Lucene search
K

3702 matches found

CERT
CERT
•added 2003/06/11 12:0 a.m.•34 views

SGI IRIX vulnerable to DoS when user space program calls the PIOCSWATCH ioctl() function

Overview A vulnerability in the SGI IRIX PIOCSWATCH ioctl function may allow local attackers to crash the operating system. Description SGI states that PIOCSWATCH ioctl "establishes or clears a set of watched areas in the traced process." According to SGI Security Advisory 20030603-01-P, a local...

2.1CVSS5.8AI score0.00358EPSS
Exploits0References3
CERT
CERT
•added 2003/06/10 12:0 a.m.•34 views

Sun Java Runtime Environment allows untrusted applets to access information within trusted applets

Overview The Sun Java Runtime Environment JRE contains a vulnerability that may lead to sensitive information being leaked. Description Sun Microsystems describes the Sun JRE as follows:The Java RE provides the libraries, Java virtual machine, and other components necessary for you to run applets...

7.2AI score
Exploits0References7
CERT
CERT
•added 2003/06/10 12:0 a.m.•12 views

Sun Solaris "/usr/lib/utmp_update" contains buffer overflow

Overview A vulnerability in Sun Solaris "/usr/lib/utmpupdate" may allow a local attacker to gain superuser privileges. Description A buffer overflow vulnerability exists in Sun Solaris "/usr/lib/utmpupdate". For more information, please see Sun Alert 55260. --- Impact A local attacker may be able...

7.3AI score
Exploits0References3
CERT
CERT
•added 2003/06/09 12:0 a.m.•19 views

Linux kernel IP stack incorrectly calculates size of an ICMP citation for ICMP errors

Overview The Linux 2.0 kernel contains a vulnerability in the way it processes ICMP errors. This could lead to portions of memory being leaked to a malicious user. Description The Linux 2.0 kernel versions 2.0 through 2.0.39 inclusive contains an error in the calculation of the size for an ICMP...

6.6AI score
Exploits0References3
CERT
CERT
•added 2003/06/06 12:0 a.m.•46 views

Vulnerability in OpenSSH daemon (sshd)

Overview A vulnerability in the OpenSSH daemon sshd may give remote attackers a better chance of gaining access to restricted resources. Description OpenSSH is an implementation of the Secure Shell protocol. It is used to provide strong authentication and cryptographically secure communications...

7.5CVSS7.8AI score0.05766EPSS
Exploits1References5
CERT
CERT
•added 2003/06/05 12:0 a.m.•34 views

Various Axis products allow unauthorized remote privileged access

Overview A vulnerability in various Axis Communications products may allow unauthorized remote privileged access. Description Axis Communications Inc. produces network-enabled cameras and video servers. The company describes itself as "an innovative market leader in network video and print server...

10CVSS7.4AI score0.29521EPSS
Exploits1References7
CERT
CERT
•added 2003/06/05 12:0 a.m.•23 views

Cisco Secure ACS for Windows CSAdmin vulnerable to buffer overflow via login requests

Overview Cisco Secure ACS for Windows contains a buffer overflow vulnerability that could permit a remote attacker to execute arbitrary code or cause a denial of service. Description Cisco Secure ACS for Windows is an authentication, authorization, and accounting AAA server. From Cisco Security...

7.5CVSS8AI score0.06007EPSS
Exploits0References8
CERT
CERT
•added 2003/06/04 12:0 a.m.•30 views

Sun Ray Smartcard reader may leave desktop session open when card is quickly removed

Overview The Sun Ray Smartcard reader fails to properly detect a "quick removal, reinsertion and removal of a Smartcard." Description The Sun Ray is a thin client computing device designed to process user input and output, and provide access to computing services hosted by a server. Authenticatio...

6.9AI score
Exploits0References3
CERT
CERT
•added 2003/06/04 12:0 a.m.•89 views

Microsoft Internet Explorer contains buffer overflow in processing of object types

Overview A remotely exploitable vulnerability has been discovered in Internet Explorer. Exploitation of this vulnerability may lead to the execution of arbitrary code. Description A remotely exploitable buffer overflow vulnerability has been discovered in Internet Explorer versions 5.1, 5.5 and...

7.5CVSS7.9AI score0.81307EPSS
Exploits4References4
CERT
CERT
•added 2003/06/04 12:0 a.m.•33 views

Mac OS X LDAP plugins transmit user credentials in clear text

Overview Versions 10.2 and later of Apple's MacOS X operating system include support for the Lightweight Directory Access Protocol LDAP. A vulnerability in the way some of these versions of MacOS X handle authentication in certain environments could expose user's passwords in plaintext as they're...

7.5CVSS6.2AI score0.01433EPSS
Exploits1References3
CERT
CERT
•added 2003/06/04 12:0 a.m.•22 views

SunOS versions of sendmail use popen to return undeliverable mail

Overview Older versions of sendmail circa 1995 incorrectly used popen to process certain arguments. Description There is a problem with the way that the older circa 1995 versions of Sun Microsystems, Inc. version of sendmail processes the -oR option. This problem has been verified as existing in...

7.4AI score
Exploits0References2
CERT
CERT
•added 2003/06/02 12:0 a.m.•61 views

Yahoo! Audio Conferencing ActiveX control vulnerable to buffer overflow

Overview A remotely exploitable buffer overflow vulnerability has been discovered in the Yahoo! Audio Conferencing ActiveX control. Description The Yahoo! Audio Conferencing ActiveX control is used in the web-based Yahoo! Chat service, as well as in the Win32 Yahoo! Messenger application. There i...

7.4AI score
Exploits0References8
CERT
CERT
•added 2003/06/01 12:0 a.m.•24 views

OpenVMS page management vulnerability

Overview Old versions circa 1993 of OpenVMS and OpenVMS AXP contain a vulnerability related to page management. Description There is a vulnerability related to page management in old versions circa 1993 of Open VMS. An exploit for this vulnerability, written in MACRO-32, was available at the time...

7.2CVSS6.3AI score0.00351EPSS
Exploits0
CERT
CERT
•added 2003/05/30 12:0 a.m.•17 views

GNU screen contains buffer overflow

Overview A locally exploitable buffer overflow exists in GNU screen. An exploit is publicly available for this vulnerability. Description The Free Software Foundation describes GNU Screen as follows:Screen is a full-screen window manager that multiplexes a physical terminal between several...

7.2AI score
Exploits0References4
CERT
CERT
•added 2003/05/28 12:0 a.m.•13 views

HP-UX "rexec" command vulnerable to buffer overflow when supplied overly long command line argument to "-l" option

Overview A buffer overflow vulnerability in the rexec program supplied in some versions of the HP-UX operating system could allow local users to gain privileged access. Description The rexec program allows local users to execute commands on remote servers. rexec calls the rexec subroutine to act ...

7.9AI score
Exploits0References1
CERT
CERT
•added 2003/05/23 12:0 a.m.•39 views

zlib "gzprintf()" function vulnerable to buffer overflow

Overview A buffer overflow exists in one of the functions included with the zlib compression library. This vulnerability may allow a remote attacker to execute arbitrary code or cause a denial of service. An exploit for this vulnerability is publicly available. Description The zlib website...

7.5CVSS7.5AI score0.2554EPSS
Exploits1References8
CERT
CERT
•added 2003/05/20 12:0 a.m.•28 views

GnuPG contains flaw in key validation code

Overview A vulnerability in GnuPG may cause keys with multiple user ID's to give other user IDs on the key a false amount of validity. Description From the GnuPG homepage:GnuPG stands for GNU Privacy Guard and is GNU's tool for secure communication and data storage. It can be used to encrypt data...

10CVSS5.9AI score0.06558EPSS
Exploits0References4
CERT
CERT
•added 2003/05/19 12:0 a.m.•20 views

HP-UX "kermit" vulnerable to buffer overflow

Overview HP-UX's implementation of kermit contains a buffer overflow which may allow a local attacker to gain elevated privileges. Description From the Kermit Project:Kermit software offers interactive and scripted file transfer and management, terminal emulation, Unicode-aware character-set...

7.5AI score
Exploits0References4
CERT
CERT
•added 2003/05/19 12:0 a.m.•29 views

Apple Mac OS X IPSec mechanism fails to handle certain incoming security policies that match by port

Overview Apple's Mac OS X IPSec implementation does not properly filter certain types of IP traffic. Description Apple Mac OS X contains an implementation of the IP Security Protocol IPSec. A vulnerability in this implementation may allow a remote attacker to exchange traffic with a host that...

7.5CVSS6.2AI score0.03215EPSS
Exploits0References4
CERT
CERT
•added 2003/05/16 12:0 a.m.•25 views

Microsoft Internet Explorer does not safely handle multiple file download requests

Overview A problem in the way Microsoft Internet Explorer handles a large number of file download requests could result in the execution of arbitrary code on a vulnerable system. Description When Internet Explorer IE follows a link to an executable file .exe, a dialog window is displayed that...

7.5CVSS7.7AI score0.4997EPSS
Exploits0References9
CERT
CERT
•added 2003/05/14 12:0 a.m.•21 views

XMMS Remote input validation error

Overview There is an input validation error in the stand-alone SOAP server XMMS Remote which allows unauthorized remote command execution. Description XMMS Remote is a stand-alone XML/SOAP HTTP server implemented in PERL created by X2 Studios. It is used to monitor a running xmms media player...

7.7AI score
Exploits0References5
CERT
CERT
•added 2003/05/13 12:0 a.m.•31 views

Adobe Acrobat does not adequately validate Acrobat JavaScript

Overview Adobe Acrobat contains a vulnerability in its JavaScript parsing engine that could allow an attacker to place arbitrary files on the local file system. Description Different versions of Adobe Acrobat software can create, modify, and read Portable Document Format PDF files. Acrobat...

7.5CVSS6AI score0.02106EPSS
Exploits0References6
CERT
CERT
•added 2003/05/13 12:0 a.m.•20 views

Kerio Personal Firewall vulnerable to replay attack

Overview Kerio Personal Firewall contains a vulnerability that may allow a remote attacker to replay an administration session. Description Kerio Technologies Inc. describes the Kerio Personal Firewall as follows:Kerio Personal Firewall KPF is a software agent that builds a barrier between your...

7.5CVSS6.2AI score0.03776EPSS
Exploits1References3
CERT
CERT
•added 2003/05/12 12:0 a.m.•19 views

Ethereal contains multiple one-byte buffer overflows in several dissectors

Overview Ethereal is a network traffic analysis package. Several packet dissectors contain a vulnerability that may cause a denial-of-service situation. Description Several packet dissectors for Ethereal contain a one-byte buffer overflow vulnerability. According to the Ethereal Advisory,...

7.9AI score
Exploits0References2
CERT
CERT
•added 2003/05/12 12:0 a.m.•11 views

Ethereal contains integer overflow in PPP dissector

Overview Ethereal is a network traffic analysis package. The PPP packet dissector contains a vulnerability that may result in the execution of arbitrary code. Description The PPP packet dissector for Ethereal contains an integer overflow vulnerability. According to the Ethereal Advisory,...

7.8AI score
Exploits0References1
CERT
CERT
•added 2003/05/12 12:0 a.m.•15 views

Ethereal contains integer overflow in Mount dissector

Overview Ethereal is a network traffic analysis package. The mount packet dissector contains a vulnerability that may result in the execution of arbitrary code. Description The mount packet dissector for Ethereal contains an integer overflow vulnerability. According to the Ethereal Advisory,...

7.8AI score
Exploits0References1
CERT
CERT
•added 2003/05/12 12:0 a.m.•31 views

Kerio Personal Firewall vulnerable to buffer overflow

Overview Kerio Personal Firewall contains a buffer overflow that may allow a remote attacker to execute arbitrary code. An exploit for this vulnerability is publicly available. Description Kerio Technologies Inc. describes the Kerio Personal Firewall as follows:Kerio Personal Firewall KPF is a...

7.5CVSS7.4AI score0.6909EPSS
Exploits8References9
CERT
CERT
•added 2003/05/07 12:0 a.m.•20 views

Microsoft Windows Media Player fails to properly evaluate URLs when downloading skin files

Overview Microsoft Media Player contains a vulnerability in the parsing of "Skin Files" that may permit a remote attacker to download arbitrary files to a known location on the local system. Description Microsoft Media Player is an application that plays various types of media files. The user can...

7.5CVSS6.8AI score0.46315EPSS
Exploits1References5
CERT
CERT
•added 2003/05/05 12:0 a.m.•31 views

Microsoft Internet Explorer does not adequately validate window ornament parameters in dialog frames

Overview A vulnerability in the way Microsoft Internet Explorer IE handles window ornament parameters in dialog frames allows script from a dialog frame in one domain to execute in a different domain, including the Local Machine Zone. The script could read certain local files and data i.e. cookie...

5CVSS7.6AI score0.25248EPSS
Exploits1References9
CERT
CERT
•added 2003/05/05 12:0 a.m.•12 views

Cisco Catalyst switches allow access to "enable mode" without password

Overview Cisco Catalyst OS 7.51 contains a vulnerability that allows anyone who can obtain command line access to gain "enable" mode access without knowledge of the "enable" password. Description Cisco Catalyst OS is an operating system for Cisco's line of Catalyst switches. Version 7.51 of...

7.2AI score
Exploits0References2
CERT
CERT
•added 2003/05/04 12:0 a.m.•30 views

pam_xauth may insecurely forward "X MIT-Magic-Cookies" to new sessions

Overview A vulnerability exists in pamxauth that may allow a local attacker to gain access to an administrator's X session. Description pamxauth is used to forward xauth keys or cookies between users. From the pamxauth man page:Without pamxauth, when xauth is enabled and a user uses the su comman...

7.2CVSS6AI score0.00431EPSS
Exploits0References3
CERT
CERT
•added 2003/05/02 12:0 a.m.•72 views

Sun ONE Directory Server "ns-ldapd" can be terminated by unprivileged user

Overview A denial-of-service vulnerability exists in the Sun ONE Directory Server. This vulnerability may allow a remote attacker to effectively terminate directory services on the affected host. Description Sun describes the Sun ONE Directory Server asa software product that provides a central...

7AI score
Exploits0References2
CERT
CERT
•added 2003/05/01 12:0 a.m.•23 views

RealSystem Server contains buffer overflow

Overview A buffer overflow vulnerability exists in the RealSystem Server. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable host. An exploit exists for this vulnerability and is publicly available. Description RealSystem Server is a streaming media server. A...

8.3AI score
Exploits0References3
CERT
CERT
•added 2003/05/01 12:0 a.m.•19 views

RealSystem Proxy contains buffer overflow

Overview A buffer overflow vulnerability exists in the RealSystem Proxy. This vulnerability may allow a remote attacker to execute arbitrary code on a vulnerable host. An exploit exists for this vulnerability and is publicly available. Description RealSystem Proxy is a streaming media proxy-cache...

8.3AI score
Exploits0References3
CERT
CERT
•added 2003/04/30 12:0 a.m.•32 views

ScriptLogic RunAdmin service can allow users to gain administrative access

Overview There is a vulnerability in version 4.01 of ScriptLogic that may allow local or domain users to gain administrative access to workstations running the ScriptLogic RunAdmin service. Description The ScriptLogic product from ScriptLogic, Inc. provides remote system administration capabiliti...

8.1AI score
Exploits0References1
CERT
CERT
•added 2003/04/30 12:0 a.m.•14 views

rpc.walld fails to properly validate messages before broadcasting to clients

Overview A vulnerability in rpc.walld may allow local users to forge wall messages. An exploit exists for this vulnerability and is publically available. Description From the rpc.walld man page:The wall command reads the named file, or, if no filename appears, it reads the standard input until an...

6.2AI score
Exploits0References3
CERT
CERT
•added 2003/04/30 12:0 a.m.•14 views

ScriptLogic RPC service allows local users to modify arbitrary registry settings

Overview There is a vulnerability in version 4.01 of ScriptLogic that could allow local users to gain full access to the registry. Description The ScriptLogic product from ScriptLogic, Inc. provides remote system administration capabilities for Microsoft Windows systems in a domain. A vulnerabili...

7.1AI score
Exploits0References1
CERT
CERT
•added 2003/04/30 12:0 a.m.•34 views

ScriptLogic sets insecure permissions on "LOGS$" share

Overview Version 4.01 of ScriptLogic contains a vulnerability in the default permissions assigned to the network share used for logging. Description The ScriptLogic product from ScriptLogic, Inc. provides remote system administration capabilities for Microsoft Windows systems in a domain...

7AI score
Exploits0References1
CERT
CERT
•added 2003/04/29 12:0 a.m.•44 views

PopTop PPTP Server contains buffer overflow in "ctrlpacket.c"

Overview There is a remotely exploitable buffer overflow in PopTop. An exploit for this vulnerability exists and is publicly available. Description From the PopTop web site:PopToP is the PPTP server solution for Linux ports exist for Solaris 2.6, OpenBSD and FreeBSD and others. A buffer overflow...

7.5CVSS7.2AI score0.71026EPSS
Exploits7References5
CERT
CERT
•added 2003/04/28 12:0 a.m.•30 views

tcpdump enters infinite loop when parsing crafted ISAKMP packets

Overview There is a denial-of-service vulnerability in tcpdump that may allow a remote attacker to cause tcpdump to enter an infinite loop. Description tcpdump, a tool used to monitor network traffic, has the ability to capture Internet Security Association and Key Management Protocol ISAKMP...

5CVSS5.8AI score0.11342EPSS
Exploits3References5
CERT
CERT
•added 2003/04/25 12:0 a.m.•45 views

Microsoft Internet Explorer does not adequately validate source of dialog frame

Overview Microsoft Internet Explorer IE allows script from a dialog frame in one domain to execute in a different domain, including the Local Machine Zone. The script could read certain local files and data i.e. cookies from other web sites. In the presence of other vulnerabilities VU626395,...

7.6AI score
Exploits0References27
CERT
CERT
•added 2003/04/24 12:0 a.m.•30 views

Buffer Overflow in URLMON.DLL

Overview A buffer overflow in URLMON.DDL may allow an intruder to execute arbitrary code. Description URLMON.DLL is a library used by Microsoft Internet Explorer. It contains a buffer overflow that could allow an intruder to execute arbitrary code if the intruder can convince the victim to visit ...

7.5CVSS8AI score0.39367EPSS
Exploits0References2
CERT
CERT
•added 2003/04/23 12:0 a.m.•49 views

SSL/TLS implementations disclose side channel information via PKCS #1 v1.5 version number extension

Overview SSL/TLS implementations that respond distinctively to an incorrect PKCS 1 v1.5 encoded SSL/TLS version number expose the premaster secret to a modified Bleichenbacher attack. An attacker could decrypt a given SSL/TLS session or forge a signature on behalf of a vulnerable application's...

7.5CVSS8AI score0.0628EPSS
Exploits0References13
CERT
CERT
•added 2003/04/17 12:0 a.m.•14 views

RealNetworks Helix Universal Server vulnerable to buffer overflow when sent two simultaneous HTTP requests containing a long string of characters

Overview The RealNetworks' Helix Universal Server supports delivery of several different media types over the Internet. Vulnerabilities have been discovered in the way it handles some requests from the network. These vulnerabilities could allow a remote attacker to execute arbitrary code on...

8AI score
Exploits0References3
CERT
CERT
•added 2003/04/17 12:0 a.m.•25 views

RealNetworks Helix Universal Server vulnerable to buffer overflow when supplied an overly long string within the "Transport" field of a SETUP RTSP request

Overview The RealNetworks' Helix Universal Server supports delivery of several different media types via RTSP Real Time Streaming Protocol. Vulnerabilities have been discovered in the way it handles some RTSP requests. These vulnerabilities could allow a remote attacker to execute arbitrary code ...

8.3AI score
Exploits0References4
CERT
CERT
•added 2003/04/17 12:0 a.m.•32 views

Buffer Overflow in mod_ssl

Overview A buffer overflow exists in modssl. Description modssl is an Apache module that allows secure connections over X.509 authenticated channels. A buffer overflow exists in the sslcompatdirective function. For more detailed information, please see the original vulnerability report. --- Impac...

7.8CVSS7.8AI score0.011EPSS
Exploits0References4
CERT
CERT
•added 2003/04/17 12:0 a.m.•18 views

RealNetworks Helix Universal Server vulnerable to buffer overflow when supplied an overly long string for the "Describe" field

Overview The RealNetworks' Helix Universal Server supports delivery of several different media types over the Internet via RTSP Real Time Streaming Protocol. Vulnerabilities have been discovered in the way it handles some RTSP requests. These vulnerabilities could allow a remote attacker to execu...

8.1AI score
Exploits0References4
CERT
CERT
•added 2003/04/16 12:0 a.m.•28 views

Heap overflow in Snort "stream4" preprocessor

Overview The Snort "stream4" preprocessor module contains a vulnerability that allows remote attackers to execute arbitrary code with the privileges of the user running Snort, typically root. Description Researchers at CORE Security Technologies have discovered a remotely exploitable heap overflo...

7.9AI score
Exploits0References4
CERT
CERT
•added 2003/04/15 12:0 a.m.•42 views

Microsoft Windows kernel contains stack overflow

Overview A stack overflow vulnerability exists in the Microsoft Windows kernel. Description The kernel is the core or "heart" of any operating system and is responsible for a variety of things, such as managing memory and allocating hardware resources. Entercept's Ricochet Team has discovered a...

4.6CVSS6.8AI score0.02156EPSS
Exploits0References2
CERT
CERT
•added 2003/04/14 12:0 a.m.•28 views

Oracle E-Business Suite Report Review Agent (RRA) allows arbitrary files to be retrieved with no authentication

Overview A vulnerability in Oracle's E-Business Suite Report Review Agent RRA allows arbitrary files to be retrieved with no authentication. Description A vulnerability exists in the Oracle E-Business Suite Report Review Agent RRA. This vulnerability may allow a remote attacker to retrieve...

6.7AI score
Exploits0References5
Total number of security vulnerabilities3702