status software vulnerabilities
vulnerabilities.aspcode.net
Searching status software vulnerabilities
SGI MachineInfo CGI program, installed by defau
potentially
|
information
|
MachineInfo
|
activities
|
sensitive
|
gathering
|
attackers
|
installed
|
program
|
default
|
servers
|
status
|
remote
|
prints
|
system
|
could
|
which
|
some
|
used
|
CGI
|
web
|
SGI
|
SGI MachineInfo CGI program, installed by default on some web servers, prints potentially sensitive system status information, which could be used by remote attackers for information gathering activities.
WFTPD and WFTPD Pro 2.41 allows remote attacker
WFTPD
|
Pro
|
WFTPD and WFTPD Pro 2.41 allows remote attackers to obtain the real pathname for a file by executing a STATUS (STAT) command while the file is being transferred.
The pre-login mode in the System Administrator
Administrator
|
ConsoleServer
|
Lightwave
|
pre-login
|
interface
|
System
|
mode
|
The pre-login mode in the System Administrator interface of Lightwave ConsoleServer 3200 allows remote attackers to obtain sensitive information such as system status, configuration, and users.
Buffer overflows in (1) send_status, (2) kill_p
overflows
|
Buffer
|
Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 4.3 and 5.1 allow remote attackers to gain root privileges.
Red Hat Stronghold 2.3 to 3.0 allows remote att
information
|
Stronghold
|
attackers
|
retrieve
|
request
|
system
|
remote
|
allows
|
HTTP
|
GET
|
Hat
|
Red
|
via
|
Red Hat Stronghold 2.3 to 3.0 allows remote attackers to retrieve system information via an HTTP GET request to (1) stronghold-info or (2) stronghold-status.
Buffer overflow in the mtink status monitor, as
printer-drivers
|
environment
|
arbitrary
|
variable
|
Mandrake
|
included
|
overflow
|
execute
|
monitor
|
package
|
allows
|
status
|
Buffer
|
local
|
mtink
|
Linux
|
users
|
HOME
|
code
|
long
|
via
|
Buffer overflow in the mtink status monitor, as included in the printer-drivers package in Mandrake Linux, allows local users to execute arbitrary code via a long HOME environment variable.
ServerMask 2.2 and earlier does not obfuscate (
ServerMask
|
obfuscate
|
earlier
|
does
|
not
|
ServerMask 2.2 and earlier does not obfuscate (1) ETag, (2) HTTP Status Message, or (3) Allow HTTP responses, which could tell remote attackers that the web server is an IIS server.
Multiple buffer overflows in WS_FTP 3 and 4 all
authenticated
|
arbitrary
|
overflows
|
Multiple
|
possibly
|
service
|
execute
|
denial
|
buffer
|
WS_FTP
|
remote
|
allow
|
users
|
cause
|
long
|
code
|
via
|
Multiple buffer overflows in WS_FTP 3 and 4 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via long (1) APPE (append) or (2) STAT (status) arguments.
The mtink status monitor before 1.0.5 for Epson
monitor
|
before
|
status
|
mtink
|
The mtink status monitor before 1.0.5 for Epson printers allows local users to overwrite arbitrary files via a symlink attack on the epson temporary file.
Apple Safari 1.0 through 1.2.3 allows remote at
through
|
Safari
|
Apple
|
Apple Safari 1.0 through 1.2.3 allows remote attackers to spoof the URL displayed in the status bar via TABLE tags.
Mozilla before 1.6 does not display the entire
facilitate
|
attackers
|
untrusted
|
clicking
|
contains
|
phishing
|
attacks
|
unknown
|
display
|
Mozilla
|
remote
|
before
|
entire
|
status
|
trick
|
sites
|
users
|
which
|
could
|
allow
|
link
|
does
|
into
|
not
|
URL
|
%00
|
bar
|
Mozilla before 1.6 does not display the entire URL in the status bar when a link contains %00, which could allow remote attackers to trick users into clicking on unknown or untrusted sites and facilitate phishing attacks.
Hired Team: Trial 2.0 and earlier and 2.200 all
Hired
|
Hired Team: Trial 2.0 and earlier and 2.200 allows remote attackers to cause a denial of service (application crash) via the status command.
Sophos Anti-Virus 3.78 allows remote attackers
Anti-Virus
|
Sophos
|
Sophos Anti-Virus 3.78 allows remote attackers to bypass virus scanning by using a qmail generated Delivery Status Notification (DSN) where the original email is not included in the bounce message.
Buffer overflow in Alt-N MDaemon 7.0.1 allows r
overflow
|
MDaemon
|
Buffer
|
Alt-N
|
Buffer overflow in Alt-N MDaemon 7.0.1 allows remote attackers to cause a denial of service (application crash) via a long STATUS command to the IMAP server.
Eudora 6.1.0.6 allows remote attackers to obfus
Eudora
|
Eudora 6.1.0.6 allows remote attackers to obfuscate URLs displayed in the status bar by inserting a large number of characters (e.g. spaces coded as " ") in the middle of the URL.
Stack-based buffer overflow in the IMAP daemon
Stack-based
|
overflow
|
daemon
|
buffer
|
IMAP
|
Stack-based buffer overflow in the IMAP daemon (imapd) in MailEnable Professional 1.54 allows remote authenticated users to execute arbitrary code via the status command with a long mailbox name.
Firefox before 1.0.7 and Mozilla Suite before 1
Firefox
|
before
|
Firefox before 1.0.7 and Mozilla Suite before 1.7.12 allows remote attackers to spawn windows without user interface components such as the address and status bar, which could be used to conduct spoofing or phishing attacks.
Ventrilo 2.1.2 through 2.3.0 allows remote atta
Ventrilo
|
Ventrilo 2.1.2 through 2.3.0 allows remote attackers to cause a denial of service (application crash) via a status packet that contains less data than specified in the packet header sent to UDP port 3784.
user.php in the Billing Control Panel in phpCou
custom=upgrade
|
status=success
|
authenticated
|
transactions
|
substrings
|
containing
|
parameter
|
phpCoupon
|
possibly
|
modified
|
REQ=auth
|
related
|
coupons
|
certain
|
acquire
|
Billing
|
Premium
|
Control
|
userphp
|
remote
|
allows
|
obtain
|
Member
|
PayPal
|
status
|
Panel
|
users
|
free
|
via
|
URL
|
user.php in the Billing Control Panel in phpCoupon allows remote authenticated users to obtain Premium Member status, and possibly acquire free coupons, via a modified URL containing a certain billing parameter and REQ=auth, status=success, and custom=upgrade substrings, possibly related to PayPal transactions.
Mozilla Firefox 2.0.0.6 and earlier allows remo
Firefox
|
Mozilla
|
Mozilla Firefox 2.0.0.6 and earlier allows remote attackers to spoof the contents of the status bar via a link to a data: URI containing an encoded URL. NOTE: the severity of this issue has been disputed by a reliable third party, since the intended functionality of the status bar allows it to be modified.
Software vulnerabilities results 1 to 20 of 88
Page:
1
2
3
4
5
►