Unknown · CVSS Not scored
SurfControl SuperScout only filters packets containing both an HTTP GET request and a Host header, which allows local users to bypass filtering by fragmenting packets so that no packet contains both data elements.
Published Apr 21, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
NWFTPD.nlm before 5.01w in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via an anonymous STOU command.
Published Apr 5, 2010 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Magic eDeveloper Enterprise Edition 8.30-5 and earlier allows local users to overwrite arbitrary files and possibly execute code via a symlink attack on temporary files created by the (1) mkuserproc, (2) mgrnt, and (3) mgdatasrvr.sc scripts.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in login for AIX 5.1L, when using loadable authentication modules, allows remote attackers to gain access to the system.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The IDEA cipher as implemented by SSH1 does not protect the final block of a message against modification, which allows remote attackers to modify the block without detection by changing its cyclic redundancy check (CRC) to match the modifications to the message.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in VisualAge for Java 3.5 Professional allows remote attackers to execute JavaScript on other clients via the URL, which injects the script in the resulting error message.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the text editor functionality in HP-UX 10.01 through 11.04 on HP9000 Series 700 and Series 800 allows local users to cause a denial of service ("system availability") via text editors such as (1) e, (2) ex, (3) vi, (4) edit, (5) view, and (6) vedit.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, seeds its random number generator with its process ID, which limits the space of possible seeds and makes it easier for attackers to conduct brute force password attacks.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The remote administration client for RhinoSoft Serv-U 3.0 sends the user password in plaintext even when S/KEY One-Time Password (OTP) authentication is enabled, which allows remote attackers to sniff passwords.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
easyScripts easyNews 1.5 allows remote attackers to obtain the full path of the web root via a view request with a non-integer news message id field, which leaks the path in a PHP error message when the script times out.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in CrazyWWWBoard 2000p4 and 2000LEp5 allows remote attackers to execute arbitrary code via a long HTTP_USER_AGENT CGI environment variable.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Memory leak in the SNMP LAN Manager (LANMAN) MIB extension for Microsoft Windows 2000 before SP3, when the Print Spooler is not running, allows remote attackers to cause a denial of service (memory consumption) via a large number of GET or GETNEXT requests.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and Kerberos V (Heimdal), does not encrypt authentication and encryption options sent from the server, which allows remote attackers to downgrade authentication and encryption mechanisms via a man-in-the-middle attack.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user function and possibly other functions, allows local users to modify arbitrary files via a symlink attack on a temporary file.
Published Apr 5, 2014 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Windows, Windows NT and Windows 2000 allows attackers to access restricted resources via URL-encoded (1) /.. or (2) \.. sequences.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
SQL injection vulnerability in prefs.php in phpBB 1.4.0 and 1.4.1 allows remote authenticated users to execute arbitrary SQL commands and gain administrative access via the viewemail parameter.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in innfeed for ISC InterNetNews (INN) before 2.3.0 allows local users in the "news" group to gain privileges via a long -c command line argument.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
KTH Kerberos IV and Kerberos V (Heimdal) for Telnet clients do not encrypt connections if the server does not support the requested encryption, which allows remote attackers to read communications via a man-in-the-middle attack.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Dallas Semiconductor iButton DS1991 returns predictable values when given an incorrect password, which makes it easier for users with physical access to conduct dictionary attacks against the device password.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in Novell GroupWise 5.5 and 6.0 allows remote attackers to read arbitrary files via a request for /servlet/webacc?User.html= that contains "../" (dot dot) sequences and a null character.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in VanDyke SecureCRT before 3.4.2, when using the SSH-1 protocol, allows remote attackers to execute arbitrary code via a long (1) username or (2) password.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The RC4 stream cipher as used by SSH1 allows remote attackers to modify messages without detection by XORing the original message's cyclic redundancy check (CRC) with the CRC of a mask consisting of all the bits of the original message that were modified.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
PHP remote file inclusion vulnerability in checklogin.php in phpSecurePages 0.24 and earlier allows remote attackers to execute arbitrary PHP code by modifying the cfgProgDir parameter to reference a URL on a remote web server that contains the code.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client challenge response to a target server by creating a Session ID that matches the Session ID of the target, but which uses a public key pair that is weaker than the target's public key, which allows the attacker to compute the corresponding private key and use the target's Session ID with the compromised key pair to masquerade as the target.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
NetInfo Manager for Mac OS X 10.0 through 10.1 allows local users to gain root privileges by opening applications using the (1) "recent items" and (2) "services" menus, which causes the applications to run with root privileges.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
By default, DNS servers on Windows NT 4.0 and Windows 2000 Server cache glue records received from non-delegated name servers, which allows remote attackers to poison the DNS cache via spoofed DNS responses.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Netegrity SiteMinder 3.6 through 4.5.1 allows remote attackers to bypass filtering via URLs containing Unicode characters.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
inetd in Compaq Tru64 UNIX 5.1 allows attackers to cause a denial of service (network connection loss) by causing one of the services handled by inetd to core dump during startup, which causes inetd to stop accepting connections to all of its services.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corporate Server 1.0.1 allows remote attackers to list the directory index of arbitrary web directories.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
SSH before 2.0, with RC4 encryption and the "disallow NULL passwords" option enabled, makes it easier for remote attackers to guess portions of user passwords by replaying user sessions with certain modifications, which trigger different messages depending on whether the guess is correct or not.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 allows remote attackers to execute arbitrary code via a crafted mail message.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Crystal Reports, when displaying data for a password protected database using HTML pages, embeds the username and password in cleartext in the HTML page and the URL, which allows remote attackers to obtain passwords.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
SQL injection vulnerability in article.php in PostNuke 0.62 through 0.64 allows remote attackers to bypass authentication via the user parameter.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Handspring Visor 1.0 and 1.0.1 with the VisorPhone Springboard module installed allows remote attackers to cause a denial of service (PalmOS crash and VisorPhone database corruption) by sending a large or crafted SMS image.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier allows remote attackers to execute arbitrary code via a long host parameter.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module (PAM) session if commands are executed with no pty, which allows local users to bypass resource limits (rlimits) set in pam.d.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Find-By-Content in Mac OS X 10.0 through 10.0.4 creates world-readable index files named .FBCIndex in every directory, which allows remote attackers to learn the contents of files in web accessible directories.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Windows, Windows NT and Windows 2000 allows attackers to cause the WebID agent to enter debug mode via a URL containing null characters, which may allow attackers to obtain sensitive information.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
SSH before 2.0 disables host key checking when connecting to the localhost, which allows remote attackers to silently redirect connections to the localhost by poisoning the client's DNS cache.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in MySQL before 3.23.33 allows remote attackers to execute arbitrary code via a long drop database request.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
prefs.php in phpBB 1.4.0 and earlier allows remote authenticated users to execute arbitrary PHP code via an invalid language value, which prevents the variables (1) $l_statsblock in prefs.php or (2) $l_privnotify in auth.php from being properly initialized, which can be modified by the user and later used in an eval statement.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Microsoft Internet Explorer 5.0 through 6.0 allows attackers to cause a denial of service (browser crash) via a crafted FTP URL such as "/.#./".
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
SSH before 2.0, when using RC4 and password authentication, allows remote attackers to replay messages until a new server key (VK) is generated.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in the SMTP server in Lotus Domino 5.0 through 5.7 allows remote attackers to bypass mail relaying restrictions via crafted e-mail addresses in "RCPT TO" commands.
Published Apr 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via a symlink attack on temporary files.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
MailSafe in Zone Labs ZoneAlarm 2.6 and earlier and ZoneAlarm Pro 2.6 and 2.4 does not block prohibited file types with long file names, which allows remote attackers to send potentially dangerous attachments.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Block_render_url.class in PHPSlash 0.6.1 allows remote attackers with PHPSlash administrator privileges to read arbitrary files by creating a block and specifying the target file as the source URL.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
initscript in setserial 2.17-4 and earlier uses predictable temporary file names, which could allow local users to conduct unauthorized operations on files.
Published Apr 2, 2003 · Updated Aug 8, 2024