High · CVSS 7.5
Common Unix Printing System (CUPS) 1.1.14 through 1.1.17 does not properly check the return values of various file and socket operations, which could allow a remote attacker to cause a denial of service (resource exhaustion) by causing file descriptors to be assigned and not released, as demonstrated by fanta.
Published Sep 1, 2004 · Updated Jan 16, 2025
Unknown · CVSS Not scored
CRLF injection vulnerability in the setUserValue function in sipssys/code/site.inc.php in Haakon Nilsen simple, integrated publishing system (SIPS) before 20020209 has unknown impact, possibly gaining privileges or modifying critical configuration, via a CRLF sequence in a key value.
Published Sep 13, 2006 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Multiple PHP remote file inclusion vulnerabilities in Web Server Creator - Web Portal (WSC-WebPortal) 0.1 allow remote attackers to execute arbitrary PHP code via a URL in the (1) l parameter to customize.php or the (2) pg parameter to index.php.
Published Sep 11, 2006 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer underflow in ssldump 0.9b2 and earlier allows remote attackers to cause a denial of service (memory corruption) via a crafted SSLv2 challenge value.
Published Sep 26, 2007 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in tftpd of TFTP32 2.21 and earlier allows remote attackers to execute arbitrary code via a long filename argument.
Published Sep 23, 2007 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the ixj telephony card driver in Linux before 2.4.20 has unknown impact and attack vectors.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in Apache Tomcat 4.1 allows remote attackers to execute arbitrary web script and steal cookies via a URL with encoded newlines followed by a request to a .jsp file whose name contains the script.
Published Sep 19, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Acuma Acusend 4, and possibly earlier versions, allows remote authenticated users to read the reports of other users by inferring the full URL, whose name is easily predictable.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
mv in IRIX 6.5 creates a directory with world-writable permissions while moving a directory, which could allow local users to modify files and directories.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to read arbitrary files via a URL containing a "..%5c" sequence (modified dot-dot), which is mapped to the directory separator.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
dump_smutil.sh in IBM AIX allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the interpreter for Novell NetBasic Scripting Server (NSN) for Netware 5.1 and 6, and Novell Small Business Suite 5.1 and 6, allows remote attackers to cause a denial of service (ABEND) via a long module name.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in Light HTTPd (lhttpd) 0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in Sympoll 1.2 allows remote attackers to read arbitrary files when register_globals is enabled, possibly by modifying certain PHP variables through URL parameters.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
gds_lock_mgr in Borland InterBase allows local users to overwrite files and gain privileges via a symlink attack on a "isc_init1.X" temporary file, as demonstrated by modifying the xinetdbd file.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The UCX POP server in HP TCP/IP services for OpenVMS 4.2 through 5.3 allows local users to truncate arbitrary files via the -logfile command line option, which overrides file system permissions because the server runs with the SYSPRV and BYPASS privileges.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP headers into an HTTP request that is provided on the command line, via a URL containing encoded carriage return, line feed, and other whitespace characters.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
index.php in gBook 1.4 allows remote attackers to bypass authentication and gain administrative privileges by setting the login parameter to true.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows users to obtain usernames and plaintext passwords via a request to the userlist.asp program, which includes the passwords in a user editing form.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Netscreen running ScreenOS 4.0.0r6 and earlier allows remote attackers to cause a denial of service via a malformed SSH packet to the Secure Command Shell (SCS) management interface, as demonstrated via certain CRC32 exploits, a different vulnerability than CVE-2001-0144.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
BadBlue 1.7 allows remote attackers to bypass password protections for directories and files via an HTTP request containing an extra / (slash).
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in trek on NetBSD 1.5 through 1.5.3 allows local users to gain privileges via long keyboard input.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Web Server 4D (WS4D) 3.6 stores passwords in plaintext in the Ws4d.4DD file, which allows attackers to gain privileges.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
admin_ug_auth.php in phpBB 2.0.0 allows local users to gain administrator privileges by directly calling admin_ug_auth.php with modifed form fields such as "u".
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to cause a denial of service (resource exhaustion) via a GET request without the terminating /r/n/r/n (CRLF) sequence, which causes the interface to wait for the sequence and blocks other users from accessing it.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Macromedia Flash Player allows remote attackers to read arbitrary files via XML script in a .swf file that is hosted on a remote SMB share.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in XML parser in wsabi.dll of Winamp 3 (1.0.0.488) allows remote attackers to execute arbitrary code via a skin file (.wal) with a long include file tag.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
MsmMask.exe in MondoSearch 4.4 allows remote attackers to obtain the source code of scripts via the mask parameter.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The vncserver wrapper for vnc before 3.3.3r2-21 uses the rand() function instead of srand(), which causes vncserver to generate weak cookies.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to cause a denial of service (crash) via an HTTP request without a Content-Length parameter.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in msgError.asp for the administrative web interface (STEMWADM) for SurfControl SuperScout Email Filter allows remote attackers to insert arbitrary script or HTML via the Reason parameter.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in autofs on AIX 4.3.0, when using executable maps, allows attackers to execute arbitrary commands as root, possibly related to "string handling around how the executable map is called."
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The Cisco VPN 5000 Client for MacOS before 5.2.2 records the most recently used login password in plaintext when saving "Default Connection" settings, which could allow local users to gain privileges.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
fsr_efs in IRIX 6.5 allows local users to conduct unauthorized file activities via a symlink attack, possibly via the .fsrlast file.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The client for Symantec Norton AntiVirus Corporate Edition 7.5.x before 7.5.1 Build 62 and 7.6.x before 7.6.1 Build 35a runs winhlp32 with raised privileges, which allows local users to gain privileges by using certain features of winhlp32.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
SQL injection vulnerability in board.php for WoltLab Burning Board (wBB) 2.0 RC 1 and earlier allows remote attackers to modify the database and possibly gain privileges via the boardid parameter.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
rpcbind in SGI IRIX, when using the -w command line switch, allows local users to overwrite arbitrary files via a symlink attack.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Novell eDirectory (eDir) 8.6.2 and Netware 5.1 eDir 85.x allows users with expired passwords to gain inappropriate permissions when logging in from Remote Manager.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The MPS functionality in Enterasys SSR8000 (Smart Switch Router) before firmware 8.3.0.10 allows remote attackers to cause a denial of service (crash) via multiple port scans to ports 15077 and 15078.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Symbolic link vulnerability in xbreaky before 0.5.5 allows local users to overwrite arbitrary files via a symlink from the user's .breakyhighscores file to the target file.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in Null HTTP Server 0.5.0 and earlier allows remote attackers to insert arbitrary HTML into a "404 Not Found" response.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Format string vulnerability in the CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and RSSA Appliance 3.0.2, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in the password parameter.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
xdm, with the authComplain variable set to false, allows arbitrary attackers to connect to the X server if the xdm auth directory does not exist.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerabilities in Aestiva HTML/OS allows remote attackers to insert arbitrary HTML or script by inserting the script after a trailing / character, which inserts the script into the resulting error message.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The camel component for Ximian Evolution 1.0.x and earlier does not verify certificates when it establishes a new SSL connection after previously verifying a certificate, which could allow remote attackers to monitor or modify sessions via a man-in-the-middle attack.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
A patch for shadow-utils 20000902 causes the useradd command to create a mail spool files with read/write privileges of the new user's group (mode 660), which allows other users in the same group to read or modify the new user's incoming email.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cacti before 0.6.8 stores a MySQL username and password in plaintext in config.php, which has world-readable permissions, which allows local users to modify databases as the Cacti user and possibly gain privileges.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The CLI interface for WatchGuard Firebox Vclass 3.2 and earlier, and RSSA Appliance 3.0.2, does not properly close the SSH connection when a -N option is provided during authentication, which allows remote attackers to access CLI with administrator privileges.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in Lycos HTMLGear guestbook allows remote attackers to inject arbitrary script via (1) STYLE attributes or (2) SRC attributes in an IMG tag.
Published Sep 1, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Heap-based buffer overflow in Null HTTP Server 0.5.0 and earlier allows remote attackers to execute arbitrary code via a negative value in the Content-Length HTTP header.
Published Sep 1, 2004 · Updated Aug 8, 2024