Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0140 | 1 Dnrd | 1 Dnrd | 2008-09-10 | 7.5 HIGH | N/A |
| Domain Name Relay Daemon (dnrd) 2.10 and earlier allows remote malicious DNS sites to cause a denial of service and possibly execute arbitrary code via a long or malformed DNS reply, which is not handled properly by parse_query, get_objectname, and possibly other functions. | |||||
| CVE-2002-0196 | 1 Acd Incorporated | 1 Cwpapi | 2008-09-10 | 6.4 MEDIUM | N/A |
| GetRelativePath in ACD Incorporated CwpAPI 1.1 only verifies if the server root is somewhere within the path, which could allow remote attackers to read or write files outside of the web root, in other directories whose path includes the web root. | |||||
| CVE-2002-0166 | 1 Stephen Turner | 1 Analog | 2008-09-10 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in analog before 5.22 allows remote attackers to execute Javascript via an HTTP request containing the script, which is entered into a web logfile and not properly filtered by analog during display. | |||||
| CVE-2002-0173 | 1 Sgi | 1 Irix | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in cpr for the eoe.sw.cpr SGI Checkpoint-Restart Software package on SGI IRIX 6.5.10 and earlier may allow local users to gain root privileges. | |||||
| CVE-2002-0172 | 1 Sgi | 1 Irix | 2008-09-10 | 2.1 LOW | N/A |
| /dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with insecure default permissions (644), which could allow a local user to cause a denial of service (traffic disruption). | |||||
| CVE-2002-0171 | 1 Sgi | 1 Irisconsole | 2008-09-10 | 7.5 HIGH | N/A |
| IRISconsole 2.0 may allow users to log into the icadmin account with an incorrect password in some circumstances, which could allow users to gain privileges. | |||||
| CVE-2002-0174 | 1 Sgi | 1 Irix | 2008-09-10 | 7.2 HIGH | N/A |
| nsd on SGI IRIX before 6.5.11 allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the nsd.dump file. | |||||
| CVE-2002-0176 | 1 Avaya | 1 Libsafe | 2008-09-10 | 4.6 MEDIUM | N/A |
| The printf wrappers in libsafe 2.0-11 and earlier do not properly handle argument indexing specifiers, which could allow attackers to exploit certain function calls through arguments that are not verified by libsafe. | |||||
| CVE-2002-0175 | 1 Avaya | 1 Libsafe | 2008-09-10 | 4.6 MEDIUM | N/A |
| libsafe 2.0-11 and earlier allows attackers to bypass protection against format string vulnerabilities via format strings that use the "'" and "I" characters, which are implemented in libc but not libsafe. | |||||
| CVE-2002-0167 | 1 Enlightenment | 1 Imlib | 2008-09-10 | 7.5 HIGH | N/A |
| Imlib before 1.9.13 sometimes uses the NetPBM package to load trusted images, which could allow attackers to cause a denial of service (crash) and possibly execute arbitrary code via certain weaknesses of NetPBM. | |||||
| CVE-2002-0168 | 1 Enlightenment | 1 Imlib | 2008-09-10 | 7.5 HIGH | N/A |
| Vulnerability in Imlib before 1.9.13 allows attackers to cause a denial of service (crash) and possibly execute arbitrary code by manipulating arguments that are passed to malloc, which results in a heap corruption. | |||||
| CVE-2002-0169 | 1 Redhat | 2 Docbook Stylesheets, Docbook Utils | 2008-09-10 | 4.6 MEDIUM | N/A |
| The default stylesheet for DocBook on Red Hat Linux 6.2 through 7.2 is installed with an insecure option enabled, which could allow users to overwrite files outside of the current directory from an untrusted document by using a full pathname as an element identifier. | |||||
| CVE-2002-0202 | 1 Paintbbs | 1 Paintbbs | 2008-09-10 | 3.6 LOW | N/A |
| PaintBBS 1.2 installs certain files and directories with insecure permissions, which allows local users to (1) obtain the encrypted server password via the world-readable oekakibbs.conf file, or (2) modify the server configuration via the world-writeable /oekaki/ folder. | |||||
| CVE-2002-0209 | 1 Nortel | 1 Alteon Acedirector | 2008-09-10 | 5.0 MEDIUM | N/A |
| Nortel Alteon ACEdirector WebOS 9.0, with the Server Load Balancing (SLB) and Cookie-Based Persistence features enabled, allows remote attackers to determine the real IP address of a web server with a half-closed session, which causes ACEdirector to send packets from the server without changing the address to the virtual IP address. | |||||
| CVE-2002-0208 | 1 Pgp Security | 1 Pgpfire | 2008-09-10 | 5.0 MEDIUM | N/A |
| PGP Security PGPfire 7.1 for Windows alters the system's TCP/IP stack and modifies packets in ICMP error messages in a way that allows remote attackers to determine that the system is running PGPfire. | |||||
| CVE-2002-0215 | 1 Steve Kneizys | 1 Agora.cgi | 2008-09-10 | 5.0 MEDIUM | N/A |
| Agora.cgi 3.2r through 4.0 while in debug mode allows remote attackers to determine the full pathname of the agora.cgi file by requesting a non-existent .html file, which leaks the pathname in an error message. | |||||
| CVE-2002-0210 | 1 Tolis Group | 1 Bru | 2008-09-10 | 7.2 HIGH | N/A |
| setlicense for TOLIS Group Backup and Restore Utility (BRU) 17.0 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/brutest.$$ temporary file. | |||||
| CVE-2002-0214 | 1 Intel | 1 Intel Pro Wireless 2011b Lan Usb Device Driver | 2008-09-10 | 2.1 LOW | N/A |
| Compaq Intel PRO/Wireless 2011B LAN USB Device Driver 1.5.16.0 through 1.5.18.0 stores the 128-bit WEP (Wired Equivalent Privacy) key in plaintext in a registry key with weak permissions, which allows local users to decrypt network traffic by reading the WEP key from the registry key. | |||||
| CVE-2002-0222 | 1 Etype | 1 Eserv | 2008-09-10 | 7.5 HIGH | N/A |
| Etype Eserv 2.97 allows remote attackers to redirect traffic to other sites (aka FTP bounce) via the PORT command. | |||||
| CVE-2002-0218 | 1 Sas | 2 Sas Base, Sas Integration Technologies | 2008-09-10 | 7.2 HIGH | N/A |
| Format string vulnerability in (1) sastcpd in SAS/Base 8.0 and 8.1 or (2) objspawn in SAS/Integration Technologies 8.0 and 8.1 allows local users to execute arbitrary code via format specifiers in a command line argument. | |||||