small software vulnerabilities

Searching small software vulnerabilities

Small HTTP Server 2.01 does not properly proces

Small HTTP Server 2.01 does not properly process Server Side Includes (SSI) tags that contain null values, which allows local users, and possibly remote attackers, to cause the server to crash by inserting the SSI into an HTML file.

Small HTTP Server 2.01 allows remote attackers

Server | Small | HTTP |

Small HTTP Server 2.01 allows remote attackers to cause a denial of service by connecting to the server and sending out multiple GET, HEAD, or POST requests and closing the connection before the server responds to the requests.

vWebServer 1.2.0 allows remote attackers to cau

vWebServer |

vWebServer 1.2.0 allows remote attackers to cause a denial of service (hang) via a small number of long URL requests, possibly due to a buffer overflow.

The MAC module in Netfilter in Linux kernel 2.4

The MAC module in Netfilter in Linux kernel 2.4.1 through 2.4.11, when configured to filter based on MAC addresses, allows remote attackers to bypass packet filters via small packets.

WorkforceROI Xpede 4.1 uses a small random name

WorkforceROI Xpede 4.1 uses a small random namespace (5 alphanumeric characters) for temporary expense claim reports in the /reports/temp directory, which allows remote attackers to read the reports via a brute force attack.

Unreal Tournament 2003 (ut2003) clients and ser

Tournament | Unreal |

Unreal Tournament 2003 (ut2003) clients and servers allow remote attackers to cause a denial of service via malformed messages containing a small number of characters to UDP ports 7778 or 10777.

The TCP MSS (maximum segment size) functionalit

MSS | TCP |

The TCP MSS (maximum segment size) functionality in netinet allows remote attackers to cause a denial of service (resource exhaustion) via (1) a low MTU, which causes a large number of small packets to be produced, or (2) via a large number of packets with a small TCP payload, which cause a large number of calls to the resource-intensive sowakeup function.

Buffer overflow in the DCE daemon (DCED) for th

overflow | daemon | Buffer | DCE |

Buffer overflow in the DCE daemon (DCED) for the DCE endpoint mapper (epmap) on HP-UX 11 allows remote attackers to execute arbitrary code via a request with a small fragment length and a large amount of data.

Buffer overflow in the QFILEPATHINFO request ha

Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value.

Ipswitch WS_FTP Server 4.0.2 allows remote auth

Ipswitch | Server | WS_FTP |

Ipswitch WS_FTP Server 4.0.2 allows remote authenticated users to cause a denial of service (disk consumption) via a REST command with a large argument, then uploading a small file using the STOR command.

Agnitum Outpost Pro Firewall 2.1 allows remote

Agnitum Outpost Pro Firewall 2.1 allows remote attackers to cause a denial of service (CPU consumption) via a flood of small, invalid packets, which can not be processed quickly enough by Outpost Pro.

Gadu-Gadu allows remote attackers to bypass the

Gadu-Gadu allows remote attackers to bypass the "image send" option by sending a very small image file, which could be used in conjunction with image-related vulnerabilities.

Heap-based buffer overflow in the ReadPNMImage

Heap-based buffer overflow in the ReadPNMImage function in pnm.c for ImageMagick 6.2.1 and earlier allows remote attackers to cause a denial of service (application crash) via a PNM file with a small colors value.

Directory traversal vulnerability in Ipswitch W

Directory traversal vulnerability in Ipswitch WhatsUp Small Business 2004 allows remote attackers to read arbitrary files via ".." (dot dot) sequences in a request to the Report service (TCP 8022).

HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 al

HP-UX B.11.00, B.11.04, B.11.11, and B.11.23 allows remote attackers to cause a denial of service via a "Rose Attack" that involves sending a subset of small IP fragments that do not form a complete, larger packet.

Cross-site scripting (XSS) vulnerability in use

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in userupload.php in OlateDownload 3.4.0 allows remote attackers to inject arbitrary web script or HTML via the description_small parameter.

Unrestricted file upload vulnerability in LiveC

Unrestricted file upload vulnerability in LiveCMS 3.4 and earlier allows remote attackers to upload and execute arbitrary PHP code by specifying a PHP file type in a parameter intended for "a small image" associated with an article.

The AntiVirus engine in the HTTP-ALG in Clavist

The AntiVirus engine in the HTTP-ALG in Clavister CorePlus before 8.81.00 and 8.80.03 might allow remote attackers to bypass scanning via small files.

KDE Konqueror 3.5.7 allows remote attackers to

Konqueror | KDE |

KDE Konqueror 3.5.7 allows remote attackers to spoof the URL address bar by calling setInterval with a small interval and changing the window.location property.

vstor-ws60.sys in VMWare Workstation 6.0 allows

vstor-ws60.sys in VMWare Workstation 6.0 allows local users to cause a denial of service (host operating system crash) and possibly gain privileges by sending a small file buffer size value to the FsSetVolumeInformation IOCTL handler with an FsSetFileInformation subcode.

Software vulnerabilities results 1 to 20 of 48

Page: 12 3 ►

small software vulnerabilities

vulnerabilities.aspcode.net

Searching small software vulnerabilities