secure software vulnerabilities

Searching secure software vulnerabilities

HP Secure Web Console uses weak encryption.

HP Secure Web Console uses weak encryption.

SSH Secure Shell for Servers and SSH Secure She

SSH Secure Shell for Servers and SSH Secure Shell for Workstations 2.0.13 through 3.2.1, when running without a PTY, does not call setsid to remove the child process from the process group of the parent process, which allows attackers to gain certain privileges.

SSH Secure Shell for Servers 3.0.0 to 3.1.1 all

Servers | Secure | Shell | SSH |

SSH Secure Shell for Servers 3.0.0 to 3.1.1 allows remote attackers to override the AllowedAuthentications configuration and use less secure authentication schemes (e.g. password) than configured for the server.

Unknown vulnerability in Apache 1.3.19 running

vulnerability | Unknown | Apache |

Unknown vulnerability in Apache 1.3.19 running on HP Secure OS for Linux 1.0 allows remote attackers to cause "unexpected results" via an HTTP request.

Unknown vulnerability in Novell iChain 2.2 befo

Unknown vulnerability in Novell iChain 2.2 before Support Pack 1 allows users to access restricted or secure pages without authentication.

SSH Secure Shell before 3.2.9 allows remote att

before | Secure | Shell | SSH |

SSH Secure Shell before 3.2.9 allows remote attackers to cause a denial of service via malformed BER/DER packets.

The Content Scanner Server in F-Secure Anti-Vir

The Content Scanner Server in F-Secure Anti-Virus for Microsoft Exchange 6.21 and earlier, F-Secure Anti-Virus for Microsoft Exchange 6.01 and earlier, and F-Secure Internet Gatekeeper 6.32 and earlier allow remote attackers to cause a denial of service (service crash due to unhandled exception) via a certain malformed packet.

Unknown vulnerability in F-Secure Anti-Virus (F

vulnerability | Anti-Virus | F-Secure | Unknown |

Unknown vulnerability in F-Secure Anti-Virus (FSAV) 4.52 for Linux before Hotfix 3 allows the Sober.D worm to bypass FASV.

The Solaris 9 patches 113579-02 through 113579-

The Solaris 9 patches 113579-02 through 113579-05, and 114342-02 through 114342-05, prevent ypserv and ypxfrd from properly restricting access to secure NIS maps, which allows local users to use ypcat or ypmatch to extract the contents of a secure map such as passwd.adjunct.byname.

Bodington 2.1.0 RC1 and earlier does not secure

Bodington |

Bodington 2.1.0 RC1 and earlier does not secure the file upload area, which allows remote attackers to read uploaded files.

Buffer overflow in multiple F-Secure Anti-Virus

Buffer overflow in multiple F-Secure Anti-Virus products, including F-Secure Anti-Virus 5.42 and earlier, allows remote attackers to bypass scanning or cause a denial of service (crash or module restart), depending on the product, via a malformed LHA archive.

Firefox before 1.0 and Mozilla before 1.7.5 dis

Mozilla | Firefox | before |

Firefox before 1.0 and Mozilla before 1.7.5 display the secure site lock icon when a view-source: URL references a secure SSL site while an insecure page is being loaded, which could facilitate phishing attacks.

The secure script in LogWatch before 2.6-2 allo

The secure script in LogWatch before 2.6-2 allows attackers to prevent LogWatch from detecting malicious activity via certain strings in the secure file that are later used as part of a regular expression, which causes the parser to crash, aka "logwatch log processing regular expression DoS."

SSH Tectia Server 4.3.1 and earlier, and SSH Se

Server | Tectia | SSH |

SSH Tectia Server 4.3.1 and earlier, and SSH Secure Shell for Windows Servers, uses insecure permissions when generating the Secure Shell host identification key, which allows local users to access the key and spoof the server.

Unknown vulnerability in HItoolbox for Mac OS X

vulnerability | HItoolbox | Unknown | Mac |

Unknown vulnerability in HItoolbox for Mac OS X 10.4.2 allows VoiceOver services to read secure input fields.

WRQ Reflection for Secure IT Windows Server 6.0

WRQ Reflection for Secure IT Windows Server 6.0 (formerly known as F-Secure SSH server) does not properly handle when the Windows Administrator or Guest accounts are renamed after SSH key authentication has been configured, which allows remote attackers to use the original names during login.

WRQ Reflection for Secure IT Windows Server 6.0

WRQ Reflection for Secure IT Windows Server 6.0 (formerly known as F-Secure SSH server) processes access and deny lists in a case-sensitive manner, when previous versions were case-insensitive, which might allow remote attackers to bypass intended restrictions and login to accounts that should be denied.

The default configuration of Cisco Secure Deskt

The default configuration of Cisco Secure Desktop (CSD) has an unchecked "Disable printing" box in Secure Desktop Settings, which might allow local users to read data that was sent to a printer during another user's SSL VPN session.

Cisco Secure Desktop (CSD) before 3.1.1.45 allo

Desktop | Secure | Cisco |

Cisco Secure Desktop (CSD) before 3.1.1.45 allows local users to escape out of the secure desktop environment by using certain applications that switch to the default desktop, aka "System Policy Evasion".

Buffer overflow in the Configuration Checker (C

Configuration | overflow | Checker | Buffer |

Buffer overflow in the Configuration Checker (ConfigChk) ActiveX control in VSCnfChk.dll 2.0.0.2 for Verisign Managed PKI Service, Secure Messaging for Microsoft Exchange, and Go Secure! allows remote attackers to execute arbitrary code via long arguments to the VerCompare method.

Software vulnerabilities results 1 to 20 of 207

Page: 12 3 4 5...11 ►

secure software vulnerabilities

vulnerabilities.aspcode.net

Searching secure software vulnerabilities