Searching until software vulnerabilities

Linux 2.1.132 and earlier allows local users to

Linux |

Linux 2.1.132 and earlier allows local users to cause a denial of service (resource exhaustion) by reading a large buffer from a random device (e.g. /dev/urandom), which cannot be interrupted until the read has completed.


Internet Explorer 5 does not modify the securit

Javascript | different | attackers | security | document | Explorer | Internet | execute | loading | context | remote | window | modify | loaded | could | allow | while | after | until | being | which | does | zone | been | into | not | has |

Internet Explorer 5 does not modify the security zone for a document that is being loaded into a window until after the document has been loaded, which could allow remote attackers to execute Javascript in a different security context while the document is loading.


Multiple vulnerabilities in xinetd 2.3.0 and ea

vulnerabilities | Multiple | xinetd |

Multiple vulnerabilities in xinetd 2.3.0 and earlier, and additional variants until 2.3.3, may allow remote attackers to cause a denial of service or execute arbitrary code, primarily via buffer overflows or improper NULL termination.


SSH before 2.0, when using RC4 and password aut

authentication | attackers | password | messages | remote | server | replay | before | allows | until | using | SSH | key | RC4 | new |

SSH before 2.0, when using RC4 and password authentication, allows remote attackers to replay messages until a new server key (VK) is generated.


The account lockout capability in Oblix NetPoin

capability | passwords | attackers | specified | guessing | password | NetPoint | lockout | conduct | account | without | waiting | earlier | remote | locked | easier | period | until | again | locks | being | Oblix | users | which | brute | makes | force | only | once | ends | then | out |

The account lockout capability in Oblix NetPoint 5.2 and earlier only locks out users once for the specified lockout period, which makes it easier for remote attackers to conduct brute force password guessing by waiting until the lockout period ends, then guessing passwords without being locked out again.


Macromedia Flash Player 6 does not terminate co

connections | Macromedia | terminate | attackers | service | allows | remote | denial | leaves | Player | which | Flash | cause | does | page | user | web | not |

Macromedia Flash Player 6 does not terminate connections when the user leaves the web page, which allows remote attackers to cause a denial of service (bandwidth, resource, and CPU consumption) via the (1) loadMovie or (2) loadSound commands, which continue to execute until the browser is closed.


BindView NetInventory 1.0, when used with NetRC

NetInventory | information | sensitive | BindView | allows | NetRC | users | local | used | read |

BindView NetInventory 1.0, when used with NetRC 1.0, allows local users to read sensitive information (passwords) by deleting the HOSTCFG._NI file and forcing an audit, which rewrites the HOSTCFG._NI to HOSTCFG.INI and stores the passwords in cleartext until the audit is complete.


Windows 2000 Terminal Services, when using the

Windows |

Windows 2000 Terminal Services, when using the disconnect feature of the client, does not properly lock itself if it is left idle until the screen saver activates and the user disconnects, which could allow attackers to gain administrator privileges.


WFTPD Pro Server 3.21 Release 1 allocates memor

Server | WFTPD | Pro |

WFTPD Pro Server 3.21 Release 1 allocates memory for a command until a 0Ah byte (newline) is sent, which allows local users to cause a denial of service (CPU consumption) by continuing to send a long command that does not contain a newline.


Motorola Wireless Router WR850G running firmwar

firmware | Wireless | Motorola | running | Router | WR850G |

Motorola Wireless Router WR850G running firmware 4.03 allows remote attackers to bypass authentication, log on as an administrator, and obtain sensitive information by repeatedly making an HTTP request for ver.asp until an administrator logs on.


Microsoft Baseline Security Analyzer (MBSA) 1.2

Microsoft | Analyzer | Security | Baseline |

Microsoft Baseline Security Analyzer (MBSA) 1.2 does not correctly identify systems that have been patched but remain vulnerable to exploit until the system is rebooted, possibly giving the administrator a false sense of security.


Nortel Contivity VPN Client 2.1.7, 3.00, 3.01,

Contivity | Client | Nortel | VPN |

Nortel Contivity VPN Client 2.1.7, 3.00, 3.01, 4.91, and 5.01, when opening a VPN tunnel, does not check the gateway certificate until after a dialog box has been displayed to the user, which creates a race condition that allows remote attackers to perform a man-in-the-middle (MITM) attack.


The new account wizard in Mail.app 2.0 in Mac O

account | Mailapp | wizard | Mac | new |

The new account wizard in Mail.app 2.0 in Mac OS 10.4, when configuring an IMAP mail account and checking the credentials, does not prompt the user to use SSL until after the password has already been sent, which causes the password to be sent in plaintext.


The sysctl functionality (sysctl.c) in Linux ke

functionality | sysctl |

The sysctl functionality (sysctl.c) in Linux kernel before 2.6.14.1 allows local users to cause a denial of service (kernel oops) and possibly execute code by opening an interface file in /proc/sys/net/ipv4/conf/, waiting until the interface is unregistered, then obtaining and modifying function pointers in memory that was used for the ctl_table.


Multiple design errors in Microsoft Internet Ex

Microsoft | Internet | Multiple | Explorer | design | errors |

Multiple design errors in Microsoft Internet Explorer 5.01, 5.5, and 6 allow user-assisted attackers to execute arbitrary code by (1) overlaying a malicious new window above a file download box, then (2) using a keyboard shortcut and delaying the display of the file download box until the user hits a shortcut that activates the "Run" button, aka "File Download Dialog Box Manipulation Vulnerability."


Linksys WRT54G 3.01.03, 3.03.6, 4.00.7, and pos

Linksys | WRT54G |

Linksys WRT54G 3.01.03, 3.03.6, 4.00.7, and possibly other versions before 4.20.7, does not verify user authentication until after an HTTP POST request has been processed, which allows remote attackers to (1) modify configuration using restore.cgi or (2) upload new firmware using upgrade.cgi.


The Transmission Control Protocol (TCP) allows

Transmission | Protocol | Control |

The Transmission Control Protocol (TCP) allows remote attackers to cause a denial of service (bandwidth consumption) by sending ACK messages for packets that have not yet been received (optimistic ACKs), which can cause the sender to increase its transmission rate until it fills available bandwidth.


The cairo library (libcairo), as used in GNOME

library | cairo |

The cairo library (libcairo), as used in GNOME Evolution and possibly other products, allows remote attackers to cause a denial of service (persistent client crash) via an attached text file that contains "Content-Disposition: inline" in the header, and a very long line in the body, which causes the client to repeatedly crash until the e-mail message is manually removed, possibly due to a buffer overflow, as demonstrated using an XML attachment.


Safari in Apple iPhone 1.1.1, when requested to

iPhone | Safari | Apple |

Safari in Apple iPhone 1.1.1, when requested to disable Javascript, does not disable it until Safari is restarted, which might leave Safari open to attacks that the user does not expect.


IBM DB2 UDB 8 before Fixpak 15 and 9.1 before F

authenticated | privileges | revocation | properly | methods | flushed | execute | routine | method | remote | allows | Fixpak | before | revoke | after | cache | until | which | users | auth | does | IBM | not | UDB | DB2 |

IBM DB2 UDB 8 before Fixpak 15 and 9.1 before Fixpak 3 does not properly revoke privileges on methods, which allows remote authenticated users to execute a method after revocation until the routine auth cache is flushed.


Software vulnerabilities results 1 to 20 of 25     
Page: 12