uppercase software vulnerabilities
vulnerabilities.aspcode.net
Searching uppercase software vulnerabilities
Task Manager in Windows 2000 does not allow loc
Windows
|
Manager
|
Task
|
Task Manager in Windows 2000 does not allow local users to end processes with uppercase letters named (1) winlogon.exe, (2) csrss.exe, (3) smss.exe and (4) services.exe via the Process tab which could allow local users to install Trojan horses that cannot be stopped with the Task Manager.
CUPS before 1.1.21rc1 treats a Location directi
containing
|
attackers
|
sensitive
|
uppercase
|
specified
|
different
|
lowercase
|
directive
|
cupsdconf
|
intended
|
Location
|
letters
|
1121rc1
|
printer
|
treats
|
before
|
allows
|
bypass
|
which
|
ACLs
|
case
|
name
|
CUPS
|
via
|
CUPS before 1.1.21rc1 treats a Location directive in cupsd.conf as case sensitive, which allows attackers to bypass intended ACLs via a printer name containing uppercase or lowercase letters that are different from what is specified in the directive.
webadmin-apache.conf in Novell Web Manager of N
webadmin-apacheconf
|
inconsistent
|
uppercase
|
lowercase
|
attackers
|
directory
|
NetWare
|
Manager
|
control
|
WEB-INF
|
allows
|
remote
|
Novell
|
bypass
|
folder
|
access
|
volume
|
Alias
|
which
|
uses
|
Web
|
tag
|
webadmin-apache.conf in Novell Web Manager of Novell NetWare 6.5 uses an uppercase Alias tag with an inconsistent lowercase directory tag for a volume, which allows remote attackers to bypass access control to the WEB-INF folder.
The file extension check in GNUBoard 3.40 and e
extension
|
GNUBoard
|
check
|
file
|
The file extension check in GNUBoard 3.40 and earlier only verifies extensions that contain all lowercase letters, which allows remote attackers to upload arbitrary files via file extensions that include uppercase letters.
GUI display truncation vulnerability in ICQ Inc
vulnerability
|
truncation
|
display
|
Inc
|
ICQ
|
GUI
|
GUI display truncation vulnerability in ICQ Inc. (formerly Mirabilis) ICQ 2003a, 2003b, Lite 4.0, Lite 4.1, and possibly other Windows versions allows user-assisted remote attackers to hide malicious file extensions, bypass Windows security warnings via a filename that is all uppercase and of a specific length, which truncates the malicious extension from the display and could trick a user into executing arbitrary programs.
DeluxeBB 1.07 and earlier allows remote attacke
DeluxeBB
|
DeluxeBB 1.07 and earlier allows remote attackers to bypass SQL injection protection mechanisms via the login variable and certain other variables, by using lowercase "union select" or possibly other statements that do not match the uppercase "UNION SELECT."
Apache 2.2.2, when running on Windows, allows r
Apache
|
Apache 2.2.2, when running on Windows, allows remote attackers to read source code of CGI programs via a request that contains uppercase (or alternate case) characters that bypass the case-sensitive ScriptAlias directive, but allow access to the file on case-insensitive file systems.
Incomplete blacklist vulnerability in index.php
vulnerability
|
phpMyAdmin
|
Incomplete
|
blacklist
|
indexphp
|
Incomplete blacklist vulnerability in index.php in phpMyAdmin 2.8.0 through 2.9.2 allows remote attackers to conduct cross-site scripting (XSS) attacks by injecting arbitrary JavaScript or HTML in a (1) db or (2) table parameter value followed by an uppercase end tag, which bypasses the protection against lowercase .
MyServer 0.8.9 and earlier does not properly ha
MyServer
|
MyServer 0.8.9 and earlier does not properly handle uppercase characters in filename extensions, which allows remote attackers to obtain sensitive information (script source code) via a modified extension, as demonstrated by post.mscgI.
Software vulnerabilities results 1 to 10 of 10
Page:
1