Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2002-0940 | 1 Ncipher | 1 Mscapi Csp | 2008-09-10 | 4.6 MEDIUM | N/A |
| domesticinstall.exe for nCipher MSCAPI CSP 5.50 and 5.54 does not use Operator Card Set protected keys when the user requests them but does not generate the Operator Card Set, which results in a lower protection level than specified by the user (module protection only). | |||||
| CVE-2002-0939 | 1 Ncipher | 1 Mscapi Csp | 2008-09-10 | 4.6 MEDIUM | N/A |
| The Install Wizard for nCipher MSCAPI CSP 5.50 does not use Operator Card Set protected keys when the user requests them but does not generate the Operator Card Set, which results in a lower protection level than specified by the user (module protection only). | |||||
| CVE-2002-1146 | 1 Gnu | 1 Glibc | 2008-09-10 | 5.0 MEDIUM | N/A |
| The BIND 4 and BIND 8.2.x stub resolver libraries, and other libraries such as glibc 2.2.5 and earlier, libc, and libresolv, use the maximum buffer size instead of the actual size when processing a DNS response, which causes the stub resolvers to read past the actual boundary ("read buffer overflow"), allowing remote attackers to cause a denial of service (crash). | |||||
| CVE-2002-0988 | 1 Caldera | 2 Openunix, Unixware | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1, possibly related to XBM/xkbcomp capabilities. | |||||
| CVE-2002-0984 | 1 Light | 1 Light | 2008-09-10 | 7.5 HIGH | N/A |
| The IRC script included in Light 2.7.x before 2.7.30p5, and 2.8.x before 2.8pre10, running EPIC allows remote attackers to execute arbitrary code if the user joins a channel whose topic includes EPIC4 code. | |||||
| CVE-2002-0981 | 1 Caldera | 2 Openunix, Unixware | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in ndcfg command for UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to execute arbitrary code via a long command line. | |||||
| CVE-2002-0987 | 1 Caldera | 2 Openunix, Unixware | 2008-09-10 | 7.2 HIGH | N/A |
| X server (Xsco) in OpenUNIX 8.0.0 and UnixWare 7.1.1 does not drop privileges before calling programs such as xkbcomp using popen, which could allow local users to gain privileges. | |||||
| CVE-2002-0834 | 1 Ethereal Group | 1 Ethereal | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in the ISIS dissector for Ethereal 0.9.5 and earlier allows remote attackers to cause a denial of service or execute arbitrary code via malformed packets. | |||||
| CVE-2002-0758 | 1 Suse | 1 Suse Linux | 2008-09-10 | 7.5 HIGH | N/A |
| ifup-dhcp script in the sysconfig package for SuSE 8.0 allows remote attackers to execute arbitrary commands via spoofed DHCP responses, which are stored and executed in a file. | |||||
| CVE-2002-0765 | 1 Openbsd | 2 Openbsd, Openssh | 2008-09-10 | 7.5 HIGH | N/A |
| sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password. | |||||
| CVE-2002-0762 | 1 Suse | 1 Suse Linux | 2008-09-10 | 7.2 HIGH | N/A |
| shadow package in SuSE 8.0 allows local users to destroy the /etc/passwd and /etc/shadow files or assign extra group privileges to some users by changing filesize limits before calling programs that modify the files. | |||||
| CVE-2002-0766 | 1 Openbsd | 1 Openbsd | 2008-09-10 | 7.2 HIGH | N/A |
| OpenBSD 2.9 through 3.1 allows local users to cause a denial of service (resource exhaustion) and gain root privileges by filling the kernel's file descriptor table and closing file descriptors 0, 1, or 2 before executing a privileged process, which is not properly handled when OpenBSD fails to open an alternate descriptor. | |||||
| CVE-2002-0657 | 1 Openssl | 1 Openssl | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in OpenSSL 0.9.7 before 0.9.7-beta3, with Kerberos enabled, allows attackers to execute arbitrary code via a long master key. | |||||
| CVE-2002-0659 | 3 Apple, Openssl, Oracle | 5 Mac Os X, Openssl, Application Server and 2 more | 2008-09-10 | 5.0 MEDIUM | N/A |
| The ASN1 library in OpenSSL 0.9.6d and earlier, and 0.9.7-beta2 and earlier, allows remote attackers to cause a denial of service via invalid encodings. | |||||
| CVE-2002-0803 | 1 Mozilla | 1 Bugzilla | 2008-09-10 | 5.0 MEDIUM | N/A |
| Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, allows remote attackers to display restricted products and components via a direct HTTP request to queryhelp.cgi. | |||||
| CVE-2002-0450 | 1 Talentsoft | 1 Web\+ Server | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in Talentsoft Web+ 5.0 and earlier allows remote attackers to execute arbitrary code via a long Web Markup Language (wml) file name to (1) webplus.dll or (2) webplus.exe. | |||||
| CVE-2002-0440 | 1 Trend Micro | 1 Interscan Viruswall | 2008-09-10 | 7.5 HIGH | N/A |
| Trend Micro InterScan VirusWall HTTP proxy 3.6 with the "Skip scanning if Content-length equals 0" option enabled allows malicious web servers to bypass content scanning via a Content-length header set to 0, which is often ignored by HTTP clients. | |||||
| CVE-2002-0430 | 1 Sun | 3 Cobalt Raq 2, Cobalt Raq 3i, Cobalt Raq 4 | 2008-09-10 | 3.7 LOW | N/A |
| MultiFileUploadHandler.php in the Sun Cobalt RaQ XTR administration interface allows local users to bypass authentication and overwrite arbitrary files via a symlink attack on a temporary file, followed by a request to MultiFileUpload.php. | |||||
| CVE-2002-0790 | 1 Ibm | 1 Aix | 2008-09-10 | 2.1 LOW | N/A |
| clchkspuser and clpasswdremote in AIX expose an encrypted password in the cspoc.log file, which could allow local users to gain privileges. | |||||
| CVE-2002-0530 | 1 Novell | 1 Web Search | 2008-09-10 | 5.1 MEDIUM | N/A |
| Cross-site scripting vulnerability in Novell Web Search 2.0.1 allows remote attackers to execute arbitrary script as other Web Search users via the search parameter. | |||||