Lucene search
K

5263 matches found

Cvelist
Cvelist
added 2003/11/21 5:0 a.m.22 views

CVE-2003-0945

The Web Database Manager in web-tools for SAP DB before 7.4.03.30 generates predictable session IDs, which allows remote attackers to conduct unauthorized activities...

6.7AI score0.01457EPSS
Exploits1References2
securityvulns
securityvulns
added 2003/08/10 12:0 a.m.44 views

[SECURITY] [DSA-368-1] New xpcd packages fix buffer overflow

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 368-1 [email protected] http://www.debian.org/security/ Matt Zimmerman August 8th, 2003 http://www.debian.org/security/faq -...

7.2CVSS0.1AI score0.01044EPSS
Exploits0
0day.today
0day.today
added 2003/07/26 12:0 a.m.36 views

MS Windows (RPC DCOM) Remote Exploit (w2k+XP Targets)

Exploit for unknown platform in category remote exploits ===================================================== MS Windows RPC DCOM Remote Exploit w2k+XP Targets ===================================================== / DCOM RPC Overflow Discovered by LSD - Exploit Based on Xfocus's Code Written by ...

7.1AI score
Exploits0
securityvulns
securityvulns
added 2003/07/17 12:0 a.m.38 views

Microsoft IDS Server crossite scripting

Crossite scripting in error message...

1.2AI score
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2003/06/03 12:0 a.m.21 views

Cisco IDS Device Manager Detection

This host is running the Cisco IDS device manager. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid11689; scriptversion "1.16"; scriptcvsdate"Date: 2019/11/22"; scriptnameenglish:"Cisco IDS Device Manager Detection"; scriptsummaryenglish:"Cisco IDS Management Web Serve...

6.9AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2003/05/28 12:0 a.m.13 views

Synchrologic Email Accelerator aggregate.asp User Account Disclosure

The remote host seems to be running Synchrologic Email Accelerator Synchrologic is a product which allows remote PDA users to sync with email, calendar, etc. If this server is on an Internet segment as opposed to internal, you may wish to tighten the access to the aggregate.asp page. The server...

5.6AI score
Exploits0
Cvelist
Cvelist
added 2003/05/07 4:0 a.m.25 views

CVE-2003-0255

The key validation code in GnuPG before 1.2.2 does not properly determine the validity of keys with multiple user IDs and assigns the greatest validity of the most valid user ID, which prevents GnuPG from warning the encrypting user when a user ID does not have a trusted path...

6.6AI score0.06558EPSS
Exploits0References16
NVD
NVD
added 2002/12/31 5:0 a.m.14 views

CVE-2002-1832

Unknown vulnerability in the "ipopts decode" functionality in Firestorm IDS 0.4.0 through 0.4.2 allows remote attackers to cause a denial of service crash via certain IP options...

5CVSS6.6AI score0.01574EPSS
Exploits0References3
securityvulns
securityvulns
added 2002/11/01 12:0 a.m.41 views

Cisco Security Advisory: Cisco ONS15454 and Cisco ONS15327 Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco ONS15454 and Cisco ONS15327 Vulnerabilities Revision 1.0 For Public Release 2002 October 31 at 1600 UTC ---------------------------------------------------------------------- Contents Summary Affected Products Details...

7AI score
Exploits0
NVD
NVD
added 2002/10/04 4:0 a.m.11 views

CVE-2002-0908

Directory traversal vulnerability in the web server for Cisco IDS Device Manager before 3.1.2 allows remote attackers to read arbitrary files via a .. dot dot in the HTTPS request...

5CVSS6.7AI score0.04183EPSS
Exploits1References3
CERT
CERT
added 2002/09/10 12:0 a.m.15 views

HP Tru64 UNIX "uux" contains buffer overflow (SSRT2275)

Overview The HP Tru64 UNIX implementation of "uux" contains a locally exploitable buffer overflow. Description "uux" is used to run a command on a remote system. A locally exploitable buffer overflow in "uux" may permit a local attacker to gain elevated privileges and execute arbitrary code on a...

8.5AI score
Exploits0References1
securityvulns
securityvulns
added 2002/09/06 12:0 a.m.62 views

Cisco Security Advisory: Cisco VPN Client Multiple Vulnerabilities - Second Set

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco VPN Client Multiple Vulnerabilities - Second Set Revision 1.0 For Public Release 2002 September 05 UTC 1500 ---------------------------------------------------------------------- Contents Summary Affected Products Detail...

0.2AI score
Exploits0
securityvulns
securityvulns
added 2002/09/04 12:0 a.m.35 views

Cisco Security Advisory: Cisco VPN 3000 Concentrator Multiple Vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Cisco Security Advisory: Cisco VPN 3000 Concentrator Multiple Vulnerabilities Revision 1.0 For Public Release 2002 September 03 at 1500 UTC ---------------------------------------------------------------------- Contents Summary Affected Products Detai...

0.1AI score
Exploits0
Cvelist
Cvelist
added 2002/08/31 4:0 a.m.14 views

CVE-2002-0908

Directory traversal vulnerability in the web server for Cisco IDS Device Manager before 3.1.2 allows remote attackers to read arbitrary files via a .. dot dot in the HTTPS request...

6.7AI score0.04183EPSS
Exploits1References3
CVE
CVE
added 2002/08/31 4:0 a.m.42 views

CVE-2002-0908

Cisco IDS Device Manager web server prior to version 3.1.2 is affected by a directory traversal vulnerability that allows remote attackers to read arbitrary files through a .. sequence in an HTTPS request. Affected software is the Cisco IDS Device Manager web service; the root cause is improper v...

5CVSS7.1AI score0.04183EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2002/08/31 4:0 a.m.17 views

CVE-2002-0903

register.php for WoltLab Burning Board wbboard 1.1.1 uses a small number of random values for the "code" parameter that is provided to action.php to approve a new registration, along with predictable new user ID's, which allows remote attackers to hijack new user accounts via a brute force attack...

6.9AI score0.01771EPSS
Exploits1References3
CVE
CVE
added 2002/06/25 4:0 a.m.51 views

CVE-2002-0121

The CVE-2002-0121 entry affects PHP 4.0 through 4.1.1, where session IDs are stored in temporary files whose names contain the session ID, enabling local users to hijack web connections. The provided documents describe the vulnerable mechanism and impact (local hijack) but do not include remediat...

2.1CVSS6.8AI score0.01183EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2002/06/25 4:0 a.m.77 views

CVE-2001-0962

The CVE-2001-0962 entry concerns IBM WebSphere Application Server versions 3.02 through 3.53, where session IDs used in cookies are predictable. This predictability enables remote attackers to brute-force session IDs and gain privileges of WebSphere users. The documented impact is privilege escal...

7.5CVSS7.2AI score0.01588EPSS
Exploits0References4Affected Software2
Cvelist
Cvelist
added 2002/06/25 4:0 a.m.24 views

CVE-2001-0962

IBM WebSphere Application Server 3.02 through 3.53 uses predictable session IDs for cookies, which allows remote attackers to gain privileges of WebSphere users via brute force guessing...

6.8AI score0.01588EPSS
Exploits0References4
exploitpack
exploitpack
added 2002/05/17 12:0 a.m.16 views

Cisco IDS Device Manager 3.1.1 - Arbitrary File Read Access

Cisco IDS Device Manager 3.1.1 - Arbitrary File Read Access source: https://www.securityfocus.com/bid/4760/info IDS Device Manager is a web interface to the Cisco IDS systems. It is distributed and maintained by Cisco Systems. The IDS Device Manager may allow a remote user to gain access to...

1.1AI score
Exploits0
Rows per page
Query Builder