Lucene search
K

202 matches found

NVD
NVD
added 2007/11/15 1:46 a.m.26 views

CVE-2007-4691

The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that allow attackers to bypass intended restrictions for local file system URLs...

10CVSS5.9AI score0.02105EPSS
Exploits1References8
Prion
Prion
added 2007/11/15 1:46 a.m.27 views

Design/Logic Flaw

The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that allow attackers to bypass intended restrictions for local file system URLs...

10CVSS6.1AI score0.02105EPSS
Exploits1References8Affected Software2
Cvelist
Cvelist
added 2007/11/15 1:0 a.m.29 views

CVE-2007-4691

The NSURL component in Apple Mac OS X 10.4 through 10.4.10 performs case-sensitive comparisons that allow attackers to bypass intended restrictions for local file system URLs...

6.9AI score0.02105EPSS
Exploits1References8
Atlassian
Atlassian
added 2007/10/22 6:2 a.m.18 views

Username upper case are not being restricted in some pages

Username must be created in lowercase in JIRA. At the moment, JIRA allows the username with the lowercase or uppercase letter in Login and Add Watcher pages. It should restrict the case-sensitive when the username is request from the login page or convert it to lower case. JIRA should have this...

3.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/10/22 6:2 a.m.21 views

Username upper case are not being restricted in some pages

Username must be created in lowercase in JIRA. At the moment, JIRA allows the username with the lowercase or uppercase letter in Login and Add Watcher pages. It should restrict the case-sensitive when the username is request from the login page or convert it to lower case. JIRA should have this...

3.1AI score
Exploits0Affected Software1
Atlassian
Atlassian
added 2007/10/22 6:2 a.m.19 views

Username upper case are not being restricted in some pages

Username must be created in lowercase in JIRA. At the moment, JIRA allows the username with the lowercase or uppercase letter in Login and Add Watcher pages. It should restrict the case-sensitive when the username is request from the login page or convert it to lower case. JIRA should have this...

3.1AI score
Exploits0
RedHat Linux
RedHat Linux
added 2007/04/03 6:58 p.m.4 views

mysql-server create database privilege escalation

MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions...

3.6CVSS7.3AI score0.02729EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2007/02/19 7:41 p.m.8 views

mysql-server create database privilege escalation

MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions...

3.6CVSS7.5AI score0.02729EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2006/10/30 12:0 a.m.54 views

FreeBSD : mysql -- database 'case-sensitive' privilege escalation (a0e92718-6603-11db-ab90-000e35fd8194)

Michal Prokopiuk reports a privilege escalation in MySQL. The vulnerability causes MySQL, when run on case-sensitive filesystems, to allow remote and local authenticated users to create or access a database when the database name differs only in case from a database for which they have permission...

3.6CVSS8.1AI score0.02729EPSS
Exploits1References3
UbuntuCve
UbuntuCve
added 2006/08/18 8:4 p.m.29 views

CVE-2006-4226

MySQL before 4.1.21, 5.0 before 5.0.25, and 5.1 before 5.1.12, when run on case-sensitive filesystems, allows remote authenticated users to create or access a database when the database name differs only in case from a database for which they have permissions...

3.6CVSS7.2AI score0.02729EPSS
Exploits1References1
securityvulns
securityvulns
added 2006/08/17 12:0 a.m.35 views

[SA21506] MySQL Create Database Bypass and Privilege Escalation

---------------------------------------------------------------------- Hardcore Disassembler / Reverse Engineer Wanted! Want to work with IDA and BinDiff? Want to write PoC's and Exploits? Your nationality is not important. We will get you a work permit, find an apartment, and offer a relocation...

2AI score
Exploits0
NVD
NVD
added 2006/08/14 8:4 p.m.19 views

CVE-2006-4110

Apache 2.2.2, when running on Windows, allows remote attackers to read source code of CGI programs via a request that contains uppercase or alternate case characters that bypass the case-sensitive ScriptAlias directive, but allow access to the file on case-insensitive file systems...

4.3CVSS6.8AI score0.37365EPSS
Exploits1References8
Debian CVE
Debian CVE
added 2006/08/14 8:0 p.m.41 views

CVE-2006-4110

Apache 2.2.2, when running on Windows, allows remote attackers to read source code of CGI programs via a request that contains uppercase or alternate case characters that bypass the case-sensitive ScriptAlias directive, but allow access to the file on case-insensitive file systems...

4.3CVSS6.5AI score0.37365EPSS
Exploits1
FreeBSD
FreeBSD
added 2006/08/09 12:0 a.m.27 views

mysql -- database "case-sensitive" privilege escalation

Michal Prokopiuk reports a privilege escalation in MySQL. The vulnerability causes MySQL, when run on case-sensitive filesystems, to allow remote and local authenticated users to create or access a database when the database name differs only in case from a database for which they have permission...

3.6CVSS6.5AI score0.02729EPSS
Exploits1References1
Cvelist
Cvelist
added 2005/12/23 1:0 a.m.22 views

CVE-2005-4514

The encapsulation script mechanism in Webwasher CSM Appliance Suite 5.x uses case-sensitive detection of malicious tokens, which allows attackers to bypass script detection by using tokens that can be upper or lower case. NOTE: the vendor has stated that this problem could not be reproduced, and...

6.5AI score0.01559EPSS
Exploits0References6
CVE
CVE
added 2005/12/23 1:0 a.m.47 views

CVE-2005-4514

CVE-2005-4514 concerns the Webwasher CSM Appliance Suite 5.x, where the encapsulation script mechanism uses case-sensitive detection of malicious tokens. This allows bypassing script detection by presenting tokens in mixed case (upper/lower). The vendor notes the issue could not be reproduced as ...

5CVSS7AI score0.01559EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2005/09/02 11:3 p.m.13 views

CVE-2005-2771

WRQ Reflection for Secure IT Windows Server 6.0 formerly known as F-Secure SSH server processes access and deny lists in a case-sensitive manner, when previous versions were case-insensitive, which might allow remote attackers to bypass intended restrictions and login to accounts that should be...

10CVSS6.7AI score0.04846EPSS
Exploits0References4
CVE
CVE
added 2005/09/02 4:0 a.m.64 views

CVE-2005-2771

CVE-2005-2771 affects AttachmateWRQ Reflection for Secure IT Server (Windows) prior to 6.0 Build 24. The issue arises because access/deny lists are evaluated case-sensitively in vulnerable versions, whereas earlier versions were case-insensitive, potentially allowing login to accounts that should...

10CVSS6.7AI score0.04846EPSS
Exploits0References4Affected Software2
Cvelist
Cvelist
added 2005/09/02 4:0 a.m.25 views

CVE-2005-2771

WRQ Reflection for Secure IT Windows Server 6.0 formerly known as F-Secure SSH server processes access and deny lists in a case-sensitive manner, when previous versions were case-insensitive, which might allow remote attackers to bypass intended restrictions and login to accounts that should be...

6.7AI score0.04846EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2005/07/14 5:48 p.m.33 views

Moderate: Red Hat Security Advisory: cups security update

Updated CUPS packages that fix a security issue are now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Common UNIX Printing System CUPS provides a portable printing layer for UNIXR operating system...

9.8CVSS5.7AI score0.02435EPSS
Exploits1References2
Rows per page
Query Builder