started software vulnerabilities
vulnerabilities.aspcode.net
Searching started software vulnerabilities
/usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does n
/usr/sbin/Mail
|
IRIX
|
SGI
|
/usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users.
Farm9 Cryptcat, when started in server mode wit
configuration
|
communicate
|
information
|
encryption
|
sensitive
|
attackers
|
intended
|
Cryptcat
|
clients
|
despite
|
without
|
started
|
option
|
server
|
remote
|
allows
|
enable
|
allow
|
which
|
sniff
|
Farm9
|
does
|
mode
|
not
|
may
|
Farm9 Cryptcat, when started in server mode with the -e option, does not enable encryption, which allows clients to communicate without encryption despite intended configuration, and may allow remote attackers to sniff sensitive information.
Apple Remote Desktop Client 1.2.4 executes a GU
Desktop
|
Client
|
Remote
|
Apple
|
Apple Remote Desktop Client 1.2.4 executes a GUI application as root when it is started by an Apple Remote Desktop Administrator application, which allows remote authenticated users to execute arbitrary code when loginwindow is active via Fast User Switching.
Dell TrueMobile 1300 WLAN Mini-PCI Card Util Tr
TrueMobile
|
Dell
|
Dell TrueMobile 1300 WLAN Mini-PCI Card Util TrayApplet 3.10.39.0 does not properly drop SYSTEM privileges when started from the systray applet, which allows local users to gain privileges by accessing the Help functionality.
Orbicule Undercover allows attackers with physi
/private/etc/ucapp/Contents/MacOS/uc
|
LaunchDaemon
|
permissions
|
protection
|
Undercover
|
attackers
|
prevents
|
Orbicule
|
physical
|
command
|
service
|
disable
|
started
|
access
|
change
|
allows
|
being
|
chmod
|
using
|
which
|
root
|
file
|
Orbicule Undercover allows attackers with physical or root access to disable the protection by using the chmod command to change the permissions of the /private/etc/uc.app/Contents/MacOS/uc file, which prevents the service from being started in LaunchDaemon.
Unspecified vulnerability in CA CleverPath Port
471001_179_060830
|
vulnerability
|
credentials
|
maintenance
|
Unspecified
|
BrightStor
|
CleverPath
|
including
|
Unicenter
|
Security
|
properly
|
multiple
|
products
|
session
|
Command
|
another
|
started
|
servers
|
inherit
|
through
|
version
|
before
|
eTrust
|
handle
|
server
|
Center
|
Portal
|
might
|
which
|
cause
|
store
|
share
|
used
|
user
|
Aion
|
does
|
r102
|
r111
|
time
|
data
|
same
|
r10
|
BPM
|
not
|
Unspecified vulnerability in CA CleverPath Portal before maintenance version 4.71.001_179_060830, as used in multiple products including BrightStor Portal r11.1, CleverPath Aion BPM r10 through r10.2, eTrust Security Command Center r1 and r8, and Unicenter, does not properly handle when multiple Portal servers are started at the same time and share the same data store, which might cause a Portal user to inherit the session and credentials of a user who is on another Portal server.
The Debian GNU/Linux 033_-F_NO_SETSID patch for
033_-F_NO_SETSID
|
interactively
|
disassociate
|
controlling
|
privileges
|
GNU/Linux
|
properly
|
program
|
TIOCSTI
|
started
|
Server
|
Debian
|
allows
|
1334-4
|
Apache
|
users
|
local
|
calls
|
ioctl
|
patch
|
which
|
httpd
|
HTTP
|
gain
|
does
|
tty
|
not
|
CGI
|
via
|
The Debian GNU/Linux 033_-F_NO_SETSID patch for the Apache HTTP Server 1.3.34-4 does not properly disassociate httpd from a controlling tty when httpd is started interactively, which allows local users to gain privileges to that tty via a CGI program that calls the TIOCSTI ioctl.
thttpd before 2.25b-r6 in Gentoo Linux is start
directory
|
225b-r6
|
started
|
system
|
thttpd
|
before
|
Gentoo
|
Linux
|
root
|
thttpd before 2.25b-r6 in Gentoo Linux is started from the system root directory (/) by the Gentoo baselayout 1.12.6 package, which allows remote attackers to read arbitrary files.
Software vulnerabilities results 1 to 9 of 9
Page:
1