Searching storage software vulnerabilities

Buffer overflow in Tivoli Storage Manager TSM (

overflow | Storage | Manager | Buffer | Tivoli | TSM |

Buffer overflow in Tivoli Storage Manager TSM (1) Server or Storage Agents 3.1 through 5.1, and (2) the TSM Client Acceptor Service 4.2 and 5.1, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request to port 1580 or port 1581.


Cisco SN 5420 Storage Router 1.1(5) and earlier

Cisco |

Cisco SN 5420 Storage Router 1.1(5) and earlier allows attackers to read configuration files without authorization.


Cisco SN 5420 Storage Router 1.1(5) and earlier

Cisco |

Cisco SN 5420 Storage Router 1.1(5) and earlier allows remote attackers to cause a denial of service (router crash) via an HTTP request with large headers.


Cisco SN 5420 Storage Router 1.1(5) and earlier

Cisco |

Cisco SN 5420 Storage Router 1.1(5) and earlier allows remote attackers to cause a denial of service (halt) via a fragmented packet to the Gigabit interface.


Iomega Network Attached Storage (NAS) A300U, an

Attached | Storage | Network | Iomega |

Iomega Network Attached Storage (NAS) A300U, and possibly other models, does not allow the FTP service to be disabled, which allows local users to access home directories via FTP even when access to all shared directories have been disabled.


The Network Attached Storage (NAS) Administrati

Attached | Storage | Network |

The Network Attached Storage (NAS) Administration Web Page for Iomega NAS A300U transmits passwords in cleartext, which allows remote attackers to sniff the administrative password.


Unknown vulnerability in Sun StorEdge Enterpris

vulnerability | Enterprise | StorEdge | Storage | Manager | Unknown | Sun |

Unknown vulnerability in Sun StorEdge Enterprise Storage Manager (ESM) 2.1 for Solaris 8 and Solaris 9 allows local users with the "ESMUser" role to gain root access.


Engenio/LSI Logic storage controllers, as used

controllers | Engenio/LSI | Storagetek | products | storage | DS4100 | Logic | used | D280 | such | IBM |

Engenio/LSI Logic storage controllers, as used in products such as Storagetek D280, and IBM DS4100 (formerly FastT 100) and Brocade SilkWorm Switches, allow remote attackers to cause a denial of service (freeze and possible data corruption) via crafted TCP packets.


Multiple heap-based and stack-based buffer over

StorageCentral | stack-based | components | heap-based | arbitrary | attackers | overflows | controls | Multiple | execute | Storage | ActiveX | certain | VERITAS | remote | Hotfix | before | server | buffer | allow | code | DCOM | Exec | Hot | Fix | via |

Multiple heap-based and stack-based buffer overflows in certain DCOM server components in VERITAS Storage Exec Storage Exec 5.3 before Hotfix 9 and StorageCentral 5.2 before Hot Fix 2 allow remote attackers to execute arbitrary code via certain ActiveX controls.


POP3 service in Avaya Modular Messaging Message

Messaging | Message | Storage | Modular | service | Server | Avaya | POP3 |

POP3 service in Avaya Modular Messaging Message Storage Server (MSS) 2.0 SP 4 and earlier allows remote attackers to cause a denial of service (infinite loop) via crafted packets.


Multiple unspecified injection vulnerabilities

vulnerabilities | unspecified | Container | injection | Multiple | ends | back | Auth |

Multiple unspecified injection vulnerabilities in unspecified Auth Container back ends for PEAR::Auth before 1.2.4, and 1.3.x before 1.3.0r4, allow remote attackers to "falsify authentication credentials," related to the "underlying storage containers."


Heap-based buffer overflow in Microsoft Infotec

Heap-based | Microsoft | Infotech | overflow | Library | Storage | buffer | System |

Heap-based buffer overflow in Microsoft Infotech Storage System Library (itss.dll) allows user-assisted attackers to execute arbitrary code via a crafted CHM / ITS file that triggers the overflow while decompiling.


Unspecified vulnerability in HP OpenView Storag

vulnerability | Unspecified | attackers | arbitrary | Protector | OpenView | execute | Storage | vectors | unknown | allows | remote | Data | code | via |

Unspecified vulnerability in HP OpenView Storage Data Protector 5.1 and 5.5 allows remote attackers to execute arbitrary code via unknown vectors.


A package component in Sun Storage Automated Di

Environment | Diagnostic | Automated | component | package | Storage | Sun |

A package component in Sun Storage Automated Diagnostic Environment (StorADE) 2.4 uses world-writable permissions for certain critical files and directories, which allows local users to gain privileges.


The dvd_read_bca function in the DVD handling c

drivers/cdrom/cdromc | dvd_read_bca | handling | function | kernel | Linux | code | DVD |

The dvd_read_bca function in the DVD handling code in drivers/cdrom/cdrom.c in Linux kernel 2.2.16, and later versions, assigns the wrong value to a length variable, which allows local users to execute arbitrary code via a crafted USB Storage device that triggers a buffer overflow.


Unspecified vulnerability in the backup agent a

vulnerability | Unspecified | Protector | OpenView | Storage | Manager | backup | before | agent | Cell | Data |

Unspecified vulnerability in the backup agent and Cell Manager in HP OpenView Storage Data Protector 5.1 and 5.5 before Thursday, August 10, 2006 allows remote attackers to execute arbitrary code on an agent via unspecified vectors related to authentication and input validation.


Multiple array index errors in IBM Tivoli Stora

Multiple | Storage | Manager | Tivoli | errors | array | index | IBM |

Multiple array index errors in IBM Tivoli Storage Manager (TSM) before 5.2.9 and 5.3.x before 5.3.4 allow remote attackers to read arbitrary memory locations and cause a denial of service (crash) via a large index value in unspecified messages, a different issue than CVE-2006-5855.


PHP remote file inclusion vulnerability in incl

include/common_functionphp | _config[site_path] | vulnerability | parameter | attackers | inclusion | arbitrary | website | execute | storage | remote | allows | magic | photo | code | file | PHP | via | URL |

PHP remote file inclusion vulnerability in include/common_function.php in magic photo storage website allows remote attackers to execute arbitrary PHP code via a URL in the _config[site_path] parameter.


Unspecified vulnerability in HP OpenView Storag

vulnerability | Unspecified | Protector | arbitrary | OpenView | vectors | execute | Storage | unknown | allows | users | local | B1100 | HP-UX | B1123 | B1111 | Data | code | via |

Unspecified vulnerability in HP OpenView Storage Data Protector on HP-UX B.11.00, B.11.11, or B.11.23 allows local users to execute arbitrary code via unknown vectors.


Unspecified vulnerability in Hitachi JP1/HiComm

authentication | JP1/HiCommand | DeviceManager | vulnerability | Availability | Replication | Unspecified | information | vectors | Storage | Monitor | Hitachi | Manager | obtain | Global | Tiered | Tuning | allows | local | users | Link | via |

Unspecified vulnerability in Hitachi JP1/HiCommand DeviceManager, Global Link Availability Manager, Replication Monitor, Tiered Storage Manager, and Tuning Manager allows local users to obtain authentication information via unspecified vectors.


Software vulnerabilities results 1 to 20 of 37     
Page: 12