National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

There are 129,472 matching records.
Displaying matches 123021 through 123040.
Vuln ID Summary CVSS Severity
CVE-2002-1400

Heap-based buffer overflow in the repeat() function for PostgreSQL before 7.2.2 allows attackers to execute arbitrary code by causing repeat() to generate a large string.

Published: January 17, 2003; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2002-1401

Buffer overflows in (1) circle_poly, (2) path_encode and (3) path_add (also incorrectly identified as path_addr) for PostgreSQL 7.2.3 and earlier allow attackers to cause a denial of service and possibly execute arbitrary code, possibly as a result of an integer overflow.

Published: January 17, 2003; 12:00:00 AM -05:00
    V2: 6.5 MEDIUM
CVE-2002-1402

Buffer overflows in the (1) TZ and (2) SET TIME ZONE enivronment variables for PostgreSQL 7.2.1 and earlier allow local users to cause a denial of service and possibly execute arbitrary code.

Published: January 17, 2003; 12:00:00 AM -05:00
    V2: 4.6 MEDIUM
CVE-2002-1403

dhcpcd DHCP client daemon 1.3.22 and earlier allows local users to execute arbitrary code via shell metacharacters that are fed from a dhcpd .info script into a .exe script.

Published: January 17, 2003; 12:00:00 AM -05:00
    V2: 7.2 HIGH
CVE-2003-0001

Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.

Published: January 17, 2003; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2003-0012

The data collection script for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 sets world-writable permissions for the data/mining directory when it runs, which allows local users to modify or delete the data.

Published: January 17, 2003; 12:00:00 AM -05:00
    V2: 2.1 LOW
CVE-2003-0013

The default .htaccess scripts for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 do not include filenames for backup copies of the localconfig file that are made from editors such as vi and Emacs, which could allow remote attackers to obtain a database password by directly accessing the backup file.

Published: January 17, 2003; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2003-0025

Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3.

Published: January 17, 2003; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2003-0026

Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname.

Published: January 17, 2003; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2003-0031

Multiple buffer overflows in libmcrypt before 2.5.5 allow attackers to cause a denial of service (crash).

Published: January 17, 2003; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2003-0032

Memory leak in libmcrypt before 2.5.5 allows attackers to cause a denial of service (memory exhaustion) via a large number of requests to the application, which causes libmcrypt to dynamically load algorithms via libtool.

Published: January 17, 2003; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2003-0014

gsinterf.c in bmv 1.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.

Published: January 11, 2003; 12:00:00 AM -05:00
    V2: 4.6 MEDIUM
CVE-2002-0626

Polycom ViewStation before 7.2.4 has a default null password for the administrator account, which allows arbitrary users to conduct unauthorized activities.

Published: January 07, 2003; 12:00:00 AM -05:00
    V2: 10.0 HIGH
CVE-2002-0627

The Web server for Polycom ViewStation before 7.2.4 allows remote attackers to bypass authentication and read files via Unicode encoded requests.

Published: January 07, 2003; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2002-0628

The Telnet service for Polycom ViewStation before 7.2.4 does not restrict the number of failed login attempts, which makes it easier for remote attackers to guess usernames and passwords via a brute force attack.

Published: January 07, 2003; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2002-0629

The Telnet service for Polycom ViewStation before 7.2.4 allows remote attackers to cause a denial of service (crash) via multiple connections to the server.

Published: January 07, 2003; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2002-0630

The Telnet service for Polycom ViewStation before 7.2.4 allows remote attackers to cause a denial of service (crash) via long or malformed ICMP packets.

Published: January 07, 2003; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2003-1071

rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header.

Published: January 03, 2003; 12:00:00 AM -05:00
    V2: 2.1 LOW
CVE-2002-1378

Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allow remote attackers to execute arbitrary code via (1) long -t or -r parameters to slurpd, (2) a malicious ldapfilter.conf file that is not properly handled by getfilter functions, (3) a malicious ldaptemplates.conf that causes an overflow in libldap, (4) a certain access control list that causes an overflow in slapd, or (5) a long generated filename for logging rejected replication requests.

Published: January 02, 2003; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2002-1379

OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows remote or local attackers to execute arbitrary code when libldap reads the .ldaprc file within applications that are running with extra privileges.

Published: January 02, 2003; 12:00:00 AM -05:00
    V2: 7.5 HIGH