Lucene search
K

3702 matches found

CERT
CERT
•added 2002/07/11 12:0 a.m.•39 views

Buffer overflow in Windows Multiple UNC Provider (MUP) service

Overview A buffer overflow in the Microsoft Windows Multiple UNC Provider MUP could allow a local user to execute code with system privileges. Description Microsoft Windows recognizes resources identified by the Uniform Naming Convention UNC. Requests for resources identified by UNC references ar...

7.2CVSS7.1AI score0.03584EPSS
Exploits0References2
CERT
CERT
•added 2002/07/11 12:0 a.m.•33 views

Network Associates PGP Outlook Plug-in contains buffer overflow in decoding mechanism

Overview A remotely exploitable buffer overflow exists in the Network Associates PGP Outlook Plug-in. Description As reported in eEye Digital Security Advisory AD20020710, a remotely exploitable buffer overflow exists in the PGP Outlook Plug-in. By sending a specially crafted message to a victim,...

7.5CVSS7.4AI score0.02647EPSS
Exploits0References3
CERT
CERT
•added 2002/07/11 12:0 a.m.•38 views

Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) does not adequately validate file descriptor arguement to _TT_ISCLOSE()

Overview The Common Desktop Environment CDE ToolTalk RPC database server does not adequately validate a client-supplied argument, allowing attackers to overwrite certain locations in memory with zeros. This vulnerability could be exploited in a number of ways, potentially allowing attackers to:...

7.5CVSS7.7AI score0.06574EPSS
Exploits0References2
CERT
CERT
•added 2002/07/11 12:0 a.m.•20 views

SGI IRIX contains vulnerability in rpc.passwd allowing for root compromise

Overview There is a vulnerability in rpc.passwd that could allow root compromise. Description /usr/etc/rpc.passwd, part of the nfs.sw.nis subsystem on IRIX 6.5, could permit a root compromise. No other details are available. --- Impact Intruders could gain root access. --- Solution Apply a patch ...

7.2CVSS6.7AI score0.00424EPSS
Exploits0References2
CERT
CERT
•added 2002/07/11 12:0 a.m.•42 views

Apache Web Server ap_log_rerror() function discloses full path to CGI script

Overview There is a vulnerability in Apache 2.0 through 2.035 that could disclose the real path to a CGI script or other file. Description A vulnerability in the Apache web server could disclose sensitive information. Quoting from the Apache Change Log: Security Added the APLOGTOCLIENT flag to...

6.7AI score
Exploits0References1
CERT
CERT
•added 2002/07/11 12:0 a.m.•24 views

eBay web site allows intruders to login to gain unauthorized access to user's information

Overview Ebay www.ebay.comis a popular online auction site. A vulnerability in the ebay web site prior to April 24, 2002, could have allowed an intruder to gain access to a victim's personal data. Description Prior to April 24, 2002, an intruder may have been able to gain access to certain person...

6.9AI score
Exploits0References1
CERT
CERT
•added 2002/07/11 12:0 a.m.•108 views

Common Desktop Environment (CDE) ToolTalk RPC database server (rpc.ttdbserverd) does not adequately validate file operations

Overview The Common Desktop Environment CDE ToolTalk RPC database server does not adequately validate file operations and follows symbolic links, allowing a local attacker to overwrite any file that is writeable by the server. The ToolTalk RPC database server typically runs with root privileges...

7.2CVSS6.9AI score0.09418EPSS
Exploits0References2
CERT
CERT
•added 2002/07/09 12:0 a.m.•33 views

Microsoft ASP.NET contains buffer overflow

Overview Microsoft ASP.NET contains buffer overflow in routine that handles the processing of cookies in StateServer mode. Description ASP.NET is a programming framework provided by Microsoft. For more details about this framework, please see the official web page.A remotely exploitable buffer...

10CVSS6.8AI score0.24346EPSS
Exploits0References3
CERT
CERT
•added 2002/06/28 12:0 a.m.•68 views

Sendmail vulnerable to buffer overflow when DNS map is specified using TXT records

Overview A remotely exploitable buffer overflow exists in Sendmail, versions 8.12.0 through 8.12.4. This vulnerability only exhibits itself if you have modified the configuration file to look up TXT records in DNS. Description The buffer overflow occurs in the portion of code that process respons...

7.9AI score
Exploits0References4
CERT
CERT
•added 2002/06/27 12:0 a.m.•43 views

Multiple vendors' Domain Name System (DNS) stub resolvers vulnerable to buffer overflows

Overview Buffer overflow vulnerabilities exists in the DNS stub resolver library used by BSD, ISC BIND, and GNU glibc. Other systems that use DNS resolver code derived from ISC BIND may also be affected. An attacker who is able to control DNS responses could exploit arbitrary code or cause a deni...

7.5CVSS9.7AI score0.13476EPSS
Exploits0References7
CERT
CERT
•added 2002/06/27 12:0 a.m.•28 views

Multiple Cisco products consume excessive CPU resources in response to large SSH packets

Overview Multiple Cisco networking products contain a denial-of-service vulnerability. Description Multiple Cisco networking products contain a vulnerability that allows large SSH packets to cause excessive consumption of CPU resources. In some circumstances, this resource consumption may cause t...

7.1CVSS6.5AI score0.03297EPSS
Exploits0References5
CERT
CERT
•added 2002/06/26 12:0 a.m.•95 views

OpenSSH vulnerabilities in challenge response handling

Overview There are two related vulnerabilities in the challenge response handling code in OpenSSH versions 2.3.1p1 through 3.3. They may allow a remote intruder to execute arbitrary code as the user running sshd often root. The first vulnerability affects OpenSSH versions 2.9.9 through 3.3 that...

10CVSS9.8AI score0.18431EPSS
Exploits1References7
CERT
CERT
•added 2002/06/25 12:0 a.m.•46 views

Microsoft SQLXML ISAPI filter vulnerable to buffer overflow via contenttype parameter

Overview A buffer overflow vulnerability exists in the Microsoft SQLXML Internet Services Application Programming Interface ISAPI extension for Internet Information Server IIS. This vulnerability could allow a remote attacker to cause a denial of service or execute arbitrary code with LocalSystem...

7.5CVSS8.2AI score0.55455EPSS
Exploits0References4
CERT
CERT
•added 2002/06/25 12:0 a.m.•17 views

Mandrake Security may make unexpected system modifications

Overview The Mandrake Security utility included with Mandrake Linux may make unexpected modifications that affect system security. Description Mandrake Linux includes a tool named Mandrake Security msec that allows system administrators to manage and audit various system parameters associated wit...

7AI score
Exploits0References3
CERT
CERT
•added 2002/06/25 12:0 a.m.•29 views

Microsoft SQLXML HTTP components vulnerable to cross-site scripting via root parameter

Overview A cross-site scripting vulnerability exists in the Microsoft SQLXML HTTP components. This vulnerability could allow an attacker to execute script on a victim's system with the victim's privileges. Description Microsoft SQL Server 2000 includes a feature called SQLXML that allows the serv...

7.5CVSS6.1AI score0.13893EPSS
Exploits0References4
CERT
CERT
•added 2002/06/21 12:0 a.m.•17 views

Verity's Search97 contains a Cross-Site Scripting vulnerability in the processing of search requests

Overview Verity's Search97 application contains a Cross-Site Scripting vulnerability in the processing of search requests. Description Verity's Search97 application contains a Cross-Site Scripting vulnerability in the processing of search requests. This vulnerability is in both the Microsoft...

5.9AI score
Exploits0References1
CERT
CERT
•added 2002/06/18 12:0 a.m.•44 views

Apache web servers fail to handle chunks with a negative size

Overview There is a remotely exploitable vulnerability in the way that Apache web servers or other web servers based on their source code handle data encoded in chunks. This vulnerability is present by default in configurations of Apache web server versions 1.2.2 and above, 1.3 through 1.3.24, an...

7.5CVSS6.5AI score0.95027EPSS
Exploits8References8
CERT
CERT
•added 2002/06/18 12:0 a.m.•20 views

webMathematica discloses the contents of arbitrary files when file is requested using the absolute path

Overview A directory traversal vulnerability exists in webMathematica. Description webMathematica provides a way to offer access to Mathematica applications via a web browser interface. For example, one can deploy calculators, problem solvers, and other types of interactive content over the web.B...

5CVSS6.6AI score0.05668EPSS
Exploits1References3
CERT
CERT
•added 2002/06/13 12:0 a.m.•31 views

Chunked encoding post can consume excessive memory on IIS 4.0 webserver

Overview Microsoft IIS 4.0, circa March 2000, contained a vulnerability that allowed an intruder to consume unlimited memory on a vulnerable server. Description Older versions of IIS 4.0, circa March 2000, contained a vulnerability in the chunked-encoding transfer mechanism that permitted an...

5CVSS6.5AI score0.06808EPSS
Exploits0References5
CERT
CERT
•added 2002/06/13 12:0 a.m.•40 views

Microsoft Internet Information Server (IIS) contains remote buffer overflow in chunked encoding data transfer mechanism for HTR

Overview A buffer overflow vulnerability in IIS 4.0 and 5.0 could allow an intruder to execute arbitrary code on an IIS server with the privileges of the HTR ISAPI extension. Description Chunked encoding is a means to transfer variable-sized units of data called chunks from a web client to a web...

7.5CVSS7.6AI score0.23901EPSS
Exploits4References1
CERT
CERT
•added 2002/06/13 12:0 a.m.•17 views

Lotus Domino Web Server discloses IP address

Overview Lotus Domino Web server discloses its IP address to some HTTP requests. Description Lotus Domino can be coerced to reveal its IP address by sending it a crafted HTTP request. --- Impact Attackers can discover limited information about the numbering of the Domino server's network. ---...

5CVSS6.1AI score0.02302EPSS
Exploits0References1
CERT
CERT
•added 2002/06/13 12:0 a.m.•32 views

Microsoft Remote Access Service API contains buffer overflow vulnerability via phonebook entries

Overview The Microsoft Remote Access Service API contains a vulnerability that allows local attackers to execute arbitrary code with system privileges. Description The Microsoft Remote Access Service RAS Application Programming Interface API allows Windows programs to make dial-up connections to...

4.6CVSS7.5AI score0.05525EPSS
Exploits0References4
CERT
CERT
•added 2002/06/13 12:0 a.m.•23 views

Snitz Forums 2000 vulnerable to cross-site scripting via crafted IMG tag

Overview Snitz Forums 2000 does not adequately check "IMG" tag "SRC" attributes and thus contains cross-site scripting vulnerability. Description Snitz Forums is an automated bulletin-board program for web sites. Snitz Forums allows users to submit images by specifying the URL of the image. In...

7.5CVSS6.2AI score0.0494EPSS
Exploits1References3
CERT
CERT
•added 2002/06/13 12:0 a.m.•26 views

Microsoft Remote Access Service API contains additional buffer overflow vulnerability via phonebook entries

Overview The Microsoft Remote Access Service API contains a vulnerability that allows local attackers to execute arbitrary code with system privileges. Description The Microsoft Remote Access Service RAS Application Programming Interface API allows Windows programs to make dial-up connections to...

7.2CVSS7.5AI score0.02811EPSS
Exploits0References5
CERT
CERT
•added 2002/06/12 12:0 a.m.•25 views

Microsoft Internet Explorer contains buffer overflow in handling of gopher replies

Overview There is a buffer overflow in Internet Explorer when IE receives information from a gopher service. Description Gopher is a protocol that presents documents and services in a hierarchal representation, and is similar in some ways to HTTP. Internet Explorer reportedly contains a buffer...

7.5CVSS7.4AI score0.54441EPSS
Exploits0References4
CERT
CERT
•added 2002/06/11 12:0 a.m.•16 views

AOL Instant Messenger vulnerable to denial-of-service attack via buddy list transfers

Overview America Online's Instant Messenger AIM contains a remotely exploitable buffer overflow vulnerability. Description AOL Instant Messenger is a program for communicating with other users over the Internet and is widely used. During a buddy list transfer, a buffer overflow may occur. It has...

7.5AI score
Exploits0References1
CERT
CERT
•added 2002/06/11 12:0 a.m.•46 views

AOL Instant Messenger vulnerable to buffer overflow via crafted "addbuddy" URI sent in message

Overview America Online's Instant Messenger AIM contains a remotely exploitable buffer overflow vulnerability. Description AOL Instant Messenger is a widely used program for communicating with other users over the Internet. A buffer overflow exists in the processing of the addbuddy parameter of t...

7.4AI score
Exploits0References3
CERT
CERT
•added 2002/06/11 12:0 a.m.•16 views

Novell NetWare default installation contains sample files that disclose sensitive server information

Overview Novell NetWare 5.1 is a network management operating system that enables access to files, printers, directories, email, databases, and other network interfaces, as well as providing a web interface. There is an insecure default configuration that places several sample applications in the...

7.2AI score
Exploits0References3
CERT
CERT
•added 2002/06/11 12:0 a.m.•18 views

Apache Tomcat default installation contains sample applications that disclose webroot path

Overview There is an insecure default configuration in Apache Tomcat web server that places several sample applications in the webroot. Remote users may be able to use these applications to gain sensitive information about the server's configuration. Description There are several sample...

7.1AI score
Exploits0References6
CERT
CERT
•added 2002/06/07 12:0 a.m.•30 views

tcpdump vulnerable to buffer overflow via improper decoding of AFS RPC (Rx) packets

Overview A vulnerability exists in tcpdump that could allow an attacker to execute arbitrary code with the privileges of tcpdump, typically root. Description tcpdump is a widely-used network sniffer that is capable of decoding AFS traffic. A buffer overflow vulnerability has been discovered in...

7.5CVSS7.9AI score0.04784EPSS
Exploits0References4
CERT
CERT
•added 2002/06/05 12:0 a.m.•31 views

Microsoft Exchange 2000 exhausts server resources while attempting to process malformed mail attributes

Overview Microsoft Exchange 2000 contains a vulnerability that allows remote attackers to conduct a denial-of-service attack that once begun, cannot be stopped until the crafted message has been completely processed. Description Microsoft Exchange 2000 contains a vulnerability in its handling of...

5CVSS6.1AI score0.15239EPSS
Exploits0References3
CERT
CERT
•added 2002/06/05 12:0 a.m.•34 views

Yahoo! Messenger contains buffer overflow in "IMvironment" field

Overview Yahoo! Messenger is an instant messaging client. There is a remotely exploitable buffer overflow vulnerability in the "imv" field of Yahoo! Messenger. Description A remotely exploitable buffer overflow exists in the "imv" field that may permit a remote attacker to execute arbitrary code ...

7.5CVSS7.9AI score0.06955EPSS
Exploits0References3
CERT
CERT
•added 2002/06/05 12:0 a.m.•29 views

Yahoo! Messenger "addview" function allows for the automatic execution of malicious script contained in web pages

Overview Yahoo! Messenger is an instant messaging client. When installed, Yahoo! Messenger enables a URI handler ymsgr :parameter. The addview function of this handler can be used to execute arbitrary script/html on the local system. Description The addview feature of Yahoo! Messenger is used to...

7.5CVSS6.3AI score0.03871EPSS
Exploits0References2
CERT
CERT
•added 2002/06/05 12:0 a.m.•36 views

Yahoo! Messenger contains buffer overflow in "message" field

Overview Yahoo! Messenger is an instant messaging client. There is a remotely exploitable buffer overflow vulnerability in the "message" field of Yahoo! Messenger. Description A remotely exploitable buffer overflow exists in the "message" field that may permit a remote attacker to execute arbitra...

7.5CVSS7.9AI score0.06955EPSS
Exploits0References3
CERT
CERT
•added 2002/06/05 12:0 a.m.•21 views

Yahoo! Messenger allows arbitrary users to be added to buddy list without proper authorization

Overview Yahoo! Messenger is an instant messaging client. There is a vulnerability in Yahoo! Messenger that permits a remote user to add arbitrary users to the victim's buddy list. Description Yahoo! Messenger allows users to view content only from users on their buddy list. An attacker could cra...

7AI score
Exploits0References1
CERT
CERT
•added 2002/06/05 12:0 a.m.•18 views

Yahoo! Messenger contains a buffer overflow in "set_buddygrp" when adding users to a buddy list via the web

Overview Yahoo! Messenger is an instant messaging client. There is a remotely exploitable buffer overflow vulnerability in the "setbuddygrp" field of Yahoo! Messenger. Description A remotely exploitable buffer overflow exists in the "setbuddygrp" field that may permit a remote attacker to execute...

8.3AI score
Exploits0
CERT
CERT
•added 2002/06/05 12:0 a.m.•44 views

Yahoo! Messenger contains a buffer overflow in the URI handler

Overview Yahoo! Messenger is an instant messaging client. A remotely exploitable vulnerability has been reported in the URI handler of Yahoo! Messenger. Description A remotely exploitable buffer overflow exists in the URI handler of Yahoo! Messenger, versions 5,0,0,1064 and prior, that may permit...

4.6CVSS7.5AI score0.04943EPSS
Exploits0References2
CERT
CERT
•added 2002/06/05 12:0 a.m.•37 views

Yahoo! Messenger is vulnerable to DoS via multiple messages from spoofed names

Overview Yahoo! Messenger is an instant messaging client. A report indicates that there is a vulnerability that permits an attacker to spoof the source user name of a Yahoo! Messenger message. Description Yahoo! Messenger permits a user to place users on an ignore list. A vulnerability exists tha...

5CVSS6.2AI score0.03281EPSS
Exploits0References3
CERT
CERT
•added 2002/06/04 12:0 a.m.•32 views

Oracle TNS Listener Control Utility (LSNRCTL) contains format string vulnerability

Overview The Oracle Listener Control Utility LSNRCTL contains a format string vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code or commands or cause a denial of service. Description Oracle Transparent Network Substrate TNS Listeners are processes that...

7.5CVSS7.7AI score0.13789EPSS
Exploits0References7
CERT
CERT
•added 2002/06/04 12:0 a.m.•29 views

Oracle Reports Server Reports Web Cartridge (RWCGI60) vulnerable to buffer overflow via database name parameter

Overview A buffer overflow vulnerability in Oracle Reports Server 6i could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the Reports Server process. Description Oracle Reports Server is a component of Oracle Application Server that handles client...

7.5CVSS9.5AI score0.09542EPSS
Exploits0References5
CERT
CERT
•added 2002/06/04 12:0 a.m.•20 views

Oracle Web Cache contains buffer overflow vulnerabilities

Overview The CERT/CC is aware of a report about "several remotely exploitable buffer overflow vulnerabilities in the Oracle Web Cache Server" that could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the Web Cache process. Description The Oracle Web Cac...

8.9AI score
Exploits0References3
CERT
CERT
•added 2002/06/04 12:0 a.m.•25 views

Oracle Application Server contains format string vulnerability

Overview The CERT/CC is aware of a report about a "remotely exploitable format string vulnerability in Oracle Application Server" that could allow an unauthenticated, remote attacker to execute arbitrary code on a vulnerable system. Description Oracle Application Server uses the Apache HTTP Serve...

8AI score
Exploits0References3
CERT
CERT
•added 2002/06/04 12:0 a.m.•34 views

ISC BIND 9 fails to process additional data chains in responses correctly thereby causing the server to fail an internal consistency check

Overview A denial-of-service vulnerability exists in version 9 of the Internet Software Consortium's ISC Berkeley Internet Name Domain BIND server. ISC BIND versions 8 and 4 are not affected. Exploiting this vulnerability will cause vulnerable BIND servers to shut down. Description BIND is an...

5CVSS6.9AI score0.14218EPSS
Exploits0References6
CERT
CERT
•added 2002/06/04 12:0 a.m.•25 views

Oracle9i Database TNS Listener vulnerable to buffer overflow via SERVICE_NAME parameter

Overview A buffer overflow vulnerability exists in the TNS Listener component of Oracle9i Database. This vulnerability could allow an unauthenticated, remote attacker to execute arbitrary code with the privileges of the TNS Listener process or cause a denial of service. Description Oracle9i...

7.5CVSS7.8AI score0.6981EPSS
Exploits3References4
CERT
CERT
•added 2002/05/30 12:0 a.m.•49 views

SquirrelMail compose.php script does not adequately validate input thereby allowing arbitrary user to send messages

Overview Some versions of SquirrelMail do not properly validate input. Attackers can spoof email addresses through this vulnerability. Description SquirrelMail is a collection of PHP4 scripts that provides webmail services. Prior to version 1.24, SquirrelMail does not properly validate Universal...

7.5CVSS5.4AI score0.03437EPSS
Exploits1References3
CERT
CERT
•added 2002/05/30 12:0 a.m.•21 views

Microsoft Internet Explorer may handle certain web pages in an incorrect, less restrictive security zone (MS02-023)

Overview Microsoft Internet Explorer IE may handle malformed Internet pages accessed through the NetBIOS protocol as if they belong to the IE's Intranet or Trusted Sites security zones, instead of the more restrictive Internet security zone. Description If a user views a page on the Internet that...

7.5CVSS7.5AI score0.24002EPSS
Exploits0References2
CERT
CERT
•added 2002/05/30 12:0 a.m.•19 views

Verisign transmits sensitive customer information in plain text when applying for a "Code Signing Digital ID"

Overview Verisign offers a service entitled "Code Signing Digital ID for Microsoft Authenticode." Information that is submitted to this site is not transmitted via an SSL secured session, instead it is transmitted in the plain-text. Description Verisign offers a service entitled "Code Signing...

6.4AI score
Exploits0
CERT
CERT
•added 2002/05/29 12:0 a.m.•25 views

Macromedia JRun ISAPI DLL filter vulnerable to buffer overflow via request for long Host header field

Overview A remotely exploitable buffer overflow exists in Macromedia's JRun version 3.1 on Win32 platforms. Description A remotely exploitable buffer overflow exists in the Win32 version of Macromedia's JRun version 3.1 on Win32 platforms.JRun is an application server that works with most popular...

10CVSS7.5AI score0.09133EPSS
Exploits0References5
CERT
CERT
•added 2002/05/29 12:0 a.m.•27 views

Quake II Server performs console variable expansion on client-supplied input values

Overview The Quake II Server contains an information leakage vulnerability that allows remote attackers to gain control of the game server process. Description The Quake II Server responds to console commands from Quake II clients to perform a variety of game and server management functions. Both...

5CVSS7AI score0.05526EPSS
Exploits0References3
CERT
CERT
•added 2002/05/24 12:0 a.m.•28 views

Microsoft Windows 2000 Event Viewer contains buffer overflow

Overview The Windows 2000 event viewer contains a buffer overflow. Description The Microsoft Windows 2000 event viewer contains a buffer overflow that can be exploited when a record written to an event log is examined by the event viewer. Both privileged and unprivileged users can read and write ...

10CVSS7.2AI score0.06245EPSS
Exploits0References1
Total number of security vulnerabilities3702