Lucene search
K

7245 matches found

Positive Technologies
Positive Technologies
added 2007/06/05 12:0 a.m.8 views

PT-2007-4340 · Gnu +1 · Gnu Screen +1

Name of the Vulnerable Software and Affected Versions: GNU screen version 4.0.3 Description: The issue allows local users to unlock the screen via a CTRL-C sequence at the password prompt. However, multiple third parties have reported an inability to reproduce this issue. Recommendations: For GNU...

7.8CVSS7.6AI score0.04148EPSS
Exploits7References19
securityvulns
securityvulns
added 2007/06/05 12:0 a.m.35 views

Re: [Full-disclosure] screen 4.0.3 local Authentication Bypass

-----Original Message----- Subject: Re: Full-disclosure screen 4.0.3 local Authentication Bypass Verified on OpenBSD I'm not seeing a 'Getpass error' message on 4.1-STABLE current, but there does seem to be a problem with locking and reattaching: $ screen space $ echo "This is the locked screen"...

6.9AI score
Exploits0
securityvulns
securityvulns
added 2007/06/05 12:0 a.m.35 views

[Full-disclosure] screen 4.0.3 local Authentication Bypass

/ / / / / / / / / / / / / // / / / / / / / / / // / / / // // / / / / / // ///// // // // Helith - 0815 -------------------------------------------------------------------------------- Author: Rembrandt Date: Known since somewhere in &cantremember Affected Software: screen = 4.0.3 Type: Local Typ...

0.8AI score
Exploits0
seebug.org
seebug.org
added 2007/06/04 12:0 a.m.128 views

screen 4.0.3 Local Authentication Bypass Vulnerability

No description provided by source. / / / / / / / / / / / / / // / / / / / / / / / // / / / // // / / / / / // ///// // // // Helith - 0815 -------------------------------------------------------------------------------- Author: Rembrandt Date: Known since somewhere in &cantremember...

7.1AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2007/05/25 12:0 a.m.44 views

Mac OS X Multiple Vulnerabilities (Security Update 2007-005)

The remote host is running a version of Mac OS X 10.4 or 10.3 that does not have Security Update 2007-005 applied. This update fixes security flaws in the following applications : Alias Manager BIND CoreGraphics crontabs fetchmail file iChat mDNSResponder PPP ruby screen texinfo VPN C Tenable...

10CVSS7.4AI score0.49999EPSS
Exploits8References18
UbuntuCve
UbuntuCve
added 2007/05/02 8:19 p.m.32 views

CVE-2007-1859

XScreenSaver 4.10, when using a remote directory service for credentials, does not properly handle the results from the getpwuid function in drivers/lock.c when there is no network connectivity, which causes XScreenSaver to crash and unlock the screen and allows local users to bypass authenticati...

4.6CVSS5.9AI score0.00413EPSS
Exploits0References2
CVE
CVE
added 2007/05/02 8:0 p.m.85 views

CVE-2007-1859

XScreenSaver 4.10 is affected when using a remote directory service for credentials. The root cause is in drivers/lock.c where getpwuid handling can fail when there is no network connectivity, causing XScreenSaver to crash and unlock the screen, effectively allowing a local attacker to bypass aut...

4.6CVSS6AI score0.00413EPSS
Exploits0References18Affected Software1
Debian CVE
Debian CVE
added 2007/05/02 8:0 p.m.29 views

CVE-2007-1859

XScreenSaver 4.10, when using a remote directory service for credentials, does not properly handle the results from the getpwuid function in drivers/lock.c when there is no network connectivity, which causes XScreenSaver to crash and unlock the screen and allows local users to bypass authenticati...

4.6CVSS3.9AI score0.00413EPSS
Exploits0
Prion
Prion
added 2007/04/24 5:19 p.m.19 views

Authentication flaw

The Login Window in Apple Mac OS X 10.4 through 10.4.9 does not display the screen saver authentication dialog in certain circumstances when waking from sleep, even though the "require a password to wake the computer from sleep" option is enabled, which allows local users to bypass authentication...

4.6CVSS6.3AI score0.0036EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2007/04/24 5:19 p.m.17 views

CVE-2007-0738

The Login Window in Apple Mac OS X 10.4 through 10.4.9 does not display the screen saver authentication dialog in certain circumstances when waking from sleep, even though the "require a password to wake the computer from sleep" option is enabled, which allows local users to bypass authentication...

4.6CVSS6.2AI score0.0036EPSS
Exploits0References8
Cvelist
Cvelist
added 2007/04/24 5:0 p.m.26 views

CVE-2007-0738

The Login Window in Apple Mac OS X 10.4 through 10.4.9 does not display the screen saver authentication dialog in certain circumstances when waking from sleep, even though the "require a password to wake the computer from sleep" option is enabled, which allows local users to bypass authentication...

6.2AI score0.0036EPSS
Exploits0References8
securityvulns
securityvulns
added 2007/03/29 12:0 a.m.61 views

Re: [VulnWatch] Microsoft Windows Vista Slideshow Unspecified Blue Screen Of Death Vulnerability

Dear Micha? Majchrowicz, This image also effectively exploits stack overflow in FastStone Image Viewer 2.8, EIP is 0x41414141. --Monday, March 26, 2007, 12:20:07 AM, you wrote to [email protected]: MM Everytime you try to turn on the slideshow with a JPG file in the MM folder you get BSoD...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2007/03/29 12:0 a.m.51 views

[VulnWatch] Microsoft Windows Vista Slideshow Unspecified Blue Screen Of Death Vulnerability

It seems that Vista has some problems with ATI drivers. It was already reported that file atikmdag.sys can cause BSoD after leaving the game http://leovilletownsquare.com/fusionbb/showtopic.php?tid/17600/. Today user with nickname Olo contacted my and by making some tests we where able to determi...

0.1AI score
Exploits0
securityvulns
securityvulns
added 2007/03/29 12:0 a.m.354 views

Microsoft Vista ATI drivers vulnerability

Blue Screen of Death whiel displaying images...

7.1CVSS3.1AI score0.1822EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2007/02/18 12:0 a.m.34 views

Mandrake Linux Security Advisory : screen (MDKSA-2006:191)

Multiple unspecified vulnerabilities in the 'utf8 combining characters handling' utf8handlecomb function in encoding.c in screen before 4.0.3 allows user-assisted attackers to cause a denial of service crash or hang via certain UTF8 sequences. Updated packages have been patched to correct this...

2.6CVSS5.4AI score0.02113EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2007/02/18 12:0 a.m.18 views

Slackware 10.0 / 10.1 / 10.2 / 11.0 / 8.1 / 9.0 / 9.1 : screen (SSA:2006-307-02)

New screen packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, and 11.0 to fix a security issue. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2006-307-02. The text itse...

2.6CVSS5.3AI score0.02113EPSS
Exploits1References2
Prion
Prion
added 2007/01/30 6:28 p.m.15 views

Cross site scripting

Cross-site scripting XSS vulnerability in Movable Type MT before 3.34 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to the MTCommentPreviewIsStatic tag, which can open the "comment entry screen," a different vulnerability than CVE-2007-0231...

6.8CVSS5.9AI score0.01182EPSS
Exploits0References2Affected Software1
myhack58
myhack58
added 2007/01/23 12:0 a.m.23 views

Windows2000, blue screen of death stop information analysis-vulnerability warning-the black bar safety net

Windows2000 perhaps arguably a landmark of theoperating system, but it is still not able to avoid the blue screen of death Blue Screen of Death. The purpose of this article is the solution of the planing BSOD problem, but given how the process typically the blue screen problem solving steps...

7AI score
Exploits0
NVD
NVD
added 2006/12/20 2:28 a.m.17 views

CVE-2006-5681

QuickTime for Java on Mac OS X 10.4 through 10.4.8, when used with Quartz Composer, allows remote attackers to obtain sensitive information screen images via a Java applet that accesses images that are being rendered by other embedded QuickTime objects...

2.6CVSS6.2AI score0.02014EPSS
Exploits0References7
Cvelist
Cvelist
added 2006/12/20 2:0 a.m.27 views

CVE-2006-5681

QuickTime for Java on Mac OS X 10.4 through 10.4.8, when used with Quartz Composer, allows remote attackers to obtain sensitive information screen images via a Java applet that accesses images that are being rendered by other embedded QuickTime objects...

6.2AI score0.02014EPSS
Exploits0References7
Rows per page
Query Builder