Max CVSS 10.0 Min CVSS 1.2 Total Count678
IDCVSSSummaryLast (major) updatePublished
CVE-2003-0131 7.5
The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKC
19-02-2017 - 00:04 24-03-2003 - 00:00
CVE-2004-0005 7.5
Multiple buffer overflows in Gaim 0.75 allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) octal encoding in yahoo_decode that causes a null byte to be written beyond the buffer, (2) octal encoding in yahoo
19-12-2016 - 21:59 03-03-2004 - 00:00
CVE-2004-0409 7.5
Stack-based buffer overflow in the Socks-5 proxy code for XChat 1.8.0 to 2.0.8, with socks5 traversal enabled, allows remote attackers to execute arbitrary code.
07-12-2016 - 21:59 01-06-2004 - 00:00
CVE-2004-0159 7.5
Format string vulnerability in hsftp 1.11 allows remote authenticated users to cause a denial of service and possibly execute arbitrary code via file names containing format string characters that are not properly handled when executing an "ls" comma
07-12-2016 - 21:59 15-03-2004 - 00:00
CVE-2003-0899 7.5
Buffer overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 allows remote attackers to execute arbitrary code via requests that contain '<' or '>' characters, which trigger the overflow when the characters are expanded to "&lt;" and "&gt;" sequ
07-12-2016 - 21:59 03-11-2003 - 00:00
CVE-2003-0596 3.6
FDclone 2.00a, and other versions before 2.02a, creates temporary directories with predictable names and uses them if they already exist, which allows local users to read or modify files of other fdclone users by creating the directory ahead of time.
07-12-2016 - 21:59 27-08-2003 - 00:00
CVE-2003-0499 3.6
Mantis 0.17.5 and earlier stores its database password in cleartext in a world-readable configuration file, which allows local users to perform unauthorized database operations.
07-12-2016 - 21:59 07-08-2003 - 00:00
CVE-2002-1562 5.0
Directory traversal vulnerability in thttpd, when using virtual hosting, allows remote attackers to read arbitrary files via .. (dot dot) sequences in the Host: header.
07-12-2016 - 21:59 12-05-2003 - 00:00
CVE-2002-1344 5.0
Directory traversal vulnerability in wget before 1.8.2-4 allows a remote FTP server to create or overwrite files as the wget user via filenames containing (1) /absolute/path or (2) .. (dot dot) sequences.
07-12-2016 - 21:59 18-12-2002 - 00:00
CVE-2002-0871 2.1
xinetd 2.3.4 leaks file descriptors for the signal pipe to services that are launched by xinetd, which could allow those services to cause a denial of service via the pipe.
07-12-2016 - 21:59 05-09-2002 - 00:00
CVE-2002-0847 7.5
tinyproxy HTTP proxy 1.5.0, 1.4.3, and earlier allows remote attackers to execute arbitrary code via memory that is freed twice (double-free).
07-12-2016 - 21:59 12-08-2002 - 00:00
CVE-2002-0660 7.5
Buffer overflow in libpng 1.0.12-3.woody.2 and libpng3 1.2.1-1.1.woody.2 on Debian GNU/Linux 3.0, and other operating systems, may allow attackers to cause a denial of service and possibly execute arbitrary code, a different vulnerability than CVE-20
07-12-2016 - 21:59 12-08-2002 - 00:00
CVE-2001-1400 2.1
Unknown vulnerabilities in the UDP port allocation for Linux kernel before 2.2.19 could allow local users to cause a denial of service (deadlock).
07-12-2016 - 21:59 17-04-2001 - 00:00
CVE-2001-1399 2.1
Certain operations in Linux kernel before 2.2.19 on the x86 architecture copy the wrong number of bytes, which might allow attackers to modify memory, aka "User access asm bug on x86."
07-12-2016 - 21:59 17-04-2001 - 00:00
CVE-2001-1398 7.5
Masquerading code for Linux kernel before 2.2.19 does not fully check packet lengths in certain cases, which may lead to a vulnerability.
07-12-2016 - 21:59 17-04-2001 - 00:00
CVE-2001-1397 2.1
The System V (SYS5) shared memory implementation for Linux kernel before 2.2.19 could allow attackers to modify recently freed memory.
07-12-2016 - 21:59 17-04-2001 - 00:00
CVE-2001-1396 3.6
Unknown vulnerabilities in strnlen_user for Linux kernel before 2.2.19, with unknown impact.
07-12-2016 - 21:59 17-04-2001 - 00:00
CVE-2001-1395 3.6
Unknown vulnerability in sockfilter for Linux kernel before 2.2.19 related to "boundary cases," with unknown impact.
07-12-2016 - 21:59 17-04-2001 - 00:00
CVE-2001-1394 2.1
Signedness error in (1) getsockopt and (2) setsockopt for Linux kernel before 2.2.19 allows local users to cause a denial of service.
07-12-2016 - 21:59 17-04-2001 - 00:00
CVE-2001-1393 2.1
Unknown vulnerability in classifier code for Linux kernel before 2.2.19 could result in denial of service (hang).
07-12-2016 - 21:59 17-04-2001 - 00:00
CVE-2001-1392 2.1
The Linux kernel before 2.2.19 does not have unregister calls for (1) CPUID and (2) MSR drivers, which could cause a DoS (crash) by unloading and reloading the drivers.
07-12-2016 - 21:59 17-04-2001 - 00:00
CVE-2001-1391 2.1
Off-by-one vulnerability in CPIA driver of Linux kernel before 2.2.19 allows users to modify kernel memory.
07-12-2016 - 21:59 17-04-2001 - 00:00
CVE-2001-1390 6.2
Unknown vulnerability in binfmt_misc in the Linux kernel before 2.2.19, related to user pages.
07-12-2016 - 21:59 17-04-2001 - 00:00
CVE-2001-0430 3.6
Vulnerability in exuberant-ctags before 3.2.4-0.1 insecurely creates temporary files.
07-12-2016 - 21:59 02-07-2001 - 00:00
CVE-2001-0414 10.0
Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument.
07-12-2016 - 21:59 18-06-2001 - 00:00
CVE-2003-0001 5.0
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
06-12-2016 - 21:59 17-01-2003 - 00:00
CVE-2004-0109 4.6
Buffer overflow in the ISO9660 file system component for Linux kernel 2.4.x, 2.5.x and 2.6.x, allows local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry.
28-11-2016 - 14:06 01-06-2004 - 00:00
CVE-2004-0881 2.1
getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to write files in arbitrary directories via a symlink attack on subdirectories in the maildir.
17-10-2016 - 22:49 27-01-2005 - 00:00
CVE-2004-0880 1.2
getmail 4.x before 4.2.0, when run as root, allows local users to overwrite arbitrary files via a symlink attack on an mbox file.
17-10-2016 - 22:49 27-01-2005 - 00:00
CVE-2004-0792 6.4
Directory traversal vulnerability in the sanitize_path function in util.c for rsync 2.6.2 and earlier, when chroot is disabled, allows attackers to read or write certain files.
17-10-2016 - 22:49 20-10-2004 - 00:00
CVE-2004-0783 7.5
Stack-based buffer overflow in xpm_extract_color (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, may allow remote attackers to execute arbitrary code via a certain color string. NOTE: this identifie
17-10-2016 - 22:48 20-10-2004 - 00:00
CVE-2004-0782 7.5
Integer overflow in pixbuf_create_from_xpm (io-xpm.c) in the XPM image decoder for gtk+ 2.4.4 (gtk2) and earlier, and gdk-pixbuf before 0.22, allows remote attackers to execute arbitrary code via certain n_col and cpp values that enable a heap-based
17-10-2016 - 22:48 20-10-2004 - 00:00
CVE-2004-0772 7.5
Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code.
17-10-2016 - 22:48 20-10-2004 - 00:00
CVE-2004-0700 7.5
Format string vulnerability in the mod_proxy hook functions function in ssl_engine_log.c in mod_ssl before 2.8.19 for Apache before 1.3.31 may allow remote attackers to execute arbitrary messages via format string specifiers in certain log messages f
17-10-2016 - 22:48 27-07-2004 - 00:00
CVE-2004-0692 5.0
The XPM parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0693.
17-10-2016 - 22:47 28-09-2004 - 00:00
CVE-2004-0691 7.5
Heap-based buffer overflow in the BMP image format parser for the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code.
17-10-2016 - 22:47 28-09-2004 - 00:00
CVE-2004-0689 4.6
KDE before 3.3.0 does not properly handle when certain symbolic links point to "stale" locations, which could allow local users to create or truncate arbitrary files.
17-10-2016 - 22:47 28-09-2004 - 00:00
CVE-2004-0649 10.0
Buffer overflow in write_packet in control.c for l2tpd may allow remote attackers to execute arbitrary code.
17-10-2016 - 22:47 06-08-2004 - 00:00
CVE-2004-0644 5.0
The asn1buf_skiptail function in the ASN.1 decoder library for MIT Kerberos 5 (krb5) 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service (infinite loop) via a certain BER encoding.
17-10-2016 - 22:47 28-09-2004 - 00:00
CVE-2004-0643 4.6
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.
17-10-2016 - 22:47 28-09-2004 - 00:00
CVE-2004-0642 7.5
Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code.
17-10-2016 - 22:47 28-09-2004 - 00:00
CVE-2004-0639 6.8
Multiple cross-site scripting (XSS) vulnerabilities in Squirrelmail 1.2.10 and earlier allow remote attackers to inject arbitrary HTML or script via (1) the $mailer variable in read_body.php, (2) the $senderNames_part variable in mailbox_display.php,
17-10-2016 - 22:47 06-08-2004 - 00:00
CVE-2004-0599 5.0
Multiple integer overflows in the (1) png_read_png in pngread.c or (2) png_handle_sPLT functions in pngrutil.c or (3) progressive display image reading capability in libpng 1.2.5 and earlier allow remote attackers to cause a denial of service (applic
17-10-2016 - 22:46 23-11-2004 - 00:00
CVE-2004-0598 5.0
The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote attackers to cause a denial of service (application crash) via a certain PNG image that triggers a null dereference.
17-10-2016 - 22:46 23-11-2004 - 00:00
CVE-2004-0597 10.0
Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transpar
17-10-2016 - 22:46 23-11-2004 - 00:00
CVE-2004-0595 6.8
The strip_tags function in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, does not filter null (\0) characters within tag names when restricting input to allowed tags, which allows dangerous tags to be processed by web browsers such as Internet Explore
17-10-2016 - 22:46 27-07-2004 - 00:00
CVE-2004-0594 5.1
The memory_limit functionality in PHP 4.x up to 4.3.7, and 5.x up to 5.0.0RC3, under certain conditions such as when register_globals is enabled, allows remote attackers to execute arbitrary code by triggering a memory_limit abort during execution of
17-10-2016 - 22:46 27-07-2004 - 00:00
CVE-2004-0591 6.8
Cross-site scripting (XSS) vulnerability in the print_header_uc function for SqWebMail 4.0.4 and earlier, and possibly 3.x, allows remote attackers to inject arbitrary web script or HRML via (1) e-mail headers or (2) a message with a "message/deliver
17-10-2016 - 22:46 06-08-2004 - 00:00
CVE-2004-0583 5.0
The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote attackers to conduct a brute force attack to guess user IDs and passwords.
17-10-2016 - 22:46 06-08-2004 - 00:00
CVE-2004-0582 5.0
Unknown vulnerability in Webmin 1.140 allows remote attackers to bypass access control rules and gain read access to configuration information for a module.
17-10-2016 - 22:46 06-08-2004 - 00:00
CVE-2004-0558 5.0
The Internet Printing Protocol (IPP) implementation in CUPS before 1.1.21 allows remote attackers to cause a denial of service (service hang) via a certain UDP packet to the IPP port.
17-10-2016 - 22:46 28-09-2004 - 00:00
CVE-2004-0523 10.0
Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.
17-10-2016 - 22:45 18-08-2004 - 00:00
CVE-2004-0521 10.0
SQL injection vulnerability in SquirrelMail before 1.4.3 RC1 allows remote attackers to execute unauthorized SQL statements, with unknown impact, probably via abook_database.php.
17-10-2016 - 22:45 18-08-2004 - 00:00
CVE-2004-0520 6.8
Cross-site scripting (XSS) vulnerability in mime.php for SquirrelMail before 1.4.3 allows remote attackers to insert arbitrary HTML and script via the content-type mail header, as demonstrated using read_body.php.
17-10-2016 - 22:45 18-08-2004 - 00:00
CVE-2004-0519 6.8
Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in
17-10-2016 - 22:45 18-08-2004 - 00:00
CVE-2004-0492 10.0
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes
17-10-2016 - 22:45 06-08-2004 - 00:00
CVE-2004-0488 7.5
Stack-based buffer overflow in the ssl_util_uuencode_binary function in ssl_util.c for Apache mod_ssl, when mod_ssl is configured to trust the issuing CA, may allow remote attackers to execute arbitrary code via a client certificate with a long subje
17-10-2016 - 22:45 07-07-2004 - 00:00
CVE-2004-0434 10.0
k5admind (kadmind) for Heimdal allows remote attackers to execute arbitrary code via a Kerberos 4 compatibility administration request whose framing length is less than 2, which leads to a heap-based buffer overflow.
17-10-2016 - 22:45 07-07-2004 - 00:00
CVE-2004-0426 5.0
rsync before 2.6.1 does not properly sanitize paths when running a read/write daemon without using chroot, which allows remote attackers to write files outside of the module's path.
17-10-2016 - 22:45 07-07-2004 - 00:00
CVE-2004-0421 5.0
The Portable Network Graphics library (libpng) 1.0.15 and earlier allows attackers to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.
17-10-2016 - 22:45 18-08-2004 - 00:00
CVE-2004-0418 10.0
serve_notify in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle empty data lines, which may allow remote attackers to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify critical prog
17-10-2016 - 22:45 06-08-2004 - 00:00
CVE-2004-0417 5.0
Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to cause a server crash, which could cause temporary data to remain undeleted and consu
17-10-2016 - 22:45 06-08-2004 - 00:00
CVE-2004-0416 10.0
Double free vulnerability for the error_prog_name string in CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, may allow remote attackers to execute arbitrary code.
17-10-2016 - 22:45 06-08-2004 - 00:00
CVE-2004-0414 10.0
CVS 1.12.x through 1.12.8, and 1.11.x through 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbitrary
17-10-2016 - 22:45 06-08-2004 - 00:00
CVE-2004-0411 7.5
The URI handlers in Konqueror for KDE 3.2.2 and earlier do not properly filter "-" characters that begin a hostname in a (1) telnet, (2) rlogin, (3) ssh, or (4) mailto URI, which allows remote attackers to manipulate the options that are passed to th
17-10-2016 - 22:45 07-07-2004 - 00:00
CVE-2004-0405 5.0
CVS before 1.11 allows CVS clients to read arbitrary files via .. (dot dot) sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180.
17-10-2016 - 22:45 01-06-2004 - 00:00
CVE-2004-0398 7.5
Heap-based buffer overflow in the ne_rfc1036_parse date parsing function for the neon library (libneon) 0.24.5 and earlier, as used by cadaver before 0.22, allows remote WebDAV servers to execute arbitrary code on the client.
17-10-2016 - 22:45 07-07-2004 - 00:00
CVE-2004-0396 7.5
Heap-based buffer overflow in CVS 1.11.x up to 1.11.15, and 1.12.x up to 1.12.7, when using the pserver mechanism allows remote attackers to execute arbitrary code via Entry lines.
17-10-2016 - 22:44 14-06-2004 - 00:00
CVE-2004-0393 10.0
Format string vulnerability in the msg function for rlpr daemon (rlprd) 2.0.4 allows remote attackers to execute arbitrary code via format string specifiers in a buffer that can not be resolved, which is provided to the syslog function.
17-10-2016 - 22:44 06-12-2004 - 00:00
CVE-2004-0388 2.1
The mysqld_multi script in MySQL allows local users to overwrite arbitrary files via a symlink attack.
17-10-2016 - 22:44 01-06-2004 - 00:00
CVE-2004-0381 2.1
mysqlbug in MySQL allows local users to overwrite arbitrary files via a symlink attack on the failed-mysql-bugreport temporary file.
17-10-2016 - 22:44 04-05-2004 - 00:00
CVE-2004-0372 2.1
xine allows local users to overwrite arbitrary files via a symlink attack on a bug report email that is generated by the (1) xine-bugreport or (2) xine-check scripts.
17-10-2016 - 22:44 15-04-2004 - 00:00
CVE-2004-0235 6.4
Multiple directory traversal vulnerabilities in LHA 1.14 allow remote attackers or local users to create arbitrary files via an LHA archive containing filenames with (1) .. sequences or (2) absolute pathnames with double leading slashes ("//absolute/
17-10-2016 - 22:42 18-08-2004 - 00:00
CVE-2004-0234 10.0
Multiple stack-based buffer overflows in the get_header function in header.c for LHA 1.14, as used in products such as Barracuda Spam Firewall, allow remote attackers or local users to execute arbitrary code via long directory or file names in an LHA
17-10-2016 - 22:42 18-08-2004 - 00:00
CVE-2004-0189 7.5
The "%xx" URL decoding function in Squid 2.5STABLE4 and earlier allows remote attackers to bypass url_regex ACLs via a URL with a NULL ("%00") character, which causes Squid to use only a portion of the requested URL when comparing it against the acce
17-10-2016 - 22:41 15-03-2004 - 00:00
CVE-2004-0188 7.2
Heap-based buffer overflow in Calife 2.8.5 and earlier may allow local users to execute arbitrary code via a long password.
17-10-2016 - 22:41 15-03-2004 - 00:00
CVE-2004-0186 7.2
smbmnt in Samba 2.x and 3.x on Linux 2.6, when installed setuid, allows local users to gain root privileges by mounting a Samba share that contains a setuid root program, whose setuid attributes are not cleared when the share is mounted.
17-10-2016 - 22:41 15-03-2004 - 00:00
CVE-2004-0184 5.0
Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversio
17-10-2016 - 22:41 04-05-2004 - 00:00
CVE-2004-0183 5.0
TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via ISAKMP packets containing a Delete payload with a large number of SPI's, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Tes
17-10-2016 - 22:41 04-05-2004 - 00:00
CVE-2004-0180 2.6
The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405.
17-10-2016 - 22:41 01-06-2004 - 00:00
CVE-2004-0179 5.1
Multiple format string vulnerabilities in (1) neon 0.24.4 and earlier, and other products that use neon including (2) Cadaver, (3) Subversion, and (4) OpenOffice, allow remote malicious WebDAV servers to execute arbitrary code.
17-10-2016 - 22:41 01-06-2004 - 00:00
CVE-2004-0177 5.0
The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, which causes an information leak in which in-memory data is written to the device for the ext3 file system, which allows privileged users to obtain por
17-10-2016 - 22:41 01-06-2004 - 00:00
CVE-2004-0176 5.0
Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) NetFlow, (2) IGAP, (3) EIGRP, (4) PGM, (5) IrDA, (6) BGP, (7) ISUP, or (8) TCAP dissectors.
17-10-2016 - 22:41 04-05-2004 - 00:00
CVE-2004-0158 4.6
Buffer overflow in lbreakout2 allows local users to gain 'games' group privileges via a large HOME environment variable to (1) editor.c, (2) theme.c, (3) manager.c, (4) config.c, (5) game.c, (6) levels.c, or (7) main.c.
17-10-2016 - 22:41 29-03-2004 - 00:00
CVE-2004-0156 5.0
Format string vulnerabilities in the (1) die or (2) log_event functions for ssmtp before 2.50.6 allow remote mail relays to cause a denial of service and possibly execute arbitrary code.
17-10-2016 - 22:41 01-06-2004 - 00:00
CVE-2004-0153 7.5
Multiple format string vulnerabilities in emil 2.1.0 and earlier may allow remote attackers to execute arbitrary code by triggering certain error messages.
17-10-2016 - 22:41 15-04-2004 - 00:00
CVE-2004-0152 7.5
Multiple stack-based buffer overflows in (1) the encode_mime function, (2) the encode_uuencode function, (3) or the decode_uuencode function for emil 2.1.0 and earlier allow remote attackers to execute arbitrary code via e-mail messages containing at
17-10-2016 - 22:41 15-04-2004 - 00:00
CVE-2004-0148 7.2
wu-ftpd 2.6.2 and earlier, with the restricted-gid option enabled, allows local users to bypass access restrictions by changing the permissions to prevent access to their home directory, which causes wu-ftpd to use the root directory instead.
17-10-2016 - 22:41 15-04-2004 - 00:00
CVE-2004-0110 7.5
Buffer overflow in the (1) nanohttp or (2) nanoftp modules in XMLSoft Libxml 2 (Libxml2) 2.6.0 through 2.6.5 allow remote attackers to execute arbitrary code via a long URL.
17-10-2016 - 22:40 15-03-2004 - 00:00
CVE-2004-0106 7.2
Multiple unknown vulnerabilities in XFree86 4.1.0 to 4.3.0, related to improper handling of font files, a different set of vulnerabilities than CVE-2004-0083 and CVE-2004-0084.
17-10-2016 - 22:40 03-03-2004 - 00:00
CVE-2004-0105 7.5
Multiple buffer overflows in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
17-10-2016 - 22:40 03-03-2004 - 00:00
CVE-2004-0104 7.5
Multiple format string vulnerabilities in Metamail 2.7 and earlier allow remote attackers to execute arbitrary code.
17-10-2016 - 22:40 03-03-2004 - 00:00
CVE-2004-0084 10.0
Buffer overflow in the ReadFontAlias function in XFree86 4.1.0 to 4.3.0, when using the CopyISOLatin1Lowered function, allows local or remote authenticated users to execute arbitrary code via a malformed entry in the font alias (font.alias) file, a d
17-10-2016 - 22:40 03-03-2004 - 00:00
CVE-2004-0083 10.0
Buffer overflow in ReadFontAlias from dirfile.c of XFree86 4.1.0 through 4.3.0 allows local users and remote attackers to execute arbitrary code via a font alias file (font.alias) with a long token, a different vulnerability than CVE-2004-0084 and CV
17-10-2016 - 22:40 03-03-2004 - 00:00
CVE-2004-0081 5.0
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool.
17-10-2016 - 22:40 23-11-2004 - 00:00
CVE-2004-0079 5.0
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
17-10-2016 - 22:40 23-11-2004 - 00:00
CVE-2004-0077 7.2
The do_mremap function for the mremap system call in Linux 2.2 to 2.2.25, 2.4 to 2.4.24, and 2.6 to 2.6.2, does not properly check the return value from the do_munmap function when the maximum number of VMA descriptors is exceeded, which allows local
17-10-2016 - 22:40 03-03-2004 - 00:00
CVE-2004-0074 4.6
Multiple buffer overflows in xsok 1.02 allows local users to gain privileges via (1) a long LANG environment variable, or (2) a long -xsokdir command line argument, a different vulnerability than CVE-2003-0949.
17-10-2016 - 22:40 17-02-2004 - 00:00
CVE-2004-0057 5.0
The rawprint function in the ISAKMP decoding routines (print-isakmp.c) for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via malformed ISAKMP packets that cause invalid "len" or "loc" values to be
17-10-2016 - 22:40 17-02-2004 - 00:00
CVE-2004-0055 5.0
The print_attr_string function in print-radius.c for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a RADIUS attribute with a large length value.
17-10-2016 - 22:40 17-02-2004 - 00:00
CVE-2004-0008 7.5
Integer overflow in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a directIM packet that triggers a heap-based buffer overflow.
17-10-2016 - 22:39 03-03-2004 - 00:00
CVE-2004-0007 7.5
Buffer overflow in the Extract Info Field Function for (1) MSN and (2) YMSG protocol handlers in Gaim 0.74 and earlier, and Ultramagnetic before 0.81, allows remote attackers to cause a denial of service and possibly execute arbitrary code.
17-10-2016 - 22:39 03-03-2004 - 00:00
CVE-2004-0006 7.5
Multiple buffer overflows in Gaim 0.75 and earlier, and Ultramagnetic before 0.81, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) cookies in a Yahoo web connection, (2) a long name parameter in the Yah
17-10-2016 - 22:39 03-03-2004 - 00:00
CVE-2003-1029 5.0
The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a packet with invalid data to UDP port 1701, which causes l2tp_avp_print to use a bad length value w
17-10-2016 - 22:39 17-02-2004 - 00:00
CVE-2003-1023 7.5
Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion.
17-10-2016 - 22:39 20-01-2004 - 00:00
CVE-2003-0989 7.5
tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057.
17-10-2016 - 22:38 17-02-2004 - 00:00
CVE-2003-0985 7.2
The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing
17-10-2016 - 22:38 20-01-2004 - 00:00
CVE-2003-0972 10.0
Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" (semicolon) characters in escape sequences, which leads to a buffer overflow.
17-10-2016 - 22:38 15-12-2003 - 00:00
CVE-2003-0971 5.0
GnuPG (GPG) 1.0.2, and other versions up to 1.2.3, creates ElGamal type 20 (sign+encrypt) keys using the same key component for encryption as for signing, which allows attackers to determine the private key from a signature.
17-10-2016 - 22:38 15-12-2003 - 00:00
CVE-2003-0963 7.5
Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands.
17-10-2016 - 22:38 05-01-2004 - 00:00
CVE-2003-0962 7.5
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.
17-10-2016 - 22:38 15-12-2003 - 00:00
CVE-2003-0961 7.2
Integer overflow in the do_brk function for the brk system call in Linux kernel 2.4.22 and earlier allows local users to gain root privileges.
17-10-2016 - 22:38 15-12-2003 - 00:00
CVE-2003-0886 10.0
Format string vulnerability in hfaxd for Hylafax 4.1.7 and earlier allows remote attackers to execute arbitrary code.
17-10-2016 - 22:38 01-12-2003 - 00:00
CVE-2003-0865 7.5
Heap-based buffer overflow in readstring of httpget.c for mpg123 0.59r and 0.59s allows remote attackers to execute arbitrary code via a long request.
17-10-2016 - 22:38 17-11-2003 - 00:00
CVE-2003-0850 7.5
The TCP reassembly functionality in libnids before 1.18 allows remote attackers to cause "memory corruption" and possibly execute arbitrary code via "overlarge TCP packets."
17-10-2016 - 22:38 17-11-2003 - 00:00
CVE-2003-0848 4.6
Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative "pathlen" value to be used.
17-10-2016 - 22:37 17-11-2003 - 00:00
CVE-2003-0805 7.5
Multiple buffer overflows in UMN gopher daemon (gopherd) 2.x and 3.x before 3.0.6 allows attackers to execute arbitrary code via (1) a long filename as a result of a LIST command, and (2) the GSisText function, which calculates the view-type.
17-10-2016 - 22:37 06-10-2003 - 00:00
CVE-2003-0795 5.0
The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command
17-10-2016 - 22:37 15-12-2003 - 00:00
CVE-2003-0783 7.2
Multiple buffer overflows in hztty 2.0 allow local users to gain root privileges.
17-10-2016 - 22:37 06-10-2003 - 00:00
CVE-2003-0780 9.0
Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field.
17-10-2016 - 22:37 22-09-2003 - 00:00
CVE-2003-0743 7.5
Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL c
17-10-2016 - 22:37 20-10-2003 - 00:00
CVE-2003-0730 7.5
Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks.
17-10-2016 - 22:36 20-10-2003 - 00:00
CVE-2003-0695 7.5
Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using (1) buffer_init in buffer.c, (2) buffer_free in buffer.c, or (3) a separate function in channels.c, a differe
17-10-2016 - 22:36 06-10-2003 - 00:00
CVE-2003-0694 10.0
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
17-10-2016 - 22:36 06-10-2003 - 00:00
CVE-2003-0693 10.0
A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CV
17-10-2016 - 22:36 22-09-2003 - 00:00
CVE-2003-0692 7.5
KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session.
17-10-2016 - 22:36 06-10-2003 - 00:00
CVE-2003-0690 10.0
KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam
17-10-2016 - 22:36 06-10-2003 - 00:00
CVE-2003-0686 7.5
Buffer overflow in PAM SMB module (pam_smb) 1.1.6 and earlier, when authenticating to a remote service, allows remote attackers to execute arbitrary code.
17-10-2016 - 22:36 20-10-2003 - 00:00
CVE-2003-0685 7.5
Buffer overflow in Netris 0.52 and earlier, and possibly other versions, allows remote malicious Netris servers to execute arbitrary code on netris clients via a long server response.
17-10-2016 - 22:36 27-08-2003 - 00:00
CVE-2003-0682 7.5
"Memory bugs" in OpenSSH 3.7.1 and earlier, with unknown impact, a different set of vulnerabilities than CVE-2003-0693 and CVE-2003-0695.
17-10-2016 - 22:36 06-10-2003 - 00:00
CVE-2003-0681 7.5
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
17-10-2016 - 22:36 06-10-2003 - 00:00
CVE-2003-0656 2.1
eroaster before 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file that is used as a lockfile.
17-10-2016 - 22:36 27-08-2003 - 00:00
CVE-2003-0652 4.6
Buffer overflow in xtokkaetama allows local users to gain privileges via a long -nickname command line argument, a different vulnerability than CVE-2003-0611.
17-10-2016 - 22:36 27-08-2003 - 00:00
CVE-2003-0645 4.6
man-db 2.3.12 and 2.3.18 to 2.4.1 uses certain user-controlled DEFINE directives from the ~/.manpath file, even when running setuid, which could allow local users to gain privileges.
17-10-2016 - 22:36 27-08-2003 - 00:00
CVE-2003-0630 7.2
Multiple buffer overflows in the atari800.svgalib setuid program of the Atari 800 emulator (atari800) before 1.2.2 allow local users to gain privileges via long command line arguments, as demonstrated with the -osa_rom argument.
17-10-2016 - 22:36 20-10-2003 - 00:00
CVE-2003-0625 6.4
Off-by-one error in certain versions of xfstt allows remote attackers to read potentially sensitive memory via a malformed client request in the connection handshake, which leaks the memory in the server's response.
17-10-2016 - 22:36 27-08-2003 - 00:00
CVE-2003-0620 4.6
Multiple buffer overflows in man-db 2.4.1 and earlier, when installed setuid, allow local users to gain privileges via (1) MANDATORY_MANPATH, MANPATH_MAP, and MANDB_MAP arguments to add_to_dirlist in manp.c, (2) a long pathname to ult_src in ult_src.
17-10-2016 - 22:35 27-08-2003 - 00:00
CVE-2003-0619 5.0
Integer signedness error in the decode_fh function of nfs3xdr.c in Linux kernel before 2.4.21 allows remote attackers to cause a denial of service (kernel panic) via a negative size value within XDR data of an NFSv3 procedure call.
17-10-2016 - 22:35 27-08-2003 - 00:00
CVE-2003-0617 4.6
mindi 0.58 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.
17-10-2016 - 22:35 27-08-2003 - 00:00
CVE-2003-0615 4.3
Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter.
17-10-2016 - 22:35 27-08-2003 - 00:00
CVE-2003-0614 4.3
Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1 through 1.3.4 allows remote attackers to insert arbitrary web script via the searchstring parameter.
17-10-2016 - 22:35 27-08-2003 - 00:00
CVE-2003-0581 7.5
X Fontserver for Truetype fonts (xfstt) 1.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a (1) FS_QueryXExtents8 or (2) FS_QueryXBitmaps8 packet, and possibly other types of packets, with a large num_ra
17-10-2016 - 22:35 18-08-2003 - 00:00
CVE-2003-0540 5.0
The address parser code in Postfix 1.1.12 and earlier allows remote attackers to cause a denial of service (lock) via (1) a malformed envelope address to a local host that would generate a bounce and contains the ".!" string in the MAIL FROM or Error
17-10-2016 - 22:35 27-08-2003 - 00:00
CVE-2003-0536 3.6
Directory traversal vulnerability in phpSysInfo 2.1 and earlier allows attackers with write access to a local directory to read arbitrary files as the PHP user or cause a denial of service via .. (dot dot) sequences in the (1) template or (2) lng par
17-10-2016 - 22:35 18-08-2003 - 00:00
CVE-2003-0504 4.3
Multiple cross-site scripting (XSS) vulnerabilities in Phpgroupware 0.9.14.003 (aka webdistro) allow remote attackers to insert arbitrary HTML or web script, as demonstrated with a request to index.php in the addressbook module.
17-10-2016 - 22:34 07-08-2003 - 00:00
CVE-2003-0501 2.1
The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries.
17-10-2016 - 22:34 07-08-2003 - 00:00
CVE-2003-0476 2.1
The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, which allows local users to gain read access to restricted file descriptors.
17-10-2016 - 22:34 07-08-2003 - 00:00
CVE-2003-0468 5.0
Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes
17-10-2016 - 22:34 27-08-2003 - 00:00
CVE-2003-0466 10.0
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to tr
17-10-2016 - 22:34 27-08-2003 - 00:00
CVE-2003-0459 5.0
KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites.
17-10-2016 - 22:34 27-08-2003 - 00:00
CVE-2003-0455 4.6
The imagemagick libmagick library 5.5 and earlier creates temporary files insecurely, which allows local users to create or overwrite arbitrary files.
17-10-2016 - 22:34 07-08-2003 - 00:00
CVE-2003-0453 10.0
traceroute-nanog 6.1.1 allows local users to overwrite unauthorized memory and possibly execute arbitrary code via certain "nprobes" and "max_ttl" arguments that cause an integer overflow that is used when allocating memory, which leads to a buffer o
17-10-2016 - 22:34 07-08-2003 - 00:00
CVE-2003-0442 4.3
Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP before 4.3.2 (session.use_trans_sid) allows remote attackers to insert arbitrary script via the PHPSESSID parameter.
17-10-2016 - 22:33 24-07-2003 - 00:00
CVE-2003-0435 7.5
Buffer overflow in net_swapscore for typespeed 0.4.1 and earlier allows remote attackers to execute arbitrary code.
17-10-2016 - 22:33 24-07-2003 - 00:00
CVE-2003-0385 7.2
Buffer overflow in xaos 3.0-23 and earlier, when running setuid, allows local users to gain root privileges via a long -language option.
17-10-2016 - 22:33 02-07-2003 - 00:00
CVE-2003-0382 4.6
Buffer overflow in Eterm 0.9.2 allows local users to gain privileges via a long ETERMPATH environment variable.
17-10-2016 - 22:33 02-07-2003 - 00:00
CVE-2003-0324 7.5
Buffer overflows in EPIC IRC Client (EPIC4) 1.0.1 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via long replies that are not properly handled by the (1) userhost_cmd_returned function, o
17-10-2016 - 22:32 09-06-2003 - 00:00
CVE-2003-0323 7.5
Multiple buffer overflows in ircII 20020912 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via responses that are not properly fed to the my_strcat function by (1) ctcp_buffer, (2) cannot_
17-10-2016 - 22:32 09-06-2003 - 00:00
CVE-2003-0321 7.5
Multiple buffer overflows in BitchX IRC client 1.0-0c19 and earlier allow remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via long hostnames, nicknames, or channel names, which are not properly ha
17-10-2016 - 22:32 09-06-2003 - 00:00
CVE-2003-0299 7.5
The IMAP Client, as used in mutt 1.4.1 and Balsa 2.0.10, allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large mailbox size values that cause either integer signedness errors or intege
17-10-2016 - 22:32 16-06-2003 - 00:00
CVE-2003-0282 2.6
Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence.
17-10-2016 - 22:31 16-06-2003 - 00:00
CVE-2003-0252 10.0
Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain ne
17-10-2016 - 22:31 18-08-2003 - 00:00
CVE-2003-0246 3.6
The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.
17-10-2016 - 22:31 16-06-2003 - 00:00
CVE-2003-0244 5.0
The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions.
17-10-2016 - 22:31 27-05-2003 - 00:00
CVE-2003-0213 7.5
ctrlpacket.c in PoPToP PPTP server before 1.1.4-b3 allows remote attackers to cause a denial of service via a length field of 0 or 1, which causes a negative value to be fed into a read operation, leading to a buffer overflow.
17-10-2016 - 22:30 12-05-2003 - 00:00
CVE-2003-0212 7.5
handleAccept in rinetd before 0.62 does not properly resize the connection list when it becomes full and sets an array index incorrectly, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large numbe
17-10-2016 - 22:30 12-05-2003 - 00:00
CVE-2003-0209 10.0
Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.
17-10-2016 - 22:30 05-05-2003 - 00:00
CVE-2003-0206 5.0
gkrellm-newsticker gkrellm plugin before 0.3-3.1 allows remote attackers to cause a denial of service (crash) via (1) link or (2) title elements that contain multiple lines.
17-10-2016 - 22:30 12-05-2003 - 00:00
CVE-2003-0205 7.5
gkrellm-newsticker gkrellm plugin before 0.3-3.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the ticker title of a URI.
17-10-2016 - 22:30 12-05-2003 - 00:00
CVE-2003-0204 7.5
KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer.
17-10-2016 - 22:30 05-05-2003 - 00:00
CVE-2003-0203 7.5
Buffer overflow in moxftp 2.2 and earlier allows remote malicious FTP servers to execute arbitrary code via a long FTP banner.
17-10-2016 - 22:30 11-04-2003 - 00:00
CVE-2003-0201 10.0
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
17-10-2016 - 22:30 05-05-2003 - 00:00
CVE-2003-0196 10.0
Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.
17-10-2016 - 22:30 05-05-2003 - 00:00
CVE-2003-0195 5.0
CUPS before 1.1.19 allows remote attackers to cause a denial of service via a partial printing request to the IPP port (631), which does not time out.
17-10-2016 - 22:30 16-06-2003 - 00:00
CVE-2003-0162 7.5
Ecartis 1.0.0 (formerly listar) before snapshot 20030227 allows remote attackers to reset passwords of other users and gain privileges by modifying hidden form fields in the HTML page.
17-10-2016 - 22:30 02-04-2003 - 00:00
CVE-2003-0161 10.0
The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a s
17-10-2016 - 22:30 02-04-2003 - 00:00
CVE-2003-0156 5.0
Directory traversal vulnerability in Cross-Referencing Linux (LXR) allows remote attackers to read arbitrary files via .. (dot dot) sequences in the v parameter.
17-10-2016 - 22:30 24-03-2003 - 00:00
CVE-2003-0154 6.8
Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query tool allow remote attackers to execute arbitrary web script via (1) the file, root, or rev parameters to cvslog.cgi, (2) the file or root parameters to cvsblame.cgi, (3) various p
17-10-2016 - 22:30 02-04-2003 - 00:00
CVE-2003-0153 5.0
bonsai Mozilla CVS query tool leaks the absolute pathname of the tool in certain error messages generated by (1) cvslog.cgi, (2) cvsview2.cgi, or (3) multidiff.cgi.
17-10-2016 - 22:30 02-04-2003 - 00:00
CVE-2003-0150 9.0
MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by mod
17-10-2016 - 22:30 24-03-2003 - 00:00
CVE-2003-0147 5.0
OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the us
17-10-2016 - 22:30 31-03-2003 - 00:00
CVE-2003-0146 7.5
Multiple vulnerabilities in NetPBM 9.20 and earlier, and possibly other versions, may allow remote attackers to cause a denial of service or execute arbitrary code via "maths overflow errors" such as (1) integer signedness errors or (2) integer overf
17-10-2016 - 22:30 31-03-2003 - 00:00
CVE-2003-0144 7.2
Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via long command line arguments such as (1) request ID or
17-10-2016 - 22:30 31-03-2003 - 00:00
CVE-2003-0143 10.0
The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which could allow authenticated users to execute arbitrary code via a buffer overflow in a mdef command with a long macro name.
17-10-2016 - 22:30 18-03-2003 - 00:00
CVE-2003-0140 7.5
Buffer overflow in Mutt 1.4.0 and possibly earlier versions, 1.5.x up to 1.5.3, and other programs that use Mutt code such as Balsa before 2.0.10, allows a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitra
17-10-2016 - 22:30 24-03-2003 - 00:00
CVE-2003-0139 7.5
Certain weaknesses in the implementation of version 4 of the Kerberos protocol (krb4) in the krb5 distribution, when triple-DES keys are used to key krb4 services, allow an attacker to create krb4 tickets for unauthorized principals using a cut-and-p
17-10-2016 - 22:30 24-03-2003 - 00:00
CVE-2003-0138 7.5
Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a chosen-plaintext attack.
17-10-2016 - 22:29 24-03-2003 - 00:00
CVE-2003-0127 7.2
The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel.
17-10-2016 - 22:29 31-03-2003 - 00:00
CVE-2003-0108 5.0
isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to UDP port 500, which causes tcpdump to enter an infinite loop.
17-10-2016 - 22:29 07-03-2003 - 00:00
CVE-2003-0102 4.6
Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).
17-10-2016 - 22:29 18-03-2003 - 00:00
CVE-2003-0101 10.0
miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 does not properly handle metacharacters such as line feeds and carriage returns (CRLF) in Base-64 encoded strings during Basic authentication, which allows remote attackers to spoof
17-10-2016 - 22:29 03-03-2003 - 00:00
CVE-2003-0086 1.2
The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown.
17-10-2016 - 22:29 31-03-2003 - 00:00
CVE-2003-0085 10.0
Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code.
17-10-2016 - 22:29 31-03-2003 - 00:00
CVE-2003-0079 2.1
The DEC UDK processing feature in the hanterm (hanterm-xf) terminal emulator before 2.0.5 allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop.
17-10-2016 - 22:29 03-03-2003 - 00:00
CVE-2003-0078 5.0
ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cry
17-10-2016 - 22:29 03-03-2003 - 00:00
CVE-2003-0073 5.0
Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers with MySQL access to cause a denial of service (crash) via mysql_change_user.
17-10-2016 - 22:29 19-02-2003 - 00:00
CVE-2003-0071 2.1
The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop.
17-10-2016 - 22:29 03-03-2003 - 00:00
CVE-2003-0068 7.5
The Eterm terminal emulator 0.9.1 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malic
17-10-2016 - 22:29 03-03-2003 - 00:00
CVE-2003-0063 7.5
The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containin
17-10-2016 - 22:28 03-03-2003 - 00:00
CVE-2003-0057 7.5
Multiple buffer overflows in Hypermail 2 before 2.1.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code (1) via a long attachment filename that is not properly handled by the hypermail executable, or (2) by conn
17-10-2016 - 22:28 19-02-2003 - 00:00
CVE-2003-0056 7.2
Buffer overflow in secure locate (slocate) before 2.7 allows local users to execute arbitrary code via a long (1) -c or (2) -r command line argument.
17-10-2016 - 22:28 19-02-2003 - 00:00
CVE-2003-0042 5.0
Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.
17-10-2016 - 22:28 07-02-2003 - 00:00
CVE-2003-0039 5.0
ISC dhcrelay (dhcp-relay) 3.0rc9 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (packet storm) via a certain BOOTP packet that is forwarded to a broadcast MAC address, causing an infinite loop that is n
17-10-2016 - 22:28 07-02-2003 - 00:00
CVE-2003-0038 4.3
Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 allows remote attackers to inject script or HTML into web pages via the (1) email or (2) language parameters.
17-10-2016 - 22:28 07-02-2003 - 00:00
CVE-2003-0033 10.0
Buffer overflow in the RPC preprocessor for Snort 1.8 and 1.9.x before 1.9.1 allows remote attackers to execute arbitrary code via fragmented RPC packets.
17-10-2016 - 22:28 07-03-2003 - 00:00
CVE-2003-0032 5.0
Memory leak in libmcrypt before 2.5.5 allows attackers to cause a denial of service (memory exhaustion) via a large number of requests to the application, which causes libmcrypt to dynamically load algorithms via libtool.
17-10-2016 - 22:28 17-01-2003 - 00:00
CVE-2003-0031 7.5
Multiple buffer overflows in libmcrypt before 2.5.5 allow attackers to cause a denial of service (crash).
17-10-2016 - 22:28 17-01-2003 - 00:00
CVE-2003-0028 7.5
Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via
17-10-2016 - 22:28 25-03-2003 - 00:00
CVE-2003-0025 7.5
Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using ma
17-10-2016 - 22:28 17-01-2003 - 00:00
CVE-2003-0015 7.5
Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Check
17-10-2016 - 22:28 07-02-2003 - 00:00
CVE-2003-0013 7.5
The default .htaccess scripts for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 do not include filenames for backup copies of the localconfig file that are made from editors such as vi and Emacs, which could allow remo
17-10-2016 - 22:28 17-01-2003 - 00:00
CVE-2003-0012 2.1
The data collection script for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 sets world-writable permissions for the data/mining directory when it runs, which allows local users to modify or delete the data.
17-10-2016 - 22:28 17-01-2003 - 00:00
CVE-2002-2260 4.3
Cross-site scripting (XSS) vulnerability in the quips feature in Mozilla Bugzilla 2.10 through 2.17 allows remote attackers to inject arbitrary web script or HTML via the "show all quips" page.
17-10-2016 - 22:27 31-12-2002 - 00:00
CVE-2002-1575 5.0
cgiemail allows remote attackers to use cgiemail as a spam proxy via CRLF injection of encoded newline (%0a) characters in parameters such as "required-subject," which can be used to modify the CC, BCC, and other header fields in the generated email
17-10-2016 - 22:27 03-03-2004 - 00:00
CVE-2002-1565 7.5
Buffer overflow in url_filename function for wget 1.8.1 allows attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long URL.
17-10-2016 - 22:27 16-06-2003 - 00:00
CVE-2002-1405 5.0
CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP headers into an HTTP request that is provided on the command line, via a URL containing encoded carriage return, line feed, and other whitespace chara
17-10-2016 - 22:26 19-02-2003 - 00:00
CVE-2002-1403 7.2
dhcpcd DHCP client daemon 1.3.22 and earlier allows local users to execute arbitrary code via shell metacharacters that are fed from a dhcpd .info script into a .exe script.
17-10-2016 - 22:26 17-01-2003 - 00:00
CVE-2002-1402 4.6
Buffer overflows in the (1) TZ and (2) SET TIME ZONE enivronment variables for PostgreSQL 7.2.1 and earlier allow local users to cause a denial of service and possibly execute arbitrary code.
17-10-2016 - 22:26 17-01-2003 - 00:00
CVE-2002-1400 7.5
Heap-based buffer overflow in the repeat() function for PostgreSQL before 7.2.2 allows attackers to execute arbitrary code by causing repeat() to generate a large string.
17-10-2016 - 22:26 17-01-2003 - 00:00
CVE-2002-1398 4.6
Buffer overflow in the date parser for PostgreSQL before 7.2.2 allows attackers to cause a denial of service and possibly execute arbitrary code via a long date string, aka a vulnerability "in handling long datetime input."
17-10-2016 - 22:26 17-01-2003 - 00:00
CVE-2002-1397 7.5
Vulnerability in the cash_words() function for PostgreSQL 7.2 and earlier allows local users to cause a denial of service and possibly execute arbitrary code via a large negative argument, possibly triggering an integer signedness error or buffer ove
17-10-2016 - 22:26 17-01-2003 - 00:00
CVE-2002-1394 7.5
Apache Tomcat 4.0.5 and earlier, when using both the invoker servlet and the default servlet, allows remote attackers to read source code for server files or bypass certain protections, a variant of CAN-2002-1148.
17-10-2016 - 22:26 17-01-2003 - 00:00
CVE-2002-1393 7.5
Multiple vulnerabilities in KDE 2 and KDE 3.x through 3.0.5 do not quote certain parameters that are inserted into a shell command, which could allow remote attackers to execute arbitrary commands via (1) URLs, (2) filenames, or (3) e-mail addresses.
17-10-2016 - 22:26 17-01-2003 - 00:00
CVE-2002-1387 4.6
The spray mode in traceroute-nanog (aka traceroute-ng) may allow local users to overwrite arbitrary memory locations via an array index overflow using the nprobes (number of probes) argument.
17-10-2016 - 22:26 02-01-2003 - 00:00
CVE-2002-1386 4.6
Buffer overflow in traceroute-nanog (aka traceroute-ng) may allow local users to execute arbitrary code via a long hostname argument.
17-10-2016 - 22:26 02-01-2003 - 00:00
CVE-2002-1384 7.2
Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf.
17-10-2016 - 22:26 02-01-2003 - 00:00
CVE-2002-1383 10.0
Multiple integer overflows in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allow remote attackers to execute arbitrary code via (1) the CUPSd HTTP interface, as demonstrated by vanilla-coke, and (2) the image handling code in CUPS filters
17-10-2016 - 22:26 26-12-2002 - 00:00
CVE-2002-1376 7.5
libmysqlclient client library in MySQL 3.x to 3.23.54, and 4.x to 4.0.6, does not properly verify length fields for certain responses in the (1) read_rows or (2) read_one_row routines, which allows remote attackers to cause a denial of service and po
17-10-2016 - 22:26 23-12-2002 - 00:00
CVE-2002-1375 7.5
The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x to 4.0.6, allows remote attackers to execute arbitrary code via a long response.
17-10-2016 - 22:26 23-12-2002 - 00:00
CVE-2002-1374 7.5
The COM_CHANGE_USER command in MySQL 3.x before 3.23.54, and 4.x before 4.0.6, allows remote attackers to gain privileges via a brute force attack using a one-character password, which causes MySQL to only compare the provided password against the fi
17-10-2016 - 22:26 23-12-2002 - 00:00
CVE-2002-1373 5.0
Signed integer vulnerability in the COM_TABLE_DUMP package for MySQL 3.23.x before 3.23.54 allows remote attackers to cause a denial of service (crash or hang) in mysqld by causing large negative integers to be provided to a memcpy call.
17-10-2016 - 22:26 23-12-2002 - 00:00
CVE-2002-1372 5.0
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descripto
17-10-2016 - 22:26 26-12-2002 - 00:00
CVE-2002-1371 7.5
filters/image-gif.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check for zero-length GIF images, which allows remote attackers to execute arbitrary code via modified chunk headers, as demonstrated by nogif.
17-10-2016 - 22:26 26-12-2002 - 00:00
CVE-2002-1369 10.0
jobs.c in Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly use the strncat function call when processing the options string, which allows remote attackers to execute arbitrary code via a buffer overflow attack.
17-10-2016 - 22:26 26-12-2002 - 00:00
CVE-2002-1368 7.5
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code by causing negative arguments to be fed into memcpy() calls via HTTP requests with (1) a negativ
17-10-2016 - 22:26 26-12-2002 - 00:00
CVE-2002-1367 10.0
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows remote attackers to add printers without authentication via a certain UDP packet, which can then be used to perform unauthorized activities such as stealing the local root certificate fo
17-10-2016 - 22:26 26-12-2002 - 00:00
CVE-2002-1366 6.2
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 allows local users with lp privileges to create or overwrite arbitrary files via file race conditions, as demonstrated by ice-cream.
17-10-2016 - 22:26 26-12-2002 - 00:00
CVE-2002-1365 7.5
Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local ad
17-10-2016 - 22:26 23-12-2002 - 00:00
CVE-2002-1364 7.2
Buffer overflow in the get_origin function in traceroute-nanog allows attackers to execute arbitrary code via long WHOIS responses.
17-10-2016 - 22:26 23-12-2002 - 00:00
CVE-2002-1350 7.5
The BGP decoding routines in tcpdump 3.6.x before 3.7 do not properly copy data, which allows remote attackers to cause a denial of service (application crash).
17-10-2016 - 22:26 23-12-2002 - 00:00
CVE-2002-1348 5.0
w3m before 0.3.2.2 does not properly escape HTML tags in the ALT attribute of an IMG tag, which could allow remote attackers to access files or cookies.
17-10-2016 - 22:26 19-02-2003 - 00:00
CVE-2002-1341 6.8
Cross-site scripting (XSS) vulnerability in read_body.php for SquirrelMail 1.2.10, 1.2.9, and earlier allows remote attackers to insert script and HTML via the (1) mailbox and (2) passed_id parameters.
17-10-2016 - 22:26 18-12-2002 - 00:00
CVE-2002-1337 10.0
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
17-10-2016 - 22:26 07-03-2003 - 00:00
CVE-2002-1323 4.6
Safe.pm 2.0.7 and earlier, when used in Perl 5.8.0 and earlier, may allow attackers to break out of safe compartments in (1) Safe::reval or (2) Safe::rdo using a redefined @_ variable, which is not reset between successive calls.
17-10-2016 - 22:25 11-12-2002 - 00:00
CVE-2002-1318 10.0
Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to
17-10-2016 - 22:25 11-12-2002 - 00:00
CVE-2002-1311 4.6
Courier sqwebmail before 0.40.0 does not quickly drop privileges after startup in certain cases, which could allow local users to read arbitrary files.
17-10-2016 - 22:25 29-11-2002 - 00:00
CVE-2002-1306 7.5
Multiple buffer overflows in LISa on KDE 2.x for 2.1 and later, and KDE 3.x before 3.0.4, allow (1) local and possibly remote attackers to execute arbitrary code via the "lisa" daemon, and (2) remote attackers to execute arbitrary code via a certain
17-10-2016 - 22:25 29-11-2002 - 00:00
CVE-2002-1282 7.5
Unknown vulnerability in the telnet KIO subsystem (telnet.protocol) of KDE 2.x 2.1 and later allows local and remote attackers to execute arbitrary code via a certain URL.
17-10-2016 - 22:25 29-11-2002 - 00:00
CVE-2002-1281 7.5
Unknown vulnerability in the rlogin KIO subsystem (rlogin.protocol) of KDE 2.x 2.1 and later, and KDE 3.x 3.0.4 and earlier, allows local and remote attackers to execute arbitrary code via a certain URL.
17-10-2016 - 22:25 29-11-2002 - 00:00
CVE-2002-1271 7.5
The Mail::Mailer Perl module in the perl-MailTools package 1.47 and earlier uses mailx as the default mailer, which allows remote attackers to execute arbitrary commands by inserting them into the mail body, which is then processed by mailx.
17-10-2016 - 22:25 12-11-2002 - 00:00
CVE-2002-1247 7.2
Buffer overflow in LISa allows local users to gain access to a raw socket via a long LOGNAME environment variable for the resLISa daemon.
17-10-2016 - 22:25 29-11-2002 - 00:00
CVE-2002-1245 7.2
Maped in LuxMan 0.41 uses the user-provided search path to find and execute the gzip program, which allows local users to modify /dev/mem and gain privileges via a modified PATH environment variable that points to a Trojan horse gzip program.
17-10-2016 - 22:25 12-11-2002 - 00:00
CVE-2002-1235 10.0
The kadm_ser_in function in (1) the Kerberos v4compatibility administration daemon (kadmind4) in the MIT Kerberos 5 (krb5) krb5-1.2.6 and earlier, (2) kadmind in KTH Kerberos 4 (eBones) before 1.2.1, and (3) kadmind in KTH Kerberos 5 (Heimdal) before
17-10-2016 - 22:25 04-11-2002 - 00:00
CVE-2002-1233 2.6
A regression error in the Debian distributions of the apache-ssl package (before 1.3.9 on Debian 2.2, and before 1.3.26 on Debian 3.0), for Apache 1.3.27 and earlier, allows local users to read or modify the Apache password file via a symlink attack
17-10-2016 - 22:25 04-11-2002 - 00:00
CVE-2002-1232 5.0
Memory leak in ypdb_open in yp_db.c for ypserv before 2.5 in the NIS package 3.9 and earlier allows remote attackers to cause a denial of service (memory consumption) via a large number of requests for a map that does not exist.
17-10-2016 - 22:25 04-11-2002 - 00:00
CVE-2002-1226 10.0
Unknown vulnerabilities in Heimdal before 0.5 with unknown impact, possibly in the (1) kadmind and (2) kdc servers, may allow remote or local attackers to gain root or other access, but not via buffer overflows (CVE-2002-1225).
17-10-2016 - 22:24 28-10-2002 - 00:00
CVE-2002-1225 10.0
Multiple buffer overflows in Heimdal before 0.5, possibly in both the (1) kadmind and (2) kdc servers, may allow remote attackers to gain root access.
17-10-2016 - 22:24 28-10-2002 - 00:00
CVE-2002-1221 5.0
BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference.
17-10-2016 - 22:24 29-11-2002 - 00:00
CVE-2002-1220 5.0
BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size.
17-10-2016 - 22:24 29-11-2002 - 00:00
CVE-2002-1219 7.5
Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR).
17-10-2016 - 22:24 29-11-2002 - 00:00
CVE-2002-1200 7.5
Balabit Syslog-NG 1.4.x before 1.4.15, and 1.5.x before 1.5.20, when using template filenames or output, does not properly track the size of a buffer when constant characters are encountered during macro expansion, which allows remote attackers to ca
17-10-2016 - 22:24 28-10-2002 - 00:00
CVE-2002-1196 7.5
editproducts.cgi in Bugzilla 2.14.x before 2.14.4, and 2.16.x before 2.16.1, when the "usebuggroups" feature is enabled and more than 47 groups are specified, does not properly calculate bit values for large numbers, which grants extra permissions to
17-10-2016 - 22:24 28-10-2002 - 00:00
CVE-2002-1195 4.3
Cross-site scripting vulnerability (XSS) in the PHP interface for ht://Check 1.1 allows remote web servers to insert arbitrary HTML, including script, via a web page.
17-10-2016 - 22:24 28-10-2002 - 00:00
CVE-2002-1175 5.0
The getmxrecord function in Fetchmail 6.0.0 and earlier does not properly check the boundary of a particular malformed DNS packet from a malicious DNS server, which allows remote attackers to cause a denial of service (crash) when Fetchmail attempts
17-10-2016 - 22:24 11-10-2002 - 00:00
CVE-2002-1174 7.5
Buffer overflows in Fetchmail 6.0.0 and earlier allow remote attackers to cause a denial of service (crash) or execute arbitrary code via (1) long headers that are not properly processed by the readheaders function, or (2) via long Received: headers,
17-10-2016 - 22:24 11-10-2002 - 00:00
CVE-2002-1158 7.2
Buffer overflow in the irw_through function for Canna 3.5b2 and earlier allows local users to execute arbitrary code as the bin user.
17-10-2016 - 22:24 18-12-2002 - 00:00
CVE-2002-1151 7.5
The cross-site scripting protection for Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 does not properly initialize the domains on sub-frames and sub-iframes, which can allow remote attackers to execute script and steal cookies from subframes that are
17-10-2016 - 22:24 11-10-2002 - 00:00
CVE-2002-1148 5.0
The default servlet (org.apache.catalina.servlets.DefaultServlet) in Tomcat 4.0.4 and 4.1.10 and earlier allows remote attackers to read source code for server files via a direct request to the servlet.
17-10-2016 - 22:24 11-10-2002 - 00:00
CVE-2002-1119 4.6
os._execvpe from os.py in Python 2.2.1 and earlier creates temporary files with predictable names, which could allow local users to execute arbitrary code via a symlink attack.
17-10-2016 - 22:23 04-10-2002 - 00:00
CVE-2002-1116 7.5
The "View Bugs" page (view_all_bug_page.php) in Mantis 0.17.4a and earlier includes summaries of private bugs for users that do not have access to any projects.
17-10-2016 - 22:23 04-10-2002 - 00:00
CVE-2002-1115 5.0
Mantis 0.17.4a and earlier allows remote attackers to view private bugs by modifying the f_id bug ID parameter to (1) bug_update_advanced_page.php, (2) bug_update_page.php, (3) view_bug_advanced_page.php, or (4) view_bug_page.php.
17-10-2016 - 22:23 04-10-2002 - 00:00
CVE-2002-1114 7.5
config_inc2.php in Mantis before 0.17.4 allows remote attackers to execute arbitrary code or read arbitrary files via the parameters (1) g_bottom_include_page, (2) g_top_include_page, (3) g_css_include_file, (4) g_meta_include_file, or (5) a cookie.
17-10-2016 - 22:23 04-10-2002 - 00:00
CVE-2002-1113 7.5
summary_graph_functions.php in Mantis 0.17.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the g_jpgraph_path parameter to reference the location of the PHP code.
17-10-2016 - 22:23 04-10-2002 - 00:00
CVE-2002-1112 5.0
Mantis before 0.17.4 allows remote attackers to list project bugs without authentication by modifying the cookie that is used by the "View Bugs" page.
17-10-2016 - 22:23 04-10-2002 - 00:00
CVE-2002-1111 5.0
print_all_bug_page.php in Mantis 0.17.3 and earlier does not verify the limit_reporters option, which allows remote attackers to view bug summaries for bugs that would otherwise be restricted.
17-10-2016 - 22:23 04-10-2002 - 00:00
CVE-2002-1110 10.0
Multiple SQL injection vulnerabilities in Mantis 0.17.2 and earlier, when running without magic_quotes_gpc enabled, allows remote attackers to gain privileges or perform unauthorized database operations via modified form fields, e.g. to account_updat
17-10-2016 - 22:23 04-10-2002 - 00:00
CVE-2002-1051 4.6
Format string vulnerability in TrACESroute 6.0 GOLD (aka NANOG traceroute) allows local users to execute arbitrary code via the -T (terminator) command line argument.
17-10-2016 - 22:23 04-10-2002 - 00:00
CVE-2002-0989 7.5
The URL handler in the manual browser option for Gaim before 0.59.1 allows remote attackers to execute arbitrary script via shell metacharacters in a link.
17-10-2016 - 22:23 24-09-2002 - 00:00
CVE-2002-0986 5.0
The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."
17-10-2016 - 22:23 24-09-2002 - 00:00
CVE-2002-0985 7.5
Argument injection vulnerability in the mail function for PHP 4.x to 4.2.2 may allow attackers to bypass safe mode restrictions and modify command line arguments to the MTA (e.g. sendmail) in the 5th argument to mail(), altering MTA behavior and poss
17-10-2016 - 22:23 24-09-2002 - 00:00
CVE-2002-0972 4.6
Buffer overflows in PostgreSQL 7.2 allow attackers to cause a denial of service and possibly execute arbitrary code via long arguments to the functions (1) lpad or (2) rpad.
17-10-2016 - 22:23 24-09-2002 - 00:00
CVE-2002-0970 7.5
The SSL capability for Konqueror in KDE 3.0.2 and earlier does not verify the Basic Constraints for an intermediate CA-signed certificate, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack.
17-10-2016 - 22:23 24-09-2002 - 00:00
CVE-2002-0843 7.5
Buffer overflows in the ApacheBench benchmark support program (ab.c) in Apache before 1.3.27, and Apache 2.x before 2.0.43, allow a malicious web server to cause a denial of service and possibly execute arbitrary code via a long response.
17-10-2016 - 22:22 11-10-2002 - 00:00
CVE-2002-0840 6.8
Cross-site scripting (XSS) vulnerability in the default error page of Apache 2.0 before 2.0.43, and 1.3.x up to 1.3.26, when UseCanonicalName is "Off" and support for wildcard DNS is present, allows remote attackers to execute script as other web pag
17-10-2016 - 22:22 11-10-2002 - 00:00
CVE-2002-0839 7.2
The shared memory scoreboard in the HTTP daemon for Apache 1.3.x before 1.3.27 allows any user running as the Apache UID to send a SIGUSR1 signal to any process as root, resulting in a denial of service (process kill) or possibly other behaviors that
17-10-2016 - 22:22 11-10-2002 - 00:00
CVE-2002-0838 4.6
Buffer overflow in (1) gv 3.5.8 and earlier, (2) gvv 1.0.2 and earlier, (3) ggv 1.99.90 and earlier, (4) gnome-gv, and (5) kghostview in kdegraphics 2.2.2 and earlier, allows attackers to execute arbitrary code via a malformed (a) PDF or (b) PostScri
17-10-2016 - 22:22 10-10-2002 - 00:00
CVE-2002-0836 7.5
dvips converter for Postscript files in the tetex package calls the system() function insecurely, which allows remote attackers to execute arbitrary commands via certain print jobs, possibly involving fonts.
17-10-2016 - 22:22 28-10-2002 - 00:00
CVE-2002-0818 7.5
wwwoffled in World Wide Web Offline Explorer (WWWOFFLE) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a negative Content-Length value.
17-10-2016 - 22:22 12-08-2002 - 00:00
CVE-2002-0817 7.2
Format string vulnerability in super for Linux allows local users to gain root privileges via a long command line argument.
17-10-2016 - 22:22 12-08-2002 - 00:00
CVE-2002-0662 2.1
scrollkeeper-get-cl in ScrollKeeper 0.3 to 0.3.11 allows local users to create and overwrite files via a symlink attack on the scrollkeeper-tempfile.x temporary files.
17-10-2016 - 22:21 04-10-2002 - 00:00
CVE-2002-0653 4.6
Off-by-one buffer overflow in the ssl_compat_directive function, as called by the rewrite_command hook for mod_ssl Apache module 2.8.9 and earlier, allows local users to execute arbitrary code as the Apache server user via .htaccess files with long e
17-10-2016 - 22:21 11-07-2002 - 00:00
CVE-2002-0640 10.0
Buffer overflow in sshd in OpenSSH 2.3.1 through 3.3 may allow remote attackers to execute arbitrary code via a large number of responses during challenge response authentication when OpenBSD is using PAM modules with interactive keyboard authenticat
17-10-2016 - 22:20 03-07-2002 - 00:00
CVE-2002-0639 10.0
Integer overflow in sshd in OpenSSH 2.9.9 through 3.3 allows remote attackers to execute arbitrary code during challenge response authentication (ChallengeResponseAuthentication) when OpenSSH is using SKEY or BSD_AUTH authentication.
17-10-2016 - 22:20 03-07-2002 - 00:00
CVE-2002-0429 3.6
The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a a binary compatibility interface (lcall).
17-10-2016 - 22:20 12-08-2002 - 00:00
CVE-2002-0404 5.0
Vulnerability in GIOP dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (memory consumption).
17-10-2016 - 22:20 18-06-2002 - 00:00
CVE-2002-0403 5.0
DNS dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet that causes Ethereal to enter an infinite loop.
17-10-2016 - 22:20 18-06-2002 - 00:00
CVE-2002-0402 7.5
Buffer overflow in X11 dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code while Ethereal is parsing keysyms.
17-10-2016 - 22:20 18-06-2002 - 00:00
CVE-2002-0401 7.5
SMB dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via malformed packets that cause Ethereal to dereference a NULL pointer.
17-10-2016 - 22:20 18-06-2002 - 00:00
CVE-2002-0391 10.0
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array
17-10-2016 - 22:20 12-08-2002 - 00:00
CVE-2002-0380 7.5
Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via an NFS packet.
17-10-2016 - 22:19 18-06-2002 - 00:00
CVE-2002-0334 2.1
xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows local users to modify files via a symlink attack on the .xtell-log file.
17-10-2016 - 22:19 25-06-2002 - 00:00
CVE-2002-0333 5.0
Directory traversal vulnerability in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to read files with short names, and local users to read more files using a symlink with a short name, via a .. in the TTY argument.
17-10-2016 - 22:19 25-06-2002 - 00:00
CVE-2002-0332 7.5
Buffer overflows in xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows remote attackers to execute arbitrary code via (1) a long DNS hostname that is determined using reverse DNS lookups, (2) a long AUTH string, or (3) certain data in the
17-10-2016 - 22:19 25-06-2002 - 00:00
CVE-2002-0300 5.0
gnujsp 1.0.0 and 1.0.1 allows remote attackers to list directories, read source code of certain scripts, and bypass access restrictions by directly requesting the target file from the gnujsp servlet, which does not work around a limitation of JServ a
17-10-2016 - 22:18 31-05-2002 - 00:00
CVE-2002-0239 7.2
Buffer overflow in hanterm 3.3.1 and earlier allows local users to execute arbitrary code via a long string in the (1) -fn, (2) -hfb, or (3) -hfn argument.
17-10-2016 - 22:17 29-05-2002 - 00:00
CVE-2002-0230 5.0
Cross-site scripting vulnerability in fom.cgi of Faq-O-Matic 2.712 allows remote attackers to execute arbitrary Javascript on other clients via the cmd parameter, which causes the script to be inserted into an error message.
17-10-2016 - 22:17 16-05-2002 - 00:00
CVE-2002-0184 7.2
Heap-based buffer overflow in sudo before 1.6.6 may allow local users to gain root privileges via special characters in the -p (prompt) argument, which are not properly expanded.
17-10-2016 - 22:16 16-05-2002 - 00:00
CVE-2002-0181 7.5
Cross-site scripting vulnerability in status.php3 for IMP 2.2.8 and HORDE 1.2.7 allows remote attackers to execute arbitrary web script and steal cookies of other IMP/HORDE users via the script parameter.
17-10-2016 - 22:16 22-04-2002 - 00:00
CVE-2002-0164 4.6
Vulnerability in the MIT-SHM extension of the X server on Linux (XFree86) 4.2.1 and earlier allows local users to read and write arbitrary shared memory, possibly to cause a denial of service or gain privileges.
17-10-2016 - 22:16 15-03-2002 - 00:00
CVE-2002-0092 5.0
CVS before 1.10.8 does not properly initialize a global variable, which allows remote attackers to cause a denial of service (server crash) via the diff capability.
17-10-2016 - 22:16 15-03-2002 - 00:00
CVE-2002-0083 10.0
Off-by-one error in the channel code of OpenSSH 2.0 through 3.0.2 allows local users or remote malicious servers to gain privileges.
17-10-2016 - 22:16 15-03-2002 - 00:00
CVE-2002-0082 7.5
The dbm and shm session cache code in mod_ssl before 2.8.7-1.3.23, and Apache-SSL before 1.3.22+1.46, does not properly initialize memory using the i2d_SSL_SESSION function, which allows remote attackers to use a buffer overflow to execute arbitrary
17-10-2016 - 22:16 15-03-2002 - 00:00
CVE-2002-0081 7.5
Buffer overflows in (1) php_mime_split in PHP 4.1.0, 4.1.1, and 4.0.6 and earlier, and (2) php3_mime_split in PHP 3.0.x allows remote attackers to execute arbitrary code via a multipart/form-data HTTP POST request when file_uploads is enabled.
17-10-2016 - 22:15 08-03-2002 - 00:00
CVE-2002-0048 10.0
Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute arbitrary code in the rsync client or server.
17-10-2016 - 22:15 27-02-2002 - 00:00
CVE-2002-0043 7.2
sudo 1.6.0 through 1.6.3p7 does not properly clear the environment before calling the mail program, which could allow local users to gain root privileges by modifying environment variables and changing how the mail program is invoked.
17-10-2016 - 22:15 31-01-2002 - 00:00
CVE-2002-0006 7.5
XChat 1.8.7 and earlier, including default configurations of 1.4.2 and 1.4.3, allows remote attackers to execute arbitrary IRC commands as other clients via encoded characters in a PRIVMSG command that calls CTCP PING, which expands the characters in
17-10-2016 - 22:15 25-06-2002 - 00:00
CVE-2002-0004 7.2
Heap corruption vulnerability in the "at" program allows local users to execute arbitrary code via a malformed execution time, which causes at to free the same memory twice.
17-10-2016 - 22:15 27-02-2002 - 00:00
CVE-2002-0001 7.5
Vulnerability in RFC822 address parser in mutt before 1.2.5.1 and mutt 1.3.x before 1.3.25 allows remote attackers to execute arbitrary commands via an improperly terminated comment or phrase in the address list.
17-10-2016 - 22:15 27-02-2002 - 00:00
CVE-2001-1562 7.2
Format string vulnerability in nvi before 1.79 allows local users to gain privileges via format string specifiers in a filename.
17-10-2016 - 22:15 31-12-2001 - 00:00
CVE-2001-1385 5.0
The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the source code of PHP scripts.
17-10-2016 - 22:14 12-01-2001 - 00:00
CVE-2001-1370 10.0
prepend.php3 in PHPLib before 7.2d, when register_globals is enabled for PHP, allows remote attackers to execute arbitrary scripts via an HTTP request that modifies $_PHPLIB[libdir] to point to malicious code on another server, as seen in Horde 1.2.5
17-10-2016 - 22:14 21-07-2001 - 00:00
CVE-2001-1274 7.5
Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly gain privileges.
17-10-2016 - 22:14 23-01-2001 - 00:00
CVE-2001-1230 7.5
Buffer overflows in Icecast before 1.3.10 allow remote attackers to cause a denial of service (crash) and execute arbitrary code.
17-10-2016 - 22:14 13-03-2001 - 00:00
CVE-2001-0928 7.5
Buffer overflow in the permitted function of GNOME gtop daemon (libgtop_daemon) in libgtop 1.0.13 and earlier may allow remote attackers to execute arbitrary code via long authentication data.
17-10-2016 - 22:13 28-11-2001 - 00:00
CVE-2001-0927 7.5
Format string vulnerability in the permitted function of GNOME libgtop_daemon in libgtop 1.0.12 and earlier allows remote attackers to execute arbitrary code via an argument that contains format specifiers that are passed into the (1) syslog_message
17-10-2016 - 22:13 27-11-2001 - 00:00
CVE-2001-0894 5.0
Vulnerability in Postfix SMTP server before 20010228-pl07, when configured to email the postmaster when SMTP errors cause the session to terminate, allows remote attackers to cause a denial of service (memory exhaustion) by generating a large number
17-10-2016 - 22:12 11-11-2001 - 00:00
CVE-2001-0873 7.2
uuxqt in Taylor UUCP package does not properly remove dangerous long options, which allows local users to gain privileges by calling uux and specifying an alternate configuration file with the --config option.
17-10-2016 - 22:12 21-12-2001 - 00:00
CVE-2001-0872 7.2
OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges.
17-10-2016 - 22:12 21-12-2001 - 00:00
CVE-2001-0843 5.0
Squid proxy server 2.4 and earlier allows remote attackers to cause a denial of service (crash) via a mkdir-only FTP PUT request.
17-10-2016 - 22:12 06-12-2001 - 00:00
CVE-2001-0834 6.4
htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such
17-10-2016 - 22:12 06-12-2001 - 00:00
CVE-2001-0596 7.5
Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript.
17-10-2016 - 22:11 02-08-2001 - 00:00
CVE-2001-0550 7.5
wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob).
17-10-2016 - 22:11 30-11-2001 - 00:00
CVE-2001-0441 7.5
Buffer overflow in (1) wrapping and (2) unwrapping functions of slrn news reader before 0.9.7.0 allows remote attackers to execute arbitrary commands via a long message header.
17-10-2016 - 22:11 27-06-2001 - 00:00
CVE-2001-0416 2.1
sgml-tools (aka sgmltools) before 1.0.9-15 creates temporary files with insecure permissions, which allows other users to read files that are being processed by sgml-tools.
17-10-2016 - 22:11 27-06-2001 - 00:00
CVE-2001-0361 4.0
Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote attacker to decrypt and/or alter traffic via a "Bleichenbacher attack" on PKCS#1
17-10-2016 - 22:10 27-06-2001 - 00:00
CVE-2001-0318 7.5
Format string vulnerability in ProFTPD 1.2.0rc2 may allow attackers to execute arbitrary commands by shutting down the FTP server while using a malformed working directory (cwd).
17-10-2016 - 22:10 02-06-2001 - 00:00
CVE-2001-0193 7.2
Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter.
17-10-2016 - 22:10 03-05-2001 - 00:00
CVE-2001-0144 10.0
CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow.
17-10-2016 - 22:10 12-03-2001 - 00:00
CVE-2001-0142 1.2
squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations.
17-10-2016 - 22:09 12-03-2001 - 00:00
CVE-2001-0141 1.2
mgetty 1.1.22 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
17-10-2016 - 22:09 12-03-2001 - 00:00
CVE-2001-0138 1.2
privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.
17-10-2016 - 22:09 12-03-2001 - 00:00
CVE-2001-0131 1.2
htpasswd and htdigest in Apache 2.0a9, 1.3.14, and others allows local users to overwrite arbitrary files via a symlink attack.
17-10-2016 - 22:09 12-03-2001 - 00:00
CVE-2001-0129 10.0
Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long connect request.
17-10-2016 - 22:09 12-03-2001 - 00:00
CVE-2001-0125 1.2
exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file.
17-10-2016 - 22:09 12-03-2001 - 00:00
CVE-2001-0112 7.2
Multiple buffer overflows in splitvt before 1.6.5 allow local users to execute arbitrary commands.
17-10-2016 - 22:09 12-03-2001 - 00:00
CVE-2001-0111 7.2
Format string vulnerability in splitvt before 1.6.5 allows local users to execute arbitrary commands via the -rcfile command line argument.
17-10-2016 - 22:09 12-03-2001 - 00:00
CVE-2001-0108 5.0
PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.
17-10-2016 - 22:09 12-03-2001 - 00:00
CVE-1999-1332 2.1
gzexe in the gzip package on Red Hat Linux 5.0 and earlier allows local users to overwrite files of other users via a symlink attack on a temporary file.
17-10-2016 - 22:03 31-12-1999 - 00:00
CVE-2001-0775 7.5
Buffer overflow in xloadimage 4.1 (aka xli 1.16 and 1.17) in Linux allows remote attackers to execute arbitrary code via a FACES format image containing a long (1) Firstname or (2) Lastname field.
19-05-2016 - 23:00 18-10-2001 - 00:00
CVE-2001-0187 10.0
Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment.
13-09-2013 - 00:13 26-03-2001 - 00:00
CVE-2003-0973 5.0
Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string.
04-09-2013 - 00:26 15-12-2003 - 00:00
CVE-2002-0658 6.2
OSSP mm library (libmm) before 1.2.0 allows the local Apache user to gain privileges via temporary files, possibly via a symbolic link attack.
04-09-2013 - 00:18 12-08-2002 - 00:00
CVE-2003-0773 7.5
saned in sane-backends 1.0.7 and earlier does not check the IP address of the connecting host during the SANE_NET_INIT RPC call, which allows remote attackers to use that call even if they are restricted in saned.conf.
23-08-2013 - 00:29 22-09-2003 - 00:00
CVE-2003-0969 7.5
mpg321 0.2.10 allows remote attackers to overwrite memory and possibly execute arbitrary code via an mp3 file that passes certain strings to the printf function, possibly triggering a format string vulnerability.
20-08-2013 - 00:27 20-01-2004 - 00:00
CVE-2004-0457 4.6
The mysqlhotcopy script in mysql 4.0.20 and earlier, when using the scp method from the mysql-server package, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
01-08-2013 - 00:33 28-09-2004 - 00:00
CVE-2002-1275 7.5
Unknown vulnerability in html2ps HTML/PostScript converter 1.0, when used within LPRng, allows remote attackers to execute arbitrary code via "unsanitized input."
11-10-2012 - 00:00 12-11-2002 - 00:00
CVE-2003-0858 2.1
Zebra 0.93b and earlier, and quagga before 0.95, allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
31-03-2011 - 00:00 15-12-2003 - 00:00
CVE-2005-1730 9.3
Multiple vulnerabilities in the OpenSSL ASN.1 parser, as used in Novell iManager 2.0.2, allows remote attackers to cause a denial of service (NULL pointer dereference) via crafted packets, as demonstrated by "OpenSSL ASN.1 brute forcer." NOTE: this
07-03-2011 - 21:22 31-12-2005 - 00:00
CVE-2004-0827 7.5
Multiple buffer overflows in the ImageMagick graphics library 5.x before 5.4.4, and 6.x before 6.0.6.2, allow remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via malformed (1) AVI, (2) BMP, or (3)
07-03-2011 - 21:16 16-09-2004 - 00:00
CVE-2004-0451 10.0
Multiple format string vulnerabilities in the (1) logquit, (2) logerr, or (3) loginfo functions in Software Upgrade Protocol (SUP) allows remote attackers to execute arbitrary code via format string specifiers in messages that are logged by syslog.
07-03-2011 - 21:15 06-12-2004 - 00:00
CVE-2003-0866 5.0
The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests.
07-03-2011 - 21:13 17-11-2003 - 00:00
CVE-2003-0545 10.0
Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 encoding.
07-03-2011 - 21:12 17-11-2003 - 00:00
CVE-2003-0544 5.0
OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characters in certain ASN.1 inputs, which allows remote attackers to cause a denial of service (crash) via an SSL client certificate that causes OpenSSL to read past the end of a buffer wh
07-03-2011 - 21:12 17-11-2003 - 00:00
CVE-2003-0543 5.0
Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag values.
07-03-2011 - 21:12 17-11-2003 - 00:00
CVE-2003-0026 7.5
Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long
07-03-2011 - 21:11 17-01-2003 - 00:00
CVE-2002-1581 5.0
Directory traversal vulnerability in nph-mr.cgi in Mailreader.com 2.3.20 through 2.3.31 allows remote attackers to view arbitrary files via .. (dot dot) sequences and a null byte (%00) in the configLanguage parameter.
07-03-2011 - 21:10 06-12-2004 - 00:00
CVE-2002-0392 7.5
Apache 1.3 through 1.3.24, and Apache 2.0 through 2.0.36, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a chunk-encoded HTTP request that causes Apache to use an incorrect size.
07-03-2011 - 21:08 03-07-2002 - 00:00
CVE-2001-1258 3.6
Horde Internet Messaging Program (IMP) before 2.2.6 allows local users to read IMP configuration files and steal the Horde database password by placing the prefs.lang file containing PHP code on the server.
07-03-2011 - 21:07 21-07-2001 - 00:00
CVE-2001-1257 7.5
Cross-site scripting vulnerability in Horde Internet Messaging Program (IMP) before 2.2.6 and 1.2.6 allows remote attackers to execute arbitrary Javascript embedded in an email.
07-03-2011 - 21:07 21-07-2001 - 00:00
CVE-2001-0886 4.6
Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character.
07-03-2011 - 21:06 21-12-2001 - 00:00
CVE-2001-1009 10.0
Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP3 server to overwrite arbitrary memory and possibly gain privileges via a negative index number as part of a response to a LIST request.
16-02-2011 - 00:00 31-08-2001 - 00:00
CVE-2001-0819 7.5
A buffer overflow in Linux fetchmail before 5.8.6 allows remote attackers to execute arbitrary code via a large 'To:' field in an email header.
15-02-2011 - 00:00 06-12-2001 - 00:00
CVE-2004-0817 7.5
Multiple heap-based buffer overflows in the imlib BMP image handler allow remote attackers to execute arbitrary code via a crafted BMP file.
21-08-2010 - 00:21 31-12-2004 - 00:00
CVE-2004-0788 5.0
Integer overflow in the ICO image decoder for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (application crash) via a crafted ICO file.
21-08-2010 - 00:21 20-10-2004 - 00:00
CVE-2004-0778 5.0
CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned.
21-08-2010 - 00:21 20-10-2004 - 00:00
CVE-2004-0755 2.1
The FileStore capability in CGI::Session for Ruby before 1.8.1, and possibly PStore, creates files with insecure permissions, which can allow local users to steal session information and hijack sessions.
21-08-2010 - 00:21 20-10-2004 - 00:00
CVE-2004-0753 5.0
The BMP image processor for (1) gdk-pixbuf before 0.22 and (2) gtk2 before 2.2.4 allows remote attackers to cause a denial of service (infinite loop) via a crafted BMP file.
21-08-2010 - 00:21 20-10-2004 - 00:00
CVE-2004-0693 5.0
The GIF parser in the QT library (qt3) before 3.3.3 allows remote attackers to cause a denial of service (application crash) via a malformed image file that triggers a null dereference, a different vulnerability than CVE-2004-0692.
21-08-2010 - 00:21 28-09-2004 - 00:00
CVE-2004-0635 5.0
The SNMP dissector in Ethereal 0.8.15 through 0.10.4 allows remote attackers to cause a denial of service (process crash) via a (1) malformed or (2) missing community string, which causes an out-of-bounds read.
21-08-2010 - 00:20 06-12-2004 - 00:00
CVE-2004-0178 2.1
The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x before 2.4.26, when operating in 16 bit mode, does not properly handle certain sample sizes, which allows local users to cause a denial of service (crash) via a sample with an odd number
21-08-2010 - 00:19 01-06-2004 - 00:00
CVE-2004-0097 10.0
Multiple vulnerabilities in PWLib before 1.6.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol.
21-08-2010 - 00:19 03-03-2004 - 00:00
CVE-2004-0010 7.2
Stack-based buffer overflow in the ncp_lookup function for ncpfs in Linux kernel 2.4.x allows local users to gain privileges.
21-08-2010 - 00:19 03-03-2004 - 00:00
CVE-2004-0003 4.6
Unknown vulnerability in Linux kernel before 2.4.22 allows local users to gain privileges, related to "R128 DRI limits checking."
21-08-2010 - 00:19 03-03-2004 - 00:00
CVE-2003-1013 5.0
The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference.
21-08-2010 - 00:17 05-01-2004 - 00:00
CVE-2003-1012 5.0
The SMB dissector in Ethereal before 0.10.0 allows remote attackers to cause a denial of service via a malformed SMB packet that triggers a segmentation fault during processing of Selected packets.
21-08-2010 - 00:17 05-01-2004 - 00:00
CVE-2003-0927 7.5
Heap-based buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SOCKS dissector.
21-08-2010 - 00:17 01-12-2003 - 00:00
CVE-2003-0926 5.0
Ethereal 0.9.15 and earlier, and Tethereal, allows remote attackers to cause a denial of service (crash) via certain malformed (1) ISAKMP or (2) MEGACO packets.
21-08-2010 - 00:17 01-12-2003 - 00:00
CVE-2003-0925 7.5
Buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed GTP MSISDN string.
21-08-2010 - 00:17 01-12-2003 - 00:00
CVE-2003-0856 4.9
iproute 2.4.7 and earlier allows local users to cause a denial of service via spoofed messages as other users to the kernel netlink interface.
21-08-2010 - 00:16 15-12-2003 - 00:00
CVE-2003-0461 2.1
/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.
21-08-2010 - 00:16 27-08-2003 - 00:00
CVE-2003-0427 7.5
Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute arbitrary code via an archive file that contains a file with a long filename.
21-08-2010 - 00:16 24-07-2003 - 00:00
CVE-2004-2758 7.5
Multiple unspecified vulnerabilities in the H.323 protocol implementation for Sun SunForum 3.2 and 3D 1.0 allow remote attackers to cause a denial of service (segmentation fault and process crash), as demonstrated by the NISCC/OUSPG PROTOS test suite
29-05-2010 - 00:27 31-12-2004 - 00:00
CVE-2004-0802 5.1
Buffer overflow in the BMP loader in imlib2 before 1.1.2 allows remote attackers to execute arbitrary code via a specially-crafted BMP image, a different vulnerability than CVE-2004-0817.
28-01-2010 - 00:34 31-12-2004 - 00:00
CVE-2002-0388 7.5
Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow remote attackers to execute script via (1) the admin login page, or (2) the Pipermail index summaries.
21-07-2009 - 17:00 18-06-2002 - 00:00
CVE-2004-0054 7.5
Multiple vulnerabilities in the H.323 protocol implementation for Cisco IOS 11.3T through 12.2T allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.22
04-03-2009 - 00:21 17-02-2004 - 00:00
CVE-2004-0768 7.5
libpng 1.2.5 and earlier does not properly calculate certain buffer offsets, which could allow remote attackers to execute arbitrary code via a buffer overflow attack.
23-01-2009 - 00:24 20-10-2004 - 00:00
CVE-2003-0308 7.2
The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl.
11-11-2008 - 00:29 15-05-2003 - 00:00
CVE-2003-0044 6.8
Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML.
10-09-2008 - 20:05 07-02-2003 - 00:00
CVE-2003-0043 5.0
Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file.
10-09-2008 - 20:05 07-02-2003 - 00:00
CVE-2003-0037 7.5
Buffer overflows in noffle news server 1.0.1 and earlier allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code.
10-09-2008 - 20:05 07-02-2003 - 00:00
CVE-2003-0018 3.6
Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle the O_DIRECT feature, which allows local attackers with write privileges to read portions of previously deleted files, or cause file system corruption.
10-09-2008 - 20:05 19-02-2003 - 00:00
CVE-2002-0351 7.5
Buffer overflows in CFS daemon (cfsd) before 1.3.3-8.1, and 1.4x before 1.4.1-5, allow remote attackers to cause a denial of service and possibly execute arbitrary code.
10-09-2008 - 20:01 25-06-2002 - 00:00
CVE-2002-0248 7.2
wmtv 0.6.5 and earlier allows local users to modify arbitrary files via a symlink attack on a configuration file.
10-09-2008 - 20:00 29-05-2002 - 00:00
CVE-2002-0247 7.2
Buffer overflows in wmtv 0.6.5 and earlier may allow local users to gain privileges.
10-09-2008 - 20:00 29-05-2002 - 00:00
CVE-2002-0166 7.5
Cross-site scripting vulnerability in analog before 5.22 allows remote attackers to execute Javascript via an HTTP request containing the script, which is entered into a web logfile and not properly filtered by analog during display.
10-09-2008 - 20:00 22-04-2002 - 00:00
CVE-2004-0833 7.5
Sendmail before 8.12.3 on Debian GNU/Linux, when using sasl and sasl-bin, uses a Sendmail configuration script with a fixed username and password, which could allow remote attackers to use Sendmail as an open mail relay and send spam messages.
10-09-2008 - 15:27 23-12-2004 - 00:00
CVE-2004-0794 5.1
Multiple signal handler race conditions in lukemftpd (aka tnftpd before 20040810) allow remote authenticated attackers to cause a denial of service or execute arbitrary code.
10-09-2008 - 15:27 20-10-2004 - 00:00
CVE-2004-0645 10.0
Buffer overflow in the wvHandleDateTimePicture function in wv library (wvWare) 0.7.4 through 0.7.6 and 1.0.0 allows remote attackers to execute arbitrary code via a document with a long DateTime field.
10-09-2008 - 15:27 06-08-2004 - 00:00
CVE-2004-0640 10.0
Format string vulnerability in the SSL_set_verify function in telnetd.c for SSLtelnet daemon (SSLtelnetd) 0.13 allows remote attackers to execute arbitrary code.
10-09-2008 - 15:27 06-08-2004 - 00:00
CVE-2004-0579 7.2
Format string vulnerability in super before 3.23 allows local users to execute arbitrary code as root.
10-09-2008 - 15:26 06-08-2004 - 00:00
CVE-2004-0547 5.0
Buffer overflow in the ODBC driver for PostgreSQL before 7.2.1 allows remote attackers to cause a denial of service (crash).
10-09-2008 - 15:26 06-08-2004 - 00:00
CVE-2004-0473 2.6
Argument injection vulnerability in Opera before 7.50 does not properly filter "-" characters that begin a hostname in a telnet URI, which allows remote attackers to insert options to the resulting command line and overwrite arbitrary files via (1) t
10-09-2008 - 15:26 07-07-2004 - 00:00
CVE-2004-0456 7.6
Stack-based buffer overflow in pavuk 0.9pl28, 0.9pl27, and possibly other versions allows remote web sites to execute arbitrary code via a long HTTP Location header.
10-09-2008 - 15:26 06-12-2004 - 00:00
CVE-2004-0404 1.2
logcheck before 1.1.1 allows local users to overwrite arbitrary files via a symlink attack on a temporary directory in /var/tmp.
10-09-2008 - 15:26 07-07-2004 - 00:00
CVE-2004-0402 4.6
Buffer overflow in xpcd-svga in xpcd before 2.08, and possibly other versions, may allow local users to execute arbitrary code.
10-09-2008 - 15:26 07-07-2004 - 00:00
CVE-2004-0400 7.5
Stack-based buffer overflow in Exim 4 before 4.33, when the headers_check_syntax option is enabled, allows remote attackers to cause a denial of service and possibly execute arbitrary code during the header check.
10-09-2008 - 15:26 07-07-2004 - 00:00
CVE-2004-0399 7.5
Stack-based buffer overflow in Exim 3.35, and other versions before 4, when the sender_verify option is true, allows remote attackers to cause a denial of service and possibly execute arbitrary code during sender verification.
10-09-2008 - 15:26 07-07-2004 - 00:00
CVE-2004-0376 5.0
oftpd 0.3.6 and earlier allows remote attackers to cause a denial of service (crash) via a PORT command with a large value.
10-09-2008 - 15:26 04-05-2004 - 00:00
CVE-2004-0371 5.0
Heimdal 0.6.x before 0.6.1 and 0.5.x before 0.5.3 does not properly perform certain consistency checks for cross-realm requests, which allows remote attackers with control of a realm to impersonate others in the cross-realm trust path.
10-09-2008 - 15:25 04-05-2004 - 00:00
CVE-2004-0232 5.0
Multiple format string vulnerabilities in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
10-09-2008 - 15:25 18-08-2004 - 00:00
CVE-2004-0231 2.1
Multiple vulnerabilities in Midnight Commander (mc) before 4.6.0, with unknown impact, related to "Insecure temporary file and directory creations."
10-09-2008 - 15:25 18-08-2004 - 00:00
CVE-2004-0226 10.0
Multiple buffer overflows in Midnight Commander (mc) before 4.6.0 may allow attackers to cause a denial of service or execute arbitrary code.
10-09-2008 - 15:25 18-08-2004 - 00:00
CVE-2004-0150 7.5
Buffer overflow in the getaddrinfo function in Python 2.2 before 2.2.2, when IPv6 support is disabled, allows remote attackers to execute arbitrary code via an IPv6 address that is obtained using DNS.
10-09-2008 - 15:25 15-04-2004 - 00:00
CVE-2004-0111 5.0
gdk-pixbuf before 0.20 allows attackers to cause a denial of service (crash) via a malformed bitmap (BMP) file.
10-09-2008 - 15:25 15-04-2004 - 00:00
CVE-2004-0014 7.5
Multiple buffer overflows in the nd WebDAV interface 0.8.2 and earlier allows remote web servers to execute arbitrary code via certain long strings.
10-09-2008 - 15:24 20-01-2004 - 00:00
CVE-2003-0965 6.8
Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities.
10-09-2008 - 15:21 17-02-2004 - 00:00
CVE-2003-0933 4.6
Buffer overflow in conquest 7.2 and earlier may allow a local user to execute arbitrary code via a long environment variable.
10-09-2008 - 15:20 01-12-2003 - 00:00
CVE-2003-0932 4.6
Buffer overflow in omega-rpg 0.90 allows local users to execute arbitrary code via a long (1) command line or (2) environment variable.
10-09-2008 - 15:20 15-12-2003 - 00:00
CVE-2003-0902 7.5
Unknown vulnerability in minimalist mailing list manager 2.4, 2.2, and possibly other versions, allows remote attackers to execute arbitrary commands.
10-09-2008 - 15:20 03-02-2004 - 00:00
CVE-2003-0833 7.5
Stack-based buffer overflow in webfs before 1.20 allows attackers to execute arbitrary code by creating directories that result in a long pathname.
10-09-2008 - 15:20 17-11-2003 - 00:00
CVE-2003-0832 5.0
Directory traversal vulnerability in webfs before 1.20 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a Hostname header.
10-09-2008 - 15:20 17-11-2003 - 00:00
CVE-2003-0830 4.6
Buffer overflow in marbles 1.0.2 and earlier allows local users to gain privileges via a long HOME environment variable.
10-09-2008 - 15:20 17-11-2003 - 00:00
CVE-2003-0785 7.5
ipmasq before 3.5.12, in certain configurations, may forward packets to the external interface even if the packets are not associated with an established connection, which could allow remote attackers to bypass intended filtering.
10-09-2008 - 15:20 06-10-2003 - 00:00
CVE-2003-0778 5.0
saned in sane-backends 1.0.7 and earlier, and possibly later versions, does not properly allocate memory in certain cases, which could allow attackers to cause a denial of service (memory consumption).
10-09-2008 - 15:20 22-09-2003 - 00:00
CVE-2003-0777 5.0
saned in sane-backends 1.0.7 and earlier, when debug messages are enabled, does not properly handle dropped connections, which can prevent strings from being null terminated and cause a denial of service (segmentation fault).
10-09-2008 - 15:20 22-09-2003 - 00:00
CVE-2003-0776 7.5
saned in sane-backends 1.0.7 and earlier does not properly "check the validity of the RPC numbers it gets before getting the parameters," with unknown consequences.
10-09-2008 - 15:20 22-09-2003 - 00:00
CVE-2003-0775 5.0
saned in sane-backends 1.0.7 and earlier calls malloc with an arbitrary size value if a connection is dropped before the size value has been sent, which allows remote attackers to cause a denial of service (memory consumption or crash).
10-09-2008 - 15:20 22-09-2003 - 00:00
CVE-2003-0774 7.5
saned in sane-backends 1.0.7 and earlier does not quickly handle connection drops, which allows remote attackers to cause a denial of service (segmentation fault) when invalid memory is accessed.
10-09-2008 - 15:20 22-09-2003 - 00:00
CVE-2003-0706 5.0
Unknown vulnerability in mah-jong 1.5.6 and earlier allows remote attackers to cause a denial of service (tight loop).
10-09-2008 - 15:20 17-09-2003 - 00:00
CVE-2003-0705 7.5
Buffer overflow in mah-jong 1.5.6 and earlier allows remote attackers to execute arbitrary code.
10-09-2008 - 15:20 17-09-2003 - 00:00
CVE-2003-0672 7.5
Format string vulnerability in pam-pgsql 0.5.2 and earlier allows remote attackers to execute arbitrary code via the username that isp rovided during authentication, which is not properly handled when recording a log message.
10-09-2008 - 15:20 27-08-2003 - 00:00
CVE-2003-0654 7.5
Buffer overflow in autorespond may allow remote attackers to execute arbitrary code as the autorespond user via qmail.
10-09-2008 - 15:20 27-08-2003 - 00:00
CVE-2003-0649 7.2
Buffer overflow in xpcd-svga for xpcd 2.08 and earlier allows local users to execute arbitrary code via a long HOME environment variable.
10-09-2008 - 15:20 27-08-2003 - 00:00
CVE-2003-0643 2.1
Integer signedness error in the Linux Socket Filter implementation (filter.c) in Linux 2.4.3-pre3 to 2.4.22-pre10 allows attackers to cause a denial of service (crash).
10-09-2008 - 15:20 25-07-2003 - 00:00
CVE-2003-0613 4.6
Buffer overflow in zblast-svgalib of zblast 1.2.1 and earlier allows local users to execute arbitrary code via the high score file.
10-09-2008 - 15:19 27-08-2003 - 00:00
CVE-2003-0606 4.6
sup 1.8 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.
10-09-2008 - 15:19 27-08-2003 - 00:00
CVE-2003-0592 7.5
Konqueror in KDE 3.1.3 and earlier (kdelibs) allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Konqueror to send the cookie o
10-09-2008 - 15:19 15-04-2004 - 00:00
CVE-2003-0552 5.0
Linux 2.4.x allows remote attackers to spoof the bridge Forwarding table via forged packets whose source addresses are the same as the target.
10-09-2008 - 15:19 27-08-2003 - 00:00
CVE-2003-0551 5.0
The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of service.
10-09-2008 - 15:19 27-08-2003 - 00:00
CVE-2003-0550 5.0
The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology.
10-09-2008 - 15:19 27-08-2003 - 00:00
CVE-2003-0539 4.6
skk (Simple Kana to Kanji conversion program) 12.1 and earlier, and the ddskk package which is based on skk, creates temporary files insecurely, which allows local users to overwrite arbitrary files.
10-09-2008 - 15:19 18-08-2003 - 00:00
CVE-2003-0538 7.5
The mailcap file for mozart 1.2.5 and earlier causes Oz applications to be passed to the Oz interpreter, which allows remote attackers to execute arbitrary Oz programs in a MIME-aware client program.
10-09-2008 - 15:19 18-08-2003 - 00:00
CVE-2003-0535 7.2
Buffer overflow in xbl 1.0k and earlier allows local users to gain privileges via a long -display command line option.
10-09-2008 - 15:19 18-08-2003 - 00:00
CVE-2003-0515 7.5
SQL injection vulnerabilities in the (1) PostgreSQL or (2) MySQL authentication modules for teapop 0.3.5 and earlier allow attackers to execute arbitrary SQL and possibly gain privileges.
10-09-2008 - 15:19 18-08-2003 - 00:00
CVE-2003-0462 1.2
A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash).
10-09-2008 - 15:19 27-08-2003 - 00:00
CVE-2003-0450 7.5
Cistron RADIUS daemon (radiusd-cistron) 1.6.6 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large value in an NAS-Port attribute, which is interpreted as a negative number and causes a buff
10-09-2008 - 15:19 07-08-2003 - 00:00
CVE-2003-0440 4.6
The (1) semi MIME library 1.14.5 and earlier, and (2) wemi 1.14.0 and possibly other versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files.
10-09-2008 - 15:19 18-08-2003 - 00:00
CVE-2003-0432 10.0
Ethereal 0.9.12 and earlier does not handle certain strings properly, with unknown consequences, in the (1) BGP, (2) WTP, (3) DNS, (4) 802.11, (5) ISAKMP, (6) WSP, (7) CLNP, (8) ISIS, and (9) RMI dissectors.
10-09-2008 - 15:19 24-07-2003 - 00:00
CVE-2003-0431 10.0
The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not properly handle a zero-length buffer size, with unknown consequences.
10-09-2008 - 15:19 24-07-2003 - 00:00
CVE-2003-0429 7.5
The OSI dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via invalid IPv4 or IPv6 prefix lengths, possibly triggering a buffer overflow.
10-09-2008 - 15:18 24-07-2003 - 00:00
CVE-2003-0428 5.0
Unknown vulnerability in the DCERPC (DCE/RPC) dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (memory consumption) via a certain NDR string.
10-09-2008 - 15:18 24-07-2003 - 00:00
CVE-2003-0370 7.5
Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack.
10-09-2008 - 15:18 16-06-2003 - 00:00
CVE-2003-0367 2.1
znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files.
10-09-2008 - 15:18 02-07-2003 - 00:00
CVE-2003-0364 5.0
The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions.
10-09-2008 - 15:18 16-06-2003 - 00:00
CVE-2003-0357 7.5
Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) Mount and (2) PPP dissectors.
10-09-2008 - 15:18 09-06-2003 - 00:00
CVE-2003-0356 10.0
Multiple off-by-one vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) AIM, (2) GIOP Gryphon, (3) OSPF, (4) PPTP, (5) Quake, (6) Quake2, (7) Quake3, (8) R
10-09-2008 - 15:18 09-06-2003 - 00:00
CVE-2003-0261 4.6
fuzz 0.6 and earlier creates temporary files insecurely, which could allow local users to gain root privileges.
10-09-2008 - 15:18 27-05-2003 - 00:00
CVE-2003-0248 10.0
The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address.
10-09-2008 - 15:18 16-06-2003 - 00:00
CVE-2003-0247 5.0
Unknown vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ("kernel oops").
10-09-2008 - 15:18 16-06-2003 - 00:00
CVE-2003-0207 2.1
ps2epsi creates insecure temporary files when calling ghostscript, which allows local attackers to overwrite arbitrary files.
10-09-2008 - 15:18 05-05-2003 - 00:00
CVE-2003-0188 7.2
lv reads a .lv file from the current working directory, which allows local users to execute arbitrary commands as other lv users by placing malicious .lv files into other directories.
10-09-2008 - 15:18 09-06-2003 - 00:00
CVE-2003-0173 7.2
xfsdq in xfsdump does not create quota information files securely, which allows local users to gain root privileges.
10-09-2008 - 15:18 05-05-2003 - 00:00
CVE-2003-0136 2.1
psbanner in the LPRng package allows local users to overwrite arbitrary files via a symbolic link attack on the /tmp/before file.
10-09-2008 - 15:18 05-05-2003 - 00:00
CVE-2003-0099 7.2
Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before 3.10.5, may allow attackers to cause a denial of service or execute arbitrary code, related to usage of the vsprintf function.
10-09-2008 - 15:17 03-03-2003 - 00:00
CVE-2003-0098 10.0
Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server.
10-09-2008 - 15:17 03-03-2003 - 00:00
CVE-2003-0093 5.0
The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service (crash) via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to generate data within an infinite loop.
10-09-2008 - 15:17 03-03-2003 - 00:00
CVE-2003-0082 5.0
The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes the KDC to corrupt its hea
10-09-2008 - 15:17 02-04-2003 - 00:00
CVE-2002-1508 1.2
slapd in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows local users to overwrite arbitrary files via a race condition during the creation of a log file for rejected replication requests.
10-09-2008 - 15:14 19-02-2003 - 00:00
CVE-2002-1395 2.1
Internet Message (IM) 141-18 and earlier uses predictable file and directory names, which allows local users to (1) obtain unauthorized directory permissions via a temporary directory used by impwagent, and (2) overwrite and create arbitrary files vi
10-09-2008 - 15:14 17-01-2003 - 00:00
CVE-2002-1390 5.0
The daemon for GeneWeb before 4.09 does not properly handle requested paths, which allows remote attackers to read arbitrary files via a crafted URL.
10-09-2008 - 15:14 17-01-2003 - 00:00
CVE-2002-1389 4.6
Buffer overflow in typespeed 0.4.2 and earlier allows local users to gain privileges via long input.
10-09-2008 - 15:14 02-01-2003 - 00:00
CVE-2002-1380 2.1
Linux kernel 2.2.x allows local users to cause a denial of service (crash) by using the mmap() function with a PROT_READ parameter to access non-readable memory pages through the /proc/pid/mem interface.
10-09-2008 - 15:14 23-12-2002 - 00:00
CVE-2002-1379 7.5
OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows remote or local attackers to execute arbitrary code when libldap reads the .ldaprc file within applications that are running with extra privileges.
10-09-2008 - 15:14 02-01-2003 - 00:00
CVE-2002-1378 7.5
Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allow remote attackers to execute arbitrary code via (1) long -t or -r parameters to slurpd, (2) a malicious ldapfilter.conf file that is not properly handled by getfilter function
10-09-2008 - 15:14 02-01-2003 - 00:00
CVE-2002-1363 7.5
Portable Network Graphics (PNG) library libpng 1.2.5 and earlier does not correctly calculate offsets, which allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a buffer overflow attack on the row buff
10-09-2008 - 15:14 26-12-2002 - 00:00
CVE-2002-1362 5.0
mICQ 0.4.9 and earlier allows remote attackers to cause a denial of service (crash) via malformed ICQ message types without a 0xFE separator character.
10-09-2008 - 15:14 23-12-2002 - 00:00
CVE-2002-1342 7.5
Unknown vulnerability in smb2www 980804-16 and earlier allows remote attackers to execute arbitrary commands.
10-09-2008 - 15:14 18-12-2002 - 00:00
CVE-2002-1313 2.1
nullmailer 1.00RC5 and earlier allows local users to cause a denial of service via an email to a local user that does not exist, which generates an error that causes nullmailer to stop sending mail to all users.
10-09-2008 - 15:14 29-11-2002 - 00:00
CVE-2002-1307 6.8
Cross-site scripting vulnerability (XSS) in MHonArc 2.5.12 and earlier allows remote attackers to insert script or HTML via an email message with the script in a MIME header name.
10-09-2008 - 15:14 29-11-2002 - 00:00
CVE-2002-1279 7.2
Multiple buffer overflows in conf.c for Masqmail 0.1.x before 0.1.17, and 0.2.x before 0.2.15, allow local users to gain privileges via certain entries in the configuration file (-C option).
10-09-2008 - 15:14 29-11-2002 - 00:00
CVE-2002-1215 10.0
Multiple format string vulnerabilities in heartbeat 0.4.9 and earlier (claimed as buffer overflows in some sources) allow remote attackers to execute arbitrary code via certain packets to UDP port 694 (incorrectly claimed as TCP in some sources).
10-09-2008 - 15:14 28-10-2002 - 00:00
CVE-2002-1193 2.1
tkmail before 4.0beta9-8.1 allows local users to create or overwrite files as users via a symlink attack on temporary files.
10-09-2008 - 15:14 28-10-2002 - 00:00
CVE-2002-1159 6.4
Canna 3.6 and earlier does not properly validate requests, which allows remote attackers to cause a denial of service or information leak.
10-09-2008 - 15:13 18-12-2002 - 00:00
CVE-2002-0984 7.5
The IRC script included in Light 2.7.x before 2.7.30p5, and 2.8.x before 2.8pre10, running EPIC allows remote attackers to execute arbitrary code if the user joins a channel whose topic includes EPIC4 code.
10-09-2008 - 15:13 24-09-2002 - 00:00
CVE-2002-0875 2.1
Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group.
10-09-2008 - 15:13 05-09-2002 - 00:00
CVE-2002-0874 5.0
Vulnerability in Interchange 4.8.6, 4.8.3, and other versions, when running in INET mode, allows remote attackers to read arbitrary files.
10-09-2008 - 15:13 05-09-2002 - 00:00
CVE-2002-0873 5.0
Vulnerability in l2tpd 0.67 allows remote attackers to overwrite the vendor field via a long value in an attribute/value pair, possibly via a buffer overflow.
10-09-2008 - 15:13 05-09-2002 - 00:00
CVE-2002-0872 7.5
l2tpd 0.67 does not initialize the random number generator, which allows remote attackers to hijack sessions.
10-09-2008 - 15:13 05-09-2002 - 00:00
CVE-2002-0834 7.5
Buffer overflow in the ISIS dissector for Ethereal 0.9.5 and earlier allows remote attackers to cause a denial of service or execute arbitrary code via malformed packets.
10-09-2008 - 15:12 24-09-2002 - 00:00
CVE-2002-0666 5.0
IPSEC implementations including (1) FreeS/WAN and (2) KAME do not properly calculate the length of authentication data, which allows remote attackers to cause a denial of service (kernel panic) via spoofed, short Encapsulating Security Payload (ESP)
10-09-2008 - 15:12 04-11-2002 - 00:00
CVE-2002-0659 5.0
The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings.
10-09-2008 - 15:12 12-08-2002 - 00:00
CVE-2002-0657 7.5
Buffer overflow in OpenSSL 0.9.7 before 0.9.7-beta3, with Kerberos enabled, allows attackers to execute arbitrary code via a long master key.
10-09-2008 - 15:12 12-08-2002 - 00:00
CVE-2002-0656 7.5
Buffer overflows in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allow remote attackers to execute arbitrary code via (1) a large client master key in SSL2 or (2) a large session ID in SSL3.
10-09-2008 - 15:12 12-08-2002 - 00:00
CVE-2002-0655 7.5
OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, does not properly handle ASCII representations of integers on 64 bit platforms, which could allow attackers to cause a denial of service and possibly execute arbitrary code.
10-09-2008 - 15:12 12-08-2002 - 00:00
CVE-2002-0353 5.0
The ASN.1 parser in Ethereal 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a certain malformed packet, which causes Ethereal to allocate memory incorrectly, possibly due to zero-length fields.
10-09-2008 - 15:11 25-06-2002 - 00:00
CVE-2002-0059 7.5
The decompression algorithm in zlib 1.1.3 and earlier, as used in many different utilities and packages, causes inflateEnd to release certain memory more than once (a "double free"), which may allow local and remote attackers to execute arbitrary cod
10-09-2008 - 15:11 15-03-2002 - 00:00
CVE-2002-0044 3.6
GNU Enscript 1.6.1 and earlier allows local users to overwrite arbitrary files of the Enscript user via a symlink attack on temporary files.
10-09-2008 - 15:11 31-01-2002 - 00:00
CVE-2002-0029 7.5
Buffer overflows in the DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10, and other derived libraries such as BSD libc and GNU glibc, allow remote attackers to execute arbitrary code via DNS server responses that trigger the overflow in the
10-09-2008 - 15:11 29-11-2002 - 00:00
CVE-2001-1331 1.2
mandb in the man-db package before 2.3.16-3 allows local users to overwrite arbitrary files via the command line options (1) -u or (2) -c, which do not drop privileges and follow symlinks.
10-09-2008 - 15:10 03-05-2001 - 00:00
CVE-2001-1322 3.6
xinetd 2.1.8 and earlier runs with a default umask of 0, which could allow local users to read or modify files that are created by an application that runs under xinetd but does not set its own safe umask.
10-09-2008 - 15:10 10-07-2001 - 00:00
CVE-2001-1228 7.5
Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow attackers to execute code via a long file name, possibly remotely if gzip is run on an FTP server.
10-09-2008 - 15:09 18-11-2001 - 00:00
CVE-2001-1203 7.2
Format string vulnerability in gpm-root in gpm 1.17.8 through 1.17.18 allows local users to gain root privileges.
10-09-2008 - 15:09 27-12-2001 - 00:00
CVE-2001-1077 4.6
Buffer overflow in tt_printf function of rxvt 2.6.2 allows local users to gain privileges via a long (1) -T or (2) -name argument.
10-09-2008 - 15:09 15-06-2001 - 00:00
CVE-2001-1027 10.0
Buffer overflow in WindowMaker (aka wmaker) 0.64 and earlier allows remote attackers to execute arbitrary code via a long window title.
10-09-2008 - 15:09 31-08-2001 - 00:00
CVE-2001-0763 7.5
Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow remote attackers to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function.
10-09-2008 - 15:08 18-10-2001 - 00:00
CVE-2001-0609 10.0
Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function.
10-09-2008 - 15:08 02-08-2001 - 00:00
CVE-2001-0559 7.2
crontab in Vixie cron 3.0.1 and earlier does not properly drop privileges after the failed parsing of a modification operation, which could allow a local attacker to gain additional privileges when an editor is called to correct the error.
10-09-2008 - 15:08 14-08-2001 - 00:00
CVE-2001-0556 7.2
The Nirvana Editor (NEdit) 5.1.1 and earlier allows a local attacker to overwrite other users' files via a symlink attack on (1) backup files or (2) temporary files used when nedit prints a file or portions of a file.
10-09-2008 - 15:08 22-08-2001 - 00:00
CVE-2001-0522 7.5
Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file.
10-09-2008 - 15:08 14-08-2001 - 00:00
CVE-2001-0489 7.5
Format string vulnerability in gftp prior to 2.0.8 allows remote malicious FTP servers to execute arbitrary commands.
10-09-2008 - 15:08 27-06-2001 - 00:00
CVE-2001-0458 7.5
Multiple buffer overflows in ePerl before 2.2.14-0.7 allow local and remote attackers to execute arbitrary commands.
10-09-2008 - 15:08 27-06-2001 - 00:00
CVE-2001-0316 4.6
Linux kernel 2.4 and 2.2 allows local users to read kernel memory and possibly gain privileges via a negative argument to the sysctl call.
10-09-2008 - 15:07 03-05-2001 - 00:00
CVE-2001-0012 5.0
BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables.
10-09-2008 - 15:07 12-02-2001 - 00:00
CVE-2001-0010 10.0
Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges.
10-09-2008 - 15:07 12-02-2001 - 00:00
CVE-2003-0914 4.3
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.
10-09-2008 - 00:00 15-12-2003 - 00:00
CVE-2002-1401 6.5
Buffer overflows in (1) circle_poly, (2) path_encode and (3) path_add (also incorrectly identified as path_addr) for PostgreSQL 7.2.3 and earlier allow attackers to cause a denial of service and possibly execute arbitrary code, possibly as a result o
10-09-2008 - 00:00 17-01-2003 - 00:00
CVE-2007-3375 6.8
Stack-based buffer overflow in Lhaca File Archiver before 1.21 allows user-assisted remote attackers to execute arbitrary code via a crafted LZH archive, as exploited by malware such as Trojan.Lhdropper.
05-09-2008 - 17:25 25-06-2007 - 16:30
CVE-2004-2629 7.8
Multiple vulnerabilities in the H.323 protocol implementation for First Virtual Communications Click to Meet Express (when used with H.323 conferencing endpoints), Click to Meet Premier, Conference Server, and V-Gate allow remote attackers to cause a
05-09-2008 - 16:44 31-12-2004 - 00:00
CVE-2004-1468 7.5
The web mail functionality in Usermin 1.x and Webmin 1.x allows remote attackers to execute arbitrary commands via shell metacharacters in an e-mail message.
05-09-2008 - 16:41 31-12-2004 - 00:00
CVE-2004-0917 5.0
The default installation of Vignette Application Portal installs the diagnostic utility without authentication requirements, which allows remote attackers to gain sensitive information, such as server and OS version, and conduct unauthorized activiti
05-09-2008 - 16:39 27-01-2005 - 00:00
CVE-2004-0781 4.3
Cross-site scripting (XSS) vulnerability in list.cgi in the Icecast internal web server (icecast-server) 1.3.12 and earlier allows remote attackers to inject arbitrary web script via the UserAgent parameter.
05-09-2008 - 16:39 20-10-2004 - 00:00
CVE-2004-0559 2.1
The maketemp.pl script in Usermin 1.070 and 1.080 allows local users to overwrite arbitrary files at install time via a symlink attack on the /tmp/.usermin directory.
05-09-2008 - 16:38 20-10-2004 - 00:00
CVE-2004-0522 10.0
Gallery 1.4.3 and earlier allows remote attackers to bypass authentication and obtain Gallery administrator privileges.
05-09-2008 - 16:38 06-08-2004 - 00:00
CVE-2004-0458 5.0
mah-jong before 1.6.2 allows remote attackers to cause a denial of service (server crash) via a missing argument, which triggers a null pointer dereference.
05-09-2008 - 16:38 28-09-2004 - 00:00
CVE-2004-0454 7.2
Buffer overflow in the msg function for rlpr daemon (rlprd) 2.04 allows local users to execute arbitrary code.
05-09-2008 - 16:38 06-12-2004 - 00:00
CVE-2004-0450 10.0
Format string vulnerability in the printlog function in log2mail before 0.2.5.2 allows local users or remote attackers to execute arbitrary code via format string specifiers in a logfile monitored by log2mail.
05-09-2008 - 16:38 06-08-2004 - 00:00
CVE-2004-0448 10.0
Format string vulnerability in the log function for jftpgw 0.13.4 and earlier allows remote authenticated users to execute arbitrary code via format string specifiers in certain syslog messages.
05-09-2008 - 16:38 06-12-2004 - 00:00
CVE-2004-0422 2.1
flim before 1.14.3 creates temporary files insecurely, which allows local users to overwrite arbitrary files of the Emacs user via a symlink attack.
05-09-2008 - 16:38 07-07-2004 - 00:00
CVE-2004-0408 7.5
Buffer overflow in the child_service function in the ident2 ident daemon allows remote attackers to execute arbitrary code.
05-09-2008 - 16:38 28-09-2004 - 00:00
CVE-2004-0395 7.2
The xatitv program in the gatos package does not properly drop root privileges when the configuration file does not exist, which allows local users to execute arbitrary commands via shell metacharacters in a system call.
05-09-2008 - 16:38 06-12-2004 - 00:00
CVE-2004-0374 6.4
Interchange before 5.0.1 allows remote attackers to "expose the content of arbitrary variables" and read or modify sensitive SQL information via an HTTP request ending with the "__SQLUSER__" string.
05-09-2008 - 16:38 04-05-2004 - 00:00
CVE-2004-0366 7.5
SQL injection vulnerability in the libpam-pgsql library before 0.5.2 allows attackers to execute arbitrary SQL statements.
05-09-2008 - 16:38 04-05-2004 - 00:00
CVE-2004-0185 10.0
Buffer overflow in the skey_challenge function in ftpd.c for wu-ftp daemon (wu-ftpd) 2.6.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a s/key (SKEY) request with a long name.
05-09-2008 - 16:37 15-03-2004 - 00:00
CVE-2004-0160 7.2
Synaesthesia 2.2 and earlier allows local users to execute arbitrary code via a symlink attack on the configuration file.
05-09-2008 - 16:37 29-03-2004 - 00:00
CVE-2004-0157 4.6
x11.c in xonix 1.4 and earlier uses the current working directory to find and execute the rmail program, which allows local users to execute arbitrary code by modifying the path to point to a malicious rmail program.
05-09-2008 - 16:37 01-06-2004 - 00:00
CVE-2004-0151 7.2
Unknown vulnerability in xitalk 1.1.11 and earlier allows local users to execute arbitrary commands.
05-09-2008 - 16:37 15-04-2004 - 00:00
CVE-2004-0149 4.6
Multiple buffer overflows in xboing before 2.4 allow local users to gain privileges.
05-09-2008 - 16:37 04-05-2004 - 00:00
CVE-2004-0108 4.6
The isag utility, which processes sysstat data, allows local users to overwrite arbitrary files via a symlink attack on temporary files, a different vulnerability than CAN-2004-0107.
05-09-2008 - 16:37 15-04-2004 - 00:00
CVE-2004-0103 4.6
crawl before 4.0.0 beta23 does not properly "apply a size check" when copying a certain environment variable, which may allow local users to gain privileges, possibly as a result of a buffer overflow.
05-09-2008 - 16:37 03-03-2004 - 00:00
CVE-2004-0094 7.5
Integer signedness errors in XFree86 4.1.0 allow remote attackers to cause a denial of service and possibly execute arbitrary code when using the GLX extension and Direct Rendering Infrastructure (DRI).
05-09-2008 - 16:37 15-03-2004 - 00:00
CVE-2004-0093 7.5
XFree86 4.1.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an out-of-bounds array index when using the GLX extension and Direct Rendering Infrastructure (DRI).
05-09-2008 - 16:37 15-03-2004 - 00:00
CVE-2004-0056 7.5
Multiple vulnerabilities in the H.323 protocol implementation for Nortel Networks Business Communications Manager (BCM), Succession 1000 IP Trunk and IP Peer Networking, and 802.11 Wireless IP Gateway allow remote attackers to cause a denial of servi
05-09-2008 - 16:37 17-02-2004 - 00:00
CVE-2004-0047 4.6
Multiple programs in trr19 1.0 do not properly drop privileges before executing a system command, which could allow local users to gain privileges.
05-09-2008 - 16:37 03-03-2004 - 00:00
CVE-2004-0041 7.5
The mod_auth_shadow module 1.4 and earlier does not properly enforce the expiration of a user account and password, which could allow remote authenticated users to bypass intended access restrictions.
05-09-2008 - 16:37 03-02-2004 - 00:00
CVE-2004-0028 7.5
jitterbug 1.6.2 does not properly sanitize inputs, which allows remote authenticated users to execute arbitrary commands.
05-09-2008 - 16:37 03-02-2004 - 00:00
CVE-2004-0017 7.5
Multiple SQL injection vulnerabilities in the (1) calendar and (2) infolog modules for phpgroupware 0.9.14 allow remote attackers to perform unauthorized database operations.
05-09-2008 - 16:37 03-02-2004 - 00:00
CVE-2004-0016 7.5
The calendar module for phpgroupware 0.9.14 does not enforce the "save extension" feature for holiday files, which allows remote attackers to create and execute PHP files.
05-09-2008 - 16:37 03-02-2004 - 00:00
CVE-2004-0015 7.2
vbox3 0.1.8 and earlier does not properly drop privileges before executing a user-provided TCL script, which allows local users to gain privileges.
05-09-2008 - 16:37 03-02-2004 - 00:00
CVE-2004-0013 5.0
jabber 1.4.2, 1.4.2a, and possibly earlier versions, does not properly handle SSL connections, which allows remote attackers to cause a denial of service (crash).
05-09-2008 - 16:37 03-02-2004 - 00:00
CVE-2004-0011 7.5
Buffer overflow in fsp before 2.81.b18 allows remote users to execute arbitrary code.
05-09-2008 - 16:37 20-01-2004 - 00:00
CVE-2003-1022 7.5
Directory traversal vulnerability in fsp before 2.81.b18 allows remote users to access files outside the FSP root directory.
05-09-2008 - 16:35 20-01-2004 - 00:00
CVE-2003-0991 5.0
Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands.
05-09-2008 - 16:35 03-03-2004 - 00:00
CVE-2003-0949 4.6
xsok 1.02 does not properly drop privileges before finding and executing the "gunzip" program, which allows local users to execute arbitrary commands.
05-09-2008 - 16:35 03-02-2004 - 00:00
CVE-2003-0924 3.7
netpbm 9.25 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.
05-09-2008 - 16:35 17-02-2004 - 00:00
CVE-2003-0901 7.5
Buffer overflow in to_ascii for PostgreSQL 7.2.x, and 7.3.x before 7.3.4, allows remote attackers to execute arbitrary code.
05-09-2008 - 16:35 03-11-2003 - 00:00
CVE-2003-0828 4.6
Buffer overflow in freesweep in Debian GNU/Linux 3.0 allows local users to gain "games" group privileges when processing environment variables.
05-09-2008 - 16:35 29-03-2004 - 00:00
CVE-2003-0782 10.0
Multiple buffer overflows in ecartis before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code.
05-09-2008 - 16:35 04-05-2004 - 00:00
CVE-2003-0781 10.0
Unknown vulnerability in ecartis before 1.0.0 does not properly validate user input, which allows attackers to obtain mailing list passwords.
05-09-2008 - 16:35 04-05-2004 - 00:00
CVE-2003-0708 7.5
Format string vulnerability in LinuxNode (node) before 0.3.2 may allow attackers to cause a denial of service or execute arbitrary code.
05-09-2008 - 16:35 20-10-2003 - 00:00
CVE-2003-0707 7.5
Buffer overflow in LinuxNode (node) before 0.3.2 allows remote attackers to execute arbitrary code.
05-09-2008 - 16:35 20-10-2003 - 00:00
CVE-2003-0657 7.5
Multiple SQL injection vulnerabilities in the infolog module for phpgroupware 0.9.14 and earlier could allow remote attackers to conduct unauthorized database actions.
05-09-2008 - 16:34 27-08-2003 - 00:00
CVE-2003-0648 10.0
Multiple buffer overflows in vfte, based on FTE, before 0.50, allow local users to execute arbitrary code.
05-09-2008 - 16:34 04-05-2004 - 00:00
CVE-2003-0618 2.1
Multiple vulnerabilities in suidperl 5.6.1 and earlier allow a local user to obtain sensitive information about files for which the user does not have appropriate permissions.
05-09-2008 - 16:34 04-05-2004 - 00:00
CVE-2003-0611 4.6
Multiple buffer overflows in xtokkaetama 1.0 allow local users to gain privileges via a long (1) -display command line argument or (2) XTOKKAETAMADIR environment variable.
05-09-2008 - 16:34 27-08-2003 - 00:00
CVE-2003-0607 4.6
Buffer overflow in xconq 7.4.1 allows local users to become part of the "games" group via the (1) USER or (2) DISPLAY environment variables.
05-09-2008 - 16:34 29-03-2004 - 00:00
CVE-2003-0599 10.0
Unknown vulnerability in the Virtual File System (VFS) capability for phpGroupWare 0.9.16preRC and versions before 0.9.14.004 with unknown implications, related to the VFS path being under the web document root.
05-09-2008 - 16:34 27-08-2003 - 00:00
CVE-2003-0537 4.6
The liece Emacs IRC client 2.0+0.20030527 and earlier creates temporary files insecurely, which could allow local users to overwrite arbitrary files as other users.
05-09-2008 - 16:34 18-08-2003 - 00:00
CVE-2003-0500 10.0
SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD before 1.2.9rc1 allows remote attackers to execute arbitrary SQL and gain privileges by bypassing authentication or stealing passwords via the USER nam
05-09-2008 - 16:34 07-08-2003 - 00:00
CVE-2003-0489 7.2
tcptraceroute 1.4 and earlier does not fully drop privileges after obtaining a file descriptor for capturing packets, which may allow local users to gain access to the descriptor via a separate vulnerability in tcptraceroute.
05-09-2008 - 16:34 07-08-2003 - 00:00
CVE-2003-0454 7.2
Multiple buffer overflows in xgalaga 2.0.34 and earlier allow local users to gain privileges via a long HOME environment variable.
05-09-2008 - 16:34 07-08-2003 - 00:00
CVE-2003-0452 4.6
Buffer overflows in osh before 1.7-11 allow local users to execute arbitrary code and bypass shell restrictions via (1) long environment variables or (2) long "file redirections."
05-09-2008 - 16:34 07-08-2003 - 00:00
CVE-2003-0451 4.6
Multiple buffer overflows in xbl before 1.0k allow local users to gain privileges via certain long command line arguments.
05-09-2008 - 16:34 07-08-2003 - 00:00
CVE-2003-0445 7.5
Buffer overflow in webfs before 1.17.1 allows remote attackers to execute arbitrary code via an HTTP request with a long Request-URI.
05-09-2008 - 16:34 24-07-2003 - 00:00
CVE-2003-0444 7.5
Heap-based buffer overflow in GTKSee 0.5 and 0.5.1 allows remote attackers to execute arbitrary code via a PNG image of certain color depths.
05-09-2008 - 16:34 29-03-2004 - 00:00
CVE-2003-0441 7.2
Multiple buffer overflows in Orville Write (orville-write) 2.53 and earlier allow local users to gain privileges.
05-09-2008 - 16:34 03-03-2004 - 00:00
CVE-2003-0438 1.2
eldav WebDAV client for Emacs, version 0.7.2 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.
05-09-2008 - 16:34 24-07-2003 - 00:00
CVE-2003-0433 7.5
Multiple buffer overflows in gnocatan 0.6.1 and earlier allow attackers to execute arbitrary code.
05-09-2008 - 16:34 24-07-2003 - 00:00
CVE-2003-0381 2.1
Multiple vulnerabilities in noweb 2.9 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files via multiple vectors including the noroff script.
05-09-2008 - 16:34 24-07-2003 - 00:00
CVE-2003-0380 7.5
Buffer overflow in atftp daemon (atftpd) 0.6.1 and earlier, and possibly later versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long filename.
05-09-2008 - 16:34 02-07-2003 - 00:00
CVE-2003-0366 5.0
lyskom-server 2.0.7 and earlier allows unauthenticated users to cause a denial of service (CPU consumption) via a large query.
05-09-2008 - 16:34 24-07-2003 - 00:00
CVE-2003-0362 5.0
Buffer overflow in gPS before 0.10.2 may allow local users to cause a denial of service (SIGSEGV) in rgpsp via long command lines.
05-09-2008 - 16:34 09-06-2003 - 00:00
CVE-2003-0361 7.5
gPS before 1.1.0 does not properly follow the rgpsp connection source acceptation policy as specified in the rgpsp.conf file, which could allow unauthorized remote attackers to connect to rgpsp.
05-09-2008 - 16:34 09-06-2003 - 00:00
CVE-2003-0360 7.5
Multiple buffer overflows in gPS before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code.
05-09-2008 - 16:34 09-06-2003 - 00:00
CVE-2003-0359 4.6
nethack 3.4.0 and earlier installs certain setgid binaries with insecure permissions, which allows local users to gain privileges by replacing the original binaries with malicious code.
05-09-2008 - 16:34 24-07-2003 - 00:00
CVE-2003-0328 7.5
EPIC IRC Client (EPIC4) pre2.002, pre2.003, and possibly later versions, allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via a CTCP request from a large nickname, which causes an incorrect
05-09-2008 - 16:34 09-06-2003 - 00:00
CVE-2003-0322 5.0
Integer overflow in BitchX IRC client 1.0-0c19 and earlier allows remote malicious IRC servers to cause a denial of service (crash).
05-09-2008 - 16:34 09-06-2003 - 00:00
CVE-2003-0262 7.2
leksbot 1.2.3 in Debian GNU/Linux installs the KATAXWR as setuid root, which allows local users to gain root privileges by exploiting unknown vulnerabilities related to the escalated privileges, which KATAXWR is not designed to have.
05-09-2008 - 16:33 27-05-2003 - 00:00
CVE-2003-0214 4.6
run-mailcap in mime-support 3.22 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.
05-09-2008 - 16:33 12-05-2003 - 00:00
CVE-2003-0202 4.6
The (1) halstead and (2) gather_stats scripts in metrics 1.0 allow local users to overwrite arbitrary files via a symlink attack on temporary files.
05-09-2008 - 16:33 15-04-2004 - 00:00
CVE-2003-0167 7.5
Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafte
05-09-2008 - 16:33 02-04-2003 - 00:00
CVE-2003-0155 5.0
bonsai Mozilla CVS query tool allows remote attackers to gain access to the parameters page without authentication.
05-09-2008 - 16:33 02-04-2003 - 00:00
CVE-2003-0152 7.5
Unknown vulnerability in bonsai Mozilla CVS query tool allows remote attackers to execute arbitrary commands as the www-data user.
05-09-2008 - 16:33 02-04-2003 - 00:00
CVE-2003-0145 5.0
Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle unknown RADIUS attributes properly," allows remote attackers to cause a denial of service (infinite loop), a different vulnerability than CAN-2003-0093.
05-09-2008 - 16:33 31-03-2003 - 00:00
CVE-2003-0120 1.2
adb2mhc in the mhc-utils package before 0.25+20010625-7.1 allows local users to overwrite arbitrary files via a symlink attack on a default temporary directory with a predictable name.
05-09-2008 - 16:33 07-03-2003 - 00:00
CVE-2003-0081 7.5
Format string vulnerability in packet-socks.c of the SOCKS dissector for Ethereal 0.8.7 through 0.9.9 allows remote attackers to execute arbitrary code via SOCKS packets containing format string specifiers.
05-09-2008 - 16:33 18-03-2003 - 00:00
CVE-2003-0072 5.0
The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of a
05-09-2008 - 16:33 02-04-2003 - 00:00
CVE-2003-0040 7.5
SQL injection vulnerability in the PostgreSQL auth module for courier 0.40 and earlier allows remote attackers to execute SQL code via the user name.
05-09-2008 - 16:33 19-02-2003 - 00:00
CVE-2002-2381 7.5
Multiple buffer overflows in (1) tetrinet_inmessage, (2) speclist_add and (3) config-getthemeinfo of GTetrinet 0.4.3 and earlier allow remote attackers to casue a denial of service and possibly execute arbitrary code.
05-09-2008 - 16:33 31-12-2002 - 00:00
CVE-2002-1783 5.0
CRLF injection vulnerability in PHP 4.2.1 through 4.2.3, when allow_url_fopen is enabled, allows remote attackers to modify HTTP headers for outgoing requests by causing CRLF sequences to be injected into arguments that are passed to the (1) fopen or
05-09-2008 - 16:31 31-12-2002 - 00:00
CVE-2002-1580 7.5
Integer overflow in imapparse.c for Cyrus IMAP server 1.4 and 2.1.10 allows remote attackers to execute arbitrary code via a large length value that facilitates a buffer overflow attack, a different vulnerability than CVE-2002-1347.
05-09-2008 - 16:30 14-06-2004 - 00:00
CVE-2002-1478 10.0
Cacti before 0.6.8 allows attackers to execute arbitrary commands via the "Data Input" option in console mode.
05-09-2008 - 16:30 22-04-2003 - 00:00
CVE-2002-1477 7.5
graphs.php in Cacti before 0.6.8 allows remote authenticated Cacti administrators to execute arbitrary commands via shell metacharacters in the title during edit mode.
05-09-2008 - 16:30 22-04-2003 - 00:00
CVE-2002-1425 6.4
Directory traversal vulnerability in munpack in mpack 1.5 and earlier allows remote attackers to create new files in the parent directory via a ../ (dot-dot) sequence in the filename to be extracted.
05-09-2008 - 16:30 11-04-2003 - 00:00
CVE-2002-1424 5.0
Buffer overflow in munpack in mpack 1.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.
05-09-2008 - 16:30 11-04-2003 - 00:00
CVE-2002-1412 7.5
Gallery photo album package before 1.3.1 allows local and possibly remote attackers to execute arbitrary code via a modified GALLERY_BASEDIR variable that points to a directory or URL that contains a Trojan horse init.php script.
05-09-2008 - 16:30 11-04-2003 - 00:00
CVE-2002-1388 4.3
Cross-site scripting (XSS) vulnerability in MHonArc before 2.5.14 allows remote attackers to inject arbitrary HTML into web archive pages via HTML mail messages.
05-09-2008 - 16:30 02-01-2003 - 00:00
CVE-2002-1335 4.3
Cross-site scripting (XSS) vulnerability in w3m 0.3.2 does not escape an HTML tag in a frame, which allows remote attackers to insert arbitrary web script or HTML and access files or cookies.
05-09-2008 - 16:30 11-12-2002 - 00:00
CVE-2002-1277 7.5
Buffer overflow in Window Maker (wmaker) 0.80.0 and earlier may allow remote attackers to execute arbitrary code via a certain image file that is not properly handled when Window Maker uses width and height information to allocate a buffer.
05-09-2008 - 16:30 12-11-2002 - 00:00
CVE-2002-1276 4.3
An incomplete fix for a cross-site scripting (XSS) vulnerability in SquirrelMail 1.2.8 calls the strip_tags function on the PHP_SELF value but does not save the result back to that variable, leaving it open to cross-site scripting attacks.
05-09-2008 - 16:30 29-11-2002 - 00:00
CVE-2002-1251 10.0
Buffer overflow in log2mail before 0.2.5.1 allows remote attackers to execute arbitrary code via a long log message.
05-09-2008 - 16:30 12-11-2002 - 00:00
CVE-2002-1227 7.5
PAM 0.76 treats a disabled password as if it were an empty (null) password, which allows local and remote attackers to gain privileges as disabled users.
05-09-2008 - 16:30 28-10-2002 - 00:00
CVE-2002-1157 7.5
Cross-site scripting vulnerability in the mod_ssl Apache module 2.8.9 and earlier, when UseCanonicalName is off and wildcard DNS is enabled, allows remote attackers to execute script as other web site visitors, via the server name in an HTTPS respons
05-09-2008 - 16:29 04-11-2002 - 00:00
CVE-2002-1132 5.0
SquirrelMail 1.2.7 and earlier allows remote attackers to determine the absolute pathname of the options.php script via a malformed optpage file argument, which generates an error message when the file cannot be included in the script.
05-09-2008 - 16:29 04-10-2002 - 00:00
CVE-2002-1131 7.5
Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and earlier allows remote attackers to execute script as other web users via (1) addressbook.php, (2) options.php, (3) search.php, or (4) help.php.
05-09-2008 - 16:29 04-10-2002 - 00:00
CVE-2002-1124 7.2
Multiple buffer overflows in purity 1-16 allow local users to gain privileges and modify high scores tables.
05-09-2008 - 16:29 24-09-2002 - 00:00
CVE-2002-1050 7.5
Buffer overflow in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long line of image data.
05-09-2008 - 16:29 04-10-2002 - 00:00
CVE-2002-1049 5.0
Format string vulnerability in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service (crash) via the TSI data element.
05-09-2008 - 16:29 04-10-2002 - 00:00
CVE-2002-0983 5.0
IRC client irssi in irssi-text before 0.8.4 allows remote attackers to cause a denial of service (crash) via an IRC channel that has a long topic followed by a certain string, possibly triggering a buffer overflow.
05-09-2008 - 16:29 24-09-2002 - 00:00
CVE-2002-0912 5.0
in.uucpd UUCP server in Debian GNU/Linux 2.2, and possibly other operating systems, does not properly terminate long strings, which allows remote attackers to cause a denial of service, possibly due to a buffer overflow.
05-09-2008 - 16:29 04-10-2002 - 00:00
CVE-2002-0855 7.5
Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature.
05-09-2008 - 16:29 05-09-2002 - 00:00
CVE-2002-0738 7.5
MHonArc 2.5.2 and earlier does not properly filter Javascript from archived e-mail messages, which could allow remote attackers to execute script in web clients by (1) splitting the SCRIPT tag into smaller pieces, (2) including the script in a SRC ar
05-09-2008 - 16:28 12-08-2002 - 00:00
CVE-2002-0728 5.0
Buffer overflow in the progressive reader for libpng 1.2.x before 1.2.4, and 1.0.x before 1.0.14, allows attackers to cause a denial of service (crash) via a PNG data stream that has more IDAT data than indicated by the IHDR chunk.
05-09-2008 - 16:28 12-08-2002 - 00:00
CVE-2002-0688 7.5
ZCatalog plug-in index support capability for Zope 2.4.0 through 2.5.1 allows anonymous users and untrusted code to bypass access restrictions and call arbitrary methods of catalog indexes.
05-09-2008 - 16:28 23-07-2002 - 00:00
CVE-2002-0497 2.1
Buffer overflow in mtr 0.46 and earlier, when installed setuid root, allows local users to access a raw socket via a long MTR_OPTIONS environment variable.
05-09-2008 - 16:28 12-08-2002 - 00:00
CVE-2002-0467 10.0
Buffer overflows in Ecartis (formerly Listar) 1.0.0 before snapshot 20020125 allows remote attackers to execute arbitrary code via (1) address_match() of mystring.c or (2) other functions in tolist.c.
05-09-2008 - 16:28 12-08-2002 - 00:00
CVE-2002-0179 7.5
Buffer overflow in xpilot-server for XPilot 4.5.0 and earlier allows remote attackers to execute arbitrary code.
05-09-2008 - 16:27 22-04-2002 - 00:00
CVE-2002-0063 7.5
Buffer overflow in ippRead function of CUPS before 1.1.14 may allow attackers to execute arbitrary code via long attribute names or language values.
05-09-2008 - 16:27 08-03-2002 - 00:00
CVE-2002-0062 7.2
Buffer overflow in ncurses 5.0, and the ncurses4 compatibility package as used in Red Hat Linux, allows local users to gain privileges, related to "routines for moving the physical cursor and scrolling."
05-09-2008 - 16:27 08-03-2002 - 00:00
CVE-2002-0047 5.0
CIPE VPN package before 1.3.0-3 allows remote attackers to cause a denial of service (crash) via a short malformed packet.
05-09-2008 - 16:27 31-01-2002 - 00:00
CVE-2001-1561 7.2
Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long (1) -name and (2) -T arguments.
05-09-2008 - 16:26 31-12-2001 - 00:00
CVE-2001-1272 4.6
wmtv 0.6.5 and earlier does not properly drop privileges, which allows local users to execute arbitrary commands via the -e (external command) option.
05-09-2008 - 16:26 06-12-2001 - 00:00
CVE-2001-1162 10.0
Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file.
05-09-2008 - 16:25 23-06-2001 - 00:00
CVE-2001-1083 5.0
Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file streaming support enabled allows remote attackers to cause a denial of service (crash) via a URL that ends in . (dot), / (forward slash), or \ (backward slash).
05-09-2008 - 16:25 26-06-2001 - 00:00
CVE-2001-1035 7.5
Binary decoding feature of slrn 0.9 and earlier allows remote attackers to execute commands via shell scripts that are inserted into a news post.
05-09-2008 - 16:25 24-09-2001 - 00:00
CVE-2001-1034 7.2
Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for (1) faxrm or (2) faxalter.
05-09-2008 - 16:25 23-09-2001 - 00:00
CVE-2001-1022 7.5
Format string vulnerability in pic utility in groff 1.16.1 and other versions, and jgroff before 1.15, allows remote attackers to bypass the -S option and execute arbitrary commands via format string specifiers in the plot command.
05-09-2008 - 16:25 26-07-2001 - 00:00
CVE-2001-0977 5.0
slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field.
05-09-2008 - 16:25 16-07-2001 - 00:00
CVE-2001-0961 10.0
Buffer overflow in tab expansion capability of the most program allows local or remote attackers to execute arbitrary code via a malformed file that is viewed with most.
05-09-2008 - 16:25 18-09-2001 - 00:00
CVE-2001-0925 5.0
The default installation of Apache before 1.3.19 allows remote attackers to list directories instead of the multiview index.html file via an HTTP request for a path that contains many / (slash) characters, which causes the path to be mishandled by (1
05-09-2008 - 16:25 12-03-2001 - 00:00
CVE-2001-0905 6.2
Race condition in signal handling of procmail 3.20 and earlier, when running setuid, allows local users to cause a denial of service or gain root privileges by sending a signal while a signal handling routine is already running.
05-09-2008 - 16:25 18-10-2001 - 00:00
CVE-2001-0784 5.0
Directory traversal vulnerability in Icecast 1.3.10 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack using encoded URL characters.
05-09-2008 - 16:24 18-10-2001 - 00:00
CVE-2001-0735 7.2
Buffer overflow in cfingerd 1.4.3 and earlier with the ALLOW_LINE_PARSING option enabled allows local users to execute arbitrary code via a long line in the .nofinger file.
05-09-2008 - 16:24 18-10-2001 - 00:00
CVE-2001-0700 7.5
Buffer overflow in w3m 0.2.1 and earlier allows a remote attacker to execute arbitrary code via a long base64 encoded MIME header.
05-09-2008 - 16:24 20-09-2001 - 00:00
CVE-2001-0690 7.5
Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers.
05-09-2008 - 16:24 20-09-2001 - 00:00
CVE-2001-0623 4.6
sendfiled, as included with Simple Asynchronous File Transfer (SAFT), on various Linux systems does not properly drop privileges when sending notification emails, which allows local attackers to gain privileges.
05-09-2008 - 16:24 02-08-2001 - 00:00
CVE-2001-0569 2.1
Digital Creations Zope 2.3.1 b1 and earlier contains a problem in the method return values related to the classes (1) ObjectManager, (2) PropertyManager, and (3) PropertySheet.
05-09-2008 - 16:24 22-08-2001 - 00:00
CVE-2001-0568 2.1
Digital Creations Zope 2.3.1 b1 and earlier allows a local attacker (Zope user) with through-the-web scripting capabilities to alter ZClasses class attributes.
05-09-2008 - 16:24 22-08-2001 - 00:00
CVE-2001-0567 4.6
Digital Creations Zope 2.3.2 and earlier allows a local attacker to gain additional privileges via the changing of ZClass permission mappings for objects and methods in the ZClass.
05-09-2008 - 16:24 14-08-2001 - 00:00
CVE-2001-0554 10.0
Buffer overflow in BSD-based telnetd telnet daemon on various operating systems allows remote attackers to execute arbitrary commands via a set of options including AYT (Are You There), which is not properly handled by the telrcv function.
05-09-2008 - 16:24 14-08-2001 - 00:00
CVE-2001-0457 5.0
man2html before 1.5-22 allows remote attackers to cause a denial of service (memory exhaustion).
05-09-2008 - 16:24 27-06-2001 - 00:00
CVE-2001-0456 7.5
postinst installation script for Proftpd in Debian 2.2 does not properly change the "run as uid/gid root" configuration when the user enables anonymous access, which causes the server to run at a higher privilege than intended.
05-09-2008 - 16:24 27-06-2001 - 00:00
CVE-2001-0406 2.1
Samba before 2.2.0 allows local attackers to overwrite arbitrary files via a symlink attack using (1) a printer queue query, (2) the more command in smbclient, or (3) the mput command in smbclient.
05-09-2008 - 16:24 02-07-2001 - 00:00
CVE-2001-0387 7.2
Format string vulnerability in hfaxd in HylaFAX before 4.1.b2_2 allows local users to gain privileges via the -q command line argument.
05-09-2008 - 16:23 02-07-2001 - 00:00
CVE-2001-0301 10.0
Buffer overflow in Analog before 4.16 allows remote attackers to execute arbitrary commands by using the ALIAS command to construct large strings.
05-09-2008 - 16:23 03-05-2001 - 00:00
CVE-2001-0289 4.6
Joe text editor 2.8 searches the current working directory (CWD) for the .joerc configuration file, which could allow local users to gain privileges of other users by placing a Trojan Horse .joerc file into a directory, then waiting for users to exec
05-09-2008 - 16:23 03-05-2001 - 00:00
CVE-2001-0279 7.2
Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges.
05-09-2008 - 16:23 03-05-2001 - 00:00
CVE-2001-0235 2.1
Vulnerability in crontab allows local users to read crontab files of other users by replacing the temporary file that is being edited while crontab is running.
05-09-2008 - 16:23 26-03-2001 - 00:00
CVE-2001-0233 10.0
Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Description field.
05-09-2008 - 16:23 26-03-2001 - 00:00
CVE-2001-0197 10.0
Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands.
05-09-2008 - 16:23 26-03-2001 - 00:00
CVE-2001-0195 2.1
sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking.
05-09-2008 - 16:23 26-03-2001 - 00:00
CVE-2001-0169 2.1
When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library fro
05-09-2008 - 16:23 26-03-2001 - 00:00
CVE-2001-0136 5.0
Memory leak in ProFTPd 1.2.0rc2 allows remote attackers to cause a denial of service via a series of USER commands, and possibly SIZE commands if the server has been improperly installed.
05-09-2008 - 16:23 12-03-2001 - 00:00
CVE-2001-0110 7.2
Buffer overflow in jaZip Zip/Jaz drive manager allows local users to gain root privileges via a long DISPLAY environmental variable.
05-09-2008 - 16:23 12-03-2001 - 00:00
CVE-2000-1109 4.6
Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the co
05-09-2008 - 16:22 09-01-2001 - 00:00
CVE-1999-1562 4.6
gFTP FTP client 1.13, and other versions before 2.0.0, records a password in plaintext in (1) the log window, or (2) in a log file.
05-09-2008 - 16:19 05-09-1999 - 00:00
CVE-1999-0997 7.5
wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.
05-09-2008 - 16:18 20-12-1999 - 00:00
CVE-2004-0455 10.0
Buffer overflow in cgi.c in www-sql before 0.5.7 allows local users to execute arbitrary code via a web page that is processed by www-sql.
20-10-2005 - 00:00 06-12-2004 - 00:00
CVE-2003-0358 4.6
Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option.
20-10-2005 - 00:00 09-06-2003 - 00:00
Back to Top Mark selected
Back to Top