security flaw

CVS 1.11.x before 1.11.17, and 1.12.x before 1.12.9, allows remote attackers to determine the existence of arbitrary files and directories via the -X command for an alternate history file, which causes different error messages to be returned...

DEBIAN-CVE-2004-0180

The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405...

DEBIAN-CVE-2004-0405

CVS before 1.11 allows CVS clients to read arbitrary files via .. dot dot sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180...

security flaw

The client for CVS before 1.11 allows a remote malicious CVS server to create arbitrary files using certain RCS diff files that use absolute pathnames during checkouts or updates, a different vulnerability than CVE-2004-0405...

security flaw

CVS before 1.11 allows CVS clients to read arbitrary files via .. dot dot sequences in filenames via CVS client requests, a different vulnerability than CVE-2004-0180...

security flaw

CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests...

DEBIAN-CVE-2003-0977

CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests...

Oracle E-Business Suite Report Review Agent (RRA) allows arbitrary files to be retrieved with no authentication

Overview A vulnerability in Oracle's E-Business Suite Report Review Agent RRA allows arbitrary files to be retrieved with no authentication. Description A vulnerability exists in the Oracle E-Business Suite Report Review Agent RRA. This vulnerability may allow a remote attacker to retrieve...

Poptop < 1.1.3-b3 and 1.1.3-20030409 Negative Read Overflow

No description provided by source. $Id$ This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit Framework web site for more information on licensing and terms of use. http://metasploit.com/framework/ require...

CVE-2002-1942

Imatix Xitami 2.5 b5 does not properly terminate certain Keep-Alive connections that have been broken or closed early, which allows remote attackers to cause a denial of service crash via a large number of concurrent sessions...

CVE-2002-0234

NetScreen ScreenOS before 2.6.1 does not support a maximum number of concurrent sessions for a system, which allows an attacker on the trusted network to cause a denial of service resource exhaustion via a port scan to an external network, which consumes all available connections...

CVE-2000-0338

Concurrent Versions Software CVS uses predictable temporary file names for locking, which allows local users to cause a denial of service by creating the lock directory before it is created for use by a legitimate CVS user...

PT-2000-1304 · Concurrent Versions · Cvs

Name of the Vulnerable Software and Affected Versions: Concurrent Versions Software CVS affected versions not specified Description: The issue allows local users to cause a denial of service by creating the lock directory before it is created for use by a legitimate user. This is due to the use o...

Apple Mac OSX Server 10.0 - Overload

Apple Mac OSX Server 10.0 - Overload source: https://www.securityfocus.com/bid/306/info A vulnerability in the MacOS X Server may crash it while under heavy load. The vulnerability appears while stress testing a server running the Apache web server and 32 or more process are concurntly doing HTTP...