Lucene search
+L

1179 matches found

CERT
CERT
added 2002/09/12 12:0 a.m.15 views

HP Tru64 UNIX "ping" contains locally exploitable vulnerability (SSRT2229)

Overview The HP Tru64 UNIX implementation of "ping" contains a locally exploitable vulnerability. Description "ping" is used to send ICMP echo requests to other hosts on the Internet. A locally exploitable vulnerability in "ping" may permit a local attacker to perform a denial-of-service attack o...

6.6AI score
Exploits0References1
CERT
CERT
added 2002/09/10 12:0 a.m.13 views

HP Tru64 UNIX "csh" contains buffer overflow (SSRT2275)

Overview The HP Tru64 UNIX implementation of "csh" contains a locally exploitable buffer overflow. Description "csh" is used to invoke the C shell and interpret commands. A locally exploitable buffer overflow in "csh" may permit a local attacker to gain elevated privileges and execute arbitrary...

8.3AI score
Exploits0References1
CERT
CERT
added 2002/09/10 12:0 a.m.15 views

HP Tru64 UNIX "rdist" contains buffer overflow (SSRT2275)

Overview The HP Tru64 UNIX implementation of "rdist" contains a locally exploitable buffer overflow. Description "rdist" allows a user to maintain identical copies of files on multiple hosts. A locally exploitable buffer overflow in "rdist" may permit a local attacker to gain elevated privileges...

8.2AI score
Exploits0References1
CERT
CERT
added 2002/09/09 12:0 a.m.31 views

HP Tru64 UNIX "quot" contains buffer overflow (SSRT2191)

Overview The HP Tru64 UNIX implementation of "quot" contains a locally exploitable buffer overflow. Description "quot" is used to summarize file system ownership. A locally exploitable buffer overflow in "quot" may permit a local attacker to gain elevated privileges and execute arbitrary code on ...

8.2AI score
Exploits0References1
CERT
CERT
added 2002/09/06 12:0 a.m.20 views

HP Tru64 UNIX "lpd" contains buffer overflow (SSRT2275)

Overview The HP Tru64 UNIX implementation of "lpd" contains a locally exploitable buffer overflow. Description "lpd" is used to handle the printer spool area. A locally exploitable buffer overflow in "lpd" may permit a local attacker to gain elevated privileges and execute arbitrary code on a...

8.2AI score
Exploits0References1
CERT
CERT
added 2002/08/22 12:0 a.m.37 views

Novell Netware RCONAG6 fails to validate user password when "Secure IP" is used to establish connection

Overview Novell Netware RCONAG6 allows users to gain access to the server without a password. Description Novell Netware RCONAG6 allows users to remotely administer a Novell host. A vulnerability in RCONAG6 makes it possible for a remote user to connect to the server without supplying a password...

7.5CVSS6.6AI score0.03317EPSS
Exploits0References1
CERT
CERT
added 2002/07/25 12:0 a.m.37 views

Microsoft SQL Server contains buffer overflow in code used to process "BULK INSERT" queries

Overview The Microsoft SQL Server contains a buffer overflow vulnerability that may allow remote attackers to execute arbitrary code with system privileges. Description The Microsoft SQL Server contains a buffer overflow vulnerability in the code used to process "Bulk Insert" queries. Bulk Insert...

7.5CVSS8.1AI score0.11237EPSS
Exploits0References6
CERT
CERT
added 2002/07/11 12:0 a.m.108 views

Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) does not adequately validate file operations

Overview The Common Desktop Environment CDE ToolTalk RPC database server does not adequately validate file operations and follows symbolic links, allowing a local attacker to overwrite any file that is writeable by the server. The ToolTalk RPC database server typically runs with root privileges...

7.2CVSS6.9AI score0.09418EPSS
Exploits0References2
CERT
CERT
added 2002/07/11 12:0 a.m.34 views

Network Associates PGP Outlook Plug-in contains buffer overflow in decoding mechanism

Overview A remotely exploitable buffer overflow exists in the Network Associates PGP Outlook Plug-in. Description As reported in eEye Digital Security Advisory AD20020710, a remotely exploitable buffer overflow exists in the PGP Outlook Plug-in. By sending a specially crafted message to a victim,...

7.5CVSS7.4AI score0.02647EPSS
Exploits0References3
CERT
CERT
added 2002/06/25 12:0 a.m.51 views

Microsoft SQLXML ISAPI filter vulnerable to buffer overflow via contenttype parameter

Overview A buffer overflow vulnerability exists in the Microsoft SQLXML Internet Services Application Programming Interface ISAPI extension for Internet Information Server IIS. This vulnerability could allow a remote attacker to cause a denial of service or execute arbitrary code with LocalSystem...

7.5CVSS8.2AI score0.55455EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2002/06/05 12:0 a.m.35 views

Cisco ATA-186 Password Circumvention / Recovery

The remote host appears to be a Cisco ATA-186 - an analog telephone adapter used to interface analog telephones to VoIP networks. The adapter is configured via a web interface that has a security bypass vulnerability. It is possible to bypass authentication by sending an HTTP POST request with a...

6.4CVSS5.6AI score0.08469EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2002/06/05 12:0 a.m.43 views

MPEi/X Default FTP Accounts

The remote FTP server has one or more accounts with a blank password. This script was written by H D Moore See the Nessus Scripts License for details Changes by Tenable: - Revised plugin title, changed family 11/04/10 include"compat.inc"; ifdescription scriptid11000; scriptversion "1.22";...

7.5CVSS8.2AI score0.53618EPSS
Exploits41References1
Tenable Nessus
Tenable Nessus
added 2002/06/05 12:0 a.m.25 views

IPSwitch IMail SMTP Multiple Vulnerabilities (OF, DoS)

A vulnerability exists within IMail that allows remote attackers to gain SYSTEM level access to servers running IMail's SMTP daemon versions 6.06 and below. The vulnerability stems from the IMail SMTP daemon not doing proper bounds checking on various input data that gets passed to the IMail...

7.5CVSS6AI score0.04308EPSS
Exploits0References3
CERT
CERT
added 2002/06/04 12:0 a.m.26 views

Oracle Application Server contains format string vulnerability

Overview The CERT/CC is aware of a report about a "remotely exploitable format string vulnerability in Oracle Application Server" that could allow an unauthenticated, remote attacker to execute arbitrary code on a vulnerable system. Description Oracle Application Server uses the Apache HTTP Serve...

8AI score
Exploits0References3
CERT
CERT
added 2002/06/04 12:0 a.m.21 views

Oracle Web Cache contains buffer overflow vulnerabilities

Overview The CERT/CC is aware of a report about "several remotely exploitable buffer overflow vulnerabilities in the Oracle Web Cache Server" that could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the Web Cache process. Description The Oracle Web Cac...

8.9AI score
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2002/04/10 12:0 a.m.102 views

Microsoft IIS .HTR ISAPI Filter Enabled

The IIS server appears to have the .HTR ISAPI filter mapped. At least one remote vulnerability has been discovered for the .HTR filter. This is detailed in Microsoft Advisory MS02-018, and gives remote SYSTEM level access to the web server. It is recommended that, even if you have patched this...

7.5CVSS5.4AI score0.26054EPSS
Exploits0References3
CERT
CERT
added 2002/04/02 12:0 a.m.27 views

IBM AIX Parallel Systems Support Program (PSSP) contains vulnerability in File Collections subsystem allowing arbitrary access to sensitive configuration files

Overview IBM AIX Parallel Systems Support Programs PSSP contains a vulnerability allowing unauthorized access to files in valid file collections. Description IBM PSSP software is used to provide a central point of management control for a cluster of RS/6000 SP nodes and IBM pSeries and IBM RS/600...

6.9AI score
Exploits0References1
CERT
CERT
added 2002/03/04 12:0 a.m.36 views

Cisco IOS discloses fragments of previous packets when Express Forwarding is enabled

Overview A vulnerability exists in multiple versions of Cisco's Internetworking Operating System IOS software that allows an attacker to collect fragments of previously processed packets. Description Many networking devices running Cisco IOS with Cisco Express Forwarding CEF enabled contain a...

5CVSS6AI score0.01781EPSS
Exploits0References2
CERT
CERT
added 2001/11/19 12:0 a.m.32 views

Compaq web-enabled management software buffer overflow vulnerability

Overview The Compaq web-enabled management software contains a buffer overflow. Remote intruders may be able to execute arbitrary code with privileges on affected systems. Many Compaq products are affected, from personal computers to commercial UNIX operating systems. Description The Compaq...

4.6CVSS7.3AI score0.00405EPSS
Exploits0References4
CERT
CERT
added 2001/11/07 12:0 a.m.42 views

Weak CRC allows packet injection into SSH sessions encrypted with block ciphers

Overview There is an information integrity vulnerability in the SSH1 protocol that allows packets encrypted with a block cipher to be modified without notice. Description Preconditions: Attacker has a fragment of plaintext and its corresponding ciphertext. Attacker must be able to actively...

5CVSS9.2AI score0.03211EPSS
Exploits0References7
Rows per page
Query Builder