Medium · CVSS 5.6
An issue was discovered on Mitel ICP VoIP 3100 devices. When a remote user attempts to log in via TELNET during the login wait time and an external call comes in, the system incorrectly divulges information about the call and any SMDR records generated by the system. The information provided includes the service type, extension number and other parameters, related to the call activity.
Published Apr 1, 2025 · Updated Apr 4, 2025
Unknown · CVSS Not scored
ps2epsi creates insecure temporary files when calling ghostscript, which allows local attackers to overwrite arbitrary files.
Published Apr 15, 2003 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Buffer overflow in rcp for AIX 4.3.3, 5.1 and 5.2 allows local users to gain privileges.
Published Apr 14, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allows user-assisted remote attackers to cause a denial of service (console hang) via a large number of FTP sessions, which are not properly handled during an NLM unload.
Published Apr 5, 2010 · Updated Sep 17, 2024
Unknown · CVSS Not scored
NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors.
Published Apr 5, 2010 · Updated Sep 16, 2024
Unknown · CVSS Not scored
NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly enforce FTPREST.TXT settings, which allows remote attackers to bypass intended access restrictions via an FTP session.
Published Apr 5, 2010 · Updated Sep 16, 2024
Unknown · CVSS Not scored
NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 does not enforce domain-name login restrictions, which allows remote attackers to bypass intended access control via an FTP connection.
Published Apr 5, 2010 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Multiple buffer overflows in NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allow remote attackers to cause a denial of service (abend) via a long (1) username or (2) password.
Published Apr 5, 2010 · Updated Sep 16, 2024
Unknown · CVSS Not scored
NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session.
Published Apr 5, 2010 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable.
Published Apr 15, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
run-mailcap in mime-support 3.22 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Published Apr 26, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or "Name Error") instead of response code 0 ("No Error"), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server.
Published Apr 21, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
The SV_CheckForDuplicateNames function in Valve Software Half-Life CSTRIKE Dedicated Server 1.1.1.0 and earlier allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) via a certain connection string to UDP port 27015 that represents "absence of player informations," a related issue to CVE-2006-0734.
Published Apr 12, 2007 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Off-by-one buffer overflow in spamc of SpamAssassin 2.40 through 2.43, when using BSMTP mode ("-B"), allows remote attackers to execute arbitrary code via email containing headers with leading "." characters.
Published Apr 4, 2008 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Web Wiz Guestbook 6.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download the database and obtain sensitive information via a direct request for database/WWGguestbook.mdb. NOTE: it was later reported that 8.21 is also affected.
Published Apr 2, 2009 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in cc_guestbook.pl in CGI City CC GuestBook allows remote attackers to inject arbitrary web script or HTML via the (1) name and (2) homepage_title (webpage title) parameters.
Published Apr 4, 2008 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The PKI functionality in Mac OS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (service crash) via malformed ASN.1 sequences.
Published Apr 14, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory.
Published Apr 16, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Help and Support Center in Microsoft Windows XP SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code via quotation marks in an hcp:// URL, which are not quoted when constructing the argument list to HelpCtr.exe.
Published Apr 16, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Windows XP allows local users to execute arbitrary programs by creating a task at an elevated privilege level through the eventtriggers.exe command-line tool or the Task Scheduler service, aka "Windows Management Vulnerability."
Published Apr 16, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The Utility Manager in Microsoft Windows 2000 executes winhlp32.exe with system privileges, which allows local users to execute arbitrary code via a "Shatter" style attack using a Windows message that accesses the context sensitive help button in the GUI, as demonstrated using the File Open dialog in the Help window, a different vulnerability than CVE-2004-0213.
Published Apr 16, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image.
Published Apr 16, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Perl 5.8.1 on Fedora Core does not properly initialize the random number generator when forking, which makes it easier for attackers to predict random numbers.
Published Apr 14, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed.
Published Apr 14, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the COM Internet Services and in the RPC over HTTP Proxy components for Microsoft Windows NT Server 4.0, NT 4.0 Terminal Server Edition, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service via a crafted request.
Published Apr 16, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the Windows logon process (winlogon) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1, when a member of a domain, allows remote attackers to execute arbitrary code.
Published Apr 16, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets.
Published Apr 16, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Kdbg 1.1.0 through 1.2.8 does not check permissions of the .kdbgrc file, which allows local users to execute arbitrary commands.
Published Apr 15, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in the Local Security Authority Subsystem Service (LSASS) in Windows 2000 domain controllers allows remote attackers to cause a denial of service via a crafted LDAP message.
Published Apr 16, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm.
Published Apr 16, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple buffer overflows in vfte, based on FTE, before 0.50, allow local users to execute arbitrary code.
Published Apr 6, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Integer signedness error in the Linux Socket Filter implementation (filter.c) in Linux 2.4.3-pre3 to 2.4.22-pre10 allows attackers to cause a denial of service (crash).
Published Apr 15, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote attackers to cause a denial of service (application crash), possibly via the headername and footername arguments.
Published Apr 14, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote attackers to read arbitrary files via the (1) headername or (2) footername arguments.
Published Apr 14, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Information leak in dsimportexport for Apple Macintosh OS X Server 10.2.6 allows local users to obtain the username and password of the account running the tool.
Published Apr 14, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Format string vulnerability in LICQ 1.2.6, 1.0.3 and possibly other versions allows remote attackers to perform unknown actions via format string specifiers.
Published Apr 15, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in Macromedia Flash ad user tracking capability allows remote attackers to insert arbitrary Javascript via the clickTAG field.
Published Apr 15, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK).
Published Apr 8, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The (1) dupatch and (2) setld utilities in HP Tru64 UNIX 5.1B PK1 and earlier allows local users to overwrite files and possibly gain root privileges via a symlink attack.
Published Apr 29, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in moxftp 2.2 and earlier allows remote malicious FTP servers to execute arbitrary code via a long FTP banner.
Published Apr 8, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
gkrellm-newsticker gkrellm plugin before 0.3-3.1 allows remote attackers to cause a denial of service (crash) via (1) link or (2) title elements that contain multiple lines.
Published Apr 26, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the administration service (CSAdmin) for Cisco Secure ACS before 3.1.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long user parameter to port 2002.
Published Apr 26, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.
Published Apr 16, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program.
Published Apr 15, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via an HTTP response containing long values in (1) Content-type and (2) Content-encoding fields.
Published Apr 26, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in Cisco Catalyst 7.5(1) allows local users to bypass authentication and gain access to the enable mode without a password.
Published Apr 26, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
xfsdq in xfsdump does not create quota information files securely, which allows local users to gain root privileges.
Published Apr 15, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
hpnst.exe in the GoAhead-Webs webserver for HP Instant TopTools before 5.55 allows remote attackers to cause a denial of service (CPU consumption) via a request to hpnst.exe that calls itself, which causes an infinite loop.
Published Apr 1, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could allow attackers to log in without a password.
Published Apr 29, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.
Published Apr 15, 2003 · Updated Aug 8, 2024