534 matches found
Special device access and DoS in Microsoft Internet Exporer
Title: special device access and DoS in Microsoft Internet Exporer/Outlook Express/Outlook Authors: ERRor, 3APA3A Date: May, 14 2002 Affected: Internet Explorer 6.0 Vendor: Microsoft Risk: Average to high Remote: Yes Exploitable: Yes Vendor notified: April, 24 2002 Intro: All versions of Windows...
Intel D845HV/WN/PT series motherboard vulnerability
Affected systems: Intel D845HV / WN tested on BIOS revisions P05-0022, P09-0035, P10-0038 and D845PT tested on BIOS P01-0012 Pentium 4 motherboards Problem: If the user hits the F8 key during the POST they are presented with a "Please select boot device" dialog, enabling them to boot off of any...
Special DOS-device access in Microsoft Outlook Express
It's possible to hang Outlooks Express by using prn: device as a name for bgsound or iframe. It's also possible to send data to special device...
Physical path leakage in ColdFusion
Error message on access attempt to DOS device contains physical path...
Доступ к специальным устройствам в TheBat! (special device access)
Можно прикрепить файл при получении котоорго будет открыто специальное устройство...
SECURITY.NNOV: Special device access in The Bat!
Dear bugtraq, Topic: Special device access in The Bat! Author: 3APA3A [email protected] Date: February, 25 2002 Software: The Bat! 1.53d, 1.54beta Vendor: Ritlabs http://www.thebat.net Risk: Low to average Remote: Yes Exploitable: Yes Vendor Status: Notified, not verified Details: The Bat!...
Special device access in The Bat!
Topic: Special device access in The Bat! Author: 3APA3A Date: February, 25 2002 Software: The Bat! 1.53d, 1.54beta Vendor: Ritlabs http://www.thebat.net Risk: Low to average Remote: Yes Exploitable: Yes Vendor Status: Notified, not verified Details: The Bat! has special device access bug. If The...
Beck GmbH IPC@Chip TelnetD service ships with inadequately protected default account
Overview There is a vulnerability in the Beck IPC@CHIP that may allow an attacker to gain access to the device. Description The Beck IPC@CHIP is a single chip embedded webserver. This device also contains a telnet server that ships with an account named "Default". This account essentially grants...
Beck GmbH IPC@Chip TelnetD vulnerable to brute-force password attack
Overview There is a vulnerability in the Beck IPC@CHIP that may allow an attacker to gain access to the device. Description The Beck IPC@CHIP is a single chip embedded webserver. This device contains a telnet server that "leaks information". That is, when an attacker connects to the telnet daemon...
Netscape/Mozilla и доступ к специальным файлам во всех OS (special device access)
При чтении html фрагмента вида img src="file:///dev/tty0" Netscape & Mozzilla подвешивают систему...
Multiple archivers special DOS/Windows devices access
Topic: Special devices access in multiple archivers Author: 3APA3A Platform: Windows Affected Software: WinZIP Computing's WinZIP 8.0, PKWare PkZip 4.0, RARSoft WinRar 2.80 Risk: average Released: July, 5, 2001 SECURITY.NNOV advisories: http://security.nnov.ru/advisories Background: Archive...
pam_console.bug
When accepting luser console login, pamconsole called by /bin/login tries to be user-friendly, doing several chowns on devices like login tty and corresponding vcsa device, as well as other interesting devices: fd, audio devices dsp, mixer, audio, midi, sequencer, cdrom, streamer/zip drive device...
browser-bug.txt
SET March 2000 http://www.set-ezine.org --- CONTENTS --- - 01 - Introduction - 02 - Oddities - 03 - Conclusions Introduction =-=-=-=-=-=- Browsers under Linux will hang when trying to access certain devices, this bug may be considered similar to the \con\con bug except that the technological...
DUO-PSA-2017-001: Duo Product Security Advisory
Duo Product Security Advisory Advisory ID: DUO-PSA-2017-001 Publication Date: 2017-03-14 Revision Date: 2017-03-14 Status: Confirmed, Fixed Document Revision: 1 Overview Duo has identified and fixed an issue in our cloud service which, under certain configurations, could have enabled attackers wh...