Unknown · CVSS Not scored
Format string vulnerability in pam-pgsql 0.5.2 and earlier allows remote attackers to execute arbitrary code via the username that isp rovided during authentication, which is not properly handled when recording a log message.
Published Aug 14, 2003 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Cisco PIX firewall 5.x.x, and 6.3.1 and earlier, allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set.
Published Dec 17, 2003 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in PostNuke 0.723 and earlier allows remote attackers to include arbitrary files named theme.php via the theme parameter to index.php.
Published Nov 14, 2007 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Unknown vulnerability in minimalist mailing list manager 2.4, 2.2, and possibly other versions, allows remote attackers to execute arbitrary commands.
Published Jan 14, 2004 · Updated Sep 17, 2024
Unknown · CVSS Not scored
CRLF injection vulnerability in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to inject arbitrary HTTP headers and possibly conduct HTTP Response Splitting attacks via CRLF sequences in the Location header.
Published Sep 23, 2007 · Updated Sep 17, 2024
Unknown · CVSS Not scored
activate.php in versatileBulletinBoard (vBB) 0.9.5 and 0.9.6 allows remote attackers to gain unauthorized administrative access via a URL request with the uid parameter set to the webmaster uid.
Published Nov 16, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.2_01 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote attackers to read or write data belonging to a signed applet.
Published Oct 25, 2007 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Format string vulnerability in tsm for the bos.rte.security fileset on AIX 5.2 allows remote attackers to gain root privileges via login, and local users to gain privileges via login, su, or passwd, with a username that contains format string specifiers.
Published Sep 23, 2003 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Cisco CSS 11000 routers on the CS800 chassis allow remote attackers to cause a denial of service (CPU consumption or reboot) via a large number of TCP SYN packets to the circuit IP address, aka "ONDM Ping failure."
Published Aug 14, 2003 · Updated Sep 17, 2024
Unknown · CVSS Not scored
web-tools in SAP DB before 7.4.03.30 installs several services that are enabled by default, which could allow remote attackers to obtain potentially sensitive information or redirect attacks against internal databases via (1) waecho, (2) Web SQL Interface (websql), or (3) Web Database Manager (webdbm).
Published Nov 21, 2003 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in register.php for vBulletin 3.0 Beta 2 allows remote attackers to inject arbitrary HTML or web script via optional fields such as (1) "Interests-Hobbies", (2) "Biography", or (3) "Occupation."
Published Jan 22, 2004 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Buffer overflow in mIRC 6.1 and 6.11 allows remote attackers to cause a denial of service (crash) via a long DCC SEND request.
Published Oct 25, 2007 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Active PHP Bookmarks (APB) 1.1.01 allows remote attackers to execute arbitrary PHP code via (1) head.php, (2) apb_common.php, or (3) apb_view_class.php by modifying the APB_SETTINGS parameter to reference a URL on a remote web server that contains the code.
Published Nov 16, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
NtCreateSymbolicLinkObject in ntdll.dll in Integrity Protection Driver (IPD) 1.2 and 1.3 allows local users to create and overwrite arbitrary files via a symlink attack on \winnt\system32\drivers using the subst command.
Published Nov 16, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to obtain restricted information and possibly gain administrative privileges by changing the "guest" user to the Admin user on the Modify or delete users pages.
Published Sep 4, 2003 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Cross-site scripting vulnerability (XSS) in OpenTopic 2.3.1 allows remote attackers to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into IMG tags.
Published Nov 16, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
lyskom-server 2.0.7 and earlier allows unauthenticated users to cause a denial of service (CPU consumption) via a large query.
Published Jun 18, 2003 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Cross-site scripting vulnerability (XSS) in AN HTTP 1.41e allows remote attackers to execute arbitrary web script or HTML as other users via a URL containing the script.
Published Nov 16, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
KaZaA Media Desktop (KMD) 2.0 launches advertisements in the Internet Explorer (IE) local security zone, which could allow remote attackers to view local files and possibly execute arbitrary code.
Published Nov 16, 2005 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Unknown vulnerability in NFS for SGI IRIX 6.5.21 and earlier may allow an NFS client to bypass read-only restrictions.
Published Sep 18, 2003 · Updated Sep 17, 2024
Unknown · CVSS Not scored
NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allows user-assisted remote attackers to cause a denial of service (console hang) via a large number of FTP sessions, which are not properly handled during an NLM unload.
Published Apr 5, 2010 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Unknown vulnerability in mah-jong 1.5.6 and earlier allows remote attackers to cause a denial of service (tight loop).
Published Sep 12, 2003 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Buffer overflows in osh before 1.7-11 allow local users to execute arbitrary code and bypass shell restrictions via (1) long environment variables or (2) long "file redirections."
Published Jun 24, 2003 · Updated Sep 17, 2024
Unknown · CVSS Not scored
The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-level domains, as demonstrated by a forged 123.123.123.123 domain name, related to an "Inverse Lookup Log Corruption (ILLC)" issue.
Published Feb 5, 2010 · Updated Sep 17, 2024
Unknown · CVSS Not scored
Buffer overflow in zblast-svgalib of zblast 1.2.1 and earlier allows local users to execute arbitrary code via the high score file.
Published Aug 14, 2003 · Updated Sep 17, 2024
Unknown · CVSS Not scored
fuzz 0.6 and earlier creates temporary files insecurely, which could allow local users to gain root privileges.
Published May 8, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
ftpd.c in wu-ftpd 2.6.2, when running on "operating systems that only allow one non-connected socket bound to the same local address," does not close failed connections, which allows remote attackers to cause a denial of service.
Published May 21, 2007 · Updated Sep 16, 2024
Unknown · CVSS Not scored
exit.c in Linux kernel 2.6-test9-CVS, as stored on kernel.bkbits.net, was modified to contain a backdoor, which could allow local users to elevate their privileges by passing __WCLONE|__WALL to the sys_wait4 function.
Published May 10, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in cgihtml 1.69 allows remote attackers to overwrite and create arbitrary files via a .. (dot dot) in multipart/form-data uploads.
Published Nov 16, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Sun Java Media Framework (JMF) 2.1.1 through 2.1.1c allows unsigned applets to cause a denial of service (JVM crash) and read or write unauthorized memory locations via the ReadEnv class, as demonstrated by reading environment variables using modified .data and .size fields.
Published Jun 1, 2009 · Updated Sep 16, 2024
Unknown · CVSS Not scored
The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTHDR" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic or crash) via certain OSI packets.
Published Aug 5, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
mod_throttle 3.0 allows local users with Apache privileges to access shared memory that points to a file that is writable by the apache user, which could allow local users to gain privileges.
Published Oct 25, 2007 · Updated Sep 16, 2024
Unknown · CVSS Not scored
sup 1.8 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files.
Published Aug 1, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
SQL injection vulnerabilities in the (1) PostgreSQL or (2) MySQL authentication modules for teapop 0.3.5 and earlier allow attackers to execute arbitrary SQL and possibly gain privileges.
Published Jul 10, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
PHP treats unknown methods such as "PoSt" as a GET request, which could allow attackers to intended access restrictions if PHP is running on a server that passes on all methods, such as Apache httpd 2.0, as demonstrated using a Limit directive. NOTE: this issue has been disputed by the Apache security team, saying "It is by design that PHP allows scripts to process any request method. A script which does not explicitly verify the request method will hence be processed as normal for arbitrary methods. It is therefore expected behaviour that one cannot implement per-method access control using the Apache configuration alone, which is the assumption made in this report.
Published Feb 27, 2006 · Updated Sep 16, 2024
Unknown · CVSS Not scored
NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors.
Published Apr 5, 2010 · Updated Sep 16, 2024
Unknown · CVSS Not scored
CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to gain administrative privileges via a certain POST request to com.cisco.nm.cmf.servlet.CsAuthServlet, possibly involving the "cmd" parameter with a modifyUser value and a modified "priviledges" parameter.
Published Sep 4, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Unknown vulnerability in the libcpr library for the Checkpoint/Restart (cpr) system on SGI IRIX 6.5.21f and earlier allows local users to truncate or overwrite certain files.
Published Aug 15, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly enforce FTPREST.TXT settings, which allows remote attackers to bypass intended access restrictions via an FTP session.
Published Apr 5, 2010 · Updated Sep 16, 2024
Unknown · CVSS Not scored
SQL injection vulnerability in pass_done.php for PY-Membres 4.2 and earlier allows remote attackers to execute arbitrary SQL queries via the email parameter.
Published Sep 6, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
The backup configuration file for Microsoft MN-500 wireless base station stores administrative passwords in plaintext, which allows local users to gain access.
Published Oct 24, 2007 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Buffer overflow in the WAECHO default service in web-tools in SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a URL with a long requestURI.
Published Nov 21, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Netfone.exe of NetTelephone 3.5.6 uses weak encryption for user PIN's and stores user account numbers in plaintext in the HKEY_CURRENT_USER\Software\MediaRing.com\SDK\NetTelephone\settings registry key, which could allow local users to gain unauthorized access to NetTelephone accounts.
Published Nov 16, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in plugins/file.php in phpWebFileManager before 0.4.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the fm_path parameter.
Published Feb 13, 2008 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Format string vulnerability in main.cpp in kpopup 0.9.1 and 0.9.5pre2 allows local users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via format string specifiers in command line arguments.
Published May 10, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
The mailcap file for mozart 1.2.5 and earlier causes Oz applications to be passed to the Oz interpreter, which allows remote attackers to execute arbitrary Oz programs in a MIME-aware client program.
Published Jul 10, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Microsoft Internet Information Services (IIS) 6.0, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inverse Lookup Log Corruption (ILLC)" issue.
Published Feb 5, 2010 · Updated Sep 16, 2024
Unknown · CVSS Not scored
MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attackers to decrypt the password via brute force methods.
Published Oct 24, 2007 · Updated Sep 16, 2024
Unknown · CVSS Not scored
nethack 3.4.0 and earlier installs certain setgid binaries with insecure permissions, which allows local users to gain privileges by replacing the original binaries with malicious code.
Published Jun 18, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
SonicWALL firmware before 6.4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI) field, (2) a large number of payloads, or (3) a long payload.
Published Feb 27, 2007 · Updated Sep 16, 2024