Max CVSS 10.0 Min CVSS 1.2 Total Count454
IDCVSSSummaryLast (major) updatePublished
CVE-2003-0131 7.5
The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKC
19-02-2017 - 00:04 24-03-2003 - 00:00
CVE-2003-0107 7.5
Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are truncated using vsnprintf, allows attackers to cause a denial of service or possibly execute arbitrary code.
02-01-2017 - 21:59 07-03-2003 - 00:00
CVE-2004-0409 7.5
Stack-based buffer overflow in the Socks-5 proxy code for XChat 1.8.0 to 2.0.8, with socks5 traversal enabled, allows remote attackers to execute arbitrary code.
07-12-2016 - 21:59 01-06-2004 - 00:00
CVE-2002-1344 5.0
Directory traversal vulnerability in wget before 1.8.2-4 allows a remote FTP server to create or overwrite files as the wget user via filenames containing (1) /absolute/path or (2) .. (dot dot) sequences.
07-12-2016 - 21:59 18-12-2002 - 00:00
CVE-2003-0001 5.0
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
06-12-2016 - 21:59 17-01-2003 - 00:00
CVE-2004-0109 4.6
Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry.
28-11-2016 - 14:06 01-06-2004 - 00:00
CVE-2004-1997 4.6
Kolab stores OpenLDAP passwords in plaintext in the slapd.conf file, which may be installed world-readable, which allows local users to gain privileges.
17-10-2016 - 23:04 05-05-2004 - 00:00
CVE-2004-0700 7.5
Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages f
17-10-2016 - 22:48 27-07-2004 - 00:00
CVE-2004-0686 5.0
Buffer overflow in Samba 2.2.x to 2.2.9, and 3.0.0 to 3.0.4, when the "mangling method = hash" option is enabled in smb.conf, has unknown impact and attack vectors.
17-10-2016 - 22:47 27-07-2004 - 00:00
CVE-2004-0600 10.0
Buffer overflow in the Samba Web Administration Tool (SWAT) in Samba 3.0.2 to 3.0.4 allows remote attackers to execute arbitrary code via an invalid base-64 character during HTTP basic authentication.
17-10-2016 - 22:46 27-07-2004 - 00:00
CVE-2004-0595 6.8
The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explore
17-10-2016 - 22:46 27-07-2004 - 00:00
CVE-2004-0594 5.1
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of
17-10-2016 - 22:46 27-07-2004 - 00:00
CVE-2004-0583 5.0
The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote attackers to conduct a brute force attack to guess user IDs and passwords.
17-10-2016 - 22:46 06-08-2004 - 00:00
CVE-2004-0582 5.0
Unknown vulnerability in Webmin 1.140 allows remote attackers to bypass access control rules and gain read access to configuration information for a module.
17-10-2016 - 22:46 06-08-2004 - 00:00
CVE-2004-0554 2.1
Linux kernel 2.4.x and 2.6.x for x86 allows local users to cause a denial of service (system crash), possibly via an infinite loop that triggers a signal handler with a certain sequence of fsave and frstor instructions, as originally demonstrated usi
17-10-2016 - 22:46 06-08-2004 - 00:00
CVE-2004-0536 7.2
Format string vulnerability in Tripwire commercial 4.0.1 and earlier, including 2.4, and open source 2.3.1 and earlier, allows local users to gain privileges via format string specifiers in a file name, which is used in the generation of an email rep
17-10-2016 - 22:45 06-08-2004 - 00:00
CVE-2004-0523 10.0
Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.
17-10-2016 - 22:45 18-08-2004 - 00:00
CVE-2004-0493 6.4
The ap_get_mime_headers_core function in Apache httpd 2.0.49 allows remote attackers to cause a denial of service (memory exhaustion), and possibly an integer signedness error leading to a heap-based buffer overflow on 64 bit systems, via long header
17-10-2016 - 22:45 06-08-2004 - 00:00
CVE-2004-0492 10.0
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes
17-10-2016 - 22:45 06-08-2004 - 00:00
CVE-2004-0488 7.5
Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subje
17-10-2016 - 22:45 07-07-2004 - 00:00
CVE-2004-0461 10.0
The DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13, when compiled in environments that do not provide the vsnprintf function, uses C include files that define vsnprintf to use the less safe vsprintf function, which can lead to buffer overfl
17-10-2016 - 22:45 06-08-2004 - 00:00
CVE-2004-0460 10.0
Buffer overflow in the logging capability for the DHCP daemon (DHCPD) for ISC DHCP 3.0.1rc12 and 3.0.1rc13 allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via multiple hostname options in (1) DI
17-10-2016 - 22:45 06-08-2004 - 00:00
CVE-2004-0432 7.5
ProFTPD 1.2.9 treats the Allow and Deny directives for CIDR based ACL entries as if they were AllowAll, which could allow FTP clients to bypass intended access restrictions.
17-10-2016 - 22:45 18-08-2004 - 00:00
CVE-2004-0427 2.1
The do_fork function in Linux 2.4.x before 2.4.26, and 2.6.x before 2.6.6, does not properly decrement the mm_count counter when an error occurs after the mm_struct for a child process has been activated, which triggers a memory leak that allows loca
17-10-2016 - 22:45 07-07-2004 - 00:00
CVE-2004-0426 5.0
rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path.
17-10-2016 - 22:45 07-07-2004 - 00:00
CVE-2004-0424 7.2
Integer overflow in the ip_setsockopt function in Linux kernel 2.4.22 through 2.4.25 and 2.6.1 through 2.6.3 allows local users to cause a denial of service (crash) or execute arbitrary code via the MCAST_MSFILTER socket option.
17-10-2016 - 22:45 07-07-2004 - 00:00
CVE-2004-0421 5.0
The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.
17-10-2016 - 22:45 18-08-2004 - 00:00
CVE-2004-0418 10.0
serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical prog
17-10-2016 - 22:45 06-08-2004 - 00:00
CVE-2004-0417 5.0
Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consu
17-10-2016 - 22:45 06-08-2004 - 00:00
CVE-2004-0416 10.0
Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.
17-10-2016 - 22:45 06-08-2004 - 00:00
CVE-2004-0414 10.0
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary
17-10-2016 - 22:45 06-08-2004 - 00:00
CVE-2004-0412 5.0
Mailman before 2.1.5 allows remote attackers to obtain user passwords via a crafted email request to the Mailman server.
17-10-2016 - 22:45 18-08-2004 - 00:00
CVE-2004-0411 7.5
The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to th
17-10-2016 - 22:45 07-07-2004 - 00:00
CVE-2004-0403 5.0
Racoon before 20040408a allows remote attackers to cause a denial of service (memory consumption) via an ISAKMP packet with a large length field.
17-10-2016 - 22:45 01-06-2004 - 00:00
CVE-2004-0398 7.5
Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client.
17-10-2016 - 22:45 07-07-2004 - 00:00
CVE-2004-0396 7.5
Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.
17-10-2016 - 22:44 14-06-2004 - 00:00
CVE-2004-0388 2.1
The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack.
17-10-2016 - 22:44 01-06-2004 - 00:00
CVE-2004-0386 10.0
Buffer overflow in the HTTP parser for MPlayer 1.0pre3 and earlier, 0.90, and 0.91 allows remote attackers to execute arbitrary code via a long Location header.
17-10-2016 - 22:44 04-05-2004 - 00:00
CVE-2004-0381 2.1
mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file.
17-10-2016 - 22:44 04-05-2004 - 00:00
CVE-2004-0372 2.1
xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the (1) xine-bugreport or (2) xine-check scripts.
17-10-2016 - 22:44 15-04-2004 - 00:00
CVE-2004-0367 5.0
Ethereal 0.10.1 to 0.10.2 allows remote attackers to cause a denial of service (crash) via a zero-length Presentation protocol selector.
17-10-2016 - 22:44 04-05-2004 - 00:00
CVE-2004-0365 5.0
The dissect_attribute_value_pairs function in packet-radius.c for Ethereal 0.8.13 to 0.10.2 allows remote attackers to cause a denial of service (crash) via a malformed RADIUS packet that triggers a null dereference.
17-10-2016 - 22:44 04-05-2004 - 00:00
CVE-2004-0189 7.5
The "%xx" URL decoding function in Squid 2.5STABLE4 and earlier allows remote attackers to bypass url_regex ACLs via a URL with a NULL ("%00") character, which causes Squid to use only a portion of the requested URL when comparing it against the acce
17-10-2016 - 22:41 15-03-2004 - 00:00
CVE-2004-0186 7.2
smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted.
17-10-2016 - 22:41 15-03-2004 - 00:00
CVE-2004-0184 5.0
Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversio
17-10-2016 - 22:41 04-05-2004 - 00:00
CVE-2004-0183 5.0
TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via ISAKMP packets containing a Delete payload with a large number of SPI's, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Tes
17-10-2016 - 22:41 04-05-2004 - 00:00
CVE-2004-0181 2.1
The JFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the JFS file system, which allows local users to obtain sensitive information by reading the raw device.
17-10-2016 - 22:41 01-06-2004 - 00:00
CVE-2004-0180 2.6
The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.
17-10-2016 - 22:41 01-06-2004 - 00:00
CVE-2004-0179 5.1
Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use neon including (2) Cadaver, (3) Subversion, and (4) OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code.
17-10-2016 - 22:41 01-06-2004 - 00:00
CVE-2004-0177 5.0
The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, which causes an information leak in which in-memory data is written to the device for the ext3 file system, which allows privileged users to obtain por
17-10-2016 - 22:41 01-06-2004 - 00:00
CVE-2004-0176 5.0
Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) NetFlow, (2) IGAP, (3) EIGRP, (4) PGM, (5) IrDA, (6) BGP, (7) ISUP, or (8) TCAP dissectors.
17-10-2016 - 22:41 04-05-2004 - 00:00
CVE-2004-0174 5.0
Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on certain platforms, allows remote attackers to cause a denial of service (blocked new connections) via a "short-lived connection on a rarely-accessed listeni
17-10-2016 - 22:41 04-05-2004 - 00:00
CVE-2004-0155 7.5
The KAME IKE Daemon Racoon, when authenticating a peer during Phase 1, validates the X.509 certificate but does not verify the RSA signature authentication, which allows remote attackers to establish unauthorized IP connections or conduct man-in-the-
17-10-2016 - 22:41 01-06-2004 - 00:00
CVE-2004-0133 2.1
The XFS file system code in Linux 2.4.x has an information leak in which in-memory data is written to the device for the XFS file system, which allows local users to obtain sensitive information by reading the raw device.
17-10-2016 - 22:41 01-06-2004 - 00:00
CVE-2004-0113 5.0
Memory leak in ssl_engine_io.c for mod_ssl in Apache 2 before 2.0.49 allows remote attackers to cause a denial of service (memory consumption) via plain HTTP requests to the SSL port of an SSL-enabled server.
17-10-2016 - 22:41 29-03-2004 - 00:00
CVE-2004-0112 5.0
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a
17-10-2016 - 22:40 23-11-2004 - 00:00
CVE-2004-0110 7.5
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.
17-10-2016 - 22:40 15-03-2004 - 00:00
CVE-2004-0106 7.2
Multiple unknown vulnerabilities in XFree86 4.1.0 to 4.3.0, related to improper handling of font files, a different set of vulnerabilities than CVE-2004-0083 and CVE-2004-0084.
17-10-2016 - 22:40 03-03-2004 - 00:00
CVE-2004-0105 7.5
Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
17-10-2016 - 22:40 03-03-2004 - 00:00
CVE-2004-0104 7.5
Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
17-10-2016 - 22:40 03-03-2004 - 00:00
CVE-2004-0084 10.0
Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a d
17-10-2016 - 22:40 03-03-2004 - 00:00
CVE-2004-0083 10.0
Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CVE-2004-0084 and CV
17-10-2016 - 22:40 03-03-2004 - 00:00
CVE-2004-0079 5.0
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
17-10-2016 - 22:40 23-11-2004 - 00:00
CVE-2004-0078 7.5
Buffer overflow in the index menu code (menu_pad_string of menu.c) for Mutt 1.4.1 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain mail messages.
17-10-2016 - 22:40 03-03-2004 - 00:00
CVE-2004-0077 7.2
The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local
17-10-2016 - 22:40 03-03-2004 - 00:00
CVE-2004-0057 5.0
The rawprint function in the ISAKMP decoding routines (print-isakmp.c) for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via malformed ISAKMP packets that cause invalid "len" or "loc" values to be
17-10-2016 - 22:40 17-02-2004 - 00:00
CVE-2004-0055 5.0
The print_attr_string function in print-radius.c for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a RADIUS attribute with a large length value.
17-10-2016 - 22:40 17-02-2004 - 00:00
CVE-2004-0008 7.5
Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow.
17-10-2016 - 22:39 03-03-2004 - 00:00
CVE-2004-0007 7.5
Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
17-10-2016 - 22:39 03-03-2004 - 00:00
CVE-2004-0006 7.5
Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yah
17-10-2016 - 22:39 03-03-2004 - 00:00
CVE-2003-1029 5.0
The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a packet with invalid data to UDP port 1701, which causes l2tp_avp_print to use a bad length value w
17-10-2016 - 22:39 17-02-2004 - 00:00
CVE-2003-1023 7.5
Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion.
17-10-2016 - 22:39 20-01-2004 - 00:00
CVE-2003-0993 7.5
mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit platforms, does not properly parse Allow/Deny rules using IP addresses without a netmask, which could allow remote attackers to bypass intended access restrictions.
17-10-2016 - 22:38 29-03-2004 - 00:00
CVE-2003-0989 7.5
tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057.
17-10-2016 - 22:38 17-02-2004 - 00:00
CVE-2003-0988 7.5
Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file.
17-10-2016 - 22:38 17-02-2004 - 00:00
CVE-2003-0987 7.5
mod_digest for Apache before 1.3.31 does not properly verify the nonce of a client response by using a AuthNonce secret.
17-10-2016 - 22:38 03-03-2004 - 00:00
CVE-2003-0985 7.2
The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing
17-10-2016 - 22:38 20-01-2004 - 00:00
CVE-2003-0984 4.6
Real time clock (RTC) routines in Linux kernel 2.4.23 and earlier do not properly initialize their structures, which could leak kernel data to user space.
17-10-2016 - 22:38 05-01-2004 - 00:00
CVE-2003-0977 7.5
CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests.
17-10-2016 - 22:38 05-01-2004 - 00:00
CVE-2003-0972 10.0
Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" (semicolon) characters in escape sequences, which leads to a buffer overflow.
17-10-2016 - 22:38 15-12-2003 - 00:00
CVE-2003-0971 5.0
GnuPG (GPG) 1.0.2, and other versions up to 1.2.3, creates ElGamal type 20 (sign+encrypt) keys using the same key component for encryption as for signing, which allows attackers to determine the private key from a signature.
17-10-2016 - 22:38 15-12-2003 - 00:00
CVE-2003-0963 7.5
Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands.
17-10-2016 - 22:38 05-01-2004 - 00:00
CVE-2003-0962 7.5
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.
17-10-2016 - 22:38 15-12-2003 - 00:00
CVE-2003-0961 7.2
Integer overflow in the do_brk function for the brk system call in Linux kernel 2.4.22 and earlier allows local users to gain root privileges.
17-10-2016 - 22:38 15-12-2003 - 00:00
CVE-2003-0886 10.0
Format string vulnerability in hfaxd for Hylafax 4.1.7 and earlier allows remote attackers to execute arbitrary code.
17-10-2016 - 22:38 01-12-2003 - 00:00
CVE-2003-0848 4.6
Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative "pathlen" value to be used.
17-10-2016 - 22:37 17-11-2003 - 00:00
CVE-2003-0835 7.5
Multiple buffer overflows in asf_http_request of MPlayer before 0.92 allows remote attackers to execute arbitrary code via an ASX header with a long hostname.
17-10-2016 - 22:37 17-11-2003 - 00:00
CVE-2003-0831 9.0
ProFTPD 1.2.7 through 1.2.9rc2 does not properly translate newline characters when transferring files in ASCII mode, which allows remote attackers to execute arbitrary code via a buffer overflow using certain files.
17-10-2016 - 22:37 17-11-2003 - 00:00
CVE-2003-0792 5.0
Fetchmail 6.2.4 and earlier does not properly allocate memory for long lines, which allows remote attackers to cause a denial of service (crash) via a certain email.
17-10-2016 - 22:37 17-11-2003 - 00:00
CVE-2003-0789 10.0
mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client.
17-10-2016 - 22:37 03-11-2003 - 00:00
CVE-2003-0780 9.0
Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.
17-10-2016 - 22:37 22-09-2003 - 00:00
CVE-2003-0740 4.6
Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen(), which allows local users to hijack the Stunnel server.
17-10-2016 - 22:37 20-10-2003 - 00:00
CVE-2003-0730 7.5
Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks.
17-10-2016 - 22:36 20-10-2003 - 00:00
CVE-2003-0695 7.5
Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using (1) buffer_init in buffer.c, (2) buffer_free in buffer.c, or (3) a separate function in channels.c, a differe
17-10-2016 - 22:36 06-10-2003 - 00:00
CVE-2003-0694 10.0
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
17-10-2016 - 22:36 06-10-2003 - 00:00
CVE-2003-0693 10.0
A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CV
17-10-2016 - 22:36 22-09-2003 - 00:00
CVE-2003-0692 7.5
KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session.
17-10-2016 - 22:36 06-10-2003 - 00:00
CVE-2003-0690 10.0
KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam
17-10-2016 - 22:36 06-10-2003 - 00:00
CVE-2003-0681 7.5
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
17-10-2016 - 22:36 06-10-2003 - 00:00
CVE-2003-0656 2.1
eroaster before 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file that is used as a lockfile.
17-10-2016 - 22:36 27-08-2003 - 00:00
CVE-2003-0615 4.3
Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter.
17-10-2016 - 22:35 27-08-2003 - 00:00
CVE-2003-0564 5.0
Multiple vulnerabilities in multiple vendor implementations of the Secure/Multipurpose Internet Mail Extensions (S/MIME) protocol allow remote attackers to cause a denial of service and possibly execute arbitrary code via an S/MIME email message cont
17-10-2016 - 22:35 01-12-2003 - 00:00
CVE-2003-0547 2.1
GDM before 2.4.1.6, when using the "examine session errors" feature, allows local users to read arbitrary files via a symlink attack on the ~/.xsession-errors file.
17-10-2016 - 22:35 27-08-2003 - 00:00
CVE-2003-0542 7.2
Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9
17-10-2016 - 22:35 03-11-2003 - 00:00
CVE-2003-0540 5.0
The address parser code in Postfix 1.1.12 and earlier allows remote attackers to cause a denial of service (lock) via (1) a malformed envelope address to a local host that would generate a bounce and contains the ".!" string in the MAIL FROM or Error
17-10-2016 - 22:35 27-08-2003 - 00:00
CVE-2003-0504 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Phpgroupware 0.9.14.003 (aka webdistro) allow remote attackers to insert arbitrary HTML or web script, as demonstrated with a request to index.php in the addressbook module.
17-10-2016 - 22:34 07-08-2003 - 00:00
CVE-2003-0476 2.1
The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, which allows local users to gain read access to restricted file descriptors.
17-10-2016 - 22:34 07-08-2003 - 00:00
CVE-2003-0468 5.0
Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes
17-10-2016 - 22:34 27-08-2003 - 00:00
CVE-2003-0459 5.0
KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.
17-10-2016 - 22:34 27-08-2003 - 00:00
CVE-2003-0442 4.3
Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP before 4.3.2 (session.use_trans_sid) allows remote attackers to insert arbitrary script via the PHPSESSID parameter.
17-10-2016 - 22:33 24-07-2003 - 00:00
CVE-2003-0434 7.5
Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink.
17-10-2016 - 22:33 24-07-2003 - 00:00
CVE-2003-0354 7.5
Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers to execute arbitrary commands, even when -dSAFER is enabled, via a PostScript file that causes the commands to be executed from a malicious print job.
17-10-2016 - 22:32 16-06-2003 - 00:00
CVE-2003-0334 2.1
BitchX IRC client 1.0c20cvs and earlier allows attackers to cause a denial of service (core dump) via certain channel mode changes that are not properly handled in names.c.
17-10-2016 - 22:32 10-05-2003 - 00:00
CVE-2003-0289 7.2
Format string vulnerability in scsiopen.c of the cdrecord program in cdrtools 2.0 allows local users to gain privileges via format string specifiers in the dev parameter.
17-10-2016 - 22:31 16-06-2003 - 00:00
CVE-2003-0282 2.6
Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence.
17-10-2016 - 22:31 16-06-2003 - 00:00
CVE-2003-0255 10.0
The key validation code in GnuPG before 1.2.2 does not properly determine the validity of keys with multiple user IDs and assigns the greatest validity of the most valid user ID, which prevents GnuPG from warning the encrypting user when a user ID do
17-10-2016 - 22:31 27-05-2003 - 00:00
CVE-2003-0254 5.0
Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service (CPU consumption by infinite loop) when the FTP proxy server fails to create an IPv6 socket.
17-10-2016 - 22:31 18-08-2003 - 00:00
CVE-2003-0253 5.0
The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which could lead to a denial of service.
17-10-2016 - 22:31 18-08-2003 - 00:00
CVE-2003-0252 10.0
Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain ne
17-10-2016 - 22:31 18-08-2003 - 00:00
CVE-2003-0246 3.6
The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.
17-10-2016 - 22:31 16-06-2003 - 00:00
CVE-2003-0245 5.0
Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrate
17-10-2016 - 22:31 09-06-2003 - 00:00
CVE-2003-0244 5.0
The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions.
17-10-2016 - 22:31 27-05-2003 - 00:00
CVE-2003-0211 5.0
Memory leak in xinetd 2.3.10 allows remote attackers to cause a denial of service (memory consumption) via a large number of rejected connections.
17-10-2016 - 22:30 05-05-2003 - 00:00
CVE-2003-0209 10.0
Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.
17-10-2016 - 22:30 05-05-2003 - 00:00
CVE-2003-0204 7.5
KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer.
17-10-2016 - 22:30 05-05-2003 - 00:00
CVE-2003-0201 10.0
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
17-10-2016 - 22:30 05-05-2003 - 00:00
CVE-2003-0196 10.0
Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.
17-10-2016 - 22:30 05-05-2003 - 00:00
CVE-2003-0195 5.0
CUPS before 1.1.19 allows remote attackers to cause a denial of service via a partial printing request to the IPP port (631), which does not time out.
17-10-2016 - 22:30 16-06-2003 - 00:00
CVE-2003-0192 6.4
Apache 2 before 2.0.47, and certain versions of mod_ssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which c
17-10-2016 - 22:30 18-08-2003 - 00:00
CVE-2003-0189 5.0
The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial of service (failed Basic authentication with valid u
17-10-2016 - 22:30 09-06-2003 - 00:00
CVE-2003-0165 4.6
Format string vulnerability in Eye Of Gnome (EOG) allows attackers to execute arbitrary code via format string specifiers in a command line argument for the file to display.
17-10-2016 - 22:30 02-04-2003 - 00:00
CVE-2003-0161 10.0
The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a s
17-10-2016 - 22:30 02-04-2003 - 00:00
CVE-2003-0159 7.5
Heap-based buffer overflow in the NTLMSSP code for Ethereal 0.9.9 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.
17-10-2016 - 22:30 02-04-2003 - 00:00
CVE-2003-0150 9.0
MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by mod
17-10-2016 - 22:30 24-03-2003 - 00:00
CVE-2003-0147 5.0
OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the us
17-10-2016 - 22:30 31-03-2003 - 00:00
CVE-2003-0146 7.5
Multiple vulnerabilities in NetPBM 9.20 and earlier, and possibly other versions, may allow remote attackers to cause a denial of service or execute arbitrary code via "maths overflow errors" such as (1) integer signedness errors or (2) integer overf
17-10-2016 - 22:30 31-03-2003 - 00:00
CVE-2003-0140 7.5
Buffer overflow in Mutt 1.4.0 and possibly earlier versions, 1.5.x up to 1.5.3, and other programs that use Mutt code such as Balsa before 2.0.10, allows a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitra
17-10-2016 - 22:30 24-03-2003 - 00:00
CVE-2003-0139 7.5
Certain weaknesses in the implementation of version 4 of the Kerberos protocol (krb4) in the krb5 distribution, when triple-DES keys are used to key krb4 services, allow an attacker to create krb4 tickets for unauthorized principals using a cut-and-p
17-10-2016 - 22:30 24-03-2003 - 00:00
CVE-2003-0138 7.5
Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a chosen-plaintext attack.
17-10-2016 - 22:29 24-03-2003 - 00:00
CVE-2003-0132 5.0
A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes for each linefeed.
17-10-2016 - 22:29 11-04-2003 - 00:00
CVE-2003-0130 5.0
The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded
17-10-2016 - 22:29 24-03-2003 - 00:00
CVE-2003-0129 5.0
Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (memory consumption) via a mail message that is uuencoded multiple times.
17-10-2016 - 22:29 24-03-2003 - 00:00
CVE-2003-0128 5.0
The try_uudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malicious uuencoded (UUE) header, possibly trig
17-10-2016 - 22:29 24-03-2003 - 00:00
CVE-2003-0127 7.2
The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel.
17-10-2016 - 22:29 31-03-2003 - 00:00
CVE-2003-0124 4.6
man before 1.5l allows attackers to execute arbitrary code via a malformed man file with improper quotes, which causes the my_xsprintf function to return a string with the value "unsafe," which is then executed as a program via a system call if it is
17-10-2016 - 22:29 18-03-2003 - 00:00
CVE-2003-0108 5.0
isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to UDP port 500, which causes tcpdump to enter an infinite loop.
17-10-2016 - 22:29 07-03-2003 - 00:00
CVE-2003-0102 4.6
Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).
17-10-2016 - 22:29 18-03-2003 - 00:00
CVE-2003-0101 10.0
miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 does not properly handle metacharacters such as line feeds and carriage returns (CRLF) in Base-64 encoded strings during Basic authentication, which allows remote attackers to spoof
17-10-2016 - 22:29 03-03-2003 - 00:00
CVE-2003-0086 1.2
The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown.
17-10-2016 - 22:29 31-03-2003 - 00:00
CVE-2003-0085 10.0
Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code.
17-10-2016 - 22:29 31-03-2003 - 00:00
CVE-2003-0083 5.0
Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities relate
17-10-2016 - 22:29 02-04-2003 - 00:00
CVE-2003-0078 5.0
ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cry
17-10-2016 - 22:29 03-03-2003 - 00:00
CVE-2003-0073 5.0
Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers with MySQL access to cause a denial of service (crash) via mysql_change_user.
17-10-2016 - 22:29 19-02-2003 - 00:00
CVE-2003-0068 7.5
The Eterm terminal emulator 0.9.1 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malic
17-10-2016 - 22:29 03-03-2003 - 00:00
CVE-2003-0066 7.5
The rxvt terminal emulator 2.7.8 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malici
17-10-2016 - 22:29 03-03-2003 - 00:00
CVE-2003-0056 7.2
Buffer overflow in secure locate (slocate) before 2.7 allows local users to execute arbitrary code via a long (1) -c or (2) -r command line argument.
17-10-2016 - 22:28 19-02-2003 - 00:00
CVE-2003-0033 10.0
Buffer overflow in the RPC preprocessor for Snort 1.8 and 1.9.x before 1.9.1 allows remote attackers to execute arbitrary code via fragmented RPC packets.
17-10-2016 - 22:28 07-03-2003 - 00:00
CVE-2003-0028 7.5
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via
17-10-2016 - 22:28 25-03-2003 - 00:00
CVE-2003-0023 5.0
The menuBar feature in rxvt 2.7.8 allows attackers to modify menu options and execute arbitrary commands via a certain character escape sequence that inserts the commands into the menu.
17-10-2016 - 22:28 03-03-2003 - 00:00
CVE-2003-0022 5.0
The "screen dump" feature in rxvt 2.7.8 allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence.
17-10-2016 - 22:28 03-03-2003 - 00:00
CVE-2003-0021 5.0
The "screen dump" feature in Eterm 0.9.1 and earlier allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence.
17-10-2016 - 22:28 03-03-2003 - 00:00
CVE-2003-0020 5.0
Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.
17-10-2016 - 22:28 18-03-2003 - 00:00
CVE-2003-0015 7.5
Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Check
17-10-2016 - 22:28 07-02-2003 - 00:00
CVE-2002-1661 5.0
The leafnode server in leafnode 1.9.20 to 1.9.29 allows remote attackers to cause a denial of service (infinite loop) when leafnode requests a cross-posted article to one group whose name is a prefix of another group.
17-10-2016 - 22:27 31-12-2002 - 00:00
CVE-2002-1405 5.0
CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP headers into an HTTP request that is provided on the command line, via a URL containing encoded carriage return, line feed, and other whitespace chara
17-10-2016 - 22:26 19-02-2003 - 00:00
CVE-2002-1403 7.2
dhcpcd DHCP client daemon 1.3.22 and earlier allows local users to execute arbitrary code via shell metacharacters that are fed from a dhcpd .info script into a .exe script.
17-10-2016 - 22:26 17-01-2003 - 00:00
CVE-2002-1402 4.6
Buffer overflows in the (1) TZ and (2) SET TIME ZONE enivronment variables for PostgreSQL 7.2.1 and earlier allow local users to cause a denial of service and possibly execute arbitrary code.
17-10-2016 - 22:26 17-01-2003 - 00:00
CVE-2002-1400 7.5
Heap-based buffer overflow in the repeat() function for PostgreSQL before 7.2.2 allows attackers to execute arbitrary code by causing repeat() to generate a large string.
17-10-2016 - 22:26 17-01-2003 - 00:00
CVE-2002-1398 4.6
Buffer overflow in the date parser for PostgreSQL before 7.2.2 allows attackers to cause a denial of service and possibly execute arbitrary code via a long date string, aka a vulnerability "in handling long datetime input."
17-10-2016 - 22:26 17-01-2003 - 00:00
CVE-2002-1397 7.5
Vulnerability in the cash_words() function for PostgreSQL 7.2 and earlier allows local users to cause a denial of service and possibly execute arbitrary code via a large negative argument, possibly triggering an integer signedness error or buffer ove
17-10-2016 - 22:26 17-01-2003 - 00:00
CVE-2002-1396 7.5
Heap-based buffer overflow in the wordwrap function in PHP after 4.1.2 and before 4.3.0 may allow attackers to cause a denial of service or execute arbitrary code.
17-10-2016 - 22:26 17-01-2003 - 00:00
CVE-2002-1393 7.5
Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses.
17-10-2016 - 22:26 17-01-2003 - 00:00
CVE-2002-1392 2.1
faxspool in mgetty before 1.1.29 uses a world-writable spool directory for outgoing faxes, which allows local users to modify fax transmission privileges.
17-10-2016 - 22:26 17-01-2003 - 00:00
CVE-2002-1391 7.5
Buffer overflow in cnd-program for mgetty before 1.1.29 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Caller ID string with a long CallerName argument.
17-10-2016 - 22:26 17-01-2003 - 00:00
CVE-2002-1384 7.2
Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf.
17-10-2016 - 22:26 02-01-2003 - 00:00
CVE-2002-1383 10.0
Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary code via (1) the CUPSd HTTP interface, as demonstrated by vanilla-coke, and (2) the image handling code in CUPS filters
17-10-2016 - 22:26 26-12-2002 - 00:00
CVE-2002-1377 4.6
vim 6.0 and 6.1, and possibly other versions, allows attackers to execute arbitrary commands using the libcall feature in modelines, which are not sandboxed but may be executed when vim is used to edit a malicious file, as demonstrated using mutt.
17-10-2016 - 22:26 23-12-2002 - 00:00
CVE-2002-1376 7.5
libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and po
17-10-2016 - 22:26 23-12-2002 - 00:00
CVE-2002-1375 7.5
The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to 4.0.6, allows remote attackers to execute arbitrary code via a long response.
17-10-2016 - 22:26 23-12-2002 - 00:00
CVE-2002-1374 7.5
The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x before 4.0.6, allows remote attackers to gain privileges via a brute force attack using a one-character password, which causes MySQL to only compare the provided password against the fi
17-10-2016 - 22:26 23-12-2002 - 00:00
CVE-2002-1373 5.0
Signed integer vulnerability in the COM_TABLE_DUMP package for MySQL 3.23.x before 3.23.54 allows remote attackers to cause a denial of service (crash or hang) in mysqld by causing large negative integers to be provided to a memcpy call.
17-10-2016 - 22:26 23-12-2002 - 00:00
CVE-2002-1372 5.0
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descripto
17-10-2016 - 22:26 26-12-2002 - 00:00
CVE-2002-1371 7.5
filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as demonstrated by nogif.
17-10-2016 - 22:26 26-12-2002 - 00:00
CVE-2002-1369 10.0
jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer overflow attack.
17-10-2016 - 22:26 26-12-2002 - 00:00
CVE-2002-1368 7.5
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing negative arguments to be fed into memcpy() calls via HTTP requests with (1) a negativ
17-10-2016 - 22:26 26-12-2002 - 00:00
CVE-2002-1367 10.0
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to add printers without authentication via a certain UDP packet, which can then be used to perform unauthorized activities such as stealing the local root certificate fo
17-10-2016 - 22:26 26-12-2002 - 00:00
CVE-2002-1366 6.2
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows local users with lp privileges to create or overwrite arbitrary files via file race conditions, as demonstrated by ice-cream.
17-10-2016 - 22:26 26-12-2002 - 00:00
CVE-2002-1365 7.5
Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local ad
17-10-2016 - 22:26 23-12-2002 - 00:00
CVE-2002-1350 7.5
The BGP decoding routines in tcpdump 3.6.x before 3.7 do not properly copy data, which allows remote attackers to cause a denial of service (application crash).
17-10-2016 - 22:26 23-12-2002 - 00:00
CVE-2002-1337 10.0
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
17-10-2016 - 22:26 07-03-2003 - 00:00
CVE-2002-1336 7.5
TightVNC before 1.2.6 generates the same challenge string for multiple connections, which allows remote attackers to bypass VNC authentication by sniffing the challenge and response of other users.
17-10-2016 - 22:26 11-12-2002 - 00:00
CVE-2002-1320 5.0
Pine 4.44 and earlier allows remote attackers to cause a denial of service (core dump and failed restart) via an email message with a From header that contains a large number of quotation marks (").
17-10-2016 - 22:25 11-12-2002 - 00:00
CVE-2002-1318 10.0
Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to
17-10-2016 - 22:25 11-12-2002 - 00:00
CVE-2002-1306 7.5
Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the "lisa" daemon, and (2) remote attackers to execute arbitrary code via a certain
17-10-2016 - 22:25 29-11-2002 - 00:00
CVE-2002-1282 7.5
Unknown vulnerability in the telnet KIO subsystem (telnet.protocol) of KDE 2.x 2.1 and later allows local and remote attackers to execute arbitrary code via a certain URL.
17-10-2016 - 22:25 29-11-2002 - 00:00
CVE-2002-1281 7.5
Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of KDE 2.x 2.1 and later, and KDE 3.x 3.0.4 and earlier, allows local and remote attackers to execute arbitrary code via a certain URL.
17-10-2016 - 22:25 29-11-2002 - 00:00
CVE-2002-1271 7.5
The Mail::Mailer Perl module in the perl-MailTools package 1.47 and earlier uses mailx as the default mailer, which allows remote attackers to execute arbitrary commands by inserting them into the mail body, which is then processed by mailx.
17-10-2016 - 22:25 12-11-2002 - 00:00
CVE-2002-1247 7.2
Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon.
17-10-2016 - 22:25 29-11-2002 - 00:00
CVE-2002-1235 10.0
The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and earlier, (2) kadmind in KTH Kerberos 4 (eBones) before 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) before
17-10-2016 - 22:25 04-11-2002 - 00:00
CVE-2002-1232 5.0
Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist.
17-10-2016 - 22:25 04-11-2002 - 00:00
CVE-2002-1175 5.0
The getmxrecord function in Fetchmail 6.0.0 and earlier does not properly check the boundary of a particular malformed DNS packet from a malicious DNS server, which allows remote attackers to cause a denial of service (crash) when Fetchmail attempts
17-10-2016 - 22:24 11-10-2002 - 00:00
CVE-2002-1174 7.5
Buffer overflows in Fetchmail 6.0.0 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) long headers that are not properly processed by the readheaders function, or (2) via long Received: headers,
17-10-2016 - 22:24 11-10-2002 - 00:00
CVE-2002-1165 4.6
Sendmail Consortium's Restricted Shell (SMRSH) in Sendmail 8.12.6, 8.11.6-15, and possibly other versions after 8.11 from 5/19/1998, allows attackers to bypass the intended restrictions of smrsh by inserting additional commands after (1) "||" sequenc
17-10-2016 - 22:24 11-10-2002 - 00:00
CVE-2002-1160 7.2
The default configuration of the pam_xauth module forwards MIT-Magic-Cookies to new X sessions, which could allow local users to gain root privileges by stealing the cookies from a temporary .xauth file, which is created with the original user's cred
17-10-2016 - 22:24 19-02-2003 - 00:00
CVE-2002-1155 7.2
Buffer overflow in KON kon2 0.3.9b and earlier allows local users to execute arbitrary code via a long -Coding command line argument.
17-10-2016 - 22:24 16-06-2003 - 00:00
CVE-2002-1151 7.5
The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote attackers to execute script and steal cookies from subframes that are
17-10-2016 - 22:24 11-10-2002 - 00:00
CVE-2002-1126 2.6
Mozilla 1.1 and earlier, and Mozilla-based browsers such as Netscape and Galeon, set the document referrer too quickly in certain situations when a new page is being loaded, which allows web pages to determine the next page that is being visited, inc
17-10-2016 - 22:23 24-09-2002 - 00:00
CVE-2002-1119 4.6
os._execvpe from os.py in Python 2.2.1 and earlier creates temporary files with predictable names, which could allow local users to execute arbitrary code via a symlink attack.
17-10-2016 - 22:23 04-10-2002 - 00:00
CVE-2002-1091 7.5
Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width.
17-10-2016 - 22:23 04-10-2002 - 00:00
CVE-2002-0989 7.5
The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link.
17-10-2016 - 22:23 24-09-2002 - 00:00
CVE-2002-0986 5.0
The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."
17-10-2016 - 22:23 24-09-2002 - 00:00
CVE-2002-0985 7.5
Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and poss
17-10-2016 - 22:23 24-09-2002 - 00:00
CVE-2002-0972 4.6
Buffer overflows in PostgreSQL 7.2 allow attackers to cause a denial of service and possibly execute arbitrary code via long arguments to the functions (1) lpad or (2) rpad.
17-10-2016 - 22:23 24-09-2002 - 00:00
CVE-2002-0970 7.5
The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack.
17-10-2016 - 22:23 24-09-2002 - 00:00
CVE-2002-0843 7.5
Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response.
17-10-2016 - 22:22 11-10-2002 - 00:00
CVE-2002-0840 6.8
Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web pag
17-10-2016 - 22:22 11-10-2002 - 00:00
CVE-2002-0839 7.2
The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that
17-10-2016 - 22:22 11-10-2002 - 00:00
CVE-2002-0838 4.6
Buffer overflow in (1) gv 3.5.8 and earlier, (2) gvv 1.0.2 and earlier, (3) ggv 1.99.90 and earlier, (4) gnome-gv, and (5) kghostview in kdegraphics 2.2.2 and earlier, allows attackers to execute arbitrary code via a malformed (a) PDF or (b) PostScri
17-10-2016 - 22:22 10-10-2002 - 00:00
CVE-2002-0836 7.5
dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
17-10-2016 - 22:22 28-10-2002 - 00:00
CVE-2002-0715 5.0
Vulnerability in Squid before 2.4.STABLE6 related to proxy authentication credentials may allow remote web sites to obtain the user's proxy login and password.
17-10-2016 - 22:21 26-07-2002 - 00:00
CVE-2002-0714 7.5
FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which allows remote attackers to bypass firewall rules or spoof FTP server responses.
17-10-2016 - 22:21 26-07-2002 - 00:00
CVE-2002-0713 7.5
Buffer overflows in Squid before 2.4.STABLE6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code (1) via the MSNT auth helper (msnt_auth) when using denyusers or allowusers files, (2) via the gopher client,
17-10-2016 - 22:21 26-07-2002 - 00:00
CVE-2002-0702 10.0
Format string vulnerabilities in the logging routines for dynamic DNS code (print.c) of ISC DHCP daemon (DHCPD) 3 to 3.0.1rc8, with the NSUPDATE option enabled, allow remote malicious DNS servers to execute arbitrary code via format strings in a DNS
17-10-2016 - 22:21 26-07-2002 - 00:00
CVE-2002-0684 7.5
Buffer overflow in DNS resolver functions that perform lookup of network names and addresses, as used in BIND 4.9.8 and ported to glibc 2.2.5 and earlier, allows remote malicious DNS servers to execute arbitrary code through a subroutine used by func
17-10-2016 - 22:21 12-08-2002 - 00:00
CVE-2002-0653 4.6
Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long e
17-10-2016 - 22:21 11-07-2002 - 00:00
CVE-2002-0651 7.5
Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers.
17-10-2016 - 22:21 03-07-2002 - 00:00
CVE-2002-0640 10.0
Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is using PAM modules with interactive keyboard authenticat
17-10-2016 - 22:20 03-07-2002 - 00:00
CVE-2002-0639 10.0
Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication.
17-10-2016 - 22:20 03-07-2002 - 00:00
CVE-2002-0638 6.2
setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race con
17-10-2016 - 22:20 12-08-2002 - 00:00
CVE-2002-0399 5.0
Directory traversal vulnerability in GNU tar 1.13.19 through 1.13.25, and possibly later versions, allows attackers to overwrite arbitrary files during archive extraction via a (1) "/.." or (2) "./.." string, which removes the leading slash but leave
17-10-2016 - 22:20 10-10-2002 - 00:00
CVE-2002-0391 10.0
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array
17-10-2016 - 22:20 12-08-2002 - 00:00
CVE-2002-0382 7.5
XChat IRC client allows remote attackers to execute arbitrary commands via a /dns command on a host whose DNS reverse lookup contains shell metacharacters.
17-10-2016 - 22:19 25-06-2002 - 00:00
CVE-2002-0379 7.5
Buffer overflow in University of Washington imap server (uw-imapd) imap-2001 (imapd 2001.315) and imap-2001a (imapd 2001.315) with legacy RFC 1730 support, and imapd 2000.287 and earlier, allows remote authenticated users to execute arbitrary code vi
17-10-2016 - 22:19 25-06-2002 - 00:00
CVE-2002-0374 7.5
Format string vulnerability in the logging function for the pam_ldap PAM LDAP module before version 144 allows attackers to execute arbitrary code via format strings in the configuration file name.
17-10-2016 - 22:19 29-05-2002 - 00:00
CVE-2002-0184 7.2
Heap-based buffer overflow in sudo before 1.6.6 may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded.
17-10-2016 - 22:16 16-05-2002 - 00:00
CVE-2002-0178 7.2
uudecode, as available in the sharutils package before 4.2.1, does not check whether the filename of the uudecoded file is a pipe or symbolic link, which could allow attackers to overwrite files or execute commands.
17-10-2016 - 22:16 29-05-2002 - 00:00
CVE-2002-0163 7.5
Heap-based buffer overflow in Squid before 2.4 STABLE4, and Squid 2.5 and 2.6 until March 12, 2002 distributions, allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via compressed DNS responses.
17-10-2016 - 22:16 26-03-2002 - 00:00
CVE-2002-0083 10.0
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
17-10-2016 - 22:16 15-03-2002 - 00:00
CVE-2002-0082 7.5
The dbm and shm session cache code in mod_ssl before 2.8.7-1.3.23, and Apache-SSL before 1.3.22+1.46, does not properly initialize memory using the i2d_SSL_SESSION function, which allows remote attackers to use a buffer overflow to execute arbitrary
17-10-2016 - 22:16 15-03-2002 - 00:00
CVE-2002-0081 7.5
Buffer overflows in (1) php_mime_split in PHP 4.1.0, 4.1.1, and 4.0.6 and earlier, and (2) php3_mime_split in PHP 3.0.x allows remote attackers to execute arbitrary code via a multipart/form-data HTTP POST request when file_uploads is enabled.
17-10-2016 - 22:15 08-03-2002 - 00:00
CVE-2002-0069 2.6
Memory leak in SNMP in Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service.
17-10-2016 - 22:15 08-03-2002 - 00:00
CVE-2002-0068 7.5
Squid 2.4 STABLE3 and earlier allows remote attackers to cause a denial of service (core dump) and possibly execute arbitrary code with an ftp:// URL with a larger number of special characters, which exceed the buffer when Squid URL-escapes the chara
17-10-2016 - 22:15 08-03-2002 - 00:00
CVE-2002-0067 7.5
Squid 2.4 STABLE3 and earlier does not properly disable HTCP, even when "htcp_port 0" is specified in squid.conf, which could allow remote attackers to bypass intended access restrictions.
17-10-2016 - 22:15 08-03-2002 - 00:00
CVE-2002-0060 7.5
IRC connection tracking helper module in the netfilter subsystem for Linux 2.4.18-pre9 and earlier does not properly set the mask for conntrack expectations for incoming DCC connections, which could allow remote attackers to bypass intended firewall
17-10-2016 - 22:15 08-03-2002 - 00:00
CVE-2002-0048 10.0
Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server.
17-10-2016 - 22:15 27-02-2002 - 00:00
CVE-2002-0043 7.2
sudo 1.6.0 through 1.6.3p7 does not properly clear the environment before calling the mail program, which could allow local users to gain root privileges by modifying environment variables and changing how the mail program is invoked.
17-10-2016 - 22:15 31-01-2002 - 00:00
CVE-2002-0004 7.2
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
17-10-2016 - 22:15 27-02-2002 - 00:00
CVE-2002-0002 7.5
Format string vulnerability in stunnel before 3.22 when used in client mode for (1) smtp, (2) pop, or (3) nntp allows remote malicious servers to execute arbitrary code.
17-10-2016 - 22:15 31-01-2002 - 00:00
CVE-2002-0001 7.5
Vulnerability in RFC822 address parser in mutt before 1.2.5.1 and mutt 1.3.x before 1.3.25 allows remote attackers to execute arbitrary commands via an improperly terminated comment or phrase in the address list.
17-10-2016 - 22:15 27-02-2002 - 00:00
CVE-2001-1389 7.5
Multiple vulnerabilities in xinetd 2.3.0 and earlier, and additional variants until 2.3.3, may allow remote attackers to cause a denial of service or execute arbitrary code, primarily via buffer overflows or improper NULL termination.
17-10-2016 - 22:14 29-08-2001 - 00:00
CVE-2001-1384 7.2
ptrace in Linux 2.2.x through 2.2.19, and 2.4.x through 2.4.9, allows local users to gain root privileges by running ptrace on a setuid or setgid program that itself calls an unprivileged program, such as newgrp.
17-10-2016 - 22:14 18-10-2001 - 00:00
CVE-2001-1380 7.5
OpenSSH before 2.9.9, while using keypairs and multiple keys of different types in the ~/.ssh/authorized_keys2 file, may not properly handle the "from" option associated with a key, which could allow remote attackers to login from unauthorized IP add
17-10-2016 - 22:14 18-10-2001 - 00:00
CVE-2001-1276 1.2
ispell before 3.1.20 allows local users to overwrite files of other users via a symlink attack on a temporary file.
17-10-2016 - 22:14 21-06-2001 - 00:00
CVE-2001-0928 7.5
Buffer overflow in the permitted function of GNOME gtop daemon (libgtop_daemon) in libgtop 1.0.13 and earlier may allow remote attackers to execute arbitrary code via long authentication data.
17-10-2016 - 22:13 28-11-2001 - 00:00
CVE-2001-0907 2.1
Linux kernel 2.2.1 through 2.2.19, and 2.4.1 through 2.4.10, allows local users to cause a denial of service via a series of deeply nested symlinks, which causes the kernel to spend extra time when trying to access the link.
17-10-2016 - 22:13 18-10-2001 - 00:00
CVE-2001-0894 5.0
Vulnerability in Postfix SMTP server before 20010228-pl07, when configured to email the postmaster when SMTP errors cause the session to terminate, allows remote attackers to cause a denial of service (memory exhaustion) by generating a large number
17-10-2016 - 22:12 11-11-2001 - 00:00
CVE-2001-0872 7.2
OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges.
17-10-2016 - 22:12 21-12-2001 - 00:00
CVE-2001-0843 5.0
Squid proxy server 2.4 and earlier allows remote attackers to cause a denial of service (crash) via a mkdir-only FTP PUT request.
17-10-2016 - 22:12 06-12-2001 - 00:00
CVE-2001-0834 6.4
htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such
17-10-2016 - 22:12 06-12-2001 - 00:00
CVE-2001-0736 2.1
Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack.
17-10-2016 - 22:11 18-10-2001 - 00:00
CVE-2001-0653 4.6
Sendmail 8.10.0 through 8.11.5, and 8.12.0 beta, allows local users to modify process memory and possibly gain privileges via a large value in the 'category' part of debugger (-d) command line arguments, which is interpreted as a negative number.
17-10-2016 - 22:11 20-09-2001 - 00:00
CVE-2001-0550 7.5
wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob).
17-10-2016 - 22:11 30-11-2001 - 00:00
CVE-1999-1332 2.1
gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file.
17-10-2016 - 22:03 31-12-1999 - 00:00
CVE-2001-0775 7.5
Buffer overflow in xloadimage 4.1 (aka xli 1.16 and 1.17) in Linux allows remote attackers to execute arbitrary code via a FACES format image containing a long (1) Firstname or (2) Lastname field.
19-05-2016 - 23:00 18-10-2001 - 00:00
CVE-2002-0658 6.2
OSSP mm library (libmm) before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack.
04-09-2013 - 00:18 12-08-2002 - 00:00
CVE-2003-0773 7.5
saned in sane-backends 1.0.7 and earlier does not check the IP address of the connecting host during the SANE_NET_INIT RPC call, which allows remote attackers to use that call even if they are restricted in saned.conf.
23-08-2013 - 00:29 22-09-2003 - 00:00
CVE-2003-0545 10.0
Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 encoding.
07-03-2011 - 21:12 17-11-2003 - 00:00
CVE-2003-0544 5.0
OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characters in certain ASN.1 inputs, which allows remote attackers to cause a denial of service (crash) via an SSL client certificate that causes OpenSSL to read past the end of a buffer wh
07-03-2011 - 21:12 17-11-2003 - 00:00
CVE-2003-0543 5.0
Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag values.
07-03-2011 - 21:12 17-11-2003 - 00:00
CVE-2003-0251 5.0
ypserv NIS server before 2.7 allows remote attackers to cause a denial of service via a TCP client request that does not respond to the server, which causes ypserv to block.
07-03-2011 - 21:12 24-07-2003 - 00:00
CVE-2003-0026 7.5
Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long
07-03-2011 - 21:11 17-01-2003 - 00:00
CVE-2001-1500 7.5
ProFTPD 1.2.2rc2, and possibly other versions, does not properly verify reverse-resolved hostnames by performing forward resolution, which allows remote attackers to bypass ACLs or cause an incorrect client hostname to be logged.
07-03-2011 - 21:07 31-12-2001 - 00:00
CVE-2001-0886 4.6
Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character.
07-03-2011 - 21:06 21-12-2001 - 00:00
CVE-2001-1009 10.0
Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request.
16-02-2011 - 00:00 31-08-2001 - 00:00
CVE-2002-0146 5.0
fetchmail email client before 5.9.10 does not properly limit the maximum number of messages available, which allows a remote IMAP server to overwrite memory via a message count that exceeds the boundaries of an array.
15-02-2011 - 15:45 25-06-2002 - 00:00
CVE-2001-0819 7.5
A buffer overflow in Linux fetchmail before 5.8.6 allows remote attackers to execute arbitrary code via a large 'To:' field in an email header.
15-02-2011 - 00:00 06-12-2001 - 00:00
CVE-2004-0635 5.0
The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read.
21-08-2010 - 00:20 06-12-2004 - 00:00
CVE-2004-0634 5.0
The SMB SID snooping capability in Ethereal 0.9.15 to 0.10.4 allows remote attackers to cause a denial of service (process crash) via a handle without a policy name, which causes a null dereference.
21-08-2010 - 00:20 06-12-2004 - 00:00
CVE-2004-0633 5.0
The iSNS dissector for Ethereal 0.10.3 through 0.10.4 allows remote attackers to cause a denial of service (process abort) via an integer overflow.
21-08-2010 - 00:20 06-12-2004 - 00:00
CVE-2004-0587 2.1
Insecure permissions for the /proc/scsi/qla2300/HbaApiNode file in Linux allows local users to cause a denial of service.
21-08-2010 - 00:20 06-08-2004 - 00:00
CVE-2004-0565 2.1
Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.
21-08-2010 - 00:20 06-12-2004 - 00:00
CVE-2004-0557 10.0
Multiple buffer overflows in the st_wavstartread function in wav.c for Sound eXchange (SoX) 12.17.2 through 12.17.4 allow remote attackers to execute arbitrary code via certain WAV file header fields.
21-08-2010 - 00:20 06-08-2004 - 00:00
CVE-2004-0541 10.0
Buffer overflow in the ntlm_check_auth (NTLM authentication) function for Squid Web Proxy Cache 2.5.x and 3.x, when compiled with NTLM handlers enabled, allows remote attackers to execute arbitrary code via a long password ("pass" variable).
21-08-2010 - 00:20 06-08-2004 - 00:00
CVE-2004-0535 2.1
The e1000 driver for Linux kernel 2.4.26 and earlier does not properly initialize memory before using it, which allows local users to read portions of kernel memory. NOTE: this issue was originally incorrectly reported as a "buffer overflow" by some
21-08-2010 - 00:20 06-08-2004 - 00:00
CVE-2004-0497 2.1
Unknown vulnerability in Linux kernel 2.x may allow local users to modify the group ID of files, such as NFS exported files in kernel 2.4.
21-08-2010 - 00:20 06-12-2004 - 00:00
CVE-2004-0495 7.2
Multiple unknown vulnerabilities in Linux kernel 2.4 and 2.6 allow local users to gain privileges or access kernel memory, as found by the Sparse source code checking tool.
21-08-2010 - 00:20 06-08-2004 - 00:00
CVE-2004-0419 7.5
XDM in XFree86 opens a chooserFd TCP socket even when DisplayManager.requestPort is 0, which could allow remote attackers to connect to the port, in violation of the intended restrictions.
21-08-2010 - 00:20 18-08-2004 - 00:00
CVE-2004-0233 2.1
Utempter allows device names that contain .. (dot dot) directory traversal sequences, which allows local users to overwrite arbitrary files via a symlink attack on device names in combination with an application that trusts the utmp or wtmp files.
21-08-2010 - 00:20 18-08-2004 - 00:00
CVE-2004-0178 2.1
The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x before 2.4.26, when operating in 16 bit mode, does not properly handle certain sample sizes, which allows local users to cause a denial of service (crash) via a sample with an odd number
21-08-2010 - 00:19 01-06-2004 - 00:00
CVE-2004-0097 10.0
Multiple vulnerabilities in PWLib before 1.6.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
21-08-2010 - 00:19 03-03-2004 - 00:00
CVE-2004-0010 7.2
Stack-based buffer overflow in the ncp_lookup function for ncpfs in Linux kernel 2.4.x allows local users to gain privileges.
21-08-2010 - 00:19 03-03-2004 - 00:00
CVE-2004-0003 4.6
Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to "R128 DRI limits checking."
21-08-2010 - 00:19 03-03-2004 - 00:00
CVE-2003-1013 5.0
The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference.
21-08-2010 - 00:17 05-01-2004 - 00:00
CVE-2003-1012 5.0
The SMB dissector in Ethereal before 0.10.0 allows remote attackers to cause a denial of service via a malformed SMB packet that triggers a segmentation fault during processing of Selected packets.
21-08-2010 - 00:17 05-01-2004 - 00:00
CVE-2003-0935 6.4
Net-SNMP before 5.0.9 allows a user or community to access data in MIB objects, even if that data is not allowed to be viewed.
21-08-2010 - 00:17 01-12-2003 - 00:00
CVE-2003-0927 7.5
Heap-based buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SOCKS dissector.
21-08-2010 - 00:17 01-12-2003 - 00:00
CVE-2003-0926 5.0
Ethereal 0.9.15 and earlier, and Tethereal, allows remote attackers to cause a denial of service (crash) via certain malformed (1) ISAKMP or (2) MEGACO packets.
21-08-2010 - 00:17 01-12-2003 - 00:00
CVE-2003-0925 7.5
Buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed GTP MSISDN string.
21-08-2010 - 00:17 01-12-2003 - 00:00
CVE-2003-0594 7.5
Mozilla allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g.
21-08-2010 - 00:16 15-04-2004 - 00:00
CVE-2001-1269 2.1
Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via filenames in the archive that begin with the '/' (slash) character.
25-05-2010 - 00:10 12-07-2001 - 00:00
CVE-2001-1268 2.1
Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. (dot dot) in an extracted filename.
25-05-2010 - 00:10 12-07-2001 - 00:00
CVE-2003-0094 5.0
A patch for mcookie in the util-linux package for Mandrake Linux 8.2 and 9.0 uses /dev/urandom instead of /dev/random, which causes mcookie to use an entropy source that is more predictable than expected, which may make it easier for certain types of
10-09-2008 - 20:05 03-03-2003 - 00:00
CVE-2003-0035 7.2
Buffer overflow in escputil, as included in the printer-drivers package in Mandrake Linux, allows local users to execute arbitrary code via a long printer-name command line argument.
10-09-2008 - 20:05 07-02-2003 - 00:00
CVE-2003-0034 7.2
Buffer overflow in the mtink status monitor, as included in the printer-drivers package in Mandrake Linux, allows local users to execute arbitrary code via a long HOME environment variable.
10-09-2008 - 20:05 07-02-2003 - 00:00
CVE-2003-0018 3.6
Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle the O_DIRECT feature, which allows local attackers with write privileges to read portions of previously deleted files, or cause file system corruption.
10-09-2008 - 20:05 19-02-2003 - 00:00
CVE-2002-0176 4.6
The printf wrappers in libsafe 2.0-11 and earlier do not properly handle argument indexing specifiers, which could allow attackers to exploit certain function calls through arguments that are not verified by libsafe.
10-09-2008 - 20:00 22-04-2002 - 00:00
CVE-2002-0175 4.6
libsafe 2.0-11 and earlier allows attackers to bypass protection against format string vulnerabilities via format strings that use the "'" and "I" characters, which are implemented in libc but not libsafe.
10-09-2008 - 20:00 22-04-2002 - 00:00
CVE-2002-0168 7.5
Vulnerability in Imlib before 1.9.13 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by manipulating arguments that are passed to malloc, which results in a heap corruption.
10-09-2008 - 20:00 22-04-2002 - 00:00
CVE-2002-0167 7.5
Imlib before 1.9.13 sometimes uses the NetPBM package to load trusted images, which could allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain weaknesses of NetPBM.
10-09-2008 - 20:00 22-04-2002 - 00:00
CVE-2004-0645 10.0
Buffer overflow in the wvHandleDateTimePicture function in wv library (wvWare) 0.7.4 through 0.7.6 and 1.0.0 allows remote attackers to execute arbitrary code via a document with a long DateTime field.
10-09-2008 - 15:27 06-08-2004 - 00:00
CVE-2004-0402 4.6
Buffer overflow in xpcd-svga in xpcd before 2.08, and possibly other versions, may allow local users to execute arbitrary code.
10-09-2008 - 15:26 07-07-2004 - 00:00
CVE-2004-0394 2.1
A "potential" buffer overflow exists in the panic() function in Linux 2.4.x, although it may not be exploitable due to the functionality of panic.
10-09-2008 - 15:26 18-08-2004 - 00:00
CVE-2004-0232 5.0
Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
10-09-2008 - 15:25 18-08-2004 - 00:00
CVE-2004-0231 2.1
Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations."
10-09-2008 - 15:25 18-08-2004 - 00:00
CVE-2004-0229 4.6
The framebuffer driver in Linux kernel 2.6.x does not properly use the fb_copy_cmap function, with unknown impact.
10-09-2008 - 15:25 18-08-2004 - 00:00
CVE-2004-0228 7.2
Integer signedness error in the cpufreq proc handler (cpufreq_procctl) in Linux kernel 2.6 allows local users to gain privileges.
10-09-2008 - 15:25 18-08-2004 - 00:00
CVE-2004-0226 10.0
Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
10-09-2008 - 15:25 18-08-2004 - 00:00
CVE-2004-0150 7.5
Buffer overflow in the getaddrinfo function in Python 2.2 before 2.2.2, when IPv6 support is disabled, allows remote attackers to execute arbitrary code via an IPv6 address that is obtained using DNS.
10-09-2008 - 15:25 15-04-2004 - 00:00
CVE-2003-1020 5.0
The format_send_to_gui function in formats.c for irssi before 0.8.9 allows remote IRC users to cause a denial of service (crash).
10-09-2008 - 15:21 05-01-2004 - 00:00
CVE-2003-0992 4.3
Cross-site scripting (XSS) vulnerability in the create CGI script for Mailman before 2.1.3 allows remote attackers to steal cookies of other users.
10-09-2008 - 15:21 17-02-2004 - 00:00
CVE-2003-0965 6.8
Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities.
10-09-2008 - 15:21 17-02-2004 - 00:00
CVE-2003-0854 2.1
ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd.
10-09-2008 - 15:20 17-11-2003 - 00:00
CVE-2003-0853 5.0
An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd.
10-09-2008 - 15:20 17-11-2003 - 00:00
CVE-2003-0794 2.1
GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not limit the number or duration of commands and uses a blocking socket connection, which allows attackers to cause a denial of service (resource exhaustion) by sending commands and not rea
10-09-2008 - 15:20 17-11-2003 - 00:00
CVE-2003-0793 2.1
GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not restrict the size of input, which allows attackers to cause a denial of service (memory consumption).
10-09-2008 - 15:20 17-11-2003 - 00:00
CVE-2003-0791 7.5
The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed.
10-09-2008 - 15:20 07-10-2003 - 00:00
CVE-2003-0778 5.0
saned in sane-backends 1.0.7 and earlier, and possibly later versions, does not properly allocate memory in certain cases, which could allow attackers to cause a denial of service (memory consumption).
10-09-2008 - 15:20 22-09-2003 - 00:00
CVE-2003-0777 5.0
saned in sane-backends 1.0.7 and earlier, when debug messages are enabled, does not properly handle dropped connections, which can prevent strings from being null terminated and cause a denial of service (segmentation fault).
10-09-2008 - 15:20 22-09-2003 - 00:00
CVE-2003-0776 7.5
saned in sane-backends 1.0.7 and earlier does not properly "check the validity of the RPC numbers it gets before getting the parameters," with unknown consequences.
10-09-2008 - 15:20 22-09-2003 - 00:00
CVE-2003-0775 5.0
saned in sane-backends 1.0.7 and earlier calls malloc with an arbitrary size value if a connection is dropped before the size value has been sent, which allows remote attackers to cause a denial of service (memory consumption or crash).
10-09-2008 - 15:20 22-09-2003 - 00:00
CVE-2003-0774 7.5
saned in sane-backends 1.0.7 and earlier does not quickly handle connection drops, which allows remote attackers to cause a denial of service (segmentation fault) when invalid memory is accessed.
10-09-2008 - 15:20 22-09-2003 - 00:00
CVE-2003-0734 10.0
Unknown vulnerability in the pam_filter mechanism in pam_ldap before version 162, when LDAP based authentication is being used, allows users to bypass host-based access restrictions and log onto the system.
10-09-2008 - 15:20 20-10-2003 - 00:00
CVE-2003-0723 7.5
Buffer overflow in gkrellmd for gkrellm 2.1.x before 2.1.14 may allow remote attackers to execute arbitrary code.
10-09-2008 - 15:20 20-10-2003 - 00:00
CVE-2003-0689 7.5
The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow.
10-09-2008 - 15:20 20-10-2003 - 00:00
CVE-2003-0688 5.0
The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that caus
10-09-2008 - 15:20 20-10-2003 - 00:00
CVE-2003-0649 7.2
Buffer overflow in xpcd-svga for xpcd 2.08 and earlier allows local users to execute arbitrary code via a long HOME environment variable.
10-09-2008 - 15:20 27-08-2003 - 00:00
CVE-2003-0592 7.5
Konqueror in KDE 3.1.3 and earlier (kdelibs) allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Konqueror to send the cookie o
10-09-2008 - 15:19 15-04-2004 - 00:00
CVE-2003-0577 7.5
mpg123 0.59r allows remote attackers to cause a denial of service and possibly execute arbitrary code via an MP3 file with a zero bitrate, which creates a negative frame size.
10-09-2008 - 15:19 18-08-2003 - 00:00
CVE-2003-0549 5.0
The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) via a short authorization key name.
10-09-2008 - 15:19 27-08-2003 - 00:00
CVE-2003-0548 5.0
The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0549.
10-09-2008 - 15:19 27-08-2003 - 00:00
CVE-2003-0541 5.0
gtkhtml before 1.1.10, as used in Evolution, allows remote attackers to cause a denial of service (crash) via a malformed message that causes a null pointer dereference.
10-09-2008 - 15:19 17-09-2003 - 00:00
CVE-2003-0462 1.2
A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash).
10-09-2008 - 15:19 27-08-2003 - 00:00
CVE-2003-0432 10.0
Ethereal 0.9.12 and earlier does not handle certain strings properly, with unknown consequences, in the (1) BGP, (2) WTP, (3) DNS, (4) 802.11, (5) ISAKMP, (6) WSP, (7) CLNP, (8) ISIS, and (9) RMI dissectors.
10-09-2008 - 15:19 24-07-2003 - 00:00
CVE-2003-0431 10.0
The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not properly handle a zero-length buffer size, with unknown consequences.
10-09-2008 - 15:19 24-07-2003 - 00:00
CVE-2003-0429 7.5
The OSI dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via invalid IPv4 or IPv6 prefix lengths, possibly triggering a buffer overflow.
10-09-2008 - 15:18 24-07-2003 - 00:00
CVE-2003-0428 5.0
Unknown vulnerability in the DCERPC (DCE/RPC) dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (memory consumption) via a certain NDR string.
10-09-2008 - 15:18 24-07-2003 - 00:00
CVE-2003-0367 2.1
znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files.
10-09-2008 - 15:18 02-07-2003 - 00:00
CVE-2003-0357 7.5
Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) Mount and (2) PPP dissectors.
10-09-2008 - 15:18 09-06-2003 - 00:00
CVE-2003-0356 10.0
Multiple off-by-one vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) AIM, (2) GIOP Gryphon, (3) OSPF, (4) PPTP, (5) Quake, (6) Quake2, (7) Quake3, (8) R
10-09-2008 - 15:18 09-06-2003 - 00:00
CVE-2003-0256 7.5
The GnuPG plugin in kopete before 0.6.2 does not properly cleanse the command line when executing gpg, which allows remote attackers to execute arbitrary commands.
10-09-2008 - 15:18 27-05-2003 - 00:00
CVE-2003-0248 10.0
The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address.
10-09-2008 - 15:18 16-06-2003 - 00:00
CVE-2003-0247 5.0
Unknown vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ("kernel oops").
10-09-2008 - 15:18 16-06-2003 - 00:00
CVE-2003-0173 7.2
xfsdq in xfsdump does not create quota information files securely, which allows local users to gain root privileges.
10-09-2008 - 15:18 05-05-2003 - 00:00
CVE-2003-0136 2.1
psbanner in the LPRng package allows local users to overwrite arbitrary files via a symbolic link attack on the /tmp/before file.
10-09-2008 - 15:18 05-05-2003 - 00:00
CVE-2003-0133 5.0
GtkHTML, as included in Evolution before 1.2.4, allows remote attackers to cause a denial of service (crash) via certain malformed messages.
10-09-2008 - 15:18 05-05-2003 - 00:00
CVE-2003-0099 7.2
Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before 3.10.5, may allow attackers to cause a denial of service or execute arbitrary code, related to usage of the vsprintf function.
10-09-2008 - 15:17 03-03-2003 - 00:00
CVE-2003-0098 10.0
Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server.
10-09-2008 - 15:17 03-03-2003 - 00:00
CVE-2003-0093 5.0
The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service (crash) via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to generate data within an infinite loop.
10-09-2008 - 15:17 03-03-2003 - 00:00
CVE-2003-0082 5.0
The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes the KDC to corrupt its hea
10-09-2008 - 15:17 02-04-2003 - 00:00
CVE-2003-0041 10.0
Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client.
10-09-2008 - 15:17 19-02-2003 - 00:00
CVE-2003-0036 6.2
ml85p, as included in the printer-drivers package for Mandrake Linux, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable filenames of the form "mlg85p%d".
10-09-2008 - 15:17 07-02-2003 - 00:00
CVE-2002-2001 1.2
jmcce 1.3.8 in Mandrake 8.1 creates log files in /tmp with predictable names, which allows local users to overwrite arbitrary files via a symlink attack.
10-09-2008 - 15:16 31-12-2002 - 00:00
CVE-2002-1511 5.0
The vncserver wrapper for vnc before 3.3.3r2-21 uses the rand() function instead of srand(), which causes vncserver to generate weak cookies.
10-09-2008 - 15:14 03-03-2003 - 00:00
CVE-2002-1509 3.6
A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email.
10-09-2008 - 15:14 03-03-2003 - 00:00
CVE-2002-1508 1.2
slapd in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows local users to overwrite arbitrary files via a race condition during the creation of a log file for rejected replication requests.
10-09-2008 - 15:14 19-02-2003 - 00:00
CVE-2002-1380 2.1
Linux kernel 2.2.x allows local users to cause a denial of service (crash) by using the mmap() function with a PROT_READ parameter to access non-readable memory pages through the /proc/pid/mem interface.
10-09-2008 - 15:14 23-12-2002 - 00:00
CVE-2002-1379 7.5
OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows remote or local attackers to execute arbitrary code when libldap reads the .ldaprc file within applications that are running with extra privileges.
10-09-2008 - 15:14 02-01-2003 - 00:00
CVE-2002-1378 7.5
Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allow remote attackers to execute arbitrary code via (1) long -t or -r parameters to slurpd, (2) a malicious ldapfilter.conf file that is not properly handled by getfilter function
10-09-2008 - 15:14 02-01-2003 - 00:00
CVE-2002-1363 7.5
Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does not correctly calculate offsets, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a buffer overflow attack on the row buff
10-09-2008 - 15:14 26-12-2002 - 00:00
CVE-2002-1146 5.0
The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to rea
10-09-2008 - 15:13 11-10-2002 - 00:00
CVE-2002-0657 7.5
Buffer overflow in OpenSSL 0.9.7 before 0.9.7-beta3, with Kerberos enabled, allows attackers to execute arbitrary code via a long master key.
10-09-2008 - 15:12 12-08-2002 - 00:00
CVE-2002-0656 7.5
Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3.
10-09-2008 - 15:12 12-08-2002 - 00:00
CVE-2002-0655 7.5
OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code.
10-09-2008 - 15:12 12-08-2002 - 00:00
CVE-2002-0400 5.0
ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in mes
10-09-2008 - 15:11 18-06-2002 - 00:00
CVE-2002-0384 7.5
Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code.
10-09-2008 - 15:11 04-10-2002 - 00:00
CVE-2002-0378 7.5
The default configuration of LPRng print spooler in Red Hat Linux 7.0 through 7.3, Mandrake 8.1 and 8.2, and other operating systems, accepts print jobs from arbitrary remote hosts.
10-09-2008 - 15:11 03-07-2002 - 00:00
CVE-2002-0059 7.5
The decompression algorithm in zlib 1.1.3 and earlier, as used in many different utilities and packages, causes inflateEnd to release certain memory more than once (a "double free"), which may allow local and remote attackers to execute arbitrary cod
10-09-2008 - 15:11 15-03-2002 - 00:00
CVE-2002-0045 7.5
slapd in OpenLDAP 2.0 through 2.0.19 allows local users, and anonymous users before 2.0.8, to conduct a "replace" action on access controls without any values, which causes OpenLDAP to delete non-mandatory attributes that would otherwise be protected
10-09-2008 - 15:11 31-01-2002 - 00:00
CVE-2002-0044 3.6
GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files.
10-09-2008 - 15:11 31-01-2002 - 00:00
CVE-2002-0036 5.0
Integer signedness error in MIT Kerberos V5 ASN.1 decoder before krb5 1.2.5 allows remote attackers to cause a denial of service via a large unsigned data element length, which is later used as a negative value.
10-09-2008 - 15:11 19-02-2003 - 00:00
CVE-2001-1501 5.0
The glob functionality in ProFTPD 1.2.1, and possibly other versions allows remote attackers to cause a denial of service (CPU and memory consumption) via commands with large numbers of wildcard and other special characters, as demonstrated using an
10-09-2008 - 15:10 31-12-2001 - 00:00
CVE-2001-1449 7.5
The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories.
10-09-2008 - 15:10 28-11-2001 - 00:00
CVE-2001-1322 3.6
xinetd 2.1.8 and earlier runs with a default umask of 0, which could allow local users to read or modify files that are created by an application that runs under xinetd but does not set its own safe umask.
10-09-2008 - 15:10 10-07-2001 - 00:00
CVE-2001-1279 7.5
Buffer overflow in print-rx.c of tcpdump 3.x (probably 3.6x) allows remote attackers to cause a denial of service and possibly execute arbitrary code via AFS RPC packets with invalid lengths that trigger an integer signedness error, a different vulne
10-09-2008 - 15:10 17-07-2001 - 00:00
CVE-2001-1246 7.5
PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() function, which allows local users and possibly remote attackers to execute arbitrary commands via shell metacharacters.
10-09-2008 - 15:10 30-06-2001 - 00:00
CVE-2001-1228 7.5
Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow attackers to execute code via a long file name, possibly remotely if gzip is run on an FTP server.
10-09-2008 - 15:09 18-11-2001 - 00:00
CVE-2001-1027 10.0
Buffer overflow in WindowMaker (aka wmaker) 0.64 and earlier allows remote attackers to execute arbitrary code via a long window title.
10-09-2008 - 15:09 31-08-2001 - 00:00
CVE-2001-0869 7.5
Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands.
10-09-2008 - 15:09 21-12-2001 - 00:00
CVE-2001-0851 5.0
Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie.
10-09-2008 - 15:09 06-12-2001 - 00:00
CVE-2001-0730 5.0
split-logfile in Apache 1.3.20 allows remote attackers to overwrite arbitrary files that end in the .log extension via an HTTP request with a / (slash) in the Host: header.
10-09-2008 - 15:08 30-10-2001 - 00:00
CVE-2001-0559 7.2
crontab in Vixie cron 3.0.1 and earlier does not properly drop privileges after the failed parsing of a modification operation, which could allow a local attacker to gain additional privileges when an editor is called to correct the error.
10-09-2008 - 15:08 14-08-2001 - 00:00
CVE-2001-0556 7.2
The Nirvana Editor (NEdit) 5.1.1 and earlier allows a local attacker to overwrite other users' files via a symlink attack on (1) backup files or (2) temporary files used when nedit prints a file or portions of a file.
10-09-2008 - 15:08 22-08-2001 - 00:00
CVE-2001-0522 7.5
Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file.
10-09-2008 - 15:08 14-08-2001 - 00:00
CVE-2001-0489 7.5
Format string vulnerability in gftp prior to 2.0.8 allows remote malicious FTP servers to execute arbitrary commands.
10-09-2008 - 15:08 27-06-2001 - 00:00
CVE-2000-0491 10.0
Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request.
10-09-2008 - 15:04 24-05-2000 - 00:00
CVE-2002-1401 6.5
Buffer overflows in (1) circle_poly, (2) path_encode and (3) path_add (also incorrectly identified as path_addr) for PostgreSQL 7.2.3 and earlier allow attackers to cause a denial of service and possibly execute arbitrary code, possibly as a result o
10-09-2008 - 00:00 17-01-2003 - 00:00
CVE-2004-2396 7.2
passwd 0.68 does not check the return code for the pam_start function, which has unknown impact and attack vectors that may prevent "safe and proper operation" of PAM.
05-09-2008 - 16:44 31-12-2004 - 00:00
CVE-2004-2395 2.1
Memory leak in passwd 0.68 allows local users to cause a denial of service (memory consumption) via a large number of failed read attempts from the password buffer.
05-09-2008 - 16:44 31-12-2004 - 00:00
CVE-2004-2394 2.1
Off-by-one error in passwd 0.68 and earlier, when using the --stdin option, causes passwd to use the first 78 characters of a password instead of the first 79, which results in a small reduction of the search space required for brute force attacks.
05-09-2008 - 16:44 31-12-2004 - 00:00
CVE-2004-2392 5.0
libuser 0.51.7 allows attackers to cause a denial of service (crash or disk consumption) via unknown attack vectors, related to read failures and other bugs.
05-09-2008 - 16:44 31-12-2004 - 00:00
CVE-2004-2303 3.6
MTools Mformat before 3.9.9, when installed setuid root, creates files with world-readable and world-writable permissions, which allows local users to read and overwrite files.
05-09-2008 - 16:43 31-12-2004 - 00:00
CVE-2004-1082 7.5
mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials.
05-09-2008 - 16:40 03-02-2004 - 00:00
CVE-2004-0590 10.0
FreeS/WAN 1.x and 2.x, and other related products including superfreeswan 1.x, openswan 1.x before 1.0.6, openswan 2.x before 2.1.4, and strongSwan before 2.1.3, allows remote attackers to authenticate using spoofed PKCS#7 certificates in which a sel
05-09-2008 - 16:38 06-12-2004 - 00:00
CVE-2004-0581 4.6
ksymoops-gznm script in Mandrake Linux 9.1 through 10.0, and Corporate Server 2.1, allows local users to delete arbitrary files via a symlink attack on files in /tmp.
05-09-2008 - 16:38 06-08-2004 - 00:00
CVE-2004-0075 2.1
The Vicam USB driver in Linux before 2.4.25 does not use the copy_from_user function when copying data from userspace to kernel space, which crosses security boundaries and allows local users to cause a denial of service.
05-09-2008 - 16:37 15-03-2004 - 00:00
CVE-2004-0013 5.0
jabber 1.4.2, 1.4.2a, and possibly earlier versions, does not properly handle SSL connections, which allows remote attackers to cause a denial of service (crash).
05-09-2008 - 16:37 03-02-2004 - 00:00
CVE-2003-0991 5.0
Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands.
05-09-2008 - 16:35 03-03-2004 - 00:00
CVE-2003-0924 3.7
netpbm 9.25 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.
05-09-2008 - 16:35 17-02-2004 - 00:00
CVE-2003-0901 7.5
Buffer overflow in to_ascii for PostgreSQL 7.2.x, and 7.3.x before 7.3.4, allows remote attackers to execute arbitrary code.
05-09-2008 - 16:35 03-11-2003 - 00:00
CVE-2003-0788 5.0
Unknown vulnerability in the Internet Printing Protocol (IPP) implementation in CUPS before 1.1.19 allows remote attackers to cause a denial of service (CPU consumption from a "busy loop") via certain inputs to the IPP port (TCP 631).
05-09-2008 - 16:35 01-12-2003 - 00:00
CVE-2003-0145 5.0
Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle unknown RADIUS attributes properly," allows remote attackers to cause a denial of service (infinite loop), a different vulnerability than CAN-2003-0093.
05-09-2008 - 16:33 31-03-2003 - 00:00
CVE-2003-0081 7.5
Format string vulnerability in packet-socks.c of the SOCKS dissector for Ethereal 0.8.7 through 0.9.9 allows remote attackers to execute arbitrary code via SOCKS packets containing format string specifiers.
05-09-2008 - 16:33 18-03-2003 - 00:00
CVE-2003-0072 5.0
The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of a
05-09-2008 - 16:33 02-04-2003 - 00:00
CVE-2003-0059 7.5
Unknown vulnerability in the chk_trans.c of the libkrb5 library for MIT Kerberos V5 before 1.2.5 allows users from one realm to impersonate users in other realms that have the same inter-realm keys.
05-09-2008 - 16:33 19-02-2003 - 00:00
CVE-2003-0058 5.0
MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference.
05-09-2008 - 16:33 19-02-2003 - 00:00
CVE-2002-1277 7.5
Buffer overflow in Window Maker (wmaker) 0.80.0 and earlier may allow remote attackers to execute arbitrary code via a certain image file that is not properly handled when Window Maker uses width and height information to allocate a buffer.
05-09-2008 - 16:30 12-11-2002 - 00:00
CVE-2002-1223 7.5
Buffer overflow in DSC 3.0 parser from GSview, as used in KGhostView in KDE 1.1 and KDE 3.0.3a, may allow attackers to cause a denial of service or execute arbitrary code via a modified .ps (PostScript) input file.
05-09-2008 - 16:30 28-10-2002 - 00:00
CVE-2002-1157 7.5
Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS respons
05-09-2008 - 16:29 04-11-2002 - 00:00
CVE-2002-1050 7.5
Buffer overflow in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long line of image data.
05-09-2008 - 16:29 04-10-2002 - 00:00
CVE-2002-1049 5.0
Format string vulnerability in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service (crash) via the TSI data element.
05-09-2008 - 16:29 04-10-2002 - 00:00
CVE-2002-0825 7.5
Buffer overflow in the DNS SRV code for nss_ldap before nss_ldap-198 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
05-09-2008 - 16:29 12-08-2002 - 00:00
CVE-2002-0757 7.5
(1) Webmin 0.96 and (2) Usermin 0.90 with password timeouts enabled allow local and possibly remote attackers to bypass authentication and gain privileges via certain control characters in the authentication information, which can force Webmin or Use
05-09-2008 - 16:28 12-08-2002 - 00:00
CVE-2002-0728 5.0
Buffer overflow in the progressive reader for libpng 1.2.x before 1.2.4, and 1.0.x before 1.0.14, allows attackers to cause a denial of service (crash) via a PNG data stream that has more IDAT data than indicated by the IHDR chunk.
05-09-2008 - 16:28 12-08-2002 - 00:00
CVE-2002-0435 1.2
Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level a
05-09-2008 - 16:28 26-07-2002 - 00:00
CVE-2002-0427 10.0
Buffer overflows in fpexec in mod_frontpage before 1.6.1 may allow attackers to gain root privileges.
05-09-2008 - 16:27 12-08-2002 - 00:00
CVE-2002-0080 2.1
rsync, when running in daemon mode, does not properly call setgroups before dropping privileges, which could provide supplemental group privileges to local users, who could then read certain files that would otherwise be disallowed.
05-09-2008 - 16:27 15-03-2002 - 00:00
CVE-2002-0063 7.5
Buffer overflow in ippRead function of CUPS before 1.1.14 may allow attackers to execute arbitrary code via long attribute names or language values.
05-09-2008 - 16:27 08-03-2002 - 00:00
CVE-2002-0003 7.5
Buffer overflow in the preprocessor in groff 1.16 and earlier allows remote attackers to gain privileges via lpd in the LPRng printing system.
05-09-2008 - 16:26 27-02-2002 - 00:00
CVE-2001-1375 4.6
tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code via a Trojan horse library that is under a user-controlled directory.
05-09-2008 - 16:26 19-07-2001 - 00:00
CVE-2001-1374 7.2
expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allow local users to gain root privileges via a Trojan horse library that is accessed by mkpasswd.
05-09-2008 - 16:26 19-07-2001 - 00:00
CVE-2001-1333 1.2
Linux CUPS before 1.1.6 does not securely handle temporary files, possibly due to a symlink vulnerability that could allow local users to overwrite files.
05-09-2008 - 16:26 10-05-2001 - 00:00
CVE-2001-1332 7.5
Buffer overflows in Linux CUPS before 1.1.6 may allow remote attackers to execute arbitrary code.
05-09-2008 - 16:26 10-05-2001 - 00:00
CVE-2001-1267 2.1
Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arbitrary files during archive extraction via a tar file whose filenames contain a .. (dot dot).
05-09-2008 - 16:26 12-07-2001 - 00:00
CVE-2001-1190 4.6
The default PAM files included with passwd in Mandrake Linux 8.1 do not support MD5 passwords, which could result in a lower level of password security than intended.
05-09-2008 - 16:25 12-12-2001 - 00:00
CVE-2001-1174 7.5
Buffer overflow in Elm 2.5.5 and earlier allows remote attackers to execute arbitrary code via a long Message-ID header.
05-09-2008 - 16:25 01-04-2002 - 00:00
CVE-2001-1162 10.0
Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file.
05-09-2008 - 16:25 23-06-2001 - 00:00
CVE-2001-1147 7.2
The PAM implementation in /bin/login of the util-linux package before 2.11 causes a password entry to be rewritten across multiple PAM calls, which could provide the credentials of one user to a different user, when used in certain PAM modules such a
05-09-2008 - 16:25 08-10-2001 - 00:00
CVE-2001-1141 5.0
The Pseudo-Random Number Generator (PRNG) in SSLeay and OpenSSL before 0.9.6b allows attackers to use the output of small PRNG requests to determine the internal state information, which could be used by attackers to predict future pseudo-random numb
05-09-2008 - 16:25 10-07-2001 - 00:00
CVE-2001-1074 7.2
Webmin 0.84 and earlier does not properly clear the HTTP_AUTHORIZATION environment variable when the web server is restarted, which makes authentication information available to all CGI programs and allows local users to gain privileges.
05-09-2008 - 16:25 28-05-2001 - 00:00
CVE-2001-1034 7.2
Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for (1) faxrm or (2) faxalter.
05-09-2008 - 16:25 23-09-2001 - 00:00
CVE-2001-1030 7.5
Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when the httpd_accel_host and http_accel_with_proxy off settings are used, which allows attackers to bypass the ACLs and conduct unauthorized activities such
05-09-2008 - 16:25 18-07-2001 - 00:00
CVE-2001-0977 5.0
slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field.
05-09-2008 - 16:25 16-07-2001 - 00:00
CVE-2001-0925 5.0
The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1
05-09-2008 - 16:25 12-03-2001 - 00:00
CVE-2001-0912 7.2
Packaging error for expect 8.3.3 in Mandrake Linux 8.1 causes expect to search for its libraries in the /home/snailtalk directory before other directories, which could allow a local user to gain root privileges.
05-09-2008 - 16:25 30-11-2001 - 00:00
CVE-2001-0906 6.2
teTeX filter before 1.0.7 allows local users to gain privileges via a symlink attack on temporary files that are produced when printing .dvi files using lpr.
05-09-2008 - 16:25 22-06-2001 - 00:00
CVE-2001-0905 6.2
Race condition in signal handling of procmail 3.20 and earlier, when running setuid, allows local users to cause a denial of service or gain root privileges by sending a signal while a signal handling routine is already running.
05-09-2008 - 16:25 18-10-2001 - 00:00
CVE-2001-0774 4.6
Tripwire 1.3.1, 2.2.1 and 2.3.0 allows local users to overwrite arbitrary files and possible gain privileges via a symbolic link attack on temporary files.
05-09-2008 - 16:24 18-10-2001 - 00:00
CVE-2001-0731 5.0
Apache 1.3.20 with Multiviews enabled allows remote attackers to view directory contents and bypass the index page via a URL containing the "M=D" query string.
05-09-2008 - 16:24 01-10-2001 - 00:00
CVE-2001-0691 4.6
Buffer overflows in Washington University imapd 2000a through 2000c could allow local users without shell access to execute code as themselves in certain configurations.
05-09-2008 - 16:24 20-09-2001 - 00:00
CVE-2001-0554 10.0
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
05-09-2008 - 16:24 14-08-2001 - 00:00
CVE-2001-0496 4.6
kdesu in kdelibs package creates world readable temporary files containing authentication info, which can allow local users to gain privileges.
05-09-2008 - 16:24 27-06-2001 - 00:00
CVE-2001-0481 7.2
Vulnerability in rpmdrake in Mandrake Linux 8.0 related to insecure temporary file handling.
05-09-2008 - 16:24 27-06-2001 - 00:00
CVE-2001-0406 2.1
Samba before 2.2.0 allows local attackers to overwrite arbitrary files via a symlink attack using (1) a printer queue query, (2) the more command in smbclient, or (3) the mput command in smbclient.
05-09-2008 - 16:24 02-07-2001 - 00:00
CVE-2001-0405 7.5
ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote attackers to bypass access restrictions for an FTP server via a PORT command that lists an arbitrary IP address and port number, which is added to the RELATED table and allowed by
05-09-2008 - 16:24 02-07-2001 - 00:00
Back to Top Mark selected
Back to Top