Search Results (Refine Search)

Search Parameters:
There are 162,422 matching records.
Displaying matches 157,761 through 157,780.
Vuln ID Summary CVSS Severity
CVE-2002-0379

Buffer overflow in University of Washington imap server (uw-imapd) imap-2001 (imapd 2001.315) and imap-2001a (imapd 2001.315) with legacy RFC 1730 support, and imapd 2000.287 and earlier, allows remote authenticated users to execute arbitrary code via a long BODY request.

Published: June 25, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2002-0381

The TCP implementation in various BSD operating systems (tcp_input.c) does not properly block connections to broadcast addresses, which could allow remote attackers to bypass intended filters via packets with a unicast link layer address and an IP broadcast address.

Published: June 25, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2002-0382

XChat IRC client allows remote attackers to execute arbitrary commands via a /dns command on a host whose DNS reverse lookup contains shell metacharacters.

Published: June 25, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2002-0042

Vulnerability in the XFS file system for SGI IRIX before 6.5.12 allows local users to cause a denial of service (hang) by creating a file that is not properly processed by XFS.

Published: June 18, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2002-0357

Unknown vulnerability in rpc.passwd in the nfs.sw.nis subsystem of SGI IRIX 6.5.15 and earlier allows local users to gain root privileges.

Published: June 18, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2002-0368

The Store Service in Microsoft Exchange 2000 allows remote attackers to cause a denial of service (CPU consumption) via a mail message with a malformed RFC message attribute, aka "Malformed Mail Attribute can Cause Exchange 2000 to Exhaust CPU Resources."

Published: June 18, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2002-0380

Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via an NFS packet.

Published: June 18, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2002-0388

Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow remote attackers to execute script via (1) the admin login page, or (2) the Pipermail index summaries.

Published: June 18, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2002-0389

Pipermail in Mailman stores private mail messages with predictable filenames in a world-executable directory, which allows local users to read private mailing list archives.

Published: June 18, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2002-0400

ISC BIND 9 before 9.2.1 allows remote attackers to cause a denial of service (shutdown) via a malformed DNS packet that triggers an error condition that is not properly handled when the rdataset parameter to the dns_message_findtype() function in message.c is not NULL, aka DoS_findtype.

Published: June 18, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2002-0401

SMB dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via malformed packets that cause Ethereal to dereference a NULL pointer.

Published: June 18, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2002-0402

Buffer overflow in X11 dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code while Ethereal is parsing keysyms.

Published: June 18, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2002-0403

DNS dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (CPU consumption) via a malformed packet that causes Ethereal to enter an infinite loop.

Published: June 18, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2002-0404

Vulnerability in GIOP dissector in Ethereal before 0.9.3 allows remote attackers to cause a denial of service (memory consumption).

Published: June 18, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2002-0575

Buffer overflow in OpenSSH before 2.9.9, and 3.x before 3.2.1, with Kerberos/AFS support and KerberosTgtPassing or AFSTokenPassing enabled, allows remote and local authenticated users to gain privileges.

Published: June 18, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2002-0576

ColdFusion 5.0 and earlier on Windows systems allows remote attackers to determine the absolute pathname of .cfm or .dbm files via an HTTP request that contains an MS-DOS device name such as NUL, which leaks the pathname in an error message.

Published: June 18, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2002-0577

Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service.

Published: June 18, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 2.1 LOW
CVE-2002-0578

Buffer overflow in 4D WebServer 6.7.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP request with Basic Authentication containing a long (1) user name or (2) password.

Published: June 18, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2002-0579

WorkforceROI Xpede 4.1 allows remote attackers to gain privileges as an Xpede administrator via a direct HTTP request to the /admin/adminproc.asp script, which does not prompt for a password.

Published: June 18, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2002-0580

WorkforceROI Xpede 4.1 allows remote attackers to obtain the database username via a request to datasource.asp, which leaks the username in a form and allows the attacker to more easily conduct brute force password guessing attacks.

Published: June 18, 2002; 12:00:00 AM -0400
V3.x:(not available)
V2.0: 7.5 HIGH