Lucene search
K

7251 matches found

Cvelist
Cvelist
added 2001/09/12 4:0 a.m.18 views

CVE-1999-1025

CDE screen lock program screenlock on Solaris 2.6 does not properly lock an unprivileged user's console session when the host is an NIS+ client, which allows others with physical access to login with any string...

6.3AI score0.00351EPSS
Exploits0References3
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.18 views

CVE-1999-1400

The Economist screen saver 1999 with the "Password Protected" option enabled allows users with physical access to the machine to bypass the screen saver and read files by running Internet Explorer while the screen is still locked...

6.3AI score0.0037EPSS
Exploits0References4
CVE
CVE
added 2001/09/12 4:0 a.m.42 views

CVE-1999-1454

The vulnerability CVE-1999-1454 affects Macromedia The Matrix screen saver on Windows 95 when the Password protected option is enabled. The root cause is that pressing the Escape key can bypass the password prompt, allowing attackers with physical access to unlock the system. The NVD entry lists ...

4.6CVSS6.9AI score0.00411EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.26 views

CVE-1999-1370

The setup wizard ie5setup.exe for Internet Explorer 5.0 disables 1 the screen saver, which could leave the system open to users with physical access if a failure occurs during an unattended installation, and 2 the Task Scheduler Service, which might prevent the scheduled execution of...

6.4AI score0.01344EPSS
Exploits0References1
CVE
CVE
added 2001/09/12 4:0 a.m.51 views

CVE-1999-1370

The CVE-1999-1370 entry concerns the Internet Explorer 5.0 setup wizard (ie5setup.exe). The provided sources state that during unattended installation it disables the screen saver and the Task Scheduler Service, potentially allowing local access or disruption of security-critical program executio...

7.2CVSS6.8AI score0.01344EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2001/09/12 4:0 a.m.19 views

CVE-1999-1454

Macromedia "The Matrix" screen saver on Windows 95 with the "Password protected" option enabled allows attackers with physical access to the machine to bypass the password prompt by pressing the ESC Escape key...

6.5AI score0.00411EPSS
Exploits0References1
securityvulns
securityvulns
added 2001/09/07 12:0 a.m.88 views

SuSE Security Announcement: screen (SuSE-SA:2001:030)

-----BEGIN PGP SIGNED MESSAGE----- SuSE Security Announcement Package: screen Announcement-ID: SuSE-SA:2001:030 Date: Wednesday, September 5 2001 18:00 MEST Affected SuSE versions: 6.0, 6.1, 6.2 6.3, 6.4, 7.0, 7.1, 7.2 Vulnerability Type: local root compromise Severity 1-10: 5 SuSE default packag...

0.4AI score
Exploits0
NVD
NVD
added 2001/09/05 4:0 a.m.17 views

CVE-2001-1012

Vulnerability in screen before 3.9.10, related to a multi-attach error, allows local users to gain root privileges when there is a subdirectory under /tmp/screens/...

7.2CVSS6.5AI score0.00331EPSS
Exploits0References2
securityvulns
securityvulns
added 2001/08/22 12:0 a.m.51 views

IrDA semiremote vulnerability

---- Win2k semi-remote DoS via IrDA Synopsis: There exists a "semi-remote" vulnerability against Windows machines via the IrDA port. The result of exploiting this vulnerability is the computer will crash, displaying a "Blue Screen of Death" BSOD, shortly followed by rebooting. As IrDA ports are...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2001/08/03 12:0 a.m.36 views

Identix BioLogon Client security bug

Aug 3rd, 2001 10:56am Vendor: http://www.identix.com Software: BioLogon 2.0 Client see http://www.identix.com/itsecurity/softwareprod.html Security flaw in Indentix BioLogon 2.0 Client for Windows Identix's BioLogon software is used as the software "glue" to tie together various biometric devices...

0.6AI score
Exploits0
Cvelist
Cvelist
added 2001/01/22 5:0 a.m.15 views

CVE-2000-0901

Format string vulnerability in screen 3.9.5 and earlier allows local users to gain root privileges via format characters in the vbellmsg initialization variable...

6.6AI score0.0097EPSS
Exploits1References8
CVE
CVE
added 2001/01/22 5:0 a.m.41 views

CVE-2000-0901

The vulnerability CVE-2000-0901 affects the screen program (versions 3.9.5 and earlier). It stems from a format string vulnerability in the vbell_msg initialization, enabling local users to gain root privileges. Exploitation details are not provided in the supplied documents, and a remediation/pa...

4.6CVSS7AI score0.0097EPSS
Exploits1References8Affected Software1
NVD
NVD
added 2000/12/19 5:0 a.m.9 views

CVE-2000-0901

Format string vulnerability in screen 3.9.5 and earlier allows local users to gain root privileges via format characters in the vbellmsg initialization variable...

4.6CVSS6.6AI score0.0097EPSS
Exploits1References8
NVD
NVD
added 2000/12/19 5:0 a.m.13 views

CVE-2000-0946

Compaq Easy Access Keyboard software 1.3 does not properly disable access to custom buttons when the screen is locked, which could allow an attacker to gain privileges or execute programs without authorization...

4.6CVSS6.9AI score0.00361EPSS
Exploits0References4
Cvelist
Cvelist
added 2000/10/13 4:0 a.m.26 views

CVE-2000-0467

Buffer overflow in Linux splitvt 1.6.3 and earlier allows local users to gain root privileges via a long password in the screen locking function...

7AI score0.01082EPSS
Exploits1References2
CVE
CVE
added 2000/10/13 4:0 a.m.51 views

CVE-2000-0467

The CVE-2000-0467 entry documents a buffer overflow in Linux splitvt 1.6.3 and earlier, enabling local users to gain root privileges via a long password in the screen locking function. Affected component: splitvt (Linux). Root cause: buffer overflow in password handling within screen lock. Impact...

7.2CVSS7.4AI score0.01082EPSS
Exploits1References2Affected Software1
Exploit DB
Exploit DB
added 2000/10/03 12:0 a.m.23 views

Microsoft Windows NT 4.0 - Invalid LPC Request Denial of Service (MS00-070)

source: https://www.securityfocus.com/bid/1743/info LPC Local Procedure Call is a message-passing service that allows threads and processes to communicate with each other on a local machine as opposed to RPC Remote Procedure Call that takes place between different hosts. The implementation of LPC...

7.4AI score
Exploits0
FreeBSD Advisory
FreeBSD Advisory
added 2000/09/13 12:0 a.m.8 views

FreeBSD-SA-00:46.screen

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-00:46 Security Advisory FreeBSD, Inc. Topic: screen port contains local root compromise Category: ports Module: screen Announced: 2000-09-13 Affects: Ports collection prior...

6.1AI score
Exploits0
securityvulns
securityvulns
added 2000/09/09 12:0 a.m.25 views

Screen 3.9.5 vulnerability again.

Hi all as mentioned in previous postings, screen versions = 3.9.5 which are installed suid root are vulnerable to a malformed user supplied vbellmsg string attack. I looked at the source of screen-3.9.5 and found that the vulnerable call to Msg moved to another place and that there is no longer a...

7.3AI score
Exploits0
securityvulns
securityvulns
added 2000/09/06 12:0 a.m.51 views

Screen-3.7.6 local compromise

Hi ppl, as mentioned in other postings the screen package is vulnerbale to the classic format string attack. I attached a simple exploit and as far as I could investigate on Suse 6.1 with screen 3.7.6: the vulnerable function is Msgint err, char fmt, ... which is invoked with the value of the...

0.2AI score
Exploits0
Rows per page
Query Builder