|
309591
|
- |
|
miloslav_trmac
|
libuser
|
libuser before 0.57 uses a cleartext password value of (1) !! or (2) x for new LDAP user accounts, which makes it easier for remote attackers to obtain access by specifying one of these values.
|
CWE-310
Cryptographic Issues
|
CVE-2011-0002
|
2024-11-21 10:23 |
2011-01-23 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309592
|
- |
|
todd_miller
|
sudo
|
A certain Fedora patch for parse.c in sudo before 1.7.4p5-1.fc14 on Fedora 14 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who…
|
NVD-CWE-Other
|
CVE-2011-0008
|
2024-11-21 10:23 |
2011-01-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309593
|
- |
|
tor
|
tor
|
Heap-based buffer overflow in Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha allows remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute …
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0427
|
2024-11-21 10:23 |
2011-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309594
|
- |
|
tor
|
tor
|
Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properly manage key data in memory, which might allow local users to obtain sensitive information by leveraging the ability to read memo…
|
CWE-399
Resource Management Errors
|
CVE-2011-0016
|
2024-11-21 10:23 |
2011-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309595
|
- |
|
tor
|
tor
|
Tor before 0.2.1.29 and 0.2.2.x before 0.2.2.21-alpha does not properly check the amount of compression in zlib-compressed data, which allows remote attackers to cause a denial of service via a large…
|
CWE-20
Improper Input Validation
|
CVE-2011-0015
|
2024-11-21 10:23 |
2011-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309596
|
- |
|
libpng
|
libpng
|
pngrtran.c in libpng 1.5.x before 1.5.1 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a crafted palette-based PNG image that triggers…
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0408
|
2024-11-21 10:23 |
2011-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309597
|
- |
|
hp
|
loadrunner
|
Unspecified vulnerability in HP LoadRunner 9.52 allows remote attackers to execute arbitrary code via network traffic to TCP port 5001 or 5002, related to the HttpTunnel feature.
|
NVD-CWE-noinfo
|
CVE-2011-0272
|
2024-11-21 10:23 |
2011-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309598
|
- |
|
todd_miller
|
sudo
|
check.c in sudo 1.7.x before 1.7.4p5, when a Runas group is configured, does not require a password for command execution that involves a gid change but no uid change, which allows local users to byp…
|
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2011-0010
|
2024-11-21 10:23 |
2011-01-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309599
|
- |
|
ibm
|
websphere_mq
|
Buffer overflow in IBM WebSphere MQ 7.0 before 7.0.1.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted header field in a message.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2011-0310
|
2024-11-21 10:23 |
2011-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
309600
|
- |
|
hp
|
openview_network_node_manager
|
The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 do not properly validate an unspecified parameter, which allows remote attackers to execute arbitrary commands by using a co…
|
CWE-78
OS Command
|
CVE-2011-0271
|
2024-11-21 10:23 |
2011-01-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
