Full List

Search

Recent Vulnerabilities

• CVE-2002-0772 • published on July 26, 2002 Directory traversal vulnerability in dsnmanager.asp for Hosting Controller allows remote attackers to read arbitrary files and directories via a .. (dot dot) in the RootName parameter.
• CVE-2002-0775 • published on July 26, 2002 browse.asp in Hosting Controller allows remote attackers to view arbitrary directories by specifying the target pathname in the FilePath parameter.
• CVE-2002-0779 • published on July 26, 2002 FTP proxy server for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service (network connectivity loss) via a connection to port 21 with a large amount of random data.
• CVE-2002-0781 • published on July 26, 2002 RTSP proxy for Novell BorderManager 3.6 SP 1a allows remote attackers to cause a denial of service via a GET request to port 9090 followed by a series of carriage returns, which causes proxy.nlm to ABEND.
• CVE-2002-0782 • published on July 26, 2002 Novell BorderManager 3.5 with PAT (Port-Address Translate) enabled allows remote attackers to cause a denial of service by filling the connection table with a large number of connection requests to hosts that do not have a specific route, which may be forwarded to the public interface.
• CVE-2002-0783 • published on July 26, 2002 Opera 6.01, 6.0, and 5.12 allows remote attackers to execute arbitrary JavaScript in the security context of other sites by setting the location of a frame or iframe to a Javascript: URL.
• CVE-2002-0732 • published on July 26, 2002 Cross-site scripting vulnerability in MyGuestbook 1.0 allows remote attackers to execute arbitrary script or inject HTML via fields such as (1) user name or (2) comments.
• CVE-2002-0735 • published on July 26, 2002 Format string vulnerability in the logging() function in C-Note Squid LDAP authentication module (squid_auth_LDAP) 2.0.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code by triggering log messages.
• CVE-2002-0743 • published on July 26, 2002 mail and mailx in AIX 4.3.3 core dump when called with a very long argument, an indication of a buffer overflow.
• CVE-2002-0745 • published on July 26, 2002 Buffer overflow in uucp in AIX 4.3.3.
• CVE-2002-0749 • published on July 26, 2002 CGIscript.net csMailto.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the form-attachment field.
• CVE-2002-0753 • published on July 26, 2002 Buffer overflow in Talentsoft Web+ 5.0 allows remote attackers to execute arbitrary code via an HTTP request with a long cookie.
• CVE-2002-0756 • published on July 26, 2002 Cross-site scripting vulnerability in the authentication page for (1) Webmin 0.96 and (2) Usermin 0.90 allows remote attackers to insert script into an error page and possibly steal cookies.
• CVE-2002-0767 • published on July 26, 2002 simpleinit on Linux systems does not close a read/write FIFO file descriptor before creating a child process, which allows the child process to cause simpleinit to execute arbitrary programs with root privileges.
• CVE-2002-0769 • published on July 26, 2002 The web-based configuration interface for the Cisco ATA 186 Analog Telephone Adaptor allows remote attackers to bypass authentication via an HTTP POST request with a single byte, which allows the attackers to (1) obtain the password from the login screen, or (2) reconfigure the adaptor by modifying certain request parameters.
• CVE-2002-0791 • published on July 26, 2002 Novell Netware FTP server NWFTPD before 5.02r allows remote attackers to cause a denial of service (CPU consumption) via a connection to the server followed by a carriage return, and possibly other invalid commands with improper syntax or length.
• CVE-2002-0792 • published on July 26, 2002 The web management interface for Cisco Content Service Switch (CSS) 11000 switches allows remote attackers to cause a denial of service (soft reset) via (1) an HTTPS POST request, or (2) malformed XML data.
• CVE-2002-0796 • published on July 26, 2002 Format string vulnerability in the logging component of snmpdx for Solaris 5.6 through 8 allows remote attackers to gain root privileges.
• CVE-2002-0793 • published on July 26, 2002 Hard link and possibly symbolic link following vulnerabilities in QNX RTOS 4.25 (aka QNX4) allow local users to overwrite arbitrary files via (1) the -f argument to the monitor utility, (2) the -d argument to dumper, (3) the -c argument to crttrap, or (4) using the Watcom sample utility.
• CVE-2002-0798 • published on July 26, 2002 Vulnerability in swinstall for HP-UX 11.00 and 11.11 allows local users to view obtain data views for files that cannot be directly read by the user, which reportedly can be used to cause a denial of service.