Unknown · CVSS Not scored
The IRC script included in Light 2.7.x before 2.7.30p5, and 2.8.x before 2.8pre10, running EPIC allows remote attackers to execute arbitrary code if the user joins a channel whose topic includes EPIC4 code.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in eDonkey 2000 35.16.60 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long "ed2k:" URL.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in TNS Listener for Oracle 9i Database Server on Windows systems, and Oracle 8 on VM, allows local users to execute arbitrary code via a long SERVICE_NAME parameter, which is not properly handled when writing an error message to a log file.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Half-Life Server 1.1.1.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via multiple responses to the initial challenge with different cd_key values, which reaches the player limit and prevents other players from connecting until the original responses have timed out.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
globals.php in PHP Address before 0.2f, with the PHP allow_url_fopen and register_globals variables enabled, allows remote attackers to execute arbitrary PHP code via a URL to the code in the LangCookie parameter.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The web interface (WebUI) of NetScreen ScreenOS before 2.6.1r8, and certain 2.8.x and 3.0.x versions before 3.0.3r1, allows remote attackers to cause a denial of service (crash) via a long user name.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in SeaNox Devwex before 1.2002.0601 allows remote attackers to read arbitrary files via ..\ (dot dot) sequences in an HTTP request.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and earlier, allows remote attackers to execute arbitrary code via format strings in the user name, which are not properly handled in a syslog call.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in Qpopper (popper) 4.0.4 and earlier allows local users to cause a denial of service and possibly execute arbitrary code via a long bulldir argument in the user's .qpopper-options configuration file.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The ConsoleCallBack class for nCipher running under JRE 1.4.0 and 1.4.0_01, as used by the TrustedCodeTool and possibly other applications, may leak a passphrase when the user aborts an application that is prompting for the passphrase, which could allow attackers to gain privileges.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Opera 6.0.1 and 6.0.2 allows a remote web site to upload arbitrary files from the client system, without prompting the client, via an input type=file tag whose value contains a newline.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using log files.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
l2tpd 0.67 does not initialize the random number generator, which allows remote attackers to hijack sessions.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, does not properly handle URL-encoded field names that are generated by some browsers, which could cause certain fields to appear to be unset, which has the effect of removing group permissions on bugs when buglist.cgi is provided with the encoded field names.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
LocalWEB2000 2.1.0 web server allows remote attackers to bypass access restrictions for restricted files via a URL that contains the "/./" directory.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in SeaNox Devwex allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in rwcgi60 CGI program for Oracle Reports Server 6.0.8.18.0 and earlier, as used in Oracle9iAS and other products, allows remote attackers to execute arbitrary code via a long database name parameter.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The multibyte support in PostgreSQL 6.5.x with SQL_ASCII encoding consumes an extra character when processing a character that cannot be converted, which could remove an escape character from the query and make the application subject to SQL injection attacks.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Double Precision Courier e-mail MTA allows remote attackers to cause a denial of service (CPU consumption) via a message with an extremely large or negative value for the year, which causes a tight loop.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in Sendmail before 8.12.5, when configured to use a custom DNS map to query TXT records, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malicious DNS server.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Apache Tomcat 4.0.3, and possibly other versions before 4.1.3 beta, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of requests to the server with null characters, which causes the working threads to hang.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The kqueue mechanism in FreeBSD 4.3 through 4.6 STABLE allows local users to cause a denial of service (kernel panic) via a pipe call in which one end is terminated and an EVFILT_WRITE filter is registered for the other end.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cross-site scripting vulnerability in CiscoSecure ACS 3.0 allows remote attackers to execute arbitrary script or HTML as other web users via the action argument in a link to setup.exe.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
SayText function in Kismet 2.2.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters (backtick or pipe) in the essid argument.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
SQL*NET listener for Oracle Net Oracle9i 9.0.x and 9.2 allows remote attackers to cause a denial of service (crash) via certain debug requests that are not properly handled by the debugging feature.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in pks PGP public key web server before 0.9.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long search argument to the lookup capability.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Caldera Volution Manager 1.1 stores the Directory Administrator password in cleartext in the slapd.conf file, which could allow local users to gain privileges.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, directs error messages from the syncshadowdb command to the HTML output, which could leak sensitive information, including plaintext passwords, if syncshadowdb fails.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Vulnerability in l2tpd 0.67 allows remote attackers to overwrite the vendor field via a long value in an attribute/value pair, possibly via a buffer overflow.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cisco VPN 5000 series concentrator hardware 6.0.21.0002 and earlier, and 5.2.23.0003 and earlier, when using RADIUS with a challenge type of Password Authentication Protocol (PAP) or Challenge, sends the user password in cleartext in a validation retry request, which could allow remote attackers to steal passwords via sniffing.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
tinyproxy HTTP proxy 1.5.0, 1.4.3, and earlier allows remote attackers to execute arbitrary code via memory that is freed twice (double-free).
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The decoder for Macromedia Shockwave Flash allows remote attackers to execute arbitrary code via a malformed SWF header that contains more data than the specified length.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The default configuration of NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to determine the path of the web root via a direct request to com.newatlanta.servletexec.JSP10Servlet without a filename, which leaks the pathname in an error message.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
An interaction between PGP 7.0.3 with the "wipe deleted files" option, when used on Windows Encrypted File System (EFS), creates a cleartext temporary files that cannot be wiped or deleted due to strong permissions, which could allow certain local users or attackers with physical access to obtain cleartext information.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the OpenDataSource function of the Jet engine on Microsoft SQL Server 2000 allows remote attackers to execute arbitrary code.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
xinetd 2.3.4 leaks file descriptors for the signal pipe to services that are launched by xinetd, which could allow those services to cause a denial of service via the pipe.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly systems, uses the permissions of symbolic links instead of the actual files when creating an archive, which could cause the files to be extracted with less restrictive permissions than intended.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, (1) creates new directories with world-writable permissions, and (2) creates the params file with world-writable permissions, which allows local users to modify the files and execute code.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when configured to perform reverse DNS lookups, allows remote attackers to bypass IP restrictions by connecting from a system with a spoofed reverse DNS hostname.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Network File System (NFS) in FreeBSD 4.6.1 RELEASE-p7 and earlier, NetBSD 1.5.3 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service (hang) via an RPC message with a zero length payload, which causes NFS to reference a previous payload and enter an infinite loop.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Vulnerability in FAM 2.6.8, 2.6.6, and other versions allows unprivileged users to obtain the names of files whose access is restricted to the root group.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Format string vulnerability in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the ISDN4Linux (i4l) package allows local users to gain root privileges via format strings in the device name command line argument, which is not properly handled in a call to syslog.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The LoadText method in the spreadsheet component in Microsoft Office Web Components (OWC) 2000 and 2002 allows remote attackers to read arbitrary files through Internet Explorer via a URL that redirects to the target file.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
wwwoffled in World Wide Web Offline Explorer (WWWOFFLE) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a negative Content-Length value.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in WS_FTP FTP Server 3.1.1 allows remote authenticated users to execute arbitrary code via a long SITE CPWD command.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Format string vulnerability in super for Linux allows local users to gain root privileges via a long command line argument.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in VMware Authorization Service for VMware GSX Server 2.0.0 build-2050 allows remote authenticated users to execute arbitrary code via a long GLOBAL argument.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in su in Tru64 Unix 5.x allows local users to gain root privileges via a long username and argument.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in Winhlp32.exe allows remote attackers to execute arbitrary code via an HTML document that calls the HTML Help ActiveX control (HHCtrl.ocx) with a long pathname in the Item parameter.
Published Apr 2, 2003 · Updated Aug 8, 2024