National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

There are 131,240 matching records.
Displaying matches 122841 through 122860.
Vuln ID Summary CVSS Severity
CVE-2004-1998

The Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to gain sensitive information via an invalid show parameter to modules.php, which reveals the full path in a PHP error message.

Published: May 05, 2004; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2004-1999

Cross-site scripting (XSS) vulnerability in the Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to inject arbitrary HTML and web script via the (1) ttitle or (2) sid parameters to modules.php.

Published: May 05, 2004; 12:00:00 AM -04:00
    V2: 4.3 MEDIUM
CVE-2004-2000

SQL injection vulnerability in the Downloads module in Php-Nuke 6.x through 7.2 allows remote attackers to execute arbitrary SQL via the (1) orderby or (2) sid parameters to modules.php.

Published: May 05, 2004; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2004-2001

ifconfig "-arp" in SGI IRIX 6.5 through 6.5.22m does not properly disable ARP requests from being sent or received.

Published: May 05, 2004; 12:00:00 AM -04:00
    V2: 4.6 MEDIUM
CVE-2004-2002

Unknown vulnerability in SGI IRIX 6.5 through 6.5.22m allows remote attackers to cause a denial of service via a certain UDP packet.

Published: May 05, 2004; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2003-0618

Multiple vulnerabilities in suidperl 5.6.1 and earlier allow a local user to obtain sensitive information about files for which the user does not have appropriate permissions.

Published: May 04, 2004; 12:00:00 AM -04:00
    V2: 2.1 LOW
CVE-2003-0648

Multiple buffer overflows in vfte, based on FTE, before 0.50, allow local users to execute arbitrary code.

Published: May 04, 2004; 12:00:00 AM -04:00
    V2: 10.0 HIGH
CVE-2003-0781

Unknown vulnerability in ecartis before 1.0.0 does not properly validate user input, which allows attackers to obtain mailing list passwords.

Published: May 04, 2004; 12:00:00 AM -04:00
    V2: 10.0 HIGH
CVE-2003-0782

Multiple buffer overflows in ecartis before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code.

Published: May 04, 2004; 12:00:00 AM -04:00
    V2: 10.0 HIGH
CVE-2004-0149

Multiple buffer overflows in xboing before 2.4 allow local users to gain privileges.

Published: May 04, 2004; 12:00:00 AM -04:00
    V2: 4.6 MEDIUM
CVE-2004-0174

Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on certain platforms, allows remote attackers to cause a denial of service (blocked new connections) via a "short-lived connection on a rarely-accessed listening socket."

Published: May 04, 2004; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2004-0176

Multiple buffer overflows in Ethereal 0.8.13 to 0.10.2 allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) NetFlow, (2) IGAP, (3) EIGRP, (4) PGM, (5) IrDA, (6) BGP, (7) ISUP, or (8) TCAP dissectors.

Published: May 04, 2004; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2004-0183

TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via ISAKMP packets containing a Delete payload with a large number of SPI's, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite.

Published: May 04, 2004; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2004-0184

Integer underflow in the isakmp_id_print for TCPDUMP 3.8.1 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with an Identification payload with a length that becomes less than 8 during byte order conversion, which causes an out-of-bounds read, as demonstrated by the Striker ISAKMP Protocol Test Suite.

Published: May 04, 2004; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2004-0218

isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (infinite loop) via an ISAKMP packet with a zero-length payload, as demonstrated by the Striker ISAKMP Protocol Test Suite.

Published: May 04, 2004; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2004-0219

isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a malformed IPSEC SA payload, as demonstrated by the Striker ISAKMP Protocol Test Suite.

Published: May 04, 2004; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2004-0220

isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service via an ISAKMP packet with a malformed Cert Request payload, which causes an integer underflow that is used in a malloc operation that is not properly handled, as demonstrated by the Striker ISAKMP Protocol Test Suite.

Published: May 04, 2004; 12:00:00 AM -04:00
    V2: 10.0 HIGH
CVE-2004-0221

isakmpd in OpenBSD 3.4 and earlier allows remote attackers to cause a denial of service (crash) via an ISAKMP packet with a delete payload containing a large number of SPIs, which triggers an out-of-bounds read error, as demonstrated by the Striker ISAKMP Protocol Test Suite.

Published: May 04, 2004; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2004-0222

Multiple memory leaks in isakmpd in OpenBSD 3.4 and earlier allow remote attackers to cause a denial of service (memory exhaustion) via certain ISAKMP packets, as demonstrated by the Striker ISAKMP Protocol Test Suite.

Published: May 04, 2004; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2004-0365

The dissect_attribute_value_pairs function in packet-radius.c for Ethereal 0.8.13 to 0.10.2 allows remote attackers to cause a denial of service (crash) via a malformed RADIUS packet that triggers a null dereference.

Published: May 04, 2004; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM