Max CVSS 10.0 Min CVSS 1.2 Total Count89
IDCVSSSummaryLast (major) updatePublished
CVE-2001-0414 10.0
Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument.
07-12-2016 - 21:59 18-06-2001 - 00:00
CVE-2003-0001 5.0
Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.
06-12-2016 - 21:59 17-01-2003 - 00:00
CVE-2004-0772 7.5
Double free vulnerabilities in error handling code in krb524d for MIT Kerberos 5 (krb5) 1.2.8 and earlier may allow remote attackers to execute arbitrary code.
17-10-2016 - 22:48 20-10-2004 - 00:00
CVE-2004-0764 10.0
Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to hijack the user interface via the "chrome" flag and XML User Interface Language (XUL) files.
17-10-2016 - 22:48 18-08-2004 - 00:00
CVE-2004-0763 5.0
Mozilla Firefox 0.9.1 and 0.9.2 allows remote web sites to spoof certificates of trusted web sites via redirects and Javascript that uses the "onunload" method.
17-10-2016 - 22:48 18-08-2004 - 00:00
CVE-2004-0762 5.0
Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote web sites to install arbitrary extensions by using interactive events to manipulate the XPInstall Security dialog box.
17-10-2016 - 22:48 18-08-2004 - 00:00
CVE-2004-0761 5.0
Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, allow remote attackers to use certain redirect sequences to spoof the security lock icon that makes a web page appear to be encrypted.
17-10-2016 - 22:48 18-08-2004 - 00:00
CVE-2004-0760 6.4
Mozilla allows remote attackers to cause Mozilla to open a URI as a different MIME type than expected via a null character (%00) in an FTP URI.
17-10-2016 - 22:48 18-08-2004 - 00:00
CVE-2004-0758 5.0
Mozilla 1.5 through 1.7 allows a CA certificate to be imported even when their DN is the same as that of the built-in CA root certificate, which allows remote attackers to cause a denial of service to SSL pages because the malicious certificate is tr
17-10-2016 - 22:48 18-08-2004 - 00:00
CVE-2004-0757 10.0
Heap-based buffer overflow in the SendUidl in the POP3 capability for Mozilla before 1.7, Firefox before 0.9, and Thunderbird before 0.7, may allow remote POP3 mail servers to execute arbitrary code.
17-10-2016 - 22:48 18-08-2004 - 00:00
CVE-2004-0718 7.5
The (1) Mozilla 1.6, (2) Firebird 0.7, (3) Firefox 0.8, and (4) Netscape 7.1 web browsers do not properly prevent a frame in one domain from injecting content into a frame that belongs to another domain, which facilitates web site spoofing and other
17-10-2016 - 22:48 27-07-2004 - 00:00
CVE-2004-0644 5.0
The asn1buf_skiptail function in the ASN.1 decoder library for MIT Kerberos 5 (krb5) 1.2.2 through 1.3.4 allows remote attackers to cause a denial of service (infinite loop) via a certain BER encoding.
17-10-2016 - 22:47 28-09-2004 - 00:00
CVE-2004-0643 4.6
Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code.
17-10-2016 - 22:47 28-09-2004 - 00:00
CVE-2004-0642 7.5
Double free vulnerabilities in the error handling code for ASN.1 decoders in the (1) Key Distribution Center (KDC) library and (2) client library for MIT Kerberos 5 (krb5) 1.3.4 and earlier may allow remote attackers to execute arbitrary code.
17-10-2016 - 22:47 28-09-2004 - 00:00
CVE-2004-0599 5.0
Multiple integer overflows in the (1) png_read_png in pngread.c or (2) png_handle_sPLT functions in pngrutil.c or (3) progressive display image reading capability in libpng 1.2.5 and earlier allow remote attackers to cause a denial of service (applic
17-10-2016 - 22:46 23-11-2004 - 00:00
CVE-2004-0598 5.0
The png_handle_iCCP function in libpng 1.2.5 and earlier allows remote attackers to cause a denial of service (application crash) via a certain PNG image that triggers a null dereference.
17-10-2016 - 22:46 23-11-2004 - 00:00
CVE-2004-0597 10.0
Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transpar
17-10-2016 - 22:46 23-11-2004 - 00:00
CVE-2004-0523 10.0
Multiple buffer overflows in krb5_aname_to_localname for MIT Kerberos 5 (krb5) 1.3.3 and earlier allow remote attackers to execute arbitrary code as root.
17-10-2016 - 22:45 18-08-2004 - 00:00
CVE-2004-0492 10.0
Heap-based buffer overflow in proxy_util.c for mod_proxy in Apache 1.3.25 to 1.3.31 allows remote attackers to cause a denial of service (process crash) and possibly execute arbitrary code via a negative Content-Length HTTP header field, which causes
17-10-2016 - 22:45 06-08-2004 - 00:00
CVE-2004-0174 5.0
Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on certain platforms, allows remote attackers to cause a denial of service (blocked new connections) via a "short-lived connection on a rarely-accessed listeni
17-10-2016 - 22:41 04-05-2004 - 00:00
CVE-2004-0079 5.0
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.
17-10-2016 - 22:40 23-11-2004 - 00:00
CVE-2003-0993 7.5
mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit platforms, does not properly parse Allow/Deny rules using IP addresses without a netmask, which could allow remote attackers to bypass intended access restrictions.
17-10-2016 - 22:38 29-03-2004 - 00:00
CVE-2003-0987 7.5
mod_digest for Apache before 1.3.31 does not properly verify the nonce of a client response by using a AuthNonce secret.
17-10-2016 - 22:38 03-03-2004 - 00:00
CVE-2003-0722 10.0
The default installation of sadmind on Solaris uses weak authentication (AUTH_SYS), which allows local and remote attackers to spoof Solstice AdminSuite clients and gain root privileges via a certain sequence of RPC packets.
17-10-2016 - 22:36 22-09-2003 - 00:00
CVE-2003-0694 10.0
The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c.
17-10-2016 - 22:36 06-10-2003 - 00:00
CVE-2003-0693 10.0
A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CV
17-10-2016 - 22:36 22-09-2003 - 00:00
CVE-2003-0681 7.5
A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences.
17-10-2016 - 22:36 06-10-2003 - 00:00
CVE-2003-0609 7.2
Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable.
17-10-2016 - 22:35 27-08-2003 - 00:00
CVE-2003-0542 7.2
Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9
17-10-2016 - 22:35 03-11-2003 - 00:00
CVE-2003-0466 10.0
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to tr
17-10-2016 - 22:34 27-08-2003 - 00:00
CVE-2003-0201 10.0
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
17-10-2016 - 22:30 05-05-2003 - 00:00
CVE-2003-0027 5.0
Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure.
17-10-2016 - 22:28 07-02-2003 - 00:00
CVE-2003-0020 5.0
Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.
17-10-2016 - 22:28 18-03-2003 - 00:00
CVE-2002-1337 10.0
Buffer overflow in Sendmail 5.79 to 8.12.7 allows remote attackers to execute arbitrary code via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function of headers.c.
17-10-2016 - 22:26 07-03-2003 - 00:00
CVE-2002-1318 10.0
Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to
17-10-2016 - 22:25 11-12-2002 - 00:00
CVE-2002-1317 7.5
Buffer overflow in Dispatch() routine for XFS font server (fs.auto) on Solaris 2.5.1 through 9 allows remote attackers to cause a denial of service (crash) or execute arbitrary code via a certain XFS query.
17-10-2016 - 22:25 11-12-2002 - 00:00
CVE-2002-1296 7.2
Directory traversal vulnerability in priocntl system call in Solaris does allows local users to execute arbitrary code via ".." sequences in the pc_clname field of a pcinfo_t structure, which cause priocntl to load a malicious kernel module.
17-10-2016 - 22:25 23-12-2002 - 00:00
CVE-2002-1221 5.0
BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference.
17-10-2016 - 22:24 29-11-2002 - 00:00
CVE-2002-1220 5.0
BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size.
17-10-2016 - 22:24 29-11-2002 - 00:00
CVE-2002-1219 7.5
Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR).
17-10-2016 - 22:24 29-11-2002 - 00:00
CVE-2002-1199 5.0
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments.
17-10-2016 - 22:24 28-10-2002 - 00:00
CVE-2002-0678 7.2
CDE ToolTalk database server (ttdbserver) allows local users to overwrite arbitrary files via a symlink attack on the transaction log file used by the _TT_TRANSACTION RPC procedure.
17-10-2016 - 22:21 23-07-2002 - 00:00
CVE-2002-0677 7.5
CDE ToolTalk database server (ttdbserver) allows remote attackers to overwrite arbitrary memory locations with a zero, and possibly gain privileges, via a file descriptor argument in an AUTH_UNIX procedure call, which is used as a table index by the
17-10-2016 - 22:21 23-07-2002 - 00:00
CVE-2002-0651 7.5
Buffer overflow in the DNS resolver code used in libc, glibc, and libbind, as derived from ISC BIND, allows remote malicious DNS servers to cause a denial of service and possibly execute arbitrary code via the stub resolvers.
17-10-2016 - 22:21 03-07-2002 - 00:00
CVE-2002-0391 10.0
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array
17-10-2016 - 22:20 12-08-2002 - 00:00
CVE-2001-0797 10.0
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
17-10-2016 - 22:11 12-12-2001 - 00:00
CVE-2000-1134 7.2
Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, follow symlinks when processing << redirects (aka here-documents or in-here documents), which allows local users to overwrite files of other users via
17-10-2016 - 22:08 09-01-2001 - 00:00
CVE-2004-1354 5.0
The Solaris Management Console (SMC) in Sun Solaris 8 and 9 generates different 404 error messages when a file does not exist versus when a file exists but is otherwise inaccessible, which could allow remote attackers to obtain sensitive information
19-09-2016 - 23:54 14-05-2004 - 00:00
CVE-2003-0545 10.0
Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 encoding.
07-03-2011 - 21:12 17-11-2003 - 00:00
CVE-2003-0544 5.0
OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characters in certain ASN.1 inputs, which allows remote attackers to cause a denial of service (crash) via an SSL client certificate that causes OpenSSL to read past the end of a buffer wh
07-03-2011 - 21:12 17-11-2003 - 00:00
CVE-2003-0543 5.0
Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag values.
07-03-2011 - 21:12 17-11-2003 - 00:00
CVE-2004-1345 7.2
Unknown vulnerability in Sun StorEdge Enterprise Storage Manager (ESM) 2.1 for Solaris 8 and Solaris 9 allows local users with the "ESMUser" role to gain root access.
21-08-2010 - 00:22 21-06-2004 - 00:00
CVE-2004-0722 10.0
Integer overflow in the SOAPParameter object constructor in (1) Netscape version 7.0 and 7.1 and (2) Mozilla 1.6, and possibly earlier versions, allows remote attackers to execute arbitrary code.
21-08-2010 - 00:21 18-08-2004 - 00:00
CVE-2004-1360 2.1
Unknown vulnerability in conv_fix in Sun Solaris 7 through 9, when invoked by conv_lpd, allows local users to overwrite arbitrary files.
10-09-2008 - 15:29 27-02-2004 - 00:00
CVE-2004-1359 4.6
Multiple buffer overflows in uucp for Sun Solaris 2.6, 7, 8, and 9 allow local users to execute arbitrary code as the uucp user.
10-09-2008 - 15:29 04-03-2004 - 00:00
CVE-2004-1358 5.0
The patches (1) 114332-08 and (2) 114929-06 for Sun Solaris 9 disable the auditing functionality of the Basic Security Module (BSM), which allows attackers to avoid having their activity logged.
10-09-2008 - 15:29 12-03-2004 - 00:00
CVE-2004-1357 5.0
The Secure Shell (SSH) Daemon (SSHD) in Sun Solaris 9 does not properly log IP addresses when SSHD is configured with the ListenAddress as 0.0.0.0, which makes it easier for remote attackers to hide the source of their activities.
10-09-2008 - 15:29 07-04-2004 - 00:00
CVE-2004-1356 2.1
Unknown vulnerability in the sendfilev function in Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors.
10-09-2008 - 15:29 23-04-2004 - 00:00
CVE-2004-1355 2.1
Unknown vulnerability in the TCP/IP stack for Sun Solaris 8 and 9 allows local users to cause a denial of service (system panic) via unknown vectors.
10-09-2008 - 15:29 26-04-2004 - 00:00
CVE-2004-1353 7.2
Unknown vulnerability in LDAP on Sun Solaris 8 and 9, when using Role Based Access Control (RBAC), allows local users to execute certain commands with additional privileges.
10-09-2008 - 15:29 19-10-2004 - 00:00
CVE-2004-1352 7.2
Buffer overflow in the ping daemon of Sun Solaris 7 through 9 may allow local users to execute arbitrary code.
10-09-2008 - 15:29 01-12-2004 - 00:00
CVE-2004-1351 10.0
Unknown vulnerability in the rwho daemon (in.rwhod) for Solaris 7 through 9 allows remote attackers to execute arbitrary code.
10-09-2008 - 15:29 07-12-2004 - 00:00
CVE-2004-1349 2.1
gzip before 1.3 in Solaris 8, when called with the -f or -force flags, will change the permissions of files that are hard linked to the target files, which allows local users to view or modify these files.
10-09-2008 - 15:29 04-10-2004 - 00:00
CVE-2004-1348 5.0
Unknown vulnerability in in.named on Solaris 8 allows remote attackers to cause a denial of service (process crash).
10-09-2008 - 15:29 06-09-2004 - 00:00
CVE-2004-1346 2.1
The Sun Solaris Volume Manager (SVM) on Solaris 9 allows local users to cause a denial of service (kernel panic) via a malformed probe request to the SVM.
10-09-2008 - 15:29 19-06-2004 - 00:00
CVE-2004-0800 4.6
Format string vulnerability in CDE Mailer (dtmail) on Solaris 8 and 9 allows local users to gain privileges via format strings in the argv[0] value.
10-09-2008 - 15:27 24-08-2004 - 00:00
CVE-2004-0654 2.1
Unknown vulnerability in the Basic Security Module (BSM), when configured to audit either the Administrative (ad) or the System-Wide Administration (as) audit class in Solaris 7, 8, and 9, allows local users to cause a denial of service (kernel panic
10-09-2008 - 15:27 06-08-2004 - 00:00
CVE-2004-0653 2.1
Solaris 9, when configured as a Kerberos client with patch 112908-12 or 115168-03 and using pam_krb5 as an "auth" module with the debug feature enabled, records passwords in plaintext, which could allow local users to gain other user's passwords by r
10-09-2008 - 15:27 06-08-2004 - 00:00
CVE-2004-0368 10.0
Double free vulnerability in dtlogin in CDE on Solaris, HP-UX, and other operating systems allows remote attackers to execute arbitrary code via a crafted XDMCP packet.
10-09-2008 - 15:25 04-05-2004 - 00:00
CVE-2003-1024 7.2
Unknown vulnerability in the ls-F builtin function in tcsh on Solaris 8 allows local users to create or delete files as other users, and gain privileges.
10-09-2008 - 15:21 20-01-2004 - 00:00
CVE-2003-0999 7.2
Unknown multiple vulnerabilities in (1) lpstat and (2) the libprint library in Solaris 2.6 through 9 may allow attackers to execute arbitrary code or read or write arbitrary files.
10-09-2008 - 15:21 05-01-2004 - 00:00
CVE-2003-0834 7.2
Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME.
10-09-2008 - 15:20 01-12-2003 - 00:00
CVE-2003-0669 1.2
Unknown vulnerability in Solaris 2.6 through 9 causes a denial of service (system panic) via "a rare race condition" or an attack by local users.
10-09-2008 - 15:20 27-08-2003 - 00:00
CVE-2003-0092 7.2
Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to gain root privileges via a long HOME environment variable.
10-09-2008 - 15:17 02-04-2003 - 00:00
CVE-2003-0091 7.2
Stack-based buffer overflow in the bsd_queue() function for lpq on Solaris 2.6 and 7 allows local users to gain root privilege.
10-09-2008 - 15:17 02-04-2003 - 00:00
CVE-2003-0082 5.0
The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes the KDC to corrupt its hea
10-09-2008 - 15:17 02-04-2003 - 00:00
CVE-2002-0906 7.5
Buffer overflow in Sendmail before 8.12.5, when configured to use a custom DNS map to query TXT records, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malicious DNS server.
10-09-2008 - 15:13 04-10-2002 - 00:00
CVE-2002-0085 5.0
cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a denial of service (crash) via an invalid procedure call in an RPC request.
10-09-2008 - 15:11 15-03-2002 - 00:00
CVE-2002-0084 7.2
Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument.
10-09-2008 - 15:11 15-03-2002 - 00:00
CVE-2002-0012 10.0
Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1 test suite. NOTE: It is highly likely that this candi
10-09-2008 - 15:11 13-02-2002 - 00:00
CVE-2003-0914 4.3
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.
10-09-2008 - 00:00 15-12-2003 - 00:00
CVE-1999-0693 7.2
Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges.
09-09-2008 - 08:35 02-03-2000 - 00:00
CVE-1999-0691 7.2
Buffer overflow in the AddSuLog function of the CDE dtaction utility allows local users to gain root privileges via a long user name.
09-09-2008 - 08:35 13-09-1999 - 00:00
CVE-1999-0689 7.2
The CDE dtspcd daemon allows local users to execute arbitrary commands via a symlink attack.
09-09-2008 - 08:35 13-09-1999 - 00:00
CVE-2003-0058 5.0
MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference.
05-09-2008 - 16:33 19-02-2003 - 00:00
CVE-2002-1265 5.0
The Sun RPC functionality in multiple libc implementations does not provide a time-out mechanism when reading data from TCP connections, which allows remote attackers to cause a denial of service (hang).
05-09-2008 - 16:30 12-11-2002 - 00:00
CVE-2002-0033 10.0
Heap-based buffer overflow in cfsd_calloc function of Solaris cachefsd allows remote attackers to execute arbitrary code via a request with a long directory and cache name.
05-09-2008 - 16:27 29-05-2002 - 00:00
CVE-2001-1328 7.5
Buffer overflow in ypbind daemon in Solaris 5.4 through 8 allows remote attackers to execute arbitrary code.
05-09-2008 - 16:26 22-06-2001 - 00:00
CVE-2001-0422 7.2
Buffer overflow in Xsun in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental variable.
05-09-2008 - 16:24 02-07-2001 - 00:00
Back to Top Mark selected
Back to Top