Unknown · CVSS Not scored
ssh on HP Tru64 UNIX 5.1B and 5.1A does not properly handle RSA signatures when digital certificates and RSA keys are used, which could allow local and remote attackers to gain privileges.
Published Sep 3, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Buffer overflow in (1) foxweb.dll and (2) foxweb.exe of Foxweb 2.5 allows remote attackers to execute arbitrary code via a long URL (PATH_INFO value).
Published Sep 12, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
aff_liste_langue.php in E-theni allows remote attackers to execute arbitrary PHP code by modifying the rep_include parameter to reference a URL on a remote web server that contains para_langue.php.
Published Nov 16, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is a default web page configured, via a GET request containing a double slash (//).
Published May 10, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
find_theni_home.php in E-theni allows remote attackers to obtain sensitive system information via a URL request which executes phpinfo.
Published Nov 16, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Multiple buffer overflows in xbl before 1.0k allow local users to gain privileges via certain long command line arguments.
Published Jun 24, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
AN HTTP 1.41e allows remote attackers to cause a denial of service (borken pipe) via an HTTP request to aux.cgi with a long argument, possibly triggering a buffer overflow or MS-DOS device vulnerability.
Published Nov 16, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 does not enforce domain-name login restrictions, which allows remote attackers to bypass intended access control via an FTP connection.
Published Apr 5, 2010 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Multiple cross-site scripting (XSS) vulnerabilities in NukedWeb GuestBookHost allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) Email and (3) Message fields when signing the guestbook.
Published Feb 4, 2006 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Multiple buffer overflows in NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allow remote attackers to cause a denial of service (abend) via a long (1) username or (2) password.
Published Apr 5, 2010 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Unknown vulnerability in SGI IRIX 6.5.x through 6.5.20, and possibly earlier versions, allows local users to cause a core dump in scheme and possibly gain privileges via certain environment variables, a different vulnerability than CVE-2001-0797 and CVE-1999-0028.
Published Aug 18, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Buffer overflow in marbles 1.0.2 and earlier allows local users to gain privileges via a long HOME environment variable.
Published Oct 1, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerabilities in Yet Another Bulletin Board (YaBB) 1.5.0 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into (1) news_icon of news_template.php, and (2) threadid and subject of index.html
Published Nov 16, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Easy File Sharing (EFS) Web Server 1.2 stores the (1) option.ini (aka options.ini) file and (2) log directory under the web root with insufficient access control, which allows remote attackers to obtain sensitive information including an SMTP account username and password hash, the server configuration, and server log files.
Published Mar 19, 2006 · Updated Sep 16, 2024
Unknown · CVSS Not scored
GoAhead WebServer before 2.1.6 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an invalid URL, related to the websSafeUrl function.
Published Feb 6, 2009 · Updated Sep 16, 2024
Unknown · CVSS Not scored
sshd in OpenSSH 3.6.1p2 and earlier, when PermitRootLogin is disabled and using PAM keyboard-interactive authentication, does not insert a delay after a root login attempt with the correct password, which makes it easier for remote attackers to use timing differences to determine if the password step of a multi-step authentication is successful, a different vulnerability than CVE-2003-0190.
Published Aug 4, 2008 · Updated Sep 16, 2024
Unknown · CVSS Not scored
NWFTPD.nlm before 5.03.12 in the FTP server in Novell NetWare does not properly restrict filesystem use by anonymous users with NFS Gateway home directories, which allows remote attackers to bypass intended access restrictions via an FTP session.
Published Apr 5, 2010 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model.
Published Oct 25, 2007 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in sitebuilder.cgi in SiteBuilder 1.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the selectedpage parameter.
Published Sep 6, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Check Point FireWall-1 4.0 and 4.1 before SP5 allows remote attackers to obtain the IP addresses of internal interfaces via certain SecuRemote requests to TCP ports 256 or 264, which leaks the IP addresses in a reply packet.
Published Sep 6, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Cerberus FTP Server 2.1 stores usernames and passwords in plaintext, which could allow local users to gain access.
Published Oct 24, 2007 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET request.
Published Aug 5, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password."
Published Feb 28, 2006 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Buffer overflow in the mylo_log logging function for mod_mylo 0.2.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.
Published Aug 5, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Sun ONE (aka iPlanet) Web Server 6 on Windows, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-level domains, as demonstrated by a forged 123.123.123.123 domain name, related to an "Inverse Lookup Log Corruption (ILLC)" issue.
Published Feb 5, 2010 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Buffer overflow in omega-rpg 0.90 allows local users to execute arbitrary code via a long (1) command line or (2) environment variable.
Published Nov 18, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable.
Published Apr 15, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
nphpd.php in newsPHP 216 and earlier allows remote attackers to read arbitrary files via a full pathname to the target file in the nphp_config[LangFile] parameter.
Published Sep 6, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set.
Published Dec 17, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
AN HTTP 1.41e allows remote attackers to obtain the root web server path via an HTTP request with a long argument to a script, which leaks the path in an error message.
Published Nov 16, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Cisco Unity on IBM servers is shipped with default settings that should have been disabled by the manufacturer, which allows local or remote attackers to conduct unauthorized activities via (1) a "bubba" local user account, (2) an open TCP port 34571, or (3) when a local DHCP server is unavailable, a DHCP server on the manufacturer's test network.
Published Dec 11, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Cisco PIX firewall 6.2.x through 6.2.3, when configured as a VPN Client, allows remote attackers to cause a denial of service (dropped IPSec tunnel connection) via an IKE Phase I negotiation request to the outside interface of the firewall.
Published Dec 17, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, does not follow "-" entries in the /etc/group file, which may cause subsequent group membership entries to be processed inadvertently.
Published Aug 18, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Cross-site scripting vulnerability (XSS) in Nuked-Klan 1.3 beta and earlier allows remote attackers to steal authentication information via cookies by injecting arbitrary HTML or script into op of the (1) Team, (2) News, and (3) Liens modules.
Published Nov 16, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Buffer overflow in conquest 7.2 and earlier may allow a local user to execute arbitrary code via a long environment variable.
Published Nov 12, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
VMware ESX Server 1.5.2 before Patch 4 allows local users to execute arbitrary programs as root via certain modified VMware ESX Server environment variables.
Published Feb 1, 2006 · Updated Sep 16, 2024
Unknown · CVSS Not scored
tcptraceroute 1.4 and earlier does not fully drop privileges after obtaining a file descriptor for capturing packets, which may allow local users to gain access to the descriptor via a separate vulnerability in tcptraceroute.
Published Jun 28, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in Nokia Electronic Documentation (NED) 5.0 allows remote attackers to execute arbitrary web script and steal cookies via a URL to the docs/ directory that contains the script.
Published Sep 18, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Multiple buffer overflows in xgalaga 2.0.34 and earlier allow local users to gain privileges via a long HOME environment variable.
Published Jul 4, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Pocket Internet Explorer (PIE) 3.0 allows remote attackers to cause a denial of service (crash) via a Javascript function that uses the object.innerHTML function to recursively call that function.
Published Nov 16, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Sun Cluster 2.2 through 3.2 for Oracle Parallel Server / Real Application Clusters (OPS/RAC) allows local users to cause a denial of service (cluster node panic or abort) by launching a daemon listening on a TCP port that would otherwise be used by the Distributed Lock Manager (DLM), possibly involving this daemon responding in a manner that spoofs a cluster reconfiguration.
Published Aug 18, 2008 · Updated Sep 16, 2024
Unknown · CVSS Not scored
nphpd.php in newsPHP 216 and earlier allows remote attackers to bypass authentication via an HTTP request with a modified nphp_users array, which is used for authentication.
Published Sep 6, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inverse Lookup Log Corruption (ILLC)" issue.
Published Feb 5, 2010 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in John Beatty Easy PHP Photo Album 1.0 allows remote attackers to inject arbitrary web script or HTML via the dir parameter.
Published May 10, 2005 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Unknown vulnerability in HP NonStop Server D40.00 through D48.03, and G01.00 through G06.20, allows local users to gain additional privileges.
Published Jul 17, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
GoAhead WebServer before 2.1.5 on Windows 95, 98, and ME allows remote attackers to cause a denial of service (daemon crash) via an HTTP request with a (1) con, (2) nul, (3) clock$, or (4) config$ device name in a path component, different vectors than CVE-2001-0385.
Published Feb 6, 2009 · Updated Sep 16, 2024
Unknown · CVSS Not scored
run-mailcap in mime-support 3.22 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Published Apr 26, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Race condition in the can_open function in Elm ME+ 2.4, when installed setgid mail and the operating system lacks POSIX saved ID support, allows local users to read and modify certain files with the privileges of the mail group.
Published Mar 30, 2007 · Updated Sep 16, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in sqlfopenc for web-tools in SAP DB before 7.4.03.30 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a URL.
Published Nov 21, 2003 · Updated Sep 16, 2024
Unknown · CVSS Not scored
BRW WebWeaver 1.03 allows remote attackers to obtain sensitive server environment information via a URL request for testcgi.exe, which lists the values of environment variables and the current working directory.
Published Nov 16, 2005 · Updated Sep 16, 2024