Vulnerabilities (CVE)

Total 206558 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2002-0809 1 Mozilla 1 Bugzilla 2008-09-05 7.5 HIGH N/A
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, does not properly handle URL-encoded field names that are generated by some browsers, which could cause certain fields to appear to be unset, which has the effect of removing group permissions on bugs when buglist.cgi is provided with the encoded field names.
CVE-2002-0810 1 Mozilla 1 Bugzilla 2008-09-05 5.0 MEDIUM N/A
Bugzilla 2.14 before 2.14.2, and 2.16 before 2.16rc2, directs error messages from the syncshadowdb command to the HTML output, which could leak sensitive information, including plaintext passwords, if syncshadowdb fails.
CVE-2002-0821 1 Ethereal Group 1 Ethereal 2008-09-05 7.5 HIGH N/A
Buffer overflows in Ethereal 0.9.4 and earlier allow remote attackers to cause a denial of service or execute arbitrary code via (1) the BGP dissector, or (2) the WCP dissector.
CVE-2002-0822 1 Ethereal Group 1 Ethereal 2008-09-05 7.5 HIGH N/A
Ethereal 0.9.4 and earlier allows remote attackers to cause a denial of service and possibly excecute arbitrary code via the (1) SOCKS, (2) RSVP, (3) AFS, or (4) LMP dissectors, which can be caused to core dump.
CVE-2002-0825 1 Padl Software 1 Nss Ldap 2008-09-05 7.5 HIGH N/A
Buffer overflow in the DNS SRV code for nss_ldap before nss_ldap-198 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
CVE-2002-0827 1 Caldera 2 Openunix, Unixware 2008-09-05 7.2 HIGH N/A
Vulnerability in pppd on UnixWare 7.1.1 and Open UNIX 8.0.0 allows local users to gain root privileges via (1) ppptalk or (2) ppp, a different vulnerability than CVE-2002-0824.
CVE-2002-0835 3 Caldera, Hp, Redhat 4 Openlinux Server, Openlinux Workstation, Secure Os and 1 more 2008-09-05 5.0 MEDIUM N/A
Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones.
CVE-2002-0851 1 Isdn4linux 1 Isdn4linux 2008-09-05 7.2 HIGH N/A
Format string vulnerability in ISDN Point to Point Protocol (PPP) daemon (ipppd) in the ISDN4Linux (i4l) package allows local users to gain root privileges via format strings in the device name command line argument, which is not properly handled in a call to syslog.
CVE-2002-0855 1 Gnu 1 Mailman 2008-09-05 7.5 HIGH N/A
Cross-site scripting vulnerability in Mailman before 2.0.12 allows remote attackers to execute script as other users via a subscriber's list subscription options in the (1) adminpw or (2) info parameters to the ml-name feature.
CVE-2002-0870 1 Cisco 2 Content Services Switch 11000, Webns 2008-09-05 7.5 HIGH N/A
The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instead of navigating through the interface, possibly via a variant of the original attack, as identified by Cisco bug ID CSCdw08549.
CVE-2002-0876 1 Evolvable Corporation 1 Shambala Server 2008-09-05 5.0 MEDIUM N/A
Web server for Shambala 4.5 allows remote attackers to cause a denial of service (crash) via a malformed HTTP request.
CVE-2002-0877 1 Evolvable Corporation 1 Shambala Server 2008-09-05 5.0 MEDIUM N/A
Directory traversal vulnerability in the FTP server for Shambala 4.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the (1) LIST (ls) or (2) GET commands.
CVE-2002-0878 1 Logisense 2 Dns Manager System, Hawk-i 2008-09-05 7.5 HIGH N/A
SQL injection vulnerability in the login form for LogiSense software including (1) Hawk-i Billing, (2) Hawk-i ASP and (3) DNS Manager allows remote attackers to bypass authentication via SQL code in the password field.
CVE-2002-0879 1 Gafware 1 Cfximage 2008-09-05 5.0 MEDIUM N/A
showtemp.cfm for Gafware CFXImage 1.6.6 allows remote attackers to read arbitrary files via (1) a .. or (2) a C: style pathname in the FILE parameter.
CVE-2002-0883 1 Compaq 1 Proliant Bl E-class Integrated Administrator Firmware 2008-09-05 7.2 HIGH N/A
Vulnerability in Compaq ProLiant BL e-Class Integrated Administrator 1.0 and 1.10, allows authenticated users with Telnet, SSH, or console access to conduct unauthorized activities.
CVE-2002-0891 1 Juniper 1 Netscreen Screenos 2008-09-05 5.0 MEDIUM N/A
The web interface (WebUI) of NetScreen ScreenOS before 2.6.1r8, and certain 2.8.x and 3.0.x versions before 3.0.3r1, allows remote attackers to cause a denial of service (crash) via a long user name.
CVE-2002-0892 1 New Atlanta Communications 1 Servletexec Isapi 2008-09-05 5.0 MEDIUM N/A
The default configuration of NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to determine the path of the web root via a direct request to com.newatlanta.servletexec.JSP10Servlet without a filename, which leaks the pathname in an error message.
CVE-2002-0893 1 New Atlanta Communications 1 Servletexec Isapi 2008-09-05 5.0 MEDIUM N/A
Directory traversal vulnerability in NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to read arbitrary files via a URL-encoded request to com.newatlanta.servletexec.JSP10Servlet containing "..%5c" (modified dot-dot) sequences.
CVE-2002-0894 1 New Atlanta Communications 1 Servletexec Isapi 2008-09-05 5.0 MEDIUM N/A
NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to cause a denial of service (crash) via (1) a request for a long .jsp file, or (2) a long URL sent directly to com.newatlanta.servletexec.JSP10Servlet.
CVE-2002-0895 1 Matu 1 Matu Ftp 2008-09-05 7.5 HIGH N/A
Buffer overflow in MatuFtpServer 1.1.3.0 (1.1.3) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long PASS (password) command.