Unknown · CVSS Not scored
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows authenticated users with editing privileges to delete other users by directly calling the editusers.cgi script with the "del" option.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The rc system startup script for FreeBSD 4 through 4.5 allows local users to delete arbitrary files via a symlink attack on X Windows lock files.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
BSD pppd allows local users to change the permissions of arbitrary files via a symlink attack on a file that is specified as a tty device.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cisco Virtual Private Network (VPN) Client 3.5.4 and earlier allows remote attackers to cause a denial of service (CPU consumption) via a packet with a zero-length payload.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
AOL Instant Messenger (AIM) allows remote attackers to cause a denial of service (crash) via an "AddBuddy" link with the ScreenName parameter set to a large number of comma-separated values, possibly triggering a buffer overflow.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, when performing a mass change, sets the groupset of all bugs to the groupset of the first bug, which could inadvertently cause insecure groupset permissions to be assigned to some bugs.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Integer overflow in the Berkeley Fast File System (FFS) in FreeBSD 4.6.1 RELEASE-p4 and earlier allows local users to access arbitrary file contents within FFS to gain privileges by creating a file that is larger than allowed by the virtual memory system.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in search.cgi in mnoGoSearch 3.1.19 and earlier allows remote attackers to execute arbitrary code via a long query (q) parameter.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in lukemftp FTP client in SuSE 6.4 through 8.0, and possibly other operating systems, allows a malicious FTP server to execute arbitrary code via a long PASV command.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
ifup-dhcp script in the sysconfig package for SuSE 8.0 allows remote attackers to execute arbitrary commands via spoofed DHCP responses, which are stored and executed in a file.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in Sun ONE / iPlanet Web Server 4.1 and 6.0 allows remote attackers to execute arbitrary code via an HTTP request using chunked transfer encoding.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
shadow package in SuSE 8.0 allows local users to destroy the /etc/passwd and /etc/shadow files or assign extra group privileges to some users by changing filesize limits before calling programs that modify the files.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
clchkspuser and clpasswdremote in AIX expose an encrypted password in the cspoc.log file, which could allow local users to gain privileges.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The accept_filter mechanism in FreeBSD 4 through 4.5 does not properly remove entries from the incomplete listen queue when adding a syncache, which allows remote attackers to cause a denial of service (network service availability) via a large number of connection attempts, which fills the queue.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
OpenBSD 2.9 through 3.1 allows local users to cause a denial of service (resource exhaustion) and gain root privileges by filling the kernel's file descriptor table and closing file descriptors 0, 1, or 2 before executing a privileged process, which is not properly handled when OpenBSD fails to open an alternate descriptor.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the ISAPI DLL filter for Macromedia JRun 3.1 allows remote attackers to execute arbitrary code via a direct request to the filter with a long HTTP host header field in a URL for a .jsp file.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly other operating systems, does not use the O_EXCL flag to create files during decompression and does not warn the user if an existing file would be overwritten, which could allow attackers to overwrite files via a bzip2 archive.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
LabVIEW Web Server 5.1.1 through 6.1 allows remote attackers to cause a denial of service (crash) via an HTTP GET request that ends in two newline characters, instead of the expected carriage return/newline combinations.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The default configuration of the proxy for Cisco Cache Engine and Content Engine allows remote attackers to use HTTPS to make TCP connections to allowed IP addresses while hiding the actual source IP.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
getuserdesc.asp in Hosting Controller 2002 allows remote attackers to change the passwords of arbitrary users and gain privileges by modifying the username parameter, as addressed by the "UpdateUser" hot fix.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Race condition in bzip2 before 1.0.2 in FreeBSD 4.5 and earlier, OpenLinux 3.1 and 3.1.1, and possibly other operating systems, decompresses files with world-readable permissions before setting the permissions to what is specified in the bzip2 archive, which could allow local users to read the files as they are being decompressed.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the LDAP component of Ipswitch IMail 7.1 and earlier allows remote attackers to execute arbitrary code via a long "bind DN" parameter.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Kerberos 5 su (k5su) in FreeBSD 4.5 and earlier does not verify that a user is a member of the wheel group before granting superuser privileges, which could allow unauthorized users to execute commands as root.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Kerberos 5 su (k5su) in FreeBSD 4.4 and earlier relies on the getlogin system call to determine if the user running k5su is root, which could allow a root-initiated process to regain its privileges after it has dropped them.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
psyBNC 2.3 allows remote attackers to cause a denial of service (CPU consumption and resource exhaustion) by sending a PASS command with a long password argument and quickly killing the connection, which is not properly terminated by psyBNC.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Sambar web server before 5.2 beta 1 allows remote attackers to obtain source code of server-side scripts, or cause a denial of service (resource exhaustion) via DOS devices, using a URL that ends with a space and a null character.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Microsoft BackOffice 4.0 and 4.5, when configured to be accessible by other systems, allows remote attackers to bypass authentication and access the administrative ASP pages via an HTTP request with an authorization type (auth_type) that is not blank.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
SQL injection vulnerability in the function that services for Microsoft Content Management Server (MCMS) 2001 allows remote attackers to execute arbitrary commands via an MCMS resource request for image files or other files.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Web authoring command in Microsoft Content Management Server (MCMS) 2001 allows attackers to authenticate and upload executable content, by modifying the upload location, aka "Program Execution via MCMS Authoring Function."
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
ktrace in BSD-based operating systems allows the owner of a process with special privileges to trace the process after its privileges have been lowered, which may allow the owner to obtain sensitive information that the process obtained while it was running with the extra privileges.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
MHonArc 2.5.2 and earlier does not properly filter Javascript from archived e-mail messages, which could allow remote attackers to execute script in web clients by (1) splitting the SCRIPT tag into smaller pieces, (2) including the script in a SRC argument to an IMG tag, or (3) using "&={script}" syntax.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which allows remote attackers to bypass firewall rules or spoof FTP server responses.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
A handler routine for the Network Connection Manager (NCM) in Windows 2000 allows local users to gain privileges via a complex attack that causes the handler to run in the LocalSystem context with user-specified code.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Format string vulnerability in crontab for SCO OpenServer 5.0.5 and 5.0.6 allows local users to gain privileges via format string specifiers in the file name argument.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The Network Address Translation (NAT) capability for Netfilter ("iptables") 1.2.6a and earlier leaks translated IP addresses in ICMP error messages.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
b2edit.showposts.php in B2 2.0.6pre2 and earlier does not properly load the b2config.php file in some configurations, which allows remote attackers to execute arbitrary PHP code via a URL that sets the $b2inc variable to point to a malicious program stored on a remote server.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cross-site scripting vulnerability in thttpd 2.20 and earlier allows remote attackers to execute arbitrary script via a URL to a nonexistent page, which causes thttpd to insert the script into a 404 error message.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The Host function in Microsoft Office Web Components (OWC) 2000 and 2002 is exposed in components that are marked as safe for scripting, which allows remote attackers to execute arbitrary commands via the setTimeout method.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in Microsoft Terminal Services Advanced Client (TSAC) ActiveX control allows remote attackers to execute arbitrary code via a long server name field.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
SoftwareUpdate for MacOS 10.1.x does not use authentication when downloading a software update, which could allow remote attackers to execute arbitrary code by posing as the Apple update server via techniques such as DNS spoofing or cache poisoning, and supplying Trojan Horse updates.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in a system function that performs user authentication for Microsoft Content Management Server (MCMS) 2001 allows attackers to execute code in the Local System context by authenticating to a web page that calls the function, aka "Unchecked Buffer in MDAC Function Could Enable SQL Server Compromise."
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
An interaction between the Perl MD5 module (perl-Digest-MD5) and Perl could produce incorrect MD5 checksums for UTF-8 data, which could prevent a system from properly verifying the integrity of the data.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in Internet Mail Connector (IMC) for Microsoft Exchange Server 5.5 allows remote attackers to execute arbitrary code via an EHLO request from a system with a long name as obtained through a reverse DNS lookup, which triggers the overflow in IMC's hello response.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Pingtel xpressa SIP-based voice-over-IP phone 1.2.5 through 1.2.7.4 downloads phone applications from a web site but can not verify the integrity of the applications, which could allow remote attackers to install Trojan horse applications via DNS spoofing.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) allows remote attackers to execute arbitrary code via an argument to the _TT_CREATE_FILE procedure.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Microsoft Metadirectory Services (MMS) 2.2 allows remote attackers to bypass authentication and modify sensitive data by using an LDAP client to directly connect to MMS and bypass the checks for MMS credentials.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the Transact-SQL (T-SQL) OpenRowSet component of Microsoft Data Access Components (MDAC) 2.5 through 2.7 for SQL Server 7.0 or 2000 allows remote attackers to execute arbitrary code via a query that calls the OpenRowSet command.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Heap-based buffer overflow in the message decoding functionality for PGP Outlook Encryption Plug-In, as used in NAI PGP Desktop Security 7.0.4, Personal Security 7.0.3, and Freeware 7.0.3, allows remote attackers to modify the heap and gain privileges via a large, malformed mail message.
Published Apr 2, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to misrepresent the source of a file in the File Download dialogue box to trick users into thinking that the file type is safe to download, aka "File Origin Spoofing."
Published Apr 2, 2003 · Updated Aug 8, 2024