Total
264 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0605 | 2 Ircd-hybrid, Ircd-ratbox | 2 Ircd-hybrid, Ircd-ratbox | 2024-02-04 | 5.0 MEDIUM | N/A |
Non-registered IRC users using (1) ircd-hybrid 7.0.1 and earlier, (2) ircd-ratbox 1.5.1 and earlier, or (3) ircd-ratbox 2.0rc6 and earlier do not have a rate-limit imposed, which could allow remote attackers to cause a denial of service by repeatedly making requests, which are slowly dequeued. | |||||
CVE-2003-1452 | 1 Qualcomm | 1 Qpopper | 2024-02-04 | 3.6 LOW | N/A |
Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4.05 allows local users to execute arbitrary code by modifying the PATH environment variable to reference a malicious smbpasswd program. | |||||
CVE-2003-1457 | 1 Auerswald | 1 Comsuite Cti Controlcenter | 2024-02-04 | 4.6 MEDIUM | N/A |
Auerswald COMsuite CTI ControlCenter 3.1 creates a default "runasositron" user account with an easily guessable password, which allows local users or remote attackers to gain access. | |||||
CVE-2003-1367 | 1 Great Circle Associates | 1 Majordomo | 2024-02-04 | 7.8 HIGH | N/A |
The which_access variable for Majordomo 2.0 through 1.94.4, and possibly earlier versions, is set to "open" by default, which allows remote attackers to identify the email addresses of members of mailing lists via a "which" command. | |||||
CVE-1999-0656 | 1 Linux | 1 Linux Kernel | 2024-02-04 | 5.0 MEDIUM | N/A |
The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names. | |||||
CVE-1999-0886 | 1 Microsoft | 1 Windows Nt | 2024-02-04 | 9.0 HIGH | N/A |
The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT Service Control Manager. | |||||
CVE-2002-2373 | 1 Apple | 2 Apple Laserwriter, Tcp Ip Configuration Utility | 2024-02-04 | 7.5 HIGH | N/A |
The default configuration of the TCP/IP printer configuration utility in Apple LaserWriter 12/640 PS printer contains a blank Telnet password, which allows remote attackers to gain access. | |||||
CVE-2003-1357 | 2 Microsoft, Replicom | 2 Windows Nt, Proxyview | 2024-02-04 | 10.0 HIGH | N/A |
ProxyView has a default administrator password of Administrator for Embedded Windows NT, which allows remote attackers to gain access. | |||||
CVE-2003-1426 | 1 Cpanel | 1 Cpanel | 2024-02-04 | 3.3 LOW | N/A |
Openwebmail in cPanel 5.0, when run using suid Perl, adds the directory in the SCRIPT_FILENAME environment variable to Perl's @INC include array, which allows local users to execute arbitrary code by modifying SCRIPT_FILENAME to reference a directory containing a malicious openwebmail-shared.pl executable. | |||||
CVE-2002-2247 | 1 Mambo | 1 Mambo Site Server | 2024-02-04 | 5.0 MEDIUM | N/A |
The administrator/phpinfo.php script in Mambo Site Server 4.0.11 allows remote attackers to obtain sensitive information such as the full web root path via phpinfo.php, which calls the phpinfo function. | |||||
CVE-2003-1422 | 1 Gentoo | 1 Syslinux | 2024-02-04 | 10.0 HIGH | N/A |
Multiple unspecified vulnerabilities in the installer for SYSLINUX 2.01, when running setuid root, allow local users to gain privileges via unknown vectors. | |||||
CVE-1999-0766 | 1 Microsoft | 2 Internet Explorer, Java Virtual Machine | 2024-02-04 | 9.3 HIGH | N/A |
The Microsoft Java Virtual Machine allows a malicious Java applet to execute arbitrary commands outside of the sandbox environment. | |||||
CVE-2002-2336 | 1 Symantec | 1 Norton Personal Firewall | 2024-02-04 | 4.3 MEDIUM | N/A |
Norton Personal Firewall 2002 4.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. | |||||
CVE-1999-0875 | 2 Microsoft, Sun | 5 Windows 2000, Windows 95, Windows 98se and 2 more | 2024-02-04 | 7.5 HIGH | N/A |
DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes. | |||||
CVE-2003-1449 | 1 Aladdin Knowledge Systems | 1 Esafe Gateway | 2024-02-04 | 7.5 HIGH | N/A |
Aladdin Knowlege Systems eSafe Gateway 3.5.126.0 does not check the entire stream of Content Vectoring Protocol (CVP) data, which allows remote attackers to bypass virus protection. | |||||
CVE-2002-2285 | 1 Broadcom | 1 Inoculateit | 2024-02-04 | 4.3 MEDIUM | N/A |
eTrust InoculateIT 6.0 with the "Incremental Scan" option enabled may certify that a file is free of viruses before the file has been completely downloaded, which allows remote attackers to bypass virus detection. | |||||
CVE-2003-1341 | 1 Trend Micro | 2 Officescan, Virus Buster | 2024-02-04 | 7.5 HIGH | N/A |
The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe. | |||||
CVE-1999-0725 | 1 Microsoft | 1 Internet Information Server | 2024-02-04 | 7.1 HIGH | N/A |
When IIS is run with a default language of Chinese, Korean, or Japanese, it allows a remote attacker to view the source code of certain files, a.k.a. "Double Byte Code Page". | |||||
CVE-2003-1362 | 1 Hp | 2 Bastille, Hp-ux | 2024-02-04 | 7.8 HIGH | N/A |
Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly configure the (1) NOVRFY and (2) NOEXPN options in the sendmail.cf file, which could allow remote attackers to verify the existence of system users and expand defined sendmail aliases. | |||||
CVE-2003-1352 | 1 Gabber | 1 Gabber | 2024-02-04 | 5.0 MEDIUM | N/A |
Gabber 0.8.7 sends an email to a specific address during user login and logout, which allows remote attackers to obtain user session activity and Gabber version number by sniffing. |