3062 matches found
ICQLite executable trojaning
bugtraq@, Title: ICQ Lite executable trojaning Affected: ICQLite 2003a Vendor: ICQ Inc Vendor URL: http://www.icq.com Risk: Average Exploitable: Yes Remote: No Date: May, 29 2003 Advisory URL: http://www.security.nnov.ru/advisories/icqlite.asp I. Intro: ICQ Lite is popular internet messenger...
SAP Database 7.37.4 - SDBINST Race Condition
SAP Database 7.37.4 - SDBINST Race Condition source: https://www.securityfocus.com/bid/7421/info SAP Database SDBINST has been reported prone to a race condition vulnerability. It has been reported that the SAP Database install tool SDBINST may perform operations non-atomically when installing th...
TFTPD32 2.50 - Arbitrary File DownloadUpload
TFTPD32 2.50 - Arbitrary File DownloadUpload source: https://www.securityfocus.com/bid/6198/info A vulnerability has been discovered in Tftpd32 which allows a remote attacker to download and upload arbitrary system files. The ability to upload system files may allow an attacker to replaced key...
3Com® HomeConnect® Cable Modem Denial of Service
INFO: ====================================================== object class Failure to Handle Exceptional Conditions remote Yes local No vulnerable: 3Com® HomeConnect® Cable Modem External with USB 3CR29223 -- DISCONTINUED Not Tested: 3CR29223-A -- DISCONTINUED DISCUSSION:...
Advisory: PGP 7.0 signature verification vulnerability
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Product: Pretty Good Privacy Severity: Medium to high Impact: Users with write access to signed exported key blocks may replace them with arbitrary keys without any warning being issued upon import of those keys Local: Yes Remote: No though...
VariCAD 7.0 premission vulnerability
Content-Type: premission/vulnerability Date : 10/08/2000 18:34 Sender : Narrow [email protected] Subject : VariCAD 7.0 premission vulnerability X-System : Red Hat 6.0 X-Status : Narrow-ADV-07 DESCRIPTION VariCAD is a CAD for mechanical engineering for both 2D and 3D. VariCAD 7.0 is shipped with Re...
Omnis Studio 2.4 - Weak Database Field Encryption
Omnis Studio 2.4 - Weak Database Field Encryption source: https://www.securityfocus.com/bid/1255/info Omnis Studio 2.4 is a development tool for creating database applications. The tool gives developers the option to encrypt database entries. However, the encryption scheme used is weak and easily...
Проблемы с eToken
При наличии физического доступа к устройству возможно подменить PIN/ключ доступа путем перепрошивки EPROM...
CVE-1999-0998
Cisco Cache Engine allows an attacker to replace content in the cache...
ssh-xauth.txt
The default SSH configuration for SSH1 and SSH2 allow for remote controlling of X sessions through X forwarding. All children of the SSH connection are able to tunnel X11 sessions through the X tunnel to the client X11 session. This is accomplished by running xauth upon logging in. If xauth is...
KB4599861: Setup Dynamic Update for Windows 10, version 2004 and 20H2: February 2, 2021
KB4599861: Setup Dynamic Update for Windows 10, version 2004 and 20H2: February 2, 2021 Summary This update makes improvements to Setup binaries or any files that Setup uses for feature updates in Windows 10, version 2004 and 20H2. How to get this update This update is available through Windows...
Microsoft Systems Management Server 2.0 - Default Permissions
source: https://www.securityfocus.com/bid/945/info The default permissions applied to the directory containing the SMS Remote Control executable allow any user to replace the executable with any other executable. The new executable will run with System privileges after the next reboot. Replace...
Microsoft Systems Management Server 2.0 - Default Permissions
Microsoft Systems Management Server 2.0 - Default Permissions source: https://www.securityfocus.com/bid/945/info The default permissions applied to the directory containing the SMS Remote Control executable allow any user to replace the executable with any other executable. The new executable wil...
CVE-1999-0998
Cisco Cache Engine allows an attacker to replace content in the cache...
PT-1999-1517 · Cisco · Cisco Cache Engine
Name of the Vulnerable Software and Affected Versions: Cisco Cache Engine affected versions not specified Description: The issue allows an attacker to replace content in the cache. Recommendations: At the moment, there is no information about a newer version that contains a fix for this...
tcpwrapper-backdoor.txt
Date: Thu, 21 Jan 1999 11:38:17 -0500 From: Wietse Venema To: [email protected] Subject: backdoored tcp wrapper source code TCP Wrappers is a widely-used security tool to protect UNIX systems against intrusion. In has an estimated installed base of millions. Today someone replaced the tcp...
CVE-1999-1019
SpectroSERVER in Cabletron Spectrum Enterprise Manager 5.0 installs a directory tree with insecure permissions, which allows local users to replace a privileged executable processd with a Trojan horse, facilitating a root or Administrator compromise...
Windows Malicious Software Removal Tool - v5.110 (KB890830)
After the download, this tool runs one time to check your computer for infection by specific, prevalent malicious software including Blaster, Sasser, and Mydoom and helps remove any infection that is found. If an infection is found, the tool will display a status report the next time that you sta...
Security update 1970-01-01
...
Security update 1970-01-01
...