terminal software vulnerabilities
vulnerabilities.aspcode.net
Searching terminal software vulnerabilities
Buffer overflow in ping CGI program in Xylogics
attackers
|
parameter
|
terminal
|
Xylogics
|
overflow
|
service
|
program
|
remote
|
denial
|
allows
|
Buffer
|
Annex
|
cause
|
query
|
long
|
ping
|
CGI
|
via
|
Buffer overflow in ping CGI program in Xylogics Annex terminal service allows remote attackers to cause a denial of service via a long query parameter.
Buffer overflow in SCO mscreen allows local use
privileges
|
terminal
|
overflow
|
mscreen
|
Buffer
|
allows
|
entry
|
users
|
local
|
long
|
gain
|
root
|
SCO
|
via
|
Buffer overflow in SCO mscreen allows local users to gain root privileges via a long terminal entry (TERM) in the .mscreenrc file.
Xyplex terminal server 6.0.1S1, and possibly ot
attackers
|
versions
|
entering
|
password
|
possibly
|
terminal
|
bypass
|
Xyplex
|
prompt
|
server
|
allows
|
remote
|
other
|
601S1
|
Xyplex terminal server 6.0.1S1, and possibly other versions, allows remote attackers to bypass the password prompt by entering (1) a CTRL-Z character, or (2) a ? (question mark).
Buffer overflow in /usr/bin/write in Solaris 2.
/usr/bin/write
|
privileges
|
argument
|
terminal
|
overflow
|
Solaris
|
Buffer
|
allows
|
string
|
local
|
users
|
name
|
gain
|
long
|
via
|
Buffer overflow in /usr/bin/write in Solaris 2.6 and 7 allows local users to gain privileges via a long string in the terminal name argument.
pt_chmod in Solaris 8 does not call fdetach to
privileges
|
terminals
|
modifying
|
terminal
|
pt_chmod
|
fdetach
|
Solaris
|
users'
|
allows
|
which
|
other
|
write
|
local
|
reset
|
users
|
does
|
call
|
ACL
|
TTY
|
not
|
log
|
out
|
pt_chmod in Solaris 8 does not call fdetach to reset terminal privileges when users log out of terminals, which allows local users to write to other users' terminals by modifying the ACL of a TTY.
The Remote Desktop client in Windows XP sends t
cleartext
|
attackers
|
sniffing
|
terminal
|
Desktop
|
account
|
Windows
|
Remote
|
obtain
|
client
|
recent
|
server
|
names
|
allow
|
sends
|
which
|
could
|
most
|
name
|
user
|
via
|
The Remote Desktop client in Windows XP sends the most recent user account name in cleartext, which could allow remote attackers to obtain terminal server user account names via sniffing.
Windows 2000 Terminal Services, when using the
Windows
|
Windows 2000 Terminal Services, when using the disconnect feature of the client, does not properly lock itself if it is left idle until the screen saver activates and the user disconnects, which could allow attackers to gain administrator privileges.
Cross-site scripting (XSS) vulnerability in con
Cross-site
|
scripting
|
Cross-site scripting (XSS) vulnerability in connect.asp in Microsoft Terminal Services Advanced Client (TSAC) ActiveX control allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
The terminal services screensaver for Microsoft
screensaver
|
Microsoft
|
terminal
|
services
|
Windows
|
The terminal services screensaver for Microsoft Windows 2000 does not automatically lock the terminal window if the window is minimized, which could allow local users to gain access to the terminal server window.
Unknown vulnerability in the System Serial Cons
vulnerability
|
terminal
|
Console
|
Unknown
|
Solaris
|
System
|
Serial
|
Unknown vulnerability in the System Serial Console terminal in Solaris 2.5.1, 2.6, and 7 allows local users to monitor keystrokes and possibly steal sensitive information.
Apache 1.3 before 1.3.25 and Apache 2.0 before
before
|
Apache
|
Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerability than CVE-2003-0020.
Unknown vulnerability in the Terminal applicati
vulnerability
|
application
|
Terminal
|
Unknown
|
Mac
|
Unknown vulnerability in the Terminal application for Mac OS X 10.3 (Client and Server) may allow "unauthorized access."
wget 1.8.x and 1.9.x does not filter or quote c
characters
|
displaying
|
responses
|
arbitrary
|
sequences
|
malicious
|
terminal
|
servers
|
execute
|
control
|
remote
|
escape
|
inject
|
filter
|
quote
|
allow
|
which
|
HTTP
|
does
|
code
|
wget
|
18x
|
19x
|
may
|
not
|
web
|
wget 1.8.x and 1.9.x does not filter or quote control characters when displaying HTTP responses to the terminal, which may allow remote malicious web servers to inject terminal escape sequences and execute arbitrary code.
resmgr in SUSE CORE 9 does not properly identif
terminals
|
properly
|
terminal
|
identify
|
resmgr
|
allows
|
local
|
spoof
|
users
|
types
|
login
|
names
|
which
|
CORE
|
does
|
SUSE
|
not
|
resmgr in SUSE CORE 9 does not properly identify terminal names, which allows local users to spoof terminals and login types.
UTStarcom iAN-02EX VoIP Analog Terminal Adaptor
UTStarcom
|
Terminal
|
iAN-02EX
|
Adaptor
|
Analog
|
VoIP
|
UTStarcom iAN-02EX VoIP Analog Terminal Adaptor (ATA) allows local users to bypass ATA access restrictions by dialing "*#26845#" and causing a device reset.
The x-man-page: URI handler for Apple Terminal
The x-man-page: URI handler for Apple Terminal 1.4.4 in Mac OS X 10.3.9 does not cleanse terminal escape sequences, which allows remote attackers to execute arbitrary commands.
Unknown vulnerability in Mac OS X 10.4.2 and ea
vulnerability
|
Unknown
|
Mac
|
Unknown vulnerability in Mac OS X 10.4.2 and earlier, when using Kerberos authentication with LDAP, allows attackers to gain access to a root Terminal window.
Buffer overflow in FileZilla Server Terminal 0.
FileZilla
|
attackers
|
Terminal
|
overflow
|
service
|
remote
|
Server
|
Buffer
|
denial
|
cause
|
allow
|
094d
|
may
|
Buffer overflow in FileZilla Server Terminal 0.9.4d may allow remote attackers to cause a denial of service (terminal crash) via a long USER ftp command.
VNC server on the AK-Systems Windows Terminal 1
AK-Systems
|
Terminal
|
Windows
|
server
|
VNC
|
VNC server on the AK-Systems Windows Terminal 1.2.5 ExVLP is not password protected, which allows remote attackers to login and view RDP or Citrix sessions.
The terminal_helper_execute function in termina
terminal_helper_execute
|
terminal/terminalc
|
Terminal
|
function
|
Xfce
|
The terminal_helper_execute function in terminal/terminal.c in Xfce Terminal 0.2.6 allows user-assisted remote attackers to execute arbitrary commands via shell metacharacters in a crafted link, as demonstrated using the "Open Link" functionality.
Software vulnerabilities results 1 to 20 of 49
Page:
1
2
3
►