split software vulnerabilities
vulnerabilities.aspcode.net
Searching split software vulnerabilities
Buffer overflows in Microsoft Network Monitor (
Microsoft
|
overflows
|
Monitor
|
Network
|
Buffer
|
Buffer overflows in Microsoft Network Monitor (Netmon) allow remote attackers to execute arbitrary commands via a long Browser Name in a CIFS Browse Frame, a long SNMP community name, or a long username or filename in an SMB session, aka the "Netmon Protocol Parsing" vulnerability. NOTE: It is highly likely that this candidate will be split into multiple candidates.
The split key mechanism used by PGP 7.0 allows
authenticate
|
passphrases
|
passphrase
|
capturing
|
mechanism
|
setting
|
holders
|
allows
|
"Cache
|
option
|
logged
|
obtain
|
holder
|
access
|
entire
|
share
|
other
|
while
|
split
|
used
|
they
|
key
|
on"
|
PGP
|
The split key mechanism used by PGP 7.0 allows a key share holder to obtain access to the entire key by setting the "Cache passphrase while logged on" option and capturing the passphrases of other share holders as they authenticate.
Compaq TruCluster 1.5 allows remote attackers t
"split-brain"
|
TruCluster
|
attackers
|
service
|
cluster
|
system
|
causes
|
record
|
Compaq
|
allows
|
remote
|
denial
|
cause
|
which
|
state
|
enter
|
scan
|
does
|
port
|
have
|
not
|
via
|
PTR
|
DNS
|
Compaq TruCluster 1.5 allows remote attackers to cause a denial of service via a port scan from a system that does not have a DNS PTR record, which causes the cluster to enter a "split-brain" state.
Buffer overflow in Fake Identd 0.9 through 1.4
attackers
|
arbitrary
|
overflow
|
multiple
|
execute
|
packets
|
request
|
through
|
allows
|
Buffer
|
Identd
|
remote
|
split
|
into
|
code
|
Fake
|
root
|
long
|
via
|
Buffer overflow in Fake Identd 0.9 through 1.4 allows remote attackers execute arbitrary code as root via a long request that is that is split into multiple packets.
Multiple TCP/IP and ICMP implementations allow
implementations
|
attackers
|
Multiple
|
service
|
TCP/IP
|
remote
|
denial
|
cause
|
allow
|
ICMP
|
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (reset TCP connections) via spoofed ICMP error messages, aka the "blind connection-reset attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
Multiple TCP/IP and ICMP implementations allow
implementations
|
attackers
|
Multiple
|
service
|
TCP/IP
|
remote
|
denial
|
cause
|
allow
|
ICMP
|
Multiple TCP/IP and ICMP implementations allow remote attackers to cause a denial of service (network throughput reduction for TCP connections) via a blind throughput-reduction attack using spoofed Source Quench packets, aka the "ICMP Source Quench attack." NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
The cmdline pseudofiles in (1) procfs on FreeBS
pseudofiles
|
cmdline
|
The cmdline pseudofiles in (1) procfs on FreeBSD 4.8 through 5.3, and (2) linprocfs on FreeBSD 5.x through 5.3, do not properly validate a process argument vector, which allows local users to cause a denial of service (panic) or read portions of kernel memory. NOTE: this candidate might be SPLIT into 2 separate items in the future.
A regression error in the Red Hat Enterprise Li
Enterprise
|
regression
|
4GB/4GB
|
"access
|
service
|
allows
|
check"
|
denial
|
kernel
|
cause
|
which
|
local
|
users
|
Linux
|
error
|
split
|
omits
|
patch
|
Red
|
Hat
|
A regression error in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch omits an "access check," which allows local users to cause a denial of service (crash).
Unknown vulnerability in the Red Hat Enterprise
vulnerability
|
privileges
|
Enterprise
|
arbitrary
|
syscalls
|
hugemem
|
certain
|
4GB/4GB
|
Unknown
|
kernel
|
allows
|
memory
|
Linux
|
write
|
users
|
patch
|
split
|
local
|
using
|
gain
|
read
|
Red
|
Hat
|
via
|
Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when using the hugemem kernel, allows local users to read and write to arbitrary kernel memory and gain privileges via certain syscalls.
Unknown vulnerability in the Red Hat Enterprise
vulnerability
|
Enterprise
|
running
|
4GB/4GB
|
service
|
Unknown
|
hugemem
|
allows
|
kernel
|
denial
|
users
|
cause
|
local
|
split
|
Linux
|
patch
|
Red
|
Hat
|
x86
|
Unknown vulnerability in the Red Hat Enterprise Linux 4 kernel 4GB/4GB split patch, when running on x86 with the hugemem kernel, allows local users to cause a denial of service (crash).
Unknown "high risk" vulnerability in DB2 Univer
vulnerability
|
Universal
|
Database
|
earlier
|
vectors
|
Unknown
|
attack
|
impact
|
risk"
|
"high
|
DB2
|
has
|
Unknown "high risk" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors. NOTE: due to the delayed disclosure of details for this issue, this candidate may be SPLIT in the future. In addition, this may be a duplicate of other issues as reported by the vendor.
Multiple unknown vulnerabilities in L-Soft LIST
vulnerabilities
|
LISTSERV
|
Multiple
|
unknown
|
L-Soft
|
Multiple unknown vulnerabilities in L-Soft LISTSERV 14.3, 1.8e, and 1.8d allow remote attackers to execute arbitrary code or cause a denial of service. NOTE: this candidate may be SPLIT in the future when more precise technical details become available.
The rw_vm function in usercopy.c in the 4GB spl
Enterprise
|
usercopyc
|
checking
|
function
|
service
|
perform
|
proper
|
allows
|
denial
|
bounds
|
kernel
|
which
|
local
|
patch
|
split
|
rw_vm
|
users
|
cause
|
Linux
|
does
|
Red
|
4GB
|
not
|
Hat
|
The rw_vm function in usercopy.c in the 4GB split patch for the Linux kernel in Red Hat Enterprise Linux 4 does not perform proper bounds checking, which allows local users to cause a denial of service (crash).
** SPLIT ** The jlucaller program in LiveUpdate
LiveUpdate
|
AntiVirus
|
jlucaller
|
Symantec
|
program
|
Norton
|
SPLIT
|
** SPLIT ** The jlucaller program in LiveUpdate for Symantec Norton AntiVirus 9.0.3 on Macintosh runs setuid when executing Java programs, which allows local users to gain privileges. NOTE: due to a CNA error, this candidate was also originally assigned to an issue in DiskMountNotify. Use CVE-2005-3270 for the DiskMountNotify issue, and CVE-2005-2759 for the LiveUpdate issue.
Nessus before 2.2.8, and 3.x before 3.0.3, allo
before
|
Nessus
|
Nessus before 2.2.8, and 3.x before 3.0.3, allows user-assisted attackers to cause a denial of service (memory consumption) via a NASL script that calls split with an invalid sep parameter. NOTE: a design goal of the NASL language is to facilitate sharing of security tests by guaranteeing that a script "can not do anything nasty." This issue is appropriate for CVE only if Nessus users have an expectation that a split statement will not use excessive memory.
A regression error in the restore_all code path
restore_all
|
non-hugemem
|
Enterprise
|
regression
|
kernels
|
service
|
Desktop
|
support
|
denial
|
allows
|
users
|
split
|
local
|
cause
|
4/4GB
|
error
|
Linux
|
path
|
code
|
Red
|
Hat
|
A regression error in the restore_all code path of the 4/4GB split support for non-hugemem Linux kernels on Red Hat Linux Desktop and Enterprise Linux 4 allows local users to cause a denial of service (panic) via unspecified vectors.
Multiple integer overflows in the chunk_split f
chunk_split
|
overflows
|
function
|
Multiple
|
integer
|
before
|
PHP
|
Multiple integer overflows in the chunk_split function in PHP 5 before 5.2.3 allow remote attackers to cause a denial of service (crash) or execute arbitrary code via the (1) chunks, (2) srclen, and (3) chunklen arguments.
ircu 2.10.12.01 through 2.10.12.04 does not rem
ircu
|
ircu 2.10.12.01 through 2.10.12.04 does not remove ops privilege after a join from a server with an older timestamp (TS), which allows remote attackers to gain control of a channel during a split.
Unspecified vulnerability in the chunk_split fu
vulnerability
|
chunk_split
|
Unspecified
|
function
|
before
|
PHP
|
Unspecified vulnerability in the chunk_split function in PHP before 5.2.4 has unknown impact and attack vectors, related to an incorrect size calculation.
The chunk_split function in string.c in PHP 5.2
chunk_split
|
function
|
stringc
|
PHP
|
The chunk_split function in string.c in PHP 5.2.3 does not properly calculate the needed buffer size due to precision loss when performing integer arithmetic with floating point numbers, which has unknown attack vectors and impact, possibly resulting in a heap-based buffer overflow. NOTE: this is due to an incomplete fix for CVE-2007-2872.
Software vulnerabilities results 1 to 20 of 33
Page:
1
2
►