Lucene search
+L

6275 matches found

CVE
CVE
added 2003/04/02 5:0 a.m.46 views

CVE-2002-0006

Vulnerability summary (CVE-2002-0006) : XChat versions 1.8.7 and earlier (including default configurations of 1.4.2 and 1.4.3) are vulnerable. A remote attacker can execute arbitrary IRC commands as another client by sending specially encoded characters in a PRIVMSG that calls CTCP PING, which ca...

7.5CVSS7.7AI score0.08087EPSS
Exploits0References7Affected Software1
securityvulns
securityvulns
added 2003/03/04 12:0 a.m.36 views

Caldera UnixWare/OpenUnix unescaped shell characters problem

If | is used in filename shell comand may be executed by client on tertrieval...

3.5AI score
Exploits0References1Affected Software2
ALT Linux
ALT Linux
added 2003/02/24 12:0 a.m.34 views

Security fix for the ALT Linux 8 package apache2 version 2.0.40-21

Feb. 24, 2003 Joe Orton &[email protected] 2.0.40-21 - add security fix for CAN-2003-0020; replace non-printable characters with '!' when printing to error log. - disable debuginfo on IA64...

5CVSS7AI score0.10872EPSS
Exploits7
RedHat Linux
RedHat Linux
added 2003/02/21 8:41 a.m.29 views

Low: Red Hat Security Advisory: lynx security update

Updated Lynx packages fix an error in the way Lynx parses its command line arguments which can lead to faked headers being sent to a Web server. Lynx is a character-cell Web browser, suitable for running on terminals such as the VT100. Lynx constructs its HTTP queries from the command line or...

5CVSS5.7AI score0.05039EPSS
Exploits0References3
securityvulns
securityvulns
added 2003/02/12 12:0 a.m.28 views

Security bug in CGI::Lite::escape_dangerous_chars() function

SUBJECT Security bug in CGI::Lite::escapedangerouschars function, part of the CGI::Lite 2.0 package, and earlier revisions thereof. SUMMARY The CGI::Lite::escapedangerouschars function fails to escape the entire set of special characters that may have significance to the underlying shell command...

0.3AI score
Exploits0
NVD
NVD
added 2003/02/07 5:0 a.m.22 views

CVE-2003-0017

Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as "", which causes a different filename to be processed and served...

5CVSS6.6AI score0.05581EPSS
Exploits0References15
RedHat Linux
RedHat Linux
added 2003/02/06 12:0 a.m.36 views

(RHSA-2002:214) php security update

PHP is an HTML-embedded scripting language commonly used with the Apache HTTP server. The mail function in PHP 4.x to 4.2.2 may allow local script authors to bypass safe mode restrictions and modify command line arguments to the MTA such as sendmail in the 5th argument to mail, altering MTA...

7.5CVSS6.4AI score0.03039EPSS
Exploits0
securityvulns
securityvulns
added 2003/01/13 12:0 a.m.36 views

BitKeeper command execution

Uncommented shell characters...

4.5AI score
Exploits0References1Affected Software1
CERT
CERT
added 2003/01/13 12:0 a.m.33 views

Lotus Domino web server vulnerable to buffer overflow via long HTTP authentication header containing non-ASCII characters

Overview A remotely exploitable buffer overflow exists in versions of IBM's Lotus Domino web server prior to R5.0.10. Description A remotely exploitable buffer overflow exists in the Lotus Domino web server. The overflow can occur as the result of an overly long HTTP Authenticate header containin...

8AI score
Exploits0References2
NVD
NVD
added 2002/12/31 5:0 a.m.13 views

CVE-2002-2406

Buffer overflow in HTTP server in LiteServe 2.0, 2.0.1 and 2.0.2 allows remote attackers to cause a denial of service hang via a large number of percent characters % in an HTTP GET request...

5CVSS6.9AI score0.01596EPSS
Exploits1References3
NVD
NVD
added 2002/12/23 5:0 a.m.22 views

CVE-2002-1360

Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminat...

10CVSS7.9AI score0.0614EPSS
Exploits0References5
securityvulns
securityvulns
added 2002/12/23 12:0 a.m.33 views

KDE uncommented shell characters problems

User supplied data is not controlled during the call to external application...

3.1AI score
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2002/12/17 5:0 a.m.27 views

CVE-2002-1360

Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminat...

7.7AI score0.0614EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2002/12/17 5:0 a.m.39 views

CVE-2002-1360

Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminat...

10CVSS7.5AI score0.0614EPSS
Exploits0
NVD
NVD
added 2002/12/11 5:0 a.m.14 views

CVE-2002-1186

Internet Explorer 5.01 through 6.0 does not properly perform security checks on certain encoded characters within a URL, which allows a remote attacker to steal potentially sensitive information from a user by redirecting the user to another site that has that information, aka "Encoded Characters...

5CVSS6.1AI score0.19121EPSS
Exploits1References9
securityvulns
securityvulns
added 2002/12/11 12:0 a.m.44 views

Tetex command execution

Uncommented shell characters during system call in kpathsea library...

4.8AI score
Exploits0References1Affected Software2
RedHat Linux
RedHat Linux
added 2002/11/08 11:15 a.m.3 views

security flaw

The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."...

5CVSS5.9AI score0.03039EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2002/11/08 11:15 a.m.10 views

security flaw

The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."...

5CVSS5.9AI score0.03039EPSS
Exploits0References4
securityvulns
securityvulns
added 2002/11/08 12:0 a.m.28 views

Buffer overflow in pine

Buffer overflow if address contains special characters...

5.7AI score
Exploits0References2Affected Software1
RedHat Linux
RedHat Linux
added 2002/11/07 5:42 p.m.5 views

security flaw

The mail function in PHP 4.x to 4.2.2 does not filter ASCII control characters from its arguments, which could allow remote attackers to modify mail message content, including mail headers, and possibly use PHP as a "spam proxy."...

5CVSS5.9AI score0.03039EPSS
Exploits0References4
Rows per page
Query Builder