Total
9729 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2003-1538 | 1 Suse | 3 Office Server, Suse Linux, Suse Linux Openexchange Server | 2024-02-28 | 6.4 MEDIUM | N/A |
susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 does not properly filter shell metacharacters, which allows remote attackers to execute arbitrary commands via CGI queries. | |||||
CVE-1999-0001 | 3 Bsdi, Freebsd, Openbsd | 3 Bsd Os, Freebsd, Openbsd | 2024-02-28 | 5.0 MEDIUM | N/A |
ip_input.c in BSD-derived TCP/IP implementations allows remote attackers to cause a denial of service (crash or hang) via crafted packets. | |||||
CVE-2002-1360 | 7 Cisco, Fissh, Intersoft and 4 more | 7 Ios, Ssh Client, Securenetterm and 4 more | 2024-02-28 | 10.0 HIGH | N/A |
Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite. | |||||
CVE-2002-2237 | 1 Tftp | 1 Tftp Server | 2024-02-28 | 5.0 MEDIUM | N/A |
tftp32 TFTP server 2.21 and earlier allows remote attackers to cause a denial of service via a GET request with a DOS device name such as com1 or aux. | |||||
CVE-2003-1485 | 1 Clearswift | 1 Mailsweeper | 2024-02-28 | 5.0 MEDIUM | N/A |
Clearswift MAILsweeper 4.0 through 4.3.7 allows remote attackers to bypass filtering via a file attachment that contains "multiple extensions combined with large blocks of white space." | |||||
CVE-2004-0840 | 1 Microsoft | 3 Exchange Server, Windows Server 2003, Windows Xp | 2024-02-28 | 10.0 HIGH | N/A |
The SMTP (Simple Mail Transfer Protocol) component of Microsoft Windows XP 64-bit Edition, Windows Server 2003, Windows Server 2003 64-bit Edition, and the Exchange Routing Engine component of Exchange Server 2003, allows remote attackers to execute arbitrary code via a malicious DNS response message containing length values that are not properly validated. | |||||
CVE-2002-2328 | 1 Microsoft | 1 Windows 2000 | 2024-02-28 | 7.1 HIGH | N/A |
Active Directory in Windows 2000, when supporting Kerberos V authentication and GSSAPI, allows remote attackers to cause a denial of service (hang) via an LDAP client that sets the page length to zero during a large request. | |||||
CVE-2002-2365 | 1 Springer Verlag Berlin Heidelberg | 1 Simple Wais | 2024-02-28 | 10.0 HIGH | N/A |
Simple WAIS (SWAIS) 1.11 allows remote attackers to execute arbitrary commands via the shell metacharacters in the search field, as demonstrated using the "|" (pipe) character. | |||||
CVE-2003-1416 | 1 Bisonftp | 1 Bisonftp Server 4 | 2024-02-28 | 4.3 MEDIUM | N/A |
BisonFTP Server 4 release 2 allows remote attackers to cause a denial of service (CPU consumption) via a long (1) ls or (2) cwd command. | |||||
CVE-2001-0566 | 1 Cisco | 1 Catalyst 2900 | 2024-02-28 | 5.0 MEDIUM | N/A |
Cisco Catalyst 2900XL switch allows a remote attacker to create a denial of service via an empty UDP packet sent to port 161 (SNMP) when SNMP is disabled. | |||||
CVE-2002-2325 | 1 University Of Washington | 1 Pine | 2024-02-28 | 7.8 HIGH | N/A |
The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows remote attackers to cause a denial of service (client crash) via a MIME-encoded email with Content-Type header containing an empty boundary field. | |||||
CVE-2002-2423 | 1 Sendmail | 1 Sendmail | 2024-02-28 | 6.4 MEDIUM | N/A |
Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remote attackers to prevent the IP address from being logged via a long IDENT response. | |||||
CVE-2003-1490 | 1 Sonicwall | 3 Pro100, Pro200, Pro300 | 2024-02-28 | 7.8 HIGH | N/A |
SonicWall Pro running firmware 6.4.0.1 allows remote attackers to cause a denial of service (device reset) via a long HTTP POST to the internal interface, possibly due to a buffer overflow. | |||||
CVE-2002-2236 | 1 Apt-www-proxy | 1 Apt-www-proxy | 2024-02-28 | 10.0 HIGH | N/A |
Format string vulnerability in the awp_log function in apt-www-proxy 0.1 allows remote attackers to execute arbitrary code. | |||||
CVE-2001-0748 | 1 Acme Labs | 1 Acme Server | 2024-02-28 | 5.0 MEDIUM | N/A |
Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote attackers to read arbitrary files by prepending several / (slash) characters to the URI. | |||||
CVE-2002-2239 | 1 Cisco | 3 Catalyst 6500, Catalyst 7600, Ios | 2024-02-28 | 7.8 HIGH | N/A |
The Cisco Optical Service Module (OSM) for the Catalyst 6500 and 7600 series running Cisco IOS 12.1(8)E through 12.1(13.4)E allows remote attackers to cause a denial of service (hang) via a malformed packet. | |||||
CVE-2002-1359 | 7 Cisco, Fissh, Intersoft and 4 more | 7 Ios, Ssh Client, Securenetterm and 4 more | 2024-02-28 | 10.0 HIGH | N/A |
Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite. | |||||
CVE-2003-1419 | 1 Netscape | 1 Navigator | 2024-02-28 | 4.3 MEDIUM | N/A |
Netscape 7.0 allows remote attackers to cause a denial of service (crash) via a web page with an invalid regular expression argument to the JavaScript reformatDate function. | |||||
CVE-2002-2322 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2024-02-28 | 5.0 MEDIUM | N/A |
Ultimate PHP Board (UPB) 1.0b stores the users.dat data file under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords. | |||||
CVE-2004-0244 | 1 Cisco | 1 Ios | 2024-02-28 | 4.7 MEDIUM | N/A |
Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, but has inconsistent length values with that packet. |