Unknown · CVSS Not scored
SQL injection vulnerability in page_header.php in phpBB 2.0, 2.0.1 and 2.0.2 allows remote attackers to brute force user passwords and possibly gain unauthorized access to forums via the forum_id parameter to index.php.
Published Nov 16, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
TFTP server in Longshine Wireless Access Point (WAP) LCS-883R-AC-B, and in D-Link DI-614+ 2.0 which is based on it, allows remote attackers to obtain the WEP secret and gain administrator privileges by downloading the configuration file (config.img) and other files without authentication.
Published Nov 16, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple format string vulnerabilities in the logger function in netzio.c for Tanne 0.6.17 allows remote attackers to execute arbitrary code via format string specifiers in syslog.
Published Nov 16, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
H-Sphere WebShell 2.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) mode and (2) zipfile parameters in a URL request.
Published Nov 16, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Winamp 3.0 allows remote attackers to cause a denial of service (crash) via a .b4s file with a playlist name that contains some non-English characters, e.g. Cyrillic characters.
Published Nov 16, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Sambar Server before 6.0 beta 3 allows attackers with physical access to execute arbitrary code via a request with an MS-DOS device name such as com1.pl, con.pl, or aux.pl, which causes Perl to read the code from the associated device.
Published Nov 22, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
register.php in S8Forum 3.0 allows remote attackers to execute arbitrary PHP commands by creating a user whose name ends in a .php extension and entering the desired commands into the E-mail field, which creates a web-accessible .php file that can be called by the attacker, as demonstrated using a "system($cmd)" E-mail address with a "any_name.php" username.
Published Nov 16, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple buffer overflows in Winamp 3.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a .b4s file containing (1) a long playlist name or (2) a long path in a file: argument to the Playstring parameter.
Published Nov 16, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
HTTP Proxy in Sambar Server before 6.0 beta 6, when security.ini lacks a 127.0.0.1 proxydeny entry, allows remote attackers to send proxy HTTP requests to the Sambar Server's administrative interface and external web servers, by making a "Connection: keep-alive" request before the proxy requests.
Published Nov 22, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
WebIntelligence 2.7.1 uses guessable user session cookies, which allows remote attackers to hijack sessions.
Published Nov 16, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages.
Published Nov 16, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
S-PLUS 6.0 allows local users to overwrite arbitrary files and possibly elevate privileges via a symlink attack on (1) /tmp/__F8499 by Sqpe, (2) /tmp/PRINT.$$.out by PRINT, (3) /tmp/SUBST$PID.TXT and /tmp/ed.cmds$PID by mustfix.hlinks, (4) /tmp/file.1 and /tmp/file.2 by sas_get, (5) /tmp/file.1 by sas_vars, and (6) /tmp/sgml2html$$tmp /tmp/sgml2html$$tmp1 /tmp/sgml2html$$tmp2 by sglm2html.
Published Nov 16, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
PHP remote file inclusion vulnerability in Bookmark4U 1.8.3 allows remote attackers to execute arbitrary PHP code viaa URL in the prefix parameter to (1) dbase.php, (2) config.php, or (3) common.load.php.
Published Nov 16, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
add_bookmark.php in Active PHP Bookmarks (APB) 1.1.01 allows remote attackers to add arbitrary bookmarks as other users using a modified auth_user_id parameter.
Published Nov 16, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple buffer overflows in H-Sphere WebShell 2.3 allow remote attackers to execute arbitrary code via (1) a long URL content type in CGI::readFile, (2) a long path in diskusage, and (3) a long fname in flist.
Published Nov 16, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in sendphoto.php in WihPhoto 0.86 allows remote attackers to read arbitrary files via .. specifiers in the album parameter, and the target filename in the pic parameter.
Published Nov 16, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
index2.php in Mambo 4.0.12 allows remote attackers to gain administrator access via a URL request where session_id is set to the MD5 hash of a session cookie.
Published Nov 16, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cross-site scripting vulnerability (XSS) in Sage 1.0 b3 allows remote attackers to insert arbitrary HTML or web script via the mod parameter.
Published Nov 16, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Efficient Networks 5861 DSL router, when running firmware 5.3.80 configured to block incoming TCP SYN, packets allows remote attackers to cause a denial of service (crash) via a flood of TCP SYN packets to the WAN interface using a port scanner such as nmap.
Published Nov 16, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The (1) menu.inc.php, (2) datasets.php and (3) mass_operations.inc.php (mistakenly referred to as mass_opeations.inc.php) scripts in N/X 2002 allow remote attackers to execute arbitrary PHP code via a c_path that references a URL on a remote web server that contains the code.
Published Nov 16, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cross-site scripting vulnerability (XSS) in WWWBoard 2.0A2.1 and earlier allows remote attackers to inject arbitrary HTML or web script via a message post.
Published Nov 16, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Integer overflow in the f_count counter in FreeBSD before 4.2 through 5.0 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via multiple calls to (1) fpathconf and (2) lseek, which do not properly decrement f_count through a call to fdrop.
Published Nov 16, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
PHP remote file inclusion vulnerability in CuteNews 0.88 allows remote attackers to execute arbitrary PHP code via a URL in the cutepath parameter in (1) shownews.php, (2) search.php, or (3) comments.php.
Published Nov 16, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cross-site scripting vulnerability (XSS) in (1) admin_index.php, (2) admin_pass.php, (3) admin_modif.php, and (4) admin_suppr.php in MyGuestbook 3.0 allows remote attackers to execute arbitrary PHP code by modifying the location parameter to reference a URL on a remote web server that contains file.php via script injected into the pseudo, email, and message parameters.
Published Nov 16, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Format string vulnerability in clamav-milter for Clam AntiVirus 0.60 through 0.60p, and other versions before 0.65, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in the email address argument of a "MAIL FROM" command.
Published Nov 18, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open to the user.
Published Nov 18, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in iwconfig allows local users to execute arbitrary code via a long HOME environment variable.
Published Nov 18, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled by (1) ibcs2_exec.c in the iBCS2 emulation (compat_ibcs2) or (2) exec_elf.c, which leads to a stack-based buffer overflow.
Published Nov 21, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in iwconfig, when installed setuid, allows local users to execute arbitrary code via a long OUT environment variable.
Published Nov 18, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The Web Database Manager in web-tools for SAP DB before 7.4.03.30 generates predictable session IDs, which allows remote attackers to conduct unauthorized activities.
Published Nov 21, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
vos24u.c in SAP database server (SAP DB) 7.4.03.27 and earlier allows local users to gain SYSTEM privileges via a malicious "NETAPI32.DLL" in the current working directory, which is found and loaded by SAP DB before the real DLL, as demonstrated using the SQLAT stored procedure.
Published Nov 21, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Partition Manager (parmgr) in HP-UX B.11.23 does not properly validate certificates that are provided by the cimserver, which allows attackers to obtain sensitive data or gain privileges.
Published Nov 18, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
PeopleSoft PeopleTools 8.1x, 8.2x, and 8.4x allows remote attackers to execute arbitrary commands by uploading a file to the IClient Servlet, guessing the insufficiently random (system time) name of the directory used to store the file, and directly requesting that file.
Published Nov 18, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Symantec PCAnywhere 10.x and 11, when started as a service, allows attackers to gain SYSTEM privileges via the help interface using AWHOST32.exe.
Published Nov 18, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Net-SNMP before 5.0.9 allows a user or community to access data in MIB objects, even if that data is not allowed to be viewed.
Published Nov 12, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
eo420_GetStringFromVarPart in veo420.c for SAP database server (SAP DB) 7.4.03.27 and earlier may allow remote attackers to execute arbitrary code via a connect packet with a 256 byte segment to the niserver (aka serv.exe) process on TCP port 7269, which prevents the server from NULL terminating the string and leads to a buffer overflow.
Published Nov 21, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed GTP MSISDN string.
Published Nov 6, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in the Terminal application for Mac OS X 10.3 (Client and Server) may allow "unauthorized access."
Published Nov 6, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Heap-based buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SOCKS dissector.
Published Nov 6, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Ethereal 0.9.15 and earlier, and Tethereal, allows remote attackers to cause a denial of service (crash) via certain malformed (1) ISAKMP or (2) MEGACO packets.
Published Nov 6, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Symbol Access Portable Data Terminal (PDT) 8100 does not hide the default WEP keys if they are not changed, which could allow attackers to retrieve the keys and gain access to the wireless network.
Published Nov 12, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The (1) ipq_read and (2) ipulog_read functions in iptables allow local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
Published Nov 20, 2007 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Zebra 0.93b and earlier, and quagga before 0.95, allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
Published Nov 18, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Format string vulnerability in hfaxd for Hylafax 4.1.7 and earlier allows remote attackers to execute arbitrary code.
Published Nov 12, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
iproute 2.4.7 and earlier allows local users to cause a denial of service via spoofed messages as other users to the kernel netlink interface.
Published Nov 18, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences.
Published Nov 6, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
Published Nov 18, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to the telnet CLI port, which may trigger a null dereference.
Published Nov 18, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request.
Published Nov 18, 2003 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model.
Published Nov 18, 2003 · Updated Aug 8, 2024