Lucene search
+L

7023 matches found

Exploit DB
Exploit DB
added 2002/11/01 12:0 a.m.29 views

ION Script 1.4 - Remote File Disclosure

source: https://www.securityfocus.com/bid/6091/info A vulnerability has been discovered in ION Script. By sending a malicious HTTP request to a webserver running the vulnerable ION Script package, it is possible for a remote attacker to disclose arbitrary webserver readable files. As webservers a...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2002/10/15 12:0 a.m.36 views

Microsoft Internet Explorer 5/6 - Unauthorized Document Object Model Access

source: https://www.securityfocus.com/bid/5963/info Microsoft Internet Explorer MSIE is prone to a vulnerability that may enable a frame or iframe to gain unauthorized access to the Document Object Model DOM of other frames/iframes in a different domain. This is possible because MSIE does not...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2002/10/04 12:0 a.m.13 views

phpLinkat 0.1 - Multiple Cross-Site Scripting Vulnerabilities

phpLinkat 0.1 - Multiple Cross-Site Scripting Vulnerabilities source: https://www.securityfocus.com/bid/5890/info Reportedly, phpLinkat is prone to cross site scripting attacks. An attacker may exploit this vulnerability by enticing a victim user to follow a malicious link containing HTML and...

7AI score
Exploits0
securityvulns
securityvulns
added 2002/10/04 12:0 a.m.67 views

iDEFENSE Security Advisory 10.03.2002: Apache 1.3.x shared memory scoreboard vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 iDEFENSE Security Advisory 10.03.2002 Apache 1.3.x shared memory scoreboard vulnerabilities 16:00 GMT, October 3, 2002 I. BACKGROUND The Apache Software Foundation's HTTP Server is an effort to develop and maintain an open-source HTTP server for moder...

7.2CVSS0.3AI score0.00944EPSS
Exploits0
Debian
Debian
added 2002/09/17 2:16 p.m.39 views

[SECURITY] [DSA-136-3] Multiple OpenSSL problems (update)

Package : openssl094 Problem type : multiple remote exploits Debian-specific: no CVE : CAN-2002-0655 CAN-2002-0656 CAN-2002-0657 CAN-2002-0659 There was an error in the original openssl094 packages, resulting in an incomplete fix. This error has been corrected in 0.9.4-6.potato.2 and...

5.4AI score
Exploits0
OSV
OSV
added 2002/09/17 12:0 a.m.3 views

DSA-136-3 openssl - multiple remote exploits

Bulletin has no description...

7.5CVSS7AI score0.8982EPSS
Exploits3
Debian
Debian
added 2002/09/16 3:11 a.m.44 views

[SECURITY] [DSA-136-2] Multiple OpenSSL problems (update)

Package : openssl094, openssl095, openssl Problem type : multiple remote exploits Debian-specific: no CVE : CAN-2002-0655 CAN-2002-0656 CAN-2002-0657 CAN-2002-0659 Note: this advisory is an update to DSA-136-1, issued 30 Jul 2002. It includes ASN1 updates in the woody packages, plus the potato...

6AI score
Exploits0
OSV
OSV
added 2002/09/15 12:0 a.m.2 views

DSA-136-2 openssl - multiple remote exploits

Bulletin has no description...

7.5CVSS7AI score0.8982EPSS
Exploits3
securityvulns
securityvulns
added 2002/09/05 12:0 a.m.35 views

Buffer overflow in afd

Buffer overflow on long path in suid utils...

4AI score
Exploits0References1Affected Software1
securityvulns
securityvulns
added 2002/09/03 12:0 a.m.30 views

Happy Labor Day from Snosoft

For your reading pleasure I have attached some of the communication between myself and CERT regarding the issues recently released at: ftp://ftp1.support.compaq.com/public/unix/v5.1/T64V51B19-C0136901-15143-ES-20020817.txt We are in the process of making our formal advisories out of these...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2002/08/22 12:0 a.m.75 views

More Vulnerabilities with Pingtel xpressa SIP-based IP phones

The Sys-Security Group Security Advisory "More Vulnerabilities with Pingtel xpressa SIP-based IP Phones" Release Date: 08/20/2002 Affected Platforms: Pingtel xpressa SIP IP phones model PX-1 with software version 2.0.1 and below; Pingtel instant xpressa softphones with software version 2.0.1 and...

0.3AI score
Exploits0
NVD
NVD
added 2002/08/12 4:0 a.m.21 views

CVE-2002-0770

Quake 2 Q2 server 3.20 and 3.21 allows remote attackers to obtain sensitive server cvar variables, obtain directory listings, and execute Q2 server admin commands via a client that does not expand "$" macros, which causes the server to expand the macros and leak the information, as demonstrated...

5CVSS6.9AI score0.05526EPSS
Exploits0References6
NVD
NVD
added 2002/08/12 4:0 a.m.19 views

CVE-2002-0429

The iBCS routines in arch/i386/kernel/traps.c for Linux kernels 2.4.18 and earlier on x86 systems allow local users to kill arbitrary processes via a a binary compatibility interface lcall...

3.6CVSS6.1AI score0.00383EPSS
Exploits0References10
NVD
NVD
added 2002/08/12 4:0 a.m.15 views

CVE-2002-0805

Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, 1 creates new directories with world-writable permissions, and 2 creates the params file with world-writable permissions, which allows local users to modify the files and execute code...

4.6CVSS6.5AI score0.00328EPSS
Exploits0References6
Debian
Debian
added 2002/07/30 12:47 p.m.36 views

[SECURITY] [DSA-136-1] Multiple OpenSSL problems

Package : openssl Problem type : multiple remote exploits Debian-specific: no CVE : CAN-2002-0655 CAN-2002-0656 CAN-2002-0657 CAN-2002-0659 The OpenSSL development team has announced that a security audit by A.L. Digital Ltd and The Bunker, under the DARPA CHATS program, has revealed remotely...

6.2AI score
Exploits0
OSV
OSV
added 2002/07/30 12:0 a.m.2 views

DSA-136-1 openssl - multiple remote exploits

Bulletin has no description...

7.5CVSS7AI score0.8982EPSS
Exploits3
OSV
OSV
added 2002/07/30 12:0 a.m.87 views

DSA-136 openssl - multiple remote exploits

Bulletin has no description...

7.5CVSS8.5AI score0.8982EPSS
Exploits3
exploitpack
exploitpack
added 2002/07/16 12:0 a.m.22 views

AOL Instant Messenger 4.x - Unauthorized Actions

AOL Instant Messenger 4.x - Unauthorized Actions source: https://www.securityfocus.com/bid/5246/info The AOL Instant Messenger client is prone to an issue which may allow maliciously crafted HTML to perform unauthorized actions such as adding entries to the buddy list on behalf of the user of a...

0.7AI score
Exploits0
Packet Storm
Packet Storm
added 2002/07/04 12:0 a.m.39 views

DLA-25-06-2002.txt

Digit-Labs Security Advisory http://www.digit-labs.org/ Advisory Name: IIS Administration Web Site redirect exploits Release Date: 25.June-2002 Application: Microsoft Internet Information Server 5.0 Platform: Windows 2000 Professional Severity: Low/Medium Authors: GoLLuM.no...

7.4AI score
Exploits0
CVE
CVE
added 2002/06/11 4:0 a.m.49 views

CVE-2002-0456

CVE-2002-0456 affects Eudora 5.1 and earlier. The issue arises because attachments are stored in a directory with a fixed name, which could enable attackers to exploit vulnerabilities in other software that rely on installing/reading files from directories with known pathnames. The provided docum...

5CVSS7.1AI score0.00791EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder