Searching sent software vulnerabilities

A network intrusion detection system (IDS) does

detection | intrusion | network | system |

A network intrusion detection system (IDS) does not properly handle packets that are sent out of order, allowing an attacker to escape detection.


genkey utility in Alibaba 2.0 generates RSA key

transactions | generates | cleartext | exponent | results | Alibaba | utility | genkey | which | pairs | sent | RSA | key |

genkey utility in Alibaba 2.0 generates RSA key pairs with an exponent of 1, which results in transactions that are sent in cleartext.


Windows NT 4.0 and Windows 2000 hosts allow rem

Windows |

Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause a denial of service (unavailable connections) by sending multiple SMB SMBnegprots requests but not reading the response that is sent back.


pgp4pine Pine/PGP interface version 1.75-6 does

interface | obtaining | properly | Pine/PGP | pgp4pine | Privacy | expired | version | public | Guard | check | 175-6 | does | keys | Gnu | via | see | not | has | key |

pgp4pine Pine/PGP interface version 1.75-6 does not properly check to see if a public key has expired when obtaining the keys via Gnu Privacy Guard (GnuPG), which causes the message to be sent in cleartext.


Cisco Catalyst 2900XL switch allows a remote at

Catalyst | attacker | service | packet | create | denial | switch | 2900XL | remote | allows | empty | Cisco | sent | port | via | UDP |

Cisco Catalyst 2900XL switch allows a remote attacker to create a denial of service via an empty UDP packet sent to port 161 (SNMP) when SNMP is disabled.


NewAtlanta ServletExec ISAPI 4.1 allows remote

ServletExec | NewAtlanta | attackers | service | denial | allows | remote | ISAPI | cause |

NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to cause a denial of service (crash) via (1) a request for a long .jsp file, or (2) a long URL sent directly to com.newatlanta.servletexec.JSP10Servlet.


SmartMail Server 2.0 allows remote attackers to

attackers | SmartMail | service | denial | allows | Server | remote | cause |

SmartMail Server 2.0 allows remote attackers to cause a denial of service (crash) by sending data and closing the connection before all the data has been sent.


saned in sane-backends 1.0.7 and earlier calls

sane-backends | saned |

saned in sane-backends 1.0.7 and earlier calls malloc with an arbitrary size value if a connection is dropped before the size value has been sent, which allows remote attackers to cause a denial of service (memory consumption or crash).


The (1) Mozilla 1.6, (2) Firebird 0.7 and (3) F


The (1) Mozilla 1.6, (2) Firebird 0.7 and (3) Firefox 0.8 web browsers do not properly verify that cached passwords for SSL encrypted sites are only sent via SSL encrypted sessions to the site, which allows a remote attacker to cause a cached password to be sent in cleartext to a spoofed site.


Buffer overflow in Netopia Timbuktu 7.0.3 allow

Timbuktu | overflow | Netopia | Buffer |

Buffer overflow in Netopia Timbuktu 7.0.3 allows remote attackers to cause a denial of service (server process crash) via a certain data string that is sent to multiple simultaneous client connections to TCP port 407.


Internet Explorer does not prevent cookies that

insecure | Explorer | Internet | cookies | channel | prevent | does | over | sent | not |

Internet Explorer does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection."


KDE Konqueror does not prevent cookies that are

Konqueror | insecure | cookies | channel | prevent | over | does | sent | KDE | not |

KDE Konqueror does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection."


Mozilla does not prevent cookies that are sent

insecure | cookies | channel | prevent | Mozilla | does | over | sent | not |

Mozilla does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection."


Opera does not prevent cookies that are sent ov

insecure | cookies | channel | prevent | Opera | does | over | sent | not |

Opera does not prevent cookies that are sent over an insecure channel (HTTP) from also being sent over a secure channel (HTTPS/SSL) in the same domain, which could allow remote attackers to steal cookies and conduct unauthorized activities, aka "Cross Security Boundary Cookie Injection."


Format string vulnerability in the lprintf func

vulnerability | Citadel/UX | function | lprintf | string | Format |

Format string vulnerability in the lprintf function in Citadel/UX 6.27 and earlier allows remote attackers to execute arbitrary code via format string specifiers sent to the server.


The Virtual Private Network (VPN) capability in

Network | Private | Virtual |

The Virtual Private Network (VPN) capability in Novell Bordermanager 3.8 allows remote attackers to cause a denial of service (ABEND in IKE.NLM) via a malformed IKE packet, as sent by the Striker ISAKMP Protocol Test Suite.


Hotfoon 4.0 does not notify users before openin

arbitrary | attackers | browsers | opening | execute | Hotfoon | certian | remote | window | notify | before | allow | links | users | could | which | sent | link | does | chat | code | web | not | via |

Hotfoon 4.0 does not notify users before opening links in web browsers, which could allow remote attackers to execute arbitrary code via a certian link sent in a chat window.


ifconfig "-arp" in SGI IRIX 6.5 through 6.5.22m

requests | properly | received | ifconfig | disable | through | "-arp" | being | 6522m | IRIX | sent | does | SGI | not | ARP |

ifconfig "-arp" in SGI IRIX 6.5 through 6.5.22m does not properly disable ARP requests from being sent or received.


The new account wizard in Mail.app 2.0 in Mac O

account | Mailapp | wizard | Mac | new |

The new account wizard in Mail.app 2.0 in Mac OS 10.4, when configuring an IMAP mail account and checking the credentials, does not prompt the user to use SSL until after the password has already been sent, which causes the password to be sent in plaintext.


Multiple buffer overflows in Andy Lo-A-Foe Alsa

AlsaPlayer | overflows | Lo-A-Foe | Multiple | buffer | Andy |

Multiple buffer overflows in Andy Lo-A-Foe AlsaPlayer 0.99.76 and earlier allow remote attackers to cause a denial of service (application crash), or have other unknown impact, via (1) a long Location field sent by a web server, which triggers an overflow in the reconnect function in reader/http/http.c; (2) a long URL sent by a web server when AlsaPlayer is seeking a media file for the playlist, which triggers overflows in new_list_item and CbUpdated in interface/gtk/PlaylistWindow.cpp; and (3) a long response sent by a CDDB server, which triggers an overflow in cddb_lookup in input/ccda/cdda_engine.c.


Software vulnerabilities results 1 to 20 of 95     
Page: 12345