Lucene search
K

3702 matches found

CERT
CERT
•added 2002/11/20 12:0 a.m.•30 views

Microsoft Windows Data Access Components contains heap overflow in Data Stubs when parsing a malformed HTTP request

Overview A vulnerability in the Microsoft Data Access Components MDAC could lead to remote execution of code with the privileges of the current process, or user. Description Microsoft Data Access Components MDAC is a collection of utilities and routines to process requests between databases and...

7.5CVSS7.4AI score0.76004EPSS
Exploits5References4
CERT
CERT
•added 2002/11/20 12:0 a.m.•22 views

Alcatel Operating System (AOS) does not require a password for accessing the telnet server

Overview The OmniSwitch 7700/7800 running Alcatel Operating System AOS version 5.1.1 has TCP port 6778 listening as a telnet server. This gives anyone access to the OmniSwitch's Vx-Works operating system without requiring a password. Description During an NMAP audit of the AOS 5.1.1 code that run...

10CVSS6.2AI score0.05282EPSS
Exploits0References3
CERT
CERT
•added 2002/11/19 12:0 a.m.•22 views

NetScreen Secure Command Shell (SCS) denial-of-service vulnerability

Overview The Secure Command Shell service on NetScreen firewall products contains a remotely exploitable denial-of-service vulnerability. Description Firewall products from NetScreen Technologies, Inc. include a Secure Shell version 1 SSHv1 implementation called Secure Command Shell SCS. The SCS...

7AI score
Exploits0References4
CERT
CERT
•added 2002/11/19 12:0 a.m.•35 views

The default NTFS permissions are not applied to a converted boot partition on Microsoft Windows 2000 and Windows XP systems when CONVERT.EXE is used

Overview Several commercial desktops and laptops from OEM distributors ship with insecure permissions set on files and directories. It has been confirmed that this is due to the use of Microsoft's CONVERT.EXE utility. Description Microsoft's CONVERT.EXE program is used to convert FAT32 file syste...

4.6CVSS6.8AI score0.01949EPSS
Exploits0References2
CERT
CERT
•added 2002/11/19 12:0 a.m.•54 views

Various DNS service implementations generate multiple simultaneous queries for the same resource record

Overview Various implementations of DNS services may allow multiple simultaneous queries for the same resource record, allowing an attacker to apply probabilistic techniques to improve their odds of successful DNS spoofing. Description Some implementations of DNS services contain a vulnerability...

8.9AI score
Exploits0References11
CERT
CERT
•added 2002/11/13 12:0 a.m.•57 views

Overly large OPT record assertion

Overview A remotely exploitable denial-of-service vulnerability exists in BIND. Based on recent reports, we believe this vulnerability is being actively exploited. Description A remotely exploitable denial-of-service vulnerability exists in BIND 8.3.0 - 8.3.3. ISC's description of this...

5CVSS7.6AI score0.096EPSS
Exploits0References3
CERT
CERT
•added 2002/11/13 12:0 a.m.•102 views

Domain Name System (DNS) stub resolver libraries vulnerable to buffer overflows via network name or address lookups

Overview The DNS stub resolver library in ISC BIND 4.9.2 through 4.9.10 contains buffer overflows in code that handles responses for network name and address requests. Other resolver libraries derived from BIND 4 such as BSD libc, GNU glibc, and those used by System V UNIX systems may also be...

9.6AI score
Exploits0References2
CERT
CERT
•added 2002/11/13 12:0 a.m.•37 views

ISC BIND 8 fails to properly dereference cache SIG RR elements with invalid expiry times from the internal database

Overview A remotely exploitable denial-of-service vulnerability exists in BIND. Description A remotely exploitable denial-of-service vulnerability exists in BIND 8.2 - 8.2.6 and BIND 8.3.0 - 8.3.3. ISC's description of this vulnerability states:It is possible to de-reference a NULL pointer for...

5CVSS6.1AI score0.07573EPSS
Exploits0References3
CERT
CERT
•added 2002/11/13 12:0 a.m.•42 views

Cached malformed SIG record buffer overflow

Overview A vulnerability in BIND allows remote attackers to execute code with the privileges of the process running named. This vulnerability is resolved in BIND versions 4.9.11, 8.2.7, 8.3.4, and BIND 9. Description A remotely exploitable buffer overflow exists in named. An attacker using...

7.7AI score
Exploits0References1
CERT
CERT
•added 2002/11/04 12:0 a.m.•24 views

Multiple Sun RPC-based libc implementations fails to provide time-out mechanism when reading data from TCP connections

Overview A denial-of-service vulnerability exists in multiple vendor Sun RPC-based libc implementations. Description Multiple vendor Sun RPC-based libc implementations fail to properly read data from TCP connections. As a result, a remote attacker can deny service to system daemons. --- Impact A...

5CVSS6.2AI score0.02502EPSS
Exploits0References1
CERT
CERT
•added 2002/10/29 12:0 a.m.•45 views

Apache discloses source code via POST requests to a location with WebDAV and CGI enabled

Overview There is an information leakage in Apache that results from an interaction between WebDAV and CGI. Description Apache version 2.0.42 allows remote attackers to obtain the source code of CGI scripts that are stored in locations for which both CGI and WebDAV are enabled. When a POST reques...

9.3AI score
Exploits0References4
CERT
CERT
•added 2002/10/29 12:0 a.m.•19 views

Netegrity SiteMinder does not adequately validate user input thereby allowing user to bypass filters via crafted URL

Overview Netegrity SiteMinder does adequately vaildate HTTP requests containing malicious Unicode encodings. Description Netegrity SiteMinder is a platform for securing multiple web applications through a single point of user authentication. SiteMinder does not properly filter HTTP requests when...

6.9AI score
Exploits0References1
CERT
CERT
•added 2002/10/28 12:0 a.m.•45 views

webalizer vulnerable to buffer overflow when performing reverse DNS lookups

Overview A remotely exploitable buffer overflow exists in all versions of webalizer prior to version 2.01-10. Description webalizer is a web server log file analysis program.webalizer has the ability do resolve hostnames as part of the process of generating reports. A buffer overflow exists in th...

7.5CVSS6.8AI score0.04416EPSS
Exploits0References6
CERT
CERT
•added 2002/10/24 12:0 a.m.•16 views

Microsoft Windows 2000 SNMP service leaks memory when querying printer objects if spooler service is stopped

Overview A memory leak exists in the Windows 2000 SNMP service. Under a specific precondition, it can result in a remote denial-of-service vulnerability. Description If the SNMP service is running on a Windows 2000 server, and the 'Print Spooler' service is not running, repeatedly using SNMP...

7.1AI score
Exploits0References3
CERT
CERT
•added 2002/10/23 12:0 a.m.•26 views

Kerberos administration daemon vulnerable to buffer overflow

Overview Multiple Kerberos distributions contain a remotely exploitable buffer overflow in the Kerberos administration daemon. A remote attacker could exploit this vulnerability to gain root privileges on a vulnerable system. Description A remotely exploitable buffer overflow exists in the Kerber...

10CVSS7.8AI score0.15105EPSS
Exploits0References8
CERT
CERT
•added 2002/10/18 12:0 a.m.•38 views

Avaya switches contains multiple undocumented accounts allowing full administrative access to the device

Overview Multiple Avaya switches do not adequately protect privileged access. Description Avaya's P882, P880, P580, and P550R series switches do not adequately protect account access. As a result, a remote attacker can gain access to the switch via http or telnet. --- Impact A remote attacker can...

7.5CVSS8.5AI score0.03283EPSS
Exploits0References4
CERT
CERT
•added 2002/10/17 12:0 a.m.•31 views

Multiple IPsec implementations do not adequately validate authentication data

Overview IPsec implementations from multiple vendors do not adequately validate the authentication data in IPsec packets, exposing vulnerable systems to a denial of service. Description For background: RFC 2401 Security Architecture for the Internet Protocol RFC 2402 IP Authentication Header RFC...

5CVSS7AI score0.02474EPSS
Exploits0References4
CERT
CERT
•added 2002/10/17 12:0 a.m.•25 views

gv contains buffer overflow in sscanf() function

Overview A remotely exploitable buffer overflow vulnerability exists in gv. Description A remotely exploitable buffer overflow vulnerability exists in gv. gv allows a user to view and navigate PostScript and PDF documents by providing an interface to the ghostscript interpreter. This vulnerabilit...

4.6CVSS7.1AI score0.02025EPSS
Exploits1References4
CERT
CERT
•added 2002/10/17 12:0 a.m.•52 views

Microsoft Word and Excel documents allow local file reading by via embedded fields

Overview Microsoft Word and Excel contain special encoding tags for formatting and updating content. An attacker may be able to use these tags to exploit an information disclosure vulnerability. Description Microsoft Word and Microsoft Excel are applications that ship as part of the Microsoft...

5CVSS5.5AI score0.53564EPSS
Exploits1References2
CERT
CERT
•added 2002/10/16 12:0 a.m.•26 views

dvips uses system() function insecurely thereby allowing arbitrary command execution

Overview A vulnerability in the dvips utility can allow a remote attacker to execute arbitrary code on a vulnerable system. Description The dvips utility is used to convert DVI files to PostScriptTM. Typically the output is sent to the printer.RHSA-2002:194-18 states the vulnerability occurs...

7.5CVSS7AI score0.07953EPSS
Exploits0References3
CERT
CERT
•added 2002/10/15 12:0 a.m.•27 views

State-based firewalls fail to effectively manage session table resource exhaustion

Overview There is a vulnerability in several state-based firewall products that allows arbitrary remote attackers to conduct denial of service attacks against vulnerable firewalls. Description Many firewall products use state tables to determine whether a given packet belongs to an existing sessi...

7.2AI score
Exploits0References3
CERT
CERT
•added 2002/10/15 12:0 a.m.•19 views

Multiple vendors' HTTP content/virus scanners do not check data tunneled via HTTP CONNECT method

Overview Multiple vendors' HTTP anti-virus and content filters do not inspect the contents of HTTP CONNECT method tunnels. As a result, viruses or other restricted HTTP content may not be blocked as specified by policy. Description Many anti-virus and content filter products that are designed to...

7AI score
Exploits0References3
CERT
CERT
•added 2002/10/11 12:0 a.m.•27 views

Microsoft Java implementation JDBC classes do not properly validate DLL requests

Overview The Java Database Connectivity JDBC classes of Microsoft's Java virtual machine VM do not properly validate DLL requests, allowing a malicious applet to load and execute any DLL on the client system. Description Microsoft's Java VM is installed on Windows 98, NT, 2000, and XP. It is used...

7.5CVSS6.3AI score0.41356EPSS
Exploits0References2
CERT
CERT
•added 2002/10/11 12:0 a.m.•31 views

Microsoft Java implementation JDBC functions do not properly validate parameters

Overview The Java Database Connectivity JDBC classes of Microsoft's Java virtual machine VM contain functions that do not properly validate parameters. A malicious Java applet can exploit this vulnerability to crash programs on the client system. Description Microsoft's Java VM is installed on...

5CVSS7.1AI score0.27267EPSS
Exploits0References2
CERT
CERT
•added 2002/10/11 12:0 a.m.•26 views

Multiple buffer overflow vulnerabilities in QNX

Overview Multiple buffer overflow vulnerabilities have been reported in QnX. Description QnX is an RTOS Realtime Operating System. QnX is used in many different devices and industries, including, but not limited to, Routers Manufacturing and Processing Medical Equipment Automotive and...

7.8AI score
Exploits0References4
CERT
CERT
•added 2002/10/11 12:0 a.m.•30 views

Microsoft Java implementation allows execution of malicious code

Overview A class in Microsoft's Java virtual machine VM does not properly validate trusted applets, allowing untrusted applets to exploit native methods and execute arbitrary code. Description Microsoft's Java VM is installed on Windows 98, NT, 2000, and xp. It is used by Internet Explorer and...

7.5CVSS7.1AI score0.19841EPSS
Exploits0References2
CERT
CERT
•added 2002/10/10 12:0 a.m.•35 views

ypxfrd daemon fails to properly validate user supplied arguments in "getdbm" procedure

Overview A vulnerability in the ypxfrd daemon may allow a local attacker to read arbitrary files on the vulnerable system. Description Janusz Niewiadomski, of iSEC, discovered this vulnerability and produced the following advisory.Issue: ====== Improper arguments validation in ypxfrd may allow...

5CVSS6AI score0.02238EPSS
Exploits0References2
CERT
CERT
•added 2002/10/08 12:0 a.m.•16 views

Multiple vendors' firewalls do not adequately keep state of FTP traffic

Overview Firewalls and other systems that inspect FTP application layer traffic may not adequately maintain the state of FTP commands and responses. As a result, an attacker could establish arbitrary TCP connections to FTP servers or clients located behind a vulnerable firewall. Description Many...

6.7AI score
Exploits0References4
CERT
CERT
•added 2002/10/04 12:0 a.m.•39 views

Microsoft Services for Unix 3.0 Interix SDK vulnerable to buffer overrun via RPC request containing improper parameter size check

Overview Microsoft Services for Unix 3.0 Interix SDK contains a remotely exploitable buffer overflow. Description Quoting from Microsoft's Services for Unix 3.0 homepage, "Windows Services for UNIX version 3.0 provides a full range of cross-platform services for integrating Windows into existing...

5CVSS6.9AI score0.13903EPSS
Exploits0References1
CERT
CERT
•added 2002/10/03 12:0 a.m.•41 views

Apache HTTPD server vulnerable to cross site scripting on error page when using wildcard DNS

Overview Versions of the Apache HTTPD server with wildcard DNS enabled and UseCanonicalName disabled, are vulnerable to a cross-site scripting attack. Description Apache HTTPD servers versions 2.0.42 and prior, and 1.3.26 and prior, with wildcard DNS enabled and UseCanonicalName disabled, are...

6.8CVSS8.7AI score0.94006EPSS
Exploits0References1
CERT
CERT
•added 2002/10/02 12:0 a.m.•60 views

ZIP archives containing files with large filenames can cause buffer overflows

Overview Multiple file decompression utilities contain buffer overflow vulnerabilities for which the impacts vary. Description Researchers at Rapid7, Inc. have discovered that multiple file decompression utilities are susceptible to buffer overflows as a result of large filenames embedded in...

7.5CVSS7.2AI score0.43298EPSS
Exploits0References1
CERT
CERT
•added 2002/10/02 12:0 a.m.•45 views

Microsoft SmartHTML interpreter (shtml.dll) contains vulnerability

Overview Microsoft's SmartHTML interpreter shtml.dll contains a remotely exploitable vulnerability. Description shtml.dll is a component of FrontPage Server Extensions. FrontPage Server Extensions allow web developers to add or change content and to manage the web server.Quoting from MS02-053, "T...

7.5CVSS7.2AI score0.17959EPSS
Exploits0References3
CERT
CERT
•added 2002/10/01 12:0 a.m.•22 views

InvokeRegWizard (regwizc.dll) ActiveX control has a buffer overflow

Overview Microsoft Internet Explorer 4.01 and 5 ship with a series of activex controls to aid in its functionality. Regwiz.dll is an safe-for-scripting activex control that contains a remotely exploitable buffer overflow. Description InvokeRegWizard regwizc.dll is a control that ships with...

7.9AI score
Exploits0References2
CERT
CERT
•added 2002/10/01 12:0 a.m.•27 views

Microsoft Internet Explorer executes scripts when scripting has been disabled after bypassing initial security checks

Overview A vulnerability exists in Microsoft Internet Explorer that could permit an attacker to execute arbitrary script, even if the user has specifically disabled active scripting. Description Internet Explorer permits users to customize settings that enable and disable the ability of scripts t...

7.5CVSS7.4AI score0.13325EPSS
Exploits0References2
CERT
CERT
•added 2002/10/01 12:0 a.m.•32 views

Microsoft Windows XMLHTTP component allows remote access to local data sources

Overview The Microsoft XMLHTTP ActiveX control allows unauthorized reading of any known file on a system. A victim must be enticed to visit a malicious site in order to be attacked. Description Description from MS02-008:Microsoft XML Core Services MSXML includes the XMLHTTP ActiveX control, which...

5CVSS5.5AI score0.19175EPSS
Exploits0References5
CERT
CERT
•added 2002/10/01 12:0 a.m.•31 views

SetupCtl 1.0 Type Library contains a buffer overflow

Overview SetupCtl 1.0 Type Library is a safe-for-scripting ActiveX control that contains a remotely exploitable buffer overflow. This control ships with Microsoft Internet Explorer 4.01 and 5. Description SetupCtl 1.0 Type Library is a safe-for-scripting ActiveX control that contains a remotely...

10CVSS7AI score0.24429EPSS
Exploits0References2
CERT
CERT
•added 2002/10/01 12:0 a.m.•19 views

Adobe Acrobat eBook Reader allows users to circumvent copying and printing restrictions

Overview A vulnerability in Adobe Acrobat eBook Reader allows local users to circumvent redistribution restrictions placed on an eBook by the publisher. Description The Adobe Acrobat eBook Reader allows one to read electronic books. The eBook Reader employs technology in order to control what the...

4.6CVSS5.8AI score0.01625EPSS
Exploits1References2
CERT
CERT
•added 2002/10/01 12:0 a.m.•29 views

DHTML Edit Control for IE5 allows local files to be uploaded to web server

Overview A vulnerability exists in the DHTML Edit Control for IE5 that allows arbitrary local files to be uploaded to a web server. Description DHTML Edit is an activex control that is marked safe-for-scripting. This control can be embedded in a website, and permit local files to be remotely...

2.6CVSS6AI score0.13291EPSS
Exploits0References1
CERT
CERT
•added 2002/10/01 12:0 a.m.•23 views

Domain Name System (DNS) resolver libraries vulnerable to read buffer overflow

Overview DNS stub resolvers from multiple vendors contain a buffer overflow vulnerability. The impact of this vulnerability appears to be limited to denial of service. Description A read buffer overflow vulnerability exists in BIND 4 and BIND 8.2.x stub resolver libraries. Other resolver librarie...

5CVSS7.4AI score0.03279EPSS
Exploits0
CERT
CERT
•added 2002/09/27 12:0 a.m.•26 views

Microsoft Internet Explorer 5.5 print template ActiveX control allows arbitrary command execution

Overview The Internet Explorer 5.5 Print Template feature contains a vulnerability that allows a web page author to execute arbitrary code as the user viewing the web page. Description Internet Explorer version 5.5 supports a feature called "print templates" which allows a web page author to...

5.1CVSS7.2AI score0.03869EPSS
Exploits0References2
CERT
CERT
•added 2002/09/27 12:0 a.m.•28 views

Microsoft Windows Media Player creates URL shortcut that may contain HTML code in known location in Local Computer Zone

Overview There is a vulnerability in the creation of Internet shortcuts in Windows Media Player version 6.4 and 7. This vulnerability may allow attackers to execute arbitrary commands when a victim views a malicious web page. Description Windows Media Player versions 6.4 and 7 create Internet...

5CVSS7AI score0.1759EPSS
Exploits0References2
CERT
CERT
•added 2002/09/27 12:0 a.m.•24 views

Microsoft Windows 2000 Indexing Service permits read access to files outside web root via crafted request

Overview A vulnerability exists in the way that Index Server 2.0 and the Indexing Service for Windows 2000 handles search requests. This vulnerability may alllow attackers to view the contents of "include" files located on the web server. Description By submitting a specific search request to a...

5CVSS6AI score0.14349EPSS
Exploits0References2
CERT
CERT
•added 2002/09/27 12:0 a.m.•28 views

WebBoard does not adequately validate user input thereby permitting arbitrary JavaScript execution

Overview WebBoard does not adequately validate user input, allowing attackers to execute arbitrary JavaScript code on other WebBoard users' systems. Description WebBoard is a web application which includes a real-time chat server, using JavaScript alerts to display messages received by other user...

5CVSS7.1AI score0.0521EPSS
Exploits1References1
CERT
CERT
•added 2002/09/27 12:0 a.m.•23 views

Novell GroupWise Server web-based front-end does not adequately validate user input thereby allowing directory traversal

Overview Novell GroupWise web application does not adequately validate user input, allowing directory traversal. Description Novell GroupWise server includes a web application that allows users to access e-mail and other features of the server. This component of GroupWise does not properly valida...

6.9AI score
Exploits0References3
CERT
CERT
•added 2002/09/27 12:0 a.m.•24 views

Savant Web Server has a buffer overflow vulnerability

Overview Savant Web Server has a buffer overflow vulnerability in handling of the HTTP 1.1 Host header. Description Savant Web Server has a buffer overflow vulnerability in handling of the HTTP 1.1 Host header. HTTP requests with long Host headers will cause Savant to crash. --- Impact Remote...

8.2AI score
Exploits0References1
CERT
CERT
•added 2002/09/27 12:0 a.m.•24 views

MS Excel XLM Text Macro execution fails to trigger warning when default medium security set

Overview Excel fails to present a warning dialog when a macro is called from an external XLM text macro file. Description If a spreadsheet contains a reference to an external macro XLM file, Excel does not generate the usual warning dialog asking if the user wants to run the macro. Microsoft...

7.2CVSS7.1AI score0.01554EPSS
Exploits0References7
CERT
CERT
•added 2002/09/27 12:0 a.m.•31 views

Microsoft Exchange 2000 system attendant sets incorrect remote registry permissions

Overview The Microsoft Exchange System Attendant sets the permissions on a registry key incorrectly, allowing remote intruders access to the registry. Description The Microsoft Exchange System Attendant changes the permissions of the...

6.4CVSS6.2AI score0.13305EPSS
Exploits0References2
CERT
CERT
•added 2002/09/27 12:0 a.m.•42 views

Microsoft Word does not check for macros contained in linked template file when opening RTF document

Overview There is a vulnerability caused by a failure to detect macros embedded in templates used by rich text format documents opened in Microsoft Word. This vulnerability may allow the author of a malicious document to execute arbitrary commands as the user who opens the document. Description...

4.6CVSS7.1AI score0.01432EPSS
Exploits0References2
CERT
CERT
•added 2002/09/27 12:0 a.m.•15 views

Shambala FTP Server does not adequately validate user input thereby allowing directory traversal

Overview Shambala FTP server has a directory traversal vulnerability in its handling of the CWD command. Description Shambala FTP server contains a directory traversal vulnerability in its handling of the CWD command. Attackers may exploit this vulnerability to read directories and files outside ...

6.8AI score
Exploits0References1
CERT
CERT
•added 2002/09/27 12:0 a.m.•16 views

Sun Solaris asppls(1M) vulnerable to arbitrary file overwriting via symlink redirection of temporary file

Overview Sun Solaris asppls1M creates temporary files insecurely, leading to possible local root compromise. Description Sun Microsystems describes the function of asppls1M as follows:aspppd is the link manager for the asynchronous data link protocol specified in RFC1331, The Point-to-Point...

6.7AI score
Exploits0References1
Total number of security vulnerabilities3702