Searching serial ports software vulnerabilities

FlowPoint DSL router firmware versions prior to

FlowPoint | firmware | versions | router | prior | DSL |

FlowPoint DSL router firmware versions prior to 3.0.8 allows a remote attacker to exploit a password recovery feature from the network and conduct brute force password guessing, instead of limiting the feature to the serial console port.


Multiple buffer overflows in Lexmark MarkVision

cat_paraller | cat_network | MarkVision | cat_serial | privileges | arguments | overflows | commands | programs | Multiple | Lexmark | printer | allows | buffer | driver | users | local | gain | long | via |

Multiple buffer overflows in Lexmark MarkVision printer driver programs allows local users to gain privileges via long arguments to the cat_network, cat_paraller, and cat_serial commands.


Buffer overflow in ja-elvis and ko-helvis ports

privileges | ko-helvis | overflow | ja-elvis | Buffer | local | users | ports | elvis | allow | root | gain |

Buffer overflow in ja-elvis and ko-helvis ports of elvis allow local users to gain root privileges.


TheNet CheckBO 1.56 allows remote attackers to

CheckBO | TheNet |

TheNet CheckBO 1.56 allows remote attackers to cause a denial of service via a flood of characters to the TCP ports which it is listening on.


The default configuration of the config.http.tu

confighttptunnelallow_ports | configuration | arbitrary | attackers | NetCache | default | systems | devices | connect | remote | device | option | allows | behind | ports | which | +all | set |

The default configuration of the config.http.tunnel.allow_ports option on NetCache devices is set to +all, which allows remote attackers to connect to arbitrary ports on remote systems behind the device.


Xircom REX 6000 allows local users to obtain th

Xircom | REX |

Xircom REX 6000 allows local users to obtain the 10 digit PIN by starting a serial monitor, connecting to the personal digital assistant (PDA) via Rextools, and capturing the cleartext PIN.


Unknown vulnerability in the System Serial Cons

vulnerability | terminal | Console | Unknown | Solaris | System | Serial |

Unknown vulnerability in the System Serial Console terminal in Solaris 2.5.1, 2.6, and 7 allows local users to monitor keystrokes and possibly steal sensitive information.


/proc/tty/driver/serial in Linux 2.4.x reveals

/proc/tty/driver/serial | information | potentially | characters | passwords | sensitive | reveals | obtain | serial | number | length | local | users | links | Linux | exact | allow | could | which | such | used | 24x |

/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.


OpenCA before 0.9.1.4 does not use the correct

before | OpenCA |

OpenCA before 0.9.1.4 does not use the correct certificate in a chain to check the serial, which could cause OpenCA to accept revoked or expired certificates.


The Equalizer Load-balancer for serial network

Load-balancer | interfaces | Equalizer | network | serial |

The Equalizer Load-balancer for serial network interfaces (eql.c) in Linux kernel 2.6.x up to 2.6.7 allows local users to cause a denial of service via a non-existent device name that triggers a null dereference.


Buffer overflow in the MoxaDriverIoctl function

MoxaDriverIoctl | function | overflow | serial | driver | Buffer | moxa |

Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value.


Unknown vulnerability in Sun StorEdge 6130 Arra

vulnerability | StorEdge | Unknown | Sun |

Unknown vulnerability in Sun StorEdge 6130 Arrays (SE6130) with serial numbers between 0451AWF00G and 0513AWF00J allows local users and remote attackers to delete data.


Fortinet firewall running FortiOS 2.x contains

privileges | hardcoded | firewall | password | contains | Fortinet | console | running | FortiOS | uername | allows | access | number | serial | which | local | users | gain | set |

Fortinet firewall running FortiOS 2.x contains a hardcoded uername with the password set to the serial number, which allows local users with console access to gain privileges.


Avocent CCM console server running firmware 2.1

authenticated | restrictions | connecting | attackers | firmware | Avocent | console | connect | command | CCM4850 | running | access | allows | remote | server | serial | bypass | using | port | CCM | SSH | via |

Avocent CCM console server running firmware 2.1 CCM4850 allows remote authenticated attackers to bypass port restrictions by connecting to the server via SSH and using the connect command to access the serial port.


Planet Technology Corp FGSW2402RS switch with f

privileges | FGSW2402RS | Technology | attackers | password | device's | physical | firmware | default | access | allows | Planet | switch | serial | which | gain | Corp | port | has |

Planet Technology Corp FGSW2402RS switch with firmware 1.2 has a default password, which allows attackers with physical access to the device's serial port to gain privileges.


Google Mini Search Appliance, and possibly Goog

arbitrary | attackers | comparing | resulting | determine | Appliance | messages | possibly | modified | targets | Google | allows | closed | Search | remote | error | ports | hosts | port | open | Mini | then | URLs | scan | via |

Google Mini Search Appliance, and possibly Google Search Appliance, allows remote attackers to port scan arbitrary hosts via URLs with modified targets and ports, then comparing the resulting error messages to determine open and closed ports.


Unspecified vulnerability in Serial line sniffe

vulnerability | Unspecified | sniffer | Serial | line |

Unspecified vulnerability in Serial line sniffer (aka slsnif) 0.4.4 allows local users to gain privileges via a long value of the HOME environment variable, possibly because of a buffer overflow.


The ftdi_sio driver (usb/serial/ftdi_sio.c) in

ftdi_sio | driver |

The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to 2.6.17, and possibly later versions, allows local users to cause a denial of service (memory consumption) by writing more data to the serial port than the hardware can handle, which causes the data to be queued.


The key serial number collision avoidance code

key_alloc_serial | collision | avoidance | function | kernel | number | serial | Linux | code | key |

The key serial number collision avoidance code in the key_alloc_serial function in Linux kernel 2.6.9 up to 2.6.20 allows local users to cause a denial of service (crash) via vectors that trigger a null dereference, as originally reported as "spinlock CPU recursion."


Eltima Software Virtual Serial Port (VSPAX) Act

Software | Virtual | Serial | Eltima | Port |

Eltima Software Virtual Serial Port (VSPAX) ActiveX control (VSPort.DLL) allows remote attackers to cause a denial of service via certain function calls, as demonstrated via the (1) Attach, (2) Write, and (3) WriteStr functions.


Software vulnerabilities results 1 to 20 of 71     
Page: 1234