4690 matches found
CVE-2002-1279
Multiple buffer overflows in conf.c for Masqmail 0.1.x before 0.1.17, and 0.2.x before 0.2.15, allow local users to gain privileges via certain entries in the configuration file -C option...
CVE-2002-1279
Multiple buffer overflows in conf.c for Masqmail 0.1.x before 0.1.17, and 0.2.x before 0.2.15, allow local users to gain privileges via certain entries in the configuration file -C option...
CVE-2002-1279
Removed by vendor...
syslog-ng buffer overflow
Buffer overflow in parsing $HOST variable in configuration file...
TightAuction 3.0 - Config.INC Information Disclosure
TightAuction 3.0 - Config.INC Information Disclosure source: https://www.securityfocus.com/bid/5850/info TightAuction is prone to an information disclosure vulnerability. The configuration file config.inc contains sensitive information such as database authentication credentials. It is possible f...
TightAuction 3.0 - Config.INC Information Disclosure
source: https://www.securityfocus.com/bid/5850/info TightAuction is prone to an information disclosure vulnerability. The configuration file config.inc contains sensitive information such as database authentication credentials. It is possible for remote attackers to retrieve this file via a web...
PHPGB 1.1/1.2 - PHP Code Injection
source: https://www.securityfocus.com/bid/5679/info phpGB is subject to a PHP code injection vulnerability. After bypassing authentication it is possible to inject code into the guestbook configuration file config.php by supplying malicious parameters for the savesettings.php script. The...
Trend Micro OfficeScan ofcscan.ini Configuration File Disclosure
The remote Trend Micro OfficeScan Corporate Edition Japanese version: Virus Buster Corporate Edition web-based management console allows unauthenticated access to files under '/officescan/hotdownload'. Reading the configuration file 'ofcscan.ini' under that location will reveal information about...
CVE-2002-0428
Check Point FireWall-1 SecuRemote/SecuClient 4.0 and 4.1 allows clients to bypass the "authentication timeout" by modifying the toexpire or expire values in the client's users.C configuration file...
iSCSI weak permissions
File /etc/iscsi.conf is open for writing...
CVE-2002-0552
Multiple buffer overflows in Melange Chat server 2.02 allow remote or local attackers to cause a denial of service crash and possibly execute arbitrary code via 1 a long argument in the /yell command, 2 long lines in the /etc/melange.conf configuration file, 3 long file names, or possibly other...
CVE-2001-1162
Summary of CVE-2001-1162: A directory traversal flaw in the Samba SMB server permits remote overwriting of files via the NetBIOS name used for a log file. The vulnerability stems from the %m macro in smb.conf, allowing a path like ‘..’ to reference files outside the intended log location. Affecte...
Working Resources 1.7.3 BadBlue - Null Byte File Disclosure
source: https://www.securityfocus.com/bid/5226/info BadBlue is a P2P file sharing application distributed by Working Resources. It is available for Microsoft Windows operating systems. It has been discovered that a request passed to a BadBlue server containing a null byte at the end of a file nam...
CVE-2002-0568
Oracle 9i Application Server stores XSQL and SOAP configuration files insecurely, which allows local users to obtain sensitive information including usernames and passwords by requesting 1 XSQLConfig.xml or 2 soapConfig.xml through a virtual directory...
CVE-2002-0428
Check Point FireWall-1 SecuRemote/SecuClient 4.0 and 4.1 allows clients to bypass the "authentication timeout" by modifying the toexpire or expire values in the client's users.C configuration file...
Cleartext password in Volution Manager
Cleartext password stored in /etc/ldap/slapd.conf...
CVE-2002-0274
Exim 3.34 and earlier may allow local users to gain privileges via a buffer overflow in long -C configuration file and other command line arguments...
QNX RTOS 4.25 - CRTTrap File Disclosure
QNX RTOS 4.25 - CRTTrap File Disclosure source: https://www.securityfocus.com/bid/4901/info The QNX RTOS crttrap binary includes a command-line option for specifying a configuration file. crttrap is installed setuid by default. crttrap Local attackers may specify an arbitrary system file in place...
QPopper 4.0.4 buffer overflow
Affected versions 4.0.3 and 4.0.4. default install. Servers, not processing users configuration file /.qpopper-options are insensible to this bug. popbull.c ----------- int CopyOneBull POP p, long bnum, char name FILE bull; char buffer MAXMSGLINELEN ; BOOL inheader = TRUE; BOOL firstline = TRUE;...
Unauthorized remote control access to Funk Proxy
Weak file permissions, decryptable password and unauthorized access to configuration file allow to obtain administrator's password...