Searching utilities software vulnerabilities

Buffer overflow in pppattach and other linked P

pppattach | utilities | UnixWare | overflow | Caldera | Buffer | linked | other | Unix | Open | PPP |

Buffer overflow in pppattach and other linked PPP utilities in Caldera Open Unix 8.0 and UnixWare 7.1.0 and 7.1.1 allows local users to gain privileges.


Buffer overflow in uucp utilities in UnixWare 7

arguments | utilities | arbitrary | UnixWare | overflow | execute | command | allows | Buffer | local | users | line | uucp | code | long | via |

Buffer overflow in uucp utilities in UnixWare 7 allows local users to execute arbitrary code via long command line arguments to (1) uucp, (2) uux, (3) bnuconvert, (4) uucico, (5) uuxcmd, or (6) uuxqt.


Buffer overflows in netstd 3.07-17 package allo

arbitrary | overflows | utilities | observed | servers | execute | package | 307-17 | netstd | remote | Buffer | allows | reply | FQDN | code | long | DNS | via |

Buffer overflows in netstd 3.07-17 package allows remote DNS servers to execute arbitrary code via a long FQDN reply, as observed in the utilities (1) linux-ftpd, (2) pcnfsd, (3) tftp, (4) traceroute, or (5) from/to.


Unknown vulnerability in the WebSecure (DFSWeb)

vulnerability | WebSecure | Unknown |

Unknown vulnerability in the WebSecure (DFSWeb) configuration utilities in AIX 4.x, possibly related to relative pathnames.


Buffer overflow in the Software Distributor uti

Distributor | environment | arbitrary | utilities | variable | programs | overflow | Software | execute | Buffer | setuid | allows | B1100 | B1111 | local | users | HP-UX | such | code | long | LANG | via |

Buffer overflow in the Software Distributor utilities for HP-UX B.11.00 and B.11.11 allows local users to execute arbitrary code via a long LANG environment variable to setuid programs such as (1) swinstall and (2) swmodify.


The (1) dupatch and (2) setld utilities in HP T


The (1) dupatch and (2) setld utilities in HP Tru64 UNIX 5.1B PK1 and earlier allows local users to overwrite files and possibly gain root privileges via a symlink attack.


The slip_down function in slip.c for the uml_ne

uml-utilities | slip_down | function | program | uml_net | slipc |

The slip_down function in slip.c for the uml_net program in uml-utilities Wednesday, September 03, 2003, when uml_net is installed setuid root, does not verify whether the calling user has sufficient permission to disable an interface, which allows local users to cause a denial of service (network service disabled).


Buffer overflow in postfile.exe for Twilight Ut

postfileexe | Utilities | Twilight | overflow | Server | Buffer | Web |

Buffer overflow in postfile.exe for Twilight Utilities Web Server 2.0.0.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL request with a long attfile attribute.


Directory traversal vulnerability in postfile.e

vulnerability | postfileexe | Utilities | Directory | traversal | Twilight | Server | Web |

Directory traversal vulnerability in postfile.exe for Twilight Utilities Web Server 2.0.0.0 allows remote attackers to write arbitrary files via a .. (dot dot) in the attfile parameter.


nwclient.c in ncpfs before 2.2.6 does not drop

nwclientc | before | ncpfs |

nwclient.c in ncpfs before 2.2.6 does not drop root privileges before executing utilities using the NetWare client functions, which allows local users to gain privileges.


Race condition in Core Utilities (coreutils) 5.

Utilities | condition | Race | Core |

Race condition in Core Utilities (coreutils) 5.2.1, when (1) mkdir, (2) mknod, or (3) mkfifo is running with the -m switch, allows local users to modify permissions of other files.


Unknown vulnerability in DameWare NT Utilities

vulnerability | additional | Utilities | DameWare | Unknown | Control | earlier | rights | allows | Remote | users | local | Mini | gain |

Unknown vulnerability in DameWare NT Utilities 4.8 and earlier, and Mini Remote Control 4.8 and earlier, allows local users to gain additional rights.


The DNTUS26 process in Dameware NT Utilities an

information | MiniRemote | cleartext | Utilities | sensitive | attackers | username | password | Dameware | DNTUS26 | process | earlier | Control | stores | obtain | memory | which | DWRCS | allow | could |

The DNTUS26 process in Dameware NT Utilities and the DWRCS process in MiniRemote Control 4.9 and earlier stores the username and password in cleartext in memory, which could allow attackers to obtain sensitive information.


Format string vulnerability in the snmp_input f

vulnerability | snmp_input | utilities | snmptrapd | function | Format | string | SNMP | CMU |

Format string vulnerability in the snmp_input function in snmptrapd in CMU SNMP utilities (cmu-snmp) allows remote attackers to execute arbitrary code by sending crafted SNMP messages to UDP port 162.


utilities/register.asp in Nukedit 4.9.6 and ear

utilities/registerasp | Nukedit |

utilities/register.asp in Nukedit 4.9.6 and earlier allows remote attackers to create new users as part of arbitrary groups, including the administrative group, via a modified groupid parameter when creating a user via the addDB action.


SQL injection vulnerability in utilities/userme

utilities/usermessagesasp | vulnerability | ScriptMate | arbitrary | attackers | injection | parameter | commands | execute | Manager | allows | remote | mesid | User | SQL | via |

SQL injection vulnerability in utilities/usermessages.asp in ScriptMate User Manager 2.0 allows remote attackers to execute arbitrary SQL commands via the mesid parameter.


SQL injection vulnerability in wwv_flow_utiliti

wwv_flow_utilitiesgen_popup_list | WWV_FLOW_UTILITIES | P_LOV_CHECKSUM | authenticated | vulnerability | APEX/HTMLDB | calculating | modifying | injection | arbitrary | parameter | matching | checksum | execute | package | before | Oracle | allows | remote | users | P_LOV | SQL | MD5 |

SQL injection vulnerability in wwv_flow_utilities.gen_popup_list in the WWV_FLOW_UTILITIES package for Oracle APEX/HTMLDB before 2.2 allows remote authenticated users to execute arbitrary SQL by modifying the P_LOV parameter and calculating a matching MD5 checksum for the P_LOV_CHECKSUM parameter. NOTE: it is likely that this issue is subsumed by CVE-2006-5351, but due to lack of details from Oracle, this cannot be proven.


The (1) Activity Monitor.app/Contents/Resources


The (1) Activity Monitor.app/Contents/Resources/pmTool, (2) Keychain Access.app/Contents/Resources/kcproxy, and (3) ODBC Administrator.app/Contents/Resources/iodbcadmintool programs in /Applications/Utilities/ in Mac OS X 10.4.8 have weak permissions (writable by admin group), which allows local admin users to gain root privileges by modifying a program and then performing permissions repair via diskutil.


Cross-site scripting (XSS) vulnerability in uti

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in utilities/search.asp in nukedit 4.9.7b allows remote attackers to inject arbitrary web script or HTML via the terms parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.


Cross-site scripting (XSS) vulnerability in uti

Cross-site | scripting |

Cross-site scripting (XSS) vulnerability in utilities/login.asp in nukedit 4.9.7 and earlier allows remote attackers to inject arbitrary web script or HTML via the email parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.


Software vulnerabilities results 1 to 20 of 22     
Page: 12