Total
28799 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0915 | 1 Harald Hoyer | 2 Autorun, Xandros Desktop Os | 2008-09-05 | 2.1 LOW | N/A |
| autorun in Xandros based Linux distributions allows local users to read the first line of arbitrary files via the -c parameter, which causes autorun to print the first line of the file. | |||||
| CVE-2002-0914 | 1 Double Precision Incorporated | 1 Courier Mta | 2008-09-05 | 5.0 MEDIUM | N/A |
| Double Precision Courier e-mail MTA allows remote attackers to cause a denial of service (CPU consumption) via a message with an extremely large or negative value for the year, which causes a tight loop. | |||||
| CVE-2002-0912 | 1 Debian | 1 Debian Linux | 2008-09-05 | 5.0 MEDIUM | N/A |
| in.uucpd UUCP server in Debian GNU/Linux 2.2, and possibly other operating systems, does not properly terminate long strings, which allows remote attackers to cause a denial of service, possibly due to a buffer overflow. | |||||
| CVE-2002-0911 | 1 Caldera | 1 Volution Manager | 2008-09-05 | 7.2 HIGH | N/A |
| Caldera Volution Manager 1.1 stores the Directory Administrator password in cleartext in the slapd.conf file, which could allow local users to gain privileges. | |||||
| CVE-2002-0910 | 1 Debian | 1 Netstd | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflows in netstd 3.07-17 package allows remote DNS servers to execute arbitrary code via a long FQDN reply, as observed in the utilities (1) linux-ftpd, (2) pcnfsd, (3) tftp, (4) traceroute, or (5) from/to. | |||||
| CVE-2002-0908 | 1 Cisco | 1 Ids Device Manager | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the web server for Cisco IDS Device Manager before 3.1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTPS request. | |||||
| CVE-2002-0907 | 1 Nullsoft | 1 Shoutcast Server | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in SHOUTcast 1.8.9 and other versions before 1.8.12 allows a remote authenticated DJ to execute arbitrary code on the server via a long value in a header whose name begins with "icy-". | |||||
| CVE-2002-0905 | 1 Ibm | 1 Informix | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflow in sqlexec for Informix SE-7.25 allows local users to gain root privileges via a long INFORMIXDIR environment variable. | |||||
| CVE-2002-0903 | 1 Woltlab | 1 Burning Board | 2008-09-05 | 7.5 HIGH | N/A |
| register.php for WoltLab Burning Board (wbboard) 1.1.1 uses a small number of random values for the "code" parameter that is provided to action.php to approve a new registration, along with predictable new user ID's, which allows remote attackers to hijack new user accounts via a brute force attack on the new user ID and the code value. | |||||
| CVE-2002-0902 | 1 Phpbb Group | 1 Phpbb | 2008-09-05 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in phpBB 2.0.0 (phpBB2) allows remote attackers to execute Javascript as other phpBB users by including a http:// and a double-quote (") in the [IMG] tag, which bypasses phpBB's security check, terminates the src parameter of the resulting HTML IMG tag, and injects the script. | |||||
| CVE-2002-0901 | 1 Amanda | 1 Amanda | 2008-09-05 | 10.0 HIGH | N/A |
| Multiple buffer overflows in Advanced Maryland Automatic Network Disk Archiver (AMANDA) 2.3.0.4 allow (1) remote attackers to execute arbitrary code via long commands to the amindexd daemon, or certain local users to execute arbitrary code via long command line arguments to the programs (2) amcheck, (3) amgetidx, (4) amtrmidx, (5) createindex-dump, or (6) createindex-gnutar. | |||||
| CVE-2002-0900 | 1 Mit | 1 Pgp Public Key Server | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in pks PGP public key web server before 0.9.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long search argument to the lookup capability. | |||||
| CVE-2002-0899 | 1 Blueface | 1 Falcon Web Server | 2008-09-05 | 7.5 HIGH | N/A |
| Falcon web server 2.0.0.1021 and earlier allows remote attackers to bypass access restrictions for protected files via a URL whose directory portion ends in a . (dot). | |||||
| CVE-2002-0897 | 1 Intranet-server | 1 Localweb2000 | 2008-09-05 | 7.5 HIGH | N/A |
| LocalWEB2000 2.1.0 web server allows remote attackers to bypass access restrictions for restricted files via a URL that contains the "/./" directory. | |||||
| CVE-2002-0896 | 1 Swatch | 1 Swatch | 2008-09-05 | 5.0 MEDIUM | N/A |
| The throttle capability in Swatch may fail to report certain events if (1) the same type of event occurs after the throttle period, or (2) when multiple events matching the same "watchfor" expression do not occur after the throttle period, which could allow attackers to avoid detection. | |||||
| CVE-2002-0895 | 1 Matu | 1 Matu Ftp | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in MatuFtpServer 1.1.3.0 (1.1.3) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long PASS (password) command. | |||||
| CVE-2002-0894 | 1 New Atlanta Communications | 1 Servletexec Isapi | 2008-09-05 | 5.0 MEDIUM | N/A |
| NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to cause a denial of service (crash) via (1) a request for a long .jsp file, or (2) a long URL sent directly to com.newatlanta.servletexec.JSP10Servlet. | |||||
| CVE-2002-0893 | 1 New Atlanta Communications | 1 Servletexec Isapi | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to read arbitrary files via a URL-encoded request to com.newatlanta.servletexec.JSP10Servlet containing "..%5c" (modified dot-dot) sequences. | |||||
| CVE-2002-0892 | 1 New Atlanta Communications | 1 Servletexec Isapi | 2008-09-05 | 5.0 MEDIUM | N/A |
| The default configuration of NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to determine the path of the web root via a direct request to com.newatlanta.servletexec.JSP10Servlet without a filename, which leaks the pathname in an error message. | |||||
| CVE-2002-0891 | 1 Juniper | 1 Netscreen Screenos | 2008-09-05 | 5.0 MEDIUM | N/A |
| The web interface (WebUI) of NetScreen ScreenOS before 2.6.1r8, and certain 2.8.x and 3.0.x versions before 3.0.3r1, allows remote attackers to cause a denial of service (crash) via a long user name. | |||||