Lucene search
K

3702 matches found

CERT
CERT
•added 2001/08/15 12:0 a.m.•26 views

Hewlett Packard HP-UX pcltotiff is installed with insecure permissions

Overview The utility pcltotiff is installed with insecure permissions on some Hewlett Packard systems. Description The HP utility pcltotiff is installed with sgid bin permissions in order to read files in /usr/lib/X11/fonts/ifo.st/typefaces/. This gives more permissions to pcltotiff than are...

2.1CVSS6.1AI score0.00483EPSS
Exploits0References1
CERT
CERT
•added 2001/08/15 12:0 a.m.•33 views

Hewlett-Packard Virtual Vault OS (VVOS) contains vulnerability in mkacct program

Overview There is a vulnerability in the /sbin/mkacct program, part of Hewlett Packard's Virtual Vault Operating System VVOS. Description Virtual Vault is an environment "designed for use in the financial services, telecommunications, manufacturing, and retail industries to provide services such ...

10CVSS6.2AI score0.03948EPSS
Exploits1References2
CERT
CERT
•added 2001/08/15 12:0 a.m.•50 views

MS Windows NT Terminal Server 4.0 buffer overflow in regapi.dll allows remote code execution or DoS

Overview Microsoft Windows NT 4.0 Terminal Server contains a buffer overflow that could allow an intruder to execute arbitrary code with the privileges of an administrator. Description There is a buffer overflow in the code that processes the username specifically in RegAPI.DLL in Microsoft Windo...

7.5CVSS7.5AI score0.16059EPSS
Exploits1References3
CERT
CERT
•added 2001/08/15 12:0 a.m.•32 views

Internet Explorer DHTML"Download Behavior" can be tricked into exposing local files

Overview The download behavior of Internet Explorer 5.0 can be used to perform arbitrary operations on local files. Description Internet Explorer 5.0 includes a dynamic HTML DHTML behavior called "download behavior." A "behavior" is a software object that specifies some behavior of a web page...

5CVSS6.3AI score0.42575EPSS
Exploits0References8
CERT
CERT
•added 2001/08/14 12:0 a.m.•18 views

Microsoft Internet Information Server 4.0 (IIS) vulnerable to DoS when URL redirecting is enabled

Overview A vulnerability in IIS 4.0 may permit intruders to crash vulnerable IIS servers with URL redirection enabled. Description A vulnerability in Microsoft IIS 4.0 allows an attacker to crash IIS 4.0 servers if they are configured to use URL redirection. URL redirection is not used by default...

6.9AI score
Exploits0References2
CERT
CERT
•added 2001/08/14 12:0 a.m.•34 views

TrendMicro InterScan WebManager contains buffer overflow in RegGo.dll

Overview A remotely exploitable buffer overflow exists in Trend Micro InterScan WebManager. Description InterScan WebManager is an application that inspects http traffic flowing into a network for known malicious code. This application also has the capability to restrict access to...

7.5CVSS7.5AI score0.03364EPSS
Exploits0References2
CERT
CERT
•added 2001/08/13 12:0 a.m.•20 views

Critical Path directory products contain multiple vulnerabilities in LDAP handling code

Overview Multiple Critical Path directory products contain vulnerabilities that may allow denial-of-service attacks, unauthorized privileged access, or both. These vulnerabilities were revealed using the PROTOS LDAPv3 test suite and are documented in CERT Advisory CA-2001-18. If your site uses th...

7.3AI score
Exploits0References5
CERT
CERT
•added 2001/08/13 12:0 a.m.•26 views

OpenSSH disregards client configuration and allows server access to ssh-agent and/or X11 after session negotiation

Overview Versions of OpenSSH client prior to 2.3.0 do not properly enforce restrictions to the ssh-agent or X11 display. Description An OpenSSH client can be configured to prevent servers from accessing the client's ssh-agent or X11 display. However, versions of OpenSSH client prior to 2.3.0 fail...

7.5CVSS9.3AI score0.01849EPSS
Exploits0References3
CERT
CERT
•added 2001/08/10 12:0 a.m.•18 views

Netscape fails to revalidate certificates if a user has previously acknowledged a certificate to be non-matching

Overview A flaw exists in Netscape Navigator that could allow an attacker to masquerade as a legitimate web site if the attacker can compromise the validity of certain DNS information. This is different from the problem reported in CERT Advisory CA-2000-05, but it has a similar impact. This...

5CVSS5.9AI score0.01294EPSS
Exploits0References1
CERT
CERT
•added 2001/08/10 12:0 a.m.•24 views

Keys generated with PGP5i batch mode do not contain sufficient randomness on systems that use /dev/random

Overview Under certain circumstances, PGP v5.0 generates keys that are not sufficiently random, which may allow an attacker to predict keys and, hence, recover information encrypted with that key. Description Generating Randomness in PGP Keys In order to generate cryptographically secure keys, PG...

2.1CVSS6.2AI score0.00413EPSS
Exploits0References2
CERT
CERT
•added 2001/08/09 12:0 a.m.•25 views

phpSecurePages allows remote code execution

Overview There is an input validation vulnerability in phpSecurePages that may allow a remote intruder to execute arbitrary code with the privileges of the running web server. Description phpSecurePages is a tool for password protecting portions of websites on PHP enabled webservers. The...

8.2AI score
Exploits0References3
CERT
CERT
•added 2001/08/09 12:0 a.m.•65 views

Microsoft Windows NT and 2000 Domain Name Servers allow non-authoritative RRs to be cached by default

Overview Microsoft Domain Name Servers hosted on Windows NT or Windows 2000 Server systems run with permissive DNS cache defaults. This may allow unauthorized remote intruders to redirect sites that rely on the vulnerable DNS servers for legitimate information. Description The Domain Name System,...

5CVSS6.8AI score0.04935EPSS
Exploits0References8
CERT
CERT
•added 2001/08/09 12:0 a.m.•22 views

McAfee ASaP VirusScan service does not adequately validate input

Overview A vulnerability exists in McAfee ASaP VirusScan that permits intruders to access files outside of the web root. Description Quoting from the McAfee ASaP VirusScan FAQ, McAfee ASaP VirusScan is "a web-based, managed and updated anti-virus service for the entire desktop environment." McAfe...

5CVSS6.2AI score0.0581EPSS
Exploits0References3
CERT
CERT
•added 2001/08/03 12:0 a.m.•19 views

Allaire ColdFusion Server contains vulnerability allowing templates to be overwritten by zero byte file of the same name

Overview A vulnerability exists in Allaire ColdFusion Server which allows an attacker to overwrite ColdFusion Server templates with zero byte files. Description A remotely exploitable vulnerability exists in the Allaire ColdFusion Server which could allow an attacker to overwrite ColdFusion Serve...

6.8AI score
Exploits0References2
CERT
CERT
•added 2001/08/02 12:0 a.m.•64 views

Microsoft Outlook View Control allows execution of arbitrary code and manipulation of user data

Overview A vulnerability exists in an ActiveX control supplied with Microsoft Outlook 2002 that could allow malicious code on a web page or in an HTML email message to manipulate Outlook data or execute arbitrary code as the user running Outlook. Description Microsoft Outlook 2002 installs an...

10CVSS7AI score0.52851EPSS
Exploits0References12
CERT
CERT
•added 2001/07/31 12:0 a.m.•33 views

HPUX kmmodreg allows arbitrary file overwriting via symlink redirection of temporary file

Overview The kmmodreg program distributed with some HPUX versions creates two temporary files with predictable names. Due to insecure handling of these files, an intruder may use them to overwrite arbitrary files during system boot via a symbolic link attack. Description The kmmodreg program...

1.2CVSS7AI score0.06116EPSS
Exploits0References2
CERT
CERT
•added 2001/07/30 12:0 a.m.•23 views

Allaire ColdFusion Server contains vulnerability allowing unauthorized user read/delete access to files

Overview A vulnerability exists in Allaire ColdFusion Server which allows an attacker to have unauthorized read and delete access to files on the target host. Description A remotely exploitable vulnerability exists in the Allaire ColdFusion Server which could allow an attacker to have unauthorize...

6.4CVSS6.1AI score0.01926EPSS
Exploits0References2
CERT
CERT
•added 2001/07/29 12:0 a.m.•36 views

Cisco IOS vulnerable to DoS via crafted PPTP packet sent to port 1723/tcp

Overview Cisco IOS contains a vulnerability that allows an intruder to crash the router. Description By sending a specially crafted PPTP packet to port 1723, an intruder can crash a device running a vulnerable version of IOS. Quoting from the Cisco Advisory: By sending a crafted PPTP packet to a...

5CVSS6.7AI score0.03755EPSS
Exploits0References2
CERT
CERT
•added 2001/07/27 12:0 a.m.•29 views

Multiple vendors' RADIUS implementations do not adequately validate user input thereby permitting DoS and arbitrary command execution via 'radiusd' daemon

Overview Vulnerabilities in various implementations of the Remote Authentication Dial-In User Server RADIUS 'radiusd' daemon can allow an attacker to disrupt services or obtain unauthorized access. Description Various implementations of the Remote Authentication Dial-In User Server RADIUS 'radius...

10CVSS7.3AI score0.0666EPSS
Exploits0References7
CERT
CERT
•added 2001/07/27 12:0 a.m.•20 views

SCO UnixWare uucico contains buffer overflow via long string of characters sent as command line argument

Overview A buffer overflow in uucico, part of the UUCP package on SCO systems, can allow an intruder to gain elevated privileges. Description SCO UnixWare 7 ships with a utility package called UUCP. The UUCP package allows for the copying of files between different UNIX systems and the sending of...

8.3AI score
Exploits0References3
CERT
CERT
•added 2001/07/27 12:0 a.m.•23 views

UUCP package contains multiple buffer overflows via long string of characters sent as command line argument

Overview Several Linux/Unix systems ship with a utility package called UUCP derived from System V. A buffer overflow in components of the UUCP package can allow an intruder to gain elevated privileges. Description Several Linux/Unix systems ship with a utility package called UUCP derived from...

7.9AI score
Exploits0References3
CERT
CERT
•added 2001/07/27 12:0 a.m.•33 views

Curses library vulnerable to buffer overflow

Overview The curses library derived from System V contains a buffer overflow. A local user can execute a command that uses this library to exploit the vulnerability and gain elevated privileges. Description There is a buffer overflow in the curses library that could permit a local user to gain...

4.6CVSS7.2AI score0.00366EPSS
Exploits0References1
CERT
CERT
•added 2001/07/27 12:0 a.m.•18 views

SCO UnixWare uuxqt contains buffer overflow via long string of characters sent as command line argument

Overview A buffer overflow in uuxqt, part of the UUCP package on SCO systems, can allow an intruder to gain elevated privileges. Description SCO UnixWare 7 ships with a utility package called UUCP. The UUCP package allows for the copying of files between different UNIX systems and the sending of...

8.3AI score
Exploits0References3
CERT
CERT
•added 2001/07/27 12:0 a.m.•23 views

Caucho Technologies Resin vulnerable to Cross-Site Scripting via passing of user input directly to default error page

Overview Web servers that use the Resin Java Servlet Container, versions 1.2.3 and earlier, are vulnerable to a cross-site scripting vulnerability. A web site may inadvertently include malicious HTML tags or scriptJavaScript, VBScript, Java, etc. in a dynamically generated page based on unvalidat...

5.1CVSS5.6AI score0.02773EPSS
Exploits1References5
CERT
CERT
•added 2001/07/27 12:0 a.m.•11 views

SCO UnixWare uuxcmd contains buffer overflow via long string of characters sent as command line argument

Overview A buffer overflow in uuxcmd, part of the UUCP package on SCO systems, can allow an intruder to gain elevated privileges. Description SCO UnixWare 7 ships with a utility package called UUCP. The UUCP package allows for the copying of files between different UNIX systems and the sending of...

8.3AI score
Exploits0References3
CERT
CERT
•added 2001/07/27 12:0 a.m.•12 views

SCO UnixWare uux contains buffer overflow via long string of characters sent as command line argument

Overview A buffer overflow in uux, part of the UUCP package on SCO systems, can allow an intruder to gain elevated privileges. Description SCO UnixWare 7 ships with a utility package called UUCP. The UUCP package allows for the copying of files between different UNIX systems and the sending of...

8.3AI score
Exploits0References3
CERT
CERT
•added 2001/07/27 12:0 a.m.•14 views

SCO UnixWare bnuconvert contains buffer overflow via long string of characters sent as command line argument

Overview A buffer overflow in bnuconvert, part of the UUCP package on SCO systems, can allow an intruder to gain elevated privileges. Description SCO UnixWare 7 ships with a utility package called UUCP. The UUCP package allows for the copying of files between different UNIX systems and the sendin...

8.3AI score
Exploits0References3
CERT
CERT
•added 2001/07/27 12:0 a.m.•16 views

Lotus Domino Server R5 vulnerable to Cross-Site Scripting via passing of user input directly to default error page

Overview Lotus Domino R5 Servers are vulnerable to a cross-site scripting vulnerability. A web site may inadvertently include malicious HTML tags or scriptJavaScript, VBScript, Java, etc. in a dynamically generated page based on unvalidated input from untrustworthy sources. This can be a problem...

6AI score
Exploits0References5
CERT
CERT
•added 2001/07/27 12:0 a.m.•21 views

Allaire JRun Java Application Server vulnerable to Cross-Site Scripting via passing of user input directly to default error page

Overview Web Servers that use the Allaire JRun Java Servlet Container are vulnerable to a cross-site scripting vulnerability. A web site may inadvertently include malicious HTML tags or scriptJavaScript, VBScript, Java, etc. in a dynamically generated page based on unvalidated input from...

6AI score
Exploits0References7
CERT
CERT
•added 2001/07/24 12:0 a.m.•32 views

SSH Secure Shell sshd2 does not adequately authenticate logins to accounts with encrypted password fields containing two or fewer characters

Overview A vulnerability exists in SSH Secure Shell that allows an intruder to log to an account which contains a stored encrypted password of two or fewer characters in length. An intruder may leverage the privileges of such an account to gain full control of the system. Description Certain Unix...

7.2CVSS6.8AI score0.01335EPSS
Exploits1References3
CERT
CERT
•added 2001/07/24 12:0 a.m.•25 views

Microsoft Services for UNIX Telnet server is vulnerable to denial of service via memory leak

Overview The telnet server included in the Microsoft Services for Unix package contains a denial-of-service vulnerability that may cause the system to become unstable or crash. Description The telnet server included in the Microsoft Services for Unix SFU package contains a memory leak that can le...

5CVSS6AI score0.33363EPSS
Exploits0References2
CERT
CERT
•added 2001/07/24 12:0 a.m.•18 views

Microsoft Services for UNIX Network File System (NFS) server is vulnerable to denial of service via memory leak

Overview The NFS server included in the Microsoft Services for Unix package contains a denial-of-service vulnerability that may cause the system to become unstable or crash. Description The Network File System NFS server included in the Microsoft Services for Unix SFU package contains a memory le...

5CVSS6AI score0.33363EPSS
Exploits0References2
CERT
CERT
•added 2001/07/24 12:0 a.m.•43 views

Multiple vendor telnet daemons vulnerable to buffer overflow via crafted protocol options

Overview The telnetd program is a server for the telnet remote virtual terminal protocol. There is a remotely exploitable buffer overflow in telnet daemons derived from BSD source code. This vulnerability can crash the server, or be leveraged to gain root access. Description There is a remotely...

10CVSS8AI score0.37896EPSS
Exploits1References3
CERT
CERT
•added 2001/07/24 12:0 a.m.•38 views

Debian glibc 2 symlink issue could allow arbitrary file overwriting

Overview Some versions of ld.so, the loader for shared libraries in UNIX/LINUX, do not properly clear risky environment variables, allowing a symlink attack to overwrite arbitrary files. Description LDDEBUGOUTPUT specifies a directory in which ld.so creates a file with a predictable name based on...

1.2CVSS6.2AI score0.00303EPSS
Exploits0References1
CERT
CERT
•added 2001/07/24 12:0 a.m.•34 views

klogd does not adequately handle NULL byte when parsing text using LogLine( )

Overview There is a denial-of-service vulnerability in certain distributions of the Linux kernel logging daemon klogd which could allow an attacker to cause klogd to hang. Description The Linux kernel logging daemon klogd can be forced to hang if it receives a null byte in a log message from the...

5CVSS6.3AI score0.0258EPSS
Exploits0References2
CERT
CERT
•added 2001/07/23 12:0 a.m.•31 views

Lotus Domino vulnerable to DoS via crafted unicode GET request

Overview The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service situation. Description Sending a crafted GET request containing numerous unicode characters can trigger a server exception that will crash the Domino server. If qnc.exe is removed from the...

6.9AI score
Exploits0References3
CERT
CERT
•added 2001/07/18 12:0 a.m.•34 views

Linux kernel does not properly validate user input via sysctl for negative value

Overview Unprivileged local users can exploit the sysctl Linux kernel program to gain privileged access. Description A program called sysctl in the Linux kernel allows a privileged local user to read or write runtime system settings. Unprivileged local users are also allowed to use sysctl to read...

4.6CVSS5.5AI score0.00776EPSS
Exploits0References15
CERT
CERT
•added 2001/07/18 12:0 a.m.•41 views

Linux kernel contains race condition via ptrace/procfs/execve

Overview Unprivileged local users can use the ptrace function to take advantage of a privileged program, while that program is performing a privileged operation, to gain privileged access. Description Ptrace is a function, which is often used for debugging, that allows one process to attach to...

3.7CVSS6.5AI score0.00716EPSS
Exploits0References3
CERT
CERT
•added 2001/07/18 12:0 a.m.•25 views

Symantec LiveUpdate stores proxy server passwords in plaintext in registry

Overview A vulnerability exists in the way Symantec LiveUpdate stores proxy server passwords which could allow local users to have read access to the key. Description LiveUpdate version 1.5 stores proxy server passwords in clear text in the registry, under...

4.6CVSS6AI score0.00383EPSS
Exploits0References1
CERT
CERT
•added 2001/07/17 12:0 a.m.•85 views

Lotus Domino R5 Server Family contains multiple vulnerabilities in LDAP handling code

Overview The Lotus Domino R5 Server Family contains vulnerabilities that may allow denial-of-service attacks, unauthorized privileged access, or both. These vulnerabilities were revealed using the PROTOS LDAPv3 test suite and are documented in CERT Advisory CA-2001-18. If your site uses this...

7.7AI score
Exploits0References12
CERT
CERT
•added 2001/07/17 12:0 a.m.•21 views

IBM SecureWay Directory is vulnerable to denial-of-service attacks via LDAP handling code

Overview The IBM SecureWay Directory contains vulnerabilities that may allow denial-of-service attacks, unauthorized privileged access, or both. These vulnerabilities were revealed using the PROTOS LDAPv3 test suite and are documented in CERT Advisory CA-2001-18. If your site uses this product, t...

7.5AI score
Exploits0References6
CERT
CERT
•added 2001/07/17 12:0 a.m.•23 views

Microsoft Exchange LDAP Service is vulnerable to denial-of-service attacks

Overview The Microsoft Exchange LDAP Service contains vulnerabilities that may allow denial-of-service attacks. These vulnerabilities were revealed using the PROTOS LDAPv3 test suite and are documented in CERT Advisory CA-2001-18. If your site uses this product, the CERT/CC encourages you to foll...

5CVSS6.5AI score0.29433EPSS
Exploits0References4
CERT
CERT
•added 2001/07/17 12:0 a.m.•25 views

Teamware Office contains multiple vulnerabilities in LDAP handling code

Overview The Teamware Office suite contains vulnerabilities that may allow denial-of-service attacks, unauthorized privileged access, or both. These vulnerabilities were revealed using the PROTOS LDAPv3 test suite and are documented in CERT Advisory CA-2001-18. If your site uses this product, the...

7.9AI score
Exploits0References6
CERT
CERT
•added 2001/07/17 12:0 a.m.•48 views

iPlanet Directory Server contains multiple vulnerabilities in LDAP handling code

Overview The iPlanet Directory Server contains vulnerabilities that may allow denial-of-service attacks, unauthorized privileged access, or both. These vulnerabilities were revealed using the PROTOS LDAPv3 test suite and are documented in CERT Advisory CA-2001-18. If your site uses this product,...

7.8AI score
Exploits0References9
CERT
CERT
•added 2001/07/17 12:0 a.m.•26 views

Oracle Internet Directory contains multiple vulnerabilities in LDAP handling code

Overview The Oracle Internet Directory server contains vulnerabilities that may allow denial-of-service attacks, unauthorized privileged access, or both. These vulnerabilities were revealed using the PROTOS LDAPv3 test suite and are documented in CERT Advisory CA-2001-18. If your site uses this...

7.5CVSS7.5AI score0.0631EPSS
Exploits0References9
CERT
CERT
•added 2001/07/17 12:0 a.m.•28 views

Potential vulnerabilities in Qualcomm Eudora WorldMail Server LDAP handling code

Overview The Qualcomm Eudora WorldMail Server may contain vulnerabilities that allow denial-of-service attacks, unauthorized privileged access, or both. These vulnerabilities were revealed using the PROTOS LDAPv3 test suite and are documented in CERT Advisory CA-2001-18. If your site uses this...

7.5CVSS6.6AI score0.02687EPSS
Exploits0References3
CERT
CERT
•added 2001/07/17 12:0 a.m.•25 views

Network Associates PGP Keyserver contains multiple vulnerabilities in LDAP handling code

Overview The Network Associates PGP Keyserver contains vulnerabilities that may allow denial-of-service attacks, unauthorized privileged access, or both. These vulnerabilities were revealed using the PROTOS LDAPv3 test suite and are documented in CERT Advisory CA-2001-18. If your site uses this...

7.5CVSS7.4AI score0.68324EPSS
Exploits3References4
CERT
CERT
•added 2001/07/17 12:0 a.m.•34 views

Multiple versions of OpenLDAP are vulnerable to denial-of-service attacks

Overview Multiple versions of OpenLDAP contain vulnerabilities that may allow denial-of-service attacks. These vulnerabilities were revealed using the PROTOS LDAPv3 test suite and are documented in CERT Advisory CA-2001-18. If your site uses this product, the CERT/CC encourages you to follow the...

5CVSS6.6AI score0.04093EPSS
Exploits0References4
CERT
CERT
•added 2001/07/12 12:0 a.m.•30 views

Lotus Domino vulnerable to DoS via crafted HTTP header requests

Overview The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial of service. Description HTTP requests with uniquely crafted headers using "Accept", "Accept-Charset", "Accept-Encoding", "Accept-Language" or "Content-Type" are not freed properly. This means that...

6.7AI score
Exploits0References4
CERT
CERT
•added 2001/07/12 12:0 a.m.•16 views

Lotus Domino vulnerable to a denial of service via DOS device request

Overview The Lotus Domino Web Server contains a flaw that could be exploited to cause a denial-of-service situation on the Windows and OS/2 Platforms. Description With the Lotus Domino Web Server, you can access DOS-devices. If this is done through the cgi-bin directory, a ncgihttp.exe process wi...

7AI score
Exploits0References3
Total number of security vulnerabilities3702