spoofed software vulnerabilities
vulnerabilities.aspcode.net
Searching spoofed software vulnerabilities
Denial of service in RPC portmapper allows atta
portmapper
|
unregister
|
attackers
|
register
|
services
|
address
|
service
|
spoofed
|
source
|
allows
|
Denial
|
spoof
|
using
|
such
|
RPC
|
Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1.
Quake 2 server allows remote attackers to cause
attackers
|
spoofed
|
address
|
service
|
source
|
packet
|
denial
|
server
|
allows
|
remote
|
cause
|
Quake
|
via
|
UDP
|
Quake 2 server allows remote attackers to cause a denial of service via a spoofed UDP packet with a source address of 127.0.0.1, which causes the server to attempt to connect to itself.
Quake 1 and NetQuake servers allow remote attac
attackers
|
NetQuake
|
servers
|
service
|
denial
|
remote
|
Quake
|
allow
|
cause
|
Quake 1 and NetQuake servers allow remote attackers to cause a denial of service (resource exhaustion or forced disconnection) via a flood of spoofed UDP connection packets, which exceeds the server's player limit.
Windows 95 and Windows 98 do not properly proce
attackers
|
overwrite
|
properly
|
packets
|
entries
|
process
|
Windows
|
spoofed
|
static
|
remote
|
allows
|
cache
|
table
|
which
|
not
|
ARP
|
Windows 95 and Windows 98 do not properly process spoofed ARP packets, which allows remote attackers to overwrite static entries in the cache table.
Yahoo! Messenger 5.0 allows remote attackers to
engineering
|
attackers
|
modifying
|
Messenger
|
username
|
service
|
spoofed
|
social
|
allows
|
remote
|
denial
|
spoof
|
Yahoo
|
other
|
using
|
users
|
Yahoo! Messenger 5.0 allows remote attackers to spoof other users by modifying the username and using the spoofed username for social engineering or denial of service (flooding) attacks.
The SMTP service in Microsoft Internet Informat
Information
|
Microsoft
|
Services
|
Internet
|
service
|
SMTP
|
The SMTP service in Microsoft Internet Information Services (IIS) 4.0 and 5.0 allows remote attackers to bypass anti-relaying rules and send spam or spoofed messages via encapsulated SMTP addresses, a similar vulnerability to CVE-1999-0682.
Qualcomm Eudora 5.2.1 allows remote attackers t
Qualcomm
|
Eudora
|
Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files via an email message with a carriage return (CR) character in a spoofed "Attachment Converted:" string, which is not properly handled by Eudora.
pam_wheel in Linux-PAM 0.78, with the trust opt
Linux-PAM
|
pam_wheel
|
pam_wheel in Linux-PAM 0.78, with the trust option enabled and the use_uid option disabled, allows local users to spoof log entries and gain privileges by causing getlogin() to return a spoofed user name.
iproute 2.4.7 and earlier allows local users to
iproute
|
iproute 2.4.7 and earlier allows local users to cause a denial of service via spoofed messages as other users to the kernel netlink interface.
Zebra 0.93b and earlier, and quagga before 0.95
earlier
|
quagga
|
before
|
Zebra
|
093b
|
Zebra 0.93b and earlier, and quagga before 0.95, allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
The getifaddrs function in GNU libc (glibc) 2.2
getifaddrs
|
function
|
libc
|
GNU
|
The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
PF in certain OpenBSD versions, when stateful f
interfaces
|
filtering
|
interface
|
attackers
|
versions
|
original
|
intended
|
stateful
|
session
|
OpenBSD
|
enabled
|
certain
|
spoofed
|
packets
|
filters
|
bypass
|
packet
|
allows
|
remote
|
other
|
limit
|
which
|
does
|
via
|
not
|
PF in certain OpenBSD versions, when stateful filtering is enabled, does not limit packets for a session to the original interface, which allows remote attackers to bypass intended packet filters via spoofed packets to other interfaces.
Format string vulnerability in bidwatcher befor
vulnerability
|
bidwatcher
|
before
|
string
|
Format
|
Format string vulnerability in bidwatcher before 1.3.17 allows remote malicious web servers from eBay, or a spoofed eBay server, to cause a denial of service and possibly execute arbitrary code via certain responses.
Opera 8 Beta 3, when using first-generation vet
first-generation
|
Organizational
|
certificates
|
certificate
|
information
|
facilitate
|
phishing
|
displays
|
spoofed
|
digital
|
attacks
|
easily
|
vetted
|
using
|
Opera
|
which
|
Beta
|
can
|
SSL
|
Opera 8 Beta 3, when using first-generation vetted digital certificates, displays the Organizational information of an SSL certificate, which is easily spoofed and can facilitate phishing attacks.
GameSpy SDK CD-Key Validation Toolkit, as used
Validation
|
attackers
|
command
|
sending
|
spoofed
|
GameSpy
|
Toolkit
|
bypass
|
longer
|
server
|
\disc\
|
CD-Key
|
online
|
remote
|
allows
|
which
|
tells
|
games
|
many
|
used
|
use
|
key
|
SDK
|
GameSpy SDK CD-Key Validation Toolkit, as used by many online games, allows remote attackers to bypass the CD key validation by sending a spoofed \disc\ command, which tells the server the CD key is no longer in use.
Cisco switches that support 802.1x security all
Discovery
|
attackers
|
security
|
Protocol
|
switches
|
support
|
spoofed
|
access
|
bypass
|
remote
|
allow
|
Cisco
|
8021x
|
gain
|
port
|
VLAN
|
via
|
Cisco switches that support 802.1x security allow remote attackers to bypass port security and gain access to the VLAN via spoofed Cisco Discovery Protocol (CDP) messages.
OpenVPN before 2.0.1, when running in "dev tap"
OpenVPN
|
before
|
OpenVPN before 2.0.1, when running in "dev tap" Ethernet bridging mode, allows remote authenticated clients to cause a denial of service (memory exhaustion) via a flood of packets with a large number of spoofed MAC addresses.
Computer Associates (CA) Message Queuing (CAM /
Associates
|
Computer
|
Computer Associates (CA) Message Queuing (CAM / CAFT) 1.05, 1.07 before Build 220_13, and 1.11 before Build 29_13 allows remote attackers to execute arbitrary commands via spoofed CAFT packets.
Linux kernel before 2.6.12 allows remote attack
before
|
kernel
|
Linux
|
Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frames that have already been dropped by filtering, which can cause the bridge to forward spoofed packets.
The default configuration of syslogd in the Lin
configuration
|
sysklogd
|
default
|
package
|
syslogd
|
enable
|
Linux
|
does
|
not
|
The default configuration of syslogd in the Linux sysklogd package does not enable the -x (disable name lookups) option, which allows remote attackers to cause a denial of service (traffic amplification) via messages with spoofed source IP addresses.
Software vulnerabilities results 1 to 20 of 67
Page:
1
2
3
4
►