Unknown · CVSS Not scored
code.php3 in Phorum 3.0.7 allows remote attackers to read arbitrary files in the phorum directory via the query string.
Published Jul 14, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
quikstore.cgi in Quikstore Shopping Cart allows remote attackers to execute arbitrary commands via shell metacharacters in the URL portion of an HTTP GET request.
Published Apr 21, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
upgrade.php3 in Phorum 3.0.7 could allow remote attackers to modify certain Phorum database tables via an unknown method.
Published Jul 14, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allow remote attackers to bypass intended restrictions on anonymous access via unknown vectors.
Published Apr 5, 2010 · Updated Sep 17, 2024
Unknown · CVSS Not scored
The default configurations of (1) the port listener and (2) modplsql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allow remote attackers to view privileged database information via HTTP requests for Database Access Descriptor (DAD) files.
Published Jul 14, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not handle all types of integer overflows, which may leave applications vulnerable to vulnerabilities related to overflows.
Published Apr 21, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Snort 1.6, when running in straight ASCII packet logging mode or IDS mode with straight decoded ASCII packet logging selected, allows remote attackers to cause a denial of service (crash) by sending non-IP protocols that Snort does not know about, as demonstrated by an nmap protocol scan.
Published Jun 21, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause a denial of service (unavailable connections) by sending multiple SMB SMBnegprots requests but not reading the response that is sent back.
Published Jun 28, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
violation.php3 in Phorum 3.0.7 allows remote attackers to send e-mails to arbitrary addresses and possibly use Phorum as a "spam proxy" by setting the Mod and ForumName parameters.
Published Jul 14, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
The HTTP service in American Power Conversion (APC) PowerChute uses a default username and password, which allows remote attackers to gain system access.
Published Dec 10, 2006 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Backdoor in auth.php3 in Phorum 3.0.7 allows remote attackers to access restricted web pages via an HTTP request with the PHP_AUTH_USER parameter set to "boogieman".
Published Jul 14, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
The POP3 server in FTGate returns an -ERR code after receiving an invalid USER request, which makes it easier for remote attackers to determine valid usernames and conduct brute force password guessing.
Published Jul 14, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in Phorum 3.0.7 allows remote Phorum administrators to read arbitrary files via ".." (dot dot) sequences in the default .langfile name field in the Master Settings administrative function, which causes the file to be displayed in admin.php3.
Published Jul 14, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Computer Associates InoculateIT Agent for Exchange Server does not recognize an e-mail virus attachment if the SMTP header is missing the "From" field, which allows remote attackers to bypass virus protection.
Published Oct 18, 2007 · Updated Sep 16, 2024
Unknown · CVSS Not scored
NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allows remote authenticated users to cause a denial of service (abend) by sending an RNTO command after a failed RNFR command.
Published Apr 5, 2010 · Updated Sep 16, 2024
Unknown · CVSS Not scored
The default configuration of the jserv-status handler in jserv.conf in Apache JServ 1.1.2 includes an "allow from 127.0.0.1" line, which allows local users to discover JDBC passwords or other sensitive information via a direct request to the jserv/ URI.
Published Oct 5, 2011 · Updated Aug 8, 2024
Unknown · CVSS Not scored
crypto/rsa/rsa_gen.c in OpenSSL before 0.9.6 mishandles C bitwise-shift operations that exceed the size of an expression, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging improper RSA key generation on 64-bit HP-UX platforms.
Published May 5, 2016 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Privacy leak in Dansie Shopping Cart 3.04, and probably earlier versions, sends sensitive information such as user credentials to an e-mail address controlled by the product developers.
Published Jun 6, 2007 · Updated Aug 8, 2024
Unknown · CVSS Not scored
telnet daemon (telnetd) from the Linux netkit package before netkit-telnet-0.16 allows remote attackers to bypass authentication when telnetd is running with the -L command line option.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
BEA Systems WebLogic Express and WebLogic Server 5.1 SP1-SP6 allows remote attackers to bypass access controls for restricted JSP or servlet pages via a URL with multiple / (forward slash) characters before the restricted pages.
Published Nov 16, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Caucho Technology Resin 1.2 and possibly earlier allows remote attackers to view JSP source via an HTTP request to a .jsp file with certain characters appended to the file name, such as (1) "..", (2) "%2e..", (3) "%81", (4) "%82", and others.
Published May 19, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Microsys CyberPatrol uses weak encryption (trivial encoding) for credit card numbers and uses no encryption for the remainder of the information during registration, which could allow attackers to sniff network traffic and obtain this sensitive information.
Published Dec 19, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3.7.1 sets http_disable to zero at install time, which allows remote authenticated users to bypass file permissions on Tivoli Endpoint Configuration data files via an unspecified manipulation of log files.
Published Mar 15, 2006 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in phf CGI program allows remote attackers to execute arbitrary commands by specifying a large number of arguments and including a long MIME header.
Published Dec 19, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unspecified vulnerability in siteman.php3 in AnyPortal(php) before 22 APR 00 allows remote attackers to obtain sensitive information via unknown attack vectors, which reveal the absolute path. NOTE: the provenance of this information is unknown; the details are obtained from third party information.
Published Mar 23, 2006 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in enq command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands via a long -M argument.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Xitami 2.5b installs the testcgi.exe program by default in the cgi-bin directory, which allows remote attackers to gain sensitive configuration information about the web server by accessing the program.
Published Jun 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unspecified vulnerability in Haakon Nilsen simple, integrated publishing system (SIPS) before 0.2.4 has an unknown impact and attack vectors, related to a "grave security fault."
Published Sep 13, 2006 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in setclock command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands via a long argument.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Microsoft Windows 2000 before Service Pack 2 (SP2), when running in a non-Windows 2000 domain and using NTLM authentication, and when credentials of an account are locally cached, allows local users to bypass account lockout policies and make an unlimited number of login attempts, aka the "Domain Account Lockout" vulnerability.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The default configuration of Lotus Domino server 5.0.8 includes system information (version, operating system, and build date) in the HTTP headers of replies, which allows remote attackers to obtain sensitive information.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in BTT Software SNMP Trap Watcher 1.16 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string trap.
Published Sep 12, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
SQL injection vulnerability in mod_sql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the query string of the URL.
Published Jul 14, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
document.d2w CGI program in the IBM Net.Data db2www package allows remote attackers to determine the physical path of the web server by sending a nonexistent command to the program.
Published Dec 19, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activities.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in YaBB search.pl CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "catsearch" form field.
Published Dec 19, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Phorum 3.0.7 allows remote attackers to change the administrator password without authentication via an HTTP request for admin.php3 that sets step, option, confirm and newPssword variables.
Published Jul 14, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Performance Metrics Collector Daemon (PMCD) in Performance Copilot in IRIX 6.x allows remote attackers to cause a denial of service (resource exhaustion) via an extremely long string to the PMCD port.
Published Jun 25, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cross site scripting vulnerabilities in Apache 1.3.0 through 1.3.11 allow remote attackers to execute script as other web site visitors via (1) the printenv CGI (printenv.pl), which does not encode its output, (2) pages generated by the ap_send_error_response function such as a default 404, which does not add an explicit charset, or (3) various messages that are generated by certain Apache modules or core code. NOTE: the printenv issue might still exist for web browsers that can render text/plain content types as HTML, such as Internet Explorer, but CVE regards this as a design limitation of those browsers, not Apache. The printenv.pl/acuparam vector, discloser on 20070724, is one such variant.
Published Aug 31, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
ghostscript before 5.10-16 allows local users to overwrite files of other users via a symlink attack.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Lotus Domino SMTP server 4.63 through 5.08 allows remote attackers to cause a denial of service (CPU consumption) by forging an email message with the sender as bounce@[127.0.0.1] (localhost), which causes Domino to enter a mail loop.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
qpopper POP server creates lock files with predictable names, which allows local users to cause a denial of service for other users (lack of mail access) by creating lock files for other mail boxes.
Published Sep 12, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Balabit syslog-ng allows remote attackers to cause a denial of service (application crash) via a malformed log message that does not have a closing > in the priority specifier.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
WinVNC installs the WinVNC3 registry key with permissions that give Special Access (read and modify) to the Everybody group, which allows users to read and modify sensitive information such as passwords and gain access to the system.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
NAI Sniffer Agent uses base64 encoding for authentication, which allows attackers to sniff the network and easily decrypt usernames and passwords.
Published Dec 19, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in portmir for AIX 4.3.0 allows local users to corrupt lock files and gain root privileges via the echo_error routine.
Published Apr 21, 2005 · Updated Aug 8, 2024