|
currently
|
providing
|
scheduler
|
original
|
mapping
|
Windows
|
system
|
Trojan
|
logged
|
allows
|
place
|
batch
|
horse
|
which
|
drive
|
local
|
file
|
uses
|
gain
|
onto
|
user
|
The Windows NT scheduler uses the drive mapping of the interactive user who is currently logged onto the system, which allows the local user to gain privileges by providing a Trojan horse batch file in place of the original batch file.
Windows XP allows local users to execute arbitr
eventtriggersexe
|
Vulnerability"
|
command-line
|
Management
|
privilege
|
Scheduler
|
arbitrary
|
elevated
|
"Windows
|
programs
|
creating
|
service
|
Windows
|
execute
|
through
|
allows
|
level
|
users
|
local
|
tool
|
task
|
aka
|
Windows XP allows local users to execute arbitrary programs by creating a task at an elevated privilege level through the eventtriggers.exe command-line tool or the Task Scheduler service, aka "Windows Management Vulnerability."
Stack-based buffer overflow in the Task Schedul
Stack-based
|
Scheduler
|
overflow
|
Windows
|
buffer
|
Task
|
Stack-based buffer overflow in the Task Scheduler for Windows 2000 and XP, and Internet Explorer 6 on Windows NT 4.0, allows local or remote attackers to execute arbitrary code via a .job file containing long parameters, as demonstrated using Internet Explorer and accessing a .job file on an anonymous share.
Carbon Copy 6.0.5257 does not drop system privi
Carbon
|
Copy
|
Carbon Copy 6.0.5257 does not drop system privileges when opening external programs through the help topic interface, which allows local users to gain privileges via (1) the help topic interface in CCW32.exe, which launches Notepad, or (2) the help button in the Carbon Copy Scheduler (CCSched.exe).
The DBMS_Scheduler in Oracle 10g allows remote
DBMS_Scheduler
|
SESSION_USER
|
additional
|
privileges
|
attackers
|
changing
|
CREATE
|
allows
|
remote
|
Oracle
|
user
|
gain
|
SYS
|
10g
|
JOB
|
The DBMS_Scheduler in Oracle 10g allows remote attackers with CREATE JOB privileges to gain additional privileges by changing SESSION_USER to the SYS user.
The is_path_absolute function in scheduler/clie
scheduler/clientc
|
is_path_absolute
|
function
|
before
|
daemon
|
CUPS
|
The is_path_absolute function in scheduler/client.c for the daemon in CUPS before 1.1.23 allows remote attackers to cause a denial of service (CPU consumption by tight loop) via a "..\.." URL in an HTTP request.
Unspecified vulnerability in Database Scheduler
vulnerability
|
Unspecified
|
Scheduler
|
Database
|
Server
|
Oracle
|
10g
|
Unspecified vulnerability in Database Scheduler in Oracle Database Server 10g up to 10.1.0.3 has unknown impact and attack vectors, aka Oracle Vuln# DB08.
The GUI (nod32.exe) in NOD32 2.5 runs with SYST
GUI
|
The GUI (nod32.exe) in NOD32 2.5 runs with SYSTEM privileges when the scheduler runs a scheduled on-demand scan, which allows local users to execute arbitrary code during a scheduled scan via unspecified attack vectors.
Cross-site scripting (XSS) vulnerability in Gro
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in Groupmax World Wide Web, World Wide Web Desktop, World Wide Web for Scheduler, and Desktop for Scheduler, allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.
** DISPUTED ** The Task scheduler (at.exe) on M
scheduler
|
DISPUTED
|
Task
|
** DISPUTED ** The Task scheduler (at.exe) on Microsoft Windows XP spawns each scheduled process with SYSTEM permissions, which allows local users to gain privileges. NOTE: this issue has been disputed by third parties, who state that the Task scheduler is limited to the Administrators group by default upon installation.
p1003_1b.c in FreeBSD 6.1 allows local users to
unspecified
|
scheduler
|
p1003_1bc
|
settable
|
service
|
setting
|
FreeBSD
|
allows
|
policy
|
should
|
denial
|
local
|
cause
|
users
|
which
|
root
|
only
|
p1003_1b.c in FreeBSD 6.1 allows local users to cause an unspecified denial of service by setting a scheduler policy, which should only be settable by root.
The Scheduler Service (VxSchedService.exe) in S
Scheduler
|
Service
|
The Scheduler Service (VxSchedService.exe) in Symantec Storage Foundation for Windows 5.0 allows remote attackers to bypass authentication and execute arbitrary code via certain requests to the service socket that create (1) PreScript or (2) PostScript registry values under Veritas\VxSvc\CurrentVersion\Schedules specifying future command execution.
The process scheduler in the Linux kernel 2.6.1
scheduler
|
process
|
kernel
|
Linux
|
The process scheduler in the Linux kernel 2.6.16 gives preference to "interactive" processes that perform voluntary sleeps, which allows local users to cause a denial of service (CPU consumption), as described in "Secretly Monopolizing the CPU Without Superuser Privileges."
The process scheduler in the Linux kernel 2.4 p
scheduling
|
scheduler
|
gathered
|
sampling
|
periodic
|
performs
|
billing
|
process
|
service
|
allows
|
kernel
|
denial
|
local
|
cause
|
users
|
Linux
|
based
|
which
|
ticks
|
CPU
|
The process scheduler in the Linux kernel 2.4 performs scheduling based on CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption) by performing voluntary nanosecond sleeps that result in the process not being active during a clock interrupt, as described in "Secretly Monopolizing the CPU Without Superuser Privileges."
The ULE process scheduler in the FreeBSD kernel
"interactive"
|
preference
|
processes
|
voluntary
|
scheduler
|
service
|
perform
|
FreeBSD
|
process
|
sleeps
|
allows
|
kernel
|
denial
|
users
|
cause
|
gives
|
which
|
local
|
ULE
|
The ULE process scheduler in the FreeBSD kernel gives preference to "interactive" processes that perform voluntary sleeps, which allows local users to cause a denial of service (CPU consumption), as described in "Secretly Monopolizing the CPU Without Superuser Privileges."
The 4BSD process scheduler in the FreeBSD kerne
scheduling
|
scheduler
|
sampling
|
gathered
|
periodic
|
performs
|
billing
|
FreeBSD
|
process
|
service
|
allows
|
kernel
|
denial
|
local
|
cause
|
users
|
based
|
ticks
|
which
|
4BSD
|
CPU
|
The 4BSD process scheduler in the FreeBSD kernel performs scheduling based on CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption) by performing voluntary nanosecond sleeps that result in the process not being active during a clock interrupt, as described in "Secretly Monopolizing the CPU Without Superuser Privileges."
The process scheduler in the Sun Solaris kernel
statistics
|
scheduling
|
scheduler
|
gathered
|
sampling
|
performs
|
periodic
|
process
|
service
|
Solaris
|
billing
|
denial
|
kernel
|
allows
|
cause
|
users
|
local
|
which
|
ticks
|
based
|
does
|
make
|
kept
|
upon
|
Sun
|
not
|
CPU
|
use
|
The process scheduler in the Sun Solaris kernel does not make use of the process statistics kept by the kernel and performs scheduling based upon CPU billing gathered from periodic process sampling ticks, which allows local users to cause a denial of service (CPU consumption), as described in "Secretly Monopolizing the CPU Without Superuser Privileges."
Multiple heap-based buffer overflows in (1) cls
heap-based
|
overflows
|
Multiple
|
buffer
|
Multiple heap-based buffer overflows in (1) clsscheduler.exe (aka scheduler client) and (2) srvscheduler.exe (aka scheduler server) in BakBone NetVault Reporter 3.5 before Update4 allow remote attackers to execute arbitrary code via long filename arguments in HTTP requests.
The Groupmax Scheduler_Facilities management to
Scheduler_Facilities
|
management
|
Groupware
|
07-32-/A
|
07-00-/F
|
Groupmax
|
through
|
Hitachi
|
before
|
Server
|
tool
|
The Groupmax Scheduler_Facilities management tool in Hitachi Groupmax Groupware Server 07-00-/F through 07-32-/A before Tuesday, July 31, 2007 does not properly manage schedule server configuration data, which might allow attackers to obtain sensitive information via unspecified vectors.
Software vulnerabilities results 1 to 20 of 22
Page:
1
2
►