Unknown · CVSS Not scored
Serena TeamTrack 6.1.1 allows remote attackers to obtain sensitive information such as user names, versions, and database information, and conduct cross-site scripting (XSS) attacks, via a direct request to tmtrack.dll with modified LoginPage and Template parameters.
Published Nov 22, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple SQL injection vulnerabilities in Internet Software Sciences Web+Center 4.0.1 allow remote attackers to execute arbitrary SQL commands via (1) the ISS_TECH_CENTER_LOGIN cookie in search.asp and (2) one or more cookies in DoCustomerOptions.asp.
Published Nov 22, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple cross-site scripting (XSS) vulnerabilities in NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attackers to inject arbitrary web script or HTML via (a) a URI containing the script, or (b) the username field in the login form. NOTE: it is possible that the first attack vector is resultant from the error message issue (CVE-2004-2547).
Published Nov 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple buffer overflows in Quake II server before R1Q2, as used in multiple products, allow local users to cause a denial of service (application crash) via the server console or rcon.
Published Nov 29, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Opera before 7.54 allows remote attackers to modify properties and methods of the location object and execute Javascript to read arbitrary files from the client's local filesystem or display a false URL to the user.
Published Nov 22, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
frmAddfolder.aspx in SmarterTools SmarterMail 1.6.1511 and 1.6.1529 allows remote authenticated users to create a folder that SmarterMail cannot delete or rename via a folder name with a null byte ("%00"). NOTE: it is not clear whether this issue poses a vulnerability.
Published Nov 28, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple directory traversal vulnerabilities in Sambar Server 6.1 Beta 2 on Windows, and possibly other versions on Linux, when the administrative IP address restrictions have been modified from the default, allow remote authenticated users to read arbitrary files via (1) a "..\" (dot dot backslash) in the file parameter to showini.asp, or (2) an absolute path with drive letter in the log parameter to showlog.asp.
Published Nov 22, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in Cscope 15.5, and possibly multiple overflows, allows remote attackers to execute arbitrary code via a C file with a long #include line that is later browsed by the target.
Published Nov 20, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Riverdeep FoolProof Security 3.9.x on Windows 98 and Windows ME uses weak cryptography (arithmetic and XOR operations) to relate the Control password to the Administrator password, which allows local users to calculate the Administrator password if they know the Control password and password recovery key.
Published Nov 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Novell Client Firewall (NCF) 2.0, as based on the Agnitum Outpost Firewall, allows local users to execute arbitrary code with SYSTEM privileges by opening the NCF tray icon and using the Help functionality to launch programs with SYSTEM privileges.
Published Nov 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
DokuWiki before 2004-10-19, when used on a web server that permits execution based on file extension, allows remote attackers to execute arbitrary code by uploading a file with an appropriate extension such as ".php" or ".cgi".
Published Nov 22, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
phpGroupWare before 0.9.16.002 transmits the (1) header admin and (2) setup passwords in plaintext via cookies, which allows remote attackers to sniff passwords.
Published Nov 28, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
ACLCHECK module in Novell iChain 2.3 allows attackers to bypass access control rules of an unspecified component via an unspecified attack vector involving a string that contains escape sequences represented with "overlong UTF-8 encoding."
Published Nov 28, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple SQL injection vulnerabilities in Layton HelpBox 3.0.1 allow remote attackers to execute arbitrary SQL commands via (1) the sys_comment_id parameter in editcommentenduser.asp, (2) the sys_suspend_id parameter in editsuspensionuser.asp, (3) the table parameter in export_data.asp, (4) the sys_analgroup parameter in manageanalgrouppreference.asp, (5) the sys_asset_id parameter in quickinfoassetrequests.asp, (6) the sys_eusername parameter in quickinfoenduserrequests.asp, and the sys_request_id parameter in (7) requestauditlog.asp, (8) requestcommentsenduser.asp, (9) selectrequestapplytemplate.asp, and (10) selectrequestlink.asp, resulting in an ability to create a new HelpBox user account and read, modify, or delete data from the backend database.
Published Nov 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in Novell iChain 2.3 allows remote attackers to obtain login credentials via unspecified vectors.
Published Nov 28, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple SQL injection vulnerabilities in ReciPants 1.1.1 allow remote attackers to execute arbitrary SQL commands via the (1) user id, (2) recipe id, (3) category id, and (4) other ID number fields.
Published Nov 22, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
DokuWiki before 2004-10-19 allows remote attackers to access administrative functionality including (1) Mediaselectiondialog, (2) Recent changes, (3) feed, and (4) search, possibly due to the lack of ACL checks.
Published Nov 22, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Novell iChain 2.3 includes the build number in the VIA line of the proxy server's HTTP headers, which allows remote attackers to obtain sensitive information.
Published Nov 28, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Secure Computing Corporation Sidewinder G2 6.1.0.01 might allow remote attackers to cause a denial of service (proxy failure) via invalid traffic to the (1) T.120 or (2) RTSP proxy, or (3) invalid MIME messages to the mail filter. NOTE: this might not be a vulnerability because the embedded monitoring sub-system automatically restarts after the failure.
Published Nov 20, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
NetWin (1) SurgeMail before 2.0c and (2) WebMail allow remote attackers to obtain sensitive information via HTTP requests that (a) specify the / URI, (b) specify the /scripts/ URI, or (c) specify a non-existent file, which reveal the path in an error message.
Published Nov 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The Ignition Project ignitionServer 0.1.2 through 0.1.2-R2 allows remote authenticated users with local IRC operator privileges to obtain global IRC operator privileges by using the unofficial umode command with the +ORD argument.
Published Nov 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple memory leaks in Samba before 3.0.6 allow attackers to cause a denial of service (memory consumption).
Published Nov 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in XBoard 4.2.7 and earlier might allow local users to execute arbitrary code via a long -icshost command line argument. NOTE: since the program is not setuid and not normally called from remote programs, there may not be a typical attack vector for the issue that crosses privilege boundaries. Therefore this may not be a vulnerability.
Published Nov 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Unspecified vulnerability in IBM Tivoli SecureWay Policy Director 3.8, Access Manager for e-business 3.9 to 5.1, Access Manager Identity Manager Solution 5.1, Configuration Manager 4.2, Configuration Manager for Automated Teller Machines 2.1.0, and IBM WebSphere Everyplace Server, Service Provider Offering for Multi-platforms 2.1.3 to 2.15 allow remote attackers to hijack sessions of authenticated users via unknown attack vectors involving certain cookies, aka "Potential Credential Impersonation Attack."
Published Nov 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
readObject in (1) Java Runtime Environment (JRE) and (2) Software Development Kit (SDK) 1.4.0 through 1.4.2_05 allows remote attackers to cause a denial of service (JVM unresponsive) via crafted serialized data.
Published Nov 16, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple cross-site scripting (XSS) vulnerabilities in unspecified Perl scripts in SandSurfer before 1.7.1 allow remote attackers to inject arbitrary web script or HTML, which is later executed by a target who views reports containing the injected data.
Published Nov 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Admin Console in Secure Computing Corporation Sidewinder G2 6.1.0.01 exports private keys when exporting firewall certificates, which might allow attackers to obtain sensitive information.
Published Nov 20, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Nortel Wireless LAN (WLAN) Access Point (AP) 2220, 2221, and 2225 allow remote attackers to cause a denial of service (service crash) via a TCP request with a large string, followed by 8 newline characters, to (1) the Telnet service on TCP port 23 and (2) the HTTP service on TCP port 80, possibly due to a buffer overflow.
Published Nov 21, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple SQL injection vulnerabilities in Dynix (formerly known as epixtech) WebPAC allow remote attackers to execute arbitrary SQL commands via unknown attack vectors, resulting in an ability to execute stored procedures, bypass login authentication, and cause an unspecified denial of service to backend databases.
Published Nov 20, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Integer overflow in fetch on FreeBSD 4.1 through 5.3 allows remote malicious servers to execute arbitrary code via certain HTTP headers in an HTTP response, which lead to a buffer overflow.
Published Nov 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
sudo before 1.6.8p2 allows local users to execute arbitrary commands by using "()" style environment variables to create functions that have the same name as any program within the bash script that is called without using the program's full pathname.
Published Nov 18, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the http_open function in Kaffeine before 0.5, whose code is also used in gxine before 0.3.3, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long Content-Type header for a Real Audio Media (.ram) playlist file.
Published Nov 16, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
iCal before 1.5.4 on Mac OS X 10.2.3, and other later versions, does not alert the user when handling calendars that use alarms, which allows attackers to execute programs and send e-mail via alarms.
Published Nov 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable.
Published Nov 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Format string vulnerability in ez-ipupdate.c for ez-ipupdate 3.0.10 through 3.0.11b8, when running in daemon mode with certain service types in use, allows remote servers to execute arbitrary code.
Published Nov 19, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the getauthfromURL function in httpget.c in mpg123 pre0.59s and mpg123 0.59r could allow remote attackers or local users to execute arbitrary code via an mp3 file that contains a long string before the @ (at sign) in a URL.
Published Nov 19, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the getnickuserhost function in BNC 2.8.9, and possibly other versions, allows remote IRC servers to execute arbitrary code via an IRC server response that contains many (1) ! (exclamation) or (2) @ (at sign) characters.
Published Nov 18, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The search function in TWiki 20030201 allows remote attackers to execute arbitrary commands via shell metacharacters in a search string.
Published Nov 19, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Cross-site scripting (XSS) vulnerability in the decoding of encoded text in certain headers in mime.php for SquirrelMail 1.4.3a and earlier, and 1.5.1-cvs before 23rd October 2004, allows remote attackers to execute arbitrary web script or HTML.
Published Nov 16, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Integer underflow in pppd in cbcp.c for ppp 2.4.1 allows remote attackers to cause a denial of service (daemon crash) via a CBCP packet with an invalid length value that causes pppd to access an incorrect memory location.
Published Nov 4, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The Sun Java Plugin capability in Java 2 Runtime Environment (JRE) 1.4.2_01, 1.4.2_04, and possibly earlier versions, does not properly restrict access between Javascript and Java applets during data transfer, which allows remote attackers to load unsafe classes and execute arbitrary code by using the reflection API to access private Java packages.
Published Nov 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Format string vulnerability in the log functions in dhcpd for dhcp 2.x allows remote DNS servers to execute arbitrary code via certain DNS messages, a different vulnerability than CVE-2002-0702.
Published Nov 19, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in Info-Zip 2.3 and possibly earlier versions, when using recursive folder compression, allows remote attackers to execute arbitrary code via a ZIP file containing a long pathname.
Published Nov 9, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to gain sensitive information by calling fcronsighup with an arbitrary file, which reveals the contents of the file that can not be parsed in an error message.
Published Nov 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to bypass access restrictions and load an arbitrary configuration file by starting an suid process and pointing the fcronsighup configuration file to a /proc entry that is owned by root but modifiable by the user, such as /proc/self/cmdline or /proc/self/environ.
Published Nov 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
fcronsighup in Fcron 2.0.1, 2.9.4, and possibly earlier versions allows local users to delete arbitrary files or create arbitrary empty files via a target filename with a large number of leading slash (/) characters such that fcronsighup does not properly append the intended fcrontab.sig to the resulting string.
Published Nov 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.6.0-pl2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the PmaAbsoluteUri parameter, (2) the zero_rows parameter in read_dump.php, (3) the confirm form, or (4) an error message generated by the internal phpMyAdmin parser.
Published Nov 24, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the EXIF parsing routine in ImageMagick before 6.1.0 allows remote attackers to execute arbitrary code via a certain image file.
Published Nov 19, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple integer signedness errors in (1) imapcommon.c, (2) main.c, (3) request.c, and (4) select.c for up-imapproxy IMAP proxy 1.2.2 allow remote attackers to cause a denial of service (server crash) and possibly leak sensitive information via certain literal values that are not properly handled when using the IMAP_Line_Read function.
Published Nov 16, 2004 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in the -x (extract) command line option in unarj allows remote attackers to overwrite arbitrary files via an arj archive with filenames that contain .. (dot dot) sequences.
Published Nov 16, 2004 · Updated Aug 8, 2024