space software vulnerabilities

Searching space software vulnerabilities

In some NT web servers, appending a space at th

In some NT web servers, appending a space at the end of a URL may allow attackers to read source code for active pages.

Vulnerability in direct audio user space code o

Vulnerability in direct audio user space code on HP-UX 10.20 and 10.10 allows local users to cause a denial of service.

WebTrends HTTP Server 3.1c and 3.5 allows a rem

WebTrends HTTP Server 3.1c and 3.5 allows a remote attacker to view script source code via a filename followed by an encoded space (%20).

OmniHTTPd 2.0.8 and earlier allow remote attack

OmniHTTPd |

OmniHTTPd 2.0.8 and earlier allow remote attackers to obtain source code via a GET request with the URL-encoded symbol for a space (%20).

vWebServer 1.2.0 allows remote attackers to vie

vWebServer |

vWebServer 1.2.0 allows remote attackers to view arbitrary ASP scripts via a request for an ASP script that ends with a URL-encoded space character (%20).

InterScan VirusWall 3.52 build 1462 allows remo

VirusWall | InterScan |

InterScan VirusWall 3.52 build 1462 allows remote attackers to bypass virus protection via e-mail messages with headers that violate RFC specifications by having (or missing) space characters in unexpected places (aka "space gap"), such as (1) Content-Type :", (2) "Content-Transfer-Encoding :", (3) no space before a boundary declaration, or (4) "boundary= ", which is processed by Outlook Express.

User-mode Linux (UML) 2.4.17-8 does not restric

User-mode | Linux |

User-mode Linux (UML) 2.4.17-8 does not restrict access to kernel address space, which allows local users to execute arbitrary code.

Savant Web Server 3.1 and earlier allows remote

Savant Web Server 3.1 and earlier allows remote attackers to bypass authentication for password protected user folders via a URL with a hex encoded space (%20) and a '.' (%2e) at the end of the filename.

Apple QuickTime / Darwin Streaming Server befor

Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to obtain the source code for scripts by appending encoded space (%20) or . (%2e) characters to an HTTP request for the script, e.g. view_broadcast.cgi.

A "buffer management error" in buffer_append_sp

A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CVE-2003-0695.

Real time clock (RTC) routines in Linux kernel

clock | time | Real |

Real time clock (RTC) routines in Linux kernel 2.4.23 and earlier do not properly initialize their structures, which could leak kernel data to user space.

Caucho Technology Resin 2.1.12 allows remote at

Technology | Caucho | Resin |

Caucho Technology Resin 2.1.12 allows remote attackers to view JSP source via an HTTP request to a .jsp file that ends in a "%20" (encoded space character), e.g. index.jsp%20.

Raw character devices (raw.c) in the Linux kern

character | devices | Raw |

Raw character devices (raw.c) in the Linux kernel 2.6.x call the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space, a similar vulnerability to CVE-2005-1589.

Mercur Messaging 2005 SP2 allows remote attacke

Messaging | Mercur |

Mercur Messaging 2005 SP2 allows remote attackers to read the source code of .ctml files via a URL with a trailing hex-encoded space ("%20").

Unknown vulnerability in Tor before 0.1.0.10 al

vulnerability | Unknown | before | Tor |

Unknown vulnerability in Tor before 0.1.0.10 allows remote attackers to read arbitrary memory and possibly key information from the exit server's process space.

The Wipe Free Space utility in PGP Desktop Home

The Wipe Free Space utility in PGP Desktop Home 8.0 and Desktop Professional 9.0.3 Build 2932 and earlier does not clear file slack space in the last cluster for the file, which allows local users to access the previous contents of the disk.

SQL injection vulnerability in index.php in Mob

SQL injection vulnerability in index.php in MobeScripts Mobile Space Community 2.0 allows remote attackers to execute arbitrary SQL commands via the browse parameter.

The (1) __futex_atomic_op and (2) futex_atomic_

The (1) __futex_atomic_op and (2) futex_atomic_cmpxchg_inatomic functions in Linux kernel 2.6.17-rc4 to 2.6.18-rc2 performs the atomic futex operation with user space addresses instead of kernel space addresses, which allows local users to cause a denial of service (crash).

DFSR.exe in Windows Meeting Space in Microsoft

DFSR.exe in Windows Meeting Space in Microsoft Windows Vista remains available for remote connections on TCP port 5722 for 2 minutes after Windows Meeting Space is closed, which allows remote attackers to have an unknown impact by connecting to this port during the time window.

httpsv.exe in HTTP Server 1.6.2 allows remote a

httpsvexe | Server | HTTP |

httpsv.exe in HTTP Server 1.6.2 allows remote attackers to obtain sensitive information (script source code) via a URI with a trailing %20 (encoded space).

Software vulnerabilities results 1 to 20 of 94

Page: 12 3 4 5 ►

space software vulnerabilities

vulnerabilities.aspcode.net

Searching space software vulnerabilities