Unknown · CVSS Not scored
Macromedia JRun 3.0 and 3.1 allows remote attackers to obtain duplicate active user session IDs and perform actions as other users via a URL request for the web application directory without the trailing '/' (slash), as demonstrated using ctx.
Published Jul 14, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows local users to execute arbitrary code as group bin via a long command line argument.
Published Jul 14, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
CentraOne 5.2 and Centra ASP with basic authentication enabled creates world-writable base64 encoded log files, which allows local users to obtain cleartext passwords from decoded log files and impersonate users.
Published Jul 14, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in PHP-Nuke 5.3.1 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) uname parameter in user.php, (2) ttitle, letter and file parameters in modules.php, (3) subject, story and storyext parameters in submit.php, (4) upload parameter in admin.php and (5) fname parameter in friend.php.
Published Jul 14, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Lotus Domino server 5.0.9a and earlier allows remote attackers to bypass security restrictions and view Notes database files and possibly sensitive Notes template files (.ntf) via an HTTP request with a large number of "+" characters before the .nsf file extension, which are converted to spaces by Domino.
Published Jul 14, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The default "basic" security setting' in config.php for TWIG webmail 2.7.4 and earlier stores cleartext usernames and passwords in cookies, which could allow attackers to obtain authentication information and gain privileges.
Published Jul 14, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in user.php in PostNuke 0.64 allows remote attackers to inject arbitrary web script or HTML via the uname parameter.
Published Jul 14, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers.
Published Jul 14, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
OpenSSH before 3.0.1 with Kerberos V enabled does not properly authenticate users, which could allow remote attackers to login unchallenged.
Published Jul 14, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
ssdpsrv.exe in Windows ME allows remote attackers to cause a denial of service by sending multiple newlines in a Simple Service Discovery Protocol (SSDP) message. NOTE: multiple replies to the original post state that the problem could not be reproduced.
Published Jul 14, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
geteuid in Itanium Architecture (IA) running on HP-UX 11.20 does not properly identify a user's effective user id, which could allow local users to gain privileges.
Published Jul 14, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
easyNews 1.5 and earlier stores administration passwords in cleartext in settings.php, which allows local users to obtain the passwords and gain access.
Published Jul 14, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 does not properly enforce core file size on processes after setuid or setgid privileges are dropped, which could allow local users to cause a denial of service by exhausting available disk space.
Published Jul 14, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Stack consumption vulnerability in Internet Explorer The JavaScript settimeout function in Internet Explorer allows remote attackers to cause a denial of service (crash) via the JavaScript settimeout function. NOTE: the vendor could not reproduce the problem.
Published Jul 14, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Macintosh clients, when using NT file system volumes on Windows 2000 SP1, create subdirectories and automatically modify the inherited NTFS permissions, which may cause the directories to have less restrictive permissions than intended.
Published Jul 14, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Outlook Express 6.0, with "Do not allow attachments to be saved or opened that could potentially be a virus" enabled, does not block email attachments from forwarded messages, which could allow remote attackers to execute arbitrary code.
Published Jul 14, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
ptrace in Linux 2.2.x through 2.2.19, and 2.4.x through 2.4.9, allows local users to gain root privileges by running ptrace on a setuid or setgid program that itself calls an unprivileged program, such as newgrp.
Published Jul 31, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Internet Explorer 6 and earlier allows remote attackers to create chromeless windows using the Javascript window.createPopup method, which could allow attackers to simulate a victim's display and conduct unauthorized activities or steal sensitive data via social engineering.
Published Jul 17, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The PostgreSQL authentication modules (1) mod_auth_pgsql 0.9.5, and (2) mod_auth_pgsql_sys 0.9.4, allow remote attackers to bypass authentication and execute arbitrary SQL via a SQL injection attack on the user name.
Published Jul 26, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Certain backend drivers in the SANE library 1.0.3 and earlier, as used in frontend software such as XSane, allows local users to modify files via a symlink attack on temporary files.
Published Jul 23, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
iPlanet Calendar Server 5.0p2 and earlier allows a local attacker to gain access to the Netscape Admin Server (NAS) LDAP database and read arbitrary files by obtaining the cleartext administrator username and password from the configuration file, which has insecure permissions.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Allied Telesyn AT-AR220e cable/DSL router firmware 1.08a RC14 with the portmapper and the 'Virtual Server' enabled can allow a remote attacker to gain access to mapped services even though the single portmappings may be disabled.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in Sun Chili!Soft ASP on multiple Unixes allows a remote attacker to read arbitrary files above the web root via a '..' (dot dot) attack in the sample script 'codebrws.asp'.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
QNX 2.4 allows a local user to read arbitrary files by directly accessing the mount point for the FAT disk partition, e.g. /fs-dos.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Sun Chili!Soft 3.5.2 on Linux and 3.6 on AIX creates a default admin username and password in the default installation, which can allow a remote attacker to gain additional privileges.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Vulnerability in iPlanet Web Server 4.X in HP-UX 11.04 (VVOS) with VirtualVault A.04.00 allows a remote attacker to create a denial of service via the HTTPS service.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
IMAP server in Alt-N Technologies MDaemon 3.5.6 allows a local user to cause a denial of service (hang) via long (1) SELECT or (2) EXAMINE commands.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Zetetic Secure Tool for Recalling Important Passwords (STRIP) 0.5 and earlier for the PalmOS allows a local attacker to recover passwords via a brute force attack. This attack is made feasible by STRIP's use of SysRandom, which is seeded by TimeGetTicks, and an implementation flaw which vastly reduces the password 'search space'.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The Lucent Closed Network protocol can allow remote attackers to join Closed Network networks which they do not have access to. The 'Network Name' or SSID, which is used as a shared secret to join the network, is transmitted in the clear.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeated (>400) URL requests for DOS devices.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
sendfiled, as included with Simple Asynchronous File Transfer (SAFT), on various Linux systems does not properly drop privileges when sending notification emails, which allows local attackers to gain privileges.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Headlight Software MyGetright prior to 1.0b allows a remote attacker to upload and/or overwrite arbitrary files via a malicious .dld (skins-data) file which contains long strings of random data.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeated URL requests with the same HTTP headers, such as (1) Accept, (2) Accept-Charset, (3) Accept-Encoding, (4) Accept-Language, and (5) Content-Type.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeatedly sending large (> 10Kb) amounts of data to the DIIOP - CORBA service on TCP port 63148.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Watchguard Firebox II prior to 4.6 allows a remote attacker to create a denial of service in the kernel via a large stream (>10,000) of malformed ICMP or TCP packets.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
asecure as included with HP-UX 10.01 through 11.00 can allow a local attacker to create a denial of service and gain additional privileges via unsafe permissions on the asecure program, a different vulnerability than CVE-2000-0083.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Symantec Ghost 6.5 and earlier allows a remote attacker to create a denial of service by sending large (> 45Kb) amounts of data to the Ghost Configuration Server on port 1347, which triggers an error that is not properly handled.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO OpenServer 5.0.6, can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Sybase Adaptive Server Anywhere Database Engine 6.0.3.2747 and earlier as included with Symantec Ghost 6.5 allows a remote attacker to create a denial of service by sending large (> 45Kb) amounts of data to port 2638.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via HTTP requests containing certain combinations of UNICODE characters.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Carello E-Commerce 1.2.1 and earlier allows a remote attacker to gain additional privileges and execute arbitrary commands via a specially constructed URL.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
HP architected interface facility (AIF) as includes with MPE/iX 5.5 through 6.5 running on a HP3000 allows an attacker to gain additional privileges and gain access to databases via the AIF - AIFCHANGELOGON program.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Orinoco RG-1000 wireless Residential Gateway uses the last 5 digits of the 'Network Name' or SSID as the default Wired Equivalent Privacy (WEP) encryption key. Since the SSID occurs in the clear during communications, a remote attacker could determine the WEP key and decrypt RG-1000 traffic.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via URL requests (>8Kb) containing a large number of '/' characters.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Alt-N Technologies MDaemon 3.5.4 allows a remote attacker to create a denial of service via the URL request of a MS-DOS device (such as GET /aux) to (1) the Worldclient service at port 3000, or (2) the Webconfig service at port 3001.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
deliver program in MMDF 2.43.3b in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and other packages have various weaknesses which can allow a remote attacker to obtain the following information via sniffing: (1) password lengths or ranges of lengths, which simplifies brute force password guessing, (2) whether RSA or DSA authentication is being used, (3) the number of authorized_keys in RSA authentication, or (4) the lengths of shell commands.
Published Jul 27, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple buffer overflows in RADIUS daemon radiusd in (1) Merit 3.6b and (2) Lucent 2.1-2 RADIUS allow remote attackers to cause a denial of service or execute arbitrary commands.
Published Jul 27, 2001 · Updated Aug 8, 2024