Unknown · CVSS Not scored
Windows NT 4.0 SP 6a allows a local user with write access to winnt/system32 to cause a denial of service (crash in lsass.exe) by running the NT4ALL exploit program in 'SPECIAL' mode.
Published Mar 15, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
SonicWALL SOHO uses easily predictable TCP sequence numbers, which allows remote attackers to spoof or hijack sessions.
Published Mar 15, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable.
Published Mar 15, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
EFTP 2.0.7.337 stores user passwords in plaintext in the eftp2users.dat file.
Published Mar 15, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
NetOp School 1.5 allows local users to bypass access restrictions on the administration version by logging into the student version, closing the student version, then starting the administration version.
Published Mar 15, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b through 4.1 SP2 does not check for the existence of '.log' files when saving files, which allows (1) remote authenticated users to overwrite arbitrary files ending in '.log', or (2) local users to overwrite arbitrary files via a symlink attack.
Published Mar 15, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in EFTP 2.0.7.337 allows remote authenticated users to reveal directory contents via a .. (dot dot) in the (1) LIST, (2) QUOTE SIZE, and (3) QUOTE MDTM commands.
Published Mar 15, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
book.cgi in NetCode NC Book 0.2b allows remote attackers to execute arbitrary commands via shell metacharacters in the "current" parameter.
Published Mar 15, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches session IDs from failed login attempts, which could allow remote attackers to bypass SSL client authentication and gain access to sensitive data by logging in after an initial failure.
Published Mar 15, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in EFTP 2.0.7.337 allows remote attackers to execute arbitrary code by uploading a .lnk file containing a large number of characters.
Published Mar 15, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The default configuration of the config.http.tunnel.allow_ports option on NetCache devices is set to +all, which allows remote attackers to connect to arbitrary ports on remote systems behind the device.
Published Mar 15, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable.
Published Mar 15, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
EFTP 2.0.7.337 allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection.
Published Mar 15, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using gettimeofday() when compiled with the HasXdmXauth option, which allows remote attackers to gain unauthorized access to the X display via a brute force attack.
Published Mar 15, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets.
Published Mar 15, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in msgchk in Digital UNIX 4.0G and earlier allows local users to execute arbitrary code via a long command line argument.
Published Mar 15, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
nss_postgresql 0.6.1 and before allows a remote attacker to execute arbitrary SQL queries by inserting SQL code into an HTTP request.
Published Mar 15, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in AOLserver 3.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via an HTTP request with a long Authorization header.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cisco SN 5420 Storage Router 1.1(3) and earlier allows local users to access a developer's shell without a password and execute certain restricted commands without being logged.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
IRC DCC helper in the ip_masq_irc IP masquerading module 2.2 allows remote attackers to bypass intended firewall restrictions by causing the target system to send a "DCC SEND" request to a malicious server which listens on port 6667, which may cause the module to believe that the traffic is a valid request and allow the connection to the port specified in the DCC SEND request.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
PHPAdsNew PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Phorecast PHP script before 0.40 allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cisco SN 5420 Storage Router 1.1(3) and earlier allows remote attackers to cause a denial of service (reboot) via a series of connections to TCP port 8023.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Binary decoding feature of slrn 0.9 and earlier allows remote attackers to execute commands via shell scripts that are inserted into a news post.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
AWOL PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
rmuser utility in FreeBSD 4.2 and 4.3 creates a copy of the master.passwd file with world-readable permissions while updating the original file, which could allow local users to gain privileges by reading the copied file while rmuser is running, obtain the password hashes, and crack the passwords.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
edit_image.php in Vibechild Directory Manager before 0.91 allows remote attackers to execute arbitrary commands via shell metacharacters in the userfile_name parameter, which is sent unfiltered to the PHP passthru function.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
PGP Corporate Desktop before 7.1, Personal Security before 7.0.3, Freeware before 7.0.3, and E-Business Server before 7.1 does not properly display when invalid userID's are used to sign a message, which could allow an attacker to make the user believe that the document has been signed by a trusted third party by adding a second, invalid user ID to a key which has already been signed by the third party, aka the "PGPsdk Key Validity Vulnerability."
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
glFTPD 1.23 allows remote attackers to cause a denial of service (CPU consumption) via a LIST command with an argument that contains a large number of * (asterisk) characters.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Lotus Domino 5.0.5 and 5.0.8, and possibly other versions, allows remote attackers to cause a denial of service (block access to databases that have not been previously accessed) via a URL that includes the . (dot) directory.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
index2.php in Mambo Site Server 3.0.0 through 3.0.5 allows remote attackers to gain Mambo administrator privileges by setting the PHPSESSID parameter and providing the appropriate administrator information in other parameters.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
BSCW groupware system 3.3 through 4.0.2 beta allows remote attackers to read or modify arbitrary files by uploading and extracting a tar file with a symlink into the data-bag space.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
IBM HACMP 4.4 allows remote attackers to cause a denial of service via a completed TCP connection to HACMP ports (e.g., using a port scan) that does not send additional data, which causes a failure in snmpd.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
6tunnel 0.08 and earlier does not properly close sockets that were initiated by a client, which allows remote attackers to cause a denial of service (resource exhaustion) by repeatedly connecting to and disconnecting from the server.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in SpoonFTP 1.1 allows local and sometimes remote attackers to access files outside of the FTP root via a ... (modified dot dot) in the CD (CWD) command.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in pagecount CGI script in Sambar Server before 5.0 beta 5 allows remote attackers to overwrite arbitrary files via a .. (dot dot) attack on the page parameter.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
PHProjekt before 2.4a allows remote attackers to perform actions as other PHProjekt users by modifying the ID number in an HTTP request to PHProjekt CGI programs.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
docview before 1.0-15 allows remote attackers to execute arbitrary commands via shell metacharacters that are processed when converting a man page to a web page.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
ipfw in FreeBSD does not properly handle the use of "me" in its rules when point to point interfaces are used, which causes ipfw to allow connections from arbitrary remote hosts.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
sendmsg function in NetBSD 1.3 through 1.5 allows local users to cause a denial of service (kernel trap or panic) via a msghdr structure with a large msg_controllen length.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cross-site scripting vulnerability in CGIWrap before 3.7 allows remote attackers to execute arbitrary Javascript on other web clients by causing the Javascript to be inserted into error messages that are generated by CGIWrap.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in IBM Tivoli WebSEAL Policy Director 3.01 through 3.7.1 allows remote attackers to read arbitrary files or directories via encoded .. (dot dot) sequences containing "%2e" strings.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
A configuration error in the libdb1 package in OpenLinux 3.1 uses insecure versions of the snprintf and vsnprintf functions, which could allow local or remote users to exploit those functions with a buffer overflow.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Internet Explorer 5.5 and 6.0 allows remote attackers to cause the File Download dialogue box to misrepresent the name of the file in the dialogue in a way that could fool users into thinking that the file type is safe to download.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
A buffer overflow in Linux fetchmail before 5.8.6 allows remote attackers to execute arbitrary code via a large 'To:' field in an email header.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in PerlIS.dll in Activestate ActivePerl 5.6.1.629 and earlier allows remote attackers to execute arbitrary code via an HTTP request for a long filename that ends in a .pl extension.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Squid proxy server 2.4 and earlier allows remote attackers to cause a denial of service (crash) via a mkdir-only FTP PUT request.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Universal Plug and Play (UPnP) on Windows 98, 98SE, ME, and XP allows remote attackers to cause a denial of service via (1) a spoofed SSDP advertisement that causes the client to connect to a service on another machine that generates a large amount of traffic (e.g., chargen), or (2) via a spoofed SSDP announcement to broadcast or multicast addresses, which could cause all UPnP clients to send traffic to a single target system.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cisco 12000 with IOS 12.0 and lines card based on Engine 2 does not properly handle an outbound ACL when an input ACL is not configured on all the interfaces of a multi port line card, which could allow remote attackers to bypass the intended access controls.
Published Mar 9, 2002 · Updated Aug 8, 2024