Vulnerability Index: Year 2002

Remote Code Execution Vulnerability in Mutt Email Client Remote Code Execution via Format String Vulnerability in stunnel Client Mode for SMTP, POP, and NNTP Buffer Overflow Vulnerability in groff Preprocessor Allows Privilege Escalation via LPRng LPD Heap Corruption Vulnerability in at Program Allows Arbitrary Code Execution Buffer Overflow Vulnerability in AOL Instant Messenger (AIM) Allows Remote Code Execution Arbitrary IRC Command Execution Vulnerability in XChat 1.8.7 and Earlier LDAP Anonymous Bind Vulnerability in Bugzilla User Comment Spoofing and Bug Posting Vulnerability in Bugzilla Information Disclosure Vulnerability in Bugzilla Arbitrary SQL Injection and Privilege Escalation in Bugzilla Bugzilla Information Leak Vulnerability in doeditvotes.cgi SNMPv1 Trap Handling Vulnerabilities SNMPv1 Request Handling Vulnerabilities Arbitrary Command Execution via URL Handling in Pine 4.43 and Earlier Remote Code Execution Vulnerability in SGI IRIX SNMP Daemon (snmpd) SID Injection Vulnerability in Microsoft Windows NT and Windows 2000 Remote Code Execution Vulnerability in Telnet Server in Windows 2000 and Interix 2.2 Denial of Service Vulnerability in Microsoft Office v. X for Mac Buffer Overflow in HTML Directive Implementation in Internet Explorer 5.5 and 6.0 Arbitrary File Reading Vulnerability in Internet Explorer 5.01, 5.5, and 6.0 File Download Box Content-Disposition and Content-Type HTML Header Manipulation Vulnerability Content-Type HTML Header Field Manipulation Vulnerability Script Execution Bypass Vulnerability in Internet Explorer 5.5 and 6.0 URL Spoofing and File Reading Vulnerability in Internet Explorer 5.5 and 6.0 ICQ Buffer Overflow Vulnerability in Voice Video & Games Request LIBRESOLV: Buffer Overrun in DNS Stub Resolver Library Digital Signature Verification Vulnerability in Adobe Acrobat PDF Viewer Buffer Overflow Vulnerability in Yahoo! Messenger 5,0,0,1064 and Earlier Arbitrary Script Execution Vulnerability in Yahoo! Messenger 5,0,0,1064 and Earlier Heap-based Buffer Overflow in Solaris cachefsd's cfsd_calloc Function Insecure Permissions During File System Conversion on Windows 2000 and Windows XP Denial of Service Vulnerability in MIT Kerberos V5 ASN.1 Decoder Bypassing Reader and Author Access Control in Lotus Domino Servers Cache-Limiting Function Vulnerability in IRIX Unified Name Service Daemon (nsd) Allows Remote Denial of Service Denial of Service Vulnerability in rpcbind on SGI IRIX 6.5 Privilege Escalation via HOSTALIASES Environment Variable in SGI IRIX 6.5.11-6.5.15f Mail for SGI IRIX 6.5 through 6.5.15f Vulnerability: Core Dump via -R Option Denial of Service Vulnerability in XFS File System for SGI IRIX Privilege Escalation via Environment Variable Manipulation in sudo 1.6.0 through 1.6.3p7 Symlink Attack Vulnerability in GNU Enscript 1.6.1 and Earlier Vulnerability: Unauthorized replace Action in OpenLDAP Allows Deletion of Protected Attributes ICMP Fragmented Packet Memory Disclosure Vulnerability Denial of Service Vulnerability in CIPE VPN Package Signedness Errors in rsync I/O Functions: Remote Code Execution and Denial of Service Vulnerability Privilege Escalation Vulnerability in Microsoft Exchange Server 2000 System Attendant Buffer Overflow in AuthFilter ISAPI Filter on Microsoft Commerce Server 2000 Windows 2000 Local Users Can Prevent Application of New Group Policy Settings Arbitrary File Reading Vulnerability in Internet Explorer 6.0 and Earlier Buffer Overflow Vulnerability in SNMP Agent Service in Windows Operating Systems SMTP Service and IMC in Windows 2000 and Exchange Server 5.5 Vulnerability: Remote Mail Relaying via Null Session Credentials SMTP Service Denial of Service Vulnerability Remote Code Execution via Buffer Overflow in SQL Server 7.0 and 2000 Arbitrary File Reading Vulnerability in XMLHTTP Control Remote Session Hijacking Vulnerability in Java Runtime Environment (JRE) Double Free Vulnerability in zlib 1.1.3 and Earlier Improper Mask Setting in IRC Connection Tracking Helper Module Arbitrary Command Execution via Shell Metacharacters in Apache for Win32 Privilege Escalation via Buffer Overflow in ncurses 5.0 Buffer Overflow in ippRead Function of CUPS: Arbitrary Code Execution Vulnerability Insecure Permissions in Funk Software Proxy Host 3.x Weak Encryption in Funk Software Proxy Host 3.x Allows Privilege Escalation Insecure Access Control in Funk Software Proxy Host 3.x before 3.09A Squid 2.4 STABLE3 and Earlier HTCP Bypass Vulnerability Buffer Overflow Vulnerability in Squid 2.4 STABLE3 and Earlier SNMP Memory Leak Vulnerability in Squid 2.4 STABLE3 and Earlier Windows Shell Buffer Overflow Vulnerability Buffer Overflow Vulnerability in ism.dll ISAPI Extension in IIS 4.0 and 5.0 Denial of Service Vulnerability in w3svc.dll ISAPI Filter Denial of Service Vulnerability in IIS FTP Service via Specially Crafted Status Request Cross-Site Scripting Vulnerability in IIS Help File Search Facility Arbitrary Script Execution via URL Redirect in IIS 4.0, 5.0, and 5.1 Remote Code Execution via Illegal Cast Operation in Java Runtime Environment (JRE) Bytecode Verifier Local Executable Invocation via Object tag vulnerability in Microsoft Internet Explorer 5.01, 5.5, and 6.0 Cookie-based Script Execution Vulnerability in Microsoft Internet Explorer 5.5 and 6.0 Chunked Encoding Buffer Overflow Vulnerability in IIS 4.0 and 5.0 Active Server Pages Improper Privilege Dropping in rsync Daemon Mode Arbitrary Code Execution via Buffer Overflow in PHP MIME Split Functions Buffer Overflow Vulnerability in mod_ssl and Apache-SSL Privilege Escalation Vulnerability in OpenSSH 2.0 through 3.0.2 Buffer Overflow in fscache_setup Function of cachefsd in Solaris 2.6, 7, and 8: Local Privilege Escalation via Long Mount Argument Remote Denial of Service Vulnerability in cachefsd in Solaris 2.6, 7, and 8 Buffer Overflow in bindsock in Lotus Domino 5.0.4 and 5.0.7 on Linux Arbitrary File Creation Vulnerability in Lotus Domino 5.07 on Solaris Buffer Overflow Vulnerability in Solaris Admintool Allows Local Privilege Escalation Buffer Overflow Vulnerability in Solaris Admintool Allows Local Privilege Escalation Buffer Overflow in Low BandWidth X Proxy (lbxproxy) in Solaris 8: Local Code Execution Vulnerability Arbitrary Command Execution in CIDER SHADOW 1.5 and 1.6 via CGI Scripts Uninitialized Global Variable in CVS Allows Remote Denial of Service Buffer Overflow Vulnerability in ipcs for HP Tru64 UNIX 4.0f through 5.1a Arbitrary Command Execution via Filename Conversion in BSCW (Basic Support for Cooperative Work) 3.x and versions before 4.06 User self-registration vulnerability in BSCW 3.x and possibly version 4 Unintended Administrative Privileges Vulnerability in Geeklog 1.3 Installation Remote Account Hijacking Vulnerability in Geeklog 1.3 Buffer Overflow in Boozt! Standard 0.9.8 Index.cgi Administration Interface Buffer Overflow Vulnerability in Michael Lamont Savant Web Server 3.0 AOLserver 3.4.2 Win32 Authentication Bypass and File Access Vulnerability Denial of Service Vulnerability in Microsoft Internet Explorer 6.0 and Earlier Denial of Service Vulnerability in Oracle9iAS Web Cache 2.0.0.x Insecure Permissions in Oracle9iAS Web Cache Installer Program Remote Code Execution Vulnerability in AFTPD 5.4.4 via CD (CWD) ~ Command Privilege Escalation via Symlink Attack on CDE dtlogin in Caldera UnixWare 7.1.0 Denial of Service Vulnerability in BEA Systems Weblogic Server 6.1 Information Leakage in CacheFlow CacheOS Web Administration Interface User impersonation vulnerability in Allaire Forums 2.0.4 and 2.0.5 and Forums! 3.0 and 3.1 Vulnerability: SNMP Query Exploit in Linksys EtherFast Routers Plaintext Storage of Authentication Information in Nevrona Designs MiraMail 1.04 and Earlier Funsoft Dino's Webserver 1.2 and Earlier Directory Traversal Vulnerability Remote File Disclosure Vulnerability in Etype Eserv 2.97 World-readable log files in EMC NetWorker (formerly Legato NetWorker) before 7.0 Plaintext Password Storage Vulnerability in EMC NetWorker ICMP Header Size Vulnerability in Snort 1.8.3 Denial of Service Vulnerability in Palm OS 3.5h and Handspring Visor/Xircom Products Cross-Site Scripting (XSS) Vulnerability in YaBB 1 Gold SP 1 and Earlier Cross-Site Scripting (XSS) Vulnerability in Infopop UBB 6.2.0 Beta Release 1.0 Denial of Service Vulnerability in Alcatel Speed Touch Home ADSL Modem World-readable backup files and folders in Apple Palm Desktop 4.0b76 and 4.0b77 during hotsync Session ID Hijacking Vulnerability in PHP 4.0 through 4.1.1 Denial of Service Vulnerability in Siemens 3568i WAP Mobile Phones Denial of Service and Arbitrary Command Execution Vulnerability in MDG Computer Services Web Server 4D WS4D/eCommerce Directory Traversal Vulnerability in MDG Computer Services Web Server 4D/eCommerce 3.5.3 Buffer Overflow Vulnerability in ClanLib Library 0.5 Allows Arbitrary Code Execution in Games Buffer Overflow Vulnerability in BlackMoon FTP Server 1.0 through 1.5 Denial of Service Vulnerability in Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26 Denial of Service and Remote Code Execution Vulnerability in Sambar Server 5.1 before Beta 4 Local Privilege Escalation in eFax 0.9 and Earlier via Arbitrary File Read Buffer Overflow Vulnerability in efax 0.9 and Earlier Allows Arbitrary Code Execution ActivePython ActiveX Control Allows Remote File Reading Buffer Overflow Vulnerability in Chinput 3.0 via Long HOME Environment Variable Buffer Overflow Vulnerabilities in Avirt Gateway Suite 4.2: Remote Code Execution and Denial of Service Unauthenticated Remote File Listing and Command Execution in Avirt Gateway Suite 4.2 Denial of Service Vulnerability in Netopia Timbuktu Pro 6.0.1 and Earlier Denial of Service Vulnerability in Microsoft Internet Explorer 5.5 on Windows 98 Symlink Attack Vulnerability in CDRDAO 1.1.4 and 1.1.5 Arbitrary File Read Vulnerability in CDRDAO 1.1.4 and 1.1.5 FTP Bounce Vulnerability in Pi-Soft SpoonFTP 1.1 and Earlier Remote Code Execution and Denial of Service Vulnerability in dnrd 2.10 and Earlier Local Privilege Escalation Vulnerability in Maelstrom GPL 3.0.1 via Symlink Attack on /tmp/f File Denial of Service Vulnerability in John Roy Pi3Web for Windows 2.0 beta 1 and 2 Buffer Overflow Vulnerability in Eterm of Enlightenment Imlib2 1.0.4 and Earlier Chuid 1.2 Directory Traversal Vulnerability Improper Ownership Verification in chuid 1.2 and Earlier Allows Remote File Modification Remote Code Execution Vulnerability in Fetchmail Email Client Chunked Encoding Buffer Overrun Vulnerability in IIS 4.0, 5.0, and 5.1 Arbitrary Script Execution via Cross-Site Scripting in IIS 4.0, 5.0, and 5.1 ASP Server-Side Include Function Buffer Overflow Vulnerability HTTP Header Field Value Spoofing Vulnerability in Internet Information Server (IIS) 4.0, 5.0, and 5.1 Buffer Overflow in Multiple UNC Provider (MUP) in Microsoft Windows: Denial of Service and Privilege Escalation Vulnerability Buffer Overflow Vulnerability in Microsoft Applications for Macintosh Local Applescript Invocation vulnerability in Internet Explorer 5.1 for Macintosh Buffer Overflow Vulnerability in Microsoft SQL Server Extended Stored Procedures Buffer Overflow Vulnerability in Microsoft MSN Chat ActiveX Control Local Privilege Escalation via Symlink Attack in Nautilus 1.0.4 and Earlier Buffer Overflow in Xsun on Solaris 2.6 through 8: Local Privilege Escalation via Long -co Argument Format String Vulnerability in Cisco Secure Access Control Server (ACS) for Windows Remote File Disclosure Vulnerability in Cisco Secure Access Control Server (ACS) Arbitrary Code Execution Vulnerability in LogWatch Heap-based Buffer Overflow in Squid Proxy Server MIT-SHM Extension Privilege Escalation Vulnerability Local Privilege Escalation Vulnerability in LogWatch 2.5 Cross-Site Scripting (XSS) Vulnerability in Analog before 5.22 Vulnerability: Denial of Service and Arbitrary Code Execution in Imlib Heap Corruption Vulnerability in Imlib before 1.9.13 Insecure Option in Default DocBook Stylesheet Allows File Overwrite Vulnerability Improper Access Verification in Zope 2.2.0 - 2.5.1 Vulnerability: Privilege Escalation via Incorrect Password in IRISconsole 2.0 Insecure Default Permissions in /dev/ipfilter on SGI IRIX 6.5 Buffer Overflow Vulnerability in SGI IRIX Checkpoint-Restart Software Package Local Privilege Escalation via Symlink Attack on nsd.dump File in SGI IRIX Vulnerability: Bypassing Format String Protection in libsafe 2.0-11 and Earlier Vulnerability: Argument Indexing Specifier Exploitation in libsafe 2.0-11 and Earlier Icecast 1.3.11 and Earlier: Remote Code Execution via Buffer Overflow in HTTP GET Request Insecure Filename Handling in uudecode Buffer Overflow Vulnerability in XPilot Server Remote Code Execution via Buffer Overflow in Webalizer 2.01-06 Cross-Site Scripting Vulnerability in status.php3 for IMP 2.2.8 and HORDE 1.2.7 Heap-based Buffer Overflow in Sudo before 1.6.6 Remote Code Execution via Indirect Module Import in mod_python Unchecked Buffer in SQLXML ISAPI Extension SQLXML Component Cross-Site Scripting Vulnerability: Script Injection via XML Tag Arbitrary Code Execution via Malformed Content-Disposition and Content-Type Headers in Microsoft Internet Explorer 5.01 and 6.0 Cross-Site Scripting in Local HTML Resource vulnerability in Internet Explorer 6.0 Zone Spoofing through Malformed Web Page Vulnerability in Microsoft Internet Explorer 5.01, 5.5, and 6.0 Arbitrary File Viewing Vulnerability in Microsoft Internet Explorer Arbitrary Code Execution via Malformed Content-Disposition and Content-Type Headers in Microsoft Internet Explorer 5.01 and 6.0 Path Traversal Vulnerability in ACD Incorporated CwpAPI 1.1 Allows Unauthorized File Access Spoofing of Encrypted Messages in psyBNC 2.3 Beta and Earlier Remote Code Execution Vulnerability in plDaniels ripMime 1.2.6 and Earlier via Long Filename Attachment Buffer Overflow in admin.cgi for Nullsoft Shoutcast Server 1.8.3: Remote Code Execution and Denial of Service Vulnerability Denial of Service Vulnerability in Cyberstop Web Server for Windows 0.1 Buffer Overflow Vulnerability in Cyberstop Web Server for Windows 0.1 Insecure Permissions in PaintBBS 1.2 Allow Unauthorized Access and Configuration Modification Directory Listing Vulnerability in Tarantella Enterprise 3.20 and Earlier Versions Buffer Overflow Vulnerability in GNU Chess (gnuchess) 5.02 and Earlier Allows Arbitrary Code Execution Arbitrary Script Execution via Description Parameter in Plumtree Corporate Portal Arbitrary PHP Code Execution in Francisco Burzi PHP-Nuke 5.3.1 and Earlier Buffer Overflow in RealPlayer 8.0 and Earlier: Remote Code Execution via Header Length Value PGPfire 7.1 for Windows ICMP Error Message Disclosure Vulnerability Remote IP Address Disclosure Vulnerability in Nortel Alteon ACEdirector WebOS 9.0 Symlink Attack Vulnerability in TOLIS Group Backup and Restore Utility (BRU) 17.0 Race condition vulnerability in Tarantella Enterprise 3 installation script allows for arbitrary command execution Username Enumeration Vulnerability in Hosting Controller 1.1 through 1.4.1 Arbitrary File Read Vulnerability in Xinet K-AShare 0.011.01 for IRIX Weak Permissions on Registry Key Allow Local Users to Decrypt Network Traffic Path Disclosure Vulnerability in Agora.cgi Debug Mode SQL Injection Vulnerability in userinfo.php in XOOPS 1.0 RC1 Cross-site scripting (XSS) vulnerabilities in XOOPS Private Message System 1.0 RC1 Format String Vulnerability in SAS/Base 8.0 and 8.1 and SAS/Integration Technologies 8.0 and 8.1 Buffer Overflow Vulnerability in SAS/Base and SAS/Integration Technologies 8.0 and 8.1 Arbitrary Command Execution via SMS in PhpSmsSend 1.0 Denial of Service Vulnerability in Etype Eserv 2.97 FTP Bounce Vulnerability in Etype Eserv 2.97 Arbitrary File Upload Vulnerability in Infopop UBB.Threads and Wired Community Software WWWThreads MSDTC Denial of Service Vulnerability World-readable and Writable File Permissions in tac_plus Tacacs+ Daemon F4.0.4.alpha Predictable Password Generation in DCForum 6.x and 2000 Denial of Service Vulnerability in KICQ 2.0.0b1 Remote Code Execution Vulnerability in Microsoft MSN Messenger Bypassing Safe Mode Access Restrictions in PHP 3.0 through 4.1.0 Arbitrary Javascript Execution via Cross-Site Scripting (XSS) in Faq-O-Matic 2.712 Remote Code Execution Vulnerability in mIRC 5.91 and Earlier via Long Nickname MRTG Directory Traversal Vulnerability Directory Traversal Vulnerability in eShare Expressions 4 Web Server Denial of Service Vulnerability in NetScreen ScreenOS Vulnerability: Username and Password Leakage in Castelle FaxPress Authentication Bypass in Lucent VitalSuite 8.0-8.2 Buffer Overflow Vulnerability in ISS BlackICE Defender, BlackICE Agent, and RealSecure Server Sensor Cross-Site Scripting Vulnerability in NetGear RT314 and RT311 Gateway Routers Buffer Overflow Vulnerability in hanterm 3.3.1 and Earlier Path Disclosure Vulnerability in PHP with Apache Configuration Authentication Bypass Vulnerability in Cisco Secure ACS 3.0.1 Cross-Site Scripting Vulnerability in Internet Explorer 6 Cross-Site Scripting Vulnerability in Opera 6.0 and Earlier AtheOS 0.3.7 Chroot Function Directory Traversal Vulnerability Information Disclosure Vulnerability in Lotus Domino Server 5.0.8 with NoBanner Enabled UnixWare 7.1.1 Format String Vulnerability in Message Catalog Library Functions Buffer Overflow Vulnerability in wmtv 0.6.5 and Earlier: Local Privilege Escalation Local Privilege Escalation via Symlink Attack on Configuration File in wmtv 0.6.5 and Earlier Path Disclosure Vulnerability in PHP for Windows on Apache 2.0.28 beta Standalone CGI Module Authentication Bypass Vulnerability in HP AdvanceStack Hubs J3200A-J3210A Firmware A.03.07 and Earlier Buffer Overflow Vulnerability in licq 1.0.4 and Earlier: Remote Code Execution and Denial of Service Buffer Overflow in Apple QuickTime Player 5.01 and 5.02 via Long Content-Type MIME Header Path Disclosure Vulnerability in PHP Denial of Service Vulnerability in ICQ 2001b Build 3659 Unauthenticated Access Vulnerability in Arescom NetDSL 800 Denial of Service Vulnerability in Arescom NetDSL 1000 Router's Telnet Port Cross-Site Scripting Vulnerability in MakeBid Auction Deluxe 3.30 Static User Session ID Vulnerability in Merak Mail IceWarp Web Mail Sensitive Login and Account Data Stored in Plaintext in InstantServers MiniPortal 1.1.5 and Earlier Buffer Overflow in InstantServers MiniPortal 1.1.5 and Earlier: Remote Code Execution via Long Login Name Directory Traversal Vulnerability in InstantServers MiniPortal 1.1.5 and Earlier Sybex E-Trainer Web Server Directory Traversal Vulnerability Buffer Overflow in EasyBoard 2000 1.27 (EZboard) Allows Remote Code Execution Sensitive Account Information Stored in Plaintext in PowerFTP Personal FTP Server 2.03-2.10 World-writable permissions in AdminPassword file in Sawmill for Solaris 6.2.14 and earlier Path Disclosure Vulnerability in Thunderstone Texis CGI Script Arbitrary Administrative Privilege Escalation in Simple Internet Publishing System (SIPS) Vulnerability: Privilege Escalation via Identix BioLogon 3 Browse Function Arbitrary Script Execution Vulnerability in Internet Explorer 5.x and 6 Arbitrary Script Execution Vulnerability in Opera Symlink Attack Vulnerability in GNU Ada Compiler (GNAT) Buffer Overflow Vulnerabilities in mpg321 before 0.2.9: Remote Code Execution Buffer Overflow in CWMail.exe Allows Remote Code Execution Buffer Overflow Vulnerability in Exim 3.34 and Earlier Falcon Web Server Authentication Bypass Vulnerability Buffer Overflow Vulnerability in Ettercap 0.6.3.1 and Earlier: Remote Code Execution via Large Packets Arbitrary Command Execution in Add2it Mailman Free 1.73 and Earlier Add2it Mailman Free 1.73 and Earlier Directory Traversal Vulnerability HP-UX 11.11 Kernel Panic and Privilege Escalation Vulnerability Buffer Overflow Vulnerability in CodeBlue SMTP Reply Handling Privilege Escalation via Cross-Site Scripting in DCP-Portal 4.2 and Earlier Information Disclosure Vulnerability in DCP-Portal 3.7 through 4.5 Denial of Service Vulnerability in Windows XP with Open Port 445 Winamp 2.78 and 2.77 WMA License Path Disclosure Vulnerability Outlook Express Header Parsing Vulnerability Privilege Escalation and User Addition Vulnerability in SiteNews 0.10 and 0.11 SQL Injection Vulnerability in pForum 1.14 and Earlier Phusion web server 1.0 Directory Traversal Vulnerability Buffer Overflow Vulnerability in Phusion Web Server 1.0: Remote Code Execution and Denial of Service Buffer Overflow in Netwin WebNews CGI Program 1.1: Remote Code Execution Vulnerability Dino's Webserver 1.2 Denial of Service and Remote Code Execution Vulnerability Cross-Site Scripting (XSS) Vulnerability in Slash before 2.2.5 Privilege Escalation Vulnerability in Alcatel OmniPCX 4400 FTP Service Privilege Escalation Vulnerability in Alcatel 4400: Unauthorized System Shutdown World-writable file permissions in Alcatel OmniPCX 4400 allow local privilege escalation Local Privilege Escalation Vulnerability in Tarantella Enterprise 3 Buffer Overflow Vulnerability in ScriptEase MiniWeb Server 0.95 Denial of Service Vulnerability in ScriptEase MiniWeb Server 0.95 Arbitrary Code Execution via File Extension Manipulation in CNet CatchUp before 1.3.1 Directory Listing and Source Code Disclosure Vulnerability in gnujsp 1.0.0 and 1.0.1 Authentication Bypass Vulnerability in Citrix NFuse 1.6 Vulnerability: Large Alerts Dropped by Notify Daemon in Symantec Enterprise Firewall (SEF) 6.5.x LDAP Authentication Bypass Vulnerability in GroupWise 6 Remote File Disclosure Vulnerability in Lil HTTP Server 2.1 Zero One Tech (ZOT) P100s Print Server Vulnerability: Unsecured SNMP Service and Default Password Remote Command Execution in Avenger's News System (ANS) 2.11 and Earlier Directory Traversal and Remote Code Execution Vulnerability in Avenger's News System (ANS) 2.11 and Earlier SQL Injection Vulnerability in AdMentor 2.11 Allows Remote Authentication Bypass and Privilege Escalation SMTP Proxy Information Disclosure Vulnerability Default Usernames and Cleartext Passwords in Netwin WebNews 1.1k CGI Program Vulnerability Root Privilege Escalation Vulnerability in Webtop in UnixWare 7.1.1 and Open UNIX 8.0.0 Essentia Web Server 2.1 Directory Traversal Vulnerability Essentia Web Server 2.1 Buffer Overflow Vulnerability FastTrack P2P Denial of Service Vulnerability FastTrack P2P Vulnerability: User Spoofing via Message Header Modification Cross-Site Scripting (XSS) Vulnerability in eXtreme Message Board (XMB) 1.6x and Earlier Arbitrary Software Installation Vulnerability in Gator ActiveX Component (IEGator.dll) 3.0.6.1 Denial of Service Vulnerability in FreeRADIUS RADIUS Server Cross-Site Scripting Vulnerability in edituser.php of pforum 1.14 and Earlier Buffer Overflow Vulnerability in Yahoo! Messenger 5.0 User Spoofing Vulnerability in Yahoo! Messenger 5.0 Cleartext Password Vulnerability in Yahoo! Messenger 4.0 Arbitrary File Read Vulnerability in ScriptEase:WebServer Cleartext Password Exposure and Privilege Escalation in Greymatter 1.21c and Earlier Directory Traversal Vulnerability in BadBlue before 1.6.1 Allows Remote File Read Cross-Site Scripting (XSS) Vulnerability in BadBlue before 1.6.1 Beta Buffer Overflow in Century Software TERM: Local Privilege Escalation via Long tty Argument Cross-Site Scripting (XSS) Vulnerability in Ikonboard 3.0.1 Cross-Site Scripting Vulnerability in Snitz Forums 2000 3.3.03 and Earlier Cross-Site Scripting (XSS) Vulnerability in Open Bulletin Board (OpenBB) 1.0.0 BPM Studio Pro 4.2 HTTP Server Directory Traversal Vulnerability Buffer Overflow Vulnerabilities in xtell (xtelld) 1.91.1 and Earlier, and 2.x Before 2.7 Directory Traversal Vulnerability in xtell (xtelld) 1.91.1 and Earlier, and 2.x Before 2.7 Symlink Attack Vulnerability in xtell (xtelld) 1.91.1 and Earlier, and 2.x before 2.7 Buffer Overflow Vulnerability in Galacticomm Worldgroup Web Server 3.20 and Earlier Buffer Overflow in Galacticomm Worldgroup FTP Server 3.20 and Earlier: Remote Code Execution and Denial of Service Vulnerability Denial of Service Vulnerability in RealPlayer 8 via Malformed .mp3 Files Denial of Service Vulnerability in The Bat! Email Client Cisco IOS Vulnerability: Packet Padding Leakage in MAC Level Packets Automatic Execution of .wmf Content in Windows Media Player Information Disclosure Vulnerability in GroupWise Web Access 5.5 Denial of Service Vulnerability in Kmail 1.2 on KDE 2.1.1 Plaintext Password Storage in Hotline Client 1.8.5 Bookmarks File Cleartext Storage of LiveUpdate Server Credentials in Symantec Norton Antivirus Plaintext Storage of Usernames and Passwords in Symantec Ghost 7.0's NGServer\params Registry Key Cross-Site Scripting Vulnerability in Cobalt RAQ 4 Allows Remote Code Execution Cobalt RAQ 4 Directory Traversal Vulnerability Remote Code Execution and Denial of Service Vulnerability in Cobalt RAQ 4's service.cgi Screen-Locked Alert Bypass Vulnerability in Tiny Personal Firewall (TPF) 2.0.15 Denial of Service Vulnerability in HP Procurve Switch 4000M Firmware Remote Code Execution Vulnerability in CFS Daemon (cfsd) Information Disclosure: Phorum 3.3.2 Email Address Exposure Denial of Service Vulnerability in Ethereal 0.9.2 and Earlier Due to ASN.1 Parser Arbitrary File Reading Vulnerability in XMLHttpRequest (XMLHTTP) File Existence Disclosure Vulnerability in netstat on SGI IRIX Privilege Escalation in XFS Filesystem Reorganizer (fsr_xfs) in SGI IRIX 6.5.10 and Earlier Root Privilege Escalation Vulnerability in SGI IRIX 6.5.15 and Earlier Local Privilege Escalation and Information Disclosure Vulnerability in MediaMail and MediaMail Pro on SGI IRIX 6.5.16 and Earlier Weak Authentication in xfsmd on IRIX 6.5 through 6.5.16 Allows Remote Root Privilege Escalation Remote Code Execution Vulnerability in Sun AnswerBook2 1.4 through 1.4.3 Buffer Overflow Vulnerability in AOL Instant Messenger (AIM) 4.2 and Later Arbitrary Command Execution Vulnerability in Ghostscript Heap Overrun in HTR Chunked Encoding Could Enable Web Server Compromise Buffer Overflow in RAS Phonebook File Allows Arbitrary Code Execution Privilege Escalation via smss.exe Debugging Subsystem in Windows NT and Windows 2000 Denial of Service Vulnerability in Microsoft Exchange 2000 Store Service ASP.NET Worker Process Buffer Overflow Vulnerability Buffer Overflow Vulnerability in ZIP Capability of Multiple Products Buffer Overflow Vulnerability in Gopher Client for Microsoft Internet Explorer 5.1 through 6.0, Proxy Server 2.0, or ISA Server 2000 Cache Path Disclosure via Windows Media Player Privilege Elevation through Windows Media Device Manager Service Arbitrary Code Execution via Format String Vulnerability in pam_ldap Logging Function Cross-Site Scripting Vulnerability in Sgdynamo.exe Allows Remote Code Execution Buffer Overflow in Apple QuickTime 5.0 ActiveX Component via Long pluginspage Field Gaim 0.57 Local Information Disclosure Vulnerability Arbitrary Remote Print Job Acceptance Vulnerability in LPRng Print Spooler Buffer Overflow Vulnerability in University of Washington IMAP Server (uw-imapd) Buffer Overflow Vulnerability in tcpdump 3.6.2 and Earlier: Remote Code Execution via NFS Packet TCP Implementation Vulnerability: Bypassing Filters via Unicast Link Layer Address and IP Broadcast Address Arbitrary Command Execution in XChat IRC Client via DNS Reverse Lookup Vulnerability Remote Code Execution Vulnerability in Jabber Plug-in for Gaim Client (Versions prior to 0.58) Remote Information Disclosure Vulnerability in Vignette Story Server 4.1 and 6.0 Denial of Service Vulnerability in Oracle Web Cache in Oracle9iAS 9.0.2 Buffer Overflow in gxnsapi6.dll NSAPI Plugin of Sun ONE Application Server Cross-Site Scripting Vulnerabilities in Mailman before 2.0.11 Predictable Filenames in Pipermail Archives Allow Unauthorized Access to Private Mailing List Messages Integer Overflow in xdr_array Function in RPC Servers: Remote Code Execution Vulnerability Apache Chunk-Encoded HTTP Request Denial of Service and Code Execution Vulnerability Buffer Overflow in Red-M 1050 Bluetooth Access Point Management Web Interface Case Insensitive Passwords in Red-M 1050 Bluetooth Access Point: A Brute Force Vulnerability Unsecured TFTP Server on Red-M 1050 Bluetooth Access Point Enables Remote Password Cracking Session Hijacking Vulnerability in Red-M 1050 Bluetooth Access Point Web Management Server Broadcast Disclosure Vulnerability in Red-M 1050 Bluetooth Access Point Bluetooth Access Point PPP Server Denial of Service and Code Execution Vulnerability Directory Traversal Vulnerability in GNU tar Allows Arbitrary File Overwrite Denial of Service Vulnerability in ISC BIND 9 before 9.2.1 (DoS_findtype) SMB Dissector Remote Code Execution Vulnerability X11 Dissector Buffer Overflow Vulnerability in Ethereal 0.9.3 and Earlier Denial of Service Vulnerability in Ethereal DNS Dissector GIOP Dissector Denial of Service Vulnerability Buffer Overflow in Transsoft Broker FTP Server 5.0 Evaluation: Remote Code Execution and Denial of Service via CWD Command Denial of Service Vulnerability in Menasoft SPHERE Server 0.99x and 0.5x Path Disclosure Vulnerability in Lotus Domino Server 5.0.9a and Earlier Version Information Disclosure Vulnerability in Lotus Domino Server 5.0.9a and Earlier Remote Code Execution Vulnerability in orderdetails.aspx Arbitrary File Read Vulnerability in AeroMail before 1.45 Cross-Site Scripting Vulnerability in AeroMail's message.php Format String Vulnerability in ntop's TraceEvent Function Cross-Site Scripting (XSS) Vulnerability in ReBB Allows Remote Code Execution and Cookie Theft via IMG Tag Vulnerability: Inadequate Consultation of Security Policy Database in KAME-derived IPsec Implementations Directory Traversal Vulnerability in RealPlayer Web Server (Version 6.0.7 and possibly others) Buffer Overflow Vulnerability in SH39 MailServer 1.21 and Earlier: Remote Code Execution and Denial of Service Endymion MailMan Directory Traversal Vulnerability Arbitrary File Read Vulnerability in Endymion SakeMail 1.0.36 and Earlier Information Leakage in IIS 4 through 5.1: IP Address and Domain Disclosure PureTLS Injection Vulnerability: Remote Session Corruption and Hijacking Local users can bypass User cannot change password policy in IIS 4.0 WebDAV IP Address Disclosure Vulnerability in IIS 5 and 5.1 Buffer Overflow Vulnerability in efingerd 1.5 and Earlier Allows Remote Code Execution Privilege Escalation Vulnerability in efingerd 1.61 and Earlier mIRC DCC Server Protocol Information Leakage Vulnerability Reduced Key Length Vulnerability in Linksys EtherFast BEFVP41 Cable/DSL VPN Router Buffer Overflow Vulnerability in mod_frontpage Allows Root Privilege Escalation Authentication Timeout Bypass in Check Point FireWall-1 SecuRemote/SecuClient 4.0 and 4.1 Arbitrary Process Termination Vulnerability in iBCS Routines Arbitrary File Overwrite Vulnerability in Sun Cobalt RaQ XTR Administration Interface XTux Denial of Service Vulnerability Buffer Overflow in lprintf and cprintf in Citadel/UX 5.90 and Earlier Remote File Disclosure Vulnerability in Pi3Web 2.0.0 Arbitrary Command Execution in Marcus S. Xenakis directory.php Script Race condition vulnerability in GNU File Utilities (fileutils) 4.1 and earlier allows unauthorized directory deletion and move Arbitrary Command Execution in sscd_suncourier.pl CGI Script Arbitrary Command Execution via SMS Server Tools (SMStools) Denial of Service Vulnerability in ZyXEL ZyWALL 10 Firewall Cross-Site Scripting (XSS) Vulnerability in CaupoShop: Arbitrary Code Execution and Data Theft Bypassing Content Scanning in Trend Micro InterScan VirusWall HTTP Proxy 3.6 Directory Traversal Vulnerability in Php Imglist's imlist.php Allows Remote Code Execution Buffer Overflow Vulnerability in dlvr_audit for Caldera OpenServer 5.0.5 and 5.0.6: Local Privilege Escalation Windows 2000 Local User Password Reuse Vulnerability Group Policy Bypass Vulnerability in Microsoft Windows 2000 Terminal Server Path Disclosure Vulnerability in article.php of PHP FirstPost 0.1 Path Disclosure Vulnerability in Black Tie Project (BTP) 0.4b through 0.5b Xerver Free Web Server 2.10 Directory Traversal Vulnerability Denial of Service Vulnerability in Xerver Free Web Server 2.10 and Earlier Remote Code Execution Vulnerability in Talentsoft Web+ 5.0 and Earlier Buffer Overflow in Talentsoft Web+ 5.0 and Earlier Allows Remote Code Execution Arbitrary PHP Code Execution in PHProjekt 3.1 and 3.1a via filemanager_forms.php URI Decoding Vulnerability in Foundry Networks ServerIron Switches Account Lockout Vulnerability in Oblix NetPoint 5.2 and Earlier Qpopper Denial of Service Vulnerability Fixed Directory Name Vulnerability in IncrediMail Fixed Directory Name Vulnerability in Eudora 5.1 and Earlier Versions Cross-Site Scripting (XSS) Vulnerability in BG GuestBook 1.0's signgbook.php Arbitrary Javascript Execution via Cross-Site Scripting in News-TNK 1.2.1 and Earlier Arbitrary Javascript Execution Vulnerability in Board-TNK 1.3.1 and Earlier Denial of Service Vulnerability in Bitvise WinSSHD Denial of Service Vulnerability in Internet Explorer 5.01-6 via Javascript Loop Denial of Service and Path Disclosure Vulnerability in Big Sam Guestbook Stand-Alone Module 1.1.08 and Earlier Path Disclosure Vulnerability in ARSC (Really Simple Chat) 1.0.1 and Earlier Directory Traversal Vulnerability in Hosting Controller 1.4.1 and Earlier Directory Traversal Vulnerability in Hosting Controller 1.4.1 and Earlier Arbitrary Directory Browsing Vulnerability in Hosting Controller 1.4.1 and Earlier Remote Code Execution Vulnerability in Ecartis 1.0.0 Buffer Overflow Vulnerabilities in Ecartis 1.0.0 Snapshot 20020427 and Earlier Privilege Escalation in Ecartis (formerly Listar) 1.0.0 Privilege Escalation via PATH Manipulation in PHPNetToolpack 0.1 Arbitrary Code Execution Vulnerability in PHPNetToolpack 0.1 Weak Authentication Vulnerability in MSN Messenger Service 3.6 and Other Versions Remote Code Execution in phpBB 2.0 (phpBB2) RC-3 and earlier via phpbb_root_path parameter ZeroForum Cross-Site Scripting Vulnerability via IMG Tag Cross-Site Scripting (XSS) Vulnerability in phpBB 1.4.4 and Earlier Arbitrary File and Program Saving Vulnerability in Macromedia Flash Player 5.0 Arbitrary Program Execution Vulnerability in Macromedia Flash Player 5.0 Arbitrary SNMP Community Strings Vulnerability in Foundry Networks EdgeIron 4802F Hidden Share Vulnerability in Gravity Storm Service Pack Manager 2000 Vulnerability: Unauthorized Key Manager Access in ISS RealSecure for Nokia Devices Remote Code Execution via Windows Media Player and Outlook 2002 PCI Netsupport Manager Directory Traversal Vulnerability Path Disclosure Vulnerability in index.php for PHP-Nuke 5.4 and Earlier Unrestricted File Upload Vulnerability in PHP's move_uploaded_file Function Remote Code Execution Vulnerability in Norton Anti-Virus (NAV) Weak Encryption in Intellisol Xpede 4.1 Allows Privilege Escalation via Cookies Plaintext Password Storage Vulnerability in Intellisol Xpede 4.1 Arbitrary Code Execution in Linux Directory Penguin traceroute.pl CGI Script 1.0 Remote Code Execution in Linux Directory Penguin NsLookup CGI Script (nslookup.pl) 1.0 CRLF Injection Vulnerability in Instant Web Mail before 0.60 Arbitrary Value Authentication Bypass in AlGuest 1.0 Guestbook Arbitrary File Deletion Vulnerability in DCShop 1.002 Beta Web.xml Error Handling Vulnerability in Apache Tomcat Arbitrary Javascript Execution and Administrator Access via Cross-Site Scripting in WebSight Directory System 0.1 Arbitrary Code Execution via csSearch.cgi in csSearch 2.3 and Earlier Denial of Service Vulnerability in SouthWest Talker Server 1.0.0 Buffer Overflow Vulnerability in mtr 0.46 and Earlier Allows Unauthorized Access to Raw Socket Privilege Escalation Vulnerability in Etnus TotalView 5.0.0-4 Path Truncation Vulnerability in Linux Kernel File Existence Disclosure Vulnerability in Internet Explorer 5.0 through 6.0 Posadis DNS Server Format String Vulnerability Unauthenticated Application Listing Vulnerability in Citrix NFuse 1.6 Directory Traversal Vulnerability in Citrix NFuse 1.5 Boilerplate.asp Unquoted Results in Citrix NFuse getLastError Method Cross-Site Scripting Vulnerability Memory Leak Vulnerability in Cisco CallManager CTI Framework Authentication Buffer Overflow Vulnerability in libnewt Allows for Denial of Service and Arbitrary Code Execution RSA SecurID Bypass Vulnerability in Microsoft Outlook Web Access (OWA) Arbitrary Command Execution and File Read Vulnerability in wwwisis 3.45 and Earlier Denial of Service Vulnerability in Oracle 9i TNS Listener UDP Implementation in Linux 2.4.x Kernels: IP Identification Field Disclosure Vulnerability Vulnerability: Name Service Cache Daemon (nscd) in Caldera OpenLinux 3.1 and 3.1.1 Allows Bypassing Host-Based Access Restrictions Privilege Escalation via LD_LIBRARY_PATH in startkde Insecure Configuration of PHP Administration Script in popper_mod 1.2.1 and Earlier TTL Manipulation Vulnerability in OpenBSD 3.0 with return-rst Rule IPFilter 3.4.25 and Earlier TTL Filtering Vulnerability Arbitrary Command Execution via Cookie Manipulation in SquirrelMail 1.2.5 and Earlier Buffer Overflow Vulnerability in libX11 on Caldera Open UNIX 8.0.0 and UnixWare 7.1.1 Denial of Service Vulnerability in SYN Cache and SYN Cookie Mechanism in FreeBSD 4.5 and Earlier Cross-Site Scripting Vulnerability in functions-inc.asp for ASP-Nuke RC1 Cross-Site Scripting Vulnerabilities in ASP-Nuke RC2 and Earlier Authentication Bypass Vulnerability in ASP-Nuke RC2 and Earlier User Enumeration Vulnerability in ASP-Nuke RC2 and Earlier Server Path Disclosure Vulnerability in ASP-Nuke RC2 and Earlier Format String Vulnerabilities in INN 2.2.3 and Earlier: Exploiting INN's inews and rnews for Privilege Escalation Insecure open() Calls Vulnerability in INN 2.2.3 and Earlier Denial of Service Vulnerability in Watchguard SOHO Firewall Unpredictable IP Restriction Disabling Vulnerability in Watchguard SOHO Firewall 5.0.35 World-writable permissions in HP Photosmart printer driver for Mac OS X allows privilege escalation through Trojan horse replacement Arbitrary Script Execution in Novell Web Search 2.0.1 via Cross-Site Scripting (XSS) Vulnerability Directory Traversal Vulnerability in EMU Webmail 4.5.x and 5.1.0 Arbitrary Program Execution Vulnerability in EMU Webmail Denial of Service and Database Corruption Vulnerability in phpBB 1.4.4 and Earlier with BBcode Denial of Service and Database Corruption Vulnerability in PostBoard 2.0.1 and Earlier Cross-Site Scripting Vulnerabilities in PostBoard 2.0.1 and Earlier SQL Injection Vulnerability in PHPGroupware 0.9.12 and Earlier Stored Passwords in Links Vulnerability in StepWeb Search Engine (SWS) 2.5 FTP Proxy Port Redirection Vulnerability in Symantec Raptor Firewall 6.5.3 and Enterprise 7.0 SQL Injection Vulnerability in Demarc PureSecure 1.05 Allows Remote Administrative Privilege Escalation Default public Community String Vulnerability in Nortel CVX 1800 Buffer Overflow Vulnerability in Tivoli Storage Manager TSM Server and Agents Privilege Escalation via Tilde (~) Escape Character in OpenBSD Mail Aprelium Abyss Web Server Directory Traversal Vulnerability Plaintext Storage of Administrative Console Password in Aprelium Abyss Web Server (abyssws) Denial of Service Vulnerability in Cisco Aironet with Telnet Enabled Cross-Site Scripting Vulnerability in Winamp Mini-Browser Buffer Overflow Vulnerability in Winamp Mini-Browser Allows Remote Code Execution Remote Authentication Bypass Vulnerability in Anthill's postbug.php Cross-Site Scripting (XSS) Vulnerability in Anthill Enables Remote Execution of Scripts as Other Users Arbitrary Code Execution in Dynamic Guestbook 3.0 via gbdaten Parameter Cross-Site Scripting Vulnerability in Dynamic Guestbook 3.0 Multiple Buffer Overflows in Melange Chat Server 2.02: Remote Code Execution and Denial of Service Vulnerabilities Cross-Site Scripting Vulnerability in SunShop 2.5 and Earlier Allows Remote Administrative Privilege Escalation SQL Injection Vulnerability in IBM Informix Web DataBlade 4.12 Unescaped User Input Vulnerability in IBM Informix Web DataBlade 4.12 Quik-Serv HTTP Server 1.1B Directory Traversal Vulnerability Privilege Escalation Vulnerability in OpenBSD 3.0 with YP and Netgroups Directory Traversal Vulnerability in TYPSoft FTP Server 0.97.1 and Earlier Buffer Overflow Vulnerabilities in PL/SQL Module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x Sensitive Information Disclosure in PL/SQL Module 3.0.9.8.2 Null Authentication Vulnerability in Oracle 9i Application Server 1.0.2.x PL/SQL Gateway Web Administration Interface Sensitive Information Exposure in Oracle 9i Application Server 1.0.2.x Default Configuration Vulnerability in Oracle 9i Application Server 1.0.2.x Authentication Bypass Vulnerability in PL/SQL Module 3.0.9.8.2 Sensitive Information Disclosure in Oracle 9iAS 1.0.2.x JSP Compilation Denial of Service Vulnerability in PL/SQL Module 3.0.9.8.2 Remote Code Execution via Oracle EXTPROC Process Insecure Storage of XSQL and SOAP Configuration Files in Oracle 9i Application Server Bypassing Access Restrictions in Oracle 9i Application Server via XSQLServlet Unauthenticated Encryption Vulnerability in Linux Kernel 2.4.10 and Earlier Local Privilege Escalation Vulnerability in Oracle9i Database Server 9.0.1.x File Descriptor Reuse Vulnerability in BSD-based Operating Systems Format String Vulnerability in RPC Wall Daemon (rpc.rwalld) for Solaris 2.5.1 through 8 Memory Leak in FreeBSD: Remote Denial of Service via ICMP Echo Packets Buffer Overflow Vulnerability in OpenSSH with Kerberos/AFS Support and KerberosTgtPassing or AFSTokenPassing Enabled Path Disclosure Vulnerability in ColdFusion 5.0 and Earlier on Windows Systems Local Privilege Escalation Vulnerability in HP-UX 11.00 and 11.11 passwd Utility Buffer Overflow in 4D WebServer 6.7.3: Remote Code Execution and Denial of Service via Basic Authentication Unauthenticated Remote Privilege Escalation in WorkforceROI Xpede 4.1 Information Disclosure: Username Leakage in WorkforceROI Xpede 4.1 Remote SQL Injection Vulnerability in WorkforceROI Xpede 4.1 Improper Access Control in WorkforceROI Xpede 4.1 Allows Remote Reading of Expense Claim Reports Vulnerability: Brute Force Attack on WorkforceROI Xpede 4.1 Temporary Expense Claim Reports Remote Code Execution Vulnerability in WorkforceROI Xpede 4.1 Denial of Service Vulnerability in ndd for HP-UX 11.11 with TRANSPORT Patches Format string vulnerability in Ns_PdLog function in libnspd.a of AOLServer 3.0 through 3.4.2 Buffer Overflow Vulnerability in AOLServer's Ns_PdLog Function Unauthenticated Remote Poll Manipulation in PVote before 1.9 Remote Privilege Escalation in PVote before 1.9 Arbitrary Script Execution and Cookie Theft via Cross-Site Scripting (XSS) in IcrediBB 1.1 Beta Directory Traversal Vulnerability in AOL Instant Messenger (AIM) 4.8 Beta and Earlier Remote File Theft Vulnerability in AOL Instant Messenger (AIM) Buffer Overflow in Netscape 6 and Mozilla 1.0 RC1 and Earlier via Long IRC URI Channel Name File Existence Disclosure Vulnerability in Netscape 6 and Mozilla 1.0 RC1 and Earlier Remote Code Execution Vulnerability in WebTrends Reporting Center 4.0d Path Disclosure Vulnerability in WebTrends Reporting Center 4.0d Denial of Service Vulnerability in LANMAN Service on Microsoft Windows 2000 Remote Code Execution Vulnerability in Foundstone FScan 1.12 with Banner Grabbing Enabled Authentication Bypass and Configuration Modification in Blahz-DNS 0.2 and Earlier Heap Overflow in KTH Kerberos 4 FTP Client 4-1.1.1: Remote Code Execution Vulnerability Denial of Service Vulnerability in ISS RealSecure Network Sensor 5.x through 6.5 Denial of Service Vulnerability in Snapgear Lite+ Firewall 1.5.4 and 1.5.3 Denial of Service Vulnerability in Snapgear Lite+ Firewall 1.5.3 Denial of Service Vulnerability in Snapgear Lite+ Firewall 1.5.3 and 1.5.4 Buffer Overflow Vulnerability in Macromedia Flash 6 OCX Buffer Overflow Vulnerability in 3Cdaemon 2.0 FTP Server SQL Injection Vulnerability in Snitz Forums 2000 version 3.3.03 and earlier Buffer Overflow in Matu FTP Client 1.74: Remote Code Execution via Long 220 Banner Denial of Service Vulnerability in HP MPE/iX 6.0 through 7.0 via Malformed IP Packets Privilege Escalation Vulnerability in FTPSRVR in HP MPE/iX 6.0 through 7.0 FileSeek.cgi Directory Traversal Vulnerability Arbitrary Command Execution in FileSeek.cgi via Shell Metacharacters Authentication Bypass Vulnerability in DNSTools 2.0 beta 4 and Earlier Sensitive Information Disclosure in PHP-Survey 20000615 and Earlier Media Playback Script Invocation Vulnerability Excel Inline Macros Vulnerability Hyperlinked Excel Workbook Macro Bypass Vulnerability Excel XSL Stylesheet Script Execution Vulnerability Microsoft Word 2002 Mail Merge Tool Remote Code Execution Vulnerability Buffer Overflow Vulnerability in Microsoft Commerce Server 2000 Profile Service Buffer Overflow in Microsoft Commerce Server 2000 OWC Package Installer OWC Package Command Execution Vulnerability Remote Code Execution Vulnerability in AuthFilter ISAPI Filter on Microsoft Commerce Server 2000 and 2002 Unchecked Buffer in Password Encryption Procedure Default Null Password Vulnerability in Polycom ViewStation Authentication Bypass and File Reading Vulnerability in Polycom ViewStation Web Server Unrestricted Failed Login Attempts in Polycom ViewStation Telnet Service Denial of Service Vulnerability in Polycom ViewStation Telnet Service Denial of Service Vulnerability in Polycom ViewStation Telnet Service Arbitrary File Write and Privilege Escalation Vulnerability in nveventd in NetVisualyzer on SGI IRIX 6.5 through 6.5.16 Arbitrary File Read Vulnerability in SGI BDSPro 2.4 and Earlier Vulnerability in InterScan VirusWall 3.52 build 1462 Allowing Bypass of Virus Protection via Email Headers with Space Gap Race condition vulnerability in setpwnam.c in the util-linux package allows local users to gain privileges via a complex race condition. Arbitrary Code Execution Vulnerability in OpenSSH 2.9.9 through 3.3 Buffer Overflow in OpenSSH 2.3.1 through 3.3 Allows Remote Code Execution Arbitrary Code Execution via Buffer Overflow in Microsoft SQL Server 2000 Bulk Insert Procedure Insecure Permissions on SQL Server Service Account Registry Key SQL Server Installation Process May Leave Passwords on System Buffer Overflow Vulnerability in Microsoft SQL Server 2000 and MSDE 2000 DBCCs SQL Injection Vulnerability in Stored Procedures for Microsoft SQL Server 2000 and MSDE 2000 Legacy Text Formatting ActiveX Control Buffer Overflow Vulnerability XML File Disclosure Vulnerability in Microsoft Internet Explorer 5.01, 5.5, and 6.0 Multiple Buffer Overflows in Microsoft SQL Server 2000 and MSDE Resolution Service Denial of Service Vulnerability in Microsoft SQL Server 2000's Keep-Alive Mechanism Remote Code Execution via Buffer Overflow in DNS Resolver Libraries Arbitrary Code Execution Vulnerability in xfsmd for IRIX 6.5 through 6.5.16 Off-by-one Buffer Overflow in mod_ssl Apache Module Allows Arbitrary Code Execution Apache 2.0 through 2.0.39 Path Disclosure Vulnerability Integer Handling Vulnerability in OpenSSL 0.9.6d and Earlier Remote Code Execution Vulnerability in OpenSSL 0.9.6d and Earlier Buffer Overflow Vulnerability in OpenSSL 0.9.7 with Kerberos Enabled Privilege Escalation via Symbolic Link Attack in OSSP mm Library Denial of Service Vulnerability in OpenSSL ASN1 Library Buffer Overflow Vulnerability in libpng 1.0.12-3.woody.2 and libpng3 1.2.1-1.1.woody.2 Apache 2.0 Directory Traversal Vulnerability Symlink Attack Vulnerability in ScrollKeeper 0.3 to 0.3.11 Buffer Overflow Vulnerability in Symantec Norton Personal Internet Firewall and Norton Internet Security Arbitrary Users Granted Manager Level Access to ZMerge Administration Database Authentication Bypass Vulnerability in Macromedia JRun Administration Server IPSEC Implementations Denial of Service Vulnerability Default Null Administrator Password Vulnerability in Pingtel Xpressa SIP-based Voice-over-IP Phone Call Forwarding Hijacking Vulnerability in Pingtel xpressa SIP-based Voice-over-IP Phone Denial of Service Vulnerability in Pingtel xpressa SIP-based Voice-over-IP Phone Base64 Encoded Credentials Vulnerability in Pingtel xpressa SIP-based Voice-over-IP Phone Vulnerability: Remote Installation of Trojan Horse Applications via DNS Spoofing in Pingtel Xpressa SIP-based Voice-over-IP Phone Physical Access Vulnerability: Unauthorized Factory Reset on Pingtel Xpressa SIP-based VoIP Phone Physical Access Vulnerability in Pingtel xpressa SIP-based Voice-over-IP Phone Allows Unauthorized Remote Access Pingtel Xpressa SIP-based Voice-over-IP Phone Inactive Administrator Session Vulnerability Unauthorized Firmware Upgrade Vulnerability in Pingtel Xpressa SIP-based Voice-over-IP Phone Unauthenticated Software Update Download Vulnerability in MacOS 10.1.x Arbitrary Memory Overwrite Vulnerability in CDE ToolTalk Database Server Local Privilege Escalation via Symlink Attack on CDE ToolTalk Database Server Remote Code Execution Vulnerability in CDE ToolTalk RPC Database Server GoAhead Web Server 2.1 Directory Traversal Vulnerability Cross-Site Scripting (XSS) Vulnerability in GoAhead Web Server 2.1 Apache Tomcat 4.0.3 Cross-Site Scripting Vulnerability Carello 1.3 Directory Traversal Vulnerability Remote Code Execution via Buffer Overflow in DNS Resolver Functions Heap-based Buffer Overflow in PGP Outlook Encryption Plug-In Allows Remote Privilege Escalation Remote Code Execution Vulnerability in iPlanet Web Server and Sun ONE Web Server Zope 2.0-2.5.1 b1 Vulnerability: Untrusted Users Can Shut Down Server via Certain Headers ZCatalog Plug-in Index Access Bypass Vulnerability Remote Code Execution via Format String Vulnerability in McAfee Security ePolicy Orchestrator (ePO) 2.5.1 Cross-Site Scripting in Local HTML Resource in Microsoft Internet Explorer 5.01 and 5.5 (CVE-2002-0189) Buffer Overflow Vulnerability in Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 Buffer Overflow Vulnerability in HTML Help ActiveX Control (hhctrl.ocx) Code Execution via Compiled HTML Help File Remote Code Execution Vulnerability in Microsoft Data Access Components (MDAC) OpenRowSet Component Unregistered File Association Vulnerability in Microsoft Visual FoxPro 6.0 Bypassing Authentication and Data Modification Vulnerability in Microsoft Metadirectory Services (MMS) 2.2 Buffer Overflow in Internet Mail Connector (IMC) for Microsoft Exchange Server 5.5 via EHLO Request Certificate Enrollment ActiveX Control Vulnerability Buffer Overflow Vulnerability in Microsoft Content Management Server (MCMS) 2001 User Authentication Function Privilege Escalation via ktrace in BSD-based Operating Systems Remote Code Execution via Format String Vulnerabilities in ISC DHCP Daemon (DHCPD) 3 to 3.0.1rc8 with NSUPDATE Option Vulnerability: Incorrect MD5 Checksums for UTF-8 Data in Perl MD5 Module NAT IP Address Leakage in Netfilter (iptables) 1.2.6a and Earlier Insecure Storage of User Credentials in SurfControl SuperScout WebFilter Weak Encryption and Hard-coded Key Vulnerability in UserManager.js of SurfControl SuperScout WebFilter Denial of Service Vulnerability in SurfControl SuperScout WebFilter Web Reports Server Web Reports Server Directory Traversal Vulnerability SQL Injection Vulnerability in SurfControl SuperScout WebFilter Web Reports Server Arbitrary File Read Vulnerability in sendform.cgi 1.44 and Earlier Cluster Interconnect Denial of Service Vulnerability Insufficient Password Change Authorization in Entrust Authority Security Manager (EASM) 6.0 Buffer Overflow Vulnerabilities in Squid Proxy Server FTP Proxy IP Address Comparison Vulnerability Proxy Authentication Credential Leakage Vulnerability in Squid Crontab Format String Vulnerability in SCO OpenServer 5.0.5 and 5.0.6 Denial of Service and Arbitrary Code Execution Vulnerability in PHP 4.2.0 and 4.2.1 Program Execution via MCMS Authoring Function Remote Code Execution via SQL Injection in Microsoft Content Management Server (MCMS) 2001 Privilege Escalation Vulnerability in Windows 2000 Network Connection Manager (NCM) Weak Permissions for Extended Stored Procedures in Microsoft SQL Server 7.0 and 2000 File Origin Spoofing Vulnerability in Microsoft Internet Explorer 5.01, 5.5, and 6.0 Cross Domain Verification in Object Tag Vulnerability Unchecked Buffer in SMB Protocol Allows Denial of Service Attack File Usage Activity Hiding Vulnerability in NTFS File System Buffer Overflow in Microsoft Terminal Services Advanced Client (TSAC) ActiveX Control Arbitrary Command Execution Vulnerability in Microsoft Office Web Components (OWC) 2000 and 2002 Buffer Overflow Vulnerability in libpng Progressive Reader Denial of Service Vulnerability in Microsoft SQL Server 2000 Cross-Site Scripting Vulnerability in Philip Chinery's Guestbook 1.1 Cross-Site Scripting Vulnerability in vqServer's Demonstration Scripts Cross-Site Scripting Vulnerability in MyGuestbook 1.0 Cross-Site Scripting (XSS) Vulnerability in thttpd 2.20 and Earlier Arbitrary PHP Code Execution in b2edit.showposts.php C-Note Squid LDAP Authentication Module Format String Vulnerability Authentication Bypass Vulnerability in Microsoft BackOffice 4.0 and 4.5 Sambar Web Server Source Code Disclosure and Denial of Service Vulnerability Remote Code Execution in MHonArc 2.5.2 and Earlier Cross-Site Scripting (XSS) Vulnerability in PostCalendar 3.02 Buffer Overflow Vulnerability in SLRNPULL for SLRN Package Denial of Service Vulnerability in psyBNC 2.3 Pioout Buffer Overflow Vulnerability on AIX 4.3.3 Buffer Overflow Vulnerability in mail and mailx in AIX 4.3.3 Buffer Overflow Vulnerability in AIX 4.3.3 Leading to Core Dump in namerslv AIX 4.3.3 uucp Buffer Overflow Vulnerability Insecure Linker Argument Vulnerability in AIX 4.3.3's template.dhcpo Buffer Overflow Vulnerability in lsmcode in AIX 4.3.3 Denial of Service Vulnerability in LabVIEW Web Server 5.1.1 through 6.1 Arbitrary Command Execution in CGIscript.net csMailto.cgi Arbitrary File Read Vulnerability in CGIscript.net csMailto.cgi Program Remote Code Execution Vulnerability in CGIscript.net csMailto.cgi Program Sensitive Information Disclosure in CGIscript.net csMailto.cgi Program Buffer Overflow Vulnerability in Talentsoft Web+ 5.0: Remote Code Execution via Long Cookie Privilege Escalation Vulnerability in Kerberos 5 su (k5su) in FreeBSD 4.4 and Earlier Kerberos 5 su (k5su) in FreeBSD 4.5 and earlier allows unauthorized users to execute commands as root Cross-Site Scripting Vulnerability in Webmin and Usermin Authentication Page Authentication Bypass Vulnerability in Webmin and Usermin Arbitrary Command Execution via Spoofed DHCP Responses in SuSE 8.0's ifup-dhcp Script File Overwrite Vulnerability in bzip2 Insecure File Permissions during Decompression in bzip2 Insecure Permissions in bzip2 Archiving Filesize Limit Vulnerability in Shadow Package Remote Access Bypass Vulnerability in HP VirtualVault 4.5 Administration Server Arbitrary Command Execution in Phorum 3.3.2a via Modified PHORUM[settings_dir] Variable Authentication Bypass Vulnerability in OpenSSH 3.2.2 Denial of Service and Privilege Escalation via File Descriptor Table Exhaustion in OpenBSD 2.9-3.1 FIFO File Descriptor Vulnerability in simpleinit on Linux Systems Buffer Overflow Vulnerability in lukemftp FTP Client Remote Authentication Bypass Vulnerability in Cisco ATA 186 Analog Telephone Adaptor Quake 2 Server 3.20 and 3.21 Macro Expansion Vulnerability Cross-Site Scripting Vulnerability in ViewCVS 0.9.2 via viewcvs.cgi Directory Traversal Vulnerability in dsnmanager.asp for Hosting Controller Allows Remote File Read Arbitrary File and Directory Manipulation Vulnerability in imp_rootdir.asp Default User Account with Default Password Vulnerability in Hosting Controller Arbitrary Directory Viewing Vulnerability in Hosting Controller's browse.asp Arbitrary User Password Change Vulnerability in Hosting Controller 2002 Remote Code Execution Vulnerability in Ipswitch IMail 7.1 and Earlier via LDAP Buffer Overflow Proxy Misconfiguration Allows Remote Attackers to Hide Source IP Denial of Service Vulnerability in Novell BorderManager 3.6 SP 1a FTP Proxy Server Denial of Service Vulnerability in Novell BorderManager 3.6 SP 1a IP/IPX Gateway Denial of Service Vulnerability in Novell BorderManager 3.6 SP 1a RTSP Proxy Denial of Service Vulnerability in Novell BorderManager 3.5 with PAT Enabled Arbitrary JavaScript Execution Vulnerability in Opera 6.01, 6.0, and 5.12 Lysias Lidik Web Server 0.7b Directory Traversal Vulnerability AIM Denial of Service Vulnerability via AddBuddy ScreenName Parameter Arbitrary File Read Vulnerability in iCon Administrative Web Server for Critical Path inJoin Directory Server 4.0 Cross-Site Scripting Vulnerabilities in iCon Administrative Web Server for Critical Path inJoin Directory Server 4.0 PGP 7.0.3 Vulnerability: Cleartext Temporary Files Exposure on Windows EFS Remote Code Execution Vulnerability in mnoGoSearch 3.1.19 and Earlier via Buffer Overflow in search.cgi Vulnerability: Exposed Encrypted Password in cspoc.log File in AIX Denial of Service (CPU Consumption) in Novell Netware FTP Server NWFTPD before 5.02r Denial of Service Vulnerability in Cisco Content Service Switch (CSS) 11000 Web Management Interface Local File Overwrite Vulnerabilities in QNX RTOS 4.25 Denial of Service Vulnerability in FreeBSD 4 through 4.5's accept_filter Mechanism Vulnerability: Local File Deletion via Symlink Attack on X Windows Lock Files in FreeBSD 4 through 4.5 Remote Code Execution via Format String Vulnerability in Solaris SNMPDX Logging Component Remote Code Execution Vulnerability in Solaris MIB Parsing Component Local Privilege Escalation Vulnerability in swinstall for HP-UX 11.00 and 11.11 Buffer Overflow in YoungZSoft CMailServer 3.30: Remote Code Execution via Long USER Argument Directory Listing Vulnerability in BadBlue 1.7.0 Buffer Overflow Vulnerability in Macromedia JRun 3.1 ISAPI DLL Filter SQL Injection Vulnerability in PostgreSQL 6.5.x with SQL_ASCII Encoding Unrestricted Access to Restricted Products and Components in Bugzilla Reverse DNS Spoofing Vulnerability in Bugzilla World-writable permissions vulnerability in Bugzilla 2.14 and 2.16 User Deletion Vulnerability in Bugzilla 2.14 and 2.16 Cross-site scripting vulnerability in Bugzilla allows remote execution of scripts via the full name field Insecure Groupset Permissions Vulnerability in Bugzilla URL-encoded field names in Bugzilla can remove group permissions on bugs Information Leakage in Bugzilla's syncshadowdb Command SQL Injection Vulnerability in Bugzilla 2.14 and 2.16 Default SNMP Read/Write Community String Vulnerability in Compaq WL310 and Orinoco Residential Gateway Cisco IOS TFTP Server Heap-Based Buffer Overflow Vulnerability Buffer Overflow in VMware Authorization Service for VMware GSX Server 2.0.0 Build-2050 Cross-Origin Frame Injection Vulnerability Buffer Overflow Vulnerability in su in Tru64 Unix 5.x Super Linux Format String Vulnerability Denial of Service and Arbitrary Code Execution in WWWOFFLE via Negative Content-Length Value Artsd Format String Vulnerability File Descriptor Reuse Vulnerability in FreeBSD Kernel 4.6 and Earlier Buffer Overflow Vulnerabilities in Ethereal 0.9.4 and Earlier: Remote Code Execution and Denial of Service Remote Code Execution and Denial of Service Vulnerability in Ethereal 0.9.4 and Earlier Buffer Overflow Vulnerability in Winhlp32.exe Allows Remote Code Execution via HHCtrl.ocx Local Privilege Escalation via Symlink Attack on BSD pppd TTY Device Buffer Overflow in DNS SRV Code in nss_ldap: Remote DoS and Code Execution Vulnerability Buffer Overflow in WS_FTP FTP Server 3.1.1 via Long SITE CPWD Command Local Privilege Escalation Vulnerability in pppd on UnixWare 7.1.1 and Open UNIX 8.0.0 via ppptalk or ppp Integer Overflow Vulnerability in FreeBSD's Berkeley Fast File System (FFS) Denial of Service Vulnerability in Network File System (NFS) Denial of Service Vulnerability in FreeBSD kqueue Mechanism Cookie Privacy Bypass Vulnerability in Internet Explorer 5, 5.6, and 6 Buffer Overflow Vulnerability in Eudora 5.1.1 and 5.0-J for Windows Buffer Overflow Vulnerability in Ethereal's ISIS Dissector PXE Server Denial of Service Vulnerability via VOIP Phone DHCP Packets Insecure System Function Call in dvips Converter Allows Remote Command Execution Remote Code Execution and Cross-Site Scripting Vulnerabilities in wordtrans 1.1pre8 and Earlier Arbitrary Code Execution via Buffer Overflow in PDF and PostScript Processing Apache HTTP Daemon Vulnerability: Privilege Escalation via Shared Memory Scoreboard Apache 2.0 and 1.3.x Cross-Site Scripting (XSS) Vulnerability Format String Vulnerability in mod_dav Logging for Bad Gateway Messages Buffer Overflow Vulnerability in ApacheBench Benchmark Support Program (ab.c) Allows for Denial of Service and Arbitrary Code Execution CVSD Before 1.11.2 Local Code Execution Vulnerability Remote Code Execution Vulnerability in Sun ONE / iPlanet Web Server 4.1 and 6.0 via Chunked Transfer Encoding Arbitrary Code Execution Vulnerability in Macromedia Shockwave Flash Decoder Double-Free Vulnerability in tinyproxy HTTP Proxy 1.5.0, 1.4.3, and Earlier Cleartext Password Vulnerability in Cisco VPN 5000 Series Concentrator World-readable permissions on iscsi.conf file in Linux-iSCSI implementation can lead to privilege escalation PGP Corporate Desktop 7.1.1 Buffer Overflow Vulnerability ISDN4Linux (i4l) Package Format String Vulnerability in ISDN Point to Point Protocol (PPP) Daemon Buffer Overflow Vulnerabilities in Cisco VPN Client 3.5.4 and Earlier Denial of Service Vulnerability in Cisco VPN Client 3.5.4 and Earlier Buffer Overflow Vulnerability in ISDN Point to Point Protocol (PPP) Daemon (ipppd) in SuSE Operating Systems Cross-Site Scripting Vulnerability in Mailman 2.0.12 and Earlier Denial of Service Vulnerability in Oracle Net Listener for Oracle9i 9.0.x and 9.2 Format String Vulnerability in Oracle Listener Control Utility (lsnrctl) Default dbsnmp Password Vulnerability in Oracle 9i and 8i Remote Code Execution Vulnerability in Microsoft SQL Server 2000's OpenDataSource Function Arbitrary File Reading Vulnerability in Microsoft Office Web Components (OWC) Bypassing Allow paste operations via script setting in Microsoft Office Web Components (OWC) 2000 and 2002 Vulnerability: Inadequate Basic Constraints Verification in CryptoAPI Weak Encryption in RDP Protocol: Exposing Encrypted Sessions via Sniffing Denial of Service Vulnerability in Remote Desktop Protocol (RDP) Version 5.1 Inappropriate Methods Exposed in XML Support Classes DLL Execution via JDBC Classes Handle Validation Flaw in Microsoft Virtual Machine (VM) Allows Denial of Service in Internet Explorer Out of Process Privilege Elevation Vulnerability in Microsoft IIS Hosting Process (dllhost.exe) Incomplete Patch for Cisco Content Service Switch 11000 Series Authentication Bypass Vulnerability (CVE-2001-0622) Allows Remote Privilege Escalation File Descriptor Leak in xinetd 2.3.4 Allows Denial of Service via Signal Pipe Uninitialized Random Number Generator in l2tpd 0.67 Allows Session Hijacking Remote Code Execution Vulnerability in l2tpd 0.67 via Vendor Field Overflow Arbitrary File Read Vulnerability in Interchange 4.8.6 and Earlier Versions File Access Vulnerability in FAM 2.6.8 and 2.6.6 Allows Unprivileged Users to Obtain Restricted File Names Denial of Service Vulnerability in Shambala 4.5 Web Server FTP Server Directory Traversal Vulnerability in Shambala 4.5 SQL Injection Vulnerability in LogiSense Software Login Form Arbitrary File Read Vulnerability in Gafware CFXImage 1.6.6 Denial of Service Vulnerability in Cisco IP Phone (VoIP) Models 7910, 7940, and 7960 Default Administrative Password Vulnerability in Cisco IP Phone Models 7910, 7940, and 7960 Denial of Service and Memory Disclosure Vulnerability in Cisco IP Phone (VoIP) Models 7910, 7940, and 7960 Unauthorized Activities Vulnerability in Compaq ProLiant BL e-Class Integrated Administrator 1.0 and 1.10 Multiple Format String Vulnerabilities in in.rarpd (ARP Server) on Solaris, Caldera UnixWare, and Open UNIX Buffer Overflow Vulnerabilities in in.rarpd (ARP Server) on Solaris and Other Operating Systems Denial of Service Vulnerability in Cisco DSL CPE Devices Running CBOS 2.4.4 and Earlier Local Privilege Escalation via Symlink Attack in scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 3Com OfficeConnect Remote 812 ADSL Router Port Access Bypass Vulnerability Buffer Overflow Vulnerability in Qpopper (popper) 4.0.4 and Earlier Denial of Service Vulnerability in NetScreen ScreenOS WebUI Path Disclosure Vulnerability in NewAtlanta ServletExec ISAPI 4.1 NewAtlanta ServletExec ISAPI 4.1 Directory Traversal Vulnerability Denial of Service Vulnerability in NewAtlanta ServletExec ISAPI 4.1 Buffer Overflow Vulnerability in MatuFtpServer 1.1.3.0 (1.1.3) via Long PASS Command Throttle Capability in Swatch Allows Attackers to Evade Detection Bypassing Access Restrictions in LocalWEB2000 2.1.0 Web Server via /./ Directory Arbitrary File Upload Vulnerability in Opera 6.0.1 and 6.0.2 Directory Traversal Vulnerability in Falcon Web Server Buffer Overflow in pks PGP Public Key Web Server Allows Remote Code Execution Buffer Overflow Vulnerabilities in AMANDA 2.3.0.4 Cross-site scripting vulnerability in phpBB 2.0.0 (phpBB2) allows remote code execution through manipulated [IMG] tags User Account Hijacking Vulnerability in WoltLab Burning Board (wbboard) 1.1.1 Arbitrary Command Execution Vulnerability in Kismet 2.2.1 and Earlier Buffer Overflow in sqlexec for Informix SE-7.25: Local Privilege Escalation via INFORMIXDIR Environment Variable Buffer Overflow in Sendmail 8.12.5 and Earlier: Remote Code Execution via Malicious DNS Server Remote Code Execution Vulnerability in SHOUTcast 1.8.9 and Earlier Versions Cisco IDS Device Manager Directory Traversal Vulnerability Multiple Buffer Overflow Vulnerabilities in mnews 1.22 and Earlier Remote Code Execution Vulnerability in netstd 3.07-17 Package via Long FQDN Reply Cleartext Storage of Directory Administrator Password in Caldera Volution Manager 1.1 Buffer Overflow Vulnerability in in.uucpd UUCP Server Format String Vulnerability in Slurp NNTP Client 1.1.0: Remote Code Execution via Malicious Server Response Denial of Service Vulnerability in Double Precision Courier E-mail MTA Local File Disclosure Vulnerability in Xandros Linux Distributions via Autorun's -c Parameter Format String Vulnerability in Stellar-X msntauth Authentication Module in Squid 2.4.STABLE6 and Earlier Insecure Storage of .htpasswd Files in CGIScript.net csPassword.cgi Information Leakage in CGIScript.net csPassword.cgi Remote Privilege Escalation via Newlines in csPassword.cgi Title Field Insecure Storage of User Credentials in CGIScript.net csPassword.cgi Information Disclosure Vulnerability in CGIScript.net csNews.cgi Remote File Disclosure and Unauthorized Administrative Actions in CGIScript.net csNews.cgi Arbitrary File Read and Privilege Escalation in CGIScript.net csNews.cgi Arbitrary Perl Code Execution in CGIScript.net csNews.cgi Format String Vulnerability in mmsyslog Function Allows Remote Code Execution Arbitrary File Read Vulnerability in Wolfram Research webMathematica 1.0.0 and 1.0.0.1 Buffer Overflow Vulnerability in Pirch 98 IRC Client Buffer Overflow Vulnerability in NetWare 6.0 SP1 DHCP Server Allows Remote Denial of Service Format String Vulnerability in Novell Netware 6.0 SP1 FTP Server (NWFTPD) Allows Remote Denial of Service Cross-Site Scripting Vulnerabilities in MyHelpDesk 20020509 and Other Versions SQL Injection Vulnerability in MyHelpDesk 20020509: Unauthorized Activities via id Parameter Plaintext Storage of Usernames and Passwords in Datalex PLC BookIt! Consumer Cookie Directory Traversal Vulnerability in Jon Hedley AlienForm2 Denial of Service Vulnerability in Apache Tomcat 4.0.3 and Earlier Versions Denial of Service Vulnerability in Tomcat JSP Engine via WPrinterJob().pageSetup() JRun JSP Engine Denial of Service Vulnerability Cross-Site Scripting Vulnerability in CiscoSecure ACS 3.0 Inadequate Key Protection in nCipher MSCAPI CSP 5.50 Install Wizard Inadequate Protection of Operator Card Set Keys in nCipher MSCAPI CSP 5.50 and 5.54 Passphrase Leakage Vulnerability in ConsoleCallBack Class for nCipher Buffer Overflow Vulnerabilities in Lugiment Log Explorer 3.02: Arbitrary Code Execution via Extended Stored Procedures Insecure Storage of Sensitive Data in MetaCart2.sql Cross-Site Scripting Vulnerability in DeepMetrix LiveStats 5.03 through 6.2.1 Buffer Overflow Vulnerability in SeaNox Devwex: Remote Code Execution and Denial of Service SeaNox Devwex Directory Traversal Vulnerability Buffer Overflow in rwcgi60 CGI Program for Oracle Reports Server 6.0.8.18.0 and Earlier Remote Code Execution in Scripts For Educators MakeBook 2.2 CGI Program Remote Privilege Escalation and Information Disclosure in Telindus 1100 Series ADSL Router Arbitrary Code Execution via E-mail Header in TransWARE Active! mail 1.422 and 2.0 SQL Injection Vulnerability in Ruslan <Body>Builder: Remote Administrative Privilege Escalation Denial of Service Vulnerability in Cisco ONS15454 Optical Transport Platform Arbitrary PHP Code Execution via LangCookie Parameter in globals.php Weak Encryption Algorithms in Cisco PIX Firewall Enable and Passwd Commands Arbitrary Script Execution Vulnerability in YaBB.cgi for Yet Another Bulletin Board (YaBB) 1 Gold SP1 and Earlier Vulnerability: BlackICE Agent 3.1.eal Standby Reactivation Bypass Denial of Service Vulnerability in BlackICE Agent 3.1.eal and 3.1.ebh Cross-Site Scripting (XSS) Vulnerability in browse.php for PHP(Reactor) 1.2.7 Cross-Site Scripting Vulnerability in Splatt Forum 3.0 Arbitrary Script Execution in Voxel Dot Net CBMS 0.7 and Earlier Remote Code Execution and User Impersonation Vulnerability in Voxel Dot Net CBMS 0.7 and Earlier GeekLog 1.3.5 and Earlier: Cross-Site Scripting Vulnerabilities in Link Field, Topic Parameter, and Title Parameter SQL Injection Vulnerability in GeekLog 1.3.5 and Earlier: Exploiting comment.php to Obtain Sensitive User Information Denial of Service Vulnerability in Half-Life Server 1.1.1.0 and Earlier Buffer Overflow Vulnerability in Oracle TNS Listener Buffer Overflow Vulnerability in 4D Web Server 6.7.3: Remote Code Execution and Denial of Service Buffer Overflow Vulnerability in eDonkey 2000 35.16.60 and Earlier via Long ed2k: URL Buffer Overflow Vulnerability in AnalogX SimpleServer:WWW 1.16 and Earlier Buffer Overflow Vulnerability in MySQL Daemon (mysqld) on Win32 Platform via Long datadir Parameter in my.ini Initialization File SSL Certificate Spoofing Vulnerability in Konqueror Local Privilege Escalation Vulnerability in VNC, TightVNC, and TridiaVNC Buffer Overflow Vulnerabilities in PostgreSQL 7.2: Denial of Service and Arbitrary Code Execution via lpad and rpad Functions Integer Signedness Error in System Calls and ioctl for FreeBSD 4.6.1 RELEASE-p10 and Earlier Arbitrary File Deletion Vulnerability in Windows XP Help and Support Center Arbitrary Code Execution Vulnerability in Microsoft DirectX Files Viewer ActiveX Control Arbitrary File Reading Vulnerability in Internet Explorer 4.0 and Later Buffer Overflow in Microsoft File Transfer Manager (FTM) ActiveX Control Allows Remote Code Execution Arbitrary File Upload/Download Vulnerability in Microsoft File Transfer Manager (FTM) ActiveX Control Arbitrary Code Execution Vulnerability in Java Logging Feature of Internet Explorer Arbitrary Code Execution via Web Folder Component in Internet Explorer 5.5 and 6.0 Buffer Overflow Vulnerability in ndcfg Command for UnixWare 7.1.1 and Open UNIX 8.0.0 Arbitrary Code Execution Vulnerability in Microsoft SQL Server 2000 SP2 Buffer overflow vulnerability in irssi-text IRC client before 0.8.4 allows remote attackers to crash the client via a long topic in an IRC channel. Remote Code Execution Vulnerability in Light IRC Script Argument Injection Vulnerability in PHP 4.x to 4.2.2 Mail Function PHP Mail Function Vulnerability: Remote Code Injection and Spam Proxy Exploitation Privilege Escalation Vulnerability in X Server (Xsco) of OpenUNIX 8.0.0 and UnixWare 7.1.1 Buffer Overflow Vulnerability in X Server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 Arbitrary Script Execution via URL Handler in Gaim Browser Denial of Service Vulnerability in Symantec Enterprise Firewall and Raptor Firewall Buffer Overflow Vulnerabilities in HP CIFS/9000 Client A.01.06 and Earlier Denial of Service Vulnerability in IPV6 Functionality for DCE Daemons on HP-UX 11.11 Authenticated User File Access Vulnerability in HP Instant Support Enterprise Edition (ISEE) U2512A for HP-UX 11.00 and 11.11 Weak Authentication Scheme in SunPCi II VNC Allows Remote Password Sniffing Remote Privilege Escalation in PHPAuction's login.php Multiple Buffer Overflows in Novell NetMail (NIMS) 3.0.3: Remote Code Execution and Denial of Service Vulnerabilities Buffer Overflow Vulnerability in Novell NetMail (NIMS) 3.0.3: Remote Denial of Service CARE 2002 Directory Traversal Vulnerability in cafenews.php SQL Injection Vulnerabilities in CARE 2002 Before Beta 1.0.02: Unauthorized Database Operations Buffer Overflow Vulnerability in AnalogX SimpleServer:Shout 1.0 Buffer Overflow Vulnerabilities in AnalogX Proxy Buffer Overflow Vulnerability in Novell iManager (eMFrame 1.2.1) Allows Remote Denial of Service Remote Code Execution Vulnerability in MyWebServer 1.02 and Earlier ArGoSoft Mail Server Plus or Pro 1.8.1.5 and Earlier Directory Traversal Vulnerability ArGoSoft Mail Server Denial of Service Vulnerability Arbitrary Web Script Execution Vulnerability in BBC Education Text to Speech Internet Enhancer (Betsie) 1.5.11 and Earlier Cross-Site Scripting Vulnerabilities in Blackboard 5 Cross-Site Scripting Vulnerability in PowerBASIC urlcount.cgi Cross-Site Scripting Vulnerability in PowerBASIC pbcgi.cgi Remote File Access Vulnerability in Lotus Domino R4 Buffer Overflow Vulnerability in Tivoli Management Framework (TMF) Endpoint Web Server Buffer Overflow Vulnerability in Tivoli Management Framework (TMF) ManagedNode Web Server Buffer Overflow Vulnerability in Inktomi Traffic Manager Remote Code Execution Vulnerability in RealJukebox and RealOne Player Arbitrary Script Execution via RealJukebox and RealOne Player Adobe eBook Reader Vulnerability: Bypassing Copy, Print, Lend, and Give Restrictions Adobe eBook Reader 2.1 and 2.2 Backup Feature Vulnerability Denial of Service Vulnerability in Adobe Content Server 3.0 Library Feature Arbitrary Loan Length Vulnerability in Adobe Content Server 3.0 Library Feature Remote Exploit: Bypassing eBook Loan Limit in Adobe Content Server 3.0 Remote File Disclosure Vulnerability in BadBlue Server Plaintext Password Storage Vulnerability in BadBlue Server BadBlue Server Denial of Service Vulnerability Cisco IOS SSH CRC32 Attack Detection Overflow Vulnerability JRun 3.0-4.0 Remote Code Disclosure Vulnerability Denial of Service Vulnerability in Macromedia Sitespring 1.2.0 (277.1) Cross-Site Scripting Vulnerability in Macromedia Sitespring 1.2.0 (277.1) 500error.jsp Buffer Overflow Vulnerabilities in Oddsock Song Requester WinAmp Plugin 2.1 Denial of Service Vulnerability in Res Manager in Worldspan for Windows Gateway 4.1 Race condition vulnerability in Performance Pack in BEA WebLogic Server and Express 5.1.x, 6.0.x, 6.1.x, and 7.0: Remote Denial of Service (DoS) via Data and Connection Flood Directory Listing and File Disclosure Vulnerability in KeyFocus (KF) Web Server 1.0.2 Buffer Overflow Vulnerability in KeyFocus (KF) Web Server 1.0.5 and Earlier Arbitrary File Read Vulnerability in SunPS iRunbook 2.5.2 Arbitrary File Read Vulnerability in SunPS iRunbook 2.5.2 Denial of Service Vulnerability in Omnicron OmniHTTPd 2.09 Cross-Site Scripting Vulnerability in FDSE Search.pl Arbitrary HTML Injection Vulnerability in Double Choco Latte (DCL) Arbitrary File Operations Vulnerability in Double Choco Latte (DCL) Arbitrary File Read Vulnerability in Double Choco Latte (DCL) AIX 4.x WebSecure (DFSWeb) Configuration Utilities Vulnerability DCE Vulnerability: Potential Exploitation of Relative Pathnames in SMIT Panels and Configuration Commands Directory Traversal Vulnerability in iPlanet Web Server and Netscape Enterprise Server on Windows Platforms Denial of Service Vulnerability in Ultrafunk Popcorn 1.20 Buffer Overflow Vulnerability in Ultrafunk Popcorn 1.20 via Long Subject Field Denial of Service Vulnerability in Ultrafunk Popcorn 1.20 Denial of Service Vulnerability in Watchguard Firebox Firmware 5.x.x Privilege Escalation via Incorrect User Name in Watchguard Soho Firewall 5.0.35a FTP Service HP JetDirect Printers SNMP Password Disclosure Vulnerability HylaFAX faxgetty Format String Denial of Service Vulnerability Buffer Overflow Vulnerability in HylaFAX Faxgetty Allows Remote Code Execution TrACESroute 6.0 GOLD Format String Vulnerability Remote Code Execution and Information Disclosure Vulnerability in Jigsaw 2.2.1 on Windows Systems Arbitrary Script Execution via Nonexistent Host Reference in W3C Jigsaw Proxy Server Directory Traversal Vulnerability in Pablo FTP Server 1.0 Build 9 and Earlier Buffer Overflow Vulnerability in Brother NC-3100h Printer Administrative Web Server Arbitrary Script Execution Vulnerability in Microsoft Outlook 2000 and 2002 Buffer Overflow in SmartMax MailMax POP3 Daemon (popmax) 4.8: Remote Code Execution via Long USER Command Directory Traversal Vulnerability in Cobalt Qube 3.0's splashAdmin.php Allows Privilege Escalation Buffer Overflow in Van Dyke SecureCRT SSH Client Arbitrary Web Script Injection Vulnerability in Blue Coat Systems CacheOS Multiple Buffer Overflows in Thomas Hauck Jana Server 2.x and 1.4.6: Remote Code Execution and Denial of Service Vulnerabilities Arbitrary Code Execution Vulnerability in Thomas Hauck Jana Server Denial of Service Vulnerability in Thomas Hauck Jana Server 2.x and 1.4.6 User Enumeration Vulnerability in Jana Server 2.x and 1.4.6 Unrestricted Login Attempts Vulnerability in Thomas Hauck Jana Server Buffer Overflow Vulnerability in Thomas Hauck Jana Server 1.4.6 and Earlier Buffer Overflow Vulnerability in IC9 Pocket Print Server Firmware 7.1.30 and 7.1.36f Denial of Service Vulnerability in D-Link DP-300 Print Server D-Link DI-804 Router Remote Authentication Bypass Vulnerability Cross-Site Scripting Vulnerability in PHPWiki Postnuke Wiki Module Denial of Service Vulnerability in ZyXEL Prestige 642R Denial of Service Vulnerability in ZyXEL Prestige Routers Buffer Overflow in MERCUR Mailserver 4.2 Control Service Allows Remote Code Execution Buffer Overflow Vulnerability in Pegasus Mail Client 4.01 and Earlier Buffer Overflow in Ipswitch IMail Web Messaging Daemon Allows Remote Code Execution Denial of Service Vulnerability in IPSwitch IMail Web Calendaring Service Directory Listing Vulnerability in Abyss Web Server 1.0.3 Abyss Web Server 1.0.3 Directory Traversal Vulnerability Remote Privilege Escalation and Server Configuration Modification Vulnerability in Abyss Web Server 1.0.3 Unauthenticated File Read Vulnerability in Abyss Web Server 1.0.3 Remote File Inclusion Vulnerability in ezContents 1.40 and earlier Directory Traversal Vulnerabilities in ezContents 1.41 and Earlier Improper Program Execution in VerifyLogin Function Allows Unauthorized Access in ezContents 1.41 and Earlier Cross-Site Scripting Vulnerabilities in ezContents 1.41 and Earlier Critical SQL Injection Vulnerabilities in ezContents 1.41 and Earlier: Enabling Unauthorized Remote Activities Unauthenticated Remote File Manipulation in ezContents 1.41 and Earlier Remote Code Execution Vulnerability in Novell GroupWise 6.0.1 Support Pack 1 Sensitive Information Disclosure in rwcgi60 CGI Program in Oracle Reports Server Buffer Overflow in read_smtp_response of libesmtp: Remote Code Execution and Denial of Service Vulnerability Heap Memory Corruption and Arbitrary Code Execution Vulnerability in Netscape 6.2.3 and Mozilla 1.0.1 Authentication Bypass Vulnerability in Cisco VPN 3000 Concentrator Denial of Service Vulnerability in Cisco VPN 3000 Concentrator 2.x.x and 3.x.x Information Leakage in Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.5.4 Denial of Service Vulnerability in Cisco VPN 3000 Concentrator Plaintext Password Exposure in Cisco VPN 3000 Concentrator Plaintext Storage of Certificate Passwords in Cisco VPN 3000 Concentrator Arbitrary Traffic Bypass Vulnerability in Cisco VPN 3000 Concentrator Unauthenticated Access to Sensitive Information in Cisco VPN 3000 Concentrator Denial of Service Vulnerability in Cisco VPN 3000 Concentrator Denial of Service Vulnerability in Cisco VPN 3000 Concentrator Denial of Service Vulnerability in Cisco VPN 3000 Concentrator Denial of Service Vulnerability in Cisco VPN 3000 Concentrator Denial of Service Vulnerability in Cisco VPN Client Software Local Privilege Escalation Vulnerability in Cisco VPN Client Software Certificate DN Field Mismatch Vulnerability in Cisco VPN Client Software Insufficient Random Number Generation in Cisco VPN Client Software Cisco VPN Client Software Vulnerability: Forced TCP Packet Acknowledgement Denial of Service Vulnerability in securetar SQL Injection Vulnerabilities in Mantis 0.17.2 and Earlier Unrestricted Bug Summary Viewing Vulnerability in Mantis 0.17.3 and Earlier Unauthenticated Bug Listing in Mantis before 0.17.4 Arbitrary PHP Code Execution in Mantis 0.17.3 and Earlier via g_jpgraph_path Parameter Arbitrary Code Execution and File Read Vulnerability in Mantis before 0.17.4 Remote Code Execution Vulnerability in Mantis 0.17.4a and Earlier Exposure of Private Bug Summaries in Mantis 0.17.4a and Earlier Vulnerability: Anonymous Listing of SAM Database and Shares in Veritas Backup Exec 8.5 and Earlier Denial of Service Vulnerability in Oracle Net Services TNS Listener Predictable Temporary File Names Vulnerability in os._execvpe Buffer Overflow Vulnerability in Savant Web Server 3.1 and Earlier SMTP Content Filter Engines Vulnerability: Bypassing Content Filtering via Fragmented Emails Buffer Overflow Vulnerability in ISS Internet Scanner 6.2.1 License Banner HTTP Check Hello Buffer Overflow Vulnerability in Microsoft SQL Server 2000 and MSDE 2000 Buffer Overflow Vulnerabilities in Purity 1-16: Privilege Escalation and High Score Table Modification Vulnerability: Local Privilege Escalation via Open File Descriptors in FreeBSD Port Programs Referrer Leakage Vulnerability in Mozilla-Based Browsers Buffer Overflow Vulnerability in uucp in Compaq Tru64/OSF1 3.x Buffer Overflow in inc Mail Utility for Compaq Tru64/OSF1 3.x Buffer Overflow Vulnerability in dxterm Allows Arbitrary Code Execution Cross-Site Scripting Vulnerabilities in SquirrelMail 1.2.7 and Earlier Path Disclosure Vulnerability in SquirrelMail 1.2.7 and Earlier Encoded Directory Traversal Vulnerability in Dino's Web Server 2.1 Local Privilege Escalation Vulnerability in Compaq WEBES Service Tools 2.0 through WEBES 4.0 (Service Pack 5) Arbitrary PHP Code Execution in modsecurity.php 1.10 and Earlier Buffer Overflow Vulnerability in Microsoft SQL Server 7.0 and 2000 Privilege Escalation through Output File Handling in Microsoft SQL Server 7.0 and 2000 Incorrect Target Path for Zipped File Decompression Vulnerability Improper Parameter Size Check Leading to Denial of Service in Sun Microsystems RPC Library Services for Unix 3.0 Interix SD Denial of Service Vulnerability in Sun Microsystems RPC Library Services for Unix 3.0 Interix SD Remote Code Execution Vulnerability in Microsoft Data Access Components (MDAC) and Internet Explorer Remote Code Execution Vulnerability in Microsoft Word and Excel Allows Information Theft via Field Codes Privilege Escalation via xp_runwebtask Stored Procedure in Microsoft SQL Server DNS Response Buffer Overflow Vulnerability Unauthenticated Remote Denial of Service in HP Procurve 4000M Switch Firmware Source Code Disclosure Vulnerability in Tomcat DefaultServlet Insecure Installation Procedure Exposes Sensitive Information in Invision Board Remote Desktop Sharing Vulnerability: Session Hijacking via Logoff/Shutdown Sequences Cross-Site Scripting Vulnerability in Konqueror in KDE 2.2.2 and 3.0 through 3.0.3 Insecure Cookie Handling in Konqueror 3.0 through 3.0.2 Denial of Service and Remote Code Execution Vulnerability in IBM Websphere 4.0.3 Unrestricted Access to PROGRESSFREQ Command in Analog before 5.23 Buffer Overflow Vulnerability in KON kon2 0.3.9b and Earlier Apache 2.0.42 Vulnerability: Source Code Disclosure via WebDAV and CGI Cross-Site Scripting Vulnerability in mod_ssl Apache Module 2.8.9 and Earlier Buffer Overflow Vulnerability in Canna 3.5b2 and Earlier: Local Privilege Escalation Improper Request Validation in Canna 3.6 and Earlier: Denial of Service and Information Leak Vulnerability Privilege Escalation via Default Configuration of pam_xauth Module Bypassing Restrictions in Sendmail's SMRSH Vulnerability Remote Code Execution Vulnerability in John Franks WN Server 1.18.2 through 2.0.0 via Long GET Request IBM Web Traffic Express Caching Proxy Server XSS Vulnerability IBM Web Traffic Express Caching Proxy Server CRLF Injection XSS Vulnerability Denial of Service Vulnerability in IBM Web Traffic Express Caching Proxy Server NULL dereference vulnerability in handle_var_requests function in snmp_agent.c in Net-SNMP Buffer Overflow Vulnerabilities in Fetchmail 6.0.0 and Earlier Boundary Check Vulnerability in Fetchmail's getmxrecord Function Winamp 2.81 Buffer Overflow Vulnerability Buffer Overflow Vulnerabilities in Winamp 3.0 Media Library Window CGIServlet Directory Traversal Vulnerability in Jetty HTTP Server Buffer Overflow in S/MIME Parsing Capability in Microsoft Outlook Express 5.5 and 6.0 Script Source Access Vulnerability in IIS 5.0: Exploiting Typographical Error to Upload Malicious .COM Files Cross-Site Scripting (XSS) Vulnerabilities in Microsoft Internet Information Server (IIS) Administrative Web Pages WebDAV Denial of Service Vulnerability in IIS 5.0 and 5.1 Certificate Validation Flaw in Microsoft Windows 98 and Windows NT 4.0 Allows for Identity Spoofing Privilege Escalation Vulnerability in Microsoft Windows 2000 Malformed PNG Image File Failure Vulnerability in Internet Explorer 5.01 through 6.0 Encoded Characters Information Disclosure Frames Cross Site Scripting Vulnerability in Internet Explorer 5.01 through 6.0 Temporary Internet Files Folder Path Disclosure Vulnerability Default Configuration of Cisco Unity Allows Unauthorized International Calls via Call Forwarding Default User Accounts in Cisco Unity 2.x and 3.x: Remote Access and Arbitrary Call Placement Vulnerability Denial of Service Vulnerability in Sabre Desktop Reservation Software Buffer Overflow Vulnerability in Rogue Game Save File Processing Symlink Attack Vulnerability in tkmail before 4.0beta9-8.1 Buffer Overflow Vulnerability in talkd on NetBSD 1.6 and Earlier Cross-Site Scripting (XSS) Vulnerability in ht://Check 1.1 PHP Interface Arbitrary Permissions Escalation in Bugzilla 2.14.x and 2.16.x Arbitrary Code Execution in Bugzilla 2.14.x and 2.16.x SQL Injection Vulnerability in Bugzilla 2.16.x before 2.16.1 Directory Traversal and Symlink Attack Vulnerability in getdbm Procedure of ypxfrd Buffer Overflow Vulnerability in Balabit Syslog-NG Denial of Service Vulnerability in IBM AIX 4.3.3 and AIX 5 Arbitrary File Read Vulnerability in HP Tru64 UNIX Routed Denial of Service Vulnerability in IBM SecureWay Firewall Netscape Communicator 4.x User Preferences Theft Vulnerability SolarWinds TFTP Server 5.0.55 Directory Traversal Vulnerability Predictable File Location Vulnerability in Qualcomm Eudora Email Client Remote Code Execution in Prometheus 6.0 and Earlier via Modified PROMETHEUS_LIBRARY_BASE Buffer Overflow Vulnerability in RadioBird Software WebServer 4 Everyone 1.23 and 1.27 Directory Traversal Vulnerability in RadioBird Software WebServer 4 Everyone Buffer Overflow Vulnerability in Microsoft PPTP Service on Windows XP and Windows 2000 Multiple Format String Vulnerabilities in Heartbeat 0.4.9 and Earlier: Remote Code Execution via UDP Port 694 Symlink Attack Vulnerability in GNU tar 1.13.19 and Earlier Versions Cross-Frame Scripting Vulnerability in Internet Explorer 5.5 and 6.0 Remote Code Execution Vulnerability in BIND DNS Server Denial of Service Vulnerability in BIND 8.3.x through 8.3.3 Denial of Service Vulnerability in BIND 8.x through 8.3.3 Cisco Catalyst Switches Embedded HTTP Server Buffer Overflow Vulnerability Buffer Overflow Vulnerability in DSC 3.0 Parser of GSview/KGhostView KDE kpf Directory Traversal Vulnerability Multiple Buffer Overflows in Heimdal Servers Allow Remote Root Access Heimdal Vulnerability: Potential Root Access via kadmind and kdc Servers (CVE-2002-1225) Privilege Escalation via Disabled Password in PAM 0.76 NFS Denial of Service Vulnerability in Solaris Undocumented Accounts with Default Passwords in Avaya Cajun Switches P880, P882, P580, and P550R 5.2.14 and Earlier Shatter Attack: Privilege Elevation via Windows WM_TIMER Message Handling Vulnerability Denial of Service Vulnerability in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 via rcp Call on /proc Memory Leak in ypdb_open in ypserv: Remote Denial of Service Vulnerability Apache-SSL Package Symlink Attack Vulnerability Buffer overflow vulnerability in kadm_ser_in function in Kerberos administration daemon allows remote attackers to execute arbitrary code. Denial of Service Vulnerability in Linksys BEFSR41 EtherFast Cable/DSL Router Directory Traversal Vulnerability in Peter Sandvik's Simple Web Server 0.5.1 and Earlier Privilege Escalation via PATH Manipulation in QNX Neutrino RTOS 6.2.0 SQL Injection Vulnerability in PHP-Nuke Allows Database Modification and Privilege Escalation Format String Vulnerability in Pablo FTP Server 1.5 and 1.3 Privilege Escalation via Manipulated PATH Environment Variable in Maped in LuxMan 0.41 Buffer Overflow in LISa Allows Local Users to Gain Access to Raw Socket via Long LOGNAME Environment Variable Denial of Service Vulnerability in Northern Solutions Xeneo Web Server Buffer Overflow Vulnerability in Abuse 2.00 and Earlier: Local Privilege Escalation via Long -net Argument Buffer Overflow in log2mail: Remote Code Execution Vulnerability Arbitrary File Read Vulnerability in PeopleSoft Application Messaging Gateway Local Privilege Escalation via Command Line Arguments in Abuse 2.00 and Earlier Cross Domain Verification via Cached Methods Outlook 2002 E-mail Header Processing Flaw Vulnerability SMB Signing Vulnerability: Disabling Digital Signing and Injecting Data Arbitrary Code Execution via Java Applet in Microsoft Virtual Machine Remote File Reading Vulnerability in Microsoft Virtual Machine (VM) Remote Code Execution via JDBC API in Microsoft VM Incomplete Security Checks in Internet Explorer 5.5 and 6.0: Arbitrary File Reading Vulnerability Buffer Overflow in Oracle iSQL*Plus Web Application Allows Remote Code Execution Denial of Service Vulnerability in Sun RPC Functionality Local User Privilege Elevation via Disk Image File in Mac OS X 10.2.2 CUPS Printing Web Administration Remote Denial of Service Vulnerability in Mac OS X 10.2.2 User Privilege Elevation via Mounting an ISO 9600 CD Local Privilege Escalation Vulnerability in NetInfo Manager Application in Mac OS X 10.2.2 Local Privilege Escalation Vulnerability in Mac OS X 10.2.2 via map_fd() Mach System Call Arbitrary Command Execution via Mail::Mailer Perl Module Backdoor Telnet Server in Alcatel OmniSwitch 7700/7800 Switches: Remote Administrative Privilege Vulnerability Arbitrary Code Execution Vulnerability in html2ps HTML/PostScript Converter 1.0 Incomplete Fix for Cross-Site Scripting (XSS) Vulnerability in SquirrelMail 1.2.8 Buffer Overflow in Window Maker Allows Remote Code Execution Open Mail Relay Vulnerability in Linuxconf 1.24 Buffer Overflow Vulnerabilities in Masqmail Configuration File Handling RealSecure Event Collector 6.5 Memory Leak Vulnerability Arbitrary Code Execution Vulnerability in KDE's rlogin KIO Subsystem Arbitrary Code Execution Vulnerability in KDE 2.x Telnet KIO Subsystem Buffer Overflow Vulnerability in Novell iManager (eMFrame) Allows Remote Denial of Service Insecure Passphrase Handling in KGPG Wizard Allows Key Theft Local Privilege Escalation in LPRng's runlpr Command Remote Code Execution and Cookie Theft Vulnerability in Microsoft Java Implementation Stack-based Buffer Overflow in Microsoft Java Implementation in Internet Explorer Remote Directory Disclosure Vulnerability in Microsoft Java Implementation Memory Address Verification Vulnerability in Microsoft Java Implementation Clipboard Data Leakage Vulnerability in Microsoft Java Implementation Arbitrary File Read Vulnerability in Microsoft Java Implementation Bypassing StandardSecurityManager Restrictions in Microsoft Java Virtual Machine Remote Code Execution Vulnerability in Microsoft Java Implementation Remote Code Execution Vulnerability in Microsoft Java Implementation Incomplete Java Object Instantiation Vulnerability in Microsoft Internet Explorer Solaris priocntl Directory Traversal Vulnerability Buffer Overflow Vulnerabilities in LISa on KDE 2.x and KDE 3.x MHonArc 2.5.12 XSS Vulnerability via MIME Header Name Remote Code Execution via Malformed .jar File in Netscape and Mozilla Remote Code Execution Vulnerability in Macromedia ColdFusion 6.0 via Long .cfm File Name Arbitrary Code Execution Vulnerability in Macromedia JRun 4.0 and Earlier Privilege Escalation Vulnerability in Courier sqwebmail Buffer Overflow Vulnerability in Linksys Wireless Access Point and Cable/DSL Routers Denial of Service Vulnerability in nullmailer 1.00RC5 and Earlier Cross-Site Scripting (XSS) Vulnerability in iPlanet WebServer 4.x Admin Server Arbitrary Command Execution Vulnerability in iPlanet WebServer 4.x (CVE-2002-1315) Buffer Overflow in XFS Font Server Dispatch() Routine on Solaris Buffer Overflow Vulnerability in Samba 2.2.2 through 2.2.6 Denial of Service Vulnerability in Linux Kernel 2.4.20 and Earlier Denial of Service Vulnerability in Pine 4.44 and Earlier Multiple Buffer Overflows in RealOne and RealPlayer: Remote Code Execution Vulnerabilities Denial of Service Vulnerability in Rational ClearCase 4.1 and 2002.05 Vulnerability: Breakout from Safe Compartments in Safe.pm User.dir Exposure Vulnerability Unchecked Buffer in Windows Shell Could Enable System Compromise Arbitrary Web Script Execution in BizDesign ImageFolio 3.01 and Earlier Unescaped HTML Tag Cross-Site Scripting (XSS) Vulnerability in w3m 0.3.2 TightVNC Authentication Bypass Vulnerability Remote Code Execution Vulnerability in Sendmail 5.79 to 8.12.7 via Formatted Address Fields File Existence Disclosure Vulnerability in Office Web Components (OWC) Chart Component XMLURL Property Redirection Vulnerability in Office Web Components (OWC) 10 File Existence Disclosure Vulnerability in Office Web Components (OWC) 10 Cross-Site Scripting (XSS) Vulnerability in SquirrelMail 1.2.10 and Earlier Arbitrary Command Execution Vulnerability in smb2www 980804-16 and Earlier Directory Traversal Vulnerability in Wget Allows Remote File Manipulation FTP Client Directory Traversal Vulnerability on UNIX Systems Buffer Overflow Vulnerabilities in Cyrus SASL Library 2.1.9 and Earlier HTML Injection in w3m before 0.3.2.2 via IMG ALT Attribute Buffer Overflow Vulnerability in PC-cillin 2000, 2002, and 2003's pop3trap.exe BGP Decoding Routines Denial of Service Vulnerability in tcpdump 3.6.x Buffer Overflow in Melange Chat System 1.10: Remote Code Execution and Denial of Service Remote Code Execution in CartMan Shopping Cart Plain Text Password Storage in LocalWEB2000 HTTP Server 2.1.0 Directory Traversal Vulnerability in TYPSoft FTP Server 0.99.8 Denial of Service Vulnerability in Ethereal BGP Dissector Denial of Service and Arbitrary Code Execution Vulnerability in Ethereal 0.9.7 and Earlier SSH2 Length Specifier Vulnerability SSH2 Servers and Clients Vulnerability: Denial of Service and Remote Code Execution SSH2 Servers and Clients Vulnerable to Buffer Overflow Attacks Null Character Vulnerability in SSH2 Servers and Clients Arbitrary Code Execution Vulnerability in Sun Cobalt RaQ 4 with SHP Denial of Service Vulnerability in mICQ 0.4.9 and Earlier Buffer Overflow Vulnerability in libpng 1.2.5 and Earlier Buffer Overflow in get_origin Function in traceroute-nanog Allows Arbitrary Code Execution via Long WHOIS Responses Fetchmail 6.1.3 and Earlier Heap-Based Buffer Overflow Vulnerability CUPS File Race Condition Vulnerability CUPS Remote Printer Addition Vulnerability Denial of Service and Arbitrary Code Execution Vulnerability in CUPS 1.1.14-1.1.17 Buffer Overflow Vulnerability in CUPS Jobs Processing Arbitrary Code Execution via Zero-Length GIF Images in CUPS 1.1.14-1.1.17 CUPS Resource Exhaustion Vulnerability Signed Integer Vulnerability in COM_TABLE_DUMP Package in MySQL 3.23.x Brute Force Privilege Escalation in MySQL COM_CHANGE_USER Command Arbitrary Code Execution via Long Response in MySQL COM_CHANGE_USER Command MySQL Client Library Remote Code Execution Vulnerability Arbitrary Command Execution Vulnerability in Vim's Modelines Multiple Buffer Overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and Earlier Arbitrary Code Execution via .ldaprc File in OpenLDAP2 Denial of Service Vulnerability in Linux Kernel 2.2.x via mmap() and /proc/pid/mem Interface Exim Daemon Format String Vulnerability Arbitrary Code Execution Vulnerability in Macromedia Flash Player (CVE-2002-0846) Multiple Integer Overflows in CUPS 1.1.14-1.1.17: Remote Code Execution Vulnerability Arbitrary Code Execution via Integer Overflow in pdftops Arbitrary Code Execution Vulnerability in Open WebMail 1.81 and Earlier Buffer Overflow Vulnerability in traceroute-nanog Allows Arbitrary Code Execution Array Index Overflow Vulnerability in Traceroute-ng's Spray Mode MHonArc before 2.5.14 XSS Vulnerability in Web Archive Pages Buffer Overflow Vulnerability in typespeed 0.4.2 and Earlier: Local Privilege Escalation Arbitrary File Read Vulnerability in GeneWeb Daemon Buffer Overflow in cnd-program for mgetty: Remote Code Execution and Denial of Service Vulnerability World-writable Spool Directory in mgetty: Local Privilege Escalation Vulnerability Command Injection Vulnerability in KDE 2 and KDE 3.x through 3.0.5 Apache Tomcat Source Code Disclosure Vulnerability Predictable File and Directory Names Vulnerability in Internet Message (IM) 141-18 and Earlier Heap-based Buffer Overflow in PHP Wordwrap Function Cash_words() Function Vulnerability in PostgreSQL 7.2 and Earlier: Denial of Service and Arbitrary Code Execution Buffer Overflow in PostgreSQL Date Parser: Denial of Service and Arbitrary Code Execution Invalid Integer Input Vulnerability in cash_out Function in PostgreSQL 7.2.1 and Earlier Heap-based Buffer Overflow in PostgreSQL repeat() Function Buffer Overflow Vulnerabilities in PostgreSQL 7.2.3 and Earlier: Circle_poly, Path_encode, and Path_add Buffer Overflow Vulnerabilities in PostgreSQL 7.2.1 and Earlier: TZ and SET TIME ZONE Environment Variables Arbitrary Code Execution Vulnerability in dhcpcd DHCP Client Daemon 1.3.22 and Earlier CRLF Injection Vulnerability in Lynx 2.8.4 and Earlier Unspecified Vulnerability in passwd for VVOS HP-UX 11.04: Unexpected Behavior Basic Constraints Verification Bypass in TinySSL 1.02 and Earlier Exposure of SNMP Read-Write Community Name in HP OpenView EMANATE 14.2 Denial of Service Vulnerability in ptrace on HP-UX 11.00 through 11.11 Unauthenticated Remote Access Vulnerability in Easy Guestbook CGI Programs Arbitrary File Read Vulnerability in Duma Photo Gallery System (DPGS) 0.99.4 Arbitrary Code Execution via Modified GALLERY_BASEDIR Variable RCONAG6 Vulnerability: Authentication Bypass in Novell Netware SP2 Buffer Overflow in qmailadmin: Privilege Escalation via QMAILADMIN_TEMPLATEDIR WebEasyMail 3.4.2.2 and Earlier SMTP Service Format String Vulnerability WebEasyMail 3.4.2.2 and Earlier POP3 Service Brute Force Vulnerability Novell NetBasic Scripting Server Directory Traversal Vulnerability Buffer Overflow Vulnerability in Novell NetBasic Scripting Server (NSN) MAC Address Modification Vulnerability Integer Signedness Error in select() Allows Arbitrary Kernel Memory Overwrite SQL Injection Vulnerabilities in FUDforum before 2.2.0: Unauthorized Database Operations via report.php, selmsg.php, and showposts.php Arbitrary File Creation and Deletion Vulnerability in FUDforum before 2.2.0 Arbitrary File Read Vulnerability in tmp_view.php in FUDforum before 2.2.0 Buffer Overflow Vulnerability in munpack in mpack 1.5 and Earlier: Remote Code Execution and Denial of Service Directory Traversal Vulnerability in munpack in mpack 1.5 and Earlier HP ProCurve Switch 4000M C.07.23 SNMP Write Request Buffer Overflow Vulnerability Unauthenticated Remote Modification of User Home Pages in Easy Homepage Creator 1.0 Authentication Bypass in dotProject 0.2.1.5 via user_cookie Parameter Cross-Site Scripting Vulnerability in ShoutBOX on endity.com Arbitrary File Reading Vulnerability in Sympoll 1.2 Source IP Address Spoofing Vulnerability in Belkin F5D5230-4 4-Port Cable/DSL Gateway Router 1.20.000 Insecure Database Storage in MidiCart Allows Remote Information Theft Denial of Service Vulnerability in Kerio MailServer 5.0 Cross-Site Scripting (XSS) Vulnerabilities in Kerio MailServer 5.0 Web Mail Module Arbitrary PHP Code Execution in Achievo 0.7.0 through 0.9.1 (except 0.8.2) via class.atkdateattribute.js.php Remote Code Execution Vulnerability in Perl 5.003 Web Handler on Novell NetWare 5.1 and NetWare 6 Directory Traversal Vulnerability in Perl 5.003 Web Handler on Novell NetWare 5.1 and NetWare 6 Perl Version Information Disclosure Vulnerability Stack Corruption Vulnerability in TGA Daemon for HP-UX 11.04 (VVOS) Virtualvault 4.0, 4.5, and 4.6 Default Root Password Vulnerability in Gateway GS-400 Server Multiple Buffer Overflows in Tomahawk SteelArrow before 4.5: Remote Code Execution Vulnerabilities Unauthorized Script Execution and File Reading Vulnerability in Google Toolbar Remote Monitoring Vulnerability in Google Toolbar 1.1.58 and Earlier Denial of Service Vulnerability in Google Toolbar 1.1.60 on Internet Explorer 5.5 and 6.0 CERN Proxy Server XSS Vulnerability: Remote Script Execution via Non-Existent Page Insecure Error Checking in nCipher PKCS#11 Library Allows Message Forgery Buffer Overflow in UNIX VPN Client Allows Local Privilege Escalation Undocumented SNMP Community String Vulnerability in Avaya P330, P130, and M770-ATM Cajun Products Insecure Storage of Passwords in eUpload 1.0 UniVerse UV/ODBC Vulnerability: Denial of Service via Invalid Table Link and Buffer Overflow Blazix before 1.2.2 Directory Listing and Source Code Disclosure Vulnerability Remote Code Execution Vulnerability in MyWebServer 1.0.2 via Buffer Overflow in Search Capability MyWebServer 1.0.2 XSS Vulnerability: Remote Script Injection via Long Request Path Disclosure Vulnerability in MyWebServer 1.0.2 Multiple Cross-Site Scripting (XSS) Vulnerabilities in OmniHTTPd Remote Code Execution Vulnerability in mIRC 6.0.2 and Earlier via Long $asctime Value L-Forum 2.40 search.php SQL Injection Vulnerability Arbitrary Script Injection in L-Forum 2.40 and Earlier Arbitrary Script Injection in L-Forum 2.40 and Earlier Arbitrary File Read Vulnerability in L-Forum 2.40 and Earlier Arbitrary Command Execution in Web Shop Manager 1.1 via Search Box Information Modification Vulnerability in OrganicPHP PHP-affiliate 1.0 and Later Versions Predictable Initial Sequence Numbers (ISN) Vulnerability in Symantec Raptor Firewall and Enterprise Firewall CafeLog b2 Weblog Tool XSS Vulnerability CafeLog b2 Weblog Tool SQL Injection Vulnerability Arbitrary PHP Code Execution in CafeLog b2 Weblog Tool 2.06pre4 Arbitrary File Read Vulnerability in Macromedia Flash Plugin Buffer Overflow Vulnerability in errpt in AIX 4.3.3: Local Privilege Escalation Insecure Path Verification in scponly Cleartext Administrative Password Exposure in SHOUTcast 1.8.9 and Earlier Insecure SSL Certificate Verification in Camel Component of Ximian Evolution Untrusted Search Path Vulnerability in libX11.so in xfree86 Buffer Overflow Vulnerabilities in HP-UX LP Subsystem: Denial of Service and Arbitrary Code Execution TCP/IP Denial of Service Vulnerability in HP Tru64 UNIX 4.0f, 4.0g, and 5.0a ARP Component Remote Packet Takeover Vulnerability Buffer Overflow in setlocale in libc on NetBSD 1.4.x through 1.6 and other operating systems Arbitrary Command Execution via Title in Cacti graphs.php Arbitrary Command Execution Vulnerability in Cacti Console Mode Cacti 0.6.8 Vulnerability: Plaintext Storage of MySQL Credentials in config.php Arbitrary HTML and Script Injection in phpGB Guestbook Pages Unauthenticated Remote Code Execution in savesettings.php of phpGB 1.20 and Earlier SQL Injection Vulnerability in login.php of phpGB 1.20 and Earlier Arbitrary File Read Vulnerability in DB4Web 3.4 and 3.6 DB4Web Server Proxy Port Scanning Vulnerability Denial of Service Vulnerability in Trillian AIM Component Buffer Overflow Vulnerabilities in Trillian IRC Component Trillian IRC Component Denial of Service Vulnerability Denial of Service Vulnerability in Trillian IRC Component Buffer Overflow Vulnerability in PlanetDNS PlanetWeb 1.14 and Earlier Integer Overflow in TIOCSCTTY ioctl Leading to Kernel Panic in NetBSD 1.4 through 1.6 beta Plaintext Password Storage Vulnerability in Cisco VPN 5000 Client for MacOS Root Privilege Escalation Vulnerability in Cisco VPN 5000 Client Lycos HTMLGear Guestbook XSS Vulnerability Trailing Slash XSS Vulnerability in Aestiva HTML/OS Arbitrary Script Injection in JAWmail 1.0-rc1 Null HTTP Server 0.5.0 and Earlier: Heap-Based Buffer Overflow via Negative Content-Length Header Arbitrary HTML Injection in Null HTTP Server 0.5.0 and Earlier Directory Traversal Vulnerability in SWServer 2.2 and Earlier Multiple SQL Injection Vulnerabilities in FactoSystem CMS Buffer Overflow Vulnerability in mrinfo, mtrace, and pppd in NetBSD 1.4.x through 1.6 Denial of Service Vulnerability in Enterasys SSR8000 MPS Functionality Symlink Vulnerability in xbreaky before 0.5.5 Allows Arbitrary File Overwrite Buffer Overflow Vulnerability in Automatic File Distributor (AFD) 1.2.14 and Earlier WebServer 4 Everyone 1.22 Directory Traversal Vulnerability SQL Injection Vulnerability in WoltLab Burning Board (wBB) 2.0 RC 1 and Earlier via board.php Buffer Overflow in Linuxconf Allows Arbitrary Code Execution via Long LINUXCONF_LANG Environment Variable Denial of Service Vulnerability in Unreal Tournament 2003 (ut2003) Race Condition Vulnerability in slapd of OpenLDAP2 (OpenLDAP 2) 2.2.0 and Earlier Mail Spool File Vulnerability in shadow-utils 20000902 Arbitrary Connection Vulnerability in xdm with Missing auth Directory Weak Cookie Generation Vulnerability in vncserver Wrapper Symlink Attack in xbru_dscheck.dd File Allows Arbitrary File Overwrite and Root Privilege Escalation in BRU Workstation 17.0 Arbitrary File Truncation Vulnerability in UCX POP Server for HP TCP/IP Services Local Privilege Escalation via Symlink Attack in gds_lock_mgr of Borland InterBase CoolForum 0.5 beta Directory Traversal Vulnerability in avatar.php Local Privilege Escalation via Symlink Attack in rpcbind on SGI IRIX Symlink Attack Vulnerability in fsr_efs on IRIX 6.5 World-writable directory vulnerability in mv command on IRIX 6.5 Format String Vulnerability in WatchGuard Firebox Vclass and RSSA Appliance Insecure SSH Connection Handling in WatchGuard Firebox Vclass and RSSA Appliance Plaintext Password Storage Vulnerability in Web Server 4D (WS4D) 3.6 Buffer Overflow in PowerFTP FTP Server 2.24: Remote Code Execution and Denial of Service Vulnerability Directory Traversal Vulnerability in Daniel Arenz Mini Server 2.1.6 Buffer Overflow in XML Parser in Winamp 3 (1.0.0.488) Allows Remote Code Execution ASTAware SearchDisk Engine Directory Traversal Vulnerability Arbitrary HTML and Script Injection in EMU Webmail 5.0 via emumail.cgi Path Disclosure Vulnerability in emumail.cgi in EMU Webmail 5.0 Information Disclosure Vulnerability in MondoSearch 4.4 via MsmMask.exe Arbitrary Script Injection in SurfControl SuperScout Email Filter Administrative Interface Vulnerability: Usernames and Plaintext Passwords Exposure in SurfControl SuperScout Email Filter's Administrative Web Interface Denial of Service Vulnerability in SurfControl SuperScout Email Filter Administrative Web Interface Denial of Service Vulnerability in SurfControl SuperScout Email Filter Administrative Web Interface Jetty JSP Servlet Engine Cross-Site Scripting (XSS) Vulnerability Arbitrary File Reading Vulnerability in Macromedia Flash Player Information Disclosure Vulnerability in Secure Webserver 1.1 and Symantec Enterprise Firewall 6.5.2 Arbitrary Command Execution Vulnerability in Molly IRC Bot 0.5 Local Privilege Escalation in phpBB 2.0.0 via admin_ug_auth.php Information Disclosure Vulnerability in Acuma Acusend Buffer Overflow Vulnerability in MDaemon POP Server 6.0.7 and Earlier Privilege Escalation in Symantec Norton AntiVirus Corporate Edition Directory Traversal Vulnerability in BadBlue 1.7 SolarWinds TFTP Server Denial of Service Vulnerability Buffer Overflow Vulnerability in Trek on NetBSD 1.5 through 1.5.3 Allows Privilege Escalation via Long Keyboard Input CooolSoft Personal FTP Server 2.24 Directory Traversal Vulnerability Information Disclosure: Absolute Path Disclosure in CooolSoft Personal FTP Server 2.24 BRS WebWeaver Web Server 1.01 Directory Traversal Vulnerability Denial of Service Vulnerability in Netscreen ScreenOS 4.0.0r6 and Earlier Arbitrary Command Execution Vulnerability in autofs on AIX 4.3.0 Remote Code Execution Vulnerability in Light HTTPd (lhttpd) 0.1 via Long HTTP GET Request Arbitrary File Overwrite Vulnerability in dump_smutil.sh on IBM AIX Buffer Overflow Vulnerability in nslookup in IBM AIX Inappropriate Permissions Exploit in Novell eDirectory and Netware Remote Manager Unauthorized System Configuration Modification and File Deletion via FTP Connection in Cisco ONS15454 and ONS15327 Clear-text Storage of Usernames and Passwords in Cisco ONS15454 and ONS15327 Image Database Insecure Default SNMP Community String in Cisco ONS15454 and ONS15327 Denial of Service Vulnerability in Cisco ONS15454 and ONS15327 Denial of Service Vulnerability in Cisco ONS15454 and ONS15327 Unchangeable Telnet Account Vulnerability in Cisco ONS15454 and ONS15327 Directory Traversal Vulnerability in ion-p.exe Allows Remote File Read Authentication Bypass Vulnerability in gBook 1.4 Remote Denial of Service Vulnerability in Windows RPC Endpoint Mapper Virtual Hosting Directory Traversal Vulnerability in thttpd Denial of Service Vulnerability in stunnel 4.0.3 and Earlier due to SIGCHLD Signal Handler Race Conditions Script within Cookies Reading Cookies vulnerability in Internet Explorer 5.5 and 6.0 Buffer Overflow Vulnerability in wget 1.8.1: Denial of Service and Arbitrary Code Execution via Long URL Denial of Service Vulnerability in netris 0.5 and Earlier Versions Apache Tomcat 4.1 Cross-Site Scripting (XSS) Vulnerability Denial of Service Vulnerability in OpenSSL 0.9.6e Arbitrary Command Execution via Shell Metacharacters in gv 3.5.8 and Earlier Versions Heap-based Buffer Overflow in snmpnetstat for ucd-snmp and net-snmp Information Leak Vulnerability in Linux 2.4 Kernel Signed Integer Overflow in bttv_read Function in Linux Kernel Unspecified Vulnerability in Linux Kernel's pcilynx IEEE1394 Firewire Driver Buffer Overflow in ixj Telephony Card Driver in Linux: Unknown Impact and Attack Vectors CRLF Injection Vulnerability in cgiemail Allows Spam Proxy Usage Local Privilege Escalation in SAP DB 7.3 and Earlier via Symlink Vulnerability Default User and Password Vulnerability in SAP R/3 2.0B to 4.6D Unprotected Oracle Database Allows Remote Access to Sensitive SAP Data SAP GUI (Sapgui) 4.6D Denial of Service Vulnerability Integer Overflow Vulnerability in Cyrus IMAP Server 1.4 and 2.1.10 Arbitrary File Viewing Vulnerability in Mailreader.com 2.3.20 through 2.3.31 Arbitrary Command Execution in Mailreader.com 2.3.30 and 2.3.31 Buffer Overflow Vulnerability in IBM DB2 Universal Database 6.0 and 7.0 Remote Privilege Escalation Vulnerability in AUTH_DES Authentication for RPC Denial of Service Vulnerability in Solaris 8 and 9 Kernel Panic Vulnerability in Solaris 2.5.1 through 9 Denial of Service Vulnerability in libthread Library for Solaris Remote Denial of Service Vulnerability in Mailtool for OpenWindows 3.6, 3.6.1, and 3.6.2 Solaris 8 Local Denial of Service Vulnerability via kmem_flags Bit 0x02 World and Group Write Permissions in Solaris WBEM Packages Unapproved Addition of free.aol.com to Trusted Sites Zone in AIM 4.7.2480 Sensitive Information Disclosure in Apache 2.0 through 2.035 Apache mod_dav Versioning Hooks Null Dereference Denial of Service Vulnerability Buffer Overflow Vulnerability in grpck and pwck on AIX Systems Unauthorized Access to Configuration Files in Cisco SN 5420 Storage Router 1.1(5) and Earlier Denial of Service Vulnerability in Cisco SN 5420 Storage Router 1.1(5) and Earlier Denial of Service Vulnerability in Cisco SN 5420 Storage Router 1.1(5) and Earlier Buffer Overflow Vulnerability in Computer Associates MLink (CA-MLink) 6.5 and Earlier Bypassing Content Filtering Rules in DansGuardian before 2.4.5-1 via Hex-Encoded URLs Arbitrary File Overwrite Vulnerability in Mike Spice's My Classifieds (classifieds.cgi) Privilege Escalation via Connectables Feature in Adobe PhotoDeluxe 3.1 Buffer Overflow Vulnerability in GNU Screen Braille Module GoAhead Web Server Source Code Disclosure Vulnerability Multiple Buffer Overflows in HP Tru64 UNIX: Arbitrary Code Execution via Long NLSPATH Environment Variable Buffer Overflow in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f via _XKB_CHARSET Environment Variable Buffer overflow vulnerabilities in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f: Local privilege escalation via lpc, lpd, lpq, lpr, or lprm. Buffer Overflow Vulnerability in ypmatch in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f Traceroute Buffer Overflow Vulnerability in HP Tru64 UNIX Privilege Escalation via Buffer Overflow in HP Tru64 UNIX Binmail Ping Denial of Service Vulnerability in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f Privilege Escalation via Buffer Overflow in HP Tru64 UNIX's quot Privilege Escalation via Buffer Overflow in mailcv on HP Tru64 UNIX Privilege Escalation via Buffer Overflow in HP Tru64 UNIX's ps Command Buffer Overflow in HP Tru64 UNIX's /usr/bin/at Allows Local Code Execution Buffer Overflow Vulnerabilities in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f Multiple Buffer Overflow Vulnerabilities in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f Buffer Overflow Vulnerabilities in HP Tru64 UNIX 5.x JFS Sticky Bit Bypass Vulnerability in HP-UX 10.20, 11.00, and 11.04 Buffer Overflow Vulnerability in IBM AIX 4.3.x FC Client: Remote Denial of Service Arbitrary File Read Vulnerability in IBM AIX Parallel Systems Support Programs (PSSP) Remote Code Execution Vulnerability in rcp for IBM AIX 4.3.x and 5.1 Buffer Overflow Vulnerability in IBM AIX 4.3 RPC Routines IKE Aggressive Mode Vulnerability: Username Exposure during Negotiation Buffer Overflow in Lotus Domino Web Server Allows Remote Code Execution Denial of Service Vulnerability in Macromedia Flash Player 6 Directory Traversal Vulnerability in Mike Spice My Calendar before 1.5 Directory Traversal Vulnerability in Mike Spice Quiz Me! Allows Arbitrary File Write Arbitrary File Write Vulnerability in Mike Spice Mike's Vote CGI Null Password Vulnerability in Multi-Tech ProxyServer Products Arbitrary Email Sending Vulnerability in Oracle 9i Application Server (9iAS) sendmail.jsp Sample Page SQL Injection Vulnerability in Oracle 9i Application Server (9iAS) query.xsql Sample Page Sensitive Information Disclosure in Oracle 9i Application Server (9iAS) via Sample Pages Multiple Buffer Overflow Vulnerabilities in QNX 4.25 Vulnerability: Information Disclosure in Novell NetWare 5.1 Sample Applications Remote Code Disclosure Vulnerability in Oracle 9i Application Server (9iAS) XSS Vulnerability in Oracle 9iAS htp PL/SQL Package Default Usernames and Passwords in Oracle 9iAS Enable Privilege Escalation Sensitive Information Disclosure in Oracle Configurator Servlet Multiple Cross-Site Scripting (XSS) Vulnerabilities in Oracle Configurator Multiple Buffer Overflows in Oracle Web Cache for Oracle 9i Application Server (9iAS): Remote Code Execution Vulnerability Vulnerability: Local Users Can Delete Transaction Log Data and Cause Data Loss in PostgreSQL 7.2.1 and 7.2.2 Multiple Buffer Overflow Vulnerabilities in RealNetworks Helix Universal Server 9.0 (9.0.2.768) Insecure Process Group Handling in SSH Secure Shell Buffer Overflow in URL Catcher Feature of SSH Secure Shell for Workstations Client 3.1 to 3.2.0: Remote Code Execution Vulnerability Vulnerability: SSH Secure Shell for Servers 3.0.0 to 3.1.1 Allows Override of AllowedAuthentications Configuration Insecure Redirect in Slash Slashcode Quick Login Feature CSRF vulnerability in SquirrelMail compose.php allows unauthorized email sending Arbitrary Javascript Execution via IMG Tag in SquirrelMail (XSS Vulnerability) Arbitrary Command Execution in SquirrelMail Spell Checker Plugin Verity Search97 XSS Vulnerability: Remote Code Injection and Information Theft Buffer Overflow Vulnerability in cgiemail 1.6 Allows Remote Code Execution Farm9 Cryptcat Server Mode Encryption Bypass Vulnerability HTTP Basic Authentication Vulnerability in iPlanet Web Server Enterprise Edition and Netscape Enterprise Server 4.0 and 4.1 Denial of Service Vulnerability in Netscape Enterprise Server and iPlanet Web Server Authentication Bypass Vulnerability in X-News (x_news) 1.1 and Earlier Insecure Password Generation in PostgreSQL Buffer Overflow in htdigest in Apache 1.3.26 and 1.3.27 Privilege Escalation Vulnerability in PortalApp 2.2 Arbitrary Command Execution in vBulletin Calendar.php Denial of Service Vulnerability in Leafnode Server (Versions 1.9.20 to 1.9.29) Cross-Site Scripting (XSS) Vulnerabilities in Mambo Site Server 4.0.11 Denial of Service Vulnerability in Monkey HTTP Daemon Arbitrary User Addition and Information Disclosure Vulnerability in Yahoo! Messenger (pre-February 2002) Buffer Overflow Vulnerability in Yahoo! Messenger (pre-February 2002) Allows Remote Code Execution Remote Code Execution in Oracle E-Business Suite 11i.1 through 11i.6 via Modified URL Virtual Memory Object Existence Check Bypass Vulnerability in FreeBSD 4.5-RELEASE and Earlier Denial of Service Vulnerability in HP-UX 11.11 and Earlier via File System Weakness World-searchable temporary directory vulnerability in pkg_add in FreeBSD 4.2 through 4.4 Windows XP Professional Upgrade Edition Vulnerability: Unpatched Internet Explorer 6.0 Clipboard Data Leakage Vulnerability in Microsoft Internet Explorer 5.0, 5.01, and 5.5 Insecure Permissions in Webmin 0.92 RPM Installation Could Lead to Session Hijacking Webmin 0.92 Local Script Execution and Cookie Theft Vulnerability Denial of Service Vulnerability in FreeBSD's procfs Filesystem Unreal IRCd 3.1.1 Format String Vulnerability in Cio_PrintF Function Sensitive Information Disclosure in BindView NetInventory 1.0 and NetRC 1.0 Information Disclosure Vulnerability in 14all.cgi 1.1p15 Jelsoft vBulletin 2.0 rc 2 through 2.2.4 memberlist.php XSS Vulnerability Jelsoft vBulletin 2.2.0 Cross-Site Scripting (XSS) Vulnerability Arbitrary Script Execution in CGI Online Worldweb Shopping 1.1 (COWS) Slashcode CVS Releases XSS Vulnerability Weak Encryption Scheme in NewsReactor 1.0 Puts Newsgroup Accounts at Risk Arbitrary Script Execution via XSS in BadBlue Personal Edition 1.7.3 Arbitrary File Read Vulnerability in Deerfield D2Gfx and BadBlue Arbitrary Script Execution via Cross-Site Scripting (XSS) in BadBlue Enterprise and Personal Edition 1.7 and 1.7.2 Buffer Overflow Vulnerability in lscfg on AIX: Unknown Impact Buffer Overflow Vulnerability in AIX Diagnostics Library Remote Code Execution and Cookie Theft Vulnerability in Microsoft Internet Explorer 5.5-6.0 Buffer Overflow Vulnerability in AIX Login Program Unspecified Vulnerability in AIX Before 4.0 Default Installation of Known User Accounts and Passwords in Alcatel OmniPCX 4400: Remote Unauthorized Access Vulnerability Buffer Overflow Vulnerability in Microsoft Windows 95 Backup Utility Allows Arbitrary Code Execution IIS 4.0 Log File Modification Vulnerability Vulnerability: Log File Tampering in Norton Internet Security 2001 Silent Decryption Vulnerability in Microsoft Outlook PGP Plug-in Weak Encryption Algorithm in VTun 2.0-2.5 Allows for Ciphertext Reuse Vulnerability Buffer Overflow Vulnerability in Microsoft MSN Messenger Service ASPCC SQL Injection Vulnerability Arbitrary Script Execution via Missing Template Handler in Macromedia ColdFusion MX DeltaScripts PHP Classifieds 6.0.5 Cross-Site Scripting (XSS) Vulnerability Arbitrary Script Execution via Term Parameter in Mewsoft NetAuction 3.0 Arbitrary PHP Code Execution in Zeroboard 4.1 via Remote URL Reference Denial of Service Vulnerability in Microsoft Internet Explorer 5.5 through 6.0 Remote Modification of DOCSIS Settings on Cisco uBR7200 and uBR7100 Series Routers Arbitrary PHP Code Execution in phpBB 2.0 through 2.0.1 Arbitrary Script Execution in BasiliX Webmail 1.10 via XSS Vulnerability SQL Injection Vulnerability in BasiliX Webmail 1.10: Remote Data Exposure and Modification Unauthenticated Local File Inclusion Vulnerability in BasiliX Webmail 1.1.0 Insecure Attachment Storage in BasiliX 1.1.0 Denial of Service Vulnerability in Microsoft Windows 2000 via Flood of Empty TCP/IP Packets World-Readable Home Directories Vulnerability in Mandrake-Security Package Denial of Service Vulnerability in Microsoft Internet Explorer 5.0-6.0 Vulnerability: Local Users Bypass Restricted Shells in SSH Versions 1-3 Arbitrary File Creation Vulnerability in Microsoft Office XP's Host() Function Path Disclosure Vulnerability in Microsoft IIS 5.1 Remote File Disclosure Vulnerability in Microsoft IIS 5.1 Remote Code Execution Vulnerability in Bavo 0.3 Allows Unauthorized Modification of Posted Messages Authentication Bypass and Privilege Escalation via SQL Injection in Spooky Login 2.0 - 2.5 Off-by-one Error in alterMIME 0.1.10 and 0.1.11: Denial of Service via x-header Physical Access Vulnerability: Logitech iTouch Keyboards Allow Bypassing Screen Lock and Executing User-Defined Commands Information Disclosure: Full Path Disclosure in Powerboards 2.2b Arbitrary Script Execution via pic Parameter in PHPImageView 1.0 Sensitive Information Disclosure in PHPImageView 1.0 via pw=show Option Authentication Bypass Vulnerability in PhotoDB 1.4 Remote Code Execution via Cross-Site Scripting (XSS) in askSam Web Publisher Path Disclosure Vulnerability in askSam Web Publisher 1.0 and 4.0 ASPjar Guestbook 1.00 Cross-Site Scripting (XSS) Vulnerability Arbitrary Message Deletion in ASPjar Guestbook 1.00 AS/400 System Request Menu Vulnerability: User Account Enumeration Actinic Catalog 4.7.0 Multiple Cross-Site Scripting (XSS) Vulnerabilities Prospero Technologies Web-Based Message Board XSS Vulnerability Remote Code Execution Vulnerability in NewsPro 1.01 Allows Unauthorized Administrator Access Buffer Overflow Vulnerability in dlogin 1.0a Arbitrary File Read Vulnerability in CGINews before 1.06 World-writable Files and Directories Vulnerability in Astaro Security Linux 2.016 Default MDaemon Mail Account Password Vulnerability Weak Encryption Algorithm in Alt-N Technologies Mdaemon 5.0 through 5.0.6 Allows Local Password Cracking Buffer Overflow Vulnerability in MDaemon WorldClient.cgi Directory Traversal Vulnerability in WorldClient.cgi in Alt-N Technologies MDaemon 5.0.5.0 and Earlier Arbitrary Perl Function Loading Vulnerability in SOAP::Lite Denial of Service Vulnerability in AOL ICQ 2002a Build 3722 Directory Traversal Vulnerability in CodeBrws.asp in Microsoft IIS 5.0 CodeBrws.asp Off-by-One Error in Microsoft IIS 5.0 Allows Source Code Disclosure Remote Code Injection Vulnerability in Vtun 2.5b1 Unauthenticated Packet Injection and Data Manipulation Vulnerability in Vtun 2.5b1 Arbitrary Account Access Vulnerability in Slashcode 2.1.x and 2.2 through 2.2.2 Terminal Services Idle Lock Bypass Vulnerability Arbitrary Code Execution in csGuestbook.cgi Arbitrary Code Execution in csLiveSupport.cgi Arbitrary Code Execution in csChatRBox.cgi in CGIScript.net csChat-R-Box Arbitrary Code Execution in csNewsPro.cgi Buffer Overflow Vulnerability in Novell NetWare Client 4.80-4.83: Denial of Service via Hostname Resolution Unauthenticated Packet Injection and Data Manipulation Vulnerability in Tinc VPN ACDSee 4.0 Denial of Service Vulnerability Authentication Bypass Vulnerability in PHProjekt 2.0 through 3.1 Unauthenticated Access and Data Manipulation in PHProjekt 2.0 through 3.1 Arbitrary File Upload Vulnerability in PHProjekt 2.0 through 3.1 Multiple SQL Injection Vulnerabilities in PHProjekt 2.0 through 3.1 PHProjekt 2.0-3.1 Directory Traversal Vulnerability Insecure Storage of Security Scans in Microsoft Baseline Security Analyzer (MBSA) 1.0 Local Privilege Escalation Vulnerability in dtscreen Sun Solaris 8 CDE Screensaver Symlink Attack Vulnerability in Adobe Acrobat Reader 4.05 on Linux Denial of Service Vulnerability in Evolution 1.0.3 and 1.0.4 Buffer Overflow Vulnerability in Composer in Netscape 4.77 Buffer Overflow Vulnerability in Oracle 8i Database Server 8.1.5 for Linux Denial of Service Vulnerability in Cisco IOS HSRP Port 1985 Default User Account Vulnerability in Microsoft Site Server 3.0 Remote Code Execution via HTML E-mail in Qualcomm Eudora 5.1 Remote Code Injection in Matt Wright FormMail 1.9 and Earlier Privilege Escalation Vulnerability in Novell Netware 5.0 through 5.1 ICQ 2.6x for MacOS X Buffer Overflow Vulnerability Bypassing E-mail Scanning in Symantec Norton AntiVirus 2002 Disputed Vulnerability: Bypassing Initial Virus Scan in Symantec Norton AntiVirus 2002 Bypassing Initial Scan in Symantec Norton AntiVirus 2002 Bypass of E-mail Scanning in Symantec Norton AntiVirus 2002 Vulnerability: Portscan Protection Bypass in Symantec Norton Personal Firewall 2002 Inadequate Protection Against Fragmented IP Packets in Symantec Norton Personal Firewall 2002 (NPW) Denial of Service Vulnerability in BPM Studio Pro 4.2 Webserver Buffer Overflow Vulnerabilities in DeleGate 7.7.0 through 7.8.1 Arbitrary File Reading Vulnerability in University of Washington IMAP Daemon (wu-imapd) CRLF Injection Vulnerability in PHP 4.2.1 through 4.2.3 Denial of Service Vulnerability in HP Tru64 Unix Inetd Arbitrary Web Script Injection Vulnerability in Zeus Administration Server Root Core Dump Umask Vulnerability in SGI IRIX 6.5 through 6.5.14 Buffer Overflow Vulnerability in uux in SGI IRIX 6.5 through 6.5.17 Format String Vulnerability in nn_exitmsg Function in nn 6.6.0 through 6.6.3 Newsx NNTP Client Format String Vulnerability SMTP Service Bypass Vulnerability in Microsoft Internet Information Services (IIS) 4.0 and 5.0 World-writable Temporary Desktop Files Vulnerability in SGI IRIX 6.5 through 6.5.17 Remote Code Execution Vulnerability in Fake Identd 0.9 through 1.4 Denial of Service Vulnerability in HP-UX HTTP Server mod_ssl Module Remote Code Execution Vulnerability in pam_authz in LDAP-UX Integration on HP-UX 11.00 and 11.11 Microsoft Terminal Services Advanced Client (TSAC) ActiveX Control Cross-Site Scripting (XSS) Vulnerability ChaiVM EZloader JAR Signature Verification Vulnerability ChaiVM Access Control Bypass Vulnerability Arbitrary PHP File Upload and Sensitive Information Disclosure in MidiCart PHP, PHP Plus, and PHP Maxi Arbitrary Web Script Injection in phpRank 1.8 Plaintext Storage of Administrative Password in phpRank 1.8 Information Disclosure Vulnerability in ImageFolio 2.23-2.27 XSS Vulnerability in Xoops 1.0 RC3 Allows Remote Script Injection via IMG Tag Arbitrary Script Injection via IMG Tag in PHP-Nuke 6.0 Cross-Site Scripting (XSS) Vulnerability in NPDS 4.8 via IMG Tag Injection DaCode 1.2.0 Cross-Site Scripting (XSS) Vulnerability in IMG Tag Arbitrary Script Injection via IMG Tag in Drupal 4.0.0 Arbitrary Script Injection via IMG Tag in phpWebSite 0.8.3 Meunity Community System 1.1 XSS Vulnerability in Topic Creation NULL Root Password Vulnerability in Windows Binary Release of MySQL 3.23.2 - 3.23.52 Unauthenticated Remote Access to Sensitive Information in D-Link DWL-900AP+ Access Point Denial of Service Vulnerability in Belkin F5D6130 Wireless Network Access Point Firmware AP14G8 Buffer Overflow Vulnerability in gdam123 0.933 and 0.942 via Long Filename Parameter Arbitrary Program Execution via Directory Traversal in AOL Instant Messenger (AIM) 4.8.2790 Buffer Overflow Vulnerability in efstools in Bonobo Directory Traversal Vulnerability in Aquonics File Manager 1.5 Remote Code Execution Vulnerability in ATPhttpd 0.4b and Earlier via Off-by-One Buffer Overflow in sock_gets Function Privilege Escalation Vulnerability in Veritas Cluster Server (VCS) 1.2 for WindowsNT, Cluster Server 1.3.0 for Solaris, and Cluster Server 1.3.1 for HP-UX Arbitrary File Read Vulnerability in eZ httpbench 1.1 Directory Traversal Vulnerability in TinyHTTPD 0.1.0 Remote Account Impersonation Vulnerability in Ultimate PHP Board (UPB) 1.0 and 1.0b Remote Privilege Escalation in Ultimate PHP Board (UPB) 1.0 and 1.0b Information Disclosure Vulnerability in IBM HTTP Server 1.0 on AS/400 Arbitrary Code Execution via Buffer Overflow in Zeroo HTTP Server 1.5 Potential Man-in-the-Middle Attack Vulnerability in Microsoft Internet Explorer 6.0 Format String Vulnerability in PerlRTE_example1.pl in WASD 7.1, 7.2.0 through 7.2.3, and 8.0.0 Local Privilege Escalation via mmap to /dev/mem or /dev/kmem in grsecurity 1.9.4 for Linux kernel 2.4.18 Local Denial of Service Vulnerability in Sendmail 8.9.0 - 8.12.3 Denial of Service Vulnerability in Savant Webserver 3.1 via Negative Content-Length Value Open Bulletin Board (OpenBB) 1.0.0 RC3 Multiple Cross-Site Scripting (XSS) Vulnerabilities Authentication Bypass and Access Modifier Bypass in Open Bulletin Board (OpenBB) 1.0.0 RC3 Denial of Service Vulnerability in Microsoft MSN Messenger Service 1.0-4.6 Denial of Service Vulnerability in Firestorm IDS 0.4.0 through 0.4.2 Default Administrative Password Vulnerability in DocuTech 6110 and DocuTech 6115 Remote Access and Unauthorized Print Job Submission Vulnerability in Xerox DocuTech 6110 and DocuTech 6115 Default Configuration of Xerox DocuTech 6110 and DocuTech 6115: Vulnerability in Enabled Services World-Writable NFS Shares in Xerox DocuTech 6110 and 6115: Remote File Modification Vulnerability Directory Existence Disclosure Vulnerability in IDS 0.81 Symlink Attack Vulnerability in Charities.cron 1.0.2 - 1.6.0 Sender IP Address Spoofing Vulnerability in Trend Micro InterScan VirusWall for Windows NT 3.52 Backdoor Vulnerability in irssi IRC Client 0.8.4 Arbitrary PHP File Upload and Execution Vulnerability in NOLA 1.1.1 and 1.1.2 Arbitrary Command Execution Vulnerability in Perlbot 1.0 Beta Arbitrary Command Execution in Perlbot 1.9.2 World-writable Permissions Vulnerability in Microsoft Windows Media Player (WMP) 6.3 on Solaris Arbitrary Web Script Injection Vulnerability in YaBB 1.40 and 1.41 Password Modification Vulnerability in YaBB 1.40 and 1.41 Buffer Overflow in Microsoft Windows Media Player (WMP) Allows Remote Code Execution via Long MP3 Filename Unencrypted Password Storage in TightVNC (Windows) Denial of Service Vulnerability in ParaChat Server 4.0 Denial of Service Vulnerability in mod_cgi of Apache 2.0.39 and 2.0.40 Buffer Overflow Vulnerability in WS_FTP Pro 7.5: Remote Code Execution Arbitrary Web Script Injection in Monkey 0.5.0 Arbitrary Script Injection in MyNewsGroups 0.4 and 0.4.1 Remote Code Execution in Rlaj Whois CGI Script (whois.cgi) 1.0 Directory Traversal Vulnerability in Macromedia JRun on Windows Directory Traversal Vulnerability in HP Application Server 8.0 on Windows Remote File Retrieval Vulnerability in jo! jo Webserver 1.0 on Windows Directory Traversal Vulnerability in Oracle9i Application Server on Windows Directory Traversal Vulnerability in Orion Application Server 1.5.3 on Windows Remote File Retrieval Vulnerability in Pramati Server 3.0 on Windows Directory Traversal Vulnerability in Sybase Enterprise Application Server 4.0 on Windows Denial of Service Vulnerability in SmartMail Server 2.0 FTP Service Cannot Be Disabled on Iomega Network Attached Storage (NAS) A300U and Other Models Arbitrary File Read Vulnerability in Simple Web Server (SWS) 0.0.4 through 0.1.0 Buffer Overflow Vulnerability in Embedded HTTP Server File Descriptor Exhaustion Vulnerability in Simple Web Server (SWS) 0.0.4 through 0.1.0 Uncontrolled Access and Denial of Service Vulnerabilities in BizDesign ImageFolio Arbitrary Shell Command Execution in Despair 0.1 and 0.2 Log File Write Permission Bypass Vulnerability in Heysoft EventSave and EventSave+ Denial of Service and Code Execution Vulnerability in Simple Web Server (SWS) 0.0.4 - 0.1.0 Privilege Escalation Vulnerability in pkgadd on Sun Solaris 2.5.1 through 8 Weak Password Encryption Vulnerability in Microsoft SQL Server 6.0 through 2000 with SQL Authentication Denial of Service Vulnerability in Microsoft Exchange 2000 with MSRPC Arbitrary Command Execution in AstroCam 0.9-1-1 through 1.4.0 via HTTP Request Entercept Agent 2.5 for Windows Local Administrative User Password Disclosure Vulnerability Denial of Service Vulnerability in Microsoft Exchange 2000 Bypassing Access Restrictions in NETGEAR FM114P via IP Address URL Remote Code Execution in w-Agora 4.1.3 via PHP Remote File Inclusion Vulnerability SQL Injection Vulnerability in LokwaBB 1.2.2: Remote Code Execution Arbitrary Message Reading Vulnerability in LokwaBB 1.2.2 Denial of Service Vulnerability in Macromedia Flash Player 4.0 r12 through 6.0.47.0 Bypassing User Authentication in AolSecurityPrivate.class in Oracle E-Business Suite 11i Arbitrary HTML Page Opening Vulnerability in Trolltech Qt Assistant 1.0 Remote Code Execution Vulnerability in Py-Membres 3.1 Allows Unauthorized Administrator Access PowerPhlogger (PPhlogger) 2.0.9 through 2.2.2 showhits.php3 Remote File Inclusion Vulnerability Insecure Storage of Database Credentials in TightAuction 3.0 Arbitrary PHP Code Execution via Remote File Inclusion in phpMyNewsletter 0.6.10 Unqualified Domain Name Leakage Vulnerability in CommonName Toolbar 3.5.2.0 Off-by-one Buffer Overflow Vulnerability in Logsurfer 1.41 through 1.5a Symlink Attack Vulnerability in rhmask 1.0-9 in Red Hat Linux 7.1 Buffer Overflow in IRCIT 0.3.1 IRC Client: Remote Code Execution via Long Invite Request Vulnerability: Passwords Stored in Readable Format in NETGEAR FVS318 Firmware 1.1 Configuration Backup ArGoSoft Mail Server Pro 1.8.1.9 XSS Vulnerability Arbitrary Script Injection Vulnerability in phpBB 2.0.3 viewtopic.php Denial of Service Vulnerability in Jakarta Apache Tomcat 3.3 and 4.0.4 with IIS and ajp1.3 Connector Buffer Overflow Vulnerability in Alsaplayer 0.99.71 Allows Arbitrary Code Execution Denial of Service Vulnerability in MyWebServer 1.0.2 Arbitrary Command Execution Vulnerability in Apple Mac OS X 10.2 Terminal 1.3 IceWarp Web Mail 3.3.3 and 3.4.5 Full Name Parameter Cross-Site Scripting (XSS) Vulnerability Pinboard 1.0 Cross-Site Scripting (XSS) Vulnerability in Tasklists Arbitrary Web Script Injection Vulnerability in Bodo Bauer BBGallery 1.0 Denial of Service Vulnerability in CGIForum 1.0 through 1.05 Information Disclosure Vulnerability in Pine 4.2.1 through 4.4.4 Buffer Overflow in Log Function in GazTek ghttpd 1.4 through 1.4.3 Allows Remote Code Execution Polycom ViaVideo Web Server Buffer Overflow Vulnerability Denial of Service Vulnerability in Polycom ViaVideo Web Server Denial of Service Vulnerability in TelCondex SimpleWebServer 2.06.20817 Denial of Service (CPU Consumption) Vulnerability in Microsoft IIS 5.0 and 5.1 Insecure Storage of Administrative Password in Click2Learn Ingenium Learning Management System Weak Encryption in Click2Learn Ingenium Learning Management System 5.1 and 6.1: Password Vulnerability ZoneAlarm Pro 3.0 and 3.1 SYN Flood Denial of Service Vulnerability Denial of Service Vulnerability in SkyStream EMR5000 1.16-1.18 Arbitrary File Read Vulnerability in myPHPNuke 1.8.8 Local Denial of Service Vulnerability in dump 0.4 b10 through b29 Denial of Service Vulnerability in BSD-based Operating Systems via /var/log/acculog File Locking Denial of Service Vulnerability in Pirch and RusPirch with Auto-Log Enabled CRLF Injection Vulnerability in Geeklog User Profile: Send Email Feature Buffer Overflow Vulnerability in Microsoft Active Data Objects (ADO) in Microsoft MDAC 2.5 through 2.7 VP-ASP 4.0 Shopadmin.asp SQL Injection Vulnerability Buffer Overflow Vulnerability in FtpXQ 2.5 via MKD Command Remote Access Vulnerability in Default MySQL Configuration on Windows Arbitrary Web Script Injection in Jelsoft vBulletin global.php Default Configuration Vulnerability in MySQL 3.20.32 - 3.23.52 on Windows Insecure Directory Permissions in PowerChute Plus 5.0.2 Installation Denial of Service Vulnerability in Tiny Personal Firewall 3.0 through 3.0.6 Arbitrary File Read Vulnerability in Aquonics File Manager 1.5 User Account Modification Vulnerability in Aquonics File Manager 1.5 Directory Tree Disclosure Vulnerability in 602Pro LAN SUITE 2002 Cross-site scripting (XSS) vulnerability in paFileDB.php in PHP Arena paFileDB 1.1.3 through 3.0 Buffer Overflow in AN HTTPd 1.38 through 1.4.1c via Long Username in SOCKS4 Request Cross-Site Scripting (XSS) Vulnerability in PHP Arena paFileDB 1.1.3 and 2.1.1 Windows Event Log Size Notification Vulnerability Terminal Services Screensaver Vulnerability Pingtel Xpressa SIP-based Voice-over-IP Phone Information Leakage Vulnerability Predictable Session Identification Protocol (SIP) Request Values in Pingtel Xpressa 1.2.5 - 2.0.1 Default and Backdoor Accounts in UTStarcom BAS 1000 3.1.10 Hardcoded MAC Address Vulnerability in Symantec Firewall/VPN Appliance 100-200R Arbitrary Command Execution in Virgil CGI Scanner 0.9 FlashFXP 1.4 Vulnerability: Plaintext FTP Password Exposure in Queue Properties Memory Leakage Vulnerability in LCC-Win32 3.2 Compiler on Windows 95, 98, and ME Buffer Overflow Vulnerability in RadioBird WebServer 4 Everyone 1.28 Allows Remote Denial of Service Denial of Service Vulnerability in Imatix Xitami 2.5 b5 SafeTP 1.46 NAT Vulnerability: Internal IP Address Leakage in PASV Response Denial of Service Vulnerability in Motorola Surfboard 4200 Cable Modem Buffer Overflow Vulnerability in SmartMail Server 1.0 Beta 10 Weak Encryption Scheme in VSNL Integrated Dialer Software Allows Password Decryption Webmin SSL Key Reuse Vulnerability Buffer Overflow Vulnerabilities in Gringotts 0.5.9: Arbitrary Command Execution Cleartext Password Transmission Vulnerability in Iomega NAS A300U phpRank 1.8 Cross-Site Scripting (XSS) Vulnerability Buffer Overflow in GoAhead WebServer 2.1: Remote Code Execution via Long HTTP GET Request Authentication Bypass Vulnerability in phpRank 1.8 Heap-based Buffer Overflow in AOL Instant Messenger (AIM) Allows Remote Denial of Service PHP 4.2.3 phpinfo() Function Cross-Site Scripting (XSS) Vulnerability Clear-text LANMAN authentication vulnerability in Iomega NAS A300U World-Writable Permissions in ROX Filer 1.1.9 and 1.2 Remote Code Execution Vulnerability in Pen 0.9.1 and 0.9.2 Arbitrary Script Injection in kmMail 1.0, 1.0a, and 1.0b Arbitrary Command Execution Vulnerability in Nagios 1.0b1 through 1.0b3 Cybozu Share360 1.1 XSS Vulnerability Bypassing URL Access Restrictions in Finjan Software SurfinGate 6.0 and 6.0 1 URL Access Restriction Bypass in Finjan Software SurfinGate 6.0 and 6.0 1 Denial of Service Vulnerability in Linux Kernel 2.4.1 - 2.4.19 Arbitrary Command Execution Vulnerability in WesMo phpEventCalendar 1.1 Xitami 2.5b4 and 2.5b5 Cross-Site Scripting (XSS) Vulnerability Arbitrary File Read Vulnerability in My Postcards Platinum 5.0 and 6.0 Buffer Overflow Vulnerability in XiRCON 1.0 Beta 4: Remote Denial of Service (Disconnect) Vulnerability: Unauthorized Configuration Modification via Malicious TFTP Server Denial of Service Vulnerability in Magic Notebook 1.0b and 1.1b Insecure Storage of Credentials in SnortCenter 0.9.5 Arbitrary File Read Vulnerability in Sourcecraft Networking_Utils 1.0 Access Control Bypass in Parallel Port powerSwitch (pp_powerSwitch) 0.1 Buffer Overflow Vulnerability in CHttpServer::OnParseError in ISAPI Extension Unauthenticated Remote Access to Root File System in Zaurus PDAs SL-5000D and SL-5500 Weak Encryption Salt Used in Sharp Zaurus PDA SL-5000D and SL-5500 Screen-Locking Vulnerability Undetected Network Sniffing Vulnerability in ifconfig Passphrase Cache Bypass Vulnerability in Network Associates PGP 7.0.4 and 7.1 FTP Server Command Injection Vulnerability in IPFilter 3.1.1 through 3.4.28 FTP Server Firewall Bypass Vulnerability Buffer Overflow Vulnerability in Sun Solaris Volume Manager Daemon (vold) Privilege Escalation in Microsoft SQL Server 2000 through SQL Server 2000 SP2 Directory Traversal Vulnerability in Icecast 1.3.12 Allows Remote Directory Existence Detection Denial of Service and Arbitrary Code Execution Vulnerability in QNX RTOS 6.1.0 Timer Implementation Denial of Service Vulnerability in Microsoft Internet Explorer 5.0.1 - 6.0 Remote Denial of Service Vulnerability in iSMTP 5.0.1 via Long MAIL FROM Command Source Code Disclosure Vulnerability in Perception LiteServe 2.0 through 2.0.1 Resin 2.1.2 Directory Traversal Vulnerability in view_source.jsp Denial of Service Vulnerability in Resin 2.1.1 via Long Variables in URL Denial of Service Vulnerability in Resin 2.1.1 via 'CON' Device Name and Registered File Extension Path Disclosure Vulnerability in Resin 2.0.5 - 2.1.2 Arbitrary Command Execution Vulnerability in osCommerce 2.1 via include_file Parameter Buffer Overflow Vulnerability in jrun.dll in ColdFusion MX with IIS 4/5 Arbitrary Command Execution in Webbbs_post.pl CRLF Denial of Service Vulnerability in AdvServer Professional 1.030000 Arbitrary Web Script Injection Vulnerability in PHP-Nuke phptonuke.php Cross-Site Scripting (XSS) Vulnerability in PostNuke 0.71 and Earlier ZoneAlarm Pro 3.0 MailSafe Remote Code Execution Vulnerability Remote Code Execution Vulnerability in rpc.cmsd in SCO UnixWare 7.1.1 and Open UNIX 8.0.0 Remote Code Execution Vulnerability in HP Praesidium Webproxy 1.0 Improper Process Privilege Management in ACMS 4.3 and 4.4 on OpenVMS Alpha 7.2 and 7.3 D(HE)at or D(HE)ater: Exploiting the Diffie-Hellman Key Agreement Protocol Vulnerability Predictable Log File Names Vulnerability in jmcce 1.3.8 Buffer Overflow Vulnerability in libc in Compaq Tru64 4.0F, 5.0, 5.1, and 5.1A Remote Denial of Service Vulnerability in ypbind on Compaq Tru64 Denial of Service Vulnerability in Compaq Tru64 Portmapper Java Web Start Vulnerability in HP-UX 11.x: Unauthorized Access to Restricted Resources Sensitive Information Disclosure in Apache Tomcat 4.0 - 4.1 and 3.0 - 3.3.1 Sensitive Information Disclosure in Apache Tomcat 3.2.3 and 3.2.4 Information Disclosure Vulnerability in Apache Tomcat 4.0.3 for Windows Path Disclosure Vulnerability in Apache Tomcat 4.0.1 Arbitrary Web Script Injection Vulnerability in htsearch.cgi Arbitrary Web Script Injection in Faq-O-Matic 2.711 and 2.712 via fom.cgi Remote Code Execution Vulnerability in Apache 1.3.19 on HP Secure OS for Linux 1.0 Cookie Theft Vulnerability via Hex-Encoded Null Character in Mozilla and Netscape User Enumeration Vulnerability in Lotus Domino 5.0.8 Web Server Arbitrary File Inclusion and Code Execution in PostNuke 0.703 via user.php Kernel Address Space Access Vulnerability in User-mode Linux (UML) 2.4.17-8 Arbitrary Code Execution Vulnerability in SAS/Base 8.0 Privilege Escalation Vulnerability in SAS/Base 8.0 via netencralg Environment Variable Remote Code Execution in osCommerce 2.1 via PHP Remote File Inclusion in include_once.php Default Administrator Password Vulnerability in Netgear RP114 Cable/DSL Web Safe Router Firmware 3.26 Arbitrary Script Injection Vulnerability in WoltLab Burning Board (wbboard) 1.1.1 Kaffe OpenVM Format String Vulnerability Arbitrary File Read Vulnerability in get_parameter_from_frequency_source Function Information Disclosure Vulnerability in Horde IMP 2.2.7 Denial of Service Vulnerability in Lotus Domino Server 5.0.9a and Earlier Remote Code Execution Vulnerability in BrowseFTP 1.62 Client via Long FTP 220 Message Reply Unauthenticated Access Control Vulnerability in DOOW 0.1 - 0.2.1 Windows Screensaver Brute Force Password Guessing Vulnerability Arbitrary File Read and Possible Remote Code Execution in PHP on Windows with Apache Stack-based Buffer Overflow in SQLData Enterprise Server 3.0: Remote Code Execution and Denial of Service Vulnerability Arbitrary File Existence Disclosure in Internet Explorer 5.x with JavaScript Execution Enabled Unrestricted Access to SQL Debugging in PHP-Nuke 5.4 and Earlier Arbitrary File Read Vulnerability in FAQManager 2.2.5 and Earlier Arbitrary Code Execution via Recursive Multipart MIME Attachments in Email Sanitizer before 1.133 for Procmail RealityScape MyLogin 2000 1.0.0 and earlier: SQL Injection Vulnerability in Login Form Remote Login Bypass Vulnerability in Sun Ray Server Software 1.3 Vulnerability: Exploitable Known Vulnerabilities in Cisco Media Gateway Controller (MGC) Filesystem-based Shared Memory Entry Vulnerability Information Disclosure Vulnerability in /bin/su in QNX RTOS 4.25 and 6.1.0 Privilege Escalation Vulnerability in QNX RTOS Phrafx and Phgrafx-Startup Programs Buffer Overflow Vulnerabilities in RTOS 6.1.0: Arbitrary Code Execution Privilege Escalation via ptrace in QNX RTOS 4.25 and 6.1.0 LDAP and MySQL Authentication Patch for Cyrus SASL 1.5.24 and 1.5.27 SQL Injection Vulnerability Arbitrary Web Script Injection Vulnerability in x-stat 2.3 and Earlier Remote Code Execution and Path Disclosure Vulnerability in x-stat 2.3 and Earlier Remote Code Execution in X-News (x_news) 1.1 and earlier via Stolen md5_password Cookie Arbitrary Command Execution via File Preview in Sketch 0.6.12 and Earlier Buffer Overflow in PFinger 0.7.8 Client Allows Remote Code Execution Backdoor Found in Dsniff, Fragroute, and Fragrouter Versions Downloaded from monkey.org on May 17, 2002 Directory Traversal Vulnerability in ModLogAn's processor_web Plugin Arbitrary File Overwrite Vulnerability in ModLogAn's processor_web Plugin Denial of Service Vulnerability in Cisco 2611 Router HSRP Denial of Service Vulnerability Remote Authentication Bypass in TeeKai Forum 1.2 Arbitrary Web Script Injection Vulnerability in TeeKai Tracking Online 1.0 Arbitrary Web Script Injection Vulnerability in TeeKai Forum 1.2 Weak Encryption and Insufficient Access Control in TeeKai Forum 1.2 Allows Remote IP Identification Weak Encryption of Web Usage Statistics in TeeKai Tracking Online 1.0 Allows Remote IP Identification Intel Motherboards BIOS Vulnerability: Unauthorized Boot Device Change via F8 Key Buffer Overflow in Links 2.0 pre4: Remote Code Execution via Large 16-bit PNG Images Heap-based Buffer Overflow in Netscape and Mozilla Browsers via PNG Image Arbitrary Web Script Injection Vulnerability in Internet Explorer 5.5 and 6.0 Bypassing Firewall Filters and Executing Prohibited Programs in AtGuard 3.2 Remote Code Execution in PhpWebGallery 1.0 via isadmin.php Arbitrary File Read Vulnerability in WebCalendar 0.9.34 and Earlier Windows Alternate Data Streams Vulnerability in BestCrypt BCWipe Vulnerability: Incomplete Data Deletion in East-Tec Eraser 2002 Vulnerability: Incomplete Data Erasure in Eraser 5.3 PGP 6.x and 7.x Vulnerability: Windows Alternate Data Streams Leakage Vulnerability: Incomplete Deletion of Windows Alternate Data Streams in SecureClean 3 build 2.0 Denial of Service Vulnerability in Compaq Tru64 4.0 d Denial of Service Vulnerability in Java Virtual Machine (JVM) via doPrivileged Method Cross-Site Scripting (XSS) Vulnerability in Microsoft Site Server 3.0 Default ASP Pages SQL Injection Vulnerability in Mailidx (20020105) Allows Remote Code Execution ICQ 2001a and 2002b Denial of Service Vulnerability Lil' HTTP Server Directory Traversal Vulnerability Memory Leakage in DCOM Client Allows Information Disclosure Heap-based Buffer Overflow in Floositek FTGate Pro and FTGate Office Denial of Service Vulnerability in MOSIX 1.5.7 Denial of Service Vulnerability in Floositek FTGate PRO 1.05 Denial of Service Vulnerability in Microsoft Site Server 3.0 Mailbox Locking Vulnerability in FTGate and FTGate Pro 1.05 Novell Netware Client Login Bypass Vulnerability Directory Traversal Vulnerability in Portix 0.4.02 index.php Directory Traversal Vulnerability in WWWeBBB Forum 3.82 Beta and Earlier: Arbitrary File Read Cross-Site Scripting (XSS) Vulnerabilities in SquirrelMail before 1.2.6 Buffer Overflow in Borland InterBase 6.0: Arbitrary Code Execution via Long INTERBASE Environment Variable Default VNC Account Vulnerability in MOSIX Project Clump/OS 5.4 Buffer Overflow Vulnerability in rcp in Solaris 9.0 Caucho Technology Resin Server Path Disclosure Vulnerability Remote Code Execution via Format String Vulnerability in Deception Finger Daemon (decfingerd) 0.7 Privilege Escalation via Debugger Attachment in OpenBSD, NetBSD, and FreeBSD Console Session Access Vulnerability in SGI O2/IRIX 6.5 Video Control Panel Path Disclosure Vulnerability in Joe Testa Hellbent 01 File Disclosure Vulnerability in Joe Testa Hellbent 01 Webserver Buffer Overflow in Novell Remote Manager Module Allows Remote Code Execution Denial of Service Vulnerability in MaraDNS Compression Code Buffer Overflow Vulnerability in Axspawn-pam Allows Remote Code Execution Buffer Overflow in GNU DataDisplay Debugger (DDD) 3.3.1 via Long HOME Environment Variable Remote Code Execution via HTML Email Attachments in Microsoft Outlook 2002 Arbitrary JavaScript Code Execution in Microsoft Outlook 2002 Denial of Service Vulnerability in JCraft JZlib (CVE-2018-1000400) Apache Log Spoofing Vulnerability Arbitrary Command Execution in Ganglia PHP RRD Web Client 1.0.2 via graph.php Windows XP Vulnerability: Corrupt explorer.exe.manifest File Can Prevent System Boot Remote Code Execution in WikkiTikkiTavi before 0.21 via PHP Remote File Inclusion Vulnerability Arbitrary Web Script Injection Vulnerability in Veridis OpenKeyServer (OKS) 1.2 Lookup Script Remote Code Execution Vulnerability in Sony VAIO Manual Software FormMail 1.9 and Earlier: HTTP_REFERER Bypass Vulnerability Remote Denial of Service Vulnerability in RCA Digital Cable Modems DCM225 and DCM225E Denial of Service Vulnerability in Fwmon before 1.0.10 Vulnerability: Insecure SNMP Access in RCA Digital Cable Modems Arbitrary Command Execution in AGH HTMLsearch 1.0 via search.cgi Artekopia Netjuke Remote Code Execution Vulnerability Arbitrary Web Script Injection Vulnerability in Hyper NIKKI System (HNS) Denial of Service Vulnerability in Netgear RM-356 and RT-338 Series SOHO Routers Denial of Service Vulnerability in Microsoft Windows XP via UDP Port 500 (ISAKMP) Buffer Overflow Vulnerability in Blue World Lasso Web Data Engine 3.6.5 Case Insensitive Passwords in Novell eDirectory 8.6.2 and 8.7 Buffer Overflow Vulnerabilities in QNX RTOS 4.25: Arbitrary Code Execution via Long Filenames Buffer Overflow Vulnerability in SurfControl SuperScout Email Filter for SMTP 3.5.1 Insecure Storage of PIN in Pointsec for PalmOS Remote File Inclusion Vulnerability in Gallery 1.3.2's publish_xp_docs.php Denial of Service Vulnerability in nylon 0.2's recvn and sendn Functions Expired Certificate Authority (CA) Vulnerability in Internet Explorer 6.0 Time Manipulation Vulnerability in Integrity Protection Driver (IPD) 1.2 Allows Delayed Installation and Code Injection Symlink Exploit Allows Privileged Processes to Overwrite Kernel Memory Arbitrary PHP Code Execution Vulnerability in w-Agora 4.1.5 Arbitrary Script Execution via Cross-Site Scripting (XSS) in w-Agora 4.1.5 editform.php Arbitrary PHP Code Execution in Gallery 1.3.2 via GALLERY_BASEDIR Parameter Directory Traversal Vulnerability in Perl-HTTPd before 1.0.2 Windows File Protection (WFP) Vulnerability: Exploiting Old Security Catalog Files Weak Encryption in Telindus 1100 ASDL Router Firmware 6.0.x Allows Unauthorized Access Arbitrary PHP Code Execution in PEEL 1.0b via Remote URL Reference Remote Information Disclosure Vulnerability in GlobalSunTech Wireless Access Points Denial of Service Vulnerability in HP Advanced Server/9000 ISAKMP SA Hijacking Vulnerability in Cisco PIX Firewall Cisco PIX Firewall Buffer Overflow Vulnerability in Authentication Vulnerability: Security Constraints and Roles Removal in BEA WebLogic Server and Express 7.0 and 7.0.0.1 Improper URL Pattern Handling in WebLogic Server and Express 7.0 Service Pack 1 Plaintext Storage of Administrative Password in MySimple News 1.0 BearShare 4.0.5 and 4.0.6 Directory Traversal Vulnerability Authentication Bypass Vulnerability in Savant Web Server 3.1 and Earlier Denial of Service Vulnerability in Savant Web Server 3.1 and Earlier Information Disclosure Vulnerability in Lucent Ascend MAX and Pipeline Routers Buffer Overflow Vulnerability in Lucent Access Point 300, 600, and 1500 Service Routers Vulnerability: Slow State Table Emptying Allows for Packet Flooding Attacks Unprotected Admin Directory in Software602's Web Server Allows Remote Privilege Escalation Administrative Pages Format String Vulnerability in Oracle Application Server 4.0.8 and 4.0.8 2 Directory Traversal Vulnerability in Monkey HTTP Daemon 0.1.4 Trillian IRC Invite Response Format String Vulnerability Remote Code Execution Vulnerability in Trillian 0.73 via Long PING Response Information Disclosure: Full Path Disclosure in zenTrack 2.0.3 and Earlier Vulnerability: Unauthorized Remote Access in Linksys EtherFast Cable/DSL Routers Denial of Service Vulnerability in Kerio Personal Firewall (KPF) 2.1.4 and Earlier Weak Encryption of User Passwords in Trillian 0.73 and Earlier Allows Local Account Access Multiple Voting Vulnerability in KvPoll 1.1 Denial of Service Vulnerability in Microsoft Outlook Express 5.0, 5.5, and 6.0 Referer Leakage Vulnerability in IMHO Webmail Module FuseTalk 2.0 and 3.0 Cross-Site Scripting (XSS) Vulnerability Directory Traversal Vulnerability in Thorsten Korner 123tkShop before 0.3.1 SQL Injection Vulnerability in Thorsten Korner 123tkShop before 0.3.1 Cross-Site Scripting Vulnerability in AOL Instant Messenger (AIM) 4.5 and 4.7 for MacOS and Windows Remote Code Execution in BadBlue Enterprise Edition 1.7 through 1.74 acWEB 1.8 and 1.14 Cross-Site Scripting (XSS) Vulnerability Unencrypted Disk Block Leakage in Informed Designer and Filler 3.05 Remote Code Execution Vulnerability in Trillian IRC Module via Long DCC Chat Message Denial of Service Vulnerability in 602Pro LAN SUITE 2002 Telnet Proxy Incomplete Regular Expression in phpSquidPass Allows Remote User Deletion SQL Injection Vulnerability in Gender MOD 1.1.3: Remote Administrative Access via User Profile Page HTTP Request Buffering Vulnerability in BEA WebLogic Server and Express 6.1 through 7.0.0.1 Arbitrary Javascript Execution via sid Parameter in phpWebSite 0.8.3 ClearPath MCP Environment Denial of Service Vulnerability via TCP Port Scan Kernel Memory Write Vulnerability in setitimer(2) System Call SonicWall Content Filtering Bypass via IP Address Access Buffer Overflow Vulnerability in Seunghyun Seo's MSN666 MSN Sniffer 1.0 and 1.0.1 Arbitrary PHP Script Execution in phpShare.php Digi-Net Technologies DigiChat 3.5 IP Address Disclosure Vulnerability IGMP Denial of Service Vulnerability JRun Source Code Disclosure Vulnerability Unspecified File Disclosure Vulnerability in Macromedia JRun 3.0, 3.1, and 4.0 Denial of Service Vulnerability in OpenBSD getrlimit(2) Function ActiveWebserver Cross-Site Scripting (XSS) Vulnerability Insecure Password Storage in ArtsCore Studios CuteCast Forum 1.2 Information Disclosure Vulnerability in Lotus Domino 5.0.9a and Earlier Arbitrary Web Script Execution in Perception LiteServe 2.0.1 via XSS Vulnerability Arbitrary Web Script Injection in Mojo Mail 2.7 via XSS Vulnerability Buffer Overflow in Winamp Version Update Check Buffer Overflow Vulnerability in Samba before 2.2.5 Local Denial of Service Vulnerability in Sun Solaris 8.0 via /dev/poll NULL Pointer Dereference Remote Code Execution Vulnerability in ZMailer before 2.99.51_1 via Buffer Overflow in HELO Processing Inadequate Subdirectory Checking in AIDE Configuration File Remote File Inclusion Vulnerability in Benjamin Lefevre Dobermann FORUM 0.5 and earlier Arbitrary Command Execution via Printer Name in Webmin Printer Administration Module Outlook Express 6.0 Vulnerability: Failure to Delete Messages from dbx Files System Serial Console Terminal Vulnerability in Solaris 2.5.1, 2.6, and 7 Insecure Default --checksig Setting in RPM Package Manager 4.0.4 Allows Spoofing of Trusted Package Signatures Remote Code Execution Vulnerability in Webresolve 0.1.0 and Earlier via Long Hostname Denial of Service Vulnerability in Norton AntiVirus 2001 POP3 Proxy Service Buffer Overflow in ssldump 0.9b2 and Earlier: Remote Code Execution via Long RSA PreMasterSecret Denial of Service Vulnerability in Cisco IOS EIGRP Implementation Unspecified Security Vulnerability in Baby FTP Server Versions Prior to November 7, 2002 Symlink Attack Vulnerability in OpenOffice 1.0.1 Installation DNS Cache Poisoning Vulnerability in BIND 4 and BIND 8 Fujitsu UXP/V DNS Resolver Cache Poisoning Vulnerability DNS Cache Poisoning Vulnerability in Infoblox DNS One Denial of Service Vulnerability in php_if_imap_mime_header_decode Function Denial of Service Vulnerability in PHP IMAP Functionality Improper URL String Processing in Soft3304 04WebServer before 1.20 Allows Information Disclosure Multiple PHP Remote File Inclusion Vulnerabilities in Web Server Creator - Web Portal (WSC-WebPortal) 0.1 CRLF Injection Vulnerability in setUserValue Function in Haakon Nilsen SIPS Remote Information Disclosure in chetcpasswd.cgi Buffer Overflow Vulnerability in Pedro Lineu Orso chetcpasswd 1.12 and earlier Untrusted Search Path Vulnerability in Pedro Lineu Orso chetcpasswd 2.4.1 and Earlier Denial of Service Vulnerability in isakmpd Buffer Overflow in NetScreen-Remote 8.0: Remote Code Execution and Denial of Service Vulnerability Buffer Overflow Vulnerability in PGPFreeware 7.03 on Windows NT 4.0 SP6 via Crafted IKE Response Packets SafeNet VPN Client Denial of Service and Remote Code Execution Vulnerability Remote Code Execution Vulnerability in TFTP32 2.21 and Earlier via Long Filename Argument Buffer Underflow Vulnerability in ssldump 0.9b2 and Earlier MailScanner Filename Bypass Vulnerability Sapio Design Ltd. WebReflex 1.53 Directory Traversal Vulnerability Ikonboard 3.1.1 Cross-Site Scripting (XSS) Vulnerability via IMG Tag in Private Messages Arbitrary Script Injection in Ikonboard 3.1.1 via XSS Vulnerability Remote Code Execution Vulnerability in Enceladus Server Suite 3.9 via Long CD (CWD) Command Enceladus Server Suite 3.9 Directory Traversal Vulnerability Fragmented IP Requests Bypass Vulnerability in NetScreen ScreenOS Cross-Site Scripting (XSS) Vulnerability in vBulletin 2.2.9 and Earlier Remote Code Execution via Format String Vulnerability in apt-www-proxy 0.1 Denial of Service Vulnerability in tftp32 TFTP Server 2.21 and Earlier Kunani ODBC FTP Server 1.0.10 Directory Traversal Vulnerability Denial of Service Vulnerability in Cisco Optical Service Module (OSM) for Catalyst 6500 and 7600 Series Directory Traversal Vulnerability in MyServer 0.11 and 0.2 Buffer Overflow Vulnerability in Deerfield VisNetic WebSite 3.5.15: Remote Denial of Service via Long HTTP OPTIONS Request File Permission Modification Vulnerability in KisMAC 0.02a and Earlier Denial of Service Vulnerability in Akfingerd 0.5 and Earlier Versions Denial of Service Vulnerability in Akfingerd 0.5 and Earlier Versions Improper Quoting of Digits in STAT Command Response in NetBSD FTPD VisNetic Website 3.5.15 XSS Vulnerability via HTTP Referer Header Sensitive Information Disclosure via phpinfo.php in Mambo Site Server 4.0.11 Buffer Overflow in WDefaultFontCharset Java Class Implementation in Netscape 4.0 News Evolution 2.0 PHP Remote File Inclusion Vulnerability Buffer Overflow Vulnerabilities in Sybase Adaptive Server 12.0 and 12.5 Buffer Overflow Vulnerability in Marcos Luiz Onisto Lib CGI 0.1: Remote Code Execution SQL Injection Vulnerability in Thatware 0.5.0 and Earlier: Remote Code Execution via Base64-encoded User Parameter in auth.inc.php Buffer Overflow Vulnerabilities in Cyrus Sieve / libSieve 2.1.2 and Earlier Privileged Process Exit Vulnerability in Netfilter / IPTables phpBB 2.0.3 Cross-Site Scripting (XSS) Vulnerability in search.php Arbitrary File Read Vulnerability in pWins Webserver 0.2.5 and Earlier Remote Code Execution Vulnerability in LIBCGI 1.0.2 and 1.0.3 via Stack-based Buffer Overflow in parse_field function Denial of Service Vulnerability in Moby NetSuite via Content-Length Header Buffer Overflow in French Documentation Patch for Gnuplot 3.7 in SuSE Linux: Arbitrary Code Execution as Root Arbitrary Script Injection in Mozilla Bugzilla Quips Feature Bypassing Relaying Restrictions in Sendmail 8.9.0 through 8.12.6 via DNS Hostname Spoofing Unspecified Denial of Service Vulnerability in HP-UX xntpd Insecure Permissions in HP-UX Visualize Conference Installation Program Unspecified Denial of Service Vulnerability in HP Tru64's IGMP Implementation Unspecified Remote File Access and Privilege Escalation Vulnerability in LDAP Module of OSIS 5.4 on Tru64 UNIX 4.0G and 4.0F Denial of Service Vulnerability in NetScreen ScreenOS 2.8 through 4.0 Symlink Attack Vulnerability in Bogopass Temporary File Handling Webster HTTP Server Buffer Overflow Vulnerability Webster HTTP Server Directory Traversal Vulnerability Unspecified vulnerability in ied command in HP-UX allows local users to view normally invisible data Buffer Overflow in BigFun 1.51b IRC Client DCC Option Denial of Service Vulnerability Denial of Service Vulnerability in Tomcat 4.0 - 4.1.12 with mod_jk 1.2.1 on Apache 1.3 - 1.3.27 Webster HTTP Server XSS Vulnerability Symlink Attack Vulnerability in akfingerd 0.5 Allows Unauthorized File Access Fortres 101 4.1 Local Bypass Vulnerability via Windows+F Key Combination Path Disclosure Vulnerability in Ultimate PHP Board (UPB) 1.0 SQL Injection Vulnerability in PortailPHP 0.99 mod_search/index.php Cross-site scripting (XSS) vulnerability in PortailPHP 0.99 mod_search/index.php Unspecified vulnerability in bind function in aldap 0.09 allows remote attackers to authenticate with Manager permissions Source IP Address Spoofing Vulnerability in syslogd on OpenBSD 2.9 through 3.2 Java JIT Compiler Vulnerability in Netscape Communicator 4.0-4.8 Arbitrary Code Execution Vulnerability in McAfee VirusScan 4.5.1 Privilege Escalation Vulnerability in Microsoft Windows XP with Fast User Switching Remote Code Execution Vulnerability in Netscape Communicator 4.0 through 4.79 Vulnerability: Bypassing Virus Detection in eTrust InoculateIT 6.0 with Incremental Scan Denial of Service Vulnerability in apt-www-proxy 0.1 via Empty HTTP Request PHP Remote File Inclusion Vulnerability in phpBB Advanced Quick Reply Hack 1.0.0 and 1.1.0 Information Disclosure Vulnerability in Mambo Site Server 4.0.11 Sensitive Information Disclosure in BadBlue 1.7.1 via soinfo.php Default Admin Credentials in Mambo Site Server 4.0.11 Allow Remote Privilege Escalation Denial of Service Vulnerability in Calisto Internet Talker 0.04 and Earlier Remote File Read Vulnerability in Halycon Software iASP 1.0.9 Remote Console Applet Webshots Desktop Screensaver Password Bypass Vulnerability Multiple Buffer Overflows in Symantec Raptor Firewall and Gateway Security Products Buffer Overflow Vulnerabilities in Pico Server (pServ) 2.0 beta 1 through beta 5 YaBB.pl XSS Vulnerability in Yet Another Bulletin Board (YaBB) 1 Gold SP 1 Remote File Inclusion Vulnerability in Thatware 0.5.2 and 0.5.3 via artlist.php Remote File Inclusion Vulnerability in Thatware 0.3 through 0.5.3 via config.php Remote Code Execution Vulnerability in Thatware 0.3 through 0.5.2 via PHP Remote File Inclusion Denial of Service Vulnerability in 3Com NBX FTPD 5.4 Insecure Storage of User Credentials in Lawson Financials 8.0 Price Manipulation Vulnerability in 3D3.Com ShopFactory 5.5 through 5.8 Client-side encryption vulnerability in 3D3.Com ShopFactory 5.8 allows remote attackers to modify shopping cart prices. Arbitrary SQL Command Execution in MyPHPLinks 2.1.9 and 2.2.0 SQL Injection Vulnerability in Immobilier's agentadmin.php Denial of Service Vulnerability in KaZaA Media Desktop 1.7.1 Default Configuration of BenHur Firewall Allows Remote Access via Source Port 20 Denial of Service Vulnerability in Netscape Communicator 6.2.1 Apache Denial of Service Vulnerability in PHP 3.0 through 4.2.2 Insufficient Access Control in ClickCartPro 4.0 Allows Remote User Credential Theft Arbitrary File Upload Vulnerability in Microsoft Internet Explorer 6.0 and Possibly Others Arbitrary File Upload Vulnerability in Opera 6.0.1 Arbitrary Code Execution via Eudora Email Client 5.1.1 with Use Microsoft Viewer Enabled Cookie Theft Vulnerability in Mozilla 1.0 via javascript: URL Cisco IOS Denial of Service Vulnerability via ICMP Redirect Spoofing MAC Address Learning Vulnerability in Cisco Catalyst 4000 Series Switches Memory Leak Vulnerability in VelociRaptor 1.0's httpd, nntpd, and vpn driver Arbitrary Code Execution via Cross-Site Scripting (XSS) in Falcon Web Server 2.0.0.1009-2.0.0.1021 Static Code Injection Vulnerability in users.php in MySimpleNews Arbitrary Email Deletion Vulnerability in MySimpleNews 1.0 Arbitrary Web Script Injection Vulnerability in phpLinkat 0.1.0 Insufficient Access Control in Ultimate PHP Board (UPB) 1.0b Allows Remote User Credential Theft Vulnerability: Inadequate Access Control List (ACL) Handling in Sun PC NetLink 1.0-1.2 Insecure Access Control List (ACL) Permissions in Windows XP Professional's System Restore Directory and Subdirectories Denial of Service Vulnerability in c-client Library Cleartext Transmission of iDisk Authentication Credentials in Mail.app Denial of Service Vulnerability in Solaris 8 Environmental Monitoring Subsystem Denial of Service Vulnerability in Active Directory with Kerberos V and GSSAPI Denial of Service Vulnerability in ICQ Client 2001b, 2002a, and 2002b Arbitrary Web Script Injection in StatsPlus 1.25 via stat.pl Arbitrary Code Execution via MIME Attachments in W3Mail 1.0.2-1.0.5 with SSI Enabled Buffer Overflow Vulnerability in Opera 6.01: Denial of Service via Large IMG Tag Attributes Buffer Overflow Vulnerability in Konqueror in KDE 2.1 through 3.0 and 3.0.2 Privilege Escalation Vulnerability in Joe Text Editor 2.8 through 2.9.7 Insufficient Access Control in Killer Protection 1.0 Allows Unauthorized Access Denial of Service Vulnerability in Norton Personal Firewall 2002 4.0 Denial of Service Vulnerability in Kaspersky Anti-Hacker 1.0 Denial of Service Vulnerability in POP3 Mail Client Cross-site scripting (XSS) vulnerability in configure.asp in Script-Shed GuestBook 1.0 Phorum 3.3.2a read.php Cross-site Scripting (XSS) Vulnerability Arbitrary Web Script Injection Vulnerability in SonicWALL SOHO3 6.3.0.0 Sensitive Information Disclosure via Insufficient Access Control in Bannermatic Data Files Arbitrary Web Script Injection via Email Messages in NOCC 0.9 through 0.9.5 Email Spoofing Vulnerability in Ensim WEBppliance 3.0 and 3.1 Plaintext Storage of Web Cache Administrator Interface Password in Oracle 9i Application Server 9.0.2 IP Address Disclosure in phpBB 2.0 through 2.0.3 Arbitrary web script injection vulnerability in Oracle Java Server Page (OJSP) demo files in Oracle 9i Application Server Arbitrary Web Script Injection Vulnerability in Authoria HR (athcgi.exe) Sensitive Information Disclosure in phpBBmod 1.3.3 via phpinfo.php Arbitrary Web Script Injection Vulnerability in Zorum 2.4 Remote Code Execution Vulnerability in Eudora 5.1 Arbitrary Program Execution Vulnerability in NeoBook 4's NBActiveX.ocx ActiveX Control Arbitrary File Read/Write Vulnerability in tftpd32 2.50 and 2.50.2 Denial of Service Vulnerability in Netgear FM114P Firmware 1.3 Wireless Firewall Cleartext Storage of Sensitive Information in Netgear FM114P Firmware 1.3 Remote Code Execution and Information Disclosure in HAMweather 2.x via hwadmin.cgi Buffer Overflow Vulnerability in MailEnable 1.5 015 through 1.5 018 Arbitrary Web Script Injection via FTP URL Title Tag in Opera 6.x Arbitrary Web Script Injection via FTP View Title Tag Remote Code Execution and File Manipulation Vulnerability in Webmin Unverified Package Signatures Vulnerability in Yahoo! Messenger 4.0, 5.0, and 5.5 Arbitrary Script Injection in MyMarket 1.71 via form_header.php Privilege Escalation Vulnerability in VJE.VJE-RUN in HP-UX 11.00 Arbitrary Web Script Injection Vulnerability in PHP Ticket 0.5 and Earlier Arbitrary Command Execution in Simple WAIS (SWAIS) 1.11 Buffer Overflow Vulnerability in Trillian XML Parser Off-by-one Buffer Overflow in NEC SOCKS5 1.0 r11 and Earlier: Remote Code Execution Vulnerability Buffer Overflow Vulnerabilities in NEC SOCKS5 1.0 r11 and Earlier Remote File Disclosure Vulnerability in Perception LiteServe 2.0 Denial of Service Vulnerability in SWS Web Server 0.0.4, 0.0.3, and 0.1.0 Denial of Service Vulnerability in Linksys WET11 Firmware 1.31 and 1.32 Buffer Overflow Vulnerability in Infoprint 21 Telnet Server Blank Telnet Password Vulnerability in Apple LaserWriter 12/640 PS Printer Unspecified Vulnerability in Sun PatchPro 2.0's pprosetup Allows for Unsafe Use of Temporary Files Directory Traversal Vulnerability in CommuniGate Pro 4.0b4 and Earlier Versions Arbitrary Code Injection via Cross-Site Scripting (XSS) in E-Guest_sign.pl Arbitrary Code Injection through Cross-Site Scripting (XSS) Vulnerability in ZAP 1.0.3 Colon-based Cross-Site Scripting (XSS) Vulnerability in AN HTTP 1.41d Denial of Service Vulnerability in Cisco AS5350 IOS 12.2(11)T with ACLs and SSH Undocumented Username and Password Sniffing Vulnerability in NetDSL ADSL Modem 800 with Microsoft Network Firmware 5.5.11 Multiple Buffer Overflows in GTetrinet 0.4.3 and Earlier: Remote Code Execution and Denial of Service Vulnerabilities Arbitrary File Overwrite and Privilege Escalation Vulnerability in CVSup 1.2 Arbitrary SQL Command Execution in f2html.pl 0.1-0.4 via File Names Cleartext Storage of User Credentials in Hotfoon 4.00 Buffer Overflow Vulnerability in Hotfoon 4.0 Allows Remote Code Execution XSS Vulnerability in Quizz Module for XOOPS 1.0 Allows Arbitrary Script Injection Hyperion FTP Server 2.8.1 Directory Traversal Vulnerability Buffer Overflow Vulnerability in INweb POP3 Mail Server 2.01 via Long HELO Command Insufficient Access Control in TheServer 1.74 Web Server Allows Password Disclosure and Log File Access Buffer Overflow Vulnerability in Trillian IDENT Daemon SQL Injection Vulnerability in WebChat 1.5 (XOOPS 1.0) - Remote Code Execution via roomid Parameter Predictable File Location Vulnerability in Winamp 2.65 through 3.0 Denial of Service Vulnerability in Serv-U FTP Server 3.0, 3.1, and 4.0.0.4 Vulnerability: Bypassing Virus Protection and Remote Code Execution in InterScan VirusWall Remote Code Execution Vulnerability in InterScan VirusWall 3.52 for Windows via HTTP 1.1 Gzip Content Encoding Buffer Overflow in Advanced TFTP (atftp) 0.5 and 0.6 via Long Argument to -g Option Title: Sygate Personal Firewall 5.0 Vulnerability: Firewall Filter Bypass via Spoofed IP Addresses Remote Code Execution Vulnerability in APBoard 2.02 and 2.03 Arbitrary File Read Vulnerability in W3Mail 1.0.6 Buffer Overflow Vulnerability in LibHTTPD 1.2 Allows Remote Code Execution User Execution Permission Bypass in NT Virtual DOS Machine (NTVDM.EXE) Default SNMP Community Strings in SURECOM Broadband Router EP-4501 Allow Remote Configuration Access KeyFocus Web Server 1.0.8 Directory Traversal Vulnerability Buffer Overflow Vulnerability in IISPop Email Server 1.161 and 1.181 Unauthorized Traffic Bypass Vulnerability in Check Point FireWall-1 4.1 and Next Generation (NG) Buffer Overflow Vulnerability in LiteServe HTTP Server 2.0, 2.0.1, and 2.0.2 Insecure Permissions Vulnerability in QNX Neutrino RTOS 6.2.0 Patches Multiple Recipient Bypass Vulnerability in Gordano Messaging Server (GMS) Mail 8 Clipboard Information Disclosure in Photon microGUI of QNX Neutrino RTOS 6.1.0 and 6.2.0 Sensitive Information Disclosure and User Enumeration in Open WebMail 1.7 and 1.71 Remote Code Execution Vulnerability in BannerWheel 1.0 via Buffer Overflow in badmin.c Plaintext Storage of Authentication Credentials in Winamp 2.80 Information Disclosure Vulnerability in WebSite Pro 3.1.11.0 on Windows Denial of Service Vulnerability in Opera 6.0.3 with Squid 2.4 Denial of Service Vulnerability in Allied Telesyn AT-8024 1.3.1 and Rapier 24 Switches Zeroo Web Server 1.5 Directory Traversal Vulnerability Invalid Password Handling Vulnerability in acFTP 1.4 Cross-Site Scripting (XSS) Vulnerability in acFreeProxy 1.33 beta 7 DCTC Client 0.83.3 Denial of Service Vulnerability Arbitrary Command Execution in Super Site Searcher's site_searcher.cgi Denial of Service Vulnerability in acWEB 1.14 via HTTP Request for MS-DOS Device Names Arbitrary Script Injection in Compaq Insight Management Agents Log Truncation Vulnerability in Sendmail 8.12.0 - 8.12.6 Arbitrary Script Injection via Style Attribute in PHP(Reactor) 1.2.7 pl1 Remote Code Execution in Sun AnswerBook2 1.2 through 1.4.2 Arbitrary Application Execution via CSRF Vulnerability in Citrix Presentation Server Authentication Bypass Vulnerability in GoAhead WebServer NULL pointer dereference and daemon crash vulnerability in GoAhead WebServer before 2.1.4 Denial of Service Vulnerability in GoAhead WebServer 2.1.4 Denial of Service (CPU Consumption) Vulnerability in GoAhead WebServer Unspecified Remote Code Execution Vulnerability in GoAhead WebServer Denial of Service Vulnerability in NWFTPD.nlm FTP Server Denial of Service Vulnerability in NWFTPD.nlm FTP Server Denial of Service Vulnerability in NWFTPD.nlm FTP Server in Novell NetWare CSS History Sniffing Vulnerability in Internet Explorer 8.0 and Earlier CSS :visited Pseudo-class Information Disclosure Vulnerability Information Disclosure Vulnerability in Mozilla Firefox, Thunderbird, and SeaMonkey TCP Firewall Circumvention: Exploiting SYN Packets with Incorrectly Discarded Flags Integer Overflow in new[] Operator in gcc Before 4.8.0: Unspecified Impacts Denial of Service Vulnerability in MIT Kerberos 5 (CVE-2013-1418) Critical Security Vulnerability in Snoopy before 2.0.0: Remote Code Execution via cURL Default Password Vulnerability in GE Healthcare Millennium MG, NC, and MyoSIGHT Insecure Default Password in GE Healthcare Millennium MG, NC, and MyoSIGHT