Lucene search
+L

8748 matches found

nvd
nvd
added 2005/12/31 5:0 a.m.24 views

CVE-2005-4794

Cisco IP Phones 7902/7905/7912, ATA 186/188, Unity Express, ACNS, and Subscriber Edge Services Manager SESM allows remote attackers to cause a denial of service crash or instability via a compressed DNS packet with a label length byte with an incorrect offset...

5CVSS6.7AI score0.02387EPSS
Exploits0References12
openvas
openvas
added 2005/11/03 12:0 a.m.21 views

Mailman Password Retrieval

The target is running version of the Mailman mailing list software that allows a list subscriber to retrieve the mailman password of any other subscriber by means of a specially crafted mail message to the server. That is, a message sent to $listname-request@$target containing the lines : passwor...

5CVSS6.4AI score0.02984EPSS
Exploits0References5
nessus
nessus
added 2005/02/10 12:0 a.m.54 views

Mailman private.py true_path Function Traversal Arbitrary File Access

According to its version number, the remote installation of Mailman reportedly is affected by a directory traversal vulnerability in 'Cgi/private.py'. The flaw comes into play only on web servers that don't strip extraneous slashes from URLs, such as Apache 1.3.x, and allows a list subscriber,...

5CVSS5.8AI score0.02856EPSS
Exploits0References3
freebsd
freebsd
added 2004/12/15 12:0 a.m.35 views

mailman -- generated passwords are poor quality

Florian Weimer wrote: Mailman 2.1.5 uses weak auto-generated passwords for new subscribers. These passwords are assigned when members subscribe without specifying their own password either by email or the web frontend. Knowledge of this password allows an attacker to gain access to the list archi...

7.5CVSS2.9AI score0.01616EPSS
Exploits0References2
redhat
redhat
added 2003/11/12 2:5 p.m.2 views

security flaw

Buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed GTP MSISDN string...

7.5CVSS6.3AI score0.05658EPSS
Exploits0References4
redhat
redhat
added 2002/08/23 5:8 p.m.9 views

Important: Red Hat Security Advisory: : Updated mailman packages close cross-site scripting vulnerability

Updated mailman packages are now available for Red Hat Power Tools 7 and 7.1. These updates close a cross-site scripting vulnerability present in mailman versions prior to version 2.0.12. Mailman versions prior to 2.0.12 contain a cross-site scripting vulnerability in the processing of invalid...

7.5CVSS5.6AI score0.06105EPSS
Exploits1References3
cvelist
cvelist
added 2002/08/14 4:0 a.m.28 views

CVE-2002-0855

Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the 1 adminpw or 2 info parameters to the ml-name feature...

6.4AI score0.06105EPSS
Exploits1References10
packetstorm
packetstorm
added 1999/08/17 12:0 a.m.47 views

webtv-insecurities.txt

Date: Mon, 12 Oct 1998 21:32:49 -0600 MDT From: mea culpa To: InfoSec News Subject: ISN Web TV owns your cache Forwarded From: Jon http://www.usatoday.com/life/cyber/zd/zd7.htm 10/12/98- WebTV is watching you From: Inter@ctive Week Online Microsoft Corp.'s WebTV Networks Inc. is quietly using a...

7.4AI score
Exploits0
Rows per page
Query Builder