National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

There are 129,378 matching records.
Displaying matches 122801 through 122820.
Vuln ID Summary CVSS Severity
CVE-2003-0150

MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf.

Published: March 24, 2003; 12:00:00 AM -05:00
    V2: 9.0 HIGH
CVE-2003-0151

BEA WebLogic Server and Express 6.0 through 7.0 does not properly restrict access to certain internal servlets that perform administrative functions, which allows remote attackers to read arbitrary files or execute arbitrary code.

Published: March 24, 2003; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2003-0156

Directory traversal vulnerability in Cross-Referencing Linux (LXR) allows remote attackers to read arbitrary files via .. (dot dot) sequences in the v parameter.

Published: March 24, 2003; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2003-1201

ldbm_back_exop_passwd in the back-ldbm backend in passwd.c for OpenLDAP 2.1.12 and earlier, when the slap_passwd_parse function does not return LDAP_SUCCESS, attempts to free an uninitialized pointer, which allows remote attackers to cause a denial of service (segmentation fault).

Published: March 20, 2003; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2002-0387

Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector Module for Sun ONE Application Server before 6.5 allows remote attackers to execute arbitrary code via a long HTTP request URL.

Published: March 18, 2003; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2003-0020

Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.

Published: March 18, 2003; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2003-0030

Buffer overflows in protegrity.dll of Protegrity Secure.Data Extension Feature (SEF) before 2.2.3.9 allow attackers with SQL access to execute arbitrary code via the extended stored procedures (1) xp_pty_checkusers, (2) xp_pty_insert, or (3) xp_pty_select.

Published: March 18, 2003; 12:00:00 AM -05:00
    V2: 10.0 HIGH
CVE-2003-0067

The aterm terminal emulator 0.42 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

Published: March 18, 2003; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2003-0069

The PuTTY terminal emulator 0.53 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

Published: March 18, 2003; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2003-0077

The hanterm (hanterm-xf) terminal emulator 2.0.5 and earlier, and possibly later versions, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

Published: March 18, 2003; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2003-0081

Format string vulnerability in packet-socks.c of the SOCKS dissector for Ethereal 0.8.7 through 0.9.9 allows remote attackers to execute arbitrary code via SOCKS packets containing format string specifiers.

Published: March 18, 2003; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2003-0102

Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).

Published: March 18, 2003; 12:00:00 AM -05:00
    V2: 4.6 MEDIUM
CVE-2003-0104

Directory traversal vulnerability in PeopleTools 8.10 through 8.18, 8.40, and 8.41 allows remote attackers to overwrite arbitrary files via the SchedulerTransfer servlet.

Published: March 18, 2003; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2003-0121

Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment that does not specify a MIME-Version header field, which is processed by some mail clients.

Published: March 18, 2003; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2003-0122

Buffer overflow in Notes server before Lotus Notes R4, R5 before 5.0.11, and early R6 allows remote attackers to execute arbitrary code via a long distinguished name (DN) during NotesRPC authentication and an outer field length that is less than that of the DN field.

Published: March 18, 2003; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2003-0123

Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 through R6 allows remote malicious web servers to cause a denial of service (crash) via a long HTTP status line.

Published: March 18, 2003; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2003-0124

man before 1.5l allows attackers to execute arbitrary code via a malformed man file with improper quotes, which causes the my_xsprintf function to return a string with the value "unsafe," which is then executed as a program via a system call if it is in the search path of the user who runs man.

Published: March 18, 2003; 12:00:00 AM -05:00
    V2: 4.6 MEDIUM
CVE-2003-0125

Buffer overflow in the web interface for SOHO Routefinder 550 before firmware 4.63 allows remote attackers to cause a denial of service (reboot) and execute arbitrary code via a long GET /OPTIONS value.

Published: March 18, 2003; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2003-0126

The web interface for SOHO Routefinder 550 firmware 4.63 and earlier, and possibly later versions, has a default "admin" account with a blank password, which could allow attackers on the LAN side to conduct unauthorized activities.

Published: March 18, 2003; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2003-0137

SNMP daemon in the DX200 based network element for Nokia Serving GPRS support node (SGSN) allows remote attackers to read SNMP options via arbitrary community strings.

Published: March 18, 2003; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM