unusual software vulnerabilities
vulnerabilities.aspcode.net
Searching unusual software vulnerabilities
Marconi ForeThought 7.1 allows remote attackers
ForeThought
|
attackers
|
sessions
|
service
|
unusual
|
causing
|
Marconi
|
telnet
|
allows
|
locked
|
denial
|
remote
|
input
|
cause
|
both
|
via
|
Marconi ForeThought 7.1 allows remote attackers to cause a denial of service by causing both telnet sessions to be locked via unusual input (e.g., from a port scanner), which prevents others from logging into the device.
Alcatel Speed Touch Home ADSL Modem allows remo
attackers
|
service
|
Alcatel
|
remote
|
denial
|
allows
|
cause
|
Touch
|
Speed
|
Modem
|
ADSL
|
Home
|
Alcatel Speed Touch Home ADSL Modem allows remote attackers to cause a denial of service (reboot) via a network scan with unusual packets, such as nmap with OS detection.
Siemens 3568i WAP mobile phones allows remote a
attackers
|
service
|
Siemens
|
remote
|
denial
|
allows
|
mobile
|
phones
|
3568i
|
cause
|
WAP
|
Siemens 3568i WAP mobile phones allows remote attackers to cause a denial of service (crash) via an SMS message containing unusual characters.
Multiple content security gateway and antivirus
restrictions
|
differently
|
interpreted
|
whitespace
|
attackers
|
antivirus
|
Multiple
|
messages
|
products
|
security
|
unusual
|
gateway
|
content
|
fashion
|
clients
|
bypass
|
remote
|
which
|
allow
|
MIME
|
mail
|
via
|
use
|
may
|
Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use whitespace in an unusual fashion, which may be interpreted differently by mail clients.
Fastream NETFile FTP Server 6.7.2.1085 and earl
Fastream
|
NETFile
|
Server
|
FTP
|
Fastream NETFile FTP Server 6.7.2.1085 and earlier allows remote attackers to cause a denial of service (temporary hang) via the cd command with an unusual argument, possibly due to multiple leading slashes and/or an access to the floppy drive ("A").
Mozilla allows remote attackers to cause a deni
attackers
|
Mozilla
|
service
|
denial
|
allows
|
remote
|
cause
|
Mozilla allows remote attackers to cause a denial of service (application crash from invalid memory access) via an "unusual combination of visual elements," including several large MARQUEE tags with large height parameters, as demonstrated by mangleme.
Vipul Razor Agents (razor-agents) before 2.70 a
Agents
|
Razor
|
Vipul
|
Vipul Razor Agents (razor-agents) before 2.70 allows remote attackers to cause a denial of service via (1) certain "unusual HTML messages" or (2) "certain malformed headers" such as Content-Type.
Lyris ListManager 5.0 through 8.9a allows remot
ListManager
|
characters
|
whitespace
|
attackers
|
parameter
|
through
|
columns
|
unusual
|
queries
|
orderby
|
allows
|
remote
|
"ORDER
|
Lyris
|
such
|
add
|
89a
|
BY"
|
via
|
SQL
|
Lyris ListManager 5.0 through 8.9a allows remote attackers to add "ORDER BY" columns to SQL queries via unusual whitespace characters in the orderby parameter, such as (1) newlines and (2) 0xFF (ASCII 255) characters, which are interpreted as whitespace.
** DISPUTED ** Drupal allows remote attackers
cross-site
|
attackers
|
scripting
|
DISPUTED
|
conduct
|
Drupal
|
allows
|
remote
|
** DISPUTED ** Drupal allows remote attackers to conduct cross-site scripting (XSS) attacks via an IMG tag with an unusual encoded Javascript function name, as demonstrated using variations of the alert() function. NOTE: a followup by the vendor suggests that the issue does not exist in 4.5.6 or 4.6.4 when "Filtered HTML" is enabled, and since "Full HTML" would not filter HTML by design, perhaps this should not be included in CVE.
** DISPUTED ** The source code tar archive of
DISPUTED
|
archive
|
kernel
|
source
|
Linux
|
code
|
tar
|
** DISPUTED ** The source code tar archive of the Linux kernel 2.6.16, 2.6.17.11, and possibly other versions specifies weak permissions (0666 and 0777) for certain files and directories, which might allow local users to insert Trojan horse source code that would be used during the next kernel compilation. NOTE: another researcher disputes the vulnerability, stating that he finds "Not a single world-writable file or directory." CVE analysis as of Friday, September 08, 2006 indicates that permissions will only be weak under certain unusual or insecure scenarios.
Microsoft Internet Security and Acceleration (I
Acceleration
|
Microsoft
|
Security
|
Internet
|
Microsoft Internet Security and Acceleration (ISA) Server 2004 logs unusual ASCII characters in the Host header, including the tab, which allows remote attackers to manipulate portions of the log file and possibly leverage this for other attacks.
SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before 200
SpamAssassin
|
31x
|
SpamAssassin 3.1.x, 3.2.0, and 3.2.1 before Monday, June 11, 2007, when running as root in unusual configurations using vpopmail or virtual users, allows local users to cause a denial of service (corrupt arbitrary files) via a symlink attack on a file that is used by spamd.
Software vulnerabilities results 1 to 13 of 13
Page:
1