Unknown · CVSS Not scored
Buffer overflow in the LDAP component for Netscape Directory Server (NDS) 3.6 on HP-UX and other operating systems allows remote attackers to execute arbitrary code.
Published Jan 6, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Untrusted execution path vulnerability in the diag commands (1) lsmcode, (2) diag_exec, (3) invscout, and (4) invscoutd in AIX 5.1 through 5.3 allows local users to execute arbitrary programs by modifying the DIAGNOSTICS environment variable to point to a malicious Dctrl program.
Published Jan 6, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
SQL injection vulnerability in the (1) MDSYS.SDO_GEOM_TRIG_INS1 and (2) MDSYS.SDO_LRS_TRIG_INS default triggers in Oracle 9i and 10g allows remote attackers to execute arbitrary SQL commands via the new.table_name or new.column_name parameters.
Published Jan 6, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in newgrp in HP-UX B.11.00, B.11.04, and B.11.11 allows local users to gain elevated privileges.
Published Jan 6, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
gzip before 1.3 in Solaris 8, when called with the -f or -force flags, will change the permissions of files that are hard linked to the target files, which allows local users to view or modify these files.
Published Jan 19, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in Sun StorEdge Enterprise Storage Manager (ESM) 2.1 for Solaris 8 and Solaris 9 allows local users with the "ESMUser" role to gain root access.
Published Jan 19, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The POSIX Capability Linux Security Module (LSM) for Linux kernel 2.6 does not properly handle the credentials of a process that is launched before the module is loaded, which allows local users to gain privileges.
Published Jan 6, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple syscalls in the compat subsystem for NetBSD before 2.0 allow local users to cause a denial of service (kernel crash) via a large signal number to (1) xxx_sys_kill, (2) xxx_sys_sigaction, and possibly other translation functions.
Published Jan 6, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in dxterm in Ultrix 4.5 allows local users to execute arbitrary code via a long -setup parameter.
Published Jan 6, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The Microsoft Windows Media Player 9.0 ActiveX control may allow remote attackers to execute arbitrary web script in the Local computer zone via the (1) artist or (2) song fields of a music file, if the file is processed using Internet Explorer.
Published Jan 6, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Stack-based buffer overflow in the FTP daemon in HP-UX 11.11i, with the -v (debug) option enabled, allows remote attackers to execute arbitrary code via a long command request.
Published Jan 6, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Stack-based buffer overflow in Oracle 9i and 10g allows remote attackers to execute arbitrary code via a long token in the text of a wrapped procedure.
Published Jan 19, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cisco Unity 2.x, 3.x, and 4.x, when integrated with Microsoft Exchange, has several hard coded usernames and passwords, which allows remote attackers to gain unauthorized access and change configuration settings or read outgoing or incoming e-mail messages.
Published Jan 6, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Heap-based buffer overflow in winhlp32.exe in Windows NT, Windows 2000 through SP4, Windows XP through SP2, and Windows 2003 allows remote attackers to execute arbitrary code via a crafted .hlp file.
Published Jan 19, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow.
Published Jan 6, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple buffer overflows in Sun Java System Web Proxy Server (formerly Sun ONE Proxy Server) 3.6 through 3.6 SP4 allow remote attackers to execute arbitrary code via unknown vectors, possibly CONNECT requests.
Published Jan 19, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The execCommand method in Microsoft Internet Explorer 6.0 SP2 allows remote attackers to bypass the "File Download - Security Warning" dialog and save arbitrary files with arbitrary extensions via the SaveAs command.
Published Jan 6, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in namazu.cgi for Namazu 2.0.13 and earlier allows remote attackers to inject arbitrary HTML and web script via a query that starts with a tab ("%09") character, which prevents the rest of the query from being properly sanitized.
Published Jan 6, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Integer overflow in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (kernel crash) via a cmsg_len that contains a -1, which leads to a buffer overflow.
Published Jan 6, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Asante FM2008 running firmware 1.06 is shipped with a default username and password, which could allow remote attackers to gain unauthorized access.
Published Jan 6, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pam_radius_auth.conf set to be world-readable, which allows local users to obtain sensitive information.
Published Jan 29, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Memory leak in the ip_options_get function in the Linux kernel before 2.6.10 allows local users to cause a denial of service (memory consumption) by repeatedly calling the ip_cmsg_send function.
Published Jan 6, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The triggers in Oracle 9i and 10g allow local users to gain privileges by using a sequence of partially privileged actions: using CCBKAPPLROWTRIG or EXEC_CBK_FN_DML to add arbitrary functions to the SDO_CMT_DBK_FN_TABLE and SDO_CMT_CBK_DML_TABLE, then performing a DELETE on the SDO_TXN_IDX_INSERTS table, which causes the SDO_CMT_CBK_TRIG trigger to execute the user-supplied functions.
Published Jan 6, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in the system call filtering code in the audit subsystem for Red Hat Enterprise Linux 3 allows local users to cause a denial of service (system crash) via unknown vectors.
Published Jan 20, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in paginit in AIX 5.1 through 5.3 allows local users to execute arbitrary code via a long username.
Published Jan 6, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
A bug in the HTML parser in a certain Microsoft HTML library, as used in various third party products, may allow remote attackers to cause a denial of service via certain strings, as reported in GFI MailEssentials for Exchange 9 and 10, and GFI MailSecurity for Exchange 8, which causes emails to remain in IIS or Exchange mail queues.
Published Jan 6, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Race condition in the (1) load_elf_library and (2) binfmt_aout function calls for uselib in Linux kernel 2.4 through 2.429-rc2 and 2.6 through 2.6.10 allows local users to execute arbitrary code by manipulating the VMA descriptor.
Published Jan 20, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
hfaxd in HylaFAX before 4.2.1, when installed with a "weak" hosts.hfaxd file, allows remote attackers to authenticate and bypass intended access restrictions via a crafted (1) username or (2) hostname that satisfies a regular expression that is matched against a hosts.hfaxd entry without a password.
Published Jan 19, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in the driver script in mailman before 2.1.5 allows remote attackers to inject arbitrary web script or HTML via a URL, which is not properly escaped in the resulting error page.
Published Jan 19, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The EPSF pipe support in enscript 1.6.3 allows remote attackers or local users to execute arbitrary commands via shell metacharacters.
Published Jan 29, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
htmlheadline before 21.8 allows local users to overwrite arbitrary files via a symlink attack on temporary files.
Published Jan 22, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple buffer overflows in enscript 1.6.3 allow remote attackers or local users to cause a denial of service (application crash).
Published Jan 29, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Enscript 1.6.3 does not sanitize filenames, which allows remote attackers or local users to execute arbitrary commands via crafted filenames.
Published Jan 29, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Integer overflow in the tiffdump utility for libtiff 3.7.1 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted TIFF file.
Published Jan 19, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
fish.c in midnight commander allows remote attackers to execute arbitrary programs via "insecure filename quoting," possibly using shell metacharacters.
Published Jan 22, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The password generation in mailman before 2.1.5 generates only 5 million unique passwords, which makes it easier for remote attackers to guess passwords via a brute force attack.
Published Jan 19, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Stack-based buffer overflow in the in_cdda.dll plugin for Winamp 5.0 through 5.08c allows attackers to execute arbitrary code via a cda:// URL with a long (1) device name or (2) sound track number, as demonstrated with a .m3u or .pls playlist file.
Published Jan 29, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unknown vulnerability in chroot on SCO UnixWare 7.1.1 through 7.1.4 allows local users to escape the chroot jail and conduct unauthorized activities.
Published Jan 29, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer underflow in extfs.c in Midnight Commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.
Published Jan 22, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by triggering a null dereference.
Published Jan 22, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
direntry.c in Midnight Commander (mc) 4.5.55 and earlier allows attackers to cause a denial of service by "manipulating non-existing file handles."
Published Jan 22, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "use of already freed memory."
Published Jan 22, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple drivers in Linux kernel 2.4.19 and earlier do not properly mark memory with the VM_IO flag, which causes incorrect reference counts and may lead to a denial of service (kernel panic) when accessing freed kernel pages.
Published Jan 29, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service by causing mc to free unallocated memory.
Published Jan 22, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header."
Published Jan 22, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Integer overflow in the LoadImage API of the USER32 Lib for Microsoft Windows allows remote attackers to execute arbitrary code via a .bmp, .cur, .ico or .ani file with a large image size field, which leads to a buffer overflow, aka the "Cursor and Icon Format Handling Vulnerability."
Published Jan 19, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in mpg123 before 0.59s-r9 allows remote attackers to execute arbitrary code via frame headers in MP2 or MP3 files.
Published Jan 19, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each request.
Published Jan 19, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
lintian 1.23 and earlier removes the working directory even if it was not created by lintian, which may allow local users to delete arbitrary files or directories via a symlink attack.
Published Jan 19, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple buffer overflows in Midnight Commander (mc) 4.5.55 and earlier allow remote attackers to have an unknown impact.
Published Jan 22, 2005 · Updated Aug 8, 2024