Lucene search
+L
CertMost viewed

3704 matches found

cert
cert
added 2003/06/05 12:0 a.m.24 views

Cisco Secure ACS for Windows CSAdmin vulnerable to buffer overflow via login requests

Overview Cisco Secure ACS for Windows contains a buffer overflow vulnerability that could permit a remote attacker to execute arbitrary code or cause a denial of service. Description Cisco Secure ACS for Windows is an authentication, authorization, and accounting AAA server. From Cisco Security...

7.5CVSS8AI score0.06007EPSS
Exploits0References8
cert
cert
added 2003/05/01 12:0 a.m.24 views

RealSystem Server contains buffer overflow

Overview A buffer overflow vulnerability exists in the RealSystem Server. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable host. An exploit exists for this vulnerability and is publicly available. Description RealSystem Server is a streaming media server. A...

8.3AI score
Exploits0References3
cert
cert
added 2003/04/02 12:0 a.m.24 views

mkpasswd uses weak random number generator

Overview Mkpasswd generates passwords that are insufficiently random. Description Mkpasswd is a password generation utility included with Red Hat Linux and possibly other Linux distributions. Mkpasswd generates passwords that are not sufficiently random, which may allow an attacker to predict...

7AI score
Exploits0References3
cert
cert
added 2003/03/17 12:0 a.m.24 views

NetPBM contains multiple buffer overflow vulnerabilities

Overview NetPBM is a set of graphics conversion tools and has been found to contain multiple buffer overflow vulnerabilities. Description A code review of NetPBM has revealed multiple buffer overflow vulnerabilities. These vulnerabilities could be exploited by loading malicious image files. ---...

7.5CVSS7.4AI score0.06542EPSS
Exploits0References1
cert
cert
added 2003/03/04 12:0 a.m.24 views

Microsoft Windows Me and XP Help and Support Center does not adequately validate hcp:// URI parameters

Overview The Help and Support Center included with Microsoft Windows Millennium Edition and XP does not adequately validate parameters provided in an "hcp://" URI. As a result, an attacker could construct a URI that could cause the Help and Support Center to execute arbitrary script, effectively...

6.8CVSS6.9AI score0.15057EPSS
Exploits0References14
cert
cert
added 2003/02/14 12:0 a.m.24 views

Hyperseek 2000 hsx.cgi does not adequately filter user input disclosing directory listings and file contents

Overview iWeb Systems Hyperseek search engine may allow malformed URL requests to access files outside the document root of a vulnerable system. Description A specially crafted URL can disclose the directory listing and files of the target system with read permissions. --- Impact Remote attackers...

5CVSS6AI score0.10645EPSS
Exploits1References2
cert
cert
added 2003/02/07 12:0 a.m.24 views

AbsoluteTelnet vulnerable to buffer overflow via overly long window title

Overview A remotely exploitable buffer overflow vulnerability exists in AbsoluteTelnet. This vulnerability may allow a malicious server operator to execute arbitrary code on a vulnerable client. Description AbsoluteTelnet is a terminal client. A remotely exploitable buffer overflow vulnerability...

8.1AI score
Exploits0References2
cert
cert
added 2002/11/04 12:0 a.m.24 views

Multiple Sun RPC-based libc implementations fails to provide time-out mechanism when reading data from TCP connections

Overview A denial-of-service vulnerability exists in multiple vendor Sun RPC-based libc implementations. Description Multiple vendor Sun RPC-based libc implementations fail to properly read data from TCP connections. As a result, a remote attacker can deny service to system daemons. --- Impact A...

5CVSS6.2AI score0.02502EPSS
Exploits0References1
cert
cert
added 2002/10/01 12:0 a.m.24 views

Domain Name System (DNS) resolver libraries vulnerable to read buffer overflow

Overview DNS stub resolvers from multiple vendors contain a buffer overflow vulnerability. The impact of this vulnerability appears to be limited to denial of service. Description A read buffer overflow vulnerability exists in BIND 4 and BIND 8.2.x stub resolver libraries. Other resolver librarie...

5CVSS7.4AI score0.03279EPSS
Exploits0
cert
cert
added 2002/09/27 12:0 a.m.24 views

SIX-webboard does not adequately validate user input thereby permitting directory traversal

Overview SIX-webboard does not adequately validate user input, allowing directory traversal. Description SIX-webboard 2.01 does not adequately validate the "content" CGI variable, allowing directory traversal out of SIX-webboard's content root directory. Attackers may exploit this vulnerability t...

5CVSS6.1AI score0.07315EPSS
Exploits1References1
cert
cert
added 2002/09/27 12:0 a.m.24 views

Microsoft Windows Media Player ActiveX control allows execution of javascript in "already open" frames

Overview A vulnerability in the Windows Media Player may allow remote attackers to view the contents of local files on the victim's computer. Description Using the "LaunchURL" method of the Windows Media Player ActiveX control, a web page author may be able to circumvent the frame security featur...

7.7AI score
Exploits0References2
cert
cert
added 2002/09/27 12:0 a.m.24 views

Novell GroupWise Server web-based front-end does not adequately validate user input thereby allowing directory traversal

Overview Novell GroupWise web application does not adequately validate user input, allowing directory traversal. Description Novell GroupWise server includes a web application that allows users to access e-mail and other features of the server. This component of GroupWise does not properly valida...

6.9AI score
Exploits0References3
cert
cert
added 2002/09/27 12:0 a.m.24 views

Microsoft Windows 2000 Indexing Service permits read access to files outside web root via crafted request

Overview A vulnerability exists in the way that Index Server 2.0 and the Indexing Service for Windows 2000 handles search requests. This vulnerability may alllow attackers to view the contents of "include" files located on the web server. Description By submitting a specific search request to a...

5CVSS6AI score0.14349EPSS
Exploits0References2
cert
cert
added 2002/09/26 12:0 a.m.24 views

Allaire Forums does not verify user information stored in hidden form fields

Overview Allaire Forums does not verify user information submitted in hidden fields on a web form, allowing attackers to impersonate other users. Description Allaire Forums is a web-based bulletin board system that runs on Cold Fusion. When a user wishes to post a message, Allaire Forums...

7.5CVSS6.3AI score0.03283EPSS
Exploits0References1
cert
cert
added 2002/09/16 12:0 a.m.24 views

Nobreak CrazyWWWBoard contains buffer overflow via User-Agent field

Overview Some versions of CrazyWWWBoard contain a buffer-overflow vulnerability that can be exploited by a remote user to execute arbitrary code. Description CrazyWWWBoard is a binary CGI program that is designed to provide dynamic web bulletin board services on web servers. Versions 2000p4 and...

8.4AI score
Exploits0References1
cert
cert
added 2002/09/13 12:0 a.m.24 views

HP Tru64 UNIX ".upd..loader" contains buffer overflow (SSRT2275)

Overview The HP Tru64 UNIX implementation of ".upd..loader" contains a locally exploitable buffer overflow. Description A locally exploitable buffer overflow in ".upd..loader" may permit a local attacker to gain elevated privileges and execute arbitrary code on a vulnerable host. --- Impact A loc...

8.2AI score
Exploits0References1
cert
cert
added 2002/09/09 12:0 a.m.24 views

HP Tru64 UNIX "binmail" contains buffer overflow (SSRT0796U)

Overview The HP Tru64 UNIX implementation of "binmail" contains a locally exploitable buffer overflow. Description "binmail" is used to send and display mail messages. A locally exploitable buffer overflow in "binmail" may permit a local attacker to gain elevated privileges and execute arbitrary...

8.2AI score
Exploits0References1
cert
cert
added 2002/08/26 12:0 a.m.25 views

Microsoft Office Web Components allows reading of local files via "LoadText" method by using URL redirection

Overview The Microsoft Office Web Components allow a remote attacker to read arbitrary files. Description The Microsoft Office Web Components OWC are ActiveX controls that can be embedded in web pages. These controls give users of a website limited Microsoft Office functionality, without having t...

5CVSS6.2AI score0.18766EPSS
Exploits0References4
cert
cert
added 2002/08/23 12:0 a.m.24 views

Microsoft Windows Server Message Block (SMB) fails to properly handle SMB_COM_TRANSACTION packets requesting NetServerEnum3 transaction

Overview Microsoft Server Message Block SMB may crash upon receipt of a crafted SMBCOMTRANSACTION packet requesting a NetServerEnum3 transaction. Attackers can use this vulnerability to cause a denial of service. Description SMB is a protocol for sharing data and resources between computers,...

7.6AI score
Exploits0References1
cert
cert
added 2002/07/11 12:0 a.m.24 views

eBay web site allows intruders to login to gain unauthorized access to user's information

Overview Ebay www.ebay.comis a popular online auction site. A vulnerability in the ebay web site prior to April 24, 2002, could have allowed an intruder to gain access to a victim's personal data. Description Prior to April 24, 2002, an intruder may have been able to gain access to certain person...

6.9AI score
Exploits0References1
cert
cert
added 2002/06/13 12:0 a.m.24 views

Snitz Forums 2000 vulnerable to cross-site scripting via crafted IMG tag

Overview Snitz Forums 2000 does not adequately check "IMG" tag "SRC" attributes and thus contains cross-site scripting vulnerability. Description Snitz Forums is an automated bulletin-board program for web sites. Snitz Forums allows users to submit images by specifying the URL of the image. In...

7.5CVSS6.2AI score0.0494EPSS
Exploits1References3
cert
cert
added 2002/05/16 12:0 a.m.24 views

Computer Associates MLink "mllock" command vulnerable to buffer overflow via long string of characters

Overview A locally exploitable buffer overflow exists in mllock. Description CA-MLINK is a managed data transport service. For more information about CA-MLINK, please see the product brochure. Based on a public report, it appears there is a locally exploitable buffer overflow in the mllock comman...

8.1AI score
Exploits0References1
cert
cert
added 2002/01/31 12:0 a.m.24 views

AOL Instant Messenger exposes local file path during file transfers

Overview AOL Instant Messenger AIM disclose local file paths during transfer. Description AOL Instant Messenger AIM is a program for communicating with other users over the Internet. AIM permits users to transfer files from one client to another. When the file is transferred, the entire local pat...

5CVSS5.9AI score0.00992EPSS
Exploits0References1
cert
cert
added 2001/12/21 12:0 a.m.24 views

IBM AIX login fails to adequately authenticate user when configured to use loadable authentication modules

Overview There is a remotely exploitable flaw in IBM's AIX 5.1L login when using loadable authentication modules. This does not affect AIX 4.3 and earlier. Description IBM AIX 5.1L login, with loadable authentication modules enabled and some non-default configurations, will permit users to login...

7AI score
Exploits0References1
cert
cert
added 2001/11/19 12:0 a.m.24 views

RhinoSoft Serv-U remote administration client transmits password in plaintext

Overview A vulnerability exists in the remote administration client for RhinoSoft Serv-U. During the authentication process, the client ignores the S/KEY one-time password OTP challenge sent by the server and sends the password entered by the user in plaintext. Description RhinoSoft Serv-U is a...

7.4AI score
Exploits0References7
cert
cert
added 2001/11/06 12:0 a.m.24 views

WS-FTP Server vulnerable to buffer overflow via long string sent as argument to ftp command

Overview A remotely exploitable buffer overflow exists in the IPSWITCH WSFTP Server. Description Defcom Labs has discovered a remotely exploitable buffer overflow vulnerability in the IPSWITCH WSFTP Server on all platforms that allows intruders to execute arbitrary code with the privileges of the...

8.2AI score
Exploits0References2
cert
cert
added 2001/09/17 12:0 a.m.24 views

exuberant-ctags creates temporary files insecurely

Overview Some versions of exuberant-ctags, a source code navigation utility, create and use temporary files insecurely, leading to local file corruption and possible denial-of-service. Description Exuberent-ctags is a source code navigation utility. It creates temporary files with predictable nam...

3.6CVSS6.2AI score0.0041EPSS
Exploits0References2
cert
cert
added 2001/08/21 12:0 a.m.24 views

Linux dump uses environment variables insecurely, allowing for root compromise

Overview Some implementations of the Linux backup utility, dump, call external programs on remote machines via the RSH environment variable. This may permit an attacker to compromise root if dump is setuid root. Description Some implementations of the Linux backup utility, dump, permit use of...

7.2CVSS7.1AI score0.01146EPSS
Exploits1References3
cert
cert
added 2001/07/30 12:0 a.m.24 views

Allaire ColdFusion Server contains vulnerability allowing unauthorized user read/delete access to files

Overview A vulnerability exists in Allaire ColdFusion Server which allows an attacker to have unauthorized read and delete access to files on the target host. Description A remotely exploitable vulnerability exists in the Allaire ColdFusion Server which could allow an attacker to have unauthorize...

6.4CVSS6.1AI score0.01926EPSS
Exploits0References2
cert
cert
added 2001/07/27 12:0 a.m.24 views

UUCP package contains multiple buffer overflows via long string of characters sent as command line argument

Overview Several Linux/Unix systems ship with a utility package called UUCP derived from System V. A buffer overflow in components of the UUCP package can allow an intruder to gain elevated privileges. Description Several Linux/Unix systems ship with a utility package called UUCP derived from...

7.9AI score
Exploits0References3
cert
cert
added 2001/07/27 12:0 a.m.24 views

Caucho Technologies Resin vulnerable to Cross-Site Scripting via passing of user input directly to default error page

Overview Web servers that use the Resin Java Servlet Container, versions 1.2.3 and earlier, are vulnerable to a cross-site scripting vulnerability. A web site may inadvertently include malicious HTML tags or scriptJavaScript, VBScript, Java, etc. in a dynamically generated page based on unvalidat...

5.1CVSS5.6AI score0.02773EPSS
Exploits1References5
cert
cert
added 2001/07/17 12:0 a.m.24 views

Microsoft Exchange LDAP Service is vulnerable to denial-of-service attacks

Overview The Microsoft Exchange LDAP Service contains vulnerabilities that may allow denial-of-service attacks. These vulnerabilities were revealed using the PROTOS LDAPv3 test suite and are documented in CERT Advisory CA-2001-18. If your site uses this product, the CERT/CC encourages you to foll...

5CVSS6.5AI score0.29433EPSS
Exploits0References4
cert
cert
added 2001/06/18 12:0 a.m.24 views

man 'makewhatis' insecurely uses /tmp

Overview The 'makewhatis' script in the Linux man package allows local users to overwrite files via a symlink attack. Description The 'makewhatis' program is a Bourne shell script that ships with many Linux distributions in the 'man' package of programs. The 'makewhatis' script creates files in t...

7.2CVSS6.2AI score0.00398EPSS
Exploits0References5
cert
cert
added 2001/05/05 12:0 a.m.24 views

NewsDaemon does not adequately filter user input to $user_username

Overview NewsDaemon prior to version 0.21b contains a vulnerability allowing remote attackers to gain administrative access to the web site. Description NewsDaemon is a PHP-based tool used to allow readers to submit and comments on news items and stories over the web. It also allows for...

7.5CVSS6.5AI score0.01771EPSS
Exploits1References3
cert
cert
added 2001/05/01 12:0 a.m.24 views

Hewlett-Packard MPE/ix contains vulnerabitily via architected interface facility

Overview A vulnerability in certain Hewlett-Packard systems allows users to gain unauthorized access to user accounts and databases using the architected interface facility. Description HP3000 systems running MPE/iX release 5.5 and newer contain a vulnerability in the architected interface facili...

7.5CVSS6.3AI score0.04277EPSS
Exploits0
cert
cert
added 2001/04/17 12:0 a.m.24 views

iPlanet web servers expose sensitive data via buffer overflow

Overview A buffer overflow exists in the iPlanet Web Servers Enterprise and FastTrack Editions that may allow remote attackers to gain read access to sensitive information contained in the memory of the web server process. The information disclosed may include userids, passwords, cookies or...

5CVSS7AI score0.0312EPSS
Exploits0References2
cert
cert
added 2001/04/06 12:0 a.m.24 views

Compaq web-enabled management software acts as generic proxy

Overview Remote attackers may be able to relay connections through systems running the Compaq web-enabled management software. Attackers relaying connection in this way may be able to access restricted portions of the network or disguise their identity while attacking other systems. Many Compaq...

7.5CVSS6.3AI score0.01584EPSS
Exploits0References2
cert
cert
added 2001/01/18 12:0 a.m.24 views

Older SSH clients do not allow users to disable X11 forwarding

Overview This vulnerability may allow an attacker to make unauthorized connections to affected client machines. Description Older versions of the SSH client do not allow the user to disable X11 forwarding. As a result, if the client connects to a malicious server, the server can open an X11...

5.1CVSS6AI score0.00972EPSS
Exploits0References1
cert
cert
added 2000/12/14 12:0 a.m.24 views

Cenroll ActiveX Control allows creation of arbitrary files.

Overview The ActiveX control Cenroll permits unauthorized users to create files on the local system. Description The ActiveX control "Cenroll" clsid: 43F8F289-7A20-11D0-8F06-00C04FC295E1, which is ordinarily marked safe-for-scripting allows callers to create files and write to the registry with t...

6.7AI score
Exploits0References3
cert
cert
added 2000/11/02 12:0 a.m.24 views

Adobe Acrobat ActiveX Control buffer overflow in setview method

Overview Description The Adobe Acrobat ActiveX control has a buffer overflow in the setview method. Because the control is marked safe-for-scripting, this vulnerability can be exploited via a web page if the user has the vulnerable control installed.This control is implemtned in the file pdf.ocx...

7.5CVSS7.3AI score0.26983EPSS
Exploits1References1
cert
cert
added 2025/02/28 12:0 a.m.23 views

Paragon Software Hard Disk Manager product line contains five memory vulnerabilities within its BioNTdrv.sys driver that allow for privilege escalation and denial-of-service (DoS) attacks

Overview The Paragon Software Hard Disk Manager HDM product line contains a vulnerable driver titled BioNTdrv.sys. The driver, versions 10.1.X.Y and older, 1.0.0.0, 1.1.0.0, 1.3.0.0, 1.4.0.0, and 1.5.1.0, contain five vulnerabilities. These include arbitrary kernel memory mapping and write...

8.4CVSS7.9AI score0.00471EPSS
Exploits1References2
cert
cert
added 2024/09/19 12:0 a.m.23 views

A stack-based overflow vulnerability exists in the Microchip Advanced Software Framework (ASF) implementation of the tinydhcp server

Overview A stack-based overflow vulnerability exists in the tinydhcp server in the Microchip Advanced Software Framework ASF that can lead to remote code execution. Description An implementation of DHCP in ASF fails input validation, thereby creating conditions for a stack-based overflow. The...

9.8CVSS9.6AI score0.01377EPSS
Exploits0References7
cert
cert
added 2017/03/15 12:0 a.m.23 views

D-Link DIR-130 and DIR-330 are vulnerable to authentication bypass and do not protect credentials

Overview The D-Link DIR-130 and DIR-330 are vulnerable to authentication bypass of the remote login page, and do not sufficiently protect administrator credentials. Description The D-Link DIR-130, firmware version 1.23, and DIR-330, firmware version 1.12, are vulnerable to the following:CWE-294:...

9.8CVSS9.8AI score0.62527EPSS
Exploits0References2
cert
cert
added 2015/02/13 12:0 a.m.23 views

Henry Spencer regular expressions (regex) library contains a heap overflow vulnerability

Overview A regular expressions C library originally written by Henry Spencer is vulnerable to a heap overflow in some circumstances. Description CWE-122: Heap-based Buffer Overflow From the researcher, the variable len that holds the length of a regular expression string is "enlarged to such an...

7.8AI score
Exploits0References2
cert
cert
added 2015/01/13 12:0 a.m.23 views

Panasonic Arbitrator Back-End Server (BES) uses unencrypted communication

Overview Panasonic Arbitrator Back-End Server BES uses an unencrypted channel to transmit data. Description CWE-319: Cleartext Transmission of Sensitive Information Panasonic Arbitrator Back-End Server BES uses an unencrypted channel to transmit data between the client and server. It has been...

6.9AI score
Exploits0References3
cert
cert
added 2014/11/07 12:0 a.m.23 views

IBM Notes Traveler for Android transmits user credentials over HTTP

Overview The IBM Notes Traveler application for Android does not enforce the use of HTTPS for transmitting user credentials, which can allow an attacker to obtain this information. Description IBM Notes Traveler formerly known as Lotus Notes Traveler is an application that allows access to email,...

5CVSS6AI score0.0188EPSS
Exploits0References2
cert
cert
added 2014/06/17 12:0 a.m.23 views

F5 ARX Data Manager contains a SQL injection vulnerability

Overview F5 ARX Data Manager 3.0.0 - 3.1.0 contains a SQL injection vulnerability. Description CWE-89: Improper Neutralization of Special Elements used in an SQL Command F5 ARX Data Manager 3.0.0 - 3.1.0 contains an unspecified SQL injection vulnerability. --- Impact A remote authenticated attack...

6.5CVSS7AI score0.01421EPSS
Exploits0References3
cert
cert
added 2014/01/31 12:0 a.m.23 views

Lexmark laser printers contain multiple vulnerabilities

Overview Certain Lexmark devices are vulnerable to unverified password changes and stored cross-site scripting attacks. Description CWE-620: Unverified Password Change - CVE-2013-6032Certain models of Lexmark laser printers and MarkNet devices are vulnerable to an attack which allows a remote...

10CVSS6.5AI score0.03182EPSS
Exploits0References1
cert
cert
added 2013/02/07 12:0 a.m.23 views

Nuance PDF viewing products contain multiple vulnerabilities

Overview Nuance PDF viewing products contain multiple memory-corruption vulnerabilities, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Nuance provides two similar PDF viewing products called PDF Reader and PDF Viewer Plus. Both of...

9.3CVSS7.3AI score0.0322EPSS
Exploits0References5
cert
cert
added 2012/04/02 12:0 a.m.23 views

Netgear FVS318N router default remote management vulnerability

Overview Netgear ProSafe Wireless-N 8-port Gigabit VPN Firewall FVS318N router's remote management feature is enabled by default. Description Netgear ProSafe Wireless-N 8-port Gigabit VPN Firewall FVS318N router allows remote WAN internet users access to the administrator web interface of the...

7.1AI score
Exploits0References1
Total number of security vulnerabilities3704