setup software vulnerabilities
vulnerabilities.aspcode.net
Searching setup software vulnerabilities
Buffer overflow in MSN Setup BBS 4.71.0.10 Acti
overflow
|
Buffer
|
Setup
|
BBS
|
MSN
|
Buffer overflow in MSN Setup BBS 4.71.0.10 ActiveX control (setupbbs.ocx) allows a remote attacker to execute arbitrary commands via the methods (1) vAddNewsServer or (2) bIsNewsServerConfigured.
The Microsoft Active Setup ActiveX component in
manufacturer
|
software's
|
components
|
component
|
Microsoft
|
prompting
|
attacker
|
software
|
Explorer
|
Internet
|
without
|
stating
|
ActiveX
|
install
|
remote
|
Active
|
allows
|
Setup
|
user
|
The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software's manufacturer is Microsoft.
Buffer overflow in the fscache_setup function o
fscache_setup
|
privileges
|
cachefsd
|
argument
|
overflow
|
function
|
Solaris
|
Buffer
|
allows
|
mount
|
local
|
users
|
root
|
long
|
gain
|
via
|
Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument.
dcshop.cgi in DCShop 1.002 Beta allows remote a
dcshopcgi
|
DCShop
|
dcshop.cgi in DCShop 1.002 Beta allows remote attackers to delete arbitrary setup files via a null character in the database parameter.
csGuestbook.cgi in CGISCRIPT.NET csGuestbook 1.
csGuestbookcgi
|
CGISCRIPTNET
|
csGuestbook
|
attackers
|
arbitrary
|
parameter
|
processed
|
function
|
execute
|
allows
|
remote
|
which
|
setup
|
eval
|
Perl
|
code
|
via
|
csGuestbook.cgi in CGISCRIPT.NET csGuestbook 1.0 allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.
csLiveSupport.cgi in CGIScript.net csLiveSuppor
csLiveSupportcgi
|
csLiveSupport
|
CGIScriptnet
|
attackers
|
arbitrary
|
parameter
|
processed
|
function
|
execute
|
allows
|
remote
|
which
|
setup
|
eval
|
Perl
|
code
|
via
|
csLiveSupport.cgi in CGIScript.net csLiveSupport allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.
csChatRBox.cgi in CGIScript.net csChat-R-Box al
csChatRBoxcgi
|
csChat-R-Box
|
CGIScriptnet
|
attackers
|
arbitrary
|
parameter
|
processed
|
function
|
execute
|
allows
|
remote
|
which
|
setup
|
eval
|
Perl
|
code
|
via
|
csChatRBox.cgi in CGIScript.net csChat-R-Box allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.
csNewsPro.cgi in CGIScript.net csNews Professio
Professional
|
CGIScriptnet
|
csNewsProcgi
|
csNews
|
csNewsPro.cgi in CGIScript.net csNews Professional (csNewsPro) allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.
The installation of Apple QuickTime / Darwin St
administration
|
administrator
|
installation
|
privileges
|
Assistant"
|
attackers
|
QuickTime
|
Streaming
|
password
|
remote
|
allows
|
before
|
Server
|
Darwin
|
"Setup
|
starts
|
Apple
|
gain
|
413f
|
real
|
page
|
set
|
The installation of Apple QuickTime / Darwin Streaming Server before 4.1.3f starts the administration server with a "Setup Assistant" page that allows remote attackers to set the administrator password and gain privileges before the real administrator.
Buffer overflow in dxterm in Ultrix 4.5 allows
parameter
|
arbitrary
|
overflow
|
execute
|
-setup
|
dxterm
|
Buffer
|
allows
|
Ultrix
|
users
|
local
|
long
|
code
|
via
|
Buffer overflow in dxterm in Ultrix 4.5 allows local users to execute arbitrary code via a long -setup parameter.
Unknown vulnerability in phpGroupWare before 0.
vulnerability
|
phpGroupWare
|
Unknown
|
before
|
Unknown vulnerability in phpGroupWare before 0.9.14.002 has unknown attack vectors and impact, related to a "security hole" in the Setup/Config functionality.
phpGroupWare before 0.9.16.002 transmits the (1
phpGroupWare
|
before
|
phpGroupWare before 0.9.16.002 transmits the (1) header admin and (2) setup passwords in plaintext via cookies, which allows remote attackers to sniff passwords.
The setup routine (setup.php) in PHProjekt 4.2.
routine
|
setup
|
The setup routine (setup.php) in PHProjekt 4.2.1 and earlier allows remote attackers to modify system configuration via unknown attack vectors.
The Audio Setup Wizard (asw.dll) in Yahoo! Mess
Wizard
|
Setup
|
Audio
|
The Audio Setup Wizard (asw.dll) in Yahoo! Messenger 6.0.0.1750, and possibly other versions, allows attackers to arbitrary code by placing a malicious ping.exe program into the Messenger program directory, which is installed with weak default permissions.
Unknown vulnerability in IBM Hardware Managemen
vulnerability
|
Management
|
Hardware
|
Unknown
|
Console
|
IBM
|
Unknown vulnerability in IBM Hardware Management Console (HMC) before 4.4 for POWER5 servers allows local users to gain privileges, related to the Guided Setup Wizard.
Buffer overflow in the Netinfo Setup Tool (NeST
overflow
|
Netinfo
|
Buffer
|
Setup
|
Tool
|
Buffer overflow in the Netinfo Setup Tool (NeST) allows local users to execute arbitrary code.
Cisco devices running Application and Content N
Application
|
Networking
|
Content
|
devices
|
running
|
System
|
Cisco
|
Cisco devices running Application and Content Networking System (ACNS) 4.x, 5.0, 5.1, or 5.2 use a default password when the setup dialog has not been run, which allows remote attackers to gain access.
apt-setup in Debian GNU/Linux installs the apt.
permissions
|
information
|
passwords
|
sensitive
|
GNU/Linux
|
apt-setup
|
installs
|
insecure
|
aptconf
|
obtain
|
Debian
|
allows
|
which
|
local
|
users
|
file
|
such
|
apt-setup in Debian GNU/Linux installs the apt.conf file with insecure permissions, which allows local users to obtain sensitive information such as passwords.
Unspecified vulnerability in the admin login fe
administrators
|
vulnerability
|
Unspecified
|
multiblog
|
another
|
Subtext
|
feature
|
remote
|
allows
|
login
|
admin
|
setup
|
blog
|
one
|
Unspecified vulnerability in the admin login feature in Subtext 1.5, in a multiblog setup, allows remote administrators of one blog to login to another blog.
Cross-site scripting (XSS) vulnerability in tik
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in tiki-setup_base.php in TikiWiki before 1.9.7 allows remote attackers to inject arbitrary JavaScript via unspecified parameters.
Software vulnerabilities results 1 to 20 of 43
Page:
1
2
3
►