cpe:/o:freebsd:freebsd:4.2 cpe:/o:freebsd:freebsd:4.3 cpe:/o:freebsd:freebsd:4.4 cpe:/o:freebsd:freebsd:4.5 cpe:/o:freebsd:freebsd:4.6 cpe:/o:freebsd:freebsd:4.7 cpe:/o:linux:linux_kernel:2.4.1 cpe:/o:linux:linux_kernel:2.4.2 cpe:/o:linux:linux_kernel:2.4.3 cpe:/o:linux:linux_kernel:2.4.4 cpe:/o:linux:linux_kernel:2.4.5 cpe:/o:linux:linux_kernel:2.4.6 cpe:/o:linux:linux_kernel:2.4.7 cpe:/o:linux:linux_kernel:2.4.8 cpe:/o:linux:linux_kernel:2.4.9 cpe:/o:linux:linux_kernel:2.4.10 cpe:/o:linux:linux_kernel:2.4.11 cpe:/o:linux:linux_kernel:2.4.12 cpe:/o:linux:linux_kernel:2.4.13 cpe:/o:linux:linux_kernel:2.4.14 cpe:/o:linux:linux_kernel:2.4.15 cpe:/o:linux:linux_kernel:2.4.16 cpe:/o:linux:linux_kernel:2.4.17 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel:2.4.19 cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2000::sp1 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000_terminal_services cpe:/o:microsoft:windows_2000_terminal_services::sp1 cpe:/o:microsoft:windows_2000_terminal_services::sp2 cpe:/o:netbsd:netbsd:1.5 cpe:/o:netbsd:netbsd:1.5.1 cpe:/o:netbsd:netbsd:1.5.2 cpe:/o:netbsd:netbsd:1.5.3 cpe:/o:netbsd:netbsd:1.6 CVE-2003-0001 2003-01-17T00:00:00.000-05:00 2019-04-30T10:27:13.710-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov VULNWATCH 20030110 More information regarding Etherleak BUGTRAQ 20030110 More information regarding Etherleak ATSTAKE A010603-1 MISC http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf CERT-VN VU#412115 CONFIRM http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html REDHAT RHSA-2003:025 REDHAT RHSA-2003:088 BUGTRAQ 20030106 Etherleak: Ethernet frame padding information leakage (A010603-1) BUGTRAQ 20030117 Re: More information regarding Etherleak SECTRACK 1031583 SECTRACK 1040185 Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak. cpe:/a:microsoft:content_management_server:2001 cpe:/a:microsoft:content_management_server:2001:sp1 CVE-2003-0002 2003-02-07T00:00:00.000-05:00 2018-10-12T17:32:19.100-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20021007 CSS on Microsoft Content Management Server XF mcms-manuallogin-reasontxt-xss (10318) BID 5922 MS MS03-002 Cross-site scripting vulnerability (XSS) in ManualLogin.asp script for Microsoft Content Management Server (MCMS) 2001 allows remote attackers to execute arbitrary script via the REASONTXT parameter. cpe:/a:microsoft:windows_2000_terminal_services:- cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2000::sp1 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 cpe:/o:microsoft:windows_2000_terminal_services::sp1 cpe:/o:microsoft:windows_2000_terminal_services::sp2 cpe:/o:microsoft:windows_2000_terminal_services:-:sp3 cpe:/o:microsoft:windows_nt:4.0::enterprise_server cpe:/o:microsoft:windows_nt:4.0::server cpe:/o:microsoft:windows_nt:4.0::terminal_server cpe:/o:microsoft:windows_nt:4.0::workstation cpe:/o:microsoft:windows_nt:4.0:sp1:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp1:server cpe:/o:microsoft:windows_nt:4.0:sp1:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp1:workstation cpe:/o:microsoft:windows_nt:4.0:sp2:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp2:server cpe:/o:microsoft:windows_nt:4.0:sp2:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp2:workstation cpe:/o:microsoft:windows_nt:4.0:sp3:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp3:server cpe:/o:microsoft:windows_nt:4.0:sp3:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp3:workstation cpe:/o:microsoft:windows_nt:4.0:sp4:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp4:server cpe:/o:microsoft:windows_nt:4.0:sp4:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp4:workstation cpe:/o:microsoft:windows_nt:4.0:sp5:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp5:server cpe:/o:microsoft:windows_nt:4.0:sp5:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp5:workstation cpe:/o:microsoft:windows_nt:4.0:sp6:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6:server cpe:/o:microsoft:windows_nt:4.0:sp6:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6:workstation cpe:/o:microsoft:windows_nt:4.0:sp6a:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6a:server cpe:/o:microsoft:windows_nt:4.0:sp6a:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6a:workstation cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_xp::sp1:home cpe:/o:microsoft:windows_xp:-::64-bit cpe:/o:microsoft:windows_xp:-:sp1:64-bit CVE-2003-0003 2003-02-07T00:00:00.000-05:00 2019-04-30T10:27:13.710-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030130 Microsoft RPC Locator Buffer Overflow Vulnerability (#NISR29012003) NTBUGTRAQ 20030130 Microsoft RPC Locator Buffer Overflow Vulnerability (#NISR29012003) CERT CA-2003-03 CERT-VN VU#610986 BID 6666 MS MS03-001 XF win-locator-bo(11132) Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code via an RPC call to the service containing certain parameter information. cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_xp::sp1:home CVE-2003-0004 2003-02-19T00:00:00.000-05:00 2018-10-12T17:32:20.600-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20030327 NSFOCUS SA2003-01: Microsoft Windows XP Redirector Local Buffer Overflow Vulnerability BUGTRAQ 20030327 NSFOCUS SA2003-01: Microsoft Windows XP Redirector Local Buffer Overflow Vulnerability XF winxp-windows-redirector-bo(11260) BID 6778 MS MS03-005 Buffer overflow in the Windows Redirector function in Microsoft Windows XP allows local users to execute arbitrary code via a long parameter. cpe:/a:microsoft:outlook:2002 cpe:/a:microsoft:outlook:2002:sp1 cpe:/a:microsoft:outlook:2002:sp2 CVE-2003-0007 2003-02-07T00:00:00.000-05:00 2018-10-12T17:32:21.067-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BID 6667 MS MS03-003 XF outlook-v1-certificate-plaintext(11133) Microsoft Outlook 2002 does not properly handle requests to encrypt email messages with V1 Exchange Server Security certificates, which causes Outlook to send the email in plaintext, aka "Flaw in how Outlook 2002 handles V1 Exchange Server Security Certificates could lead to Information Disclosure." cpe:/o:microsoft:windows_me cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_xp::gold:professional CVE-2003-0009 2003-03-07T00:00:00.000-05:00 2018-10-12T17:32:21.380-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030227 MS-Windows ME IE/Outlook/HelpCenter critical vulnerability CIAC N-047 XF winme-hsc-hcp-bo(11425) CERT-VN VU#489721 BID 6966 MS MS03-006 Cross-site scripting (XSS) vulnerability in Help and Support Center for Microsoft Windows Me allows remote attackers to execute arbitrary script in the Local Computer security context via an hcp:// URL with the malicious script in the topic parameter. cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2000::sp1 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 cpe:/o:microsoft:windows_2000_terminal_services cpe:/o:microsoft:windows_2000_terminal_services::sp1 cpe:/o:microsoft:windows_2000_terminal_services::sp2 cpe:/o:microsoft:windows_2000_terminal_services::sp3 cpe:/o:microsoft:windows_98::gold cpe:/o:microsoft:windows_98se cpe:/o:microsoft:windows_me cpe:/o:microsoft:windows_nt:4.0::enterprise_server cpe:/o:microsoft:windows_nt:4.0::server cpe:/o:microsoft:windows_nt:4.0::terminal_server cpe:/o:microsoft:windows_nt:4.0::workstation cpe:/o:microsoft:windows_nt:4.0:sp1:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp1:server cpe:/o:microsoft:windows_nt:4.0:sp1:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp1:workstation cpe:/o:microsoft:windows_nt:4.0:sp2:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp2:server cpe:/o:microsoft:windows_nt:4.0:sp2:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp2:workstation cpe:/o:microsoft:windows_nt:4.0:sp3:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp3:server cpe:/o:microsoft:windows_nt:4.0:sp3:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp3:workstation cpe:/o:microsoft:windows_nt:4.0:sp4:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp4:server cpe:/o:microsoft:windows_nt:4.0:sp4:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp4:workstation cpe:/o:microsoft:windows_nt:4.0:sp5:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp5:server cpe:/o:microsoft:windows_nt:4.0:sp5:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp5:workstation cpe:/o:microsoft:windows_nt:4.0:sp6:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6:server cpe:/o:microsoft:windows_nt:4.0:sp6:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6:workstation cpe:/o:microsoft:windows_nt:4.0:sp6a:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6a:server cpe:/o:microsoft:windows_nt:4.0:sp6a:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6a:workstation cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_xp::sp1:home CVE-2003-0010 2003-03-24T00:00:00.000-05:00 2019-04-30T10:27:13.710-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS VULNWATCH 20030319 Windows Scripting Engine issue IDEFENSE 20030319 Heap Overflow in Windows Script Engine BUGTRAQ 20030319 iDEFENSE Security Advisory 03.19.03: Heap Overflow in Windows Script Engine BID 7146 MS MS03-008 Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack. cpe:/a:microsoft:isa_server:2000 cpe:/a:microsoft:isa_server:2000:sp1 CVE-2003-0011 2003-03-24T00:00:00.000-05:00 2018-10-12T17:32:23.240-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BID 7145 MS MS03-009 Unknown vulnerability in the DNS intrusion detection application filter for Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (blocked traffic to DNS servers) via a certain type of incoming DNS request that is not properly handled. cpe:/a:mozilla:bugzilla:2.14 cpe:/a:mozilla:bugzilla:2.14.1 cpe:/a:mozilla:bugzilla:2.14.2 cpe:/a:mozilla:bugzilla:2.14.3 cpe:/a:mozilla:bugzilla:2.14.4 cpe:/a:mozilla:bugzilla:2.16 cpe:/a:mozilla:bugzilla:2.16.1 cpe:/a:mozilla:bugzilla:2.17 cpe:/a:mozilla:bugzilla:2.17.1 CVE-2003-0012 2003-01-17T00:00:00.000-05:00 2016-10-17T22:28:17.573-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030102 [BUGZILLA] Security Advisory - remote database password disclosure DEBIAN DSA-230 XF bugzilla-mining-world-writable(10971) REDHAT RHSA-2003:012 BID 6502 The data collection script for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 sets world-writable permissions for the data/mining directory when it runs, which allows local users to modify or delete the data. cpe:/a:mozilla:bugzilla:2.14 cpe:/a:mozilla:bugzilla:2.14.1 cpe:/a:mozilla:bugzilla:2.14.2 cpe:/a:mozilla:bugzilla:2.14.3 cpe:/a:mozilla:bugzilla:2.14.4 cpe:/a:mozilla:bugzilla:2.16 cpe:/a:mozilla:bugzilla:2.16.1 cpe:/a:mozilla:bugzilla:2.17 cpe:/a:mozilla:bugzilla:2.17.1 CVE-2003-0013 2003-01-17T00:00:00.000-05:00 2016-10-17T22:28:18.870-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030102 [BUGZILLA] Security Advisory - remote database password disclosure DEBIAN DSA-230 XF bugzilla-htaccess-database-password(10970) BID 6501 The default .htaccess scripts for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 do not include filenames for backup copies of the localconfig file that are made from editors such as vi and Emacs, which could allow remote attackers to obtain a database password by directly accessing the backup file. cpe:/a:bmv:bmv:1.2 CVE-2003-0014 2003-01-11T00:00:00.000-05:00 2017-07-10T21:29:26.947-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov CONFIRM http://packages.debian.org/changelogs/pool/main/b/bmv/bmv_1.2-14.2/changelog BID 12229 SECTRACK 1012847 DEBIAN DSA-633 XF bmv-symlink(18823) gsinterf.c in bmv 1.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. cpe:/a:cvs:cvs:1.10.7 cpe:/a:cvs:cvs:1.10.8 cpe:/a:cvs:cvs:1.11 cpe:/a:cvs:cvs:1.11.1 cpe:/a:cvs:cvs:1.11.1p1 cpe:/a:cvs:cvs:1.11.2 cpe:/a:cvs:cvs:1.11.3 cpe:/a:cvs:cvs:1.11.4 cpe:/o:freebsd:freebsd:4.4 cpe:/o:freebsd:freebsd:4.5 cpe:/o:freebsd:freebsd:4.6 cpe:/o:freebsd:freebsd:4.7 cpe:/o:freebsd:freebsd:5.0 CVE-2003-0015 2003-02-07T00:00:00.000-05:00 2018-05-02T21:29:18.723-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030120 Advisory 01/2003: CVS remote vulnerability BUGTRAQ 20030122 [security@slackware.com: [slackware-security] New CVS packages available] BUGTRAQ 20030124 Test program for CVS double-free. BUGTRAQ 20030202 Exploit for CVS double free() for Linux pserver FREEBSD FreeBSD-SA-03:01 REDHAT RHSA-2003:013 MISC http://security.e-matters.de/advisories/012003.html CERT CA-2003-02 CIAC N-032 DEBIAN DSA-233 CERT-VN VU#650937 MANDRAKE MDKSA-2003:009 REDHAT RHSA-2003:012 BID 6650 XF cvs-doublefree-memory-corruption(11108) Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands. cpe:/a:apache:http_server:2.0.36 cpe:/a:apache:http_server:2.0.37 cpe:/a:apache:http_server:2.0.38 cpe:/a:apache:http_server:2.0.39 cpe:/a:apache:http_server:2.0.40 cpe:/a:apache:http_server:2.0.41 cpe:/a:apache:http_server:2.0.42 cpe:/a:apache:http_server:2.0.43 CVE-2003-0016 2003-02-07T00:00:00.000-05:00 2017-10-09T21:30:13.250-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS MLIST [apache-httpd-announce] 20030120 [ANNOUNCE] Apache 2.0.44 Released CONFIRM http://www.apacheweek.com/issues/03-01-24#security CERT-VN VU#825177 CERT-VN VU#979793 BID 6659 XF apache-device-name-dos(11124) XF apache-device-code-execution(11125) MLIST [httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html MLIST [httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names. cpe:/a:apache:http_server:2.0.36 cpe:/a:apache:http_server:2.0.37 cpe:/a:apache:http_server:2.0.38 cpe:/a:apache:http_server:2.0.39 cpe:/a:apache:http_server:2.0.40 cpe:/a:apache:http_server:2.0.41 cpe:/a:apache:http_server:2.0.42 cpe:/a:apache:http_server:2.0.43 CVE-2003-0017 2003-02-07T00:00:00.000-05:00 2016-10-17T22:28:23.027-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov CONFIRM http://marc.info/?l=apache-httpd-announce&m=104313442901017&w=2 MLIST [httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html MLIST [httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes a different filename to be processed and served. cpe:/o:linux:linux_kernel:2.4.10 cpe:/o:linux:linux_kernel:2.4.11 cpe:/o:linux:linux_kernel:2.4.12 cpe:/o:linux:linux_kernel:2.4.13 cpe:/o:linux:linux_kernel:2.4.14 cpe:/o:linux:linux_kernel:2.4.15 cpe:/o:linux:linux_kernel:2.4.16 cpe:/o:linux:linux_kernel:2.4.17 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel:2.4.19 CVE-2003-0018 2003-02-19T00:00:00.000-05:00 2008-09-10T20:05:23.477-04:00 3.6 LOCAL LOW NONE PARTIAL NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CONFIRM http://linux.bkbits.net:8080/linux-2.4/cset@3e2f193drGJDBg9SG6JwaDQwCBnAMQ DEBIAN DSA-358 DEBIAN DSA-423 XF linux-odirect-information-leak(11249) MANDRAKE MDKSA-2003:014 REDHAT RHSA-2003:025 BID 6763 Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle the O_DIRECT feature, which allows local attackers with write privileges to read portions of previously deleted files, or cause file system corruption. cpe:/o:redhat:linux:8.0::i386 CVE-2003-0019 2003-02-19T00:00:00.000-05:00 2008-09-10T20:05:23.557-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS CIAC N-044 XF linux-umlnet-gain-privileges(11276) CERT-VN VU#134025 REDHAT RHSA-2003:056 BID 6801 uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode. cpe:/a:apache:http_server CVE-2003-0020 2003-03-18T00:00:00.000-05:00 2017-10-09T21:30:13.377-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov VULNWATCH 20030224 Terminal Emulator Security Issues MANDRAKE MDKSA-2004:046 BUGTRAQ 20030224 Terminal Emulator Security Issues APPLE APPLE-SA-2004-05-03 BUGTRAQ 20040512 [OpenPKG-SA-2004.021] OpenPKG Security Advisory (apache) HP SSRT4717 GENTOO GLSA-200405-22 SUNALERT 101555 SUNALERT 57628 XF apache-esc-seq-injection(11412) MANDRAKE MDKSA-2003:050 REDHAT RHSA-2003:082 REDHAT RHSA-2003:083 REDHAT RHSA-2003:104 REDHAT RHSA-2003:139 REDHAT RHSA-2003:243 REDHAT RHSA-2003:244 BID 9930 SLACKWARE SSA:2004-133 TRUSTIX 2004-0017 TRUSTIX 2004-0027 MLIST [httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html MLIST [httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences. cpe:/a:michael_jennings:eterm:0.8.10 cpe:/a:michael_jennings:eterm:0.9.1 CVE-2003-0021 2003-03-03T00:00:00.000-05:00 2016-10-17T22:28:25.557-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov VULNWATCH 20030224 Terminal Emulator Security Issues BUGTRAQ 20030224 Terminal Emulator Security Issues XF terminal-emulator-screen-dump(11413) MANDRAKE MDKSA-2003:040 BID 6936 The "screen dump" feature in Eterm 0.9.1 and earlier allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence. cpe:/a:rxvt:rxvt:2.6.1 cpe:/a:rxvt:rxvt:2.6.2 cpe:/a:rxvt:rxvt:2.6.3 cpe:/a:rxvt:rxvt:2.6.4 cpe:/a:rxvt:rxvt:2.7.5 cpe:/a:rxvt:rxvt:2.7.6 cpe:/a:rxvt:rxvt:2.7.7 cpe:/a:rxvt:rxvt:2.7.8 CVE-2003-0022 2003-03-03T00:00:00.000-05:00 2016-10-17T22:28:26.933-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov VULNWATCH 20030224 Terminal Emulator Security Issues BUGTRAQ 20030224 Terminal Emulator Security Issues XF terminal-emulator-screen-dump(11413) MANDRAKE MDKSA-2003:034 REDHAT RHSA-2003:054 REDHAT RHSA-2003:055 BID 6938 The "screen dump" feature in rxvt 2.7.8 allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence. cpe:/a:rxvt:rxvt:2.6.1 cpe:/a:rxvt:rxvt:2.6.2 cpe:/a:rxvt:rxvt:2.6.3 cpe:/a:rxvt:rxvt:2.6.4 cpe:/a:rxvt:rxvt:2.7.5 cpe:/a:rxvt:rxvt:2.7.6 cpe:/a:rxvt:rxvt:2.7.7 cpe:/a:rxvt:rxvt:2.7.8 CVE-2003-0023 2003-03-03T00:00:00.000-05:00 2016-10-17T22:28:28.417-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov VULNWATCH 20030224 Terminal Emulator Security Issues BUGTRAQ 20030224 Terminal Emulator Security Issues XF terminal-emulator-menu-modification(11416) MANDRAKE MDKSA-2003:034 REDHAT RHSA-2003:054 REDHAT RHSA-2003:055 BID 6947 The menuBar feature in rxvt 2.7.8 allows attackers to modify menu options and execute arbitrary commands via a certain character escape sequence that inserts the commands into the menu. cpe:/a:aterm:aterm:0.42 CVE-2003-0024 2003-03-03T00:00:00.000-05:00 2016-10-17T22:28:29.747-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030224 Terminal Emulator Security Issues BUGTRAQ 20030224 Terminal Emulator Security Issues XF terminal-emulator-menu-modification(11416) BID 6949 The menuBar feature in aterm 0.42 allows attackers to modify menu options and execute arbitrary commands via a certain character escape sequence that inserts the commands into the menu. cpe:/a:horde:imp:2.2 cpe:/a:horde:imp:2.2.1 cpe:/a:horde:imp:2.2.2 cpe:/a:horde:imp:2.2.3 cpe:/a:horde:imp:2.2.4 cpe:/a:horde:imp:2.2.5 cpe:/a:horde:imp:2.2.6 cpe:/a:horde:imp:2.2.7 cpe:/a:horde:imp:2.2.8 CVE-2003-0025 2003-01-17T00:00:00.000-05:00 2016-10-17T22:28:30.950-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030108 IMP 2.x SQL injection vulnerabilities DEBIAN DSA-229 BUGTRAQ 20030108 Re: IMP 2.x SQL injection vulnerabilities BID 6559 SECTRACK 1005904 Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3. cpe:/a:isc:dhcpd:3.0 cpe:/a:isc:dhcpd:3.0.1:rc1 cpe:/a:isc:dhcpd:3.0.1:rc2 cpe:/a:isc:dhcpd:3.0.1:rc3 cpe:/a:isc:dhcpd:3.0.1:rc4 cpe:/a:isc:dhcpd:3.0.1:rc5 cpe:/a:isc:dhcpd:3.0.1:rc6 cpe:/a:isc:dhcpd:3.0.1:rc7 cpe:/a:isc:dhcpd:3.0.1:rc8 CVE-2003-0026 2003-01-17T00:00:00.000-05:00 2017-07-10T21:29:27.010-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030122 [securityslackware.com: [slackware-security] New DHCP packages available] CONECTIVA CLA-2003:562 CERT CA-2003-01 CIAC N-031 DEBIAN DSA-231 CERT-VN VU#284857 MANDRAKE MDKSA-2003:007 OPENPKG OpenPKG-SA-2003.002 REDHAT RHSA-2003:011 BID 6627 SECTRACK 1005924 SUSE SuSE-SA:2003:006 XF dhcpd-minires-multiple-bo(11073) Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname. cpe:/o:sun:solaris:2.5.1::x86 cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0:x86_update_2 cpe:/o:sun:sunos:- cpe:/o:sun:sunos:5.5.1 cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-0027 2003-02-07T00:00:00.000-05:00 2018-10-30T12:26:22.763-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030122 Entercept Ricochet Advisory: Sun Solaris KCMS Library Service Daemon Arbitrary File Retrieval Vulner SUNALERT 50104 MISC http://www.entercept.com/news/uspr/01-22-03.asp CERT-VN VU#850785 BID 6665 XF solaris-kcms-directory-traversal(11129) Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure. cpe:/a:gnu:glibc:2.1 cpe:/a:gnu:glibc:2.1.1 cpe:/a:gnu:glibc:2.1.2 cpe:/a:gnu:glibc:2.1.3 cpe:/a:gnu:glibc:2.2 cpe:/a:gnu:glibc:2.2.1 cpe:/a:gnu:glibc:2.2.2 cpe:/a:gnu:glibc:2.2.3 cpe:/a:gnu:glibc:2.2.4 cpe:/a:gnu:glibc:2.2.5 cpe:/a:gnu:glibc:2.3 cpe:/a:gnu:glibc:2.3.1 cpe:/a:gnu:glibc:2.3.2 cpe:/a:mit:kerberos:5-1.2 cpe:/a:mit:kerberos:5-1.2.1 cpe:/a:mit:kerberos:5-1.2.2 cpe:/a:mit:kerberos:5-1.2.3 cpe:/a:mit:kerberos:5-1.2.4 cpe:/a:mit:kerberos:5-1.2.5 cpe:/a:mit:kerberos:5-1.2.6 cpe:/a:mit:kerberos:5-1.2.7 cpe:/a:openafs:openafs:1.0 cpe:/a:openafs:openafs:1.0.1 cpe:/a:openafs:openafs:1.0.2 cpe:/a:openafs:openafs:1.0.3 cpe:/a:openafs:openafs:1.0.4 cpe:/a:openafs:openafs:1.0.4a cpe:/a:openafs:openafs:1.1 cpe:/a:openafs:openafs:1.1.1 cpe:/a:openafs:openafs:1.1.1a cpe:/a:openafs:openafs:1.2 cpe:/a:openafs:openafs:1.2.1 cpe:/a:openafs:openafs:1.2.2 cpe:/a:openafs:openafs:1.2.2a cpe:/a:openafs:openafs:1.2.2b cpe:/a:openafs:openafs:1.2.3 cpe:/a:openafs:openafs:1.2.4 cpe:/a:openafs:openafs:1.2.5 cpe:/a:openafs:openafs:1.2.6 cpe:/a:openafs:openafs:1.3 cpe:/a:openafs:openafs:1.3.1 cpe:/a:openafs:openafs:1.3.2 cpe:/o:cray:unicos:6.0 cpe:/o:cray:unicos:6.0e cpe:/o:cray:unicos:6.1 cpe:/o:cray:unicos:7.0 cpe:/o:cray:unicos:8.0 cpe:/o:cray:unicos:8.3 cpe:/o:cray:unicos:9.0 cpe:/o:cray:unicos:9.0.2.5 cpe:/o:cray:unicos:9.2 cpe:/o:cray:unicos:9.2.4 cpe:/o:freebsd:freebsd:4.0 cpe:/o:freebsd:freebsd:4.1 cpe:/o:freebsd:freebsd:4.1.1 cpe:/o:freebsd:freebsd:4.1.1:release cpe:/o:freebsd:freebsd:4.1.1:stable cpe:/o:freebsd:freebsd:4.2 cpe:/o:freebsd:freebsd:4.2:stable cpe:/o:freebsd:freebsd:4.3 cpe:/o:freebsd:freebsd:4.3:release cpe:/o:freebsd:freebsd:4.3:stable cpe:/o:freebsd:freebsd:4.4 cpe:/o:freebsd:freebsd:4.4:stable cpe:/o:freebsd:freebsd:4.5 cpe:/o:freebsd:freebsd:4.5:release cpe:/o:freebsd:freebsd:4.5:stable cpe:/o:freebsd:freebsd:4.6 cpe:/o:freebsd:freebsd:4.6:release cpe:/o:freebsd:freebsd:4.6:stable cpe:/o:freebsd:freebsd:4.6.2 cpe:/o:freebsd:freebsd:4.7 cpe:/o:freebsd:freebsd:4.7:release cpe:/o:freebsd:freebsd:4.7:stable cpe:/o:freebsd:freebsd:5.0 cpe:/o:hp:hp-ux:10.20 cpe:/o:hp:hp-ux:10.24 cpe:/o:hp:hp-ux:11.00 cpe:/o:hp:hp-ux:11.04 cpe:/o:hp:hp-ux:11.11 cpe:/o:hp:hp-ux:11.20 cpe:/o:hp:hp-ux:11.22 cpe:/o:hp:hp-ux_series_700:10.20 cpe:/o:hp:hp-ux_series_800:10.20 cpe:/o:ibm:aix:4.3.3 cpe:/o:ibm:aix:5.1 cpe:/o:ibm:aix:5.2 cpe:/o:openbsd:openbsd:2.0 cpe:/o:openbsd:openbsd:2.1 cpe:/o:openbsd:openbsd:2.2 cpe:/o:openbsd:openbsd:2.3 cpe:/o:openbsd:openbsd:2.4 cpe:/o:openbsd:openbsd:2.5 cpe:/o:openbsd:openbsd:2.6 cpe:/o:openbsd:openbsd:2.7 cpe:/o:openbsd:openbsd:2.8 cpe:/o:openbsd:openbsd:2.9 cpe:/o:openbsd:openbsd:3.0 cpe:/o:openbsd:openbsd:3.1 cpe:/o:openbsd:openbsd:3.2 cpe:/o:sgi:irix:6.5 cpe:/o:sgi:irix:6.5.1 cpe:/o:sgi:irix:6.5.2 cpe:/o:sgi:irix:6.5.2f cpe:/o:sgi:irix:6.5.2m cpe:/o:sgi:irix:6.5.3 cpe:/o:sgi:irix:6.5.3f cpe:/o:sgi:irix:6.5.3m cpe:/o:sgi:irix:6.5.4 cpe:/o:sgi:irix:6.5.4f cpe:/o:sgi:irix:6.5.4m cpe:/o:sgi:irix:6.5.5 cpe:/o:sgi:irix:6.5.5f cpe:/o:sgi:irix:6.5.5m cpe:/o:sgi:irix:6.5.6 cpe:/o:sgi:irix:6.5.6f cpe:/o:sgi:irix:6.5.6m cpe:/o:sgi:irix:6.5.7 cpe:/o:sgi:irix:6.5.7f cpe:/o:sgi:irix:6.5.7m cpe:/o:sgi:irix:6.5.8 cpe:/o:sgi:irix:6.5.8f cpe:/o:sgi:irix:6.5.8m cpe:/o:sgi:irix:6.5.9 cpe:/o:sgi:irix:6.5.9f cpe:/o:sgi:irix:6.5.9m cpe:/o:sgi:irix:6.5.10 cpe:/o:sgi:irix:6.5.10f cpe:/o:sgi:irix:6.5.10m cpe:/o:sgi:irix:6.5.11 cpe:/o:sgi:irix:6.5.11f cpe:/o:sgi:irix:6.5.11m cpe:/o:sgi:irix:6.5.12 cpe:/o:sgi:irix:6.5.12f cpe:/o:sgi:irix:6.5.12m cpe:/o:sgi:irix:6.5.13 cpe:/o:sgi:irix:6.5.13f cpe:/o:sgi:irix:6.5.13m cpe:/o:sgi:irix:6.5.14 cpe:/o:sgi:irix:6.5.14f cpe:/o:sgi:irix:6.5.14m cpe:/o:sgi:irix:6.5.15 cpe:/o:sgi:irix:6.5.15f cpe:/o:sgi:irix:6.5.15m cpe:/o:sgi:irix:6.5.16 cpe:/o:sgi:irix:6.5.16f cpe:/o:sgi:irix:6.5.16m cpe:/o:sgi:irix:6.5.17 cpe:/o:sgi:irix:6.5.17f cpe:/o:sgi:irix:6.5.17m cpe:/o:sgi:irix:6.5.18 cpe:/o:sgi:irix:6.5.18f cpe:/o:sgi:irix:6.5.18m cpe:/o:sgi:irix:6.5.19 cpe:/o:sgi:irix:6.5.20 cpe:/o:sun:solaris:2.5.1::x86 cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0::x86 cpe:/o:sun:sunos:- cpe:/o:sun:sunos:5.5.1 cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-0028 2003-03-25T00:00:00.000-05:00 2018-10-30T12:26:22.763-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS NETBSD NetBSD-SA2003-008 VULNWATCH 20030319 EEYE: XDR Integer Overflow BUGTRAQ 20030319 EEYE: XDR Integer Overflow BUGTRAQ 20030319 MITKRB5-SA-2003-003: faulty length checks in xdrmem_getbytes BUGTRAQ 20030325 GLSA: glibc (200303-22) TRUSTIX 2003-0014 BUGTRAQ 20030522 [slackware-security] glibc XDR overflow fix (SSA:2003-141-03) CERT CA-2003-10 DEBIAN DSA-266 DEBIAN DSA-272 DEBIAN DSA-282 EEYE AD20030318 CERT-VN VU#516825 ENGARDE ESA-20030321-010 MANDRAKE MDKSA-2003:037 SUSE SuSE-SA:2003:027 REDHAT RHSA-2003:051 REDHAT RHSA-2003:052 REDHAT RHSA-2003:089 REDHAT RHSA-2003:091 BUGTRAQ 20030319 RE: EEYE: XDR Integer Overflow BUGTRAQ 20030331 GLSA: dietlibc (200303-29) BUGTRAQ 20030331 GLSA: krb5 & mit-krb5 (200303-28) CONFIRM https://security.netapp.com/advisory/ntap-20150122-0002/ Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391. cpe:/a:protegrity:secure.data:2.2.3.7 cpe:/a:protegrity:secure.data:2.2.3.8 CVE-2003-0030 2003-03-18T00:00:00.000-05:00 2016-10-17T22:28:34.793-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030313 Protegrity buffer overflow CERT-VN VU#247545 BID 7083 BID 7084 BID 7085 Buffer overflows in protegrity.dll of Protegrity Secure.Data Extension Feature (SEF) before 2.2.3.9 allow attackers with SQL access to execute arbitrary code via the extended stored procedures (1) xp_pty_checkusers, (2) xp_pty_insert, or (3) xp_pty_select. cpe:/a:mcrypt:libmcrypt:2.5.1_r4 cpe:/a:mcrypt:libmcrypt:2.5.2 cpe:/a:mcrypt:libmcrypt:2.5.3 cpe:/a:mcrypt:libmcrypt:2.5_.0 CVE-2003-0031 2003-01-17T00:00:00.000-05:00 2016-10-17T22:28:36.247-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONECTIVA CLA-2003:567 BUGTRAQ 20030103 Multiple libmcrypt vulnerabilities BUGTRAQ 20030105 GLSA: libmcrypt DEBIAN DSA-228 BID 6510 SECTRACK 1006181 Multiple buffer overflows in libmcrypt before 2.5.5 allow attackers to cause a denial of service (crash). cpe:/a:mcrypt:libmcrypt:2.5.1_r4 cpe:/a:mcrypt:libmcrypt:2.5.2 cpe:/a:mcrypt:libmcrypt:2.5.3 cpe:/a:mcrypt:libmcrypt:2.5_.0 CVE-2003-0032 2003-01-17T00:00:00.000-05:00 2016-10-17T22:28:37.483-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONECTIVA CLA-2003:567 BUGTRAQ 20030103 Multiple libmcrypt vulnerabilities BUGTRAQ 20030105 GLSA: libmcrypt DEBIAN DSA-228 XF libmcrypt-libtool-memory-leak(10988) BID 6512 Memory leak in libmcrypt before 2.5.5 allows attackers to cause a denial of service (memory exhaustion) via a large number of requests to the application, which causes libmcrypt to dynamically load algorithms via libtool. cpe:/a:snort:snort:1.8.0 cpe:/a:snort:snort:1.8.1 cpe:/a:snort:snort:1.8.2 cpe:/a:snort:snort:1.8.3 cpe:/a:snort:snort:1.8.4 cpe:/a:snort:snort:1.8.5 cpe:/a:snort:snort:1.8.6 cpe:/a:snort:snort:1.8.7 cpe:/a:snort:snort:1.9.0 CVE-2003-0033 2003-03-07T00:00:00.000-05:00 2016-10-17T22:28:38.717-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030303 Snort RPC Vulnerability (fwd) GENTOO GLSA-200303-6.1 GENTOO GLSA-200304-06 CERT CA-2003-13 DEBIAN DSA-297 ISS 20030303 Snort RPC Preprocessing Vulnerability XF snort-rpc-fragment-bo(10956) CERT-VN VU#916785 ENGARDE ESA-20030307-007 MANDRAKE MDKSA-2003:029 BID 6963 Buffer overflow in the RPC preprocessor for Snort 1.8 and 1.9.x before 1.9.1 allows remote attackers to execute arbitrary code via fragmented RPC packets. cpe:/a:jean-jacques_sarton:mtink:0.9.32 cpe:/a:jean-jacques_sarton:mtink:0.9.33 cpe:/a:jean-jacques_sarton:mtink:0.9.52 CVE-2003-0034 2003-02-07T00:00:00.000-05:00 2008-09-10T20:05:24.947-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS VULNWATCH 20030121 iDEFENSE Security Advisory 01.21.03: Buffer Overflows in Mandrake Linux printer-drivers Package MISC http://www.idefense.com/advisory/01.21.03.txt MANDRAKE MDKSA-2003:010 BID 6656 SECTRACK 1005959 Buffer overflow in the mtink status monitor, as included in the printer-drivers package in Mandrake Linux, allows local users to execute arbitrary code via a long HOME environment variable. cpe:/a:robert_krawitz:escputil:1.15.2.2 CVE-2003-0035 2003-02-07T00:00:00.000-05:00 2018-10-19T11:29:19.040-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20030121 iDEFENSE Security Advisory 01.21.03: Buffer Overflows in Mandrake Linux printer-drivers Package MISC http://www.idefense.com/advisory/01.21.03.txt MANDRAKE MDKSA-2003:010 BUGTRAQ 20030121 iDEFENSE Security Advisory 01.21.03: Buffer Overflows in Mandrake Linux printer-drivers Package BID 6658 SECTRACK 1005959 Buffer overflow in escputil, as included in the printer-drivers package in Mandrake Linux, allows local users to execute arbitrary code via a long printer-name command line argument. cpe:/a:rildo_pragana:ml85p CVE-2003-0036 2003-02-07T00:00:00.000-05:00 2018-10-19T11:29:19.523-04:00 6.2 LOCAL HIGH NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20030121 iDEFENSE Security Advisory 01.21.03: Buffer Overflows in Mandrake Linux printer-drivers Package MISC http://www.idefense.com/advisory/01.21.03.txt MANDRAKE MDKSA-2003:010 BUGTRAQ 20030121 iDEFENSE Security Advisory 01.21.03: Buffer Overflows in Mandrake Linux printer-drivers Package SECTRACK 1005959 ml85p, as included in the printer-drivers package for Mandrake Linux, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable filenames of the form "mlg85p%d". cpe:/a:noffle:noffle:1.0.1 CVE-2003-0037 2003-02-07T00:00:00.000-05:00 2017-07-10T21:29:27.057-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS DEBIAN DSA-244 BID 6695 XF noffle-multiple-bo(11181) Buffer overflows in noffle news server 1.0.1 and earlier allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code. cpe:/a:gnu:mailman:2.1 CVE-2003-0038 2003-02-07T00:00:00.000-05:00 2017-07-10T21:29:27.117-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030124 Mailman: cross-site scripting bug CONFIRM http://telia.dl.sourceforge.net/sourceforge/mailman/xss-2.1.0-patch.txt DEBIAN DSA-436 BID 6677 SECTRACK 1005987 XF mailman-email-variable-xss(11152) Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 allows remote attackers to inject script or HTML into web pages via the (1) email or (2) language parameters. cpe:/a:isc:dhcpd:3.0.1:rc1 cpe:/a:isc:dhcpd:3.0.1:rc10 cpe:/a:isc:dhcpd:3.0.1:rc2 cpe:/a:isc:dhcpd:3.0.1:rc3 cpe:/a:isc:dhcpd:3.0.1:rc4 cpe:/a:isc:dhcpd:3.0.1:rc5 cpe:/a:isc:dhcpd:3.0.1:rc6 cpe:/a:isc:dhcpd:3.0.1:rc7 cpe:/a:isc:dhcpd:3.0.1:rc8 cpe:/a:isc:dhcpd:3.0.1:rc9 CVE-2003-0039 2003-02-07T00:00:00.000-05:00 2017-10-09T21:30:13.580-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov TURBO TLSA-2003-26 CONECTIVA CLSA-2003:616 BUGTRAQ 20030115 DoS against DHCP infrastructure with isc dhcrelay DEBIAN DSA-245 CERT-VN VU#149953 BUGTRAQ 20030219 [OpenPKG-SA-2003.012] OpenPKG Security Advisory (dhcpd) REDHAT RHSA-2003:034 BID 6628 XF dhcp-dhcrelay-dos(11187) ISC dhcrelay (dhcp-relay) 3.0rc9 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (packet storm) via a certain BOOTP packet that is forwarded to a broadcast MAC address, causing an infinite loop that is not restricted by a hop count. cpe:/a:double_precision_incorporated:courier_mta:0.37.3 cpe:/a:inter7:courier-imap:1.6 CVE-2003-0040 2003-02-19T00:00:00.000-05:00 2017-10-09T21:30:13.640-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS DEBIAN DSA-247 BID 6738 XF courierimap-authmysqllib-sql-injection(11213) SQL injection vulnerability in the PostgreSQL auth module for courier 0.40 and earlier allows remote attackers to execute SQL code via the user name. cpe:/a:mit:kerberos_ftp_client cpe:/o:redhat:linux:6.2::i386 cpe:/o:redhat:linux:7.0::i386 cpe:/o:redhat:linux:7.1::i386 cpe:/o:redhat:linux:7.2::i386 cpe:/o:redhat:linux:7.2::ia64 cpe:/o:redhat:linux:7.3::i386 cpe:/o:redhat:linux:8.0::i386 CVE-2003-0041 2003-02-19T00:00:00.000-05:00 2008-09-10T15:17:27.977-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS VULNWATCH 20030128 MIT Kerberos FTP client remote shell commands execution MANDRAKE MDKSA-2003:021 REDHAT RHSA-2003:020 Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client. cpe:/a:apache:tomcat:3.0 cpe:/a:apache:tomcat:3.1 cpe:/a:apache:tomcat:3.1.1 cpe:/a:apache:tomcat:3.2 cpe:/a:apache:tomcat:3.2.1 cpe:/a:apache:tomcat:3.2.3 cpe:/a:apache:tomcat:3.2.4 cpe:/a:apache:tomcat:3.3 cpe:/a:apache:tomcat:3.3.1 CVE-2003-0042 2003-02-07T00:00:00.000-05:00 2017-07-10T21:29:27.180-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov CONFIRM http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/ CONFIRM http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt BUGTRAQ 20030130 Apache Jakarta Tomcat 3 URL parsing vulnerability CIAC N-060 DEBIAN DSA-246 HP HPSBUX0303-249 BID 6721 XF tomcat-null-directory-listing(11194) Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character. cpe:/a:apache:tomcat:3.0 cpe:/a:apache:tomcat:3.1 cpe:/a:apache:tomcat:3.1.1 cpe:/a:apache:tomcat:3.2 cpe:/a:apache:tomcat:3.2.1 cpe:/a:apache:tomcat:3.2.3 cpe:/a:apache:tomcat:3.2.4 cpe:/a:apache:tomcat:3.3 cpe:/a:apache:tomcat:3.3.1 CVE-2003-0043 2003-02-07T00:00:00.000-05:00 2017-10-09T21:30:13.720-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov CONFIRM http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/ CONFIRM http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt CIAC N-060 DEBIAN DSA-246 HP HPSBUX0303-249 BID 6722 XF tomcat-webxml-read-files(11195) Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file. cpe:/a:apache:tomcat:3.0 cpe:/a:apache:tomcat:3.1 cpe:/a:apache:tomcat:3.1.1 cpe:/a:apache:tomcat:3.2 cpe:/a:apache:tomcat:3.2.1 cpe:/a:apache:tomcat:3.2.3 cpe:/a:apache:tomcat:3.2.4 cpe:/a:apache:tomcat:3.3 cpe:/a:apache:tomcat:3.3.1 cpe:/a:apache:tomcat:3.3.1a CVE-2003-0044 2003-02-07T00:00:00.000-05:00 2017-07-10T21:29:27.243-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS CONFIRM http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/ CONFIRM http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt CIAC N-060 DEBIAN DSA-246 HP HPSBUX0303-249 BID 6720 XF tomcat-web-app-xss(11196) Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML. cpe:/a:apache:tomcat:3.0 cpe:/a:apache:tomcat:3.1 cpe:/a:apache:tomcat:3.1.1 cpe:/a:apache:tomcat:3.2 cpe:/a:apache:tomcat:3.2.1 cpe:/a:apache:tomcat:3.2.3 cpe:/a:apache:tomcat:3.2.4 cpe:/a:apache:tomcat:3.3 cpe:/a:apache:tomcat:3.3.1 CVE-2003-0045 2003-02-07T00:00:00.000-05:00 2017-10-09T21:30:13.783-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONFIRM http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt XF jakarta-tomcat-msdos-dos(12102) Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp. cpe:/a:celestial_software:absolutetelnet:2.11 CVE-2003-0046 2003-02-19T00:00:00.000-05:00 2016-10-17T22:28:43.903-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030129 iDEFENSE Security Advisory 01.28.03: SSH2 Clients Insecurely Store Passwords CONFIRM http://www.celestialsoftware.net/telnet/beta_software.html MISC http://www.idefense.com/advisory/01.28.03.txt BID 6725 SECTRACK 1006013 AbsoluteTelnet SSH2 client does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials. cpe:/a:van_dyke_technologies:entunnel:1.0.2 cpe:/a:van_dyke_technologies:securecrt:3.4.7 cpe:/a:van_dyke_technologies:securecrt:4.0.2 cpe:/a:van_dyke_technologies:securefx:2.0.4 cpe:/a:van_dyke_technologies:securefx:2.1.2 CVE-2003-0047 2003-02-19T00:00:00.000-05:00 2016-10-17T22:28:45.217-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030129 iDEFENSE Security Advisory 01.28.03: SSH2 Clients Insecurely Store Passwords MISC http://www.idefense.com/advisory/01.28.03.txt BID 6726 BID 6727 BID 6728 SECTRACK 1006010 SECTRACK 1006011 SECTRACK 1006012 SSH2 clients for VanDyke (1) SecureCRT 4.0.2 and 3.4.7, (2) SecureFX 2.1.2 and 2.0.4, and (3) Entunnel 1.0.2 and earlier, do not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials. cpe:/a:putty:putty:0.48 cpe:/a:putty:putty:0.49 cpe:/a:putty:putty:0.53 cpe:/a:putty:putty:0.53b CVE-2003-0048 2003-02-19T00:00:00.000-05:00 2016-10-17T22:28:46.390-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030129 iDEFENSE Security Advisory 01.28.03: SSH2 Clients Insecurely Store Passwords MISC http://www.idefense.com/advisory/01.28.03.txt BID 6724 SECTRACK 1006014 PuTTY 0.53b and earlier does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials. cpe:/o:apple:mac_os_x:10.2 cpe:/o:apple:mac_os_x:10.2.1 cpe:/o:apple:mac_os_x:10.2.2 cpe:/o:apple:mac_os_x:10.2.3 cpe:/o:apple:mac_os_x_server:10.2 cpe:/o:apple:mac_os_x_server:10.2.1 cpe:/o:apple:mac_os_x_server:10.2.2 cpe:/o:apple:mac_os_x_server:10.2.3 CVE-2003-0049 2003-03-03T00:00:00.000-05:00 2008-09-10T20:05:26.757-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_USER_ACCESS CONFIRM http://docs.info.apple.com/article.html?artnum=61798 CONFIRM http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt SECTRACK 1006107 XF macos-afp-unauthorized-access(11333) BID 6860 Apple File Protocol (AFP) in Mac OS X before 10.2.4 allows administrators to log in as other users by using the administrator password. cpe:/a:apple:darwin_streaming_server:4.1.2 cpe:/a:apple:quicktime_streaming_server:4.1.1 CVE-2003-0050 2003-03-07T00:00:00.000-05:00 2016-10-17T22:28:47.657-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONFIRM http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt BUGTRAQ 20030224 QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities XF quicktime-darwin-command-execution(11401) BID 6954 parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via shell metacharacters. cpe:/a:apple:darwin_streaming_server:4.1.2 cpe:/a:apple:quicktime_streaming_server:4.1.1 CVE-2003-0051 2003-03-07T00:00:00.000-05:00 2016-10-17T22:28:48.733-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov CONFIRM http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt BUGTRAQ 20030224 QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities XF quicktime-darwin-path-disclosure(11402) BID 6956 parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to obtain the physical path of the server's installation path via a NULL file parameter. cpe:/a:apple:darwin_streaming_server:4.1.2 cpe:/a:apple:quicktime_streaming_server:4.1.1 CVE-2003-0052 2003-03-07T00:00:00.000-05:00 2016-10-17T22:28:49.827-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov CONFIRM http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt BUGTRAQ 20030224 QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities XF quicktime-darwin-directory-disclosure(11403) BID 6955 parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to list arbitrary directories. cpe:/a:apple:darwin_streaming_server:4.1.2 cpe:/a:apple:quicktime_streaming_server:4.1.1 CVE-2003-0053 2003-03-07T00:00:00.000-05:00 2016-10-17T22:28:51.140-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov CONFIRM http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt BUGTRAQ 20030224 QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities XF quicktime-darwin-parsexml-xss(11404) BID 6958 Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to insert arbitrary script via the filename parameter, which is inserted into an error message. cpe:/a:apple:darwin_streaming_server:4.1.2 cpe:/a:apple:quicktime_streaming_server:4.1.1 CVE-2003-0054 2003-03-07T00:00:00.000-05:00 2016-10-17T22:28:52.343-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONFIRM http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt BUGTRAQ 20030224 QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities XF quicktime-darwin-describe-xss(11405) BID 6960 Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute certain code via a request to port 7070 with the script in an argument to the rtsp DESCRIBE method, which is inserted into a log file and executed when the log is viewed using a browser. cpe:/a:apple:quicktime_darwin_mp3_broadcaster CVE-2003-0055 2003-03-07T00:00:00.000-05:00 2016-10-17T22:28:53.500-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS CONFIRM http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt BUGTRAQ 20030224 QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities XF quicktime-darwin-mp3-bo(11406) BID 6957 Buffer overflow in the MP3 broadcasting module of Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via a long filename. cpe:/a:slocate:slocate:2.5 cpe:/a:slocate:slocate:2.6 CVE-2003-0056 2003-02-19T00:00:00.000-05:00 2017-10-10T21:29:04.700-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CALDERA CSSA-2003-009.0 SGI 20040202-01-U BUGTRAQ 20030124 [USG- SA- 2003.001] USG Security Advisory (slocate) BUGTRAQ 20030125 Re: [USG- SA- 2003.001] USG Security Advisory (slocate) BUGTRAQ 20030202 GLSA: slocate REDHAT RHSA-2004:041 DEBIAN DSA-252 MANDRAKE MDKSA-2003:015 CONECTIVA CLA-2003:643 MISC http://www.usg.org.uk/advisories/2003.001.txt Buffer overflow in secure locate (slocate) before 2.7 allows local users to execute arbitrary code via a long (1) -c or (2) -r command line argument. cpe:/a:hypermail:hypermail:2.0b25 cpe:/a:hypermail:hypermail:2.1.1 cpe:/a:hypermail:hypermail:2.1.2 cpe:/a:hypermail:hypermail:2.1.3 cpe:/a:hypermail:hypermail:2.1.4 cpe:/a:hypermail:hypermail:2.1.5 cpe:/a:hypermail:hypermail:2.1_.0 CVE-2003-0057 2003-02-19T00:00:00.000-05:00 2017-07-10T21:29:27.320-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030126 Hypermail buffer overflows BUGTRAQ 20030127 Hypermail buffer overflows DEBIAN DSA-248 BID 6689 BID 6690 XF hypermail-mail-attachment-bo(11157) XF hypermail-long-hostname-bo(11158) Multiple buffer overflows in Hypermail 2 before 2.1.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code (1) via a long attachment filename that is not properly handled by the hypermail executable, or (2) by connecting to the mail CGI program from an IP address that reverse-resolves to a long hostname. cpe:/a:mit:kerberos:5-1.2.1 cpe:/a:mit:kerberos:5-1.2.2 cpe:/a:mit:kerberos:5-1.2.3 cpe:/a:mit:kerberos:5-1.2.4 cpe:/a:sun:enterprise_authentication_mechanism:1.0 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:sunos:5.8 CVE-2003-0058 2003-02-19T00:00:00.000-05:00 2018-10-30T12:25:37.090-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONECTIVA CLSA-2003:639 SUNALERT 50142 CONFIRM http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt CERT-VN VU#661243 MANDRAKE MDKSA-2003:043 REDHAT RHSA-2003:051 REDHAT RHSA-2003:052 REDHAT RHSA-2003:168 BID 6683 XF kerberos-kdc-null-pointer-dos(10099) MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference. cpe:/a:mit:kerberos:5-1.2.1 cpe:/a:mit:kerberos:5-1.2.2 CVE-2003-0059 2003-02-19T00:00:00.000-05:00 2017-10-09T21:30:13.953-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONECTIVA CLSA-2003:639 CONFIRM http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt CERT-VN VU#684563 MANDRAKE MDKSA-2003:043 REDHAT RHSA-2003:051 REDHAT RHSA-2003:052 REDHAT RHSA-2003:168 BID 6714 XF kerberos-kdc-user-spoofing(11188) Unknown vulnerability in the chk_trans.c of the libkrb5 library for MIT Kerberos V5 before 1.2.5 allows users from one realm to impersonate users in other realms that have the same inter-realm keys. cpe:/a:mit:kerberos:5-1.2.1 cpe:/a:mit:kerberos:5-1.2.2 cpe:/a:mit:kerberos:5-1.2.3 cpe:/a:mit:kerberos:5-1.2.4 CVE-2003-0060 2003-02-19T00:00:00.000-05:00 2017-07-10T21:29:27.383-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONECTIVA CLSA-2003:639 CONFIRM http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt CERT-VN VU#787523 BID 6712 XF kerberos-kdc-format-string(11189) Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in Kerberos principal names. cpe:/o:hp:hp-ux:10.20 CVE-2003-0061 2002-01-11T00:00:00.000-05:00 2008-09-05T16:33:21.787-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-05-25T11:27:00.000-04:00 ALLOWS_ADMIN_ACCESS IDEFENSE 20030203 HP UX passwd Binary Buffer Overflow Vulnerability Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable. cpe:/a:eset_software:nod32_antivirus:1.0.11 cpe:/a:eset_software:nod32_antivirus:1.0.12 CVE-2003-0062 2003-02-19T00:00:00.000-05:00 2016-10-17T22:28:57.360-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030210 iDEFENSE Security Advisory 02.10.03: Buffer Overflow In NOD32 Antivirus Software for Unix MISC http://www.idefense.com/advisory/02.10.03.txt XF nod32-pathname-bo(11282) BID 6803 Buffer overflow in Eset Software NOD32 for UNIX before 1.013 allows local users to execute arbitrary code via a long path name. cpe:/a:xfree86_project:x11r6:4.0 cpe:/a:xfree86_project:x11r6:4.0.1 cpe:/a:xfree86_project:x11r6:4.0.3 cpe:/a:xfree86_project:x11r6:4.1.0 cpe:/a:xfree86_project:x11r6:4.2.0 cpe:/a:xfree86_project:x11r6:4.2.1 CVE-2003-0063 2003-03-03T00:00:00.000-05:00 2016-10-17T22:28:58.830-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030224 Terminal Emulator Security Issues BUGTRAQ 20030224 Terminal Emulator Security Issues DEBIAN DSA-380 XF terminal-emulator-window-title(11414) REDHAT RHSA-2003:064 REDHAT RHSA-2003:065 REDHAT RHSA-2003:066 REDHAT RHSA-2003:067 BID 6940 The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. cpe:/o:hp:hp-ux:10.20 cpe:/o:hp:hp-ux:10.24 cpe:/o:hp:hp-ux:10.26 cpe:/o:hp:hp-ux:10.30 cpe:/o:hp:hp-ux:10.34 cpe:/o:hp:hp-ux:11.00 cpe:/o:hp:hp-ux:11.04 cpe:/o:hp:hp-ux:11.11 cpe:/o:hp:hp-ux:11.20 cpe:/o:hp:hp-ux:11.22 cpe:/o:ibm:aix:4.3 cpe:/o:ibm:aix:4.3.1 cpe:/o:ibm:aix:4.3.2 cpe:/o:ibm:aix:4.3.3 cpe:/o:ibm:aix:5.1 cpe:/o:ibm:aix:5.2 cpe:/o:sgi:irix:5.0 cpe:/o:sgi:irix:5.0.1 cpe:/o:sgi:irix:5.1 cpe:/o:sgi:irix:5.1.1 cpe:/o:sgi:irix:5.2 cpe:/o:sgi:irix:5.3 cpe:/o:sgi:irix:6.0 cpe:/o:sgi:irix:6.0.1 cpe:/o:sgi:irix:6.1 cpe:/o:sgi:irix:6.2 cpe:/o:sgi:irix:6.3 cpe:/o:sgi:irix:6.4 cpe:/o:sgi:irix:6.5 cpe:/o:sgi:irix:6.5.1 cpe:/o:sgi:irix:6.5.2 cpe:/o:sgi:irix:6.5.2f cpe:/o:sgi:irix:6.5.2m cpe:/o:sgi:irix:6.5.3 cpe:/o:sgi:irix:6.5.3f cpe:/o:sgi:irix:6.5.3m cpe:/o:sgi:irix:6.5.4 cpe:/o:sgi:irix:6.5.4f cpe:/o:sgi:irix:6.5.4m cpe:/o:sgi:irix:6.5.5 cpe:/o:sgi:irix:6.5.5f cpe:/o:sgi:irix:6.5.5m cpe:/o:sgi:irix:6.5.6 cpe:/o:sgi:irix:6.5.6f cpe:/o:sgi:irix:6.5.6m cpe:/o:sgi:irix:6.5.7 cpe:/o:sgi:irix:6.5.7f cpe:/o:sgi:irix:6.5.7m cpe:/o:sgi:irix:6.5.8 cpe:/o:sgi:irix:6.5.8f cpe:/o:sgi:irix:6.5.8m cpe:/o:sgi:irix:6.5.9 cpe:/o:sgi:irix:6.5.9f cpe:/o:sgi:irix:6.5.9m cpe:/o:sgi:irix:6.5.10 cpe:/o:sgi:irix:6.5.10f cpe:/o:sgi:irix:6.5.10m cpe:/o:sgi:irix:6.5.11 cpe:/o:sgi:irix:6.5.11f cpe:/o:sgi:irix:6.5.11m cpe:/o:sgi:irix:6.5.12 cpe:/o:sgi:irix:6.5.12f cpe:/o:sgi:irix:6.5.12m cpe:/o:sgi:irix:6.5.13 cpe:/o:sgi:irix:6.5.13f cpe:/o:sgi:irix:6.5.13m cpe:/o:sgi:irix:6.5.14 cpe:/o:sgi:irix:6.5.14f cpe:/o:sgi:irix:6.5.14m cpe:/o:sgi:irix:6.5.15 cpe:/o:sgi:irix:6.5.15f cpe:/o:sgi:irix:6.5.15m cpe:/o:sgi:irix:6.5.16 cpe:/o:sgi:irix:6.5.16f cpe:/o:sgi:irix:6.5.16m cpe:/o:sgi:irix:6.5.17 cpe:/o:sgi:irix:6.5.17f cpe:/o:sgi:irix:6.5.17m cpe:/o:sgi:irix:6.5.18 cpe:/o:sgi:irix:6.5.18f cpe:/o:sgi:irix:6.5.18m cpe:/o:sun:solaris:2.5.1::x86 cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0::x86 cpe:/o:sun:sunos:- cpe:/o:sun:sunos:5.5.1 cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-0064 2003-03-03T00:00:00.000-05:00 2018-10-30T12:26:22.763-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030224 Terminal Emulator Security Issues BUGTRAQ 20030224 Terminal Emulator Security Issues XF terminal-emulator-window-title(11414) HP HPSBUX0401-309 BID 6942 The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. cpe:/a:national_university_of_singapore:uxterm:2.3 cpe:/a:national_university_of_singapore:uxterm:2.4.1 CVE-2003-0065 2003-03-03T00:00:00.000-05:00 2016-10-17T22:29:01.440-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030224 Terminal Emulator Security Issues BUGTRAQ 20030224 Terminal Emulator Security Issues XF terminal-emulator-window-title(11414) BID 6945 The uxterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. cpe:/a:rxvt:rxvt:2.6.1 cpe:/a:rxvt:rxvt:2.6.2 cpe:/a:rxvt:rxvt:2.6.3 cpe:/a:rxvt:rxvt:2.6.4 cpe:/a:rxvt:rxvt:2.7.5 cpe:/a:rxvt:rxvt:2.7.6 cpe:/a:rxvt:rxvt:2.7.7 cpe:/a:rxvt:rxvt:2.7.8 CVE-2003-0066 2003-03-03T00:00:00.000-05:00 2016-10-17T22:29:02.690-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030224 Terminal Emulator Security Issues BUGTRAQ 20030224 Terminal Emulator Security Issues XF terminal-emulator-window-title(11414) MANDRAKE MDKSA-2003:003 REDHAT RHSA-2003:054 REDHAT RHSA-2003:055 GENTOO 200303-16 BID 6953 The rxvt terminal emulator 2.7.8 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. cpe:/a:aterm:aterm:0.42 CVE-2003-0067 2003-03-18T00:00:00.000-05:00 2016-10-17T22:29:03.753-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030224 Terminal Emulator Security Issues BUGTRAQ 20030224 Terminal Emulator Security Issues XF terminal-emulator-window-title(11414) The aterm terminal emulator 0.42 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. cpe:/a:michael_jennings:eterm:0.8.10 cpe:/a:michael_jennings:eterm:0.9.1 CVE-2003-0068 2003-03-03T00:00:00.000-05:00 2016-10-17T22:29:05.207-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030224 Terminal Emulator Security Issues BUGTRAQ 20030224 Terminal Emulator Security Issues DEBIAN DSA-496 XF terminal-emulator-window-title(11414) MANDRAKE MDKSA-2003:040 BID 10237 The Eterm terminal emulator 0.9.1 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. cpe:/a:putty:putty:0.53 CVE-2003-0069 2003-03-18T00:00:00.000-05:00 2016-10-17T22:29:06.423-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030224 Terminal Emulator Security Issues BUGTRAQ 20030224 Terminal Emulator Security Issues XF terminal-emulator-window-title(11414) The PuTTY terminal emulator 0.53 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. cpe:/a:gnome:gnome-terminal:2.0 cpe:/a:gnome:gnome-terminal:2.2 cpe:/a:nalin_dahyabhai:vte:0.11.21 cpe:/a:nalin_dahyabhai:vte:0.12.2 cpe:/a:nalin_dahyabhai:vte:0.14.2 cpe:/a:nalin_dahyabhai:vte:0.15.0 cpe:/a:nalin_dahyabhai:vte:0.16.14 cpe:/a:nalin_dahyabhai:vte:0.17.4 cpe:/a:nalin_dahyabhai:vte:0.20.5 cpe:/a:nalin_dahyabhai:vte:0.22.5 cpe:/a:nalin_dahyabhai:vte:0.24.3 cpe:/a:nalin_dahyabhai:vte:0.25.1 CVE-2003-0070 2003-03-03T00:00:00.000-05:00 2016-10-17T22:29:07.657-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030224 Terminal Emulator Security Issues BUGTRAQ 20030224 Terminal Emulator Security Issues GENTOO GLSA-200303-2 XF terminal-emulator-window-title(11414) REDHAT RHSA-2003:053 VTE, as used by default in gnome-terminal terminal emulator 2.2 and as an option in gnome-terminal 2.0, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. cpe:/a:xfree86_project:x11r6:4.0 cpe:/a:xfree86_project:x11r6:4.0.1 cpe:/a:xfree86_project:x11r6:4.0.3 cpe:/a:xfree86_project:x11r6:4.1.0 cpe:/a:xfree86_project:x11r6:4.2.0 cpe:/a:xfree86_project:x11r6:4.2.1 CVE-2003-0071 2003-03-03T00:00:00.000-05:00 2016-10-17T22:29:08.910-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov VULNWATCH 20030224 Terminal Emulator Security Issues BUGTRAQ 20030224 Terminal Emulator Security Issues DEBIAN DSA-380 XF terminal-emulator-dec-udk(11415) REDHAT RHSA-2003:064 REDHAT RHSA-2003:065 REDHAT RHSA-2003:066 REDHAT RHSA-2003:067 BID 6950 The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop. cpe:/a:mit:kerberos:1.0 cpe:/a:mit:kerberos:1.2.2.beta1 cpe:/a:mit:kerberos:5-1.2 cpe:/a:mit:kerberos:5-1.2.1 cpe:/a:mit:kerberos:5-1.2.2 cpe:/a:mit:kerberos:5-1.2.3 cpe:/a:mit:kerberos:5-1.2.4 cpe:/a:mit:kerberos:5-1.2.5 cpe:/a:mit:kerberos:5-1.2.6 cpe:/a:mit:kerberos:5-1.2.7 cpe:/a:mit:kerberos:5-1.3:alpha1 cpe:/a:mit:kerberos:5_1.0.6 cpe:/a:mit:kerberos:5_1.1 cpe:/a:mit:kerberos:5_1.1.1 CVE-2003-0072 2003-04-02T00:00:00.000-05:00 2018-10-19T11:29:19.757-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SUNALERT 54042 CONFIRM http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-buf.txt DEBIAN DSA-266 REDHAT RHSA-2003:051 REDHAT RHSA-2003:052 BUGTRAQ 20030331 GLSA: krb5 & mit-krb5 (200303-28) BID 7184 The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array (aka "array overrun"). cpe:/a:oracle:mysql:3.23.31 cpe:/a:oracle:mysql:3.23.36 cpe:/a:oracle:mysql:3.23.41 cpe:/a:oracle:mysql:3.23.47 cpe:/a:oracle:mysql:3.23.52 cpe:/a:oracle:mysql:3.23.53 cpe:/a:oracle:mysql:3.23.54 cpe:/a:oracle:mysql:3.23.54a CVE-2003-0073 2003-02-19T00:00:00.000-05:00 2019-10-07T12:41:09.083-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONECTIVA CLA-2003:743 BUGTRAQ 20030129 [OpenPKG-SA-2003.008] OpenPKG Security Advisory (mysql) DEBIAN DSA-303 XF mysql-mysqlchangeuser-doublefree-dos(11199) ENGARDE ESA-20030220-004 MANDRAKE MDKSA-2003:013 CONFIRM http://www.mysql.com/doc/en/News-3.23.55.html REDHAT RHSA-2003:093 REDHAT RHSA-2003:094 REDHAT RHSA-2003:166 BID 6718 Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers with MySQL access to cause a denial of service (crash) via mysql_change_user. cpe:/a:plptools:plptools:0.6 CVE-2003-0074 2003-02-19T00:00:00.000-05:00 2016-10-17T22:29:11.800-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030129 Local root vuln in SuSE 8.0 plptools package BUGTRAQ 20030129 Re: Local root vuln in SuSE 8.0 plptools package XF plptools-plpnsfd-format-string(11193) BID 6715 Format string vulnerability in mpmain.c for plpnfsd of the plptools package allows remote attackers to execute arbitrary code via the functions (1) debuglog, (2) errorlog, and (3) infolog. cpe:/a:bladeenc:bladeenc:0.92.7 cpe:/a:bladeenc:bladeenc:0.93.10 cpe:/a:bladeenc:bladeenc:0.94.0 cpe:/a:bladeenc:bladeenc:0.94.1 cpe:/a:bladeenc:bladeenc:0.94.2 CVE-2003-0075 2003-02-19T00:00:00.000-05:00 2016-10-17T22:29:13.067-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030202 Bladeenc 0.94.2 code execution GENTOO GLSA-200302-04 XF bladeenc-myfseek-code-execution(11227) MISC http://www.pivx.com/luigi/adv/blade942-adv.txt BID 6745 Integer signedness error in the myFseek function of samplein.c for Blade encoder (BladeEnc) 0.94.2 and earlier allows remote attackers to execute arbitrary code via a negative offset value following a "fmt" wave chunk. cpe:/a:dcgui:dcgui:0.2 cpe:/a:dcgui:dcgui:0.2.1 cpe:/a:qt-dcgui:qt-dcgui:0.2 cpe:/a:qt-dcgui:qt-dcgui:0.2.1 CVE-2003-0076 2003-02-19T00:00:00.000-05:00 2016-10-17T22:29:14.253-04:00 6.4 NETWORK LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov CONFIRM http://dc.ketelhot.de/pipermail/dc/2003-January/000094.html BUGTRAQ 20030204 GLSA: qt-dcgui XF qtdcgui-directory-download-files(11246) Unknown vulnerability in the directory parser for Direct Connect 4 Linux (dcgui) before 0.2.2 allows remote attackers to read files outside the sharelist. cpe:/a:hanterm:hanterm-xf:2.0.5 CVE-2003-0077 2003-03-18T00:00:00.000-05:00 2016-10-17T22:29:15.410-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030224 Terminal Emulator Security Issues BUGTRAQ 20030224 Terminal Emulator Security Issues XF terminal-emulator-window-title(11414) REDHAT RHSA-2003:070 REDHAT RHSA-2003:071 The hanterm (hanterm-xf) terminal emulator 2.0.5 and earlier, and possibly later versions, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. cpe:/a:openssl:openssl:0.9.1c cpe:/a:openssl:openssl:0.9.2b cpe:/a:openssl:openssl:0.9.3 cpe:/a:openssl:openssl:0.9.4 cpe:/a:openssl:openssl:0.9.5 cpe:/a:openssl:openssl:0.9.5a cpe:/a:openssl:openssl:0.9.6 cpe:/a:openssl:openssl:0.9.6a cpe:/a:openssl:openssl:0.9.6b cpe:/a:openssl:openssl:0.9.6c cpe:/a:openssl:openssl:0.9.6d cpe:/a:openssl:openssl:0.9.6e cpe:/a:openssl:openssl:0.9.6g cpe:/a:openssl:openssl:0.9.6h cpe:/a:openssl:openssl:0.9.7 cpe:/a:openssl:openssl:0.9.7:beta1 cpe:/a:openssl:openssl:0.9.7:beta2 cpe:/a:openssl:openssl:0.9.7:beta3 cpe:/o:freebsd:freebsd:4.2 cpe:/o:freebsd:freebsd:4.3 cpe:/o:freebsd:freebsd:4.4 cpe:/o:freebsd:freebsd:4.5 cpe:/o:freebsd:freebsd:4.6 cpe:/o:freebsd:freebsd:4.7 cpe:/o:freebsd:freebsd:4.8:pre-release cpe:/o:freebsd:freebsd:5.0 cpe:/o:openbsd:openbsd:3.1 cpe:/o:openbsd:openbsd:3.2 CVE-2003-0078 2003-03-03T00:00:00.000-05:00 2016-10-17T22:29:16.643-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov NETBSD NetBSD-SA2003-001 SGI 20030501-01-I CONECTIVA CLSA-2003:570 BUGTRAQ 20030219 OpenSSL 0.9.7a and 0.9.6i released BUGTRAQ 20030219 [OpenPKG-SA-2003.013] OpenPKG Security Advisory (openssl) GENTOO GLSA-200302-10 CIAC N-051 DEBIAN DSA-253 XF ssl-cbc-information-leak(11369) ENGARDE ESA-20030220-005 MANDRAKE MDKSA-2003:020 CONFIRM http://www.openssl.org/news/secadv_20030219.txt REDHAT RHSA-2003:062 REDHAT RHSA-2003:063 REDHAT RHSA-2003:082 REDHAT RHSA-2003:104 REDHAT RHSA-2003:205 BID 6884 TRUSTIX 2003-0005 ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack." cpe:/a:hanterm:hanterm-xf:2.0 CVE-2003-0079 2003-03-03T00:00:00.000-05:00 2016-10-17T22:29:18.130-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov VULNWATCH 20030224 Terminal Emulator Security Issues BUGTRAQ 20030224 Terminal Emulator Security Issues XF terminal-emulator-dec-udk(11415) REDHAT RHSA-2003:070 REDHAT RHSA-2003:071 BID 6944 The DEC UDK processing feature in the hanterm (hanterm-xf) terminal emulator before 2.0.5 allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop. cpe:/a:gnome:gnome-lokkit:0.50_21 CVE-2003-0080 2003-03-31T00:00:00.000-05:00 2017-07-10T21:29:27.447-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS REDHAT RHSA-2003:072 BID 7128 XF gnomelokkit-forward-bypass-firewall(11552) The iptables ruleset in Gnome-lokkit in Red Hat Linux 8.0 does not include any rules in the FORWARD chain, which could allow attackers to bypass intended access restrictions if packet forwarding is enabled. cpe:/a:ethereal_group:ethereal:0.8.18 cpe:/a:ethereal_group:ethereal:0.9.0 cpe:/a:ethereal_group:ethereal:0.9.1 cpe:/a:ethereal_group:ethereal:0.9.2 cpe:/a:ethereal_group:ethereal:0.9.3 cpe:/a:ethereal_group:ethereal:0.9.4 cpe:/a:ethereal_group:ethereal:0.9.5 cpe:/a:ethereal_group:ethereal:0.9.6 cpe:/a:ethereal_group:ethereal:0.9.7 cpe:/a:ethereal_group:ethereal:0.9.8 cpe:/a:ethereal_group:ethereal:0.9.9 CVE-2003-0081 2003-03-18T00:00:00.000-05:00 2017-10-09T21:30:14.093-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONECTIVA CLSA-2003:627 MANDRAKE MDKSA-2003:051 FULLDISC 20030308 Ethereal format string bug, yet still ethereal much better than windows DEBIAN DSA-258 CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00008.html MISC http://www.guninski.com/etherre.html GENTOO GLSA-200303-10 SUSE SuSE-SA:2003:019 REDHAT RHSA-2003:076 REDHAT RHSA-2003:077 BID 7049 XF ethereal-socks-format-string(11497) Format string vulnerability in packet-socks.c of the SOCKS dissector for Ethereal 0.8.7 through 0.9.9 allows remote attackers to execute arbitrary code via SOCKS packets containing format string specifiers. cpe:/a:mit:kerberos:1.0 cpe:/a:mit:kerberos:1.2.2.beta1 cpe:/a:mit:kerberos:5-1.2 cpe:/a:mit:kerberos:5-1.2.1 cpe:/a:mit:kerberos:5-1.2.2 cpe:/a:mit:kerberos:5-1.2.3 cpe:/a:mit:kerberos:5-1.2.4 cpe:/a:mit:kerberos:5-1.2.5 cpe:/a:mit:kerberos:5-1.2.6 cpe:/a:mit:kerberos:5-1.2.7 cpe:/a:mit:kerberos:5-1.3:alpha1 cpe:/a:mit:kerberos:5_1.0.6 cpe:/a:mit:kerberos:5_1.1 cpe:/a:mit:kerberos:5_1.1.1 CVE-2003-0082 2003-04-02T00:00:00.000-05:00 2018-10-19T11:29:20.493-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SUNALERT 54042 CONFIRM http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-buf.txt DEBIAN DSA-266 REDHAT RHSA-2003:051 REDHAT RHSA-2003:052 REDHAT RHSA-2003:091 BUGTRAQ 20030331 GLSA: krb5 & mit-krb5 (200303-28) BID 7185 The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes the KDC to corrupt its heap (aka "buffer underrun"). cpe:/a:apache:http_server:1.3 cpe:/a:apache:http_server:2.0 CVE-2003-0083 2003-04-02T00:00:00.000-05:00 2017-10-10T21:29:04.840-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov CONFIRM http://cvs.apache.org/viewcvs.cgi/apache-1.3/src/modules/standard/mod_log_config.c?only_with_tag=APACHE_1_3_25 CONFIRM http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/loggers/mod_log_config.c?only_with_tag=APACHE_2_0_BRANCH BUGTRAQ 20040325 GLSA200403-04 Multiple security vulnerabilities in Apache 2 BUGTRAQ 20040325 LNSA-#2004-0006: bug workaround for Apache 2.0.48 REDHAT RHSA-2003:139 MLIST [httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html MLIST [httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerability than CVE-2003-0020. cpe:/a:mod_auth_any:mod_auth_any:1.2.2 CVE-2003-0084 2003-05-12T00:00:00.000-04:00 2017-07-10T21:29:27.493-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS REDHAT RHSA-2003:114 CIAC N-090 CONFIRM http://www.itlab.musc.edu/webNIS/mod_auth_any.html REDHAT RHSA-2003:113 BID 7448 XF modauthany-command-execution(11893) mod_auth_any package in Red Hat Enterprise Linux 2.1 and other operating systems does not properly escape arguments when calling other programs, which allows attackers to execute arbitrary commands via shell metacharacters. cpe:/a:hp:cifs-9000_server:a.01.05 cpe:/a:hp:cifs-9000_server:a.01.06 cpe:/a:hp:cifs-9000_server:a.01.07 cpe:/a:hp:cifs-9000_server:a.01.08 cpe:/a:hp:cifs-9000_server:a.01.08.01 cpe:/a:hp:cifs-9000_server:a.01.09 cpe:/a:hp:cifs-9000_server:a.01.09.01 cpe:/a:samba:samba:2.0.0 cpe:/a:samba:samba:2.0.1 cpe:/a:samba:samba:2.0.2 cpe:/a:samba:samba:2.0.3 cpe:/a:samba:samba:2.0.4 cpe:/a:samba:samba:2.0.5 cpe:/a:samba:samba:2.0.6 cpe:/a:samba:samba:2.0.7 cpe:/a:samba:samba:2.0.8 cpe:/a:samba:samba:2.0.9 cpe:/a:samba:samba:2.0.10 cpe:/a:samba:samba:2.2.0 cpe:/a:samba:samba:2.2.0a cpe:/a:samba:samba:2.2.1a cpe:/a:samba:samba:2.2.2 cpe:/a:samba:samba:2.2.3 cpe:/a:samba:samba:2.2.3a cpe:/a:samba:samba:2.2.4 cpe:/a:samba:samba:2.2.5 cpe:/a:samba:samba:2.2.6 cpe:/a:samba:samba:2.2.7 cpe:/a:samba:samba:2.2.7a CVE-2003-0085 2003-03-31T00:00:00.000-05:00 2018-10-19T11:29:21.197-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SGI 20030302-01-I BUGTRAQ 20030317 GLSA: samba (200303-11) BUGTRAQ 20030317 Security Bugfix for Samba - Samba 2.2.8 Released BUGTRAQ 20030318 [OpenPKG-SA-2003.021] OpenPKG Security Advisory (samba) DEBIAN DSA-262 GENTOO GLSA-200303-11 CERT-VN VU#298233 MANDRAKE MDKSA-2003:032 SUSE SuSE-SA:2003:016 REDHAT RHSA-2003:095 REDHAT RHSA-2003:096 BUGTRAQ 20030325 Fwd: APPLE-SA-2003-03-24 Samba, OpenSSL IMMUNIX IMNX-2003-7+-003-01 BID 7106 Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code. cpe:/a:samba:samba:2.0.0 cpe:/a:samba:samba:2.0.1 cpe:/a:samba:samba:2.0.2 cpe:/a:samba:samba:2.0.3 cpe:/a:samba:samba:2.0.4 cpe:/a:samba:samba:2.0.5 cpe:/a:samba:samba:2.0.6 cpe:/a:samba:samba:2.0.7 cpe:/a:samba:samba:2.0.8 cpe:/a:samba:samba:2.0.9 cpe:/a:samba:samba:2.0.10 cpe:/a:samba:samba:2.2.0 cpe:/a:samba:samba:2.2.0a cpe:/a:samba:samba:2.2.1a cpe:/a:samba:samba:2.2.2 cpe:/a:samba:samba:2.2.3 cpe:/a:samba:samba:2.2.3a cpe:/a:samba:samba:2.2.4 cpe:/a:samba:samba:2.2.5 cpe:/a:samba:samba:2.2.6 cpe:/a:samba:samba:2.2.7 cpe:/a:samba:samba:2.2.7a CVE-2003-0086 2003-03-31T00:00:00.000-05:00 2018-10-19T11:29:22.320-04:00 1.2 LOCAL HIGH NONE NONE PARTIAL NONE http://nvd.nist.gov SGI 20030302-01-I BUGTRAQ 20030317 GLSA: samba (200303-11) BUGTRAQ 20030318 [OpenPKG-SA-2003.021] OpenPKG Security Advisory (samba) DEBIAN DSA-262 GENTOO GLSA-200303-11 MANDRAKE MDKSA-2003:032 SUSE SuSE-SA:2003:016 REDHAT RHSA-2003:095 REDHAT RHSA-2003:096 BUGTRAQ 20030325 Fwd: APPLE-SA-2003-03-24 Samba, OpenSSL BID 7107 The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown. cpe:/a:national_language_support:libim CVE-2003-0087 2003-03-03T00:00:00.000-05:00 2017-10-09T21:30:14.157-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20030212 iDEFENSE Security Advisory 02.12.03: Buffer Overflow in AIX libIM.a BUGTRAQ 20030212 iDEFENSE Security Advisory 02.12.03: Buffer Overflow in AIX libIM.a BUGTRAQ 20030212 libIM.a buffer overflow vulnerability MISC http://www.idefense.com/advisory/02.12.03.txt BID 6840 AIXAPAR IY40307 AIXAPAR IY40317 AIXAPAR IY40320 XF aix-aixterm-libim-bo(11309) Buffer overflow in libIM library (libIM.a) for National Language Support (NLS) on AIX 4.3 through 5.2 allows local users to gain privileges via several possible attack vectors, including a long -im argument to aixterm. cpe:/o:apple:mac_os_x:10.2 cpe:/o:apple:mac_os_x:10.2.1 cpe:/o:apple:mac_os_x:10.2.2 cpe:/o:apple:mac_os_x:10.2.3 CVE-2003-0088 2003-03-03T00:00:00.000-05:00 2008-09-10T20:05:48.070-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS CONFIRM http://docs.info.apple.com/article.html?artnum=61798 CONFIRM http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt ATSTAKE A021403-1 XF macos-trublueenvironment-gain-privileges(11332) BID 6859 TruBlueEnvironment for MacOS 10.2.3 and earlier allows local users to overwrite or create arbitrary files and gain root privileges by setting a certain environment variable that is used to write debugging information. cpe:/o:hp:hp-ux:11.00 cpe:/o:hp:hp-ux:11.11 CVE-2003-0089 2003-12-15T00:00:00.000-05:00 2017-10-10T21:29:05.057-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20031113 NSFOCUS SA2003-07: HP-UX Software Distributor Buffer Overflow Vulnerability BUGTRAQ 20031113 NSFOCUS SA2003-07: HP-UX Software Distributor Buffer Overflow Vulnerability HP HPSBUX0311-293 BID 8986 XF hp-sd-utilities-bo(13623) Buffer overflow in the Software Distributor utilities for HP-UX B.11.00 and B.11.11 allows local users to execute arbitrary code via a long LANG environment variable to setuid programs such as (1) swinstall and (2) swmodify. CVE-2003-0090 2003-12-15T00:00:00.000-05:00 2008-09-10T15:17:53.633-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2000-0844. Reason: This candidate is a duplicate of CVE-2000-0844. Notes: All CVE users should reference CVE-2000-0844 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. cpe:/o:sun:solaris:2.6 cpe:/o:sun:sunos:5.5.1 cpe:/o:sun:sunos:5.7 CVE-2003-0091 2003-04-02T00:00:00.000-05:00 2018-10-30T12:26:22.763-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20030331 NSFOCUS SA2003-02: Solaris lpq Stack Buffer Overflow Vulnerability MISC http://packetstormsecurity.org/0304-advisories/sa2003-02.txt SUNALERT 52443 CIAC N-068 MISC http://www.nsfocus.com/english/homepage/sa2003-02.htm BUGTRAQ 20030331 NSFOCUS SA2003-02: Solaris lpq Stack Buffer Overflow Vulnerability Stack-based buffer overflow in the bsd_queue() function for lpq on Solaris 2.6 and 7 allows local users to gain root privilege. cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:sunos:5.5.1 cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-0092 2003-04-02T00:00:00.000-05:00 2018-10-30T12:26:22.763-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20030331 NSFOCUS SA2003-03: Solaris dtsession Heap Buffer Overflow Vulnerability SUNALERT 52388 BUGTRAQ 20030331 NSFOCUS SA2003-03: Solaris dtsession Heap Buffer Overflow Vulnerability BID 7240 Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to gain root privileges via a long HOME environment variable. cpe:/a:lbl:tcpdump:3.4 cpe:/a:lbl:tcpdump:3.4a6 cpe:/a:lbl:tcpdump:3.5 cpe:/a:lbl:tcpdump:3.5.2 cpe:/a:lbl:tcpdump:3.6.2 CVE-2003-0093 2003-03-03T00:00:00.000-05:00 2017-10-09T21:30:14.220-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov DEBIAN DSA-261 MANDRAKE MDKSA-2003:027 REDHAT RHSA-2003:032 REDHAT RHSA-2003:033 REDHAT RHSA-2003:214 MISC https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=81585 XF tcpdump-radius-decoder-dos(11324) The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service (crash) via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to generate data within an infinite loop. cpe:/a:andries_brouwer:util-linux:2.11n cpe:/a:andries_brouwer:util-linux:2.11u CVE-2003-0094 2003-03-03T00:00:00.000-05:00 2017-10-09T21:30:14.283-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov MANDRAKE MDKSA-2003:016 BID 6855 XF utillinux-mcookie-cookie-predictable(11318) A patch for mcookie in the util-linux package for Mandrake Linux 8.2 and 9.0 uses /dev/urandom instead of /dev/random, which causes mcookie to use an entropy source that is more predictable than expected, which may make it easier for certain types of attacks to succeed. cpe:/a:oracle:database_server:8.0.6 cpe:/a:oracle:database_server:9.2.1 cpe:/a:oracle:database_server:9.2.2 cpe:/a:oracle:oracle8i:8.1.7 cpe:/a:oracle:oracle8i:8.1.7.1 cpe:/a:oracle:oracle9i:9.0 cpe:/a:oracle:oracle9i:9.0.1 cpe:/a:oracle:oracle9i:9.0.1.2 cpe:/a:oracle:oracle9i:9.0.1.3 cpe:/a:oracle:oracle9i:9.0.2 CVE-2003-0095 2003-03-03T00:00:00.000-05:00 2016-10-17T22:29:25.943-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030217 Oracle unauthenticated remote system compromise (#NISR16022003a) CONFIRM http://otn.oracle.com/deploy/security/pdf/2003alert51.pdf CERT CA-2003-05 CIAC N-046 XF oracle-username-bo(11328) CERT-VN VU#953746 BID 6849 Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote attackers to execute arbitrary code via a long username that is provided during login, as exploitable through client applications that perform their own authentication, as demonstrated using LOADPSP. cpe:/a:oracle:database_server:8.0.6 cpe:/a:oracle:database_server:9.2.1 cpe:/a:oracle:database_server:9.2.2 cpe:/a:oracle:oracle8i:8.1.7 cpe:/a:oracle:oracle8i:8.1.7.1 cpe:/a:oracle:oracle9i:9.0 cpe:/a:oracle:oracle9i:9.0.1 cpe:/a:oracle:oracle9i:9.0.1.2 cpe:/a:oracle:oracle9i:9.0.1.3 cpe:/a:oracle:oracle9i:9.0.2 CVE-2003-0096 2003-03-03T00:00:00.000-05:00 2016-10-17T22:29:27.257-04:00 9.0 NETWORK LOW SINGLE_INSTANCE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20030217 Oracle unauthenticated remote system compromise (#NISR16022003a) VULNWATCH 20030217 Oracle TZ_OFFSET Remote System Buffer Overrun (#NISR16022003c) VULNWATCH 20030217 Oracle bfilename function buffer overflow vulnerability (#NISR16022003e) BUGTRAQ 20030217 Oracle TO_TIMESTAMP_TZ Remote System Buffer Overrun (#NISR16022003b) BUGTRAQ 20030217 Oracle TZ_OFFSET Remote System Buffer Overrun (#NISR16022003c) BUGTRAQ 20030217 Oracle bfilename function buffer overflow vulnerability (#NISR16022003e) CONFIRM http://otn.oracle.com/deploy/security/pdf/2003alert48.pdf CONFIRM http://otn.oracle.com/deploy/security/pdf/2003alert49.pdf CONFIRM http://otn.oracle.com/deploy/security/pdf/2003alert50.pdf CERT CA-2003-05 CIAC N-046 XF oracle-bfilename-directory-bo(11325) XF oracle-tzoffset-bo(11326) XF oracle-totimestamptz-bo(11327) CERT-VN VU#663786 CERT-VN VU#743954 CERT-VN VU#840666 MISC http://www.nextgenss.com/advisories/ora-bfilebo.txt MISC http://www.nextgenss.com/advisories/ora-tmstmpbo.txt MISC http://www.nextgenss.com/advisories/ora-tzofstbo.txt BID 6847 BID 6848 BID 6850 Multiple buffer overflows in Oracle 9i Database release 2, Release 1, 8i, 8.1.7, and 8.0.6 allow remote attackers to execute arbitrary code via (1) a long conversion string argument to the TO_TIMESTAMP_TZ function, (2) a long time zone argument to the TZ_OFFSET function, or (3) a long DIRECTORY parameter to the BFILENAME function. cpe:/a:php:php:4.3.0 CVE-2003-0097 2003-03-03T00:00:00.000-05:00 2018-10-30T12:25:35.387-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030217 PHP Security Advisory: CGI vulnerability in PHP version 4.3.0 GENTOO GLSA-200302-09 GENTOO GLSA-200302-09.1 XF php-cgi-sapi-access(11343) BID 6875 CONFIRM http://www.slackware.com/changelog/current.php?cpu=i386 Unknown vulnerability in CGI module for PHP 4.3.0 allows attackers to access arbitrary files as the PHP user, and possibly execute PHP code, by bypassing the CGI force redirect settings (cgi.force_redirect or --enable-force-cgi-redirect). cpe:/a:apcupsd:apcupsd:0.3.91_5 cpe:/a:apcupsd:apcupsd:3.8.5 cpe:/a:apcupsd:apcupsd:3.10.0 cpe:/a:apcupsd:apcupsd:3.10.1 cpe:/a:apcupsd:apcupsd:3.10.2 cpe:/a:apcupsd:apcupsd:3.10.3 cpe:/a:apcupsd:apcupsd:3.10.4 cpe:/o:debian:debian_linux:2.2 cpe:/o:debian:debian_linux:3.0 CVE-2003-0098 2003-03-03T00:00:00.000-05:00 2018-09-26T11:59:18.560-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2018-09-25T12:53:34.317-04:00 ALLOWS_ADMIN_ACCESS CALDERA CSSA-2003-015.0 CONFIRM http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/apcupsd/apcupsd/src/apcnisd.c.diff?r1=1.5&r2=1.6 MISC http://hsj.shadowpenguin.org/misc/apcupsd_exp.txt SECTRACK 1006108 CONFIRM http://sourceforge.net/project/shownotes.php?release_id=137900 DEBIAN DSA-277 XF apcupsd-logevent-format-string(11334) MANDRAKE MDKSA-2003:018 SUSE SuSE-SA:2003:022 BID 6828 BID 7200 Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server. cpe:/a:apc:apcupsd:3.8.5 CVE-2003-0099 2003-03-03T00:00:00.000-05:00 2008-09-10T15:17:55.960-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS CALDERA CSSA-2003-015.0 SECTRACK 1006108 CONFIRM http://sourceforge.net/project/shownotes.php?release_id=137892 CONFIRM http://sourceforge.net/project/shownotes.php?release_id=137900 DEBIAN DSA-277 XF apcupsd-vsprintf-multiple-bo(11491) MANDRAKE MDKSA-2003:018 SUSE SuSE-SA:2003:022 BID 7200 Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before 3.10.5, may allow attackers to cause a denial of service or execute arbitrary code, related to usage of the vsprintf function. cpe:/o:cisco:ios:11.1 cpe:/o:cisco:ios:11.1%287%29aa cpe:/o:cisco:ios:11.1%287%29ca cpe:/o:cisco:ios:11.1%289%29ia cpe:/o:cisco:ios:11.1%2813%29 cpe:/o:cisco:ios:11.1%2813%29aa cpe:/o:cisco:ios:11.1%2813%29ca cpe:/o:cisco:ios:11.1%2813%29ia cpe:/o:cisco:ios:11.1%2815%29aa cpe:/o:cisco:ios:11.1%2815%29ca cpe:/o:cisco:ios:11.1%2815%29ia cpe:/o:cisco:ios:11.1%2816%29aa cpe:/o:cisco:ios:11.1%2816%29ia cpe:/o:cisco:ios:11.1%2817%29cc cpe:/o:cisco:ios:11.1%2817%29ct cpe:/o:cisco:ios:11.1%2820%29aa4 cpe:/o:cisco:ios:11.1%2824a%29 cpe:/o:cisco:ios:11.1%2824b%29 cpe:/o:cisco:ios:11.1%2828a%29ct cpe:/o:cisco:ios:11.1%2828a%29ia cpe:/o:cisco:ios:11.1%2836%29ca2 cpe:/o:cisco:ios:11.1%2836%29cc2 cpe:/o:cisco:ios:11.1%2836%29cc4 cpe:/o:cisco:ios:11.1aa cpe:/o:cisco:ios:11.1ca cpe:/o:cisco:ios:11.1cc cpe:/o:cisco:ios:11.1ct cpe:/o:cisco:ios:11.1ia cpe:/o:cisco:ios:11.2 cpe:/o:cisco:ios:11.2%284%29 cpe:/o:cisco:ios:11.2%284%29f cpe:/o:cisco:ios:11.2%284%29f1 cpe:/o:cisco:ios:11.2%284%29xa cpe:/o:cisco:ios:11.2%284%29xaf cpe:/o:cisco:ios:11.2%288%29p cpe:/o:cisco:ios:11.2%288%29sa1 cpe:/o:cisco:ios:11.2%288%29sa3 cpe:/o:cisco:ios:11.2%288%29sa5 cpe:/o:cisco:ios:11.2%288.9%29sa6 cpe:/o:cisco:ios:11.2%289%29p cpe:/o:cisco:ios:11.2%289%29xa cpe:/o:cisco:ios:11.2%2810%29bc cpe:/o:cisco:ios:11.2%2811b%29t2 cpe:/o:cisco:ios:11.2%2817%29 cpe:/o:cisco:ios:11.2%2819%29gs0.2 cpe:/o:cisco:ios:11.2%2819a%29gs6 cpe:/o:cisco:ios:11.2%2823a%29bc1 cpe:/o:cisco:ios:11.2%2826%29p2 cpe:/o:cisco:ios:11.2%2826a%29 cpe:/o:cisco:ios:11.2%2826b%29 cpe:/o:cisco:ios:11.2bc cpe:/o:cisco:ios:11.2f cpe:/o:cisco:ios:11.2gs cpe:/o:cisco:ios:11.2p cpe:/o:cisco:ios:11.2sa cpe:/o:cisco:ios:11.2wa3 cpe:/o:cisco:ios:11.2wa4 cpe:/o:cisco:ios:11.2xa cpe:/o:cisco:ios:11.3 cpe:/o:cisco:ios:11.3%281%29ed cpe:/o:cisco:ios:11.3%281%29t cpe:/o:cisco:ios:11.3%282%29xa cpe:/o:cisco:ios:11.3%287%29db1 cpe:/o:cisco:ios:11.3%288%29db2 cpe:/o:cisco:ios:11.3%2811%29b cpe:/o:cisco:ios:11.3%2811b%29 cpe:/o:cisco:ios:11.3%2811b%29t2 cpe:/o:cisco:ios:11.3%2811c%29 cpe:/o:cisco:ios:11.3aa cpe:/o:cisco:ios:11.3da cpe:/o:cisco:ios:11.3db cpe:/o:cisco:ios:11.3ha cpe:/o:cisco:ios:11.3ma cpe:/o:cisco:ios:11.3na cpe:/o:cisco:ios:11.3t cpe:/o:cisco:ios:11.3wa4 cpe:/o:cisco:ios:11.3xa cpe:/o:cisco:ios:12.0 cpe:/o:cisco:ios:12.0%281%29 cpe:/o:cisco:ios:12.0%281%29w cpe:/o:cisco:ios:12.0%281%29xa3 cpe:/o:cisco:ios:12.0%281%29xb cpe:/o:cisco:ios:12.0%281%29xe cpe:/o:cisco:ios:12.0%282%29 cpe:/o:cisco:ios:12.0%282%29xc cpe:/o:cisco:ios:12.0%282%29xd cpe:/o:cisco:ios:12.0%282%29xe cpe:/o:cisco:ios:12.0%282%29xf cpe:/o:cisco:ios:12.0%282%29xg cpe:/o:cisco:ios:12.0%282b%29 cpe:/o:cisco:ios:12.0%283%29 cpe:/o:cisco:ios:12.0%283%29t2 cpe:/o:cisco:ios:12.0%283d%29 cpe:/o:cisco:ios:12.0%284%29s cpe:/o:cisco:ios:12.0%284%29t cpe:/o:cisco:ios:12.0%284%29xe cpe:/o:cisco:ios:12.0%284%29xe1 cpe:/o:cisco:ios:12.0%284%29xm cpe:/o:cisco:ios:12.0%284%29xm1 cpe:/o:cisco:ios:12.0%285%29t cpe:/o:cisco:ios:12.0%285%29t1 cpe:/o:cisco:ios:12.0%285%29wc cpe:/o:cisco:ios:12.0%285%29wc2 cpe:/o:cisco:ios:12.0%285%29wc2b cpe:/o:cisco:ios:12.0%285%29wc3 cpe:/o:cisco:ios:12.0%285%29wc3b cpe:/o:cisco:ios:12.0%285%29wx cpe:/o:cisco:ios:12.0%285%29xe cpe:/o:cisco:ios:12.0%285%29xk cpe:/o:cisco:ios:12.0%285%29xk2 cpe:/o:cisco:ios:12.0%285%29xn cpe:/o:cisco:ios:12.0%285%29xn1 cpe:/o:cisco:ios:12.0%285%29xs cpe:/o:cisco:ios:12.0%285%29xu cpe:/o:cisco:ios:12.0%285%29yb4 cpe:/o:cisco:ios:12.0%285.1%29xp cpe:/o:cisco:ios:12.0%285.2%29xu cpe:/o:cisco:ios:12.0%285.3%29wc1 cpe:/o:cisco:ios:12.0%285.4%29wc1 cpe:/o:cisco:ios:12.0%286b%29 cpe:/o:cisco:ios:12.0%287%29db2 cpe:/o:cisco:ios:12.0%287%29dc1 cpe:/o:cisco:ios:12.0%287%29s1 cpe:/o:cisco:ios:12.0%287%29sc cpe:/o:cisco:ios:12.0%287%29t cpe:/o:cisco:ios:12.0%287%29t2 cpe:/o:cisco:ios:12.0%287%29wx5%2815a%29 cpe:/o:cisco:ios:12.0%287%29xe cpe:/o:cisco:ios:12.0%287%29xe2 cpe:/o:cisco:ios:12.0%287%29xf cpe:/o:cisco:ios:12.0%287%29xf1 cpe:/o:cisco:ios:12.0%287%29xk cpe:/o:cisco:ios:12.0%287%29xk3 cpe:/o:cisco:ios:12.0%287%29xv cpe:/o:cisco:ios:12.0%287.4%29s cpe:/o:cisco:ios:12.0%287a%29 cpe:/o:cisco:ios:12.0%288%29 cpe:/o:cisco:ios:12.0%288%29s1 cpe:/o:cisco:ios:12.0%288.0.2%29s cpe:/o:cisco:ios:12.0%288.3%29sc cpe:/o:cisco:ios:12.0%288a%29 cpe:/o:cisco:ios:12.0%289%29 cpe:/o:cisco:ios:12.0%289%29s cpe:/o:cisco:ios:12.0%289%29s8 cpe:/o:cisco:ios:12.0%289a%29 cpe:/o:cisco:ios:12.0%2810%29s7 cpe:/o:cisco:ios:12.0%2810%29w5 cpe:/o:cisco:ios:12.0%2810%29w5%2818f%29 cpe:/o:cisco:ios:12.0%2810%29w5%2818g%29 cpe:/o:cisco:ios:12.0%2810a%29 cpe:/o:cisco:ios:12.0%2811%29s6 cpe:/o:cisco:ios:12.0%2811%29st4 cpe:/o:cisco:ios:12.0%2811a%29 cpe:/o:cisco:ios:12.0%2812%29s3 cpe:/o:cisco:ios:12.0%2812a%29 cpe:/o:cisco:ios:12.0%2813%29s6 cpe:/o:cisco:ios:12.0%2813%29w5%2819c%29 cpe:/o:cisco:ios:12.0%2813%29wt6%281%29 cpe:/o:cisco:ios:12.0%2813a%29 cpe:/o:cisco:ios:12.0%2814%29s7 cpe:/o:cisco:ios:12.0%2814%29st cpe:/o:cisco:ios:12.0%2814%29st3 cpe:/o:cisco:ios:12.0%2814%29w5%2820%29 cpe:/o:cisco:ios:12.0%2814a%29 cpe:/o:cisco:ios:12.0%2815%29s3 cpe:/o:cisco:ios:12.0%2815%29s6 cpe:/o:cisco:ios:12.0%2815a%29 cpe:/o:cisco:ios:12.0%2816%29s8 cpe:/o:cisco:ios:12.0%2816%29sc3 cpe:/o:cisco:ios:12.0%2816%29st1 cpe:/o:cisco:ios:12.0%2816%29w5%2821%29 cpe:/o:cisco:ios:12.0%2816.06%29s cpe:/o:cisco:ios:12.0%2816a%29 cpe:/o:cisco:ios:12.0%2817%29 cpe:/o:cisco:ios:12.0%2817%29s cpe:/o:cisco:ios:12.0%2817%29s4 cpe:/o:cisco:ios:12.0%2817%29sl2 cpe:/o:cisco:ios:12.0%2817%29sl6 cpe:/o:cisco:ios:12.0%2817%29st1 cpe:/o:cisco:ios:12.0%2817%29st5 cpe:/o:cisco:ios:12.0%2817a%29 cpe:/o:cisco:ios:12.0%2818%29s cpe:/o:cisco:ios:12.0%2818%29s5 cpe:/o:cisco:ios:12.0%2818%29st1 cpe:/o:cisco:ios:12.0%2818%29w5%2822b%29 cpe:/o:cisco:ios:12.0%2818b%29 cpe:/o:cisco:ios:12.0da cpe:/o:cisco:ios:12.0db cpe:/o:cisco:ios:12.0dc cpe:/o:cisco:ios:12.0s cpe:/o:cisco:ios:12.0sc cpe:/o:cisco:ios:12.0sl cpe:/o:cisco:ios:12.0sp cpe:/o:cisco:ios:12.0st cpe:/o:cisco:ios:12.0sx cpe:/o:cisco:ios:12.0t cpe:/o:cisco:ios:12.0w5 cpe:/o:cisco:ios:12.0wc cpe:/o:cisco:ios:12.0wt cpe:/o:cisco:ios:12.0wx cpe:/o:cisco:ios:12.0xa cpe:/o:cisco:ios:12.0xb cpe:/o:cisco:ios:12.0xc cpe:/o:cisco:ios:12.0xd cpe:/o:cisco:ios:12.0xe cpe:/o:cisco:ios:12.0xf cpe:/o:cisco:ios:12.0xg cpe:/o:cisco:ios:12.0xh cpe:/o:cisco:ios:12.0xi cpe:/o:cisco:ios:12.0xj cpe:/o:cisco:ios:12.0xk cpe:/o:cisco:ios:12.0xl cpe:/o:cisco:ios:12.0xm cpe:/o:cisco:ios:12.0xn cpe:/o:cisco:ios:12.0xp cpe:/o:cisco:ios:12.0xq cpe:/o:cisco:ios:12.0xr cpe:/o:cisco:ios:12.0xs cpe:/o:cisco:ios:12.0xu cpe:/o:cisco:ios:12.0xv cpe:/o:cisco:ios:12.0xw CVE-2003-0100 2003-03-03T00:00:00.000-05:00 2016-10-17T22:29:29.727-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030220 Cisco IOS OSPF exploit BUGTRAQ 20030221 Re: Cisco IOS OSPF exploit XF cisco-ios-ospf-bo(11373) BID 6895 Buffer overflow in Cisco IOS 11.2.x to 12.0.x allows remote attackers to cause a denial of service and possibly execute commands via a large number of OSPF neighbor announcements. cpe:/a:engardelinux:guardian_digital_webtool:1.2 cpe:/a:usermin:usermin:0.4 cpe:/a:usermin:usermin:0.5 cpe:/a:usermin:usermin:0.6 cpe:/a:usermin:usermin:0.7 cpe:/a:usermin:usermin:0.8 cpe:/a:usermin:usermin:0.9 cpe:/a:usermin:usermin:0.91 cpe:/a:usermin:usermin:0.92 cpe:/a:usermin:usermin:0.93 cpe:/a:usermin:usermin:0.94 cpe:/a:usermin:usermin:0.95 cpe:/a:usermin:usermin:0.96 cpe:/a:usermin:usermin:0.97 cpe:/a:usermin:usermin:0.98 cpe:/a:usermin:usermin:0.99 cpe:/a:webmin:webmin:1.0.50 cpe:/a:webmin:webmin:1.0.60 CVE-2003-0101 2003-03-03T00:00:00.000-05:00 2016-10-17T22:29:30.850-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SGI 20030602-01-I HP HPSBUX0303-250 ENGARDE ESA-20030225-006 BUGTRAQ 20030224 Webmin 1.050 - 1.060 remote exploit BUGTRAQ 20030224 [SNS Advisory No.62] Webmin/Usermin Session ID Spoofing Vulnerability "Episode 2" BUGTRAQ 20030224 GLSA: usermin (200302-14) CONFIRM http://marc.info/?l=webmin-announce&m=104587858408101&w=2 CIAC N-058 DEBIAN DSA-319 XF webmin-usermin-root-access(11390) MISC http://www.lac.co.jp/security/english/snsadv_e/62_e.html CONFIRM http://www.linuxsecurity.com/advisories/gentoo_advisory-2886.html MANDRAKE MDKSA-2003:025 BID 6915 SECTRACK 1006160 miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 does not properly handle metacharacters such as line feeds and carriage returns (CRLF) in Base-64 encoded strings during Basic authentication, which allows remote attackers to spoof a session ID and gain root privileges. cpe:/a:file:file:3.28 cpe:/a:file:file:3.30 cpe:/a:file:file:3.32 cpe:/a:file:file:3.33 cpe:/a:file:file:3.34 cpe:/a:file:file:3.35 cpe:/a:file:file:3.36 cpe:/a:file:file:3.37 cpe:/a:file:file:3.39 cpe:/a:file:file:3.40 cpe:/o:netbsd:netbsd:1.5 cpe:/o:netbsd:netbsd:1.5.1 cpe:/o:netbsd:netbsd:1.5.2 cpe:/o:netbsd:netbsd:1.5.3 cpe:/o:netbsd:netbsd:1.6 CVE-2003-0102 2003-03-18T00:00:00.000-05:00 2018-05-02T21:29:19.100-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS NETBSD NetBSD-SA2003-003 IMMUNIX IMNX-2003-7+-012-01 BUGTRAQ 20030304 iDEFENSE Security Advisory 03.04.03: Locally Exploitable Buffer Overflow in file(1) DEBIAN DSA-260 MISC http://www.idefense.com/advisory/03.04.03.txt CERT-VN VU#611865 MANDRAKE MDKSA-2003:030 SUSE SuSE-SA:2003:017 REDHAT RHSA-2003:086 REDHAT RHSA-2003:087 BID 7008 XF file-afctr-read-bo(11469) Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize). cpe:/h:nokia:6210_handset:5.27 CVE-2003-0103 2003-03-07T00:00:00.000-05:00 2008-09-05T16:33:29.380-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 XF nokia-6210-vcard-dos(11421) BID 6952 Format string vulnerability in Nokia 6210 handset allows remote attackers to cause a denial of service (crash, lockup, or restart) via a Multi-Part vCard with fields containing a large number of format string specifiers. cpe:/a:peoplesoft:peopletools:8.10 cpe:/a:peoplesoft:peopletools:8.11 cpe:/a:peoplesoft:peopletools:8.12 cpe:/a:peoplesoft:peopletools:8.13 cpe:/a:peoplesoft:peopletools:8.14 cpe:/a:peoplesoft:peopletools:8.15 cpe:/a:peoplesoft:peopletools:8.16 cpe:/a:peoplesoft:peopletools:8.17 cpe:/a:peoplesoft:peopletools:8.18 cpe:/a:peoplesoft:peopletools:8.40 cpe:/a:peoplesoft:peopletools:8.41 CVE-2003-0104 2003-03-18T00:00:00.000-05:00 2008-09-05T16:33:29.537-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ISS 20030310 PeopleSoft PeopleTools Remote Command Execution Vulnerability XF peoplesoft-schedulertransfer-create-files(10962) BID 7053 Directory traversal vulnerability in PeopleTools 8.10 through 8.18, 8.40, and 8.41 allows remote attackers to overwrite arbitrary files via the SchedulerTransfer servlet. cpe:/a:port80_software:servermask:2.2 CVE-2003-0105 2004-09-28T00:00:00.000-04:00 2017-07-10T21:29:27.617-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20040810 Corsaire Security Advisory - Port80 Software ServerMask inconsistencies MISC http://www.corsaire.com/advisories/c030224-001.txt XF servermask-header-obtain-info(16947) ServerMask 2.2 and earlier does not obfuscate (1) ETag, (2) HTTP Status Message, or (3) Allow HTTP responses, which could tell remote attackers that the web server is an IIS server. cpe:/a:symantec:enterprise_firewall:7.0 CVE-2003-0106 2003-04-02T00:00:00.000-05:00 2016-10-17T22:29:34.990-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030326 Corsaire Security Advisory - Symantec Enterprise Firewall (SEF) H TTP URL pattern evasion issue BUGTRAQ 20030326 Corsaire Security Advisory - Symantec Enterprise Firewall (SEF) H TTP URL pattern evasion issue NTBUGTRAQ 20030326 Corsaire Security Advisory - Symantec Enterprise Firewall (SEF) H TTP URL pattern evasion issue CONFIRM http://service1.symantec.com/SUPPORT/ent-gate.nsf/docid/2003032507434754 BID 7196 The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern matching for blocked URLs via requests that are URL-encoded with escapes, Unicode, or UTF-8. cpe:/a:gnu:zlib:1.1.4 CVE-2003-0107 2003-03-07T00:00:00.000-05:00 2017-01-02T21:59:00.327-05:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CALDERA CSSA-2003-011.0 NETBSD NetBSD-SA2003-004 CONECTIVA CLSA-2003:619 JVN JVN#78689801 JVNDB JVNDB-2015-000066 CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00038.html BUGTRAQ 20030223 poc zlib sploit just for fun :) BUGTRAQ 20030224 Re: buffer overrun in zlib 1.1.4 BUGTRAQ 20030225 [sorcerer-spells] ZLIB-SORCERER2003-02-25 GENTOO GLSA-200303-25 BUGTRAQ 20030222 buffer overrun in zlib 1.1.4 SUNALERT 57405 XF zlib-gzprintf-bo(11381) CERT-VN VU#142121 MANDRAKE MDKSA-2003:033 REDHAT RHSA-2003:079 REDHAT RHSA-2003:081 BID 6913 Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are truncated using vsnprintf, allows attackers to cause a denial of service or possibly execute arbitrary code. cpe:/a:lbl:tcpdump:3.5.2 cpe:/a:lbl:tcpdump:3.6.2 cpe:/a:lbl:tcpdump:3.7 cpe:/a:lbl:tcpdump:3.7.1 CVE-2003-0108 2003-03-07T00:00:00.000-05:00 2016-10-17T22:29:37.587-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONECTIVA CLA-2003:629 BUGTRAQ 20030227 iDEFENSE Security Advisory 02.27.03: TCPDUMP Denial of Service Vulnerability in ISAKMP Packet Parsin BUGTRAQ 20030304 [OpenPKG-SA-2003.014] OpenPKG Security Advisory (tcpdump) DEBIAN DSA-255 MISC http://www.idefense.com/advisory/02.27.03.txt XF tcpdump-isakmp-dos(11434) MANDRAKE MDKSA-2003:027 SUSE SuSE-SA:2003:0015 REDHAT RHSA-2003:032 REDHAT RHSA-2003:085 REDHAT RHSA-2003:214 BID 6974 isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to UDP port 500, which causes tcpdump to enter an infinite loop. cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2000::sp1 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 cpe:/o:microsoft:windows_2000_terminal_services cpe:/o:microsoft:windows_2000_terminal_services::sp1 cpe:/o:microsoft:windows_2000_terminal_services::sp2 cpe:/o:microsoft:windows_2000_terminal_services::sp3 CVE-2003-0109 2003-03-31T00:00:00.000-05:00 2019-04-30T10:27:13.710-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030321 New attack vectors and a vulnerability dissection of MS03-007 BUGTRAQ 20030325 IIS 5.0 WebDAV -Proof of concept-. Fully documented. BUGTRAQ 20030326 WebDAV exploit: using wide character decoder scheme BUGTRAQ 20030328 Fate Research Labs Presents: Analysis of the NTDLL.DLL Exploit BUGTRAQ 20030708 WDAV exploit without netcat and with pretty magic number NTBUGTRAQ 20030321 New attack vectors and a vulnerability dissection of MS03-007 CONFIRM http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B&displaylang=en MSKB Q815021 CERT CA-2003-09 ISS 20030317 Microsoft IIS WebDAV Remote Compromise Vulnerability XF http-webdav-long-request(11533) CERT-VN VU#117394 MISC http://www.nextgenss.com/papers/ms03-007-ntdll.pdf BID 7116 MS MS03-007 Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0. cpe:/a:microsoft:isa_server:2000 cpe:/a:microsoft:isa_server:2000:fp1 cpe:/a:microsoft:isa_server:2000:sp1 cpe:/a:microsoft:proxy_server:2.0 cpe:/a:microsoft:proxy_server:2.0:sp1 CVE-2003-0110 2003-05-05T00:00:00.000-04:00 2018-10-12T17:32:25.600-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030409 iDEFENSE Security Advisory 04.09.03: Denial of Service in Microsoft Proxy Server and Internet Security and Acceleration Server 2000 MISC http://www.idefense.com/advisory/04.09.03.txt MS MS03-012 The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or packet storm) via a spoofed, malformed packet to UDP port 1745. cpe:/a:microsoft:virtual_machine:3802 cpe:/a:microsoft:virtual_machine:3805 cpe:/a:microsoft:virtual_machine:3809 cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2000::sp1 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 cpe:/o:microsoft:windows_2000_terminal_services cpe:/o:microsoft:windows_2000_terminal_services::sp1 cpe:/o:microsoft:windows_2000_terminal_services::sp2 cpe:/o:microsoft:windows_2000_terminal_services::sp3 CVE-2003-0111 2003-05-05T00:00:00.000-04:00 2019-04-30T10:27:13.710-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS XF msvm-bytecode-improper-validation(11751) CERT-VN VU#447569 MS MS03-011 The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious Java applet, aka "Flaw in Microsoft VM Could Enable System Compromise." cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2000::sp1 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 cpe:/o:microsoft:windows_2000_terminal_services cpe:/o:microsoft:windows_2000_terminal_services::sp1 cpe:/o:microsoft:windows_2000_terminal_services::sp2 cpe:/o:microsoft:windows_2000_terminal_services::sp3 cpe:/o:microsoft:windows_nt:4.0::enterprise_server cpe:/o:microsoft:windows_nt:4.0::server cpe:/o:microsoft:windows_nt:4.0::terminal_server cpe:/o:microsoft:windows_nt:4.0::workstation cpe:/o:microsoft:windows_nt:4.0:sp1:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp1:server cpe:/o:microsoft:windows_nt:4.0:sp1:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp1:workstation cpe:/o:microsoft:windows_nt:4.0:sp2:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp2:server cpe:/o:microsoft:windows_nt:4.0:sp2:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp2:workstation cpe:/o:microsoft:windows_nt:4.0:sp3:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp3:server cpe:/o:microsoft:windows_nt:4.0:sp3:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp3:workstation cpe:/o:microsoft:windows_nt:4.0:sp4:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp4:server cpe:/o:microsoft:windows_nt:4.0:sp4:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp4:workstation cpe:/o:microsoft:windows_nt:4.0:sp5:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp5:server cpe:/o:microsoft:windows_nt:4.0:sp5:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp5:workstation cpe:/o:microsoft:windows_nt:4.0:sp6:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6:server cpe:/o:microsoft:windows_nt:4.0:sp6:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6:workstation cpe:/o:microsoft:windows_nt:4.0:sp6a:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6a:server cpe:/o:microsoft:windows_nt:4.0:sp6a:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6a:workstation cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_xp::sp1:home CVE-2003-0112 2003-05-12T00:00:00.000-04:00 2019-04-30T10:27:13.710-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CERT-VN VU#446338 BID 7370 MS MS03-013 XF win-kernel-lpcrequestwaitreplyport-bo(11803) Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger. cpe:/a:microsoft:ie:5.0.1 cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.5:sp1 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:6.0:sp1 CVE-2003-0113 2003-05-12T00:00:00.000-04:00 2018-10-12T17:32:28.210-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030426 Buffer overflow in Internet Explorer's HTTP parsing code BUGTRAQ 20030701 URLMON.DLL buffer overflow - technical details CERT-VN VU#169753 MS MS03-015 Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via an HTTP response containing long values in (1) Content-type and (2) Content-encoding fields. cpe:/a:microsoft:ie:5.0.1 cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.5:sp1 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:6.0:sp1 CVE-2003-0114 2003-05-12T00:00:00.000-04:00 2018-10-12T17:32:28.943-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030203 internet explorer local file reading MS MS03-015 The file upload control in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to automatically upload files from the local system via a web page containing a script to upload the files. cpe:/a:microsoft:ie:5.0.1 cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.5:sp1 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:6.0:sp1 CVE-2003-0115 2003-05-12T00:00:00.000-04:00 2018-10-12T17:32:29.333-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS XF ie-improper-thirdparty-rendering(11848) MS MS03-015 Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check parameters that are passed during third party rendering, which could allow remote attackers to execute arbitrary web script, aka the "Third Party Plugin Rendering" vulnerability, a different vulnerability than CVE-2003-0233. cpe:/a:microsoft:ie:5.0.1 cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.5:sp1 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:6.0:sp1 CVE-2003-0116 2003-05-12T00:00:00.000-04:00 2018-10-12T17:32:29.537-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov CERT-VN VU#244729 BUGTRAQ 20021203 Poisonous Style for Dialog window turns the zone off. BID 6306 MS MS03-015 Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote attackers to read files on the local system via a web page containing script that creates a dialog and then accesses the target files, aka "Modal Dialog script execution." cpe:/a:microsoft:biztalk_server:2002::developer cpe:/a:microsoft:biztalk_server:2002::enterprise CVE-2003-0117 2003-05-12T00:00:00.000-04:00 2018-10-12T17:32:29.867-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030505 Microsoft Biztalk Server ISAPI HTTP Receive function buffer overflow MS MS03-016 Buffer overflow in the HTTP receiver function (BizTalkHTTPReceive.dll ISAPI) of Microsoft BizTalk Server 2002 allows attackers to execute arbitrary code via a certain request to the HTTP receiver. cpe:/a:microsoft:biztalk_server:2000::developer cpe:/a:microsoft:biztalk_server:2000::enterprise cpe:/a:microsoft:biztalk_server:2000::standard cpe:/a:microsoft:biztalk_server:2000:sp1a:developer cpe:/a:microsoft:biztalk_server:2000:sp1a:enterprise cpe:/a:microsoft:biztalk_server:2000:sp1a:standard cpe:/a:microsoft:biztalk_server:2000:sp2:developer cpe:/a:microsoft:biztalk_server:2000:sp2:enterprise cpe:/a:microsoft:biztalk_server:2000:sp2:standard cpe:/a:microsoft:biztalk_server:2002::developer cpe:/a:microsoft:biztalk_server:2002::enterprise CVE-2003-0118 2003-05-12T00:00:00.000-04:00 2018-10-12T17:32:30.117-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030505 Microsoft Biztalk Server DTA vulnerable to SQL injection MS MS03-016 SQL injection vulnerability in the Document Tracking and Administration (DTA) website of Microsoft BizTalk Server 2000 and 2002 allows remote attackers to execute operating system commands via a request to (1) rawdocdata.asp or (2) RawCustomSearchField.asp containing an embedded SQL statement. cpe:/o:ibm:aix:4.3.3 cpe:/o:ibm:aix:5.1 cpe:/o:ibm:aix:5.2 CVE-2003-0119 2004-02-03T00:00:00.000-05:00 2008-09-05T16:33:31.973-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS CERT-VN VU#624713 BID 7264 IBM MSS-OAR-E01-2003:0245.1 The secldapclntd daemon in AIX 4.3, 5.1 and 5.2 uses an Internet socket when communicating with the loadmodule, which allows remote attackers to directly connect to the daemon and conduct unauthorized activities. cpe:/a:mhc-utils:mhc-utils:0.25_snap2001-06-25 CVE-2003-0120 2003-03-07T00:00:00.000-05:00 2008-09-05T16:33:32.130-04:00 1.2 LOCAL HIGH NONE NONE PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 DEBIAN DSA-256 XF mhc-adb2mhc-insecure-tmp(11439) BID 6978 adb2mhc in the mhc-utils package before 0.25+20010625-7.1 allows local users to overwrite arbitrary files via a symlink attack on a default temporary directory with a predictable name. cpe:/a:clearswift:mailsweeper:4.0 cpe:/a:clearswift:mailsweeper:4.1 cpe:/a:clearswift:mailsweeper:4.2 cpe:/a:clearswift:mailsweeper:4.3 CVE-2003-0121 2003-03-18T00:00:00.000-05:00 2016-10-17T22:29:45.917-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030307 Corsaire Security Advisory - Clearswift MAILsweeper MIME attachment evasion issue BUGTRAQ 20030326 RE: Corsaire Security Advisory - Clearswift MAILsweeper MIME attachment evasion issue BID 7044 Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment that does not specify a MIME-Version header field, which is processed by some mail clients. cpe:/a:ibm:lotus_domino:4.6.1 cpe:/a:ibm:lotus_domino:4.6.3 cpe:/a:ibm:lotus_domino:4.6.4 cpe:/a:ibm:lotus_domino:5.0 cpe:/a:ibm:lotus_domino:5.0.1 cpe:/a:ibm:lotus_domino:5.0.2 cpe:/a:ibm:lotus_domino:5.0.3 cpe:/a:ibm:lotus_domino:5.0.4 cpe:/a:ibm:lotus_domino:5.0.4a cpe:/a:ibm:lotus_domino:5.0.5 cpe:/a:ibm:lotus_domino:5.0.6 cpe:/a:ibm:lotus_domino:5.0.6a cpe:/a:ibm:lotus_domino:5.0.7a cpe:/a:ibm:lotus_domino:5.0.8 cpe:/a:ibm:lotus_domino:5.0.8a cpe:/a:ibm:lotus_domino:5.0.9 cpe:/a:ibm:lotus_domino:5.0.9a cpe:/a:ibm:lotus_domino:5.0.10 cpe:/a:ibm:lotus_domino:5.0.11 cpe:/a:ibm:lotus_notes_client:5.0 cpe:/a:ibm:lotus_notes_client:5.0.1 cpe:/a:ibm:lotus_notes_client:5.0.2 cpe:/a:ibm:lotus_notes_client:5.0.3 cpe:/a:ibm:lotus_notes_client:5.0.4 cpe:/a:ibm:lotus_notes_client:5.0.5 cpe:/a:ibm:lotus_notes_client:5.0.9a cpe:/a:ibm:lotus_notes_client:5.0.10 cpe:/a:ibm:lotus_notes_client:5.0.11 cpe:/a:ibm:lotus_notes_client:r5 CVE-2003-0122 2003-03-18T00:00:00.000-05:00 2017-12-12T12:05:18.547-05:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2017-12-12T10:33:09.027-05:00 VULNWATCH 20030313 R7-0010: Buffer Overflow in Lotus Notes Protocol Authentication BUGTRAQ 20030313 R7-0010: Buffer Overflow in Lotus Notes Protocol Authentication CERT CA-2003-11 CIAC N-065 CERT-VN VU#433489 MISC http://www.rapid7.com/advisories/R7-0010.html BID 7037 CONFIRM http://www-1.ibm.com/support/docview.wss?rs=482&q=Domino&uid=swg21105101 XF lotus-nrpc-bo(11526) Buffer overflow in Notes server before Lotus Notes R4, R5 before 5.0.11, and early R6 allows remote attackers to execute arbitrary code via a long distinguished name (DN) during NotesRPC authentication and an outer field length that is less than that of the DN field. cpe:/a:ibm:lotus_domino:4.6.1 cpe:/a:ibm:lotus_domino:4.6.3 cpe:/a:ibm:lotus_domino:4.6.4 cpe:/a:ibm:lotus_domino:5.0 cpe:/a:ibm:lotus_domino:5.0.1 cpe:/a:ibm:lotus_domino:5.0.2 cpe:/a:ibm:lotus_domino:5.0.3 cpe:/a:ibm:lotus_domino:5.0.4 cpe:/a:ibm:lotus_domino:5.0.4a cpe:/a:ibm:lotus_domino:5.0.5 cpe:/a:ibm:lotus_domino:5.0.6 cpe:/a:ibm:lotus_domino:5.0.6a cpe:/a:ibm:lotus_domino:5.0.7 cpe:/a:ibm:lotus_domino:5.0.7a cpe:/a:ibm:lotus_domino:5.0.8 cpe:/a:ibm:lotus_domino:5.0.8a cpe:/a:ibm:lotus_domino:5.0.9 cpe:/a:ibm:lotus_domino:5.0.9a cpe:/a:ibm:lotus_domino:5.0.10 cpe:/a:ibm:lotus_domino:5.0.11 cpe:/a:ibm:lotus_notes_client:5.0 cpe:/a:ibm:lotus_notes_client:5.0.1 cpe:/a:ibm:lotus_notes_client:5.0.2 cpe:/a:ibm:lotus_notes_client:5.0.3 cpe:/a:ibm:lotus_notes_client:5.0.4 cpe:/a:ibm:lotus_notes_client:5.0.5 cpe:/a:ibm:lotus_notes_client:5.0.9a cpe:/a:ibm:lotus_notes_client:5.0.10 cpe:/a:ibm:lotus_notes_client:5.0.11 cpe:/a:ibm:lotus_notes_client:r5 CVE-2003-0123 2003-03-18T00:00:00.000-05:00 2017-11-22T09:04:35.223-05:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2017-11-21T14:45:06.977-05:00 BUGTRAQ 20030313 R7-0011: Lotus Notes/Domino Web Retriever HTTP Status Buffer Overflow CERT CA-2003-11 CIAC N-065 CERT-VN VU#411489 MISC http://www.rapid7.com/advisories/R7-0011.html BID 7038 CONFIRM http://www-1.ibm.com/support/docview.wss?rs=482&q=Domino&uid=swg21105060 XF lotus-web-retriever-bo(11525) Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 through R6 allows remote malicious web servers to cause a denial of service (crash) via a long HTTP status line. cpe:/a:andries_brouwer:man:1.5h1 cpe:/a:andries_brouwer:man:1.5i cpe:/a:andries_brouwer:man:1.5i2 cpe:/a:andries_brouwer:man:1.5j cpe:/a:andries_brouwer:man:1.5k CVE-2003-0124 2003-03-18T00:00:00.000-05:00 2017-10-09T21:30:14.500-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS CONECTIVA CLSA-2003:620 BUGTRAQ 20030311 Vulnerability in man < 1.5l GENTOO GLSA-200303-13 REDHAT RHSA-2003:133 REDHAT RHSA-2003:134 BID 7066 XF man-myxsprintf-code-execution(11512) man before 1.5l allows attackers to execute arbitrary code via a malformed man file with improper quotes, which causes the my_xsprintf function to return a string with the value "unsafe," which is then executed as a program via a system call if it is in the search path of the user who runs man. cpe:/h:multitech:routefinder_550_vpn:4.63 CVE-2003-0125 2003-03-18T00:00:00.000-05:00 2018-05-02T21:29:19.333-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONFIRM ftp://ftp.multitech.com/Routers/RF550VPN.TXT MISC http://www.krusesecurity.dk/advisories/routefind550bof.txt BID 7067 XF routefinder-vpn-options-bo(11514) Buffer overflow in the web interface for SOHO Routefinder 550 before firmware 4.63 allows remote attackers to cause a denial of service (reboot) and execute arbitrary code via a long GET /OPTIONS value. cpe:/h:multitech:routefinder_550_vpn:4.63 cpe:/h:multitech:routefinder_550_vpn:4.64_beta CVE-2003-0126 2003-03-18T00:00:00.000-05:00 2008-09-05T16:33:33.083-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS MISC http://www.krusesecurity.dk/advisories/routefind550bof.txt The web interface for SOHO Routefinder 550 firmware 4.63 and earlier, and possibly later versions, has a default "admin" account with a blank password, which could allow attackers on the LAN side to conduct unauthorized activities. cpe:/o:linux:linux_kernel:2.2.0 cpe:/o:linux:linux_kernel:2.2.1 cpe:/o:linux:linux_kernel:2.2.2 cpe:/o:linux:linux_kernel:2.2.3 cpe:/o:linux:linux_kernel:2.2.4 cpe:/o:linux:linux_kernel:2.2.5 cpe:/o:linux:linux_kernel:2.2.6 cpe:/o:linux:linux_kernel:2.2.7 cpe:/o:linux:linux_kernel:2.2.8 cpe:/o:linux:linux_kernel:2.2.9 cpe:/o:linux:linux_kernel:2.2.10 cpe:/o:linux:linux_kernel:2.2.11 cpe:/o:linux:linux_kernel:2.2.12 cpe:/o:linux:linux_kernel:2.2.13 cpe:/o:linux:linux_kernel:2.2.14 cpe:/o:linux:linux_kernel:2.2.15 cpe:/o:linux:linux_kernel:2.2.16 cpe:/o:linux:linux_kernel:2.2.17 cpe:/o:linux:linux_kernel:2.2.18 cpe:/o:linux:linux_kernel:2.2.19 cpe:/o:linux:linux_kernel:2.2.20 cpe:/o:linux:linux_kernel:2.2.21 cpe:/o:linux:linux_kernel:2.2.22 cpe:/o:linux:linux_kernel:2.2.23 cpe:/o:linux:linux_kernel:2.2.24 cpe:/o:linux:linux_kernel:2.4.0 cpe:/o:linux:linux_kernel:2.4.1 cpe:/o:linux:linux_kernel:2.4.2 cpe:/o:linux:linux_kernel:2.4.3 cpe:/o:linux:linux_kernel:2.4.4 cpe:/o:linux:linux_kernel:2.4.5 cpe:/o:linux:linux_kernel:2.4.6 cpe:/o:linux:linux_kernel:2.4.7 cpe:/o:linux:linux_kernel:2.4.8 cpe:/o:linux:linux_kernel:2.4.9 cpe:/o:linux:linux_kernel:2.4.10 cpe:/o:linux:linux_kernel:2.4.11 cpe:/o:linux:linux_kernel:2.4.12 cpe:/o:linux:linux_kernel:2.4.13 cpe:/o:linux:linux_kernel:2.4.14 cpe:/o:linux:linux_kernel:2.4.15 cpe:/o:linux:linux_kernel:2.4.16 cpe:/o:linux:linux_kernel:2.4.17 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel:2.4.19 cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.4.21:pre1 CVE-2003-0127 2003-03-31T00:00:00.000-05:00 2018-05-02T21:29:19.460-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CALDERA CSSA-2003-020.0 VULNWATCH 20030317 Fwd: Ptrace hole / Linux 2.2.25 ENGARDE ESA-20030515-017 REDHAT RHSA-2003:088 REDHAT RHSA-2003:098 GENTOO GLSA-200303-17 DEBIAN DSA-270 DEBIAN DSA-276 DEBIAN DSA-311 DEBIAN DSA-312 DEBIAN DSA-332 DEBIAN DSA-336 DEBIAN DSA-423 DEBIAN DSA-495 CERT-VN VU#628849 MANDRAKE MDKSA-2003:038 MANDRAKE MDKSA-2003:039 REDHAT RHSA-2003:103 REDHAT RHSA-2003:145 The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel. cpe:/a:ximian:evolution:1.0.3 cpe:/a:ximian:evolution:1.0.4 cpe:/a:ximian:evolution:1.0.5 cpe:/a:ximian:evolution:1.0.6 cpe:/a:ximian:evolution:1.0.7 cpe:/a:ximian:evolution:1.0.8 cpe:/a:ximian:evolution:1.1.1 cpe:/a:ximian:evolution:1.2 cpe:/a:ximian:evolution:1.2.1 cpe:/a:ximian:evolution:1.2.2 CVE-2003-0128 2003-03-24T00:00:00.000-05:00 2017-10-10T21:29:05.620-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030319 CORE-2003-03-04-01: Multiple vulnerabilities in Ximian 's Evolution Mail User Agent CONECTIVA CLA-2003:648 BUGTRAQ 20030321 GLSA: evolution (200303-18) MISC http://www.coresecurity.com/common/showdoc.php?idx=309&idxseccion=10 GENTOO GLSA-200303-18 MANDRAKE MDKSA-2003:045 REDHAT RHSA-2003:108 BID 7117 The try_uudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malicious uuencoded (UUE) header, possibly triggering a heap-based buffer overflow. cpe:/a:ximian:evolution:1.0.3 cpe:/a:ximian:evolution:1.0.4 cpe:/a:ximian:evolution:1.0.5 cpe:/a:ximian:evolution:1.0.6 cpe:/a:ximian:evolution:1.0.7 cpe:/a:ximian:evolution:1.0.8 cpe:/a:ximian:evolution:1.1.1 cpe:/a:ximian:evolution:1.2 cpe:/a:ximian:evolution:1.2.1 cpe:/a:ximian:evolution:1.2.2 CVE-2003-0129 2003-03-24T00:00:00.000-05:00 2017-10-10T21:29:05.700-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030319 CORE-2003-03-04-01: Multiple vulnerabilities in Ximian 's Evolution Mail User Agent CONECTIVA CLA-2003:648 BUGTRAQ 20030321 GLSA: evolution (200303-18) MISC http://www.coresecurity.com/common/showdoc.php?idx=309&idxseccion=10 GENTOO GLSA-200303-18 MANDRAKE MDKSA-2003:045 REDHAT RHSA-2003:108 BID 7118 Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (memory consumption) via a mail message that is uuencoded multiple times. cpe:/a:ximian:evolution:1.0.3 cpe:/a:ximian:evolution:1.0.4 cpe:/a:ximian:evolution:1.0.5 cpe:/a:ximian:evolution:1.0.6 cpe:/a:ximian:evolution:1.0.7 cpe:/a:ximian:evolution:1.0.8 cpe:/a:ximian:evolution:1.1.1 cpe:/a:ximian:evolution:1.2 cpe:/a:ximian:evolution:1.2.1 cpe:/a:ximian:evolution:1.2.2 CVE-2003-0130 2003-03-24T00:00:00.000-05:00 2017-10-10T21:29:05.760-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030319 CORE-2003-03-04-01: Multiple vulnerabilities in Ximian 's Evolution Mail User Agent CONECTIVA CLA-2003:648 BUGTRAQ 20030321 GLSA: evolution (200303-18) MISC http://www.coresecurity.com/common/showdoc.php?idx=309&idxseccion=10 GENTOO GLSA-200303-18 MANDRAKE MDKSA-2003:045 REDHAT RHSA-2003:108 BID 7119 The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers to inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image. cpe:/a:openssl:openssl:0.9.6 cpe:/a:openssl:openssl:0.9.6a cpe:/a:openssl:openssl:0.9.6b cpe:/a:openssl:openssl:0.9.6c cpe:/a:openssl:openssl:0.9.6d cpe:/a:openssl:openssl:0.9.6e cpe:/a:openssl:openssl:0.9.6g cpe:/a:openssl:openssl:0.9.6h cpe:/a:openssl:openssl:0.9.6i cpe:/a:openssl:openssl:0.9.7 cpe:/a:openssl:openssl:0.9.7a CVE-2003-0131 2003-03-24T00:00:00.000-05:00 2018-10-19T11:29:23.713-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS NETBSD NetBSD-SA2003-007 CALDERA CSSA-2003-014.0 SGI 20030501-01-I CONECTIVA CLA-2003:625 MISC http://eprint.iacr.org/2003/052/ CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00028.html BUGTRAQ 20030319 [OpenSSL Advisory] Klima-Pokorny-Rosa attack on PKCS #1 v1.5 padding BUGTRAQ 20030324 GLSA: openssl (200303-20) TRUSTIX 2003-0013 DEBIAN DSA-288 GENTOO GLSA-200303-20 CERT-VN VU#888801 MISC http://www.linuxsecurity.com/advisories/immunix_advisory-3066.html MANDRAKE MDKSA-2003:035 OPENPKG OpenPKG-SA-2003.026 CONFIRM http://www.openssl.org/news/secadv_20030319.txt REDHAT RHSA-2003:101 REDHAT RHSA-2003:102 IMMUNIX IMNX-2003-7+-001-01 BID 7148 XF ssl-premaster-information-leak(11586) SUSE SuSE-SA:2003:024 The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the "Klima-Pokorny-Rosa attack." cpe:/a:apache:http_server:2.0 cpe:/a:apache:http_server:2.0.9 cpe:/a:apache:http_server:2.0.28 cpe:/a:apache:http_server:2.0.32 cpe:/a:apache:http_server:2.0.35 cpe:/a:apache:http_server:2.0.36 cpe:/a:apache:http_server:2.0.37 cpe:/a:apache:http_server:2.0.38 cpe:/a:apache:http_server:2.0.39 cpe:/a:apache:http_server:2.0.40 cpe:/a:apache:http_server:2.0.41 cpe:/a:apache:http_server:2.0.42 cpe:/a:apache:http_server:2.0.43 cpe:/a:apache:http_server:2.0.44 CVE-2003-0132 2003-04-11T00:00:00.000-04:00 2017-10-10T21:29:05.840-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00028.html BUGTRAQ 20030402 [ANNOUNCE] Apache 2.0.45 Released BUGTRAQ 20030408 iDEFENSE Security Advisory 04.08.03: Denial of Service in Apache HTTP Server 2.x BUGTRAQ 20030409 GLSA: apache (200304-01) BUGTRAQ 20030408 Exploit Code Released for Apache 2.x Memory Leak BUGTRAQ 20030410 working apache <= 2.0.44 DoS exploit for linux. BUGTRAQ 20030411 PATCH: [CAN-2003-0132] Apache 2.0.44 Denial of Service MISC http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=205147 MISC http://www.idefense.com/advisory/04.08.03.txt CERT-VN VU#206537 REDHAT RHSA-2003:139 VUPEN ADV-2009-1233 MLIST [httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html MLIST [httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes for each linefeed. cpe:/a:gnome:gtkhtml:1.1.9 cpe:/a:gnome:gtkhtml:1.1.10 CVE-2003-0133 2003-05-05T00:00:00.000-04:00 2017-10-10T21:29:05.903-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONECTIVA CLA-2003:737 MANDRAKE MDKSA-2003:046 REDHAT RHSA-2003:126 GtkHTML, as included in Evolution before 1.2.4, allows remote attackers to cause a denial of service (crash) via certain malformed messages. cpe:/a:apache:http_server:2.0 cpe:/a:apache:http_server:2.0.9 cpe:/a:apache:http_server:2.0.28 cpe:/a:apache:http_server:2.0.32 cpe:/a:apache:http_server:2.0.35 cpe:/a:apache:http_server:2.0.36 cpe:/a:apache:http_server:2.0.37 cpe:/a:apache:http_server:2.0.38 cpe:/a:apache:http_server:2.0.39 cpe:/a:apache:http_server:2.0.40 cpe:/a:apache:http_server:2.0.41 cpe:/a:apache:http_server:2.0.42 cpe:/a:apache:http_server:2.0.43 cpe:/a:apache:http_server:2.0.44 cpe:/a:apache:http_server:2.0.45 CVE-2003-0134 2003-04-11T00:00:00.000-04:00 2016-10-17T22:29:58.353-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONFIRM http://cvs.apache.org/viewcvs/apr/file_io/os2/filestat.c.diff?r1=1.34&r2=1.35 BUGTRAQ 20030402 [ANNOUNCE] Apache 2.0.45 Released BUGTRAQ 20030528 [SECURITY] [ANNOUNCE] Apache 2.0.46 released MLIST [httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html MLIST [httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html Unknown vulnerability in filestat.c for Apache running on OS2, versions 2.0 through 2.0.45, allows unknown attackers to cause a denial of service via requests related to device names. cpe:/o:redhat:linux:9.0::i386 CVE-2003-0135 2003-04-11T00:00:00.000-04:00 2017-10-10T21:29:05.950-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS REDHAT RHSA-2003:084 BID 7253 vsftpd FTP daemon in Red Hat Linux 9 is not compiled against TCP wrappers (tcp_wrappers) but is installed as a standalone service, which inadvertently prevents vsftpd from restricting access as intended. cpe:/o:astart_technologies:lprng:3.7.4 cpe:/o:astart_technologies:lprng:3.8.9 cpe:/o:astart_technologies:lprng:3.8.10.1 cpe:/o:astart_technologies:lprng:3.8.19 CVE-2003-0136 2003-05-05T00:00:00.000-04:00 2017-10-10T21:29:06.027-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=188366 DEBIAN DSA-285 REDHAT RHSA-2003:142 psbanner in the LPRng package allows local users to overwrite arbitrary files via a symbolic link attack on the /tmp/before file. cpe:/a:nokia:sgsn_dx200 CVE-2003-0137 2003-03-18T00:00:00.000-05:00 2008-09-10T15:18:02.773-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ATSTAKE A031303-2 SNMP daemon in the DX200 based network element for Nokia Serving GPRS support node (SGSN) allows remote attackers to read SNMP options via arbitrary community strings. cpe:/a:mit:kerberos:4 CVE-2003-0138 2003-03-24T00:00:00.000-05:00 2018-10-19T11:29:25.227-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030317 MITKRB5-SA-2003-004: Cryptographic weaknesses in Kerberos v4 protocol CONFIRM http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt DEBIAN DSA-266 DEBIAN DSA-269 DEBIAN DSA-273 CERT-VN VU#623217 REDHAT RHSA-2003:051 REDHAT RHSA-2003:052 REDHAT RHSA-2003:091 BUGTRAQ 20030331 GLSA: krb5 & mit-krb5 (200303-28) BID 7113 Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a chosen-plaintext attack. cpe:/a:mit:kerberos:4 CVE-2003-0139 2003-03-24T00:00:00.000-05:00 2018-10-19T11:29:25.930-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030319 MITKRB5-SA-2003-004: Cryptographic weaknesses in Kerberos v4 CONFIRM http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt DEBIAN DSA-266 DEBIAN DSA-273 CERT-VN VU#442569 REDHAT RHSA-2003:051 REDHAT RHSA-2003:052 REDHAT RHSA-2003:091 BUGTRAQ 20030331 GLSA: krb5 & mit-krb5 (200303-28) BUGTRAQ 20030330 GLSA: openafs (200303-26) Certain weaknesses in the implementation of version 4 of the Kerberos protocol (krb4) in the krb5 distribution, when triple-DES keys are used to key krb4 services, allow an attacker to create krb4 tickets for unauthorized principals using a cut-and-paste attack and "ticket splicing." cpe:/a:mutt:mutt:1.3.12 cpe:/a:mutt:mutt:1.3.16 cpe:/a:mutt:mutt:1.3.17 cpe:/a:mutt:mutt:1.3.22 cpe:/a:mutt:mutt:1.3.24 cpe:/a:mutt:mutt:1.3.25 cpe:/a:mutt:mutt:1.3.27 cpe:/a:mutt:mutt:1.4.0 cpe:/a:mutt:mutt:1.5.3 CVE-2003-0140 2003-03-24T00:00:00.000-05:00 2017-10-10T21:29:06.247-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS CONECTIVA CLA-2003:626 CONECTIVA CLA-2003:630 BUGTRAQ 20030320 [OpenPKG-SA-2003.025] OpenPKG Security Advisory (mutt) BUGTRAQ 20030320 CORE-20030304-02: Vulnerability in Mutt Mail User Agent BUGTRAQ 20030322 GLSA: mutt (200303-19) BUGTRAQ 20030430 GLSA: balsa (200304-10) MISC http://www.coresecurity.com/common/showdoc.php?idx=310&idxseccion=10 DEBIAN DSA-268 GENTOO GLSA-200303-19 MANDRAKE MDKSA-2003:041 SUSE SuSE-SA:2003:020 REDHAT RHSA-2003:109 BUGTRAQ 20030319 mutt-1.4.1 fixes a buffer overflow. BID 7120 XF mutt-folder-name-bo(11583) Buffer overflow in Mutt 1.4.0 and possibly earlier versions, 1.5.x up to 1.5.3, and other programs that use Mutt code such as Balsa before 2.0.10, allows a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a crafted folder. cpe:/a:realnetworks:realone_enterprise_desktop:6.0.11.774 cpe:/a:realnetworks:realone_player:2.0 cpe:/a:realnetworks:realone_player:6.0.10.505:gold cpe:/a:realnetworks:realone_player:6.0.11.818 cpe:/a:realnetworks:realone_player:6.0.11.830 cpe:/a:realnetworks:realone_player:6.0.11.841 cpe:/a:realnetworks:realone_player:6.0.11.853 cpe:/a:realnetworks:realone_player:9.0.0.288 cpe:/a:realnetworks:realone_player:9.0.0.297 cpe:/a:realnetworks:realplayer:8.0 CVE-2003-0141 2003-04-02T00:00:00.000-05:00 2016-10-17T22:30:03.217-04:00 5.1 NETWORK HIGH NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS VULNWATCH 20030328 CORE-2003-0306: RealPlayer PNG deflate heap corruption vulnerability BUGTRAQ 20030328 CORE-2003-0306: RealPlayer PNG deflate heap corruption vulnerability MISC http://www.coresecurity.com/common/showdoc.php?idx=311&idxseccion=10 CERT-VN VU#705761 BID 7177 The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memory via a PNG graphic file format containing compressed data using fixed trees that contain the length values 286-287, which are treated as a very large length. cpe:/a:adobe:acrobat_reader:6.0 CVE-2003-0142 2003-08-18T00:00:00.000-04:00 2008-09-05T16:33:35.757-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CERT-VN VU#689835 BUGTRAQ 20030708 Adobe Acrobat and PDF security: no improvements for 2 years Adobe Acrobat Reader (acroread) 6, under certain circumstances when running with the "Certified plug-ins only" option disabled, loads plug-ins with signatures used for older versions of Acrobat, which can allow attackers to cause Acrobat to enter Certified mode and run untrusted plugins by modifying the CTIsCertifiedMode function. cpe:/a:qualcomm:qpopper:4.0.1 cpe:/a:qualcomm:qpopper:4.0.2 cpe:/a:qualcomm:qpopper:4.0.3 cpe:/a:qualcomm:qpopper:4.0.4 CVE-2003-0143 2003-03-18T00:00:00.000-05:00 2017-10-09T21:30:14.593-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030310 QPopper 4.0.x buffer overflow vulnerability BUGTRAQ 20030312 Re: QPopper 4.0.x buffer overflow vulnerability BUGTRAQ 20030314 [OpenPKG-SA-2003.018] OpenPKG Security Advisory (qpopper) GENTOO GLSA-200303-12 DEBIAN DSA-259 SUSE SuSE-SA:2003:018 BID 7058 XF qpopper-popmsg-macroname-bo(11516) The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which could allow authenticated users to execute arbitrary code via a buffer overflow in a mdef command with a long macro name. cpe:/a:lprold:lprold:3.0.48 cpe:/o:bsd:lpr:0.48 cpe:/o:bsd:lpr:2000-05-07 cpe:/o:freebsd:freebsd:2.2 cpe:/o:freebsd:freebsd:2.2.2 cpe:/o:freebsd:freebsd:2.2.3 cpe:/o:freebsd:freebsd:2.2.4 cpe:/o:freebsd:freebsd:2.2.5 cpe:/o:freebsd:freebsd:2.2.6 cpe:/o:openbsd:openbsd:2.0 cpe:/o:openbsd:openbsd:2.1 cpe:/o:openbsd:openbsd:2.2 cpe:/o:openbsd:openbsd:2.3 cpe:/o:openbsd:openbsd:2.4 cpe:/o:openbsd:openbsd:2.5 cpe:/o:openbsd:openbsd:2.6 cpe:/o:openbsd:openbsd:2.7 cpe:/o:openbsd:openbsd:2.8 cpe:/o:openbsd:openbsd:2.9 cpe:/o:openbsd:openbsd:3.0 cpe:/o:openbsd:openbsd:3.1 cpe:/o:openbsd:openbsd:3.2 CVE-2003-0144 2003-03-31T00:00:00.000-05:00 2017-07-10T21:29:27.900-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CONFIRM ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/010_lprm.patch SGI 20030406-02-P BUGTRAQ 20030305 potential buffer overflow in lprm (fwd) BUGTRAQ 20030308 OpenBSD lprm(1) exploit DEBIAN DSA-267 DEBIAN DSA-275 MANDRAKE MDKSA-2003:059 SUSE SuSE-SA:2003:0014 BID 7025 XF lprm-bo(11473) Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via long command line arguments such as (1) request ID or (2) user name. cpe:/a:lbl:tcpdump:3.5.2 cpe:/a:lbl:tcpdump:3.6.2 cpe:/a:lbl:tcpdump:3.7 cpe:/a:lbl:tcpdump:3.7.1 CVE-2003-0145 2003-03-31T00:00:00.000-05:00 2017-10-09T21:30:14.640-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov DEBIAN DSA-261 MANDRAKE MDKSA-2003:027 REDHAT RHSA-2003:032 REDHAT RHSA-2003:151 REDHAT RHSA-2003:214 CONFIRM http://www.tcpdump.org/tcpdump-changes.txt XF tcpdump-radius-attribute-dos(11857) Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle unknown RADIUS attributes properly," allows remote attackers to cause a denial of service (infinite loop), a different vulnerability than CAN-2003-0093. cpe:/a:netpbm:netpbm:9.20 CVE-2003-0146 2003-03-31T00:00:00.000-05:00 2017-07-10T21:29:27.947-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONECTIVA CLSA-2003:656 BUGTRAQ 20030228 NetPBM, multiple vulnerabilities DEBIAN DSA-263 CERT-VN VU#630433 REDHAT RHSA-2003:060 BID 6979 XF netpbm-multiple-bo(11463) Multiple vulnerabilities in NetPBM 9.20 and earlier, and possibly other versions, may allow remote attackers to cause a denial of service or execute arbitrary code via "maths overflow errors" such as (1) integer signedness errors or (2) integer overflows, which lead to buffer overflows. cpe:/a:openpkg:openpkg cpe:/a:openpkg:openpkg:1.1 cpe:/a:openpkg:openpkg:1.2 cpe:/a:openssl:openssl:0.9.6 cpe:/a:openssl:openssl:0.9.6a cpe:/a:openssl:openssl:0.9.6b cpe:/a:openssl:openssl:0.9.6c cpe:/a:openssl:openssl:0.9.6d cpe:/a:openssl:openssl:0.9.6e cpe:/a:openssl:openssl:0.9.6g cpe:/a:openssl:openssl:0.9.6h cpe:/a:openssl:openssl:0.9.6i cpe:/a:openssl:openssl:0.9.7 cpe:/a:openssl:openssl:0.9.7a cpe:/a:stunnel:stunnel:3.7 cpe:/a:stunnel:stunnel:3.8 cpe:/a:stunnel:stunnel:3.9 cpe:/a:stunnel:stunnel:3.10 cpe:/a:stunnel:stunnel:3.11 cpe:/a:stunnel:stunnel:3.12 cpe:/a:stunnel:stunnel:3.13 cpe:/a:stunnel:stunnel:3.14 cpe:/a:stunnel:stunnel:3.15 cpe:/a:stunnel:stunnel:3.16 cpe:/a:stunnel:stunnel:3.17 cpe:/a:stunnel:stunnel:3.18 cpe:/a:stunnel:stunnel:3.19 cpe:/a:stunnel:stunnel:3.20 cpe:/a:stunnel:stunnel:3.21 cpe:/a:stunnel:stunnel:3.22 cpe:/a:stunnel:stunnel:4.0 cpe:/a:stunnel:stunnel:4.01 cpe:/a:stunnel:stunnel:4.02 cpe:/a:stunnel:stunnel:4.03 cpe:/a:stunnel:stunnel:4.04 CVE-2003-0147 2003-03-31T00:00:00.000-05:00 2018-10-19T11:29:26.540-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov CALDERA CSSA-2003-014.0 SGI 20030501-01-I VULNWATCH 20030313 OpenSSL Private Key Disclosure MISC http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf CONECTIVA CLA-2003:625 BUGTRAQ 20030313 Vulnerability in OpenSSL BUGTRAQ 20030317 [ADVISORY] Timing Attack on OpenSSL BUGTRAQ 20030320 [OpenPKG-SA-2003.026] OpenPKG Security Advisory (openssl) GENTOO GLSA-200303-15 GENTOO GLSA-200303-24 DEBIAN DSA-288 GENTOO GLSA-200303-23 CERT-VN VU#997481 MANDRAKE MDKSA-2003:035 OPENPKG OpenPKG-SA-2003.019 CONFIRM http://www.openssl.org/news/secadv_20030317.txt REDHAT RHSA-2003:101 REDHAT RHSA-2003:102 BUGTRAQ 20030325 Fwd: APPLE-SA-2003-03-24 Samba, OpenSSL IMMUNIX IMNX-2003-7+-001-01 OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms ("Karatsuba" and normal). cpe:/a:mcafee:epolicy_orchestrator:2.0 cpe:/a:mcafee:epolicy_orchestrator:2.5 cpe:/a:mcafee:epolicy_orchestrator:2.5:sp1 cpe:/a:mcafee:epolicy_orchestrator:2.5.1 cpe:/a:mcafee:epolicy_orchestrator:3.0 CVE-2003-0148 2003-08-27T00:00:00.000-04:00 2008-09-10T15:18:05.197-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS ATSTAKE A073103-1 CONFIRM http://www.nai.com/us/promos/mcafee/epo_vulnerabilities.asp The default installation of MSDE via McAfee ePolicy Orchestrator 2.0 through 3.0 allows attackers to execute arbitrary code via a series of steps that (1) obtain the database administrator username and encrypted password in a configuration file from the ePO server using a certain request, (2) crack the password due to weak cryptography, and (3) use the password to pass commands through xp_cmdshell. cpe:/a:mcafee:epolicy_orchestrator:2.0 cpe:/a:mcafee:epolicy_orchestrator:2.5 cpe:/a:mcafee:epolicy_orchestrator:2.5:sp1 cpe:/a:mcafee:epolicy_orchestrator:2.5.1 CVE-2003-0149 2003-08-27T00:00:00.000-04:00 2008-09-10T15:18:05.273-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS ATSTAKE A073103-1 CONFIRM http://www.nai.com/us/promos/mcafee/epo_vulnerabilities.asp Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request containing long parameters. cpe:/a:oracle:mysql:3.23.52 cpe:/a:oracle:mysql:3.23.53 cpe:/a:oracle:mysql:3.23.53a cpe:/a:oracle:mysql:3.23.54 cpe:/a:oracle:mysql:3.23.54a cpe:/a:oracle:mysql:3.23.55 CVE-2003-0150 2003-03-24T00:00:00.000-05:00 2019-10-07T12:41:11.647-04:00 9.0 NETWORK LOW SINGLE_INSTANCE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CONECTIVA CLA-2003:743 BUGTRAQ 20030308 MySQL_user_can_be_changed_to_root? BUGTRAQ 20030310 Re: MySQL user can be changed to root BUGTRAQ 20030318 [OpenPKG-SA-2003.022] OpenPKG Security Advisory (mysql) BUGTRAQ 20030318 GLSA: mysql (200303-14) REDHAT RHSA-2003:094 DEBIAN DSA-303 CERT-VN VU#203897 ENGARDE ESA-20030324-012 MANDRAKE MDKSA-2003:057 REDHAT RHSA-2003:093 BID 7052 XF mysql-datadir-root-privileges(11510) MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf. cpe:/a:bea:weblogic_server:6.0 cpe:/a:bea:weblogic_server:6.0::express cpe:/a:bea:weblogic_server:6.0:sp1 cpe:/a:bea:weblogic_server:6.0:sp1:express cpe:/a:bea:weblogic_server:6.0:sp2 cpe:/a:bea:weblogic_server:6.0:sp2:express cpe:/a:bea:weblogic_server:6.1 cpe:/a:bea:weblogic_server:6.1::express cpe:/a:bea:weblogic_server:6.1:sp1 cpe:/a:bea:weblogic_server:6.1:sp1:express cpe:/a:bea:weblogic_server:6.1:sp2 cpe:/a:bea:weblogic_server:6.1:sp2:express cpe:/a:bea:weblogic_server:6.1:sp3 cpe:/a:bea:weblogic_server:6.1:sp3:express cpe:/a:bea:weblogic_server:6.1:sp4 cpe:/a:bea:weblogic_server:6.1:sp4:express cpe:/a:bea:weblogic_server:7.0 cpe:/a:bea:weblogic_server:7.0::express cpe:/a:bea:weblogic_server:7.0:sp1 cpe:/a:bea:weblogic_server:7.0:sp1:express cpe:/a:bea:weblogic_server:7.0:sp2 cpe:/a:bea:weblogic_server:7.0:sp2:express cpe:/a:bea:weblogic_server:7.0.0.1 cpe:/a:bea:weblogic_server:7.0.0.1::express cpe:/a:bea:weblogic_server:7.0.0.1:sp1 cpe:/a:bea:weblogic_server:7.0.0.1:sp1:express cpe:/a:bea:weblogic_server:7.0.0.1:sp2 cpe:/a:bea:weblogic_server:7.0.0.1:sp2:express CVE-2003-0151 2003-03-24T00:00:00.000-05:00 2016-10-17T22:30:09.873-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONFIRM http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-28.jsp BUGTRAQ 20030317 SPI ADVISORY: Remote Administration of BEA WebLogic Server and Express BUGTRAQ 20030317 S21SEC-011 - Multiple vulnerabilities in BEA WebLogic Server MISC http://www.s21sec.com/en/avisos/s21sec-011-en.txt BID 7122 BID 7124 BEA WebLogic Server and Express 6.0 through 7.0 does not properly restrict access to certain internal servlets that perform administrative functions, which allows remote attackers to read arbitrary files or execute arbitrary code. cpe:/a:mozilla:bonsai:1.3 CVE-2003-0152 2003-04-02T00:00:00.000-05:00 2008-09-05T16:33:37.443-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_USER_ACCESS DEBIAN DSA-265 BID 7162 Unknown vulnerability in bonsai Mozilla CVS query tool allows remote attackers to execute arbitrary commands as the www-data user. cpe:/a:mozilla:bonsai:1.3 CVE-2003-0153 2003-04-02T00:00:00.000-05:00 2017-07-10T21:29:28.057-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov CONFIRM http://bugzilla.mozilla.org/show_bug.cgi?id=187230 BUGTRAQ 20020819 Advisory: Bonsai XSS and Physical Path Revealing Vulnerabilities DEBIAN DSA-265 BID 5517 XF bonsai-path-disclosure(9921) bonsai Mozilla CVS query tool leaks the absolute pathname of the tool in certain error messages generated by (1) cvslog.cgi, (2) cvsview2.cgi, or (3) multidiff.cgi. cpe:/a:mozilla:bonsai:1.3 CVE-2003-0154 2003-04-02T00:00:00.000-05:00 2016-10-17T22:30:12.153-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONFIRM http://bugzilla.mozilla.org/attachment.cgi?id=95950&action=view CONFIRM http://bugzilla.mozilla.org/attachment.cgi?id=95985&action=view MISC http://bugzilla.mozilla.org/show_bug.cgi?id=146244 CONFIRM http://bugzilla.mozilla.org/show_bug.cgi?id=163573 BUGTRAQ 20020819 Advisory: Bonsai XSS and Physical Path Revealing Vulnerabilities DEBIAN DSA-265 XF bonsai-error-message-xss(9920) BID 5516 Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query tool allow remote attackers to execute arbitrary web script via (1) the file, root, or rev parameters to cvslog.cgi, (2) the file or root parameters to cvsblame.cgi, (3) various parameters to cvsquery.cgi, (4) the person parameter to showcheckins.cgi, (5) the module parameter to cvsqueryform.cgi, and (6) possibly other attack vectors as identified by Mozilla bug #146244. cpe:/a:mozilla:bonsai:1.3 CVE-2003-0155 2003-04-02T00:00:00.000-05:00 2008-09-05T16:33:37.863-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 DEBIAN DSA-265 BID 7163 bonsai Mozilla CVS query tool allows remote attackers to gain access to the parameters page without authentication. cpe:/a:cross_referencer:lxr:0.3 cpe:/a:cross_referencer:lxr:0.8 cpe:/a:cross_referencer:lxr:0.9 cpe:/a:cross_referencer:lxr:0.9.1 cpe:/a:cross_referencer:lxr:0.9.2 CVE-2003-0156 2003-03-24T00:00:00.000-05:00 2016-10-17T22:30:13.200-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030311 Cross-Referencing Linux vulnerability DEBIAN DSA-264 BID 7062 Directory traversal vulnerability in Cross-Referencing Linux (LXR) allows remote attackers to read arbitrary files via .. (dot dot) sequences in the v parameter. CVE-2003-0157 2003-03-24T00:00:00.000-05:00 2008-09-10T15:18:08.460-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0138. Reason: This candidate is a reservation duplicate of CVE-2003-0138 due to incomplete coordination. Notes: All CVE users should reference CVE-2003-0138 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. CVE-2003-0158 2003-03-24T00:00:00.000-05:00 2008-09-10T15:18:08.710-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0139. Reason: This candidate is a reservation duplicate of CVE-2003-0139 due to incomplete coordination. Notes: All CVE users should reference CVE-2003-0139 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. cpe:/a:ethereal_group:ethereal:0.8.18 cpe:/a:ethereal_group:ethereal:0.9.0 cpe:/a:ethereal_group:ethereal:0.9.1 cpe:/a:ethereal_group:ethereal:0.9.2 cpe:/a:ethereal_group:ethereal:0.9.3 cpe:/a:ethereal_group:ethereal:0.9.4 cpe:/a:ethereal_group:ethereal:0.9.5 cpe:/a:ethereal_group:ethereal:0.9.6 cpe:/a:ethereal_group:ethereal:0.9.7 cpe:/a:ethereal_group:ethereal:0.9.8 cpe:/a:ethereal_group:ethereal:0.9.9 CVE-2003-0159 2003-04-02T00:00:00.000-05:00 2017-10-10T21:29:06.370-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030309 GLSA: ethereal (200303-10) CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00008.html MANDRAKE MDKSA-2003:051 SUSE SuSE-SA:2003:019 REDHAT RHSA-2003:077 BID 7050 Heap-based buffer overflow in the NTLMSSP code for Ethereal 0.9.9 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code. cpe:/a:squirrelmail:squirrelmail:1.2.11 CVE-2003-0160 2003-04-02T00:00:00.000-05:00 2017-10-10T21:29:06.433-04:00 5.8 NETWORK MEDIUM NONE PARTIAL PARTIAL NONE http://nvd.nist.gov CONFIRM http://sourceforge.net/mailarchive/forum.php?thread_id=1641953&forum_id=1988 REDHAT RHSA-2003:112 Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail before 1.2.11 allow remote attackers to inject arbitrary HTML code and steal information from a client's web browser. cpe:/a:sendmail:sendmail:2.6 cpe:/a:sendmail:sendmail:2.6.1 cpe:/a:sendmail:sendmail:2.6.2 cpe:/a:sendmail:sendmail:3.0 cpe:/a:sendmail:sendmail:3.0.1 cpe:/a:sendmail:sendmail:3.0.2 cpe:/a:sendmail:sendmail:3.0.3 cpe:/a:sendmail:sendmail:8.9.0 cpe:/a:sendmail:sendmail:8.9.1 cpe:/a:sendmail:sendmail:8.9.2 cpe:/a:sendmail:sendmail:8.9.3 cpe:/a:sendmail:sendmail:8.10 cpe:/a:sendmail:sendmail:8.10.1 cpe:/a:sendmail:sendmail:8.10.2 cpe:/a:sendmail:sendmail:8.11.0 cpe:/a:sendmail:sendmail:8.11.1 cpe:/a:sendmail:sendmail:8.11.2 cpe:/a:sendmail:sendmail:8.11.3 cpe:/a:sendmail:sendmail:8.11.4 cpe:/a:sendmail:sendmail:8.11.5 cpe:/a:sendmail:sendmail:8.11.6 cpe:/a:sendmail:sendmail:8.12:beta10 cpe:/a:sendmail:sendmail:8.12:beta12 cpe:/a:sendmail:sendmail:8.12:beta16 cpe:/a:sendmail:sendmail:8.12:beta5 cpe:/a:sendmail:sendmail:8.12:beta7 cpe:/a:sendmail:sendmail:8.12.0 cpe:/a:sendmail:sendmail:8.12.1 cpe:/a:sendmail:sendmail:8.12.2 cpe:/a:sendmail:sendmail:8.12.3 cpe:/a:sendmail:sendmail:8.12.4 cpe:/a:sendmail:sendmail:8.12.5 cpe:/a:sendmail:sendmail:8.12.6 cpe:/a:sendmail:sendmail:8.12.7 cpe:/a:sendmail:sendmail:8.12.8 cpe:/a:sendmail:sendmail_switch:2.1 cpe:/a:sendmail:sendmail_switch:2.1.1 cpe:/a:sendmail:sendmail_switch:2.1.2 cpe:/a:sendmail:sendmail_switch:2.1.3 cpe:/a:sendmail:sendmail_switch:2.1.4 cpe:/a:sendmail:sendmail_switch:2.1.5 cpe:/a:sendmail:sendmail_switch:2.2 cpe:/a:sendmail:sendmail_switch:2.2.1 cpe:/a:sendmail:sendmail_switch:2.2.2 cpe:/a:sendmail:sendmail_switch:2.2.3 cpe:/a:sendmail:sendmail_switch:2.2.4 cpe:/a:sendmail:sendmail_switch:2.2.5 cpe:/a:sendmail:sendmail_switch:3.0 cpe:/a:sendmail:sendmail_switch:3.0.1 cpe:/a:sendmail:sendmail_switch:3.0.2 cpe:/a:sendmail:sendmail_switch:3.0.3 cpe:/o:compaq:tru64:4.0b cpe:/o:compaq:tru64:4.0d cpe:/o:compaq:tru64:4.0d_pk9_bl17 cpe:/o:compaq:tru64:4.0f cpe:/o:compaq:tru64:4.0f_pk6_bl17 cpe:/o:compaq:tru64:4.0f_pk7_bl18 cpe:/o:compaq:tru64:4.0g cpe:/o:compaq:tru64:4.0g_pk3_bl17 cpe:/o:compaq:tru64:5.0 cpe:/o:compaq:tru64:5.0_pk4_bl17 cpe:/o:compaq:tru64:5.0_pk4_bl18 cpe:/o:compaq:tru64:5.0a cpe:/o:compaq:tru64:5.0a_pk3_bl17 cpe:/o:compaq:tru64:5.0f cpe:/o:compaq:tru64:5.1 cpe:/o:compaq:tru64:5.1_pk3_bl17 cpe:/o:compaq:tru64:5.1_pk4_bl18 cpe:/o:compaq:tru64:5.1_pk5_bl19 cpe:/o:compaq:tru64:5.1_pk6_bl20 cpe:/o:compaq:tru64:5.1a cpe:/o:compaq:tru64:5.1a_pk1_bl1 cpe:/o:compaq:tru64:5.1a_pk2_bl2 cpe:/o:compaq:tru64:5.1a_pk3_bl3 cpe:/o:compaq:tru64:5.1b cpe:/o:compaq:tru64:5.1b_pk1_bl1 cpe:/o:hp:hp-ux:10.00 cpe:/o:hp:hp-ux:10.01 cpe:/o:hp:hp-ux:10.08 cpe:/o:hp:hp-ux:10.09 cpe:/o:hp:hp-ux:10.10 cpe:/o:hp:hp-ux:10.16 cpe:/o:hp:hp-ux:10.20 cpe:/o:hp:hp-ux:10.24 cpe:/o:hp:hp-ux:10.26 cpe:/o:hp:hp-ux:10.30 cpe:/o:hp:hp-ux:10.34 cpe:/o:hp:hp-ux:11.00 cpe:/o:hp:hp-ux:11.0.4 cpe:/o:hp:hp-ux:11.11 cpe:/o:hp:hp-ux:11.20 cpe:/o:hp:hp-ux:11.22 cpe:/o:hp:hp-ux_series_700:10.20 cpe:/o:hp:hp-ux_series_800:10.20 cpe:/o:hp:sis cpe:/o:sun:solaris:2.4::x86 cpe:/o:sun:solaris:2.5::x86 cpe:/o:sun:solaris:2.5.1::ppc cpe:/o:sun:solaris:2.5.1::x86 cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0::x86 cpe:/o:sun:solaris:9.0:x86_update_2 cpe:/o:sun:sunos:- cpe:/o:sun:sunos:5.4 cpe:/o:sun:sunos:5.5 cpe:/o:sun:sunos:5.5.1 cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-0161 2003-04-02T00:00:00.000-05:00 2018-10-30T12:26:22.763-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CALDERA CSSA-2003-016.0 FREEBSD FreeBSD-SA-03:07 SCO SCOSA-2004.11 SGI 20030401-01-P CONECTIVA CLA-2003:614 CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00028.html FULLDISC 20030329 Sendmail: -1 gone wild BUGTRAQ 20030329 sendmail 8.12.9 available BUGTRAQ 20030329 Sendmail: -1 gone wild BUGTRAQ 20030330 [OpenPKG-SA-2003.027] OpenPKG Security Advisory (sendmail) SUNALERT 52620 SUNALERT 52700 SUNALERT 1001088 CERT CA-2003-12 DEBIAN DSA-278 DEBIAN DSA-290 GENTOO GLSA-200303-27 CERT-VN VU#897604 REDHAT RHSA-2003:120 REDHAT RHSA-2003:121 BUGTRAQ 20030331 GLSA: sendmail (200303-27) BUGTRAQ 20030401 Immunix Secured OS 7+ openssl update BUGTRAQ 20030520 [Fwd: 127 Research and Development: 127 Day!] BID 7230 The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337. cpe:/a:ecartis:ecartis:1.0.0_snapshot_2002-10-13 CVE-2003-0162 2003-04-02T00:00:00.000-05:00 2017-07-10T21:29:28.117-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030227 Ecardis Password Reseting Vulnerability BUGTRAQ 20030303 Re: Ecardis Password Reseting Vulnerability DEBIAN DSA-271 BID 6971 XF ecartis-password-reset(11431) Ecartis 1.0.0 (formerly listar) before snapshot 20030227 allows remote attackers to reset passwords of other users and gain privileges by modifying hidden form fields in the HTML page. cpe:/a:gaim-encryption:gaim-encryption:1.13 cpe:/a:gaim-encryption:gaim-encryption:1.14 cpe:/a:gaim-encryption:gaim-encryption:1.15 CVE-2003-0163 2003-05-05T00:00:00.000-04:00 2016-10-17T22:30:17.873-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030412 R7-0013: Heap Corruption in Gaim-Encryption Plugin MISC http://www.rapid7.com/advisories/R7-0013.html BID 7182 decrypt_msg for the Gaim-Encryption GAIM plugin 1.15 and earlier does not properly validate a message length parameter, which allows remote attackers to cause a denial of service (crash) via a negative length, which overwrites arbitrary heap memory with a zero byte. cpe:/a:gnome:eog:1.0.0 cpe:/a:gnome:eog:1.0.1 cpe:/a:gnome:eog:1.0.2 cpe:/a:gnome:eog:1.0.3 cpe:/a:gnome:eog:1.0.4 cpe:/a:gnome:eog:1.1.1 cpe:/a:gnome:eog:1.1.2 cpe:/a:gnome:eog:1.1.3 cpe:/a:gnome:eog:1.1.4 cpe:/a:gnome:eog:2.2.0 CVE-2003-0165 2003-04-02T00:00:00.000-05:00 2017-10-10T21:29:06.510-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS VULNWATCH 20030328 Vulnerability in GNOME's Eye of Gnome BUGTRAQ 20030328 CORE-2003-0304-03: Vulnerability in GNOME's Eye of Gnome MISC http://www.coresecurity.com/common/showdoc.php?idx=312&idxseccion=10 CERT-VN VU#363001 MANDRAKE MDKSA-2003:048 REDHAT RHSA-2003:128 BID 7121 Format string vulnerability in Eye Of Gnome (EOG) allows attackers to execute arbitrary code via format string specifiers in a command line argument for the file to display. cpe:/a:php:php:4.0 cpe:/a:php:php:4.0.1 cpe:/a:php:php:4.0.2 cpe:/a:php:php:4.0.3 cpe:/a:php:php:4.0.4 cpe:/a:php:php:4.0.5 cpe:/a:php:php:4.0.6 cpe:/a:php:php:4.0.7 cpe:/a:php:php:4.1.0 cpe:/a:php:php:4.1.1 cpe:/a:php:php:4.1.2 cpe:/a:php:php:4.2.0 cpe:/a:php:php:4.2.1 cpe:/a:php:php:4.2.2 cpe:/a:php:php:4.2.3 cpe:/a:php:php:4.3.0 cpe:/a:php:php:4.3.1 CVE-2003-0166 2003-04-02T00:00:00.000-05:00 2018-10-30T12:25:35.387-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONECTIVA CLSA-2003:691 BUGTRAQ 20030326 @(#)Mordred Labs advisory - Integer overflow in PHP memory allocator BUGTRAQ 20030327 RE: FUD-ALARM: @(#)Mordred Labs advisory - Integer overflow in PHP memory allocator BUGTRAQ 20030402 Inaccurate Reports Concerning PHP Vulnerabilities BID 7197 BID 7198 Integer signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfrom, and possibly other functions. cpe:/a:mutt:mutt:1.3.12 cpe:/a:mutt:mutt:1.3.12.1 cpe:/a:mutt:mutt:1.3.16 cpe:/a:mutt:mutt:1.3.17 cpe:/a:mutt:mutt:1.3.22 cpe:/a:mutt:mutt:1.3.24 cpe:/a:mutt:mutt:1.3.25 cpe:/a:mutt:mutt:1.3.27 cpe:/a:mutt:mutt:1.3.28 CVE-2003-0167 2003-04-02T00:00:00.000-05:00 2008-09-05T16:33:39.630-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS DEBIAN DSA-274 DEBIAN DSA-300 BID 7229 Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different vulnerability than CVE-2003-0140. cpe:/a:apple:quicktime:5.0 cpe:/a:apple:quicktime:6.0 CVE-2003-0168 2003-04-02T00:00:00.000-05:00 2018-10-19T11:29:33.167-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030331 iDEFENSE Security Advisory 03.31.03: Buffer Overflow in Windows QuickTime Player CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00027.html MISC http://www.idefense.com/advisory/03.31.03.txt CERT-VN VU#112553 BUGTRAQ 20030401 Fwd: QuickTime 6.1 for Windows is available BUGTRAQ 20030401 iDEFENSE Security Advisory 03.31.03: Buffer Overflow in Windows QuickTime Player BID 7247 XF quicktime-url-bo(11671) Buffer overflow in Apple QuickTime Player 5.x and 6.0 for Windows allows remote attackers to execute arbitrary code via a long QuickTime URL. cpe:/a:hp:instant_toptools:5.04 CVE-2003-0169 2003-04-11T00:00:00.000-04:00 2016-10-17T22:30:21.157-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov VULNWATCH 20030331 [DDI-1012] Malformed request causes denial of service in HP Instant TopTools BUGTRAQ 20030331 [DDI-1012] Malformed request causes denial of service in HP Instant TopTools BID 7246 hpnst.exe in the GoAhead-Webs webserver for HP Instant TopTools before 5.55 allows remote attackers to cause a denial of service (CPU consumption) via a request to hpnst.exe that calls itself, which causes an infinite loop. cpe:/o:ibm:aix:5.2 CVE-2003-0170 2004-03-29T00:00:00.000-05:00 2017-07-10T21:29:28.227-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BID 7346 IBM MSS-OAR-E01-2003.0469.1 AIXAPAR IY42424 XF aix-ftpd-gain-access(11823) Unknown vulnerability in ftpd in IBM AIX 5.2, when configured to use Kerberos 5 for authentication, allows remote attackers to gain privileges via unknown attack vectors. cpe:/o:apple:mac_os_x:10.0 cpe:/o:apple:mac_os_x:10.0.1 cpe:/o:apple:mac_os_x:10.0.2 cpe:/o:apple:mac_os_x:10.0.3 cpe:/o:apple:mac_os_x:10.0.4 cpe:/o:apple:mac_os_x:10.1 cpe:/o:apple:mac_os_x:10.1.1 cpe:/o:apple:mac_os_x:10.1.2 cpe:/o:apple:mac_os_x:10.1.3 cpe:/o:apple:mac_os_x:10.1.4 cpe:/o:apple:mac_os_x:10.1.5 cpe:/o:apple:mac_os_x:10.2 cpe:/o:apple:mac_os_x:10.2.1 cpe:/o:apple:mac_os_x:10.2.2 cpe:/o:apple:mac_os_x:10.2.3 cpe:/o:apple:mac_os_x:10.2.4 cpe:/o:apple:mac_os_x_server:10.0 cpe:/o:apple:mac_os_x_server:10.2 cpe:/o:apple:mac_os_x_server:10.2.1 cpe:/o:apple:mac_os_x_server:10.2.2 cpe:/o:apple:mac_os_x_server:10.2.3 cpe:/o:apple:mac_os_x_server:10.2.4 CVE-2003-0171 2003-05-05T00:00:00.000-04:00 2008-09-10T15:18:10.087-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00028.html ATSTAKE A041003-1 DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program. cpe:/a:php:php:4.3.1 CVE-2003-0172 2003-04-02T00:00:00.000-05:00 2017-07-10T21:29:28.273-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030327 @(#)Mordred Labs advisory - PHP for Win32: buffer overflow in openlog() function BUGTRAQ 20030402 Inaccurate Reports Concerning PHP Vulnerabilities BUGTRAQ 20030327 Re: @(#)Mordred Labs advisory - PHP for Win32: buffer overflow in openlog() function BUGTRAQ 20041222 PHP v4.3.x exploit for Windows. BID 7210 XF php-openlog-stack-bo(11637) Buffer overflow in openlog function for PHP 4.3.1 on Windows operating system, and possibly other OSes, allows remote attackers to cause a crash and possibly execute arbitrary code via a long filename argument. cpe:/a:xfsdump:xfsdump:2.0.0 cpe:/a:xfsdump:xfsdump:2.0.1 cpe:/a:xfsdump:xfsdump:2.0.2 cpe:/a:xfsdump:xfsdump:2.0.3 cpe:/a:xfsdump:xfsdump:2.0.4 cpe:/a:xfsdump:xfsdump:2.0.5 cpe:/o:sgi:irix:6.5 cpe:/o:sgi:irix:6.5.1 cpe:/o:sgi:irix:6.5.2 cpe:/o:sgi:irix:6.5.2f cpe:/o:sgi:irix:6.5.2m cpe:/o:sgi:irix:6.5.3 cpe:/o:sgi:irix:6.5.3f cpe:/o:sgi:irix:6.5.3m cpe:/o:sgi:irix:6.5.4 cpe:/o:sgi:irix:6.5.4f cpe:/o:sgi:irix:6.5.4m cpe:/o:sgi:irix:6.5.5 cpe:/o:sgi:irix:6.5.5f cpe:/o:sgi:irix:6.5.5m cpe:/o:sgi:irix:6.5.6 cpe:/o:sgi:irix:6.5.6f cpe:/o:sgi:irix:6.5.6m cpe:/o:sgi:irix:6.5.7 cpe:/o:sgi:irix:6.5.7f cpe:/o:sgi:irix:6.5.7m cpe:/o:sgi:irix:6.5.8 cpe:/o:sgi:irix:6.5.8f cpe:/o:sgi:irix:6.5.8m cpe:/o:sgi:irix:6.5.9 cpe:/o:sgi:irix:6.5.9f cpe:/o:sgi:irix:6.5.9m cpe:/o:sgi:irix:6.5.10 cpe:/o:sgi:irix:6.5.10f cpe:/o:sgi:irix:6.5.10m cpe:/o:sgi:irix:6.5.11 cpe:/o:sgi:irix:6.5.11f cpe:/o:sgi:irix:6.5.11m cpe:/o:sgi:irix:6.5.12 cpe:/o:sgi:irix:6.5.12f cpe:/o:sgi:irix:6.5.12m cpe:/o:sgi:irix:6.5.13 cpe:/o:sgi:irix:6.5.13f cpe:/o:sgi:irix:6.5.13m cpe:/o:sgi:irix:6.5.14 cpe:/o:sgi:irix:6.5.14f cpe:/o:sgi:irix:6.5.14m cpe:/o:sgi:irix:6.5.15 cpe:/o:sgi:irix:6.5.15f cpe:/o:sgi:irix:6.5.15m cpe:/o:sgi:irix:6.5.16 cpe:/o:sgi:irix:6.5.16f cpe:/o:sgi:irix:6.5.16m cpe:/o:sgi:irix:6.5.17 cpe:/o:sgi:irix:6.5.17f cpe:/o:sgi:irix:6.5.17m cpe:/o:sgi:irix:6.5.18 cpe:/o:sgi:irix:6.5.18f cpe:/o:sgi:irix:6.5.18m cpe:/o:sgi:irix:6.5.19 cpe:/o:sgi:irix:6.5.19f cpe:/o:sgi:irix:6.5.19m CVE-2003-0173 2003-05-05T00:00:00.000-04:00 2008-09-10T15:18:10.320-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS SGI 20030404-01-P DEBIAN DSA-283 CERT-VN VU#111673 MANDRAKE MDKSA-2003:047 xfsdq in xfsdump does not create quota information files securely, which allows local users to gain root privileges. cpe:/o:sgi:irix:6.5 cpe:/o:sgi:irix:6.5.1 cpe:/o:sgi:irix:6.5.2 cpe:/o:sgi:irix:6.5.2f cpe:/o:sgi:irix:6.5.2m cpe:/o:sgi:irix:6.5.3 cpe:/o:sgi:irix:6.5.3f cpe:/o:sgi:irix:6.5.3m cpe:/o:sgi:irix:6.5.4 cpe:/o:sgi:irix:6.5.4f cpe:/o:sgi:irix:6.5.4m cpe:/o:sgi:irix:6.5.5 cpe:/o:sgi:irix:6.5.5f cpe:/o:sgi:irix:6.5.5m cpe:/o:sgi:irix:6.5.6 cpe:/o:sgi:irix:6.5.6f cpe:/o:sgi:irix:6.5.6m cpe:/o:sgi:irix:6.5.7 cpe:/o:sgi:irix:6.5.7f cpe:/o:sgi:irix:6.5.7m cpe:/o:sgi:irix:6.5.8 cpe:/o:sgi:irix:6.5.8f cpe:/o:sgi:irix:6.5.8m cpe:/o:sgi:irix:6.5.9 cpe:/o:sgi:irix:6.5.9f cpe:/o:sgi:irix:6.5.9m cpe:/o:sgi:irix:6.5.10 cpe:/o:sgi:irix:6.5.10f cpe:/o:sgi:irix:6.5.10m cpe:/o:sgi:irix:6.5.11 cpe:/o:sgi:irix:6.5.11f cpe:/o:sgi:irix:6.5.11m cpe:/o:sgi:irix:6.5.12 cpe:/o:sgi:irix:6.5.12f cpe:/o:sgi:irix:6.5.12m cpe:/o:sgi:irix:6.5.13 cpe:/o:sgi:irix:6.5.13f cpe:/o:sgi:irix:6.5.13m cpe:/o:sgi:irix:6.5.14 cpe:/o:sgi:irix:6.5.14f cpe:/o:sgi:irix:6.5.14m cpe:/o:sgi:irix:6.5.15 cpe:/o:sgi:irix:6.5.15f cpe:/o:sgi:irix:6.5.15m cpe:/o:sgi:irix:6.5.16 cpe:/o:sgi:irix:6.5.16f cpe:/o:sgi:irix:6.5.16m cpe:/o:sgi:irix:6.5.17 cpe:/o:sgi:irix:6.5.17f cpe:/o:sgi:irix:6.5.17m cpe:/o:sgi:irix:6.5.18 cpe:/o:sgi:irix:6.5.18f cpe:/o:sgi:irix:6.5.18m cpe:/o:sgi:irix:6.5.19 cpe:/o:sgi:irix:6.5.19f cpe:/o:sgi:irix:6.5.19m CVE-2003-0174 2003-05-12T00:00:00.000-04:00 2017-07-10T21:29:28.337-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS SGI 20030407-01-P CIAC N-084 BID 7442 XF irix-ldap-authentication-bypass(11860) The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could allow attackers to log in without a password. cpe:/o:sgi:irix:6.5 cpe:/o:sgi:irix:6.5.1 cpe:/o:sgi:irix:6.5.2 cpe:/o:sgi:irix:6.5.2f cpe:/o:sgi:irix:6.5.2m cpe:/o:sgi:irix:6.5.3 cpe:/o:sgi:irix:6.5.3f cpe:/o:sgi:irix:6.5.3m cpe:/o:sgi:irix:6.5.4 cpe:/o:sgi:irix:6.5.4f cpe:/o:sgi:irix:6.5.4m cpe:/o:sgi:irix:6.5.5 cpe:/o:sgi:irix:6.5.5f cpe:/o:sgi:irix:6.5.5m cpe:/o:sgi:irix:6.5.6 cpe:/o:sgi:irix:6.5.6f cpe:/o:sgi:irix:6.5.6m cpe:/o:sgi:irix:6.5.7 cpe:/o:sgi:irix:6.5.7f cpe:/o:sgi:irix:6.5.7m cpe:/o:sgi:irix:6.5.8 cpe:/o:sgi:irix:6.5.8f cpe:/o:sgi:irix:6.5.8m cpe:/o:sgi:irix:6.5.9 cpe:/o:sgi:irix:6.5.9f cpe:/o:sgi:irix:6.5.9m cpe:/o:sgi:irix:6.5.10 cpe:/o:sgi:irix:6.5.10f cpe:/o:sgi:irix:6.5.10m cpe:/o:sgi:irix:6.5.11 cpe:/o:sgi:irix:6.5.11f cpe:/o:sgi:irix:6.5.11m cpe:/o:sgi:irix:6.5.12 cpe:/o:sgi:irix:6.5.12f cpe:/o:sgi:irix:6.5.12m cpe:/o:sgi:irix:6.5.13 cpe:/o:sgi:irix:6.5.13f cpe:/o:sgi:irix:6.5.13m cpe:/o:sgi:irix:6.5.14 cpe:/o:sgi:irix:6.5.14f cpe:/o:sgi:irix:6.5.14m cpe:/o:sgi:irix:6.5.15 cpe:/o:sgi:irix:6.5.15f cpe:/o:sgi:irix:6.5.15m cpe:/o:sgi:irix:6.5.16 cpe:/o:sgi:irix:6.5.16f cpe:/o:sgi:irix:6.5.16m cpe:/o:sgi:irix:6.5.17 cpe:/o:sgi:irix:6.5.17f cpe:/o:sgi:irix:6.5.17m cpe:/o:sgi:irix:6.5.18 cpe:/o:sgi:irix:6.5.18f cpe:/o:sgi:irix:6.5.18m cpe:/o:sgi:irix:6.5.19 cpe:/o:sgi:irix:6.5.19f cpe:/o:sgi:irix:6.5.19m cpe:/o:sgi:irix:6.5.20 cpe:/o:sgi:irix:6.5.20f cpe:/o:sgi:irix:6.5.20m CVE-2003-0175 2004-02-03T00:00:00.000-05:00 2017-07-10T21:29:28.400-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SGI 20030603-01-P CERT-VN VU#142228 BID 7868 SECTRACK 1008770 XF irix-piocswatch-ioctl-dos(12241) SGI IRIX before 6.5.21 allows local users to cause a denial of service (kernel panic) via a certain call to the PIOCSWATCH ioctl. cpe:/o:sgi:irix:6.5.1 cpe:/o:sgi:irix:6.5.2 cpe:/o:sgi:irix:6.5.3 cpe:/o:sgi:irix:6.5.4 cpe:/o:sgi:irix:6.5.5 cpe:/o:sgi:irix:6.5.6 cpe:/o:sgi:irix:6.5.7 cpe:/o:sgi:irix:6.5.8 cpe:/o:sgi:irix:6.5.9 cpe:/o:sgi:irix:6.5.10 cpe:/o:sgi:irix:6.5.11 cpe:/o:sgi:irix:6.5.12 cpe:/o:sgi:irix:6.5.13 cpe:/o:sgi:irix:6.5.14 cpe:/o:sgi:irix:6.5.15f cpe:/o:sgi:irix:6.5.15m cpe:/o:sgi:irix:6.5.16f cpe:/o:sgi:irix:6.5.16m cpe:/o:sgi:irix:6.5.17f cpe:/o:sgi:irix:6.5.17m cpe:/o:sgi:irix:6.5.18f cpe:/o:sgi:irix:6.5.18m cpe:/o:sgi:irix:6.5.19f cpe:/o:sgi:irix:6.5.19m cpe:/o:sgi:irix:6.5.20f cpe:/o:sgi:irix:6.5.20m CVE-2003-0176 2003-08-18T00:00:00.000-04:00 2008-09-05T16:33:41.363-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 SGI 20030701-01-P The Name Service Daemon (nsd), when running on an NIS master on SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via a UDP port scan. cpe:/o:sgi:irix:6.5.1 cpe:/o:sgi:irix:6.5.2 cpe:/o:sgi:irix:6.5.3 cpe:/o:sgi:irix:6.5.4 cpe:/o:sgi:irix:6.5.5 cpe:/o:sgi:irix:6.5.6 cpe:/o:sgi:irix:6.5.7 cpe:/o:sgi:irix:6.5.8 cpe:/o:sgi:irix:6.5.9 cpe:/o:sgi:irix:6.5.10 cpe:/o:sgi:irix:6.5.11 cpe:/o:sgi:irix:6.5.12 cpe:/o:sgi:irix:6.5.13 cpe:/o:sgi:irix:6.5.14 cpe:/o:sgi:irix:6.5.15f cpe:/o:sgi:irix:6.5.15m cpe:/o:sgi:irix:6.5.16f cpe:/o:sgi:irix:6.5.16m cpe:/o:sgi:irix:6.5.17f cpe:/o:sgi:irix:6.5.17m cpe:/o:sgi:irix:6.5.18f cpe:/o:sgi:irix:6.5.18m cpe:/o:sgi:irix:6.5.19f cpe:/o:sgi:irix:6.5.19m cpe:/o:sgi:irix:6.5.20f cpe:/o:sgi:irix:6.5.20m CVE-2003-0177 2003-08-18T00:00:00.000-04:00 2008-09-05T16:33:41.550-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS SGI 20030701-01-P SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, does not follow "-" entries in the /etc/group file, which may cause subsequent group membership entries to be processed inadvertently. cpe:/a:ibm:lotus_domino_web_server:6.0 CVE-2003-0178 2003-04-02T00:00:00.000-05:00 2017-07-10T21:29:28.477-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a) VULNWATCH 20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b) VULNWATCH 20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c) BUGTRAQ 20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b) BUGTRAQ 20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a) BUGTRAQ 20030217 Domino Advisories UPDATE NTBUGTRAQ 20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a) NTBUGTRAQ 20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b) NTBUGTRAQ 20030217 Domino Advisories UPDATE CERT CA-2003-11 CIAC N-065 CERT-VN VU#206361 CERT-VN VU#542873 CERT-VN VU#772817 MISC http://www.nextgenss.com/advisories/lotus-hostlocbo.txt MISC http://www.nextgenss.com/advisories/lotus-inotesoflow.txt BID 6870 BID 6871 XF lotus-domino-inotes-bo(11336) XF lotus-domino-hostname-bo(11337) Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for iNotes, or (3) a long Host header, which is inserted into a long Location header and used during a redirect operation. cpe:/a:ibm:lotus_domino_web_server:6.0 cpe:/a:ibm:lotus_notes_client:6.0 CVE-2003-0179 2003-04-02T00:00:00.000-05:00 2017-07-10T21:29:28.570-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS VULNWATCH 20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c) BUGTRAQ 20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c) BUGTRAQ 20030217 Domino Advisories UPDATE NTBUGTRAQ 20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c) NTBUGTRAQ 20030217 Domino Advisories UPDATE CERT CA-2003-11 CIAC N-065 CERT-VN VU#571297 MISC http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt BID 6872 CONFIRM http://www-1.ibm.com/support/docview.wss?uid=swg21104543 XF lotus-notes-activex-bo(11339) Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control. cpe:/a:ibm:lotus_domino_web_server:6.0 CVE-2003-0180 2003-04-02T00:00:00.000-05:00 2017-07-10T21:29:28.633-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov VULNWATCH 20030218 More Lotus Domino Advisories CERT CA-2003-11 CIAC N-065 CERT-VN VU#355169 MISC http://www.nextgenss.com/advisories/lotus-60dos.txt BID 6951 CONFIRM http://www-1.ibm.com/support/docview.wss?uid=swg21104528 XF lotus-incomplete-post-dos(11360) Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via an incomplete POST request, as demonstrated using the h_PageUI form. cpe:/a:ibm:lotus_domino_web_server:6.0 CVE-2003-0181 2003-04-02T00:00:00.000-05:00 2017-07-10T21:29:28.697-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov VULNWATCH 20030218 More Lotus Domino Advisories CERT CA-2003-11 MISC http://www.nextgenss.com/advisories/lotus-60dos.txt BID 6951 CONFIRM http://www-1.ibm.com/support/docview.wss?uid=swg21104528 XF lotus-invalid-field-dos(11361) Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via a "Fictionary Value Field POST request" as demonstrated using the s_Validation form with a long, unknown parameter name. cpe:/o:linux:linux_kernel:2.4.20 CVE-2003-0187 2003-08-27T00:00:00.000-04:00 2017-10-10T21:29:06.573-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030802 [SECURITY] Netfilter Security Advisory: Conntrack list_del() DoS The connection tracking core of Netfilter for Linux 2.4.20, with CONFIG_IP_NF_CONNTRACK enabled or the ip_conntrack module loaded, allows remote attackers to cause a denial of service (resource consumption) due to an inconsistency with Linux 2.4.20's support of linked lists, which causes Netfilter to fail to identify connections with an UNCONFIRMED status and use large timeouts. cpe:/a:lv:lv:4.49.1 cpe:/a:lv:lv:4.49.2 cpe:/a:lv:lv:4.49.3 cpe:/a:lv:lv:4.49.4 cpe:/a:redhat:lv:4.49.4-1::i386 cpe:/a:redhat:lv:4.49.4-3::i386 cpe:/a:redhat:lv:4.49.4-7::i386 cpe:/a:redhat:lv:4.49.4-9::i386 cpe:/o:redhat:linux:7.1 cpe:/o:redhat:linux:7.2 cpe:/o:redhat:linux:7.3 cpe:/o:redhat:linux:8.0 cpe:/o:redhat:linux:9.0::i386 CVE-2003-0188 2003-06-09T00:00:00.000-04:00 2017-10-10T21:29:06.637-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS DEBIAN DSA-304 REDHAT RHSA-2003:167 REDHAT RHSA-2003:169 TURBO TLSA-2003-35 lv reads a .lv file from the current working directory, which allows local users to execute arbitrary commands as other lv users by placing malicious .lv files into other directories. cpe:/a:apache:http_server:2.0.40 cpe:/a:apache:http_server:2.0.41 cpe:/a:apache:http_server:2.0.42 cpe:/a:apache:http_server:2.0.43 cpe:/a:apache:http_server:2.0.44 cpe:/a:apache:http_server:2.0.45 CVE-2003-0189 2003-06-09T00:00:00.000-04:00 2017-07-10T21:29:28.760-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONECTIVA CLA-2003:661 BUGTRAQ 20030528 [SECURITY] [ANNOUNCE] Apache 2.0.46 released CONFIRM http://www.apache.org/dist/httpd/Announcement2.html CERT-VN VU#479268 REDHAT RHSA-2003:186 BID 7725 XF apache-aprpasswordvalidate-dos(12091) MLIST [httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html MLIST [httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial of service (failed Basic authentication with valid usernames and passwords) when a threaded MPM is used. cpe:/a:openbsd:openssh:3.4p1 cpe:/a:openbsd:openssh:3.6.1p1 CVE-2003-0190 2003-05-12T00:00:00.000-04:00 2017-10-10T21:29:06.700-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov MISC http://lab.mediaservice.net/advisory/2003-01-openssh.txt FULLDISC 20030430 OpenSSH/PAM timing attack allows remote users identification BUGTRAQ 20030430 OpenSSH/PAM timing attack allows remote users identification BUGTRAQ 20030806 [OpenPKG-SA-2003.035] OpenPKG Security Advisory (openssh) REDHAT RHSA-2003:222 REDHAT RHSA-2003:224 BID 7467 TURBO TLSA-2003-31 OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an error message when a user does not exist, which allows remote attackers to determine valid usernames via a timing attack. cpe:/a:apache:http_server:2.0 cpe:/a:apache:http_server:2.0.28 cpe:/a:apache:http_server:2.0.32 cpe:/a:apache:http_server:2.0.35 cpe:/a:apache:http_server:2.0.36 cpe:/a:apache:http_server:2.0.37 cpe:/a:apache:http_server:2.0.38 cpe:/a:apache:http_server:2.0.39 cpe:/a:apache:http_server:2.0.40 cpe:/a:apache:http_server:2.0.41 cpe:/a:apache:http_server:2.0.42 cpe:/a:apache:http_server:2.0.43 cpe:/a:apache:http_server:2.0.44 cpe:/a:apache:http_server:2.0.45 cpe:/a:apache:http_server:2.0.46 CVE-2003-0192 2003-08-18T00:00:00.000-04:00 2018-05-02T21:29:19.850-04:00 6.4 NETWORK LOW NONE NONE PARTIAL PARTIAL http://nvd.nist.gov SCO SCOSA-2004.6 BUGTRAQ 20030709 [ANNOUNCE][SECURITY] Apache 2.0.47 released MANDRAKE MDKSA-2003:075 REDHAT RHSA-2003:240 REDHAT RHSA-2003:243 REDHAT RHSA-2003:244 MLIST [httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html MLIST [httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html Apache 2 before 2.0.47, and certain versions of mod_ssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which could cause Apache to use the weak ciphersuite. cpe:/a:catdoc:catdoc:0.91 CVE-2003-0193 2004-08-18T00:00:00.000-04:00 2017-07-10T21:29:28.820-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=183525 DEBIAN DSA-575 BID 11560 XF catdoc-xlsview-symlink(16335) msxlsview.sh in xlsview for catdoc 0.91 and earlier allows local users to overwrite arbitrary files via a symlink attack on predictable temporary file names ("word$$.html"). cpe:/a:redhat:tcpdump:3.4-39::i386 cpe:/a:redhat:tcpdump:3.6.2-9::i386 cpe:/a:redhat:tcpdump:3.6.2-9::ia64 cpe:/a:redhat:tcpdump:3.6.2-12::i386 cpe:/a:redhat:tcpdump:3.6.3-3::i386 cpe:/a:redhat:tcpdump:3.7.2-1::i386 cpe:/o:redhat:linux:7.1 cpe:/o:redhat:linux:7.2 cpe:/o:redhat:linux:7.3 cpe:/o:redhat:linux:8.0 cpe:/o:redhat:linux:9.0::i386 CVE-2003-0194 2003-06-09T00:00:00.000-04:00 2008-09-05T16:33:43.270-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_USER_ACCESS REDHAT RHSA-2003:151 REDHAT RHSA-2003:174 tcpdump does not properly drop privileges to the pcap user when starting up. cpe:/o:slackware:slackware_linux:8.1 cpe:/o:slackware:slackware_linux:9.0 CVE-2003-0195 2003-06-16T00:00:00.000-04:00 2017-10-10T21:29:06.760-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONECTIVA CLSA-2003:678 BUGTRAQ 20030529 [slackware-security] CUPS DoS vulnerability fixed (SSA:2003-149-01) DEBIAN DSA-317 MANDRAKE MDKSA-2003:062 SUSE SuSE-SA:2003:028 REDHAT RHSA-2003:171 BID 7637 TURBO TLSA-2003-33 CUPS before 1.1.19 allows remote attackers to cause a denial of service via a partial printing request to the IPP port (631), which does not time out. cpe:/a:hp:cifs-9000_server:a.01.05 cpe:/a:hp:cifs-9000_server:a.01.06 cpe:/a:hp:cifs-9000_server:a.01.07 cpe:/a:hp:cifs-9000_server:a.01.08 cpe:/a:hp:cifs-9000_server:a.01.08.01 cpe:/a:hp:cifs-9000_server:a.01.09 cpe:/a:hp:cifs-9000_server:a.01.09.01 cpe:/a:hp:cifs-9000_server:a.01.09.02 cpe:/a:samba:samba:2.0.0 cpe:/a:samba:samba:2.0.1 cpe:/a:samba:samba:2.0.2 cpe:/a:samba:samba:2.0.3 cpe:/a:samba:samba:2.0.4 cpe:/a:samba:samba:2.0.5 cpe:/a:samba:samba:2.0.6 cpe:/a:samba:samba:2.0.7 cpe:/a:samba:samba:2.0.8 cpe:/a:samba:samba:2.0.9 cpe:/a:samba:samba:2.0.10 cpe:/a:samba:samba:2.2.0 cpe:/a:samba:samba:2.2.0a cpe:/a:samba:samba:2.2.1a cpe:/a:samba:samba:2.2.2 cpe:/a:samba:samba:2.2.3 cpe:/a:samba:samba:2.2.3a cpe:/a:samba:samba:2.2.4 cpe:/a:samba:samba:2.2.5 cpe:/a:samba:samba:2.2.6 cpe:/a:samba:samba:2.2.7 cpe:/a:samba:samba:2.2.7a cpe:/a:samba:samba:2.2.8 cpe:/a:samba-tng:samba-tng:0.3 cpe:/a:samba-tng:samba-tng:0.3.1 cpe:/o:compaq:tru64:4.0b cpe:/o:compaq:tru64:4.0d cpe:/o:compaq:tru64:4.0d_pk9_bl17 cpe:/o:compaq:tru64:4.0f cpe:/o:compaq:tru64:4.0f_pk6_bl17 cpe:/o:compaq:tru64:4.0f_pk7_bl18 cpe:/o:compaq:tru64:4.0g cpe:/o:compaq:tru64:4.0g_pk3_bl17 cpe:/o:compaq:tru64:5.0 cpe:/o:compaq:tru64:5.0_pk4_bl17 cpe:/o:compaq:tru64:5.0_pk4_bl18 cpe:/o:compaq:tru64:5.0a cpe:/o:compaq:tru64:5.0a_pk3_bl17 cpe:/o:compaq:tru64:5.0f cpe:/o:compaq:tru64:5.1 cpe:/o:compaq:tru64:5.1_pk3_bl17 cpe:/o:compaq:tru64:5.1_pk4_bl18 cpe:/o:compaq:tru64:5.1_pk5_bl19 cpe:/o:compaq:tru64:5.1_pk6_bl20 cpe:/o:compaq:tru64:5.1a cpe:/o:compaq:tru64:5.1a_pk1_bl1 cpe:/o:compaq:tru64:5.1a_pk2_bl2 cpe:/o:compaq:tru64:5.1a_pk3_bl3 cpe:/o:compaq:tru64:5.1b cpe:/o:compaq:tru64:5.1b_pk1_bl1 cpe:/o:hp:hp-ux:10.01 cpe:/o:hp:hp-ux:10.20 cpe:/o:hp:hp-ux:10.24 cpe:/o:hp:hp-ux:11.00 cpe:/o:hp:hp-ux:11.04 cpe:/o:hp:hp-ux:11.11 cpe:/o:hp:hp-ux:11.20 cpe:/o:hp:hp-ux:11.22 cpe:/o:sun:solaris:2.5.1::ppc cpe:/o:sun:solaris:2.5.1::x86 cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0::x86 cpe:/o:sun:sunos:- cpe:/o:sun:sunos:5.5.1 cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-0196 2003-05-05T00:00:00.000-04:00 2018-10-30T12:26:22.763-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030407 [OpenPKG-SA-2003.028] OpenPKG Security Advisory (samba) BUGTRAQ 20030407 Immunix Secured OS 7+ samba update DEBIAN DSA-280 MANDRAKE MDKSA-2003:044 REDHAT RHSA-2003:137 Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201. cpe:/a:borland_software:interbase:6.0 cpe:/a:borland_software:interbase:6.4 cpe:/a:borland_software:interbase:6.5 cpe:/a:firebirdsql:firebird:1.0.2 CVE-2003-0197 2003-04-11T00:00:00.000-04:00 2016-10-17T22:30:32.580-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20030403 SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow BUGTRAQ 20030403 SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow MISC http://www.secnetops.com/research/advisories/SRT2003-04-03-1300.txt Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK). cpe:/o:apple:mac_os_x:10.0 cpe:/o:apple:mac_os_x:10.0.1 cpe:/o:apple:mac_os_x:10.0.2 cpe:/o:apple:mac_os_x:10.0.3 cpe:/o:apple:mac_os_x:10.0.4 cpe:/o:apple:mac_os_x:10.1 cpe:/o:apple:mac_os_x:10.1.1 cpe:/o:apple:mac_os_x:10.1.2 cpe:/o:apple:mac_os_x:10.1.3 cpe:/o:apple:mac_os_x:10.1.4 cpe:/o:apple:mac_os_x:10.1.5 cpe:/o:apple:mac_os_x:10.2.1 cpe:/o:apple:mac_os_x:10.2.2 cpe:/o:apple:mac_os_x:10.2.3 cpe:/o:apple:mac_os_x:10.2.4 cpe:/o:apple:mac_os_x_server:10.0 cpe:/o:apple:mac_os_x_server:10.2 cpe:/o:apple:mac_os_x_server:10.2.1 cpe:/o:apple:mac_os_x_server:10.2.2 cpe:/o:apple:mac_os_x_server:10.2.3 cpe:/o:apple:mac_os_x_server:10.2.4 CVE-2003-0198 2003-05-05T00:00:00.000-04:00 2008-09-10T15:18:13.383-04:00 6.4 NETWORK LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00028.html Mac OS X before 10.2.5 allows guest users to modify the permissions of the DropBox folder and read unauthorized files. CVE-2003-0199 2017-05-11T10:29:00.777-04:00 2017-05-11T10:29:00.777-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. CVE-2003-0200 2017-05-11T10:29:00.807-04:00 2017-05-11T10:29:00.807-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. cpe:/a:hp:cifs-9000_server:a.01.05 cpe:/a:hp:cifs-9000_server:a.01.06 cpe:/a:hp:cifs-9000_server:a.01.07 cpe:/a:hp:cifs-9000_server:a.01.08 cpe:/a:hp:cifs-9000_server:a.01.08.01 cpe:/a:hp:cifs-9000_server:a.01.09 cpe:/a:hp:cifs-9000_server:a.01.09.01 cpe:/a:hp:cifs-9000_server:a.01.09.02 cpe:/a:samba:samba:2.0.0 cpe:/a:samba:samba:2.0.1 cpe:/a:samba:samba:2.0.2 cpe:/a:samba:samba:2.0.3 cpe:/a:samba:samba:2.0.4 cpe:/a:samba:samba:2.0.5 cpe:/a:samba:samba:2.0.6 cpe:/a:samba:samba:2.0.7 cpe:/a:samba:samba:2.0.8 cpe:/a:samba:samba:2.0.9 cpe:/a:samba:samba:2.0.10 cpe:/a:samba:samba:2.2.0 cpe:/a:samba:samba:2.2.0a cpe:/a:samba:samba:2.2.1a cpe:/a:samba:samba:2.2.3a cpe:/a:samba:samba:2.2.4 cpe:/a:samba:samba:2.2.5 cpe:/a:samba:samba:2.2.6 cpe:/a:samba:samba:2.2.7 cpe:/a:samba:samba:2.2.7a cpe:/a:samba:samba:2.2.8 cpe:/a:samba-tng:samba-tng:0.3 cpe:/a:samba-tng:samba-tng:0.3.1 cpe:/o:apple:mac_os_x:10.2 cpe:/o:apple:mac_os_x:10.2.1 cpe:/o:apple:mac_os_x:10.2.2 cpe:/o:apple:mac_os_x:10.2.3 cpe:/o:apple:mac_os_x:10.2.4 cpe:/o:compaq:tru64:4.0b cpe:/o:compaq:tru64:4.0d cpe:/o:compaq:tru64:4.0d_pk9_bl17 cpe:/o:compaq:tru64:4.0f cpe:/o:compaq:tru64:4.0f_pk6_bl17 cpe:/o:compaq:tru64:4.0f_pk7_bl18 cpe:/o:compaq:tru64:4.0g cpe:/o:compaq:tru64:4.0g_pk3_bl17 cpe:/o:compaq:tru64:5.0 cpe:/o:compaq:tru64:5.0_pk4_bl17 cpe:/o:compaq:tru64:5.0_pk4_bl18 cpe:/o:compaq:tru64:5.0a cpe:/o:compaq:tru64:5.0a_pk3_bl17 cpe:/o:compaq:tru64:5.0f cpe:/o:compaq:tru64:5.1 cpe:/o:compaq:tru64:5.1_pk3_bl17 cpe:/o:compaq:tru64:5.1_pk4_bl18 cpe:/o:compaq:tru64:5.1_pk5_bl19 cpe:/o:compaq:tru64:5.1_pk6_bl20 cpe:/o:compaq:tru64:5.1a cpe:/o:compaq:tru64:5.1a_pk1_bl1 cpe:/o:compaq:tru64:5.1a_pk2_bl2 cpe:/o:compaq:tru64:5.1a_pk3_bl3 cpe:/o:compaq:tru64:5.1b cpe:/o:compaq:tru64:5.1b_pk1_bl1 cpe:/o:hp:hp-ux:10.01 cpe:/o:hp:hp-ux:10.20 cpe:/o:hp:hp-ux:10.24 cpe:/o:hp:hp-ux:11.00 cpe:/o:hp:hp-ux:11.04 cpe:/o:hp:hp-ux:11.11 cpe:/o:hp:hp-ux:11.20 cpe:/o:hp:hp-ux:11.22 cpe:/o:sun:solaris:2.5.1::ppc cpe:/o:sun:solaris:2.5.1::x86 cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0::x86 cpe:/o:sun:solaris:9.0:x86_update_2 cpe:/o:sun:sunos:- cpe:/o:sun:sunos:5.5.1 cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-0201 2003-05-05T00:00:00.000-04:00 2018-10-30T12:26:22.763-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SGI 20030403-01-P CONECTIVA CLA-2003:624 BUGTRAQ 20030407 [DDI-1013] Buffer Overflow in Samba allows remote root compromise BUGTRAQ 20030407 Immunix Secured OS 7+ samba update BUGTRAQ 20030408 [Sorcerer-spells] SAMBA--SORCERER2003-04-08 BUGTRAQ 20030409 GLSA: samba (200304-02) DEBIAN DSA-280 MISC http://www.digitaldefense.net/labs/advisories/DDI-1013.txt CERT-VN VU#267873 MANDRAKE MDKSA-2003:044 SUSE SuSE-SA:2003:025 REDHAT RHSA-2003:137 BID 7294 Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code. cpe:/a:brian_renaud:metrics:1.0 CVE-2003-0202 2004-04-15T00:00:00.000-04:00 2017-07-10T21:29:28.883-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS DEBIAN DSA-279 BID 7293 XF metrics-tmpfile-symlink(11734) The (1) halstead and (2) gather_stats scripts in metrics 1.0 allow local users to overwrite arbitrary files via a symlink attack on temporary files. cpe:/a:moxftp:moxftp:2.2 cpe:/a:xftp:xftp:2.2 CVE-2003-0203 2003-04-11T00:00:00.000-04:00 2017-07-10T21:29:28.947-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030223 moxftp arbitrary code execution poc/advisory DEBIAN DSA-281 FULLDISC 20030223 moxftp arbitrary code execution poc/advisory BID 6921 SECTRACK 1006156 XF moxftp-welcome-banner-bo(11399) Buffer overflow in moxftp 2.2 and earlier allows remote malicious FTP servers to execute arbitrary code via a long FTP banner. cpe:/o:kde:kde:2.0 cpe:/o:kde:kde:2.0.1 cpe:/o:kde:kde:2.1 cpe:/o:kde:kde:2.1.1 cpe:/o:kde:kde:2.1.2 cpe:/o:kde:kde:2.2 cpe:/o:kde:kde:2.2.1 cpe:/o:kde:kde:2.2.2 cpe:/o:kde:kde:3.0 cpe:/o:kde:kde:3.0.1 cpe:/o:kde:kde:3.0.2 cpe:/o:kde:kde:3.0.3 cpe:/o:kde:kde:3.0.3a cpe:/o:kde:kde:3.0.4 cpe:/o:kde:kde:3.0.5 cpe:/o:kde:kde:3.0.5a cpe:/o:kde:kde:3.1 cpe:/o:kde:kde:3.1.1 CVE-2003-0204 2003-05-05T00:00:00.000-04:00 2016-10-17T22:30:36.440-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS CONFIRM http://bugs.kde.org/show_bug.cgi?id=53343 CONFIRM http://bugs.kde.org/show_bug.cgi?id=56808 CONECTIVA CLA-2003:668 CONECTIVA CLA-2003:747 BUGTRAQ 20030410 GLSA: kde-3.x (200304-04) BUGTRAQ 20030411 GLSA: kde-2.x (200304-05) BUGTRAQ 20030412 [Sorcerer-spells] KDE-SORCERER2003-04-12 BUGTRAQ 20030414 GLSA: kde-2.x (200304-05.1) DEBIAN DSA-284 DEBIAN DSA-293 DEBIAN DSA-296 CONFIRM http://www.kde.org/info/security/advisory-20030409-1.txt MANDRAKE MDKSA-2003:049 REDHAT RHSA-2003:002 KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer. cpe:/a:gkrellm_newsticker:gkrellm_newsticker:0.3 CVE-2003-0205 2003-05-12T00:00:00.000-04:00 2016-10-17T22:30:37.737-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030423 Security problems in gkrellm-newsticker DEBIAN DSA-294 gkrellm-newsticker gkrellm plugin before 0.3-3.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the ticker title of a URI. cpe:/a:gkrellm_newsticker:gkrellm_newsticker:0.3 CVE-2003-0206 2003-05-12T00:00:00.000-04:00 2016-10-17T22:30:39.033-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030423 Security problems in gkrellm-newsticker DEBIAN DSA-294 gkrellm-newsticker gkrellm plugin before 0.3-3.1 allows remote attackers to cause a denial of service (crash) via (1) link or (2) title elements that contain multiple lines. cpe:/a:gs-common:gs-common:0.3.3 CVE-2003-0207 2003-05-05T00:00:00.000-04:00 2008-09-10T15:18:15.070-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 DEBIAN DSA-286 ps2epsi creates insecure temporary files when calling ghostscript, which allows local attackers to overwrite arbitrary files. cpe:/a:macromedia:flash CVE-2003-0208 2003-05-05T00:00:00.000-04:00 2016-10-17T22:30:40.440-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov FULLDISC 20030413 Misuse of Macromedia Flash Ads clickTAG Option May Lead to Privacy Breach BUGTRAQ 20030413 Misuse of Macromedia Flash Ads clickTAG Option May Lead to Privacy Breach CONFIRM http://www.macromedia.com/support/flash/ts/documents/clicktag_security.htm MISC http://www.securiteam.com/securitynews/5XP0B0U9PE.html Cross-site scripting (XSS) vulnerability in Macromedia Flash ad user tracking capability allows remote attackers to insert arbitrary Javascript via the clickTAG field. cpe:/a:smoothwall:smoothwall:2.0_beta_4 cpe:/a:sourcefire:snort:1.8 cpe:/a:sourcefire:snort:1.8.1 cpe:/a:sourcefire:snort:1.8.2 cpe:/a:sourcefire:snort:1.8.3 cpe:/a:sourcefire:snort:1.8.4 cpe:/a:sourcefire:snort:1.8.5 cpe:/a:sourcefire:snort:1.8.6 cpe:/a:sourcefire:snort:1.8.7 cpe:/a:sourcefire:snort:1.9 cpe:/a:sourcefire:snort:1.9.1 CVE-2003-0209 2003-05-05T00:00:00.000-04:00 2016-10-17T22:30:41.597-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030415 CORE-2003-0307: Snort TCP Stream Reassembly Integer Overflow Vulnerability BUGTRAQ 20030422 GLSA: snort (200304-05) BUGTRAQ 20030423 Snort <=1.9.1 exploit BUGTRAQ 20030428 GLSA: snort (200304-06) ENGARDE ESA-20030430-013 CERT CA-2003-13 MISC http://www.coresecurity.com/common/showdoc.php?idx=313&idxseccion=10 DEBIAN DSA-297 CERT-VN VU#139129 MANDRAKE MDKSA-2003:052 BID 7178 Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow. cpe:/a:cisco:secure_access_control_server:2.1 cpe:/a:cisco:secure_access_control_server:2.3 cpe:/a:cisco:secure_access_control_server:2.4 cpe:/a:cisco:secure_access_control_server:2.5 cpe:/a:cisco:secure_access_control_server:2.6 cpe:/a:cisco:secure_access_control_server:2.6.2 cpe:/a:cisco:secure_access_control_server:2.6.3 cpe:/a:cisco:secure_access_control_server:2.6.4 cpe:/a:cisco:secure_access_control_server:3.0 cpe:/a:cisco:secure_access_control_server:3.0.1 cpe:/a:cisco:secure_access_control_server:3.0.3 cpe:/a:cisco:secure_access_control_server:3.1.1 CVE-2003-0210 2003-05-12T00:00:00.000-04:00 2016-10-17T22:30:42.893-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030424 NSFOCUS SA2003-04 : Remote Buffer Overflow Vulnerability in Web Management Interface of Cisco Secure ACS NTBUGTRAQ 20030424 NSFOCUS SA2003-04 : Remote Buffer Overflow Vulnerability in Web Management Interface of Cisco Secure ACS CISCO 20030423 Cisco Secure Access Control Server for Windows Admin Buffer Overflow Vulnerability CERT-VN VU#697049 Buffer overflow in the administration service (CSAdmin) for Cisco Secure ACS before 3.1.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long user parameter to port 2002. cpe:/a:xinetd:xinetd:2.3.0 cpe:/a:xinetd:xinetd:2.3.1 cpe:/a:xinetd:xinetd:2.3.2 cpe:/a:xinetd:xinetd:2.3.3 cpe:/a:xinetd:xinetd:2.3.4 cpe:/a:xinetd:xinetd:2.3.5 cpe:/a:xinetd:xinetd:2.3.6 cpe:/a:xinetd:xinetd:2.3.7 cpe:/a:xinetd:xinetd:2.3.8 cpe:/a:xinetd:xinetd:2.3.9 cpe:/a:xinetd:xinetd:2.3.10 CVE-2003-0211 2003-05-05T00:00:00.000-04:00 2017-10-10T21:29:06.997-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONFIRM http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=88537 CONECTIVA CLA-2003:782 BUGTRAQ 20030418 Xinetd 2.3.10 Memory Leaks MANDRAKE MDKSA-2003:056 REDHAT RHSA-2003:160 Memory leak in xinetd 2.3.10 allows remote attackers to cause a denial of service (memory consumption) via a large number of rejected connections. cpe:/a:rinetd:rinetd:0.52 cpe:/a:rinetd:rinetd:0.61 CVE-2003-0212 2003-05-12T00:00:00.000-04:00 2016-10-17T22:30:45.660-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030417 Vulnerability in rinetd DEBIAN DSA-289 handleAccept in rinetd before 0.62 does not properly resize the connection list when it becomes full and sets an array index incorrectly, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large number of connections. cpe:/a:poptop:pptp_server:1.0.1 cpe:/a:poptop:pptp_server:1.1.2 cpe:/a:poptop:pptp_server:1.1.3 cpe:/a:poptop:pptp_server:1.1.3_2002-10-09 cpe:/a:poptop:pptp_server:1.1.4b1 cpe:/a:poptop:pptp_server:1.1.4b2 CVE-2003-0213 2003-05-12T00:00:00.000-04:00 2016-10-17T22:30:46.817-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030418 Exploit for PoPToP PPTP server BUGTRAQ 20030428 GLSA: pptpd (200304-08) CONFIRM http://sourceforge.net/project/shownotes.php?release_id=138437 DEBIAN DSA-295 CERT-VN VU#673993 SUSE SuSE-SA:2003:029 BUGTRAQ 20030409 PoPToP PPTP server remotely exploitable buffer overflow BUGTRAQ 20030422 Re: Exploit for PoPToP PPTP server - Linux version BID 7316 ctrlpacket.c in PoPToP PPTP server before 1.1.4-b3 allows remote attackers to cause a denial of service via a length field of 0 or 1, which causes a negative value to be fed into a read operation, leading to a buffer overflow. cpe:/a:debian:mime-support:3.9 cpe:/a:debian:mime-support:3.10 cpe:/a:debian:mime-support:3.11 cpe:/a:debian:mime-support:3.12 cpe:/a:debian:mime-support:3.13 cpe:/a:debian:mime-support:3.14 cpe:/a:debian:mime-support:3.15 cpe:/a:debian:mime-support:3.16 cpe:/a:debian:mime-support:3.17 cpe:/a:debian:mime-support:3.18 cpe:/a:debian:mime-support:3.19 cpe:/a:debian:mime-support:3.20 cpe:/a:debian:mime-support:3.21 CVE-2003-0214 2003-05-12T00:00:00.000-04:00 2008-09-05T16:33:46.443-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_USER_ACCESS DEBIAN DSA-292 run-mailcap in mime-support 3.22 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. cpe:/a:battleaxe_software:bttlxeforum:2.0_beta_3 CVE-2003-0215 2003-05-12T00:00:00.000-04:00 2016-10-17T22:30:48.537-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030424 SQL injection in BttlxeForum SECTRACK 1006632 CONFIRM http://www.battleaxesoftware.com/forums/forum.asp?forumid=36&select=1812 SQL injection vulnerability in bttlxeForum 2.0 beta 3 and earlier allows remote attackers to bypass authentication via the (1) username and (2) password fields, and possibly other fields. cpe:/o:cisco:catos:7.5%281%29 CVE-2003-0216 2003-05-12T00:00:00.000-04:00 2008-09-10T15:18:16.663-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS CISCO 20030424 Cisco Security Advisory: Cisco Catalyst Enable Password Bypass Vulnerability CERT-VN VU#443257 Unknown vulnerability in Cisco Catalyst 7.5(1) allows local users to bypass authentication and gain access to the enable mode without a password. cpe:/a:neoteris:instant_virtual_extranet:3.01 CVE-2003-0217 2003-06-16T00:00:00.000-04:00 2016-10-17T22:30:50.067-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030513 XSS In Neoteris IVE Allows Session Hijacking Cross-site scripting (XSS) vulnerability in Neoteris Instant Virtual Extranet (IVE) 3.01 and earlier allows remote attackers to insert arbitrary web script and bypass authentication via a certain CGI script. cpe:/a:monkey-project:monkey_http_daemon:0.1.1 cpe:/a:monkey-project:monkey_http_daemon:0.5.2 cpe:/a:monkey-project:monkey_http_daemon:0.6.0 cpe:/a:monkey-project:monkey_http_daemon:0.6.1 CVE-2003-0218 2003-05-12T00:00:00.000-04:00 2016-10-17T22:30:51.457-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030420 Monkey HTTPd Remote Buffer Overflow BUGTRAQ 20030420 Monkey HTTPd Remote Buffer Overflow BUGTRAQ 20030428 GLSA: monkeyd (200304-07.1) CONFIRM http://monkeyd.sourceforge.net/Changelog.txt BID 7202 Buffer overflow in PostMethod() function for Monkey HTTP Daemon (monkeyd) 0.6.1 and earlier allows remote attackers to execute arbitrary code via a POST request with a large body. cpe:/a:kerio:personal_firewall_2:2.1 cpe:/a:kerio:personal_firewall_2:2.1.1 cpe:/a:kerio:personal_firewall_2:2.1.2 cpe:/a:kerio:personal_firewall_2:2.1.3 cpe:/a:kerio:personal_firewall_2:2.1.4 CVE-2003-0219 2003-05-12T00:00:00.000-04:00 2016-10-17T22:30:52.753-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030428 CORE-2003-0305-02: Vulnerabilities in Kerio Personal Firewall MISC http://www.coresecurity.com/common/showdoc.php?idx=314&idxseccion=10 CERT-VN VU#641012 BID 7179 Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute administrator commands by sniffing packets from a valid session and replaying them against the remote administration server. cpe:/a:kerio:personal_firewall_2:2.1 cpe:/a:kerio:personal_firewall_2:2.1.1 cpe:/a:kerio:personal_firewall_2:2.1.2 cpe:/a:kerio:personal_firewall_2:2.1.3 cpe:/a:kerio:personal_firewall_2:2.1.4 CVE-2003-0220 2003-05-12T00:00:00.000-04:00 2016-10-17T22:30:53.910-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030428 CORE-2003-0305-02: Vulnerabilities in Kerio Personal Firewall MISC http://www.coresecurity.com/common/showdoc.php?idx=314&idxseccion=10 CERT-VN VU#454716 BID 7180 Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute arbitrary code via a handshake packet. cpe:/o:hp:tru64:5.1b:pk1 CVE-2003-0221 2003-05-12T00:00:00.000-04:00 2017-07-10T21:29:29.010-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS HP SSRT3471 BID 7452 XF tru64-dupatch-setld-symlink(11892) The (1) dupatch and (2) setld utilities in HP Tru64 UNIX 5.1B PK1 and earlier allows local users to overwrite files and possibly gain root privileges via a symlink attack. cpe:/a:oracle:database_server:7.3.3 cpe:/a:oracle:database_server:7.3.4 cpe:/a:oracle:database_server:8.0.1 cpe:/a:oracle:database_server:8.0.2 cpe:/a:oracle:database_server:8.0.3 cpe:/a:oracle:database_server:8.0.4 cpe:/a:oracle:database_server:8.0.5 cpe:/a:oracle:database_server:8.0.5.1 cpe:/a:oracle:database_server:8.0.6 cpe:/a:oracle:database_server:8.1.5 cpe:/a:oracle:database_server:8.1.6 cpe:/a:oracle:database_server:8.1.7 cpe:/a:oracle:database_server:9.2.1 cpe:/a:oracle:database_server:9.2.2 cpe:/a:oracle:oracle8i:8.0.6 cpe:/a:oracle:oracle8i:8.0.6.3 cpe:/a:oracle:oracle8i:8.0x cpe:/a:oracle:oracle8i:8.1.5 cpe:/a:oracle:oracle8i:8.1.6 cpe:/a:oracle:oracle8i:8.1.7 cpe:/a:oracle:oracle8i:8.1.7.1 cpe:/a:oracle:oracle8i:8.1.7.4 cpe:/a:oracle:oracle8i:8.1x cpe:/a:oracle:oracle9i:9.0 cpe:/a:oracle:oracle9i:9.0.1 cpe:/a:oracle:oracle9i:9.0.1.2 cpe:/a:oracle:oracle9i:9.0.1.3 cpe:/a:oracle:oracle9i:9.0.1.4 cpe:/a:oracle:oracle9i:9.0.2 cpe:/a:oracle:oracle9i:9.2.0.1 cpe:/a:oracle:oracle9i:9.2.0.2 CVE-2003-0222 2003-05-12T00:00:00.000-04:00 2017-07-10T21:29:29.070-04:00 9.0 NETWORK LOW SINGLE_INSTANCE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030429 Oracle Database Server Buffer Overflow Vulnerability (#NISR29042003) NTBUGTRAQ 20030429 Oracle Database Server Buffer Overflow Vulnerability (#NISR29042003) CONFIRM http://otn.oracle.com/deploy/security/pdf/2003alert54.pdf CIAC N-085 BID 7453 XF oracle-database-link-bo(11885) Stack-based buffer overflow in Oracle Net Services for Oracle Database Server 9i release 2 and earlier allows attackers to execute arbitrary code via a "CREATE DATABASE LINK" query containing a connect string with a long USING parameter. cpe:/a:microsoft:internet_information_server:4.0 cpe:/a:microsoft:internet_information_server:5.1 cpe:/a:microsoft:internet_information_services:5.0 CVE-2003-0223 2003-06-09T00:00:00.000-04:00 2018-10-30T12:25:10.357-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS MS MS03-018 Cross-site scripting vulnerability (XSS) in the ASP function responsible for redirection in Microsoft Internet Information Server (IIS) 4.0, 5.0, and 5.1 allows remote attackers to embed a URL containing script in a redirection message. cpe:/a:microsoft:internet_information_services:5.0 CVE-2003-0224 2003-06-09T00:00:00.000-04:00 2018-10-30T12:25:10.357-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS NTBUGTRAQ 20030530 NSFOCUS SA2003-05: Microsoft IIS ssinc.dll Over-long Filename Buffer Overflow Vulnerability MS MS03-018 Buffer overflow in ssinc.dll for Microsoft Internet Information Services (IIS) 5.0 allows local users to execute arbitrary code via a web page with a Server Side Include (SSI) directive with a long filename, aka "Server Side Include Web Pages Buffer Overrun." cpe:/a:microsoft:internet_information_server:4.0 cpe:/a:microsoft:internet_information_services:5.0 CVE-2003-0225 2003-06-09T00:00:00.000-04:00 2018-10-30T12:25:10.357-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov NTBUGTRAQ 20030418 Microsoft Active Server Pages DoS MISC http://www.aqtronix.com/Advisories/AQ-2003-01.txt MS MS03-018 The ASP function Response.AddHeader in Microsoft Internet Information Server (IIS) 4.0 and 5.0 does not limit memory requests when constructing headers, which allow remote attackers to generate a large header to cause a denial of service (memory consumption) with an ASP page. cpe:/a:microsoft:internet_information_server:5.1 cpe:/a:microsoft:internet_information_services:5.0 CVE-2003-0226 2003-06-09T00:00:00.000-04:00 2018-10-30T12:25:10.357-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030528 Internet Information Services 5.0 Denial of service BUGTRAQ 20030529 IIS WEBDAV Denial of Service attacks NTBUGTRAQ 20030528 Internet Information Services 5.0 Denial of service MISC http://www.spidynamics.com/iis_alert.html MS MS03-018 Microsoft Internet Information Services (IIS) 5.0 and 5.1 allows remote attackers to cause a denial of service via a long WebDAV request with a (1) PROPFIND or (2) SEARCH method, which generates an error condition that is not properly handled. cpe:/a:microsoft:internet_information_server CVE-2003-0227 2003-06-09T00:00:00.000-04:00 2018-10-12T17:32:32.147-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030528 RE: Alert: MS03-019, Microsoft... wrong, again. NTBUGTRAQ 20030528 Re: Alert: MS03-019, Microsoft... wrong, again. NTBUGTRAQ 20030528 MS03-019: DoS or Code of Choice MS MS03-019 The logging capability for unicast and multicast transmissions in the ISAPI extension for Microsoft Windows Media Services in Microsoft Windows NT 4.0 and 2000, nsiislog.dll, allows remote attackers to cause a denial of service in Internet Information Server (IIS) and execute arbitrary code via a certain network request. cpe:/a:microsoft:windows_media_player:- cpe:/a:microsoft:windows_media_player:7.1 CVE-2003-0228 2003-05-27T00:00:00.000-04:00 2018-10-30T12:25:13.340-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030507 Windows Media Player directory traversal vulnerability BUGTRAQ 20030508 why i love xs4all + mediaplayer thingie NTBUGTRAQ 20030507 Windows Media Player directory traversal vulnerability CERT-VN VU#384932 BID 7517 MS MS03-017 XF mediaplayer-skin-code-execution(11953) Directory traversal vulnerability in Microsoft Windows Media Player 7.1 and Windows Media Player for Windows XP allows remote attackers to execute arbitrary code via a skins file with a URL containing hex-encoded backslash characters (%5C) that causes an executable to be placed in an arbitrary location. cpe:/a:microsoft:data_engine:1.0 cpe:/a:microsoft:sql_server:7.0 cpe:/a:microsoft:sql_server:7.0:sp1 cpe:/a:microsoft:sql_server:7.0:sp2 cpe:/a:microsoft:sql_server:7.0:sp3 cpe:/a:microsoft:sql_server:7.0:sp4 cpe:/a:microsoft:sql_server:2000 cpe:/a:microsoft:sql_server:2000::desktop_engine cpe:/a:microsoft:sql_server:2000:sp1 cpe:/a:microsoft:sql_server:2000:sp2 cpe:/a:microsoft:sql_server:2000:sp3 cpe:/a:microsoft:sql_server:2000:sp3a CVE-2003-0230 2003-08-27T00:00:00.000-04:00 2018-10-12T17:32:33.927-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CERT-VN VU#556356 MS MS03-031 Microsoft SQL Server 7, 2000, and MSDE allows local users to gain privileges by hijacking a named pipe during the authentication of another user, aka the "Named Pipe Hijacking" vulnerability. cpe:/a:microsoft:data_engine:1.0 cpe:/a:microsoft:sql_server:7.0 cpe:/a:microsoft:sql_server:7.0:sp1 cpe:/a:microsoft:sql_server:7.0:sp2 cpe:/a:microsoft:sql_server:7.0:sp3 cpe:/a:microsoft:sql_server:7.0:sp4 cpe:/a:microsoft:sql_server:2000 cpe:/a:microsoft:sql_server:2000::desktop_engine cpe:/a:microsoft:sql_server:2000:sp1 cpe:/a:microsoft:sql_server:2000:sp2 cpe:/a:microsoft:sql_server:2000:sp3 cpe:/a:microsoft:sql_server:2000:sp3a CVE-2003-0231 2003-08-27T00:00:00.000-04:00 2018-10-12T17:32:34.257-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov ATSTAKE A072303-2 CERT-VN VU#918652 MS MS03-031 Microsoft SQL Server 7, 2000, and MSDE allows local or remote authenticated users to cause a denial of service (crash or hang) via a long request to a named pipe. cpe:/a:microsoft:data_engine:1.0 cpe:/a:microsoft:sql_server:7.0 cpe:/a:microsoft:sql_server:7.0:sp1 cpe:/a:microsoft:sql_server:7.0:sp2 cpe:/a:microsoft:sql_server:7.0:sp3 cpe:/a:microsoft:sql_server:7.0:sp4 cpe:/a:microsoft:sql_server:2000 cpe:/a:microsoft:sql_server:2000::desktop_engine cpe:/a:microsoft:sql_server:2000:sp1 cpe:/a:microsoft:sql_server:2000:sp2 cpe:/a:microsoft:sql_server:2000:sp3 cpe:/a:microsoft:sql_server:2000:sp3a CVE-2003-0232 2003-08-27T00:00:00.000-04:00 2018-10-12T17:32:34.663-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS ATSTAKE A072303-3 CERT-VN VU#584868 MS MS03-031 Microsoft SQL Server 7, 2000, and MSDE allows local users to execute arbitrary code via a certain request to the Local Procedure Calls (LPC) port that leads to a buffer overflow. cpe:/a:microsoft:ie:5.0.1 cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.5:sp1 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:6.0:sp1 CVE-2003-0233 2003-05-12T00:00:00.000-04:00 2018-10-12T17:32:35.067-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030424 Internet Explorer Plugin.ocx heap overflow (#NISR24042003) XF ie-plugin-load-bo(11854) MS MS03-015 Heap-based buffer overflow in plugin.ocx for Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via the Load() method, a different vulnerability than CVE-2003-0115. cpe:/a:mirabilis:icq:99a_2.15build1701 cpe:/a:mirabilis:icq:99a_2.21build1800 cpe:/a:mirabilis:icq:2000.0a cpe:/a:mirabilis:icq:2000.0b_build3278 cpe:/a:mirabilis:icq:2001a cpe:/a:mirabilis:icq:2001b_build3636 cpe:/a:mirabilis:icq:2001b_build3638 cpe:/a:mirabilis:icq:2001b_build3659 cpe:/a:mirabilis:icq:2002a_build3722 cpe:/a:mirabilis:icq:2002a_build3727 cpe:/a:mirabilis:icq:2003a_build3777 cpe:/a:mirabilis:icq:2003a_build3799 cpe:/a:mirabilis:icq:2003a_build3800 CVE-2003-0235 2003-05-27T00:00:00.000-04:00 2017-07-10T21:29:29.197-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030505 CORE-2003-0303: Multiple Vulnerabilities in Mirabilis ICQ client BUGTRAQ 20030505 CORE-2003-0303: Multiple Vulnerabilities in Mirabilis ICQ client MISC http://www.coresecurity.com/common/showdoc.php?idx=315&idxseccion=10 BID 7461 XF icq-pop3-format-string(11938) Format string vulnerability in POP3 client for Mirabilis ICQ Pro 2003a allows remote malicious servers to execute arbitrary code via format strings in the response to a UIDL command. cpe:/a:mirabilis:icq:99a_2.15build1701 cpe:/a:mirabilis:icq:99a_2.21build1800 cpe:/a:mirabilis:icq:2000.0a cpe:/a:mirabilis:icq:2000.0b_build3278 cpe:/a:mirabilis:icq:2001a cpe:/a:mirabilis:icq:2001b_build3636 cpe:/a:mirabilis:icq:2001b_build3638 cpe:/a:mirabilis:icq:2001b_build3659 cpe:/a:mirabilis:icq:2002a_build3722 cpe:/a:mirabilis:icq:2002a_build3727 cpe:/a:mirabilis:icq:2003a_build3777 cpe:/a:mirabilis:icq:2003a_build3799 cpe:/a:mirabilis:icq:2003a_build3800 CVE-2003-0236 2003-05-27T00:00:00.000-04:00 2017-07-10T21:29:29.243-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030505 CORE-2003-0303: Multiple Vulnerabilities in Mirabilis ICQ client BUGTRAQ 20030505 CORE-2003-0303: Multiple Vulnerabilities in Mirabilis ICQ client MISC http://www.coresecurity.com/common/showdoc.php?idx=315&idxseccion=10 BID 7462 BID 7463 XF icq-pop3-email-bo(11939) Integer signedness errors in the POP3 client for Mirabilis ICQ Pro 2003a allow remote attackers to execute arbitrary code via the (1) Subject or (2) Date headers. cpe:/a:mirabilis:icq:99a_2.15build1701 cpe:/a:mirabilis:icq:99a_2.21build1800 cpe:/a:mirabilis:icq:2000.0a cpe:/a:mirabilis:icq:2000.0b_build3278 cpe:/a:mirabilis:icq:2001a cpe:/a:mirabilis:icq:2001b_build3636 cpe:/a:mirabilis:icq:2001b_build3638 cpe:/a:mirabilis:icq:2001b_build3659 cpe:/a:mirabilis:icq:2002a_build3722 cpe:/a:mirabilis:icq:2002a_build3727 cpe:/a:mirabilis:icq:2003a_build3777 cpe:/a:mirabilis:icq:2003a_build3799 cpe:/a:mirabilis:icq:2003a_build3800 CVE-2003-0237 2003-05-27T00:00:00.000-04:00 2017-07-10T21:29:29.307-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030505 CORE-2003-0303: Multiple Vulnerabilities in Mirabilis ICQ client BUGTRAQ 20030505 CORE-2003-0303: Multiple Vulnerabilities in Mirabilis ICQ client MISC http://www.coresecurity.com/common/showdoc.php?idx=315&idxseccion=10 BID 7464 XF icq-features-no-auth(11944) The "ICQ Features on Demand" functionality for Mirabilis ICQ Pro 2003a does not properly verify the authenticity of software upgrades, which allows remote attackers to install arbitrary software via a spoofing attack. cpe:/a:mirabilis:icq:99a_2.15build1701 cpe:/a:mirabilis:icq:99a_2.21build1800 cpe:/a:mirabilis:icq:2000.0a cpe:/a:mirabilis:icq:2000.0b_build3278 cpe:/a:mirabilis:icq:2001a cpe:/a:mirabilis:icq:2001b_build3636 cpe:/a:mirabilis:icq:2001b_build3638 cpe:/a:mirabilis:icq:2001b_build3659 cpe:/a:mirabilis:icq:2002a_build3722 cpe:/a:mirabilis:icq:2002a_build3727 cpe:/a:mirabilis:icq:2003a_build3777 cpe:/a:mirabilis:icq:2003a_build3799 cpe:/a:mirabilis:icq:2003a_build3800 CVE-2003-0238 2003-05-27T00:00:00.000-04:00 2017-07-10T21:29:29.353-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov VULNWATCH 20030505 CORE-2003-0303: Multiple Vulnerabilities in Mirabilis ICQ client BUGTRAQ 20030505 CORE-2003-0303: Multiple Vulnerabilities in Mirabilis ICQ client MISC http://www.coresecurity.com/common/showdoc.php?idx=315&idxseccion=10 BID 7465 XF icq-table-tag-dos(11947) The Message Session window in Mirabilis ICQ Pro 2003a allows remote attackers to cause a denial of service (CPU consumption) by spoofing the address of an ADS server and sending HTML with a -1 width in a table tag. cpe:/a:mirabilis:icq:99a_2.15build1701 cpe:/a:mirabilis:icq:99a_2.21build1800 cpe:/a:mirabilis:icq:2000.0a cpe:/a:mirabilis:icq:2000.0b_build3278 cpe:/a:mirabilis:icq:2001a cpe:/a:mirabilis:icq:2001b_build3636 cpe:/a:mirabilis:icq:2001b_build3638 cpe:/a:mirabilis:icq:2001b_build3659 cpe:/a:mirabilis:icq:2002a_build3722 cpe:/a:mirabilis:icq:2002a_build3727 cpe:/a:mirabilis:icq:2003a_build3777 cpe:/a:mirabilis:icq:2003a_build3799 cpe:/a:mirabilis:icq:2003a_build3800 CVE-2003-0239 2003-05-27T00:00:00.000-04:00 2017-07-10T21:29:29.417-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov VULNWATCH 20030505 CORE-2003-0303: Multiple Vulnerabilities in Mirabilis ICQ client BUGTRAQ 20030505 CORE-2003-0303: Multiple Vulnerabilities in Mirabilis ICQ client MISC http://www.coresecurity.com/common/showdoc.php?idx=315&idxseccion=10 BID 7466 XF icq-gif89a-header-dos(11948) icqateimg32.dll parsing/rendering library in Mirabilis ICQ Pro 2003a allows remote attackers to cause a denial of service via malformed GIF89a headers that do not contain a GCT (Global Color Table) or an LCT (Local Color Table) after an Image Descriptor. cpe:/h:axis:2100_network_camera:2.32 cpe:/h:axis:2110_network_camera:2.32 cpe:/h:axis:2120_network_camera:2.32 cpe:/h:axis:2130_ptz_network_camera:2.32 cpe:/h:axis:2400_video_server:2.32 cpe:/h:axis:2401_video_server:2.32 cpe:/h:axis:2420_network_camera:2.32 cpe:/h:axis:2460_network_dvr:3.00 cpe:/h:axis:250s_video_server:3.02 CVE-2003-0240 2003-06-09T00:00:00.000-04:00 2017-07-10T21:29:29.463-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030527 CORE-2003-0403: Axis Network Camera HTTP Authentication Bypass SECTRACK 1006854 MISC http://www.coresecurity.com/common/showdoc.php?idx=329&idxseccion=10 CERT-VN VU#799060 BID 7652 XF axis-admin-authentication-bypass(12104) The web-based administration capability for various Axis Network Camera products allows remote attackers to bypass access restrictions and modify configuration via an HTTP request to the admin/admin.shtml containing a leading // (double slash). cpe:/a:frontrange:goldmine:5.70 cpe:/a:frontrange:goldmine:6.00 CVE-2003-0241 2003-06-09T00:00:00.000-04:00 2008-09-05T16:33:50.333-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS VULNWATCH 20030528 SECNAP Security Advisory: Invalid HTML processing in GoldMine(tm) MISC http://www.secnap.net/security/gm001.html FrontRange GoldMine mail agent 5.70 and 6.00 before 30503 directly sends HTML to the default browser without setting its security zone or otherwise labeling it untrusted, which allows remote attackers to execute arbitrary code via a message that is rendered in IE using a less secure zone. CVE-2003-0242 2003-06-09T00:00:00.000-04:00 2017-07-10T21:29:29.510-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONFIRM http://docs.info.apple.com/article.html?artnum=61798 SECTRACK 1006796 CERT-VN VU#869548 BID 7628 XF macos-ipsec-acl-bypass(12027) IPSec in Mac OS X before 10.2.6 does not properly handle certain incoming security policies that match by port, which could allow traffic that is not explicitly allowed by the policies. cpe:/a:happycgi:happymall:4.3 cpe:/a:happycgi:happymall:4.4 CVE-2003-0243 2003-05-27T00:00:00.000-04:00 2008-09-10T15:18:21.540-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS VULNWATCH 20030507 Happymall E-Commerce Remote Command Execution SECTRACK 1006707 Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to execute arbitrary commands via shell metacharacters in the file parameter for the (1) normal_html.cgi or (2) member_html.cgi scripts. cpe:/o:linux:linux_kernel:2.4.0 CVE-2003-0244 2003-05-27T00:00:00.000-04:00 2017-10-10T21:29:08.073-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov VULNWATCH 20030517 Algorithmic Complexity Attacks and the Linux Networking Code ENGARDE ESA-20030515-017 BUGTRAQ 20030618 [slackware-security] 2.4.21 kernels available (SSA:2003-168-01) MISC http://marc.info/?l=linux-kernel&m=104956079213417 DEBIAN DSA-311 DEBIAN DSA-312 DEBIAN DSA-332 DEBIAN DSA-336 DEBIAN DSA-442 MISC http://www.enyo.de/fw/security/notes/linux-dst-cache-dos.html MANDRAKE MDKSA-2003:066 MANDRAKE MDKSA-2003:074 REDHAT RHSA-2003:145 REDHAT RHSA-2003:147 REDHAT RHSA-2003:172 BID 7601 XF data-algorithmic-complexity-dos(15382) The route cache implementation in Linux 2.4, and the Netfilter IP conntrack module, allows remote attackers to cause a denial of service (CPU consumption) via packets with forged source addresses that cause a large number of hash table collisions. cpe:/a:apache:http_server:2.0.37 cpe:/a:apache:http_server:2.0.38 cpe:/a:apache:http_server:2.0.39 cpe:/a:apache:http_server:2.0.40 cpe:/a:apache:http_server:2.0.41 cpe:/a:apache:http_server:2.0.42 cpe:/a:apache:http_server:2.0.43 cpe:/a:apache:http_server:2.0.44 cpe:/a:apache:http_server:2.0.45 CVE-2003-0245 2003-06-09T00:00:00.000-04:00 2017-07-10T21:29:29.667-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov VULNWATCH 20030530 iDEFENSE Security Advisory 05.30.03: Apache Portable Runtime Denial of Service and Arbitrary Code Execution Vulnerability CONECTIVA CLA-2003:661 BUGTRAQ 20030528 [SECURITY] [ANNOUNCE] Apache 2.0.46 released CONFIRM http://www.apache.org/dist/httpd/Announcement2.html MISC http://www.idefense.com/advisory/05.30.03.txt CERT-VN VU#757612 MANDRAKE MDKSA-2003:063 REDHAT RHSA-2003:186 BID 7723 XF apache-aprpsprintf-code-execution(12090) MLIST [httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html MLIST [httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html Vulnerability in the apr_psprintf function in the Apache Portable Runtime (APR) library for Apache 2.0.37 through 2.0.45 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long strings, as demonstrated using XML objects to mod_dav, and possibly other vectors. cpe:/o:linux:linux_kernel:2.4.0 cpe:/o:linux:linux_kernel:2.4.1 cpe:/o:linux:linux_kernel:2.4.2 cpe:/o:linux:linux_kernel:2.4.3 cpe:/o:linux:linux_kernel:2.4.4 cpe:/o:linux:linux_kernel:2.4.5 cpe:/o:linux:linux_kernel:2.4.6 cpe:/o:linux:linux_kernel:2.4.7 cpe:/o:linux:linux_kernel:2.4.8 cpe:/o:linux:linux_kernel:2.4.9 cpe:/o:linux:linux_kernel:2.4.10 cpe:/o:linux:linux_kernel:2.4.11 cpe:/o:linux:linux_kernel:2.4.12 cpe:/o:linux:linux_kernel:2.4.13 cpe:/o:linux:linux_kernel:2.4.14 cpe:/o:linux:linux_kernel:2.4.15 cpe:/o:linux:linux_kernel:2.4.16 cpe:/o:linux:linux_kernel:2.4.17 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel:2.4.19 cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.5.0 cpe:/o:linux:linux_kernel:2.5.1 cpe:/o:linux:linux_kernel:2.5.2 cpe:/o:linux:linux_kernel:2.5.3 cpe:/o:linux:linux_kernel:2.5.4 cpe:/o:linux:linux_kernel:2.5.5 cpe:/o:linux:linux_kernel:2.5.6 cpe:/o:linux:linux_kernel:2.5.7 cpe:/o:linux:linux_kernel:2.5.8 cpe:/o:linux:linux_kernel:2.5.9 cpe:/o:linux:linux_kernel:2.5.10 cpe:/o:linux:linux_kernel:2.5.11 cpe:/o:linux:linux_kernel:2.5.12 cpe:/o:linux:linux_kernel:2.5.13 cpe:/o:linux:linux_kernel:2.5.14 cpe:/o:linux:linux_kernel:2.5.15 cpe:/o:linux:linux_kernel:2.5.16 cpe:/o:linux:linux_kernel:2.5.17 cpe:/o:linux:linux_kernel:2.5.18 cpe:/o:linux:linux_kernel:2.5.19 cpe:/o:linux:linux_kernel:2.5.20 cpe:/o:linux:linux_kernel:2.5.21 cpe:/o:linux:linux_kernel:2.5.22 cpe:/o:linux:linux_kernel:2.5.23 cpe:/o:linux:linux_kernel:2.5.24 cpe:/o:linux:linux_kernel:2.5.25 cpe:/o:linux:linux_kernel:2.5.26 cpe:/o:linux:linux_kernel:2.5.27 cpe:/o:linux:linux_kernel:2.5.28 cpe:/o:linux:linux_kernel:2.5.29 cpe:/o:linux:linux_kernel:2.5.30 cpe:/o:linux:linux_kernel:2.5.31 cpe:/o:linux:linux_kernel:2.5.32 cpe:/o:linux:linux_kernel:2.5.33 cpe:/o:linux:linux_kernel:2.5.34 cpe:/o:linux:linux_kernel:2.5.35 cpe:/o:linux:linux_kernel:2.5.36 cpe:/o:linux:linux_kernel:2.5.37 cpe:/o:linux:linux_kernel:2.5.38 cpe:/o:linux:linux_kernel:2.5.39 cpe:/o:linux:linux_kernel:2.5.40 cpe:/o:linux:linux_kernel:2.5.41 cpe:/o:linux:linux_kernel:2.5.42 cpe:/o:linux:linux_kernel:2.5.43 cpe:/o:linux:linux_kernel:2.5.44 cpe:/o:linux:linux_kernel:2.5.45 cpe:/o:linux:linux_kernel:2.5.46 cpe:/o:linux:linux_kernel:2.5.47 cpe:/o:linux:linux_kernel:2.5.48 cpe:/o:linux:linux_kernel:2.5.49 cpe:/o:linux:linux_kernel:2.5.50 cpe:/o:linux:linux_kernel:2.5.51 cpe:/o:linux:linux_kernel:2.5.52 cpe:/o:linux:linux_kernel:2.5.53 cpe:/o:linux:linux_kernel:2.5.54 cpe:/o:linux:linux_kernel:2.5.55 cpe:/o:linux:linux_kernel:2.5.56 cpe:/o:linux:linux_kernel:2.5.57 cpe:/o:linux:linux_kernel:2.5.58 cpe:/o:linux:linux_kernel:2.5.59 cpe:/o:linux:linux_kernel:2.5.60 cpe:/o:linux:linux_kernel:2.5.61 cpe:/o:linux:linux_kernel:2.5.62 cpe:/o:linux:linux_kernel:2.5.63 cpe:/o:linux:linux_kernel:2.5.64 cpe:/o:linux:linux_kernel:2.5.65 cpe:/o:linux:linux_kernel:2.5.66 cpe:/o:linux:linux_kernel:2.5.67 cpe:/o:linux:linux_kernel:2.5.68 cpe:/o:linux:linux_kernel:2.5.69 CVE-2003-0246 2003-06-16T00:00:00.000-04:00 2017-10-10T21:29:08.167-04:00 3.6 LOCAL LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov VULNWATCH 20030520 Linux 2.4 kernel ioperm vuln ENGARDE ESA-20030515-017 DEBIAN DSA-311 DEBIAN DSA-312 DEBIAN DSA-332 DEBIAN DSA-336 DEBIAN DSA-442 MANDRAKE MDKSA-2003:066 MANDRAKE MDKSA-2003:074 REDHAT RHSA-2003:147 REDHAT RHSA-2003:172 TURBO TLSA-2003-41 The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports. cpe:/o:redhat:linux:7.1 cpe:/o:redhat:linux:7.2 cpe:/o:redhat:linux:7.3 cpe:/o:redhat:linux:8.0 cpe:/o:redhat:linux:9.0::i386 CVE-2003-0247 2003-06-16T00:00:00.000-04:00 2017-10-10T21:29:08.247-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov DEBIAN DSA-311 DEBIAN DSA-312 DEBIAN DSA-332 DEBIAN DSA-336 DEBIAN DSA-442 MANDRAKE MDKSA-2003:066 MANDRAKE MDKSA-2003:074 REDHAT RHSA-2003:187 REDHAT RHSA-2003:195 REDHAT RHSA-2003:198 TURBO TLSA-2003-41 Unknown vulnerability in the TTY layer of the Linux kernel 2.4 allows attackers to cause a denial of service ("kernel oops"). cpe:/o:redhat:linux:7.1 cpe:/o:redhat:linux:7.2 cpe:/o:redhat:linux:7.3 cpe:/o:redhat:linux:8.0 cpe:/o:redhat:linux:9.0::i386 CVE-2003-0248 2003-06-16T00:00:00.000-04:00 2017-10-10T21:29:08.307-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov DEBIAN DSA-311 DEBIAN DSA-312 DEBIAN DSA-332 DEBIAN DSA-336 DEBIAN DSA-442 MANDRAKE MDKSA-2003:066 MANDRAKE MDKSA-2003:074 REDHAT RHSA-2003:187 REDHAT RHSA-2003:195 TURBO TLSA-2003-41 The mxcsr code in Linux kernel 2.4 allows attackers to modify CPU state registers via a malformed address. cpe:/a:php:php:4.4.6 CVE-2003-0249 2003-12-31T00:00:00.000-05:00 2008-09-05T16:33:51.737-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-03-01T09:10:00.000-05:00 ALLOWS_OTHER_ACCESS IDEFENSE 20030625 PHP/Apache .htaccess Authentication Bypass Vulnerability ** DISPUTED ** PHP treats unknown methods such as "PoSt" as a GET request, which could allow attackers to intended access restrictions if PHP is running on a server that passes on all methods, such as Apache httpd 2.0, as demonstrated using a Limit directive. NOTE: this issue has been disputed by the Apache security team, saying "It is by design that PHP allows scripts to process any request method. A script which does not explicitly verify the request method will hence be processed as normal for arbitrary methods. It is therefore expected behaviour that one cannot implement per-method access control using the Apache configuration alone, which is the assumption made in this report." cpe:/a:nis:ypserv_nis_server:2.7 CVE-2003-0251 2003-07-24T00:00:00.000-04:00 2018-10-19T11:29:33.807-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SECTRACK 1016517 SUNALERT 55600 MANDRAKE MDKSA-2003:072 REDHAT RHSA-2003:173 REDHAT RHSA-2003:201 HP HPSBTU02132 BID 8031 TURBO TLSA-2003-43 VUPEN ADV-2006-2873 ypserv NIS server before 2.7 allows remote attackers to cause a denial of service via a TCP client request that does not respond to the server, which causes ypserv to block. cpe:/a:nfs:nfs-utils:0.2 cpe:/a:nfs:nfs-utils:0.2.1 cpe:/a:nfs:nfs-utils:0.3.1 cpe:/a:nfs:nfs-utils:0.3.3 cpe:/a:nfs:nfs-utils:1.0 cpe:/a:nfs:nfs-utils:1.0.1 cpe:/a:nfs:nfs-utils:1.0.3 CVE-2003-0252 2003-08-18T00:00:00.000-04:00 2018-05-02T21:29:19.990-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20030714 Linux nfs-utils xlog() off-by-one bug VULNWATCH 20030714 Reality of the rpc.mountd bug MISC http://isec.pl/vulnerabilities/isec-0010-linux-nfs-utils.txt BUGTRAQ 20030714 Linux nfs-utils xlog() off-by-one bug BUGTRAQ 20030715 [slackware-security] nfs-utils packages replaced (SSA:2003-195-01b) BUGTRAQ 20030716 Immunix Secured OS 7+ nfs-utils update -- bugtraq SECTRACK 1007187 SUNALERT 1001262 DEBIAN DSA-349 CERT-VN VU#258564 MANDRAKE MDKSA-2003:076 SUSE SuSE-SA:2003:031 REDHAT RHSA-2003:206 REDHAT RHSA-2003:207 BID 8179 TURBO TLSA-2003-44 XF nfs-utils-offbyone-bo(12600) Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain newlines. cpe:/a:apache:http_server:2.0 cpe:/a:apache:http_server:2.0.28 cpe:/a:apache:http_server:2.0.32 cpe:/a:apache:http_server:2.0.35 cpe:/a:apache:http_server:2.0.36 cpe:/a:apache:http_server:2.0.37 cpe:/a:apache:http_server:2.0.38 cpe:/a:apache:http_server:2.0.39 cpe:/a:apache:http_server:2.0.40 cpe:/a:apache:http_server:2.0.41 cpe:/a:apache:http_server:2.0.42 cpe:/a:apache:http_server:2.0.43 cpe:/a:apache:http_server:2.0.44 cpe:/a:apache:http_server:2.0.45 cpe:/a:apache:http_server:2.0.46 CVE-2003-0253 2003-08-18T00:00:00.000-04:00 2017-10-10T21:29:08.433-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030709 [ANNOUNCE][SECURITY] Apache 2.0.47 released MANDRAKE MDKSA-2003:075 REDHAT RHSA-2003:240 MLIST [httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html MLIST [httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html The prefork MPM in Apache 2 before 2.0.47 does not properly handle certain errors from accept, which could lead to a denial of service. cpe:/a:apache:http_server:2.0 cpe:/a:apache:http_server:2.0.28 cpe:/a:apache:http_server:2.0.32 cpe:/a:apache:http_server:2.0.35 cpe:/a:apache:http_server:2.0.36 cpe:/a:apache:http_server:2.0.37 cpe:/a:apache:http_server:2.0.38 cpe:/a:apache:http_server:2.0.39 cpe:/a:apache:http_server:2.0.40 cpe:/a:apache:http_server:2.0.41 cpe:/a:apache:http_server:2.0.42 cpe:/a:apache:http_server:2.0.43 cpe:/a:apache:http_server:2.0.44 cpe:/a:apache:http_server:2.0.45 cpe:/a:apache:http_server:2.0.46 CVE-2003-0254 2003-08-18T00:00:00.000-04:00 2017-10-10T21:29:08.510-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030709 [ANNOUNCE][SECURITY] Apache 2.0.47 released MANDRAKE MDKSA-2003:075 REDHAT RHSA-2003:240 MLIST [httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html MLIST [httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html Apache 2 before 2.0.47, when running on an IPv6 host, allows attackers to cause a denial of service (CPU consumption by infinite loop) when the FTP proxy server fails to create an IPv6 socket. cpe:/a:gnu:privacy_guard:1.2.1 CVE-2003-0255 2003-05-27T00:00:00.000-04:00 2018-05-02T21:29:20.130-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov CONECTIVA CLA-2003:694 BUGTRAQ 20030504 Key validity bug in GnuPG 1.2.1 and earlier ENGARDE ESA-20030515-016 BUGTRAQ 20030516 [OpenPKG-SA-2003.029] OpenPKG Security Advisory (gnupg) BUGTRAQ 20030522 [slackware-security] GnuPG key validation fix (SSA:2003-141-04) CERT-VN VU#397604 ENGARDE 20030515-016 MISC http://www.linuxsecurity.com/advisories/gentoo_advisory-3266.html MANDRAKE MDKSA-2003:061 REDHAT RHSA-2003:175 REDHAT RHSA-2003:176 BID 7497 TURBO TLSA200334 XF gnupg-invalid-key-acceptance(11930) The key validation code in GnuPG before 1.2.2 does not properly determine the validity of keys with multiple user IDs and assigns the greatest validity of the most valid user ID, which prevents GnuPG from warning the encrypting user when a user ID does not have a trusted path. cpe:/a:kde:kopete:0.6.1 CVE-2003-0256 2003-05-27T00:00:00.000-04:00 2008-09-10T15:18:26.210-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_USER_ACCESS CONECTIVA CLA-2003:665 CONFIRM http://kopete.kde.org/index.php?page=newsstory&news=Kopete_releases_version_0.6.2 MANDRAKE MDKSA-2003:055 The GnuPG plugin in kopete before 0.6.2 does not properly cleanse the command line when executing gpg, which allows remote attackers to execute arbitrary commands. cpe:/o:ibm:aix:4.3 cpe:/o:ibm:aix:4.3.1 cpe:/o:ibm:aix:4.3.2 cpe:/o:ibm:aix:4.3.3 cpe:/o:ibm:aix:5.1 cpe:/o:ibm:aix:5.2 CVE-2003-0257 2004-04-15T00:00:00.000-04:00 2017-07-10T21:29:29.837-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS IBM MSS-OAR-E01-2003:0660.1 XF aix-print-format-string(12000) Format string vulnerability in the printer capability for IBM AIX .3, 5.1, and 5.2 allows local users to gain printq or root privileges. cpe:/a:cisco:vpn_3002_hardware_client cpe:/h:cisco:vpn_3015_concentrator cpe:/h:cisco:vpn_3030_concentator cpe:/h:cisco:vpn_3060_concentrator cpe:/h:cisco:vpn_3080_concentrator cpe:/o:cisco:vpn_3000_concentrator_series_software:3.5%28rel%29 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.5.1 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.5.2 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.5.3 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.5.4 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.5.5 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.6 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.6.1 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.6.3 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.6.5 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.6.7 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.6.7.a cpe:/o:cisco:vpn_3000_concentrator_series_software:3.6.7.b cpe:/o:cisco:vpn_3000_concentrator_series_software:3.6.7.c cpe:/o:cisco:vpn_3000_concentrator_series_software:3.6.7.d cpe:/o:cisco:vpn_3000_concentrator_series_software:3.6.7d cpe:/o:cisco:vpn_3000_concentrator_series_software:4.0 cpe:/o:cisco:vpn_3005_concentrator_software:4.0.1 CVE-2003-0258 2003-05-27T00:00:00.000-04:00 2018-10-30T12:26:19.357-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CISCO 20030507 Cisco VPN 3000 Concentrator Vulnerabilities CERT-VN VU#727780 XF cisco-vpn-unauth-access(11954) Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 3.5.x through 4.0.REL, when enabling IPSec over TCP for a port on the concentrator, allow remote attackers to reach the private network without authentication. cpe:/a:cisco:vpn_3002_hardware_client cpe:/h:cisco:vpn_3015_concentrator cpe:/h:cisco:vpn_3030_concentator cpe:/h:cisco:vpn_3060_concentrator cpe:/h:cisco:vpn_3080_concentrator cpe:/o:cisco:vpn_3000_concentrator_series_software:2.0 cpe:/o:cisco:vpn_3000_concentrator_series_software:2.5.2.a cpe:/o:cisco:vpn_3000_concentrator_series_software:2.5.2.b cpe:/o:cisco:vpn_3000_concentrator_series_software:2.5.2.c cpe:/o:cisco:vpn_3000_concentrator_series_software:2.5.2.d cpe:/o:cisco:vpn_3000_concentrator_series_software:2.5.2.f cpe:/o:cisco:vpn_3000_concentrator_series_software:3.0 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.0.3.a cpe:/o:cisco:vpn_3000_concentrator_series_software:3.0.3.b cpe:/o:cisco:vpn_3000_concentrator_series_software:3.0.4 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.1 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.1%28rel%29 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.1.1 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.1.2 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.1.4 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.5%28rel%29 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.5.1 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.5.2 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.5.3 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.5.4 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.5.5 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.6 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.6.1 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.6.3 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.6.5 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.6.7 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.6.7.a cpe:/o:cisco:vpn_3000_concentrator_series_software:3.6.7.b cpe:/o:cisco:vpn_3000_concentrator_series_software:3.6.7.c cpe:/o:cisco:vpn_3000_concentrator_series_software:3.6.7.d cpe:/o:cisco:vpn_3000_concentrator_series_software:3.6.7d CVE-2003-0259 2003-05-27T00:00:00.000-04:00 2018-10-30T12:26:19.230-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CISCO 20030507 Cisco VPN 3000 Concentrator Vulnerabilities CERT-VN VU#317348 XF cisco-vpn-ssh-dos(11955) Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7 allows remote attackers to cause a denial of service (reload) via a malformed SSH initialization packet. cpe:/a:cisco:vpn_3002_hardware_client cpe:/h:cisco:vpn_3015_concentrator cpe:/h:cisco:vpn_3030_concentator cpe:/h:cisco:vpn_3060_concentrator cpe:/h:cisco:vpn_3080_concentrator cpe:/o:cisco:vpn_3000_concentrator_series_software:2.0 cpe:/o:cisco:vpn_3000_concentrator_series_software:2.5.2.a cpe:/o:cisco:vpn_3000_concentrator_series_software:2.5.2.b cpe:/o:cisco:vpn_3000_concentrator_series_software:2.5.2.c cpe:/o:cisco:vpn_3000_concentrator_series_software:2.5.2.d cpe:/o:cisco:vpn_3000_concentrator_series_software:2.5.2.f cpe:/o:cisco:vpn_3000_concentrator_series_software:3.0 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.0.3.a cpe:/o:cisco:vpn_3000_concentrator_series_software:3.0.3.b cpe:/o:cisco:vpn_3000_concentrator_series_software:3.0.4 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.1 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.1%28rel%29 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.1.1 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.1.2 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.1.4 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.5%28rel%29 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.5.1 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.5.2 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.5.3 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.5.4 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.5.5 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.6 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.6.1 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.6.3 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.6.5 cpe:/o:cisco:vpn_3000_concentrator_series_software:3.6.7 CVE-2003-0260 2003-05-27T00:00:00.000-04:00 2018-10-30T12:26:19.230-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CISCO 20030507 Cisco VPN 3000 Concentrator Vulnerabilities CERT-VN VU#221164 XF cisco-vpn-icmp-dos(11956) Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7A allow remote attackers to cause a denial of service (slowdown and possibly reload) via a flood of malformed ICMP packets. cpe:/a:fuzz:fuzz:0.6 CVE-2003-0261 2003-05-27T00:00:00.000-04:00 2008-09-10T15:18:26.570-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_USER_ACCESS DEBIAN DSA-302 fuzz 0.6 and earlier creates temporary files insecurely, which could allow local users to gain root privileges. cpe:/a:leksbot:leksbot:1.2 CVE-2003-0262 2003-05-27T00:00:00.000-04:00 2017-07-10T21:29:30.087-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS DEBIAN DSA-299 BID 7505 XF kataxwr-gain-privileges(11945) leksbot 1.2.3 in Debian GNU/Linux installs the KATAXWR as setuid root, which allows local users to gain root privileges by exploiting unknown vulnerabilities related to the escalated privileges, which KATAXWR is not designed to have. cpe:/a:floosietek:ftgatepro:1.22_1328 CVE-2003-0263 2003-05-27T00:00:00.000-04:00 2017-07-10T21:29:30.150-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS VULNWATCH 20030506 Multiple Buffer Overflow Vulnerabilities Found in FTGate Pro Mail Server v. 1.22 (1328) BUGTRAQ 20030506 Multiple Buffer Overflow Vulnerabilities Found in FTGate Pro Mail Server v. 1.22 (1328) BID 7506 BID 7508 XF ftgate-mailfrom-rcptto-bo(11951) Multiple buffer overflows in Floosietek FTGate Pro Mail Server (FTGatePro) 1.22 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands. cpe:/a:seattle_lab_software:slmail:5.1.0.4420 CVE-2003-0264 2003-05-27T00:00:00.000-04:00 2016-10-17T22:31:21.947-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030507 Multiple Buffer Overflow Vulnerabilities in SLMail (#NISR07052003A) NTBUGTRAQ 20030507 Multiple Buffer Overflow Vulnerabilities in SLMail (#NISR07052003A) MISC http://www.nextgenss.com/advisories/slmail-vulns.txt Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execute arbitrary code via (1) a long EHLO argument to slmail.exe, (2) a long XTRN argument to slmail.exe, (3) a long string to POPPASSWD, or (4) a long password to the POP3 server. cpe:/a:sap:sap_db:7.3.29 cpe:/a:sap:sap_db:7.4.3.7_beta CVE-2003-0265 2003-05-27T00:00:00.000-04:00 2016-10-17T22:31:23.277-04:00 6.2 LOCAL HIGH NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030507 SAP database local root vulnerability during installation. (fwd) BID 7421 Race condition in SDBINST for SAP database 7.3.0.29 creates critical files with world-writable permissions before initializing the setuid bits, which allows local attackers to gain root privileges by modifying the files before the permissions are changed. cpe:/a:bvrp_software:slwebmail:3.0 CVE-2003-0266 2003-05-27T00:00:00.000-04:00 2016-10-17T22:31:24.463-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030507 Multiple Vulnerabilities in SLWebmail NTBUGTRAQ 20030507 Multiple Vulnerabilities in SLWebmail MISC http://www.nextgenss.com/advisories/slwebmail-vulns.txt Multiple buffer overflows in SLWebMail 3 on Windows systems allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long Language parameter to showlogin.dll, (2) a long CompanyID parameter to recman.dll, (3) a long CompanyID parameter to admin.dll, or (4) a long CompanyID parameter to globallogin.dll. cpe:/a:bvrp_software:slwebmail:3.0 CVE-2003-0267 2003-05-27T00:00:00.000-04:00 2016-10-17T22:31:26.040-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030507 Multiple Vulnerabilities in SLWebmail NTBUGTRAQ 20030507 Multiple Vulnerabilities in SLWebmail MISC http://www.nextgenss.com/advisories/slwebmail-vulns.txt ShowGodLog.dll in SLWebMail 3 on Windows systems allows remote attackers to read arbitrary files by directly calling ShowGodLog.dll with an argument specifying the full path of the target file. cpe:/a:bvrp_software:slwebmail:3.0 CVE-2003-0268 2003-05-27T00:00:00.000-04:00 2016-10-17T22:31:27.230-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030507 Multiple Vulnerabilities in SLWebmail NTBUGTRAQ 20030507 Multiple Vulnerabilities in SLWebmail MISC http://www.nextgenss.com/advisories/slwebmail-vulns.txt SLWebMail 3 on Windows systems allows remote attackers to identify the full path of the server via invalid requests to DLLs such as WebMailReq.dll, which reveals the path in an error message. cpe:/a:youbin:youbin:2.5 cpe:/a:youbin:youbin:3.0 cpe:/a:youbin:youbin:3.4 CVE-2003-0269 2003-05-27T00:00:00.000-04:00 2017-07-10T21:29:30.227-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20030506 youbin local root exploit + advisory FULLDISC 20030506 youbin local root exploit + advisory BUGTRAQ 20030506 youbin local root exploit + advisory BID 7503 XF youbin-home-bo(11949) Buffer overflow in youbin allows local users to gain privileges via a long HOME environment variable. cpe:/h:apple:802.11n:7.3.1 CVE-2003-0270 2003-06-16T00:00:00.000-04:00 2017-07-10T21:29:30.277-04:00 7.6 NETWORK HIGH NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SECTRACK 1006742 ATSTAKE A051203-1 BID 7554 XF airport-auth-credentials-disclosure(11980) The administration capability for Apple AirPort 802.11 wireless access point devices uses weak encryption (XOR with a fixed key) for protecting authentication credentials, which could allow remote attackers to obtain administrative access via sniffing when the capability is available via Ethernet or non-WEP connections. cpe:/a:cooolsoft:personal_ftp_server CVE-2003-0271 2003-05-27T00:00:00.000-04:00 2016-10-17T22:31:29.777-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030508 Remote Stack Overflow exploit for Personal FTPD MISC http://security.nnov.ru/search/document.asp?docid=4309 BUGTRAQ 20030331 Personal FTP Server Buffer overflow in Personal FTP Server allows remote attackers to execute arbitrary code via a long USER argument. cpe:/a:miniportal:miniportal:1.9 cpe:/a:miniportal:miniportal:2.0 cpe:/a:miniportal:miniportal:2.1 cpe:/a:miniportal:miniportal:2.2 CVE-2003-0272 2003-05-27T00:00:00.000-04:00 2016-10-17T22:31:31.213-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030508 miniPortail (PHP) : Admin Access MISC http://www.frog-man.org/tutos/miniPortail.txt admin.php in miniPortail allows remote attackers to gain administrative privileges by setting the miniPortailAdmin cookie to an "adminok" value. cpe:/a:best_practical_solutions:request_tracker:1.0.0 cpe:/a:best_practical_solutions:request_tracker:1.0.1 cpe:/a:best_practical_solutions:request_tracker:1.0.2 cpe:/a:best_practical_solutions:request_tracker:1.0.3 cpe:/a:best_practical_solutions:request_tracker:1.0.4 cpe:/a:best_practical_solutions:request_tracker:1.0.5 cpe:/a:best_practical_solutions:request_tracker:1.0.6 cpe:/a:best_practical_solutions:request_tracker:1.0.7 CVE-2003-0273 2003-05-27T00:00:00.000-04:00 2016-10-17T22:31:32.340-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONFIRM http://lists.fsck.com/pipermail/rt-announce/2003-May/000071.html BUGTRAQ 20030508 Fw: [rt-users] [rt-announce] RT 1.0.7 vulnerable to Cross Site Scripting attacks Cross-site scripting (XSS) vulnerability in the web interface for Request Tracker (RT) 1.0 through 1.0.7 allows remote attackers to execute script via message bodies. cpe:/a:cren:listproc:8.2.9 CVE-2003-0274 2003-05-27T00:00:00.000-04:00 2016-10-17T22:31:33.417-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030508 SRT2003-05-08-1137 - ListProc mailing list ULISTPROC_UMASK overflow Buffer overflow in catmail for ListProc 8.2.09 and earlier allows remote attackers to execute arbitrary code via a long ULISTPROC_UMASK value. cpe:/a:yabb:yabb:1.5.2::second_edition CVE-2003-0275 2003-06-16T00:00:00.000-04:00 2016-10-17T22:31:34.730-04:00 5.1 NETWORK HIGH NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030509 II-Labs Advisory: Remote code execution in YaBBse 1.5.2 (php version) SSI.php in YaBB SE 1.5.2 allows remote attackers to execute arbitrary PHP code by modifying the sourcedir parameter to reference a URL on a remote web server that contains the code. cpe:/a:pi3:pi3web:2.0.1 CVE-2003-0276 2003-06-16T00:00:00.000-04:00 2017-07-10T21:29:30.320-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030428 Pi3Web 2.0.1 DoS BUGTRAQ 20030512 Unix Version of the Pi3web DoS BID 7555 XF pi3web-get-request-bo(11889) Buffer overflow in Pi3Web 2.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a GET request with a large number of / characters. cpe:/a:happycgi:happymall:4.3 cpe:/a:happycgi:happymall:4.4 CVE-2003-0277 2003-06-16T00:00:00.000-04:00 2017-07-10T21:29:30.383-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030512 One more flaw in Happymall BID 7559 XF happymall-dotdot-directory-traversal(11987) Directory traversal vulnerability in normal_html.cgi in Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the file parameter. cpe:/a:happycgi.com:happymall:4.3 cpe:/a:happycgi.com:happymall:4.4 CVE-2003-0278 2003-06-16T00:00:00.000-04:00 2017-07-10T21:29:30.430-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030512 One more flaw in Happymall BID 7557 XF happymall-normalhtml-xss(11988) Cross-site scripting (XSS) vulnerability in normal_html.cgi in Happycgi.com Happymall 4.3 and 4.4 allows remote attackers to insert arbitrary web script via the file parameter. cpe:/a:francisco_burzi:php-nuke:5.0 cpe:/a:francisco_burzi:php-nuke:6.0 CVE-2003-0279 2003-06-16T00:00:00.000-04:00 2017-07-10T21:29:30.477-04:00 2.6 NETWORK HIGH NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030513 More and More SQL injection on PHP-Nuke 6.5. BUGTRAQ 20030512 Lot of SQL injection on PHP-Nuke 6.5 (secure weblog!) BID 7558 BID 7588 XF phpnuke-web-sql-injection(11984) Multiple SQL injection vulnerabilities in the Web_Links module for PHP-Nuke 5.x through 6.5 allows remote attackers to steal sensitive information via numeric fields, as demonstrated using (1) the viewlink function and cid parameter, or (2) index.php. cpe:/a:youngzsoft:cmailserver:4.0.2003.23.27 CVE-2003-0280 2003-06-16T00:00:00.000-04:00 2017-07-10T21:29:30.527-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20030510 Multiple Buffer Overflow Vulnerabilities Found in CMailServer 4.0 BUGTRAQ 20030510 Multiple Buffer Overflow Vulnerabilities Found in CMailServer 4.0 BID 7547 BID 7548 XF cmailserver-smtp-bo(11975) Multiple buffer overflows in the SMTP Service for ESMTP CMailServer 4.0.2003.03.27 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands. cpe:/a:firebirdsql:firebird:1.0.2 CVE-2003-0281 2003-06-16T00:00:00.000-04:00 2017-07-10T21:29:30.587-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030509 Firebird Local exploit BUGTRAQ 20020617 Interbase 6.0 malloc() issues GENTOO GLSA-200405-18 BID 7546 XF firebird-interbase-bo(11977) Buffer overflow in Firebird 1.0.2 and other versions before 1.5, and possibly other products that use the InterBase codebase, allows local users to execute arbitrary code via a long INTERBASE environment variable when calling (1) gds_inet_server, (2) gds_lock_mgr, or (3) gds_drop. cpe:/a:info-zip:unzip:5.50 cpe:/o:sco:openlinux_server:3.1.1 cpe:/o:sco:openlinux_workstation:3.1.1 CVE-2003-0282 2003-06-16T00:00:00.000-04:00 2017-10-10T21:29:08.590-04:00 2.6 NETWORK HIGH NONE NONE PARTIAL NONE http://nvd.nist.gov CALDERA CSSA-2003-031.0 CONECTIVA CLA-2003:672 IMMUNIX IMNX-2003-7+-017-01 BUGTRAQ 20030509 unzip directory traversal revisited BUGTRAQ 20030710 [OpenPKG-SA-2003.033] OpenPKG Security Advisory (infozip) CIAC N-111 DEBIAN DSA-344 CONFIRM http://www.info-zip.org/FAQ.html MANDRAKE MDKSA-2003:073 REDHAT RHSA-2003:199 REDHAT RHSA-2003:200 BID 7550 TURBO TLSA-2003-42 XF unzip-dotdot-directory-traversal(12004) Directory traversal vulnerability in UnZip 5.50 allows attackers to overwrite arbitrary files via invalid characters between two . (dot) characters, which are filtered and result in a ".." sequence. cpe:/a:phorum:phorum:3.4.3 CVE-2003-0283 2003-06-16T00:00:00.000-04:00 2017-07-10T21:29:30.697-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030509 A Phorum's bug... BUGTRAQ 20030509 Re: A Phorum's bug... BID 7545 XF phorum-message-html-injection(11974) Cross-site scripting (XSS) vulnerability in Phorum before 3.4.3 allows remote attackers to inject arbitrary web script and HTML tags via a message with a "<<" before a tag name in the (1) subject, (2) author's name, or (3) author's e-mail. cpe:/a:adobe:acrobat:5.0 CVE-2003-0284 2003-06-16T00:00:00.000-04:00 2008-09-05T16:33:57.177-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS CONFIRM http://www.adobe.com/support/downloads/detail.jsp?ftpID=2121 CERT-VN VU#184820 Adobe Acrobat 5 does not properly validate JavaScript in PDF files, which allows remote attackers to write arbitrary files into the Plug-ins folder that spread to other PDF documents, as demonstrated by the W32.Yourde virus. cpe:/o:ibm:aix:5.2 CVE-2003-0285 2003-06-16T00:00:00.000-04:00 2017-07-10T21:29:30.743-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030513 AIX sendmail open relay MISC http://security.sdsc.edu/advisories/2003.05.13-AIX-sendmail.txt CERT-VN VU#814617 BID 7580 XF aix-sendmail-mail-relay(11993) IBM AIX 5.2 and earlier distributes Sendmail with a configuration file (sendmail.cf) with the (1) promiscuous_relay, (2) accept_unresolvable_domains, and (3) accept_unqualified_senders features enabled, which allows Sendmail to be used as an open mail relay for sending spam e-mail. cpe:/a:snitz_communications:snitz_forums_2000:3.3.03 CVE-2003-0286 2003-06-16T00:00:00.000-04:00 2017-07-10T21:29:30.807-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030512 Snitz Forum 3.3.03 Remote Command Execution BUGTRAQ 20030513 Snitz Forum 3.3.03 Remote Command Execution MISC http://packetstormsecurity.org/0305-exploits/snitz_exec.txt BID 35764 BID 7549 XF snitz-register-sql-injection(11981) SQL injection vulnerability in register.asp in Snitz Forums 2000 before 3.4.03, and possibly 3.4.07 and earlier, allows remote attackers to execute arbitrary stored procedures via the Email variable. cpe:/a:six_apart:movable_type:2.6 cpe:/a:six_apart:movable_type:2.63 CVE-2003-0287 2003-06-16T00:00:00.000-04:00 2017-07-10T21:29:30.853-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030512 CSS found in Movable Type BUGTRAQ 20030512 Re: CSS found in Movable Type BUGTRAQ 20030513 Re: CSS found in Movable Type -- Nope BID 7560 XF movable-type-comment-xss(12003) Cross-site scripting (XSS) vulnerability in Movable Type before 2.6, and possibly other versions including 2.63, allows remote attackers to insert arbitrary web script or HTML via the Name textbox, possibly when the "Allow HTML in comments?" option is enabled. cpe:/a:hiroaki_shirouzu:ip_messenger:2.00 CVE-2003-0288 2003-06-16T00:00:00.000-04:00 2017-07-10T21:29:30.917-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030513 [SNS Advisory No.64] IP Messenger for Win Buffer Overflow Vulnerability MISC http://www.lac.co.jp/security/english/snsadv_e/64_e.html BID 7566 XF ip-messenger-filename-bo(11986) Buffer overflow in the file & folder transfer mechanism for IP Messenger for Win 2.00 through 2.02 allows remote attackers to execute arbitrary code via file with a long filename, which triggers the overflow when the user saves the file. cpe:/a:cdrtools:cdrecord:1.11 cpe:/a:cdrtools:cdrecord:2.0 CVE-2003-0289 2003-06-16T00:00:00.000-04:00 2017-07-10T21:29:30.963-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CONFIRM ftp://ftp.berlios.de/pub/cdrecord/alpha/cdrtools-2.01a14.tar.gz GENTOO 200305-06 BUGTRAQ 20030513 cdrtools2.0 Format String Vulnerability BUGTRAQ 20030513 Cdrecord_local_root_exploit. MANDRAKE MDKSA-2003:058 MISC http://www.securiteam.com/exploits/5ZP0C2AAAC.html BID 7565 XF cdrtools-scsiopen-format-string(12007) Format string vulnerability in scsiopen.c of the cdrecord program in cdrtools 2.0 allows local users to gain privileges via format string specifiers in the dev parameter. cpe:/a:etype:eserv:2.9x CVE-2003-0290 2003-06-16T00:00:00.000-04:00 2017-07-10T21:29:31.010-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov VULNWATCH 20030511 eServ Memory Leak Enables Denial of Service Attacks BUGTRAQ 20030511 eServ Memory Leak Enables Denial of Service Attacks BUGTRAQ 20030513 eServ Memory Leak Solution BID 7552 XF eserv-multiple-connections-dos(11973) Memory leak in eServ 2.9x allows remote attackers to cause a denial of service (memory exhaustion) via a large number of connections, whose memory is not freed when the connection is terminated. cpe:/h:3com:3cp4144:1.1.7 CVE-2003-0291 2003-06-16T00:00:00.000-04:00 2017-07-10T21:29:31.057-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030514 Memory leak in 3COM 812 DSL routers BUGTRAQ 20030515 RE : Memory leak in 3COM DSL routers MISC http://nautopia.coolfreepages.com/vulnerabilidades/3com812_dhcp_leak.htm BID 7592 XF 3com-officeconnect-memory-leak(11999) 3com OfficeConnect Remote 812 ADSL Router 1.1.7 does not properly clear memory from DHCP responses, which allows remote attackers to identify the contents of previous HTTP requests by sniffing DHCP packets. cpe:/a:inktomi:inktomi_traffic-server:5.5.1 CVE-2003-0292 2003-06-16T00:00:00.000-04:00 2016-10-17T22:31:55.670-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030514 Inktomi Traffic-Server XSS: man-in-the-middle XSS ! BID 7596 Cross-site scripting (XSS) vulnerability in Inktomi Traffic-Server 5.5.1 allows remote attackers to insert arbitrary web script or HTML into an error page that appears to come from the domain that the client is visiting, aka "Man-in-the-Middle" XSS. cpe:/o:palm:palmos CVE-2003-0293 2003-06-16T00:00:00.000-04:00 2016-10-17T22:31:56.827-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030514 PalmOS ICMP flood DoS. PalmOS allows remote attackers to cause a denial of service (CPU consumption) via a flood of ICMP echo request (ping) packets. cpe:/a:php-proxima:php-proxima:6.0 CVE-2003-0294 2003-06-16T00:00:00.000-04:00 2016-10-17T22:31:58.063-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030514 php-proxima Remote File Access Vulnerability autohtml.php in php-proxima 6.0 and earlier allows remote attackers to read arbitrary files via the name parameter in a modload operation. cpe:/a:jelsoft:vbulletin:3.0.0_beta_2 CVE-2003-0295 2003-06-16T00:00:00.000-04:00 2016-10-17T22:31:59.157-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030514 VBulletin Preview Message - XSS Vuln BUGTRAQ 20030514 Re: VBulletin Preview Message - XSS Vuln Cross-site scripting (XSS) vulnerability in private.php for vBulletin 3.0.0 Beta 2 allows remote attackers to inject arbitrary web script and HTML via the "Preview Message" capability. cpe:/a:ximian:evolution:1.2.4 CVE-2003-0296 2003-06-16T00:00:00.000-04:00 2016-10-17T22:32:00.217-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030514 Buffer overflows in multiple IMAP clients The IMAP Client for Evolution 1.2.4 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors. cpe:/a:university_of_washington:c-client cpe:/a:university_of_washington:imap-2002b cpe:/a:university_of_washington:pine:4.53 CVE-2003-0297 2003-06-16T00:00:00.000-04:00 2018-10-19T11:29:35.120-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030514 Buffer overflows in multiple IMAP clients REDHAT RHSA-2005:015 REDHAT RHSA-2005:114 FEDORA FLSA:184074 c-client IMAP Client, as used in imap-2002b and Pine 4.53, allows remote malicious IMAP servers to cause a denial of service (crash) and possibly execute arbitrary code via certain large (1) literal and (2) mailbox size values that cause either integer signedness errors or integer overflow errors. cpe:/a:mozilla:mozilla:1.3 cpe:/a:mozilla:mozilla:1.4:alpha CVE-2003-0298 2003-06-16T00:00:00.000-04:00 2016-10-17T22:32:02.923-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030514 Buffer overflows in multiple IMAP clients The IMAP Client for Mozilla 1.3 and 1.4a allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large (1) literal and possibly (2) mailbox size values that cause either integer signedness errors or integer overflow errors. cpe:/a:mutt:mutt:1.4.1 cpe:/a:stuart_parmenter:balsa:2.0.10 CVE-2003-0299 2003-06-16T00:00:00.000-04:00 2016-10-17T22:32:04.063-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030514 Buffer overflows in multiple IMAP clients The IMAP Client, as used in mutt 1.4.1 and Balsa 2.0.10, allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large mailbox size values that cause either integer signedness errors or integer overflow errors. cpe:/a:microsoft:outlook_express:6.00.2800.1106 cpe:/a:mozilla:mozilla:1.3 cpe:/a:mozilla:mozilla:1.4:alpha cpe:/a:mutt:mutt:1.4.1 cpe:/a:qualcomm:eudora:5.2.1 cpe:/a:stuart_parmenter:balsa:2.0.10 cpe:/a:sylpheed:sylpheed_email_client:0.8.11 cpe:/a:university_of_washington:pine:4.53 cpe:/a:ximian:evolution:1.2.4 CVE-2003-0300 2003-06-16T00:00:00.000-04:00 2016-10-17T22:32:05.313-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030514 Buffer overflows in multiple IMAP clients The IMAP Client for Sylpheed 0.8.11 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors. cpe:/a:microsoft:outlook_express:6.00.2800.1106 CVE-2003-0301 2003-06-16T00:00:00.000-04:00 2016-10-17T22:32:06.720-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030514 Buffer overflows in multiple IMAP clients The IMAP Client for Outlook Express 6.00.2800.1106 allows remote malicious IMAP servers to cause a denial of service (crash) via certain large literal size values that cause either integer signedness errors or integer overflow errors. cpe:/a:qualcomm:eudora:5.2.1 CVE-2003-0302 2003-06-16T00:00:00.000-04:00 2016-10-17T22:32:07.923-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030514 Buffer overflows in multiple IMAP clients The IMAP Client for Eudora 5.2.1 allows remote malicious IMAP servers to cause a denial of service and possibly execute arbitrary code via certain large literal size values that cause either integer signedness errors or integer overflow errors. cpe:/a:oneorzero:oneorzero_helpdesk:1.4_rc4 CVE-2003-0303 2003-06-09T00:00:00.000-04:00 2016-10-17T22:32:08.987-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov VULNWATCH 20030515 OneOrZero Security Problems (PHP) BUGTRAQ 20030515 OneOrZero Security Problems (PHP) BID 7609 SQL injection vulnerability in one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to modify arbitrary ticket number descriptions via the sg parameter. cpe:/a:oneorzero:oneorzero_helpdesk:1.4_rc4 CVE-2003-0304 2003-06-09T00:00:00.000-04:00 2016-10-17T22:32:10.267-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20030515 OneOrZero Security Problems (PHP) BUGTRAQ 20030515 OneOrZero Security Problems (PHP) one||zero (aka One or Zero) Helpdesk 1.4 rc4 allows remote attackers to create administrator accounts by directly calling the install.php Helpdesk Installation script. cpe:/o:cisco:ios:12.0%2815%29s cpe:/o:cisco:ios:12.0%2815%29sc cpe:/o:cisco:ios:12.0%2815%29sl cpe:/o:cisco:ios:12.0%2816%29s cpe:/o:cisco:ios:12.0%2816%29sc cpe:/o:cisco:ios:12.0%2816%29st cpe:/o:cisco:ios:12.0%2817%29s cpe:/o:cisco:ios:12.0%2817%29sl cpe:/o:cisco:ios:12.0%2818%29s cpe:/o:cisco:ios:12.0%2818%29sl cpe:/o:cisco:ios:12.0%2819%29s cpe:/o:cisco:ios:12.0%2819%29sl cpe:/o:cisco:ios:12.0%2819%29sp cpe:/o:cisco:ios:12.0%2820%29sl cpe:/o:cisco:ios:12.0%2820%29sp cpe:/o:cisco:ios:12.0%2821%29s cpe:/o:cisco:ios:12.0%2821%29sl cpe:/o:cisco:ios:12.0%2821%29sx cpe:/o:cisco:ios:12.1%288%29ea cpe:/o:cisco:ios:12.1%289%29ea cpe:/o:cisco:ios:12.1%2810%29 cpe:/o:cisco:ios:12.1%2810%29e cpe:/o:cisco:ios:12.1%2810%29ec cpe:/o:cisco:ios:12.1%2810%29ex cpe:/o:cisco:ios:12.1%2810%29ey cpe:/o:cisco:ios:12.1%2810.5%29ec cpe:/o:cisco:ios:12.1%2810a%29 cpe:/o:cisco:ios:12.1%2811%29 cpe:/o:cisco:ios:12.1%2811.5%29e cpe:/o:cisco:ios:12.1%2811a%29 cpe:/o:cisco:ios:12.1%2811b%29 cpe:/o:cisco:ios:12.1%2811b%29e cpe:/o:cisco:ios:12.1%2812%29 cpe:/o:cisco:ios:12.1%2812a%29 cpe:/o:cisco:ios:12.1%2812b%29 cpe:/o:cisco:ios:12.1%2812c%29 cpe:/o:cisco:ios:12.1%2813%29 cpe:/o:cisco:ios:12.1%2814%29 cpe:/o:cisco:ios:12.1%2814.5%29 cpe:/o:cisco:ios:12.2%286.8a%29 cpe:/o:cisco:ios:12.2%287%29 cpe:/o:cisco:ios:12.2%287%29da cpe:/o:cisco:ios:12.2%287a%29 cpe:/o:cisco:ios:12.2%287b%29 cpe:/o:cisco:ios:12.2%287c%29 cpe:/o:cisco:ios:12.2%289%29s cpe:/o:cisco:ios:12.2%289.4%29da cpe:/o:cisco:ios:12.2%2810.5%29s CVE-2003-0305 2003-06-09T00:00:00.000-04:00 2017-10-10T21:29:08.667-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CISCO 20030515 Cisco Security Advisory: Cisco IOS Software Processing of SAA Packets The Service Assurance Agent (SAA) in Cisco IOS 12.0 through 12.2, aka Response Time Reporter (RTR), allows remote attackers to cause a denial of service (crash) via malformed RTR packets to port 1967. cpe:/o:microsoft:windows_xp::gold CVE-2003-0306 2003-06-09T00:00:00.000-04:00 2018-10-12T17:32:35.523-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030511 Detailed analysis: Buffer overflow in Explorer.exe on Windows XP SP1 BUGTRAQ 20030515 Re[2]: EXPLOIT: Buffer overflow in Explorer.exe on Windows XP SP1 VULN-DEV 20030507 Buffer overflow in Explorer.exe MS MS03-027 Buffer overflow in EXPLORER.EXE on Windows XP allows attackers to execute arbitrary code as the XP user via a desktop.ini file with a long .ShellClassInfo parameter. cpe:/a:poster:poster:version.two CVE-2003-0307 2003-06-09T00:00:00.000-04:00 2016-10-17T22:32:12.893-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030514 [VULNERABILITY] PHP 'poster version.two' Poster version.two allows remote authenticated users to gain administrative privileges by appending the "|" field separator and an "admin" value into the email address field. cpe:/a:sendmail:sendmail:8.9.3 cpe:/a:sendmail:sendmail:8.12.3 cpe:/a:sendmail:sendmail:8.12.9 cpe:/o:debian:debian_linux:3.0 CVE-2003-0308 2003-05-15T00:00:00.000-04:00 2008-11-11T00:29:40.900-05:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CONFIRM http://bugs.debian.org/496408 CONFIRM http://dev.gentoo.org/~rbu/security/debiantemp/sendmail-base DEBIAN DSA-305 MLIST [oss-security] 20081030 CVE requests: tempfile issues for aview, mgetty, openoffice, crossfire CONFIRM https://bugs.gentoo.org/show_bug.cgi?id=235770 The Sendmail 8.12.3 package in Debian GNU/Linux 3.0 does not securely create temporary files, which could allow local users to gain additional privileges via (1) expn, (2) checksendmail, or (3) doublebounce.pl. cpe:/a:microsoft:ie:6.0.2800 CVE-2003-0309 2003-06-09T00:00:00.000-04:00 2018-10-12T17:32:36.227-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030508 Flooding Internet Explorer 6.0.2800 (6.x?) security zones ! [CRITICAL] BUGTRAQ 20030513 Flooding Internet Explorer 6.0.2800 (6.x?) security zones ! - UPDATED NTBUGTRAQ 20030513 Flooding Internet Explorer 6.0.2800 (6.x?) security zones ! - UPDATED CERT-VN VU#251788 BID 7539 MS MS03-020 XF ie-frame-restrictions-bypass(12019) Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to bypass security zone restrictions and execute arbitrary programs via a web document with a large number of duplicate file:// or other requests that point to the program and open multiple file download dialogs, which eventually cause Internet Explorer to execute the program, as demonstrated using a large number of FRAME or IFRAME tags, aka the "File Download Dialog Vulnerability." cpe:/a:ez:ez_publish:2.2 CVE-2003-0310 2003-06-16T00:00:00.000-04:00 2016-10-17T22:32:15.237-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030516 EzPublish Directory XSS Vulnerability Cross-site scripting (XSS) vulnerability in articleview.php for eZ publish 2.2 allows remote attackers to insert arbitrary web script. cpe:/a:snowblind.net:snowblind_web_server:1.0 CVE-2003-0312 2003-06-16T00:00:00.000-04:00 2016-10-17T22:32:16.457-04:00 6.4 NETWORK LOW NONE PARTIAL NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030516 Snowblind Web Server: multiple issues Directory traversal vulnerability in Snowblind Web Server 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request. cpe:/a:snowblind.net:snowblind_web_server:1.0 CVE-2003-0313 2003-06-16T00:00:00.000-04:00 2016-10-17T22:32:17.737-04:00 6.4 NETWORK LOW NONE PARTIAL NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030516 Snowblind Web Server: multiple issues Directory traversal vulnerability in Snowblind Web Server 1.0 allows remote attackers to list arbitrary directory contents via a ... (triple dot) in an HTTP request. cpe:/a:snowblind.net:snowblind_web_server:1.0 CVE-2003-0314 2003-06-16T00:00:00.000-04:00 2016-10-17T22:32:18.753-04:00 6.4 NETWORK LOW NONE PARTIAL NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030516 Snowblind Web Server: multiple issues Snowblind Web Server 1.0 allows remote attackers to cause a denial of service (crash) via a URL that ends in a "</" sequence. cpe:/a:snowblind.net:snowblind_web_server:1.0 CVE-2003-0315 2003-06-16T00:00:00.000-04:00 2016-10-17T22:32:19.893-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030516 Snowblind Web Server: multiple issues Snowblind Web Server 1.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP request, which may trigger a buffer overflow. cpe:/a:fourelle_venturi_wireless:venturi_client:2.2 CVE-2003-0316 2003-06-16T00:00:00.000-04:00 2008-09-05T16:34:01.550-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 BUGTRAQ 20030516 Venturi Client 2.1 confirmed as open relay [Verizon Wireless Mobile Office] MISC http://www.venturiwireless.com/tech_support/Q_and_A/Q_A_09.htm Venturi Client before 2.2, as used in certain Fourelle and Venturi Wireless products, can be used as an open proxy for various protocols, including an open relay for SMTP, which allows it to be abused by spammers. cpe:/a:iisprotect:iisprotect:2.1 cpe:/a:iisprotect:iisprotect:2.2 CVE-2003-0317 2003-12-31T00:00:00.000-05:00 2008-10-03T00:20:39.637-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov IDEFENSE 20030522 Authentication Bypass in iisPROTECT iisPROTECT 2.1 and 2.2 allows remote attackers to bypass authentication via an HTTP request containing URL-encoded characters. cpe:/a:francisco_burzi:php-nuke:6.0 CVE-2003-0318 2003-06-09T00:00:00.000-04:00 2016-10-17T22:32:21.520-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030517 PHP-Nuke code injection in Yearly Stats at Statistics module Cross-site scripting (XSS) vulnerability in the Statistics module for PHP-Nuke 6.0 and earlier allows remote attackers to insert arbitrary web script via the year parameter. cpe:/a:smartmax_software:mailmax:5.0.10.8 CVE-2003-0319 2003-06-09T00:00:00.000-04:00 2016-10-17T22:32:22.863-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030517 Buffer overflow vulnerability found in MailMax version 5 BUGTRAQ 20030517 Buffer overflow vulnerability found in MailMax version 5 Buffer overflow in the IMAP server (IMAPMax) for SmartMax MailMax 5.0.10.8 and earlier allows remote authenticated users to execute arbitrary code via a long SELECT command. cpe:/a:andy_prevost:ttcms:2.3 CVE-2003-0320 2003-06-09T00:00:00.000-04:00 2016-10-17T22:32:23.973-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030517 Remote code execution in ttCMS <=v2.3 header.php in ttCMS 2.3 and earlier allows remote attackers to inject arbitrary PHP code by setting the ttcms_user_admin parameter to "1" and modifying the admin_root parameter to point to a URL that contains a Trojan horse header.inc.php script. cpe:/a:colten_edwards:bitchx:1.0.0c19 CVE-2003-0321 2003-06-09T00:00:00.000-04:00 2016-10-17T22:32:25.177-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONECTIVA CLA-2003:655 BUGTRAQ 20030313 Buffer overflows in ircII-based clients BUGTRAQ 20030324 GLSA: bitchx (200303-21) MISC http://security.debian.org/pool/updates/main/i/ircii-pana/ircii-pana_1.0-0c16-2.1.diff.gz DEBIAN DSA-306 BID 7096 BID 7097 BID 7099 BID 7100 Multiple buffer overflows in BitchX IRC client 1.0-0c19 and earlier allow remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via long hostnames, nicknames, or channel names, which are not properly handled by the functions (1) send_ctcp, (2) cannot_join_channel, (3) cluster, (4) BX_compress_modes, (5) handle_oper_vision, and (6) ban_it. cpe:/a:colten_edwards:bitchx:1.0.0c19 CVE-2003-0322 2003-06-09T00:00:00.000-04:00 2008-09-05T16:34:02.393-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 MISC http://security.debian.org/pool/updates/main/i/ircii-pana/ircii-pana_1.0-0c16-2.1.diff.gz DEBIAN DSA-306 Integer overflow in BitchX IRC client 1.0-0c19 and earlier allows remote malicious IRC servers to cause a denial of service (crash). cpe:/a:michael_sandrof:ircii:2002-09-12 CVE-2003-0323 2003-06-09T00:00:00.000-04:00 2016-10-17T22:32:26.613-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030313 Buffer overflows in ircII-based clients BUGTRAQ 20030319 [OpenPKG-SA-2003.024] OpenPKG Security Advisory (ircii) DEBIAN DSA-291 DEBIAN DSA-298 BID 7098 Multiple buffer overflows in ircII 20020912 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via responses that are not properly fed to the my_strcat function by (1) ctcp_buffer, (2) cannot_join_channel, (3) status_make_printable for Statusbar drawing, (4) create_server_list, and possibly other functions. cpe:/a:epic:epic4:1.0.1 CVE-2003-0324 2003-06-09T00:00:00.000-04:00 2016-10-17T22:32:27.897-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030313 Buffer overflows in ircII-based clients DEBIAN DSA-287 BID 7091 Buffer overflows in EPIC IRC Client (EPIC4) 1.0.1 allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via long replies that are not properly handled by the (1) userhost_cmd_returned function, or (2) Statusbar capability. cpe:/a:ambrosia_software:maelstrom:3.0.5 cpe:/a:ambrosia_software:maelstrom:3.0.6 CVE-2003-0325 2003-06-09T00:00:00.000-04:00 2016-10-17T22:32:29.097-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030518 Maelstrom Buffer Overflow BUGTRAQ 20030519 Maelstrom exploit BUGTRAQ 20030520 Maelstrom Local Buffer Overflow Exploit, FreeBSD 4.8 edition Buffer overflow in Maelstrom 3.0.6, 3.0.5, and earlier allows local users to execute arbitrary code via a long -server command line argument. cpe:/a:slocate:slocate CVE-2003-0326 2003-06-09T00:00:00.000-04:00 2016-10-17T22:32:30.473-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030519 bazarr slocate BID 7629 Integer overflow in parse_decode_path() of slocate may allow attackers to execute arbitrary code via a LOCATE_PATH with a large number of ":" (colon) characters, whose count is used in a call to malloc. cpe:/a:sybase:adaptive_server_enterprise:12.5 CVE-2003-0327 2003-12-15T00:00:00.000-05:00 2017-07-10T21:29:31.213-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20031120 R7-0016: Sybase ASE 12.5 Remote Password Array Denial of Service MISC http://www.rapid7.com/advisories/R7-0016.html XF sybase-passwordarray-bo(13800) Sybase Adaptive Server Enterprise (ASE) 12.5 allows remote attackers to cause a denial of service (hang) via a remote password array with an invalid length, which triggers a heap-based buffer overflow. cpe:/a:epic:epic4:pre2.002 cpe:/a:epic:epic4:pre2.003 CVE-2003-0328 2003-06-09T00:00:00.000-04:00 2008-09-05T16:34:03.237-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS CONFIRM ftp://ftp.prbh.org/pub/epic/patches/alloca_underrun-patch-1 DEBIAN DSA-306 DEBIAN DSA-399 REDHAT RHSA-2003:342 EPIC IRC Client (EPIC4) pre2.002, pre2.003, and possibly later versions, allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via a CTCP request from a large nickname, which causes an incorrect length calculation. cpe:/a:aclogic:cesarftp:0.99g CVE-2003-0329 2003-06-09T00:00:00.000-04:00 2016-10-17T22:32:33.020-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030520 Plaintext Password in Settings.ini of CesarFTP BUGTRAQ 20030520 Plaintext Password in Settings.ini of CesarFTP CesarFTP 0.99g stores user names and passwords in plaintext in the settings.ini file, which could allow local users to gain privileges. cpe:/a:ambrosia_software:maelstrom CVE-2003-0330 2003-06-09T00:00:00.000-04:00 2016-10-17T22:32:34.303-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030520 Maelstrom Local Buffer Overflow Exploit SECTRACK 1008832 Buffer overflow in unknown versions of Maelstrom allows local users to execute arbitrary code via a long -player command line argument. cpe:/a:ttcms:ttforum:4 CVE-2003-0331 2003-06-09T00:00:00.000-04:00 2016-10-17T22:32:35.723-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030520 More vulnerabilities in ttForum/ttCMS -> SQL injection SQL injection vulnerability in ttForum allows remote attackers to execute arbitrary SQL and gain ttForum Administrator privileges via the Ignorelist-Textfield argument in the Preferences page. cpe:/a:working_resources_inc.:badblue:2.2 CVE-2003-0332 2003-06-09T00:00:00.000-04:00 2016-10-17T22:32:36.880-04:00 7.6 NETWORK HIGH NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20030520 BadBlue Remote Administrative Interface Access Vulnerability BUGTRAQ 20030520 BadBlue Remote Administrative Interface Access Vulnerability The ISAPI extension in BadBlue 1.7 through 2.2, and possibly earlier versions, modifies the first two letters of a filename extension after performing a security check, which allows remote attackers to bypass authentication via a filename with a .ats extension instead of a .hts extension. cpe:/o:hp:hp-ux:10.20 cpe:/o:hp:hp-ux:11.00 CVE-2003-0333 2003-05-19T00:00:00.000-04:00 2017-07-10T21:29:31.260-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030502 HP-UX 11.0 /usr/bin/kermit BUGTRAQ 20030502 Re: from bugtraq: HP-UX 11.0 /usr/bin/kermit (fwd) CERT-VN VU#971364 BID 7627 XF hp-ckermit-bo(11929) Multiple buffer overflows in kermit in HP-UX 10.20 and 11.00 (C-Kermit 6.0.192 and possibly other versions before 8.0) allow local users to gain privileges via long arguments to (1) ask, (2) askq, (3) define, (4) assign, and (5) getc, some of which may share the same underlying function "doask," a different vulnerability than CVE-2001-0085. cpe:/a:colten_edwards:bitchx:1.0c20cvs CVE-2003-0334 2003-05-10T00:00:00.000-04:00 2017-07-10T21:29:31.320-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONECTIVA CLA-2003:655 BUGTRAQ 20030510 BitchX: Crash when channel modes change MANDRAKE MDKSA-2003:069 BID 7551 XF bitchx-mode-change-dos(12008) BitchX IRC client 1.0c20cvs and earlier allows attackers to cause a denial of service (core dump) via certain channel mode changes that are not properly handled in names.c. cpe:/o:slackware:slackware_linux:9.0 CVE-2003-0335 2003-05-22T00:00:00.000-04:00 2016-10-17T22:32:40.773-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030522 [slackware-security] quotacheck security fix in rc.M (SSA:2003-141-06) rc.M in Slackware 9.0 calls quotacheck with the -M option, which causes the filesystem to be remounted and possibly reset security-relevant mount flags such as nosuid, nodev, and noexec. cpe:/a:qualcomm:eudora:5.2.1 CVE-2003-0336 2003-05-22T00:00:00.000-04:00 2016-10-17T22:32:41.913-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030522 Eudora 5.2.1 attachment spoof Qualcomm Eudora 5.2.1 allows remote attackers to read arbitrary files via an email message with a carriage return (CR) character in a spoofed "Attachment Converted:" string, which is not properly handled by Eudora. cpe:/a:platform:lsadmin:5.1 CVE-2003-0337 2003-05-22T00:00:00.000-04:00 2016-10-17T22:32:43.037-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030522 Security advisory: LSF 5.1 local root exploit The ckconfig command in lsadmin for Load Sharing Facility (LSF) 5.1 allows local users to execute arbitrary programs by modifying the LSF_ENVDIR environment variable to reference an alternate lsf.conf file, then modifying LSF_SERVERDIR to point to a malicious lim program, which lsadmin then executes. cpe:/a:wsmp3:wsmp3_daemon:0.0.8 cpe:/a:wsmp3:wsmp3_daemon:0.0.9 cpe:/a:wsmp3:wsmp3_daemon:0.0.10 cpe:/a:wsmp3:wsmp3_web_server:0.0.1 cpe:/a:wsmp3:wsmp3_web_server:0.0.2 cpe:/a:wsmp3:wsmp3_web_server:0.0.3 cpe:/a:wsmp3:wsmp3_web_server:0.0.4 cpe:/a:wsmp3:wsmp3_web_server:0.0.5 cpe:/a:wsmp3:wsmp3_web_server:0.0.6 cpe:/a:wsmp3:wsmp3_web_server:0.0.7 CVE-2003-0338 2003-05-21T00:00:00.000-04:00 2016-10-17T22:32:44.180-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov VULNWATCH 20030521 [INetCop Security Advisory] WsMP3d Directory Traversing Vulnerability BUGTRAQ 20030521 [INetCop Security Advisory] WsMP3d Directory Traversing Vulnerability Directory traversal vulnerability in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allows remote attackers to read and execute arbitrary files via .. (dot dot) sequences in HTTP GET or POST requests. cpe:/a:wsmp3:wsmp3_daemon:0.0.8 cpe:/a:wsmp3:wsmp3_daemon:0.0.9 cpe:/a:wsmp3:wsmp3_daemon:0.0.10 cpe:/a:wsmp3:wsmp3_web_server:0.0.7 CVE-2003-0339 2003-05-22T00:00:00.000-04:00 2016-10-17T22:32:45.663-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS VULNWATCH 20030521 Remote Heap Corruption Overflow vulnerability in WsMp3d. BUGTRAQ 20030522 WsMp3d remote exploit. Multiple heap-based buffer overflows in WsMp3 daemon (WsMp3d) 0.0.10 and earlier allow remote attackers to execute arbitrary code via long HTTP requests. cpe:/a:demarc_security:puresecure:1.6 CVE-2003-0340 2003-05-21T00:00:00.000-04:00 2008-09-05T16:34:04.940-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-25T10:06:00.000-04:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20030521 Demarc Puresecure v1.6 - Plaintext password issue - Demarc Puresecure 1.6 stores authentication information for the logging server in plaintext, which allows attackers to steal login names and passwords to gain privileges. cpe:/a:owl:owl_intranet_engine:0.7 cpe:/a:owl:owl_intranet_engine:0.71 CVE-2003-0341 2003-05-21T00:00:00.000-04:00 2016-10-17T22:32:46.837-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030521 [AP] Owl Intranet Engine CSS Bug Cross-site scripting (XSS) vulnerability in Owl Intranet Engine 0.71 and earlier allows remote attackers to insert arbitrary script via the Search field. cpe:/a:selom_ofori:blackmoon_ftp_server:2.6 CVE-2003-0342 2003-05-20T00:00:00.000-04:00 2016-10-17T22:32:48.070-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030520 [[ TH 026 Inc. ]] SA #4 - Blackmoon FTP Server cleartext passwords and User enumeration BlackMoon FTP Server 2.6 Free Edition, and possibly other distributions and versions, stores user names and passwords in plaintext in the blackmoon.mdb file, which can allow local users to gain privileges. cpe:/a:selom_ofori:blackmoon_ftp_server:2.6 CVE-2003-0343 2003-05-21T00:00:00.000-04:00 2016-10-17T22:32:49.413-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030520 [[ TH 026 Inc. ]] SA #4 - Blackmoon FTP Server cleartext passwords and User enumeration BlackMoon FTP Server 2.6 Free Edition, and possibly other distributions and versions, generates an "Account does not exist" error message when an invalid username is entered, which makes it easier for remote attackers to conduct brute force attacks. cpe:/a:microsoft:ie:5.01 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:6.0::windows_server_2003 CVE-2003-0344 2003-06-16T00:00:00.000-04:00 2018-10-12T17:32:37.333-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov FULLDISC 20030709 IE Object Type Overflow Exploit BUGTRAQ 20030604 Internet Explorer Object Type Property Overflow EEYE AD20030604 CERT-VN VU#679556 MS MS03-020 Buffer overflow in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to execute arbitrary code via / (slash) characters in the Type property of an Object tag in a web page. cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2000::sp1 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 cpe:/o:microsoft:windows_nt:4.0::enterprise_server cpe:/o:microsoft:windows_nt:4.0::server cpe:/o:microsoft:windows_nt:4.0::terminal_server cpe:/o:microsoft:windows_nt:4.0::terminal_server_alpha cpe:/o:microsoft:windows_nt:4.0::workstation cpe:/o:microsoft:windows_nt:4.0:sp1:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp1:server cpe:/o:microsoft:windows_nt:4.0:sp1:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp1:workstation cpe:/o:microsoft:windows_nt:4.0:sp2:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp2:server cpe:/o:microsoft:windows_nt:4.0:sp2:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp2:workstation cpe:/o:microsoft:windows_nt:4.0:sp3:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp3:server cpe:/o:microsoft:windows_nt:4.0:sp3:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp3:workstation cpe:/o:microsoft:windows_nt:4.0:sp4:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp4:server cpe:/o:microsoft:windows_nt:4.0:sp4:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp4:workstation cpe:/o:microsoft:windows_nt:4.0:sp5:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp5:server cpe:/o:microsoft:windows_nt:4.0:sp5:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp5:workstation cpe:/o:microsoft:windows_nt:4.0:sp6:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6:server cpe:/o:microsoft:windows_nt:4.0:sp6:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6:workstation cpe:/o:microsoft:windows_nt:4.0:sp6a:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6a:server cpe:/o:microsoft:windows_nt:4.0:sp6a:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6a:workstation cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_xp::sp1:home CVE-2003-0345 2003-08-18T00:00:00.000-04:00 2019-04-30T10:27:13.710-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS SECTRACK 1007154 CERT-VN VU#337764 BID 8152 MS MS03-024 XF win-smb-bo(12544) Buffer overflow in the SMB capability for Microsoft Windows XP, 2000, and NT allows remote attackers to cause a denial of service and possibly execute arbitrary code via an SMB packet that specifies a smaller buffer length than is required. cpe:/a:microsoft:directx:5.2 cpe:/a:microsoft:directx:6.1 cpe:/a:microsoft:directx:7.0 cpe:/a:microsoft:directx:7.0a cpe:/a:microsoft:directx:8.1 cpe:/a:microsoft:directx:9.0a CVE-2003-0346 2003-08-27T00:00:00.000-04:00 2018-10-12T17:32:39.227-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030723 EEYE: Windows MIDI Decoder (QUARTZ.DLL) Heap Corruption CERT CA-2003-18 CERT-VN VU#265232 CERT-VN VU#561284 MS MS03-030 Multiple integer overflows in a Microsoft Windows DirectX MIDI library (QUARTZ.DLL) allow remote attackers to execute arbitrary code via a MIDI (.mid) file with (1) large length for a Text or Copyright string, or (2) a large number of tracks, which leads to a heap-based buffer overflow. cpe:/a:microsoft:office:2000 cpe:/a:microsoft:office:2000:sp2 cpe:/a:microsoft:office:2000:sp3 cpe:/a:microsoft:office:xp cpe:/a:microsoft:office:xp:sp1 cpe:/a:microsoft:office:xp:sp2 cpe:/a:microsoft:project:2000 cpe:/a:microsoft:project:2002 cpe:/a:microsoft:visio:2002::professional cpe:/a:microsoft:visual_basic:5.0::sdk cpe:/a:microsoft:visual_basic:6.2 cpe:/a:microsoft:visual_basic:6.2::sdk cpe:/a:microsoft:visual_basic:6.3::sdk CVE-2003-0347 2003-10-20T00:00:00.000-04:00 2018-10-12T17:32:40.147-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20030903 EEYE: VBE Document Property Buffer Overflow BUGTRAQ 20030903 EEYE: VBE Document Property Buffer Overflow CERT-VN VU#804780 BID 8534 MS MS03-037 Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 through 6.3 allows remote attackers to execute arbitrary code via a document with a long ID parameter. cpe:/a:microsoft:windows_media_player:9 CVE-2003-0348 2003-07-24T00:00:00.000-04:00 2018-10-12T17:32:40.693-04:00 6.4 NETWORK LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov CERT-VN VU#320516 BID 8034 MS MS03-021 XF mediaplayer-activex-obtain-information(12440) A certain Microsoft Windows Media Player 9 Series ActiveX control allows remote attackers to view and manipulate the Media Library on the local system via HTML script. cpe:/o:microsoft:windows_2000 CVE-2003-0349 2003-07-24T00:00:00.000-04:00 2018-10-12T17:32:41.083-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030626 Windows Media Services Remote Command Execution #2 SECTRACK 1007059 CERT-VN VU#113716 NTBUGTRAQ 20030626 Windows Media Services Remote Command Execution #2 MS MS03-022 Buffer overflow in the streaming media component for logging multicast requests in the ISAPI for the logging capability of Microsoft Windows Media Services (nsiislog.dll), as installed in IIS 5.0, allows remote attackers to execute arbitrary code via a large POST request to nsiislog.dll. cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2000::sp1 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 CVE-2003-0350 2003-08-18T00:00:00.000-04:00 2019-04-30T10:27:13.710-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030709 Microsoft Utility Manager Local Privilege Escalation BUGTRAQ 20030709 Microsoft Utility Manager Local Privilege Escalation MISC http://www.ngssoftware.com/advisories/utilitymanager.txt BID 8154 MS MS03-025 XF win2k-accessibility-gain-privileges(12543) The control for listing accessibility options in the Accessibility Utility Manager on Windows 2000 (ListView) does not properly handle Windows messages, which allows local users to execute arbitrary code via a "Shatter" style message to the Utility Manager that references a user-controlled callback function. CVE-2003-0351 2003-12-31T00:00:00.000-05:00 2008-09-10T15:18:42.133-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0306. Reason: This candidate is a reservation duplicate of CVE-2003-0306. Notes: All CVE users should reference CVE-2003-0306 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2000::sp1 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 cpe:/o:microsoft:windows_2000::sp4 cpe:/o:microsoft:windows_2003_server:enterprise::64-bit cpe:/o:microsoft:windows_2003_server:enterprise_64-bit cpe:/o:microsoft:windows_2003_server:r2::64-bit cpe:/o:microsoft:windows_2003_server:r2::datacenter_64-bit cpe:/o:microsoft:windows_2003_server:standard::64-bit cpe:/o:microsoft:windows_2003_server:web cpe:/o:microsoft:windows_nt:4.0::enterprise_server cpe:/o:microsoft:windows_nt:4.0::server cpe:/o:microsoft:windows_nt:4.0::terminal_server cpe:/o:microsoft:windows_nt:4.0::workstation cpe:/o:microsoft:windows_nt:4.0:sp1:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp1:server cpe:/o:microsoft:windows_nt:4.0:sp1:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp1:workstation cpe:/o:microsoft:windows_nt:4.0:sp2:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp2:server cpe:/o:microsoft:windows_nt:4.0:sp2:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp2:workstation cpe:/o:microsoft:windows_nt:4.0:sp3:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp3:server cpe:/o:microsoft:windows_nt:4.0:sp3:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp3:workstation cpe:/o:microsoft:windows_nt:4.0:sp4:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp4:server cpe:/o:microsoft:windows_nt:4.0:sp4:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp4:workstation cpe:/o:microsoft:windows_nt:4.0:sp5:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp5:server cpe:/o:microsoft:windows_nt:4.0:sp5:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp5:workstation cpe:/o:microsoft:windows_nt:4.0:sp6:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6:server cpe:/o:microsoft:windows_nt:4.0:sp6:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6:workstation cpe:/o:microsoft:windows_nt:4.0:sp6a:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6a:server cpe:/o:microsoft:windows_nt:4.0:sp6a:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6a:workstation cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_xp::sp1:home CVE-2003-0352 2003-08-18T00:00:00.000-04:00 2019-04-30T10:27:13.913-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS FULLDISC 20030726 Re: The French BUGTRAQ (New Win RPC Exploit) FULLDISC 20030730 rpcdcom Universal offsets BUGTRAQ 20030716 [LSD] Critical security vulnerability in Microsoft Operating Systems BUGTRAQ 20030725 The Analysis of LSD's Buffer Overrun in Windows RPC Interface(code revised ) CERT CA-2003-16 CERT CA-2003-19 CERT-VN VU#568148 BID 8205 MISC http://www.xfocus.org/documents/200307/2.html MS MS03-026 XF win-rpc-dcom-bo(12629) Buffer overflow in a certain DCOM interface for RPC in Microsoft Windows NT 4.0, 2000, XP, and Server 2003 allows remote attackers to execute arbitrary code via a malformed message, as exploited by the Blaster/MSblast/LovSAN and Nachi/Welchia worms. cpe:/a:microsoft:data_access_components:1.5 cpe:/a:microsoft:data_access_components:2.0 cpe:/a:microsoft:data_access_components:2.1 cpe:/a:microsoft:data_access_components:2.1.1.3711.11:ga cpe:/a:microsoft:data_access_components:2.5 cpe:/a:microsoft:data_access_components:2.5:gold cpe:/a:microsoft:data_access_components:2.5:sp1 cpe:/a:microsoft:data_access_components:2.5:sp2 cpe:/a:microsoft:data_access_components:2.6 cpe:/a:microsoft:data_access_components:2.6:gold cpe:/a:microsoft:data_access_components:2.6:sp1 cpe:/a:microsoft:data_access_components:2.6:sp2 cpe:/a:microsoft:data_access_components:2.7 cpe:/a:microsoft:data_access_components:2.7:gold cpe:/a:microsoft:data_access_components:2.12.4202.3 CVE-2003-0353 2003-08-27T00:00:00.000-04:00 2018-10-12T17:32:44.460-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030821 AppSecInc Security Alert: Buffer Overflow in UDP broadcasts for Microsoft SQL Server client utilities NTBUGTRAQ 20030821 AppSecInc Security Alert: Buffer Overflow in UDP broadcasts for Microsoft SQL Server client utilities BID 8455 MS MS03-033 Buffer overflow in a component of SQL-DMO for Microsoft Data Access Components (MDAC) 2.5 through 2.7 allows remote attackers to execute arbitrary code via a long response to a broadcast request to UDP port 1434. cpe:/o:redhat:linux:7.1 cpe:/o:redhat:linux:7.2 cpe:/o:redhat:linux:7.3 cpe:/o:redhat:linux:8.0 cpe:/o:redhat:linux:9.0::i386 CVE-2003-0354 2003-06-16T00:00:00.000-04:00 2017-10-10T21:29:09.370-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030603 [OpenPKG-SA-2003.030] OpenPKG Security Advisory (ghostscript) MANDRAKE MDKSA-2003:065 REDHAT RHSA-2003:181 REDHAT RHSA-2003:182 Unknown vulnerability in GNU Ghostscript before 7.07 allows attackers to execute arbitrary commands, even when -dSAFER is enabled, via a PostScript file that causes the commands to be executed from a malicious print job. cpe:/a:apple:safari:1.0 cpe:/a:kde:konqueror_embedded CVE-2003-0355 2003-06-09T00:00:00.000-04:00 2008-09-05T16:34:07.440-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 BUGTRAQ 20030507 Problem: Multiple Web Browsers do not do not validate CN on certificates. Safari 1.0 Beta 2 (v73) and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates. cpe:/a:ethereal_group:ethereal:0.9.11 CVE-2003-0356 2003-06-09T00:00:00.000-04:00 2017-10-10T21:29:09.433-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS DEBIAN DSA-313 CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00009.html CERT-VN VU#641013 MANDRAKE MDKSA-2003:067 REDHAT RHSA-2003:077 Multiple off-by-one vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) AIM, (2) GIOP Gryphon, (3) OSPF, (4) PPTP, (5) Quake, (6) Quake2, (7) Quake3, (8) Rsync, (9) SMB, (10) SMPP, and (11) TSP dissectors, which do not properly use the tvb_get_nstringz and tvb_get_nstringz0 functions. cpe:/a:ethereal_group:ethereal:0.9.11 CVE-2003-0357 2003-06-09T00:00:00.000-04:00 2017-10-10T21:29:09.510-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov REDHAT RHSA-2003:077 DEBIAN DSA-313 CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00009.html CERT-VN VU#232164 CERT-VN VU#361700 MANDRAKE MDKSA-2003:067 BID 7494 BID 7495 Multiple integer overflow vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) Mount and (2) PPP dissectors. CVE-2003-0358 2003-06-09T00:00:00.000-04:00 2017-07-10T21:29:31.883-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov CONFIRM http://nethack.sourceforge.net/v340/bugmore/secpatch.txt DEBIAN DSA-316 DEBIAN DSA-350 BUGTRAQ 20030209 #!ICadv-02.09.03: nethack 3.4.0 local buffer overflow BID 6806 XF nethack-s-command-bo(11283) Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges via a long -s command line option. cpe:/a:stichting_mathematisch_centrum:nethack:3.4.0 CVE-2003-0359 2003-07-24T00:00:00.000-04:00 2008-09-05T16:34:08.003-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS DEBIAN DSA-316 nethack 3.4.0 and earlier installs certain setgid binaries with insecure permissions, which allows local users to gain privileges by replacing the original binaries with malicious code. cpe:/o:debian:debian_linux:0.9.1::woody_gps_package cpe:/o:debian:debian_linux:0.9.2::woody_gps_package cpe:/o:debian:debian_linux:0.9.3::woody_gps_package cpe:/o:debian:debian_linux:0.9.4::woody_gps_package CVE-2003-0360 2003-06-09T00:00:00.000-04:00 2008-09-05T16:34:08.177-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS CONFIRM http://gps.seul.org/changelog.html DEBIAN DSA-307 Multiple buffer overflows in gPS before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code. cpe:/o:debian:debian_linux:0.9.1::woody_gps_package cpe:/o:debian:debian_linux:0.9.2::woody_gps_package cpe:/o:debian:debian_linux:0.9.3::woody_gps_package cpe:/o:debian:debian_linux:0.9.4::woody_gps_package CVE-2003-0361 2003-06-09T00:00:00.000-04:00 2008-09-05T16:34:08.317-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CONFIRM http://gps.seul.org/changelog.html DEBIAN DSA-307 gPS before 1.1.0 does not properly follow the rgpsp connection source acceptation policy as specified in the rgpsp.conf file, which could allow unauthorized remote attackers to connect to rgpsp. cpe:/o:debian:debian_linux:0.9.1::woody_gps_package cpe:/o:debian:debian_linux:0.9.2::woody_gps_package cpe:/o:debian:debian_linux:0.9.3::woody_gps_package cpe:/o:debian:debian_linux:0.9.4::woody_gps_package CVE-2003-0362 2003-06-09T00:00:00.000-04:00 2008-09-05T16:34:08.487-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CONFIRM http://gps.seul.org/changelog.html DEBIAN DSA-307 Buffer overflow in gPS before 0.10.2 may allow local users to cause a denial of service (SIGSEGV) in rgpsp via long command lines. cpe:/a:licq:licq:1.0.3 cpe:/a:licq:licq:1.2.6 CVE-2003-0363 2003-12-31T00:00:00.000-05:00 2008-09-05T16:34:08.660-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-24T18:19:00.000-04:00 MISC http://csdl.computer.org/comp/proceedings/hicss/2004/2056/09/205690277.pdf Format string vulnerability in LICQ 1.2.6, 1.0.3 and possibly other versions allows remote attackers to perform unknown actions via format string specifiers. cpe:/o:redhat:linux:7.1 cpe:/o:redhat:linux:7.2 cpe:/o:redhat:linux:7.3 cpe:/o:redhat:linux:8.0 cpe:/o:redhat:linux:9.0 CVE-2003-0364 2003-06-16T00:00:00.000-04:00 2017-10-10T21:29:09.607-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov DEBIAN DSA-311 DEBIAN DSA-312 DEBIAN DSA-332 DEBIAN DSA-336 DEBIAN DSA-442 REDHAT RHSA-2003:187 REDHAT RHSA-2003:195 REDHAT RHSA-2003:198 TURBO TLSA-2003-41 The TCP/IP fragment reassembly handling in the Linux kernel 2.4 allows remote attackers to cause a denial of service (CPU consumption) via certain packets that cause a large number of hash table collisions. cpe:/a:icq_inc:icqlite:2003a CVE-2003-0365 2003-06-16T00:00:00.000-04:00 2016-10-17T22:33:00.837-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030529 ICQLite executable trojaning ICQLite 2003a creates the ICQ Lite directory with an ACE for "Full Control" privileges for Interactive Users, which allows local users to gain privileges as other users by replacing the executables with malicious programs. cpe:/a:lysator:lyskom-server:2.0.7 CVE-2003-0366 2003-07-24T00:00:00.000-04:00 2008-09-05T16:34:09.080-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 DEBIAN DSA-318 lyskom-server 2.0.7 and earlier allows unauthenticated users to cause a denial of service (CPU consumption) via a large query. cpe:/a:gnu:gzip:1.3.5 cpe:/o:debian:debian_linux:2.2 cpe:/o:debian:debian_linux:3.0 CVE-2003-0367 2003-07-02T00:00:00.000-04:00 2019-05-23T10:04:52.373-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2019-05-23T08:45:11.260-04:00 DEBIAN DSA-308 MANDRAKE MDKSA-2003:068 CONFIRM http://www.openpkg.org/security/OpenPKG-SA-2003.031-gzip.html BID 7872 TURBO TLSA-2003-38 znew in the gzip package allows local users to overwrite arbitrary files via a symlink attack on temporary files. cpe:/a:nokia:ggsn:release_1 CVE-2003-0368 2004-02-03T00:00:00.000-05:00 2017-07-10T21:29:31.947-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov ATSTAKE A060903-1 CERT-VN VU#924812 BID 7854 XF nokia-ggsn-ip-dos(12221) Nokia Gateway GPRS support node (GGSN) allows remote attackers to cause a denial of service (kernel panic) via a malformed IP packet with a 0xFF TCP option. cpe:/a:apple:safari:1.0:beta cpe:/a:apple:safari:1.0:beta2 cpe:/a:kde:konqueror_embedded:0.1 cpe:/o:kde:kde:2.2.2 cpe:/o:redhat:linux:7.1 cpe:/o:redhat:linux:7.2 cpe:/o:turbolinux:turbolinux_server:7.0 cpe:/o:turbolinux:turbolinux_server:8.0 cpe:/o:turbolinux:turbolinux_workstation:7.0 cpe:/o:turbolinux:turbolinux_workstation:8.0 CVE-2003-0370 2003-06-16T00:00:00.000-04:00 2008-09-10T15:18:47.117-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 FULLDISC 20030510 [forward]Apple Safari and Konqueror Embedded Common Name Verification Vulnerability DEBIAN DSA-361 CONFIRM http://www.kde.org/info/security/advisory-20030602-1.txt REDHAT RHSA-2003:192 REDHAT RHSA-2003:193 BUGTRAQ 20030507 Problem: Multiple Web Browsers do not do not validate CN on certificates. BID 7520 TURBO TLSA-2003-36 Konqueror Embedded and KDE 2.2.2 and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates via a man-in-the-middle attack. cpe:/a:prishtina_soft:prishtina_ftp:v.1 CVE-2003-0371 2003-06-16T00:00:00.000-04:00 2016-10-17T22:33:01.947-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030522 Prishtina FTP v.1.*: remote DoS Buffer overflow in Prishtina FTP client 1.x allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP banner. cpe:/a:nessus:nessus:2.0.5 CVE-2003-0372 2003-06-16T00:00:00.000-04:00 2016-10-17T22:33:03.167-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030522 Potential security vulnerability in Nessus BUGTRAQ 20030523 nessus NASL scripting engine security issues BID 7664 Signed integer vulnerability in libnasl in Nessus before 2.0.6 allows local users with plugin upload privileges to cause a denial of service (core dump) and possibly execute arbitrary code by causing a negative argument to be provided to the insstr function as used in a NASL script. cpe:/a:nessus:nessus:2.0.5 CVE-2003-0373 2003-06-16T00:00:00.000-04:00 2016-10-17T22:33:04.387-04:00 4.4 LOCAL MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030522 Potential security vulnerability in Nessus BUGTRAQ 20030523 nessus NASL scripting engine security issues BID 7664 Multiple buffer overflows in libnasl in Nessus before 2.0.6 allow local users with plugin upload privileges to cause a denial of service (core dump) and possibly execute arbitrary code via (1) a long proto argument to the scanner_add_port function, (2) a long user argument to the ftp_log_in function, (3) a long pass argument to the ftp_log_in function. cpe:/a:nessus:nessus:2.0.5 CVE-2003-0374 2003-06-16T00:00:00.000-04:00 2016-10-17T22:33:05.947-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030522 Potential security vulnerability in Nessus BID 7664 Multiple unknown vulnerabilities in Nessus before 2.0.6, in libnessus and possibly libnasl, a different set of vulnerabilities than those identified by CVE-2003-0372 and CVE-2003-0373, aka "similar issues in other nasl functions as well as in libnessus." cpe:/a:xmb_forum:xmb:1.6 cpe:/a:xmb_forum:xmb:1.8 cpe:/a:xmb_forum:xmb:1.11 CVE-2003-0375 2003-06-16T00:00:00.000-04:00 2016-10-17T22:33:07.090-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov MISC http://forums.xmbforum.com/viewthread.php?tid=773046 BUGTRAQ 20030522 XMB 1.8 Partagium cross site scripting vulnerability BID 7662 Cross-site scripting (XSS) vulnerability in member.php of XMBforum XMB 1.8.x (aka Partagium) allows remote attackers to insert arbitrary HTML and web script via the "member" parameter. cpe:/a:qualcomm:eudora:5.2.1 CVE-2003-0376 2003-06-16T00:00:00.000-04:00 2016-10-17T22:33:08.137-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030523 Eudora 5.2.1 buffer overflow DoS Buffer overflow in Eudora 5.2.1 allows remote attackers to cause a denial of service (crash and failed restart) and possibly execute arbitrary code via an Attachment Converted argument with a large number of . (dot) characters. cpe:/a:iisprotect:iisprotect:2.2_r4 CVE-2003-0377 2003-06-16T00:00:00.000-04:00 2016-10-17T22:33:09.387-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030523 iisPROTECT SQL injection in admin interface SQL injection vulnerability in the web-based administration interface for iisPROTECT 2.2-r4, and possibly earlier versions, allows remote attackers to insert arbitrary SQL and execute code via certain variables, as demonstrated using the GroupName variable in SiteAdmin.ASP. cpe:/o:apple:mac_os_x:10.2 CVE-2003-0378 2003-06-16T00:00:00.000-04:00 2008-09-05T16:34:10.817-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_USER_ACCESS CONFIRM http://docs.info.apple.com/article.html?artnum=107579 CERT-VN VU#467828 The Kerberos login authentication feature in Mac OS X, when used with an LDAPv3 server and LDAP bind authentication, may send cleartext passwords to the LDAP server when the AuthenticationAuthority attribute is not set. cpe:/a:apple:afp_server CVE-2003-0379 2003-07-24T00:00:00.000-04:00 2011-03-07T21:12:32.517-05:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00030.html Unknown vulnerability in Apple File Service (AFP Server) for Mac OS X Server, when sharing files on a UFS or re-shared NFS volume, allows remote attackers to overwrite arbitrary files. cpe:/a:atftpd:atftpd:0.6.0 cpe:/a:atftpd:atftpd:0.6.1.1 CVE-2003-0380 2003-07-02T00:00:00.000-04:00 2008-09-05T16:34:11.113-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20030606 atftpd bug DEBIAN DSA-314 VULN-DEV 20030604 possible remote buffer overflow in atftpd Buffer overflow in atftp daemon (atftpd) 0.6.1 and earlier, and possibly later versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long filename. cpe:/a:norman_ramsey:noweb:2.9 CVE-2003-0381 2003-07-24T00:00:00.000-04:00 2008-09-05T16:34:11.267-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 DEBIAN DSA-323 Multiple vulnerabilities in noweb 2.9 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files via multiple vectors including the noroff script. cpe:/a:michael_jennings:eterm:0.9.1 cpe:/a:michael_jennings:eterm:0.9.2 cpe:/o:debian:debian_linux:2.3 cpe:/o:debian:debian_linux:3.0 CVE-2003-0382 2003-07-02T00:00:00.000-04:00 2016-10-17T22:33:10.777-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030509 BAZARR CODE NINER PINK TEAM GO GO GO DEBIAN DSA-309 BID 7708 Buffer overflow in Eterm 0.9.2 allows local users to gain privileges via a long ETERMPATH environment variable. cpe:/o:debian:debian_linux:3.0.18::potato cpe:/o:debian:debian_linux:3.0.23::woody CVE-2003-0385 2003-07-02T00:00:00.000-04:00 2016-10-17T22:33:11.917-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030605 BAZARR LOCAL ROOT AGAIN. HI GUYS. DONT READ THIS DEBIAN DSA-310 Buffer overflow in xaos 3.0-23 and earlier, when running setuid, allows local users to gain root privileges via a long -language option. cpe:/a:openbsd:openssh:3.6.1 CVE-2003-0386 2003-07-02T00:00:00.000-04:00 2017-10-10T21:29:09.667-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov SGI 20060703-01-P CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00038.html CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-174.htm CERT-VN VU#978316 REDHAT RHSA-2006:0298 REDHAT RHSA-2006:0698 BUGTRAQ 20030605 OpenSSH remote clent address restriction circumvention BID 7831 CONFIRM http://www.vmware.com/support/vi3/doc/esx-3069097-patch.html CONFIRM http://www.vmware.com/support/vi3/doc/esx-9986131-patch.html OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address. cpe:/o:andrew_morgan:linux_pam:0.77 CVE-2003-0388 2003-07-24T00:00:00.000-04:00 2016-10-17T22:33:13.137-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030616 FW: iDEFENSE Security Advisory 06.16.03: Linux-PAM getlogin() Spoofing MISC http://www.idefense.com/advisory/06.16.03.txt REDHAT RHSA-2004:304 pam_wheel in Linux-PAM 0.78, with the trust option enabled and the use_uid option disabled, allows local users to spoof log entries and gain privileges by causing getlogin() to return a spoofed user name. cpe:/a:rsa:ace_agent:5.0 CVE-2003-0389 2003-07-24T00:00:00.000-04:00 2008-09-05T16:34:11.957-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 VULNWATCH 20030619 R7-0014: RSA SecurID ACE Agent Cross Site Scripting MISC http://www.rapid7.com/advisories/R7-0014.html Cross-site scripting (XSS) vulnerability in the secure redirect function of RSA ACE/Agent 5.0 for Windows, and 5.x for Web, allows remote attackers to insert arbitrary web script and possibly cause users to enter a passphrase via a GET request containing the script. cpe:/a:james_theiler:opt:3.18 CVE-2003-0390 2003-07-02T00:00:00.000-04:00 2016-10-17T22:33:14.480-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030424 SRT2003-04-24-1532 - Options Parsing Tool library buffer overflows. BUGTRAQ 20030523 Re: Options Parsing Tool library buffer overflows. CONFIRM http://nis-www.lanl.gov/~jt/Software/opt/opt-3.19.tar.gz Multiple buffer overflows in Options Parsing Tool (OPT) shared library 3.18 and earlier, when used in setuid programs, may allow local users to execute arbitrary code via long command line options that are fed into macros such as opt_warn_2, as used in functions such as opt_atoi. cpe:/a:amax_information_technologies:magic_winmail_server:2.3 CVE-2003-0391 2003-07-02T00:00:00.000-04:00 2016-10-17T22:33:15.903-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030523 Magic Winmail Server MISC http://www.magicwinmail.net/changelog.asp Format string vulnerability in Magic WinMail Server 2.3, and possibly other 2.x versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the PASS command. cpe:/a:st:ftp_service:3.0 CVE-2003-0392 2003-07-02T00:00:00.000-04:00 2016-10-17T22:33:17.373-04:00 6.4 NETWORK LOW NONE NONE PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030523 ST FTP Service v3.0: directory traversal Directory traversal vulnerability in ST FTP Service 3.0 allows remote attackers to list arbitrary directories via a CD command with a DoS drive letter argument (e.g. E:). cpe:/a:privacyware:privatefirewall:3.0 CVE-2003-0393 2003-07-02T00:00:00.000-04:00 2016-10-17T22:33:18.623-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030524 Some problems in Privatefirewall 3.0 BID 7700 Privacyware Privatefirewall 3.0 does not block certain incoming packets when in "Filter Internet Traffic" or Deny Internet Traffic" modes, which allows remote attackers to identify running services via FIN scans or Xmas scans. cpe:/a:blnews:blnews:2.1.3 CVE-2003-0394 2003-07-02T00:00:00.000-04:00 2016-10-17T22:33:19.810-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030524 PHP source code injection in BLNews BID 7677 objects.inc.php4 in BLNews 2.1.3 allows remote attackers to execute arbitrary PHP code via a Server[path] parameter that points to malicious code on an attacker-controlled web site. cpe:/a:php_outburst:ultimate_php_board_upb:1.9 CVE-2003-0395 2003-07-02T00:00:00.000-04:00 2016-10-17T22:33:21.310-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov MISC http://f0kp.iplus.ru/bz/024.en.txt BUGTRAQ 20030524 UPB: Discussion Board/Web-Site Takeover Ultimate PHP Board (UPB) 1.9 allows remote attackers to execute arbitrary PHP code with UPB administrator privileges via an HTTP request containing the code in the User-Agent header, which is executed when the administrator executes admin_iplog.php. cpe:/a:linux-atm:linux-atm:2.4 CVE-2003-0396 2003-07-02T00:00:00.000-04:00 2017-07-10T21:29:31.993-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030428 ATM on Linux Exploit Code Release (les, local) BUGTRAQ 20030524 ATM on linux Exploit(les,local) MISC http://sourceforge.net/project/shownotes.php?release_id=156242 MISC http://www.securiteam.com/exploits/5EP0M1P9PO.html BID 7437 XF atmonlinux-les-command-bo(11903) Buffer overflow in les for ATM on Linux (linux-atm) before 2.4.1, if used setuid, allows local users to gain privileges via a long -f command line argument. cpe:/a:sharman_networks:kazaa:v2.0.2 CVE-2003-0397 2003-07-02T00:00:00.000-04:00 2016-10-17T22:33:23.763-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030526 The PACKET 0' DEATH FastTrack network vulnerability XF fastrack-packet-0-bo(12086) BID 7680 Buffer overflow in FastTrack (FT) network code, as used in Kazaa 2.0.2 and possibly other versions and products, allows remote attackers to execute arbitrary code via a packet containing a large list of supernodes, aka "Packet 0' death." cpe:/a:vignette:content_suite:6.0 cpe:/a:vignette:content_suite:7.0 cpe:/a:vignette:storyserver:4.0 cpe:/a:vignette:storyserver:4.1 cpe:/a:vignette:storyserver:5.0 cpe:/a:vignette:vignette:5.0 CVE-2003-0398 2003-07-02T00:00:00.000-04:00 2016-10-17T22:33:25.013-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030526 S21SEC-016 - Vignette SSI Injection XF vignette-ssi-command-execution(12077) MISC http://www.s21sec.com/es/avisos/s21sec-016-en.txt BID 7685 Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, with the SSI EXEC feature enabled, allows remote attackers to execute arbitrary code via a text variable to a Vignette Application that is later displayed. cpe:/a:vignette:content_suite:6.0 cpe:/a:vignette:content_suite:7.0 cpe:/a:vignette:storyserver:4.0 cpe:/a:vignette:storyserver:4.1 cpe:/a:vignette:storyserver:5.0 cpe:/a:vignette:vignette:5.0 CVE-2003-0399 2003-07-02T00:00:00.000-04:00 2016-10-17T22:33:26.187-04:00 6.4 NETWORK LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030526 S21SEC-017 - Vignette /vgn/legacy/save SQL access XF vignette-save-obtain-information(12076) MISC http://www.s21sec.com/es/avisos/s21sec-017-en.txt BID 7683 Vignette StoryServer 4 and 5, Vignette V/5, and possibly other versions allows remote attackers to perform unauthorized SELECT queries by setting the vgn_creds cookie to an arbitrary value and directly accessing the save template. cpe:/a:vignette:content_suite:6.0 cpe:/a:vignette:storyserver:4.0 cpe:/a:vignette:storyserver:4.1 cpe:/a:vignette:storyserver:4.2 cpe:/a:vignette:storyserver:5.0 cpe:/a:vignette:vignette:5.0 CVE-2003-0400 2003-06-30T00:00:00.000-04:00 2016-10-17T22:33:27.453-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030526 S21SEC-018 - Vignette memory leak AIX Platform XF vignette-memory-leak(12075) MISC http://www.s21sec.com/es/avisos/s21sec-018-en.txt BID 7684 Vignette StoryServer and Vignette V/5 does not properly calculate the size of text variables, which causes Vignette to return unauthorized portions of memory, as demonstrated using the "-->" string in a CookieName argument to the login template, referred to as a "memory leak" in some reports. cpe:/a:vignette:content_suite:5.0 cpe:/a:vignette:content_suite:6.0 cpe:/a:vignette:content_suite:7.0 cpe:/a:vignette:storyserver:4.0 cpe:/a:vignette:storyserver:4.1 cpe:/a:vignette:storyserver:5.0 cpe:/a:vignette:vignette:5.0 CVE-2003-0401 2003-06-30T00:00:00.000-04:00 2016-10-17T22:33:28.780-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030526 S21SEC-019 - Vignette /vgn/style internal information leak XF vignette-style-info-disclosure(12074) MISC http://www.s21sec.com/es/avisos/s21sec-019-en.txt BID 7688 Vignette StoryServer and Vignette V/5 allows remote attackers to obtain sensitive information via a request for the /vgn/style template. cpe:/a:vignette:content_suite:5.0 cpe:/a:vignette:content_suite:6.0 cpe:/a:vignette:content_suite:7.0 cpe:/a:vignette:storyserver:4.0 cpe:/a:vignette:storyserver:4.1 cpe:/a:vignette:storyserver:5.0 cpe:/a:vignette:vignette:5.0 CVE-2003-0402 2003-06-30T00:00:00.000-04:00 2016-10-17T22:33:30.017-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030526 S21SEC-020 - Vignette user enumeration XF vignette-login-account-bruteforce(12073) MISC http://www.s21sec.com/en/avisos/s21sec-020-en.txt BID 7691 The default login template (/vgn/login) in Vignette StoryServer 5 and Vignette V/5 generates different responses whether a user exists or not, which allows remote attackers to identify valid usernames via brute force attacks. cpe:/a:vignette:content_suite:5.0 cpe:/a:vignette:content_suite:6.0 cpe:/a:vignette:content_suite:7.0 cpe:/a:vignette:storyserver:4.0 cpe:/a:vignette:storyserver:4.1 cpe:/a:vignette:storyserver:5.0 cpe:/a:vignette:vignette:5.0 CVE-2003-0403 2003-06-30T00:00:00.000-04:00 2016-10-17T22:33:31.170-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030526 S21SEC-021 - Vignette License access and modification XF vignette-license-modification(12072) MISC http://www.s21sec.com/es/avisos/s21sec-021-en.txt BID 7694 Vignette StoryServer 5 and Vignette V/5 allows remote attackers to read and modify license information, and cause a denial of service (service halt) by directly accessing the /vgn/license template. cpe:/a:vignette:content_suite:5.0 cpe:/a:vignette:content_suite:6.0 cpe:/a:vignette:content_suite:7.0 cpe:/a:vignette:storyserver:4.0 cpe:/a:vignette:storyserver:4.1 cpe:/a:vignette:storyserver:5.0 cpe:/a:vignette:vignette:5.0 CVE-2003-0404 2003-06-30T00:00:00.000-04:00 2016-10-17T22:33:32.407-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030526 S21SEC-023 - Vignette multiple Cross Site Scripting vulnerabilities XF vignette-multiple-xss(12071) MISC http://www.s21sec.com/es/avisos/s21sec-023-en.txt BID 7687 Multiple Cross Site Scripting (XSS) vulnerabilities in Vignette StoryServer 4 and 5, and Vignette V/5 and V/6, allow remote attackers to insert arbitrary HTML and script via text variables, as demonstrated using the errInfo parameter of the default login template. cpe:/a:vignette:content_suite:5.0 cpe:/a:vignette:content_suite:6.0 cpe:/a:vignette:content_suite:6.0.1 cpe:/a:vignette:content_suite:6.0.2 cpe:/a:vignette:content_suite:6.0.3 cpe:/a:vignette:storyserver:5.0 cpe:/a:vignette:vignette:5.0 CVE-2003-0405 2003-06-30T00:00:00.000-04:00 2016-10-17T22:33:33.733-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030526 S21SEC-024 - Vignette TCL Injection XF vignette-tcl-code-execution(12070) MISC http://www.s21sec.com/es/avisos/s21sec-024-en.txt BID 7690 BID 7692 Vignette StoryServer 5 and Vignette V/6 allows remote attackers to execute arbitrary TCL code via (1) an HTTP query or cookie which is processed in the NEEDS command, or (2) an HTTP Referrer that is processed in the VALID_PATHS command. cpe:/a:palmvnc:palmvnc:1.40 CVE-2003-0406 2003-06-30T00:00:00.000-04:00 2016-10-17T22:33:34.877-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030526 PalmVNC 1.40 Insecure Records XF palmvnc-plaintext-passwords(12083) BID 7696 PalmVNC 1.40 and earlier stores passwords in plaintext in the PalmVNCDB, which is backed up to PCs that the Palm is synchronized with, which could allow attackers to gain privileges. cpe:/a:gnome:batalla_naval:1.0_4 CVE-2003-0407 2003-06-30T00:00:00.000-04:00 2016-10-17T22:33:36.030-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030526 [Priv8security_Advisory]_Batalla_Naval_remote_overflow XF batalla-naval-bo(12087) BID 7699 Buffer overflow in gbnserver for Gnome Batalla Naval 1.0.4 allows remote attackers to execute arbitrary code via a long connection string. cpe:/a:the_uptimes_project:upclient:5.0b7 CVE-2003-0408 2003-06-30T00:00:00.000-04:00 2016-10-17T22:33:37.267-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030527 NuxAcid#002 - Buffer Overflow in UpClient XF upclient-command-line-bo(12131) BID 7703 Buffer overflow in Uptime Client (UpClient) 5.0b7, and possibly other versions, allows local users to gain privileges via a long -p argument. cpe:/a:brs:webweaver:1.0.4 CVE-2003-0409 2003-06-30T00:00:00.000-04:00 2016-10-17T22:33:38.890-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030527 BRS WebWeaver: POST and HEAD Overflaws XF webweaver-head-post-bo(12107) BID 7695 Buffer overflow in BRS WebWeaver 1.04 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP (1) POST or (2) HEAD request. cpe:/a:analogx:proxy:4.13 CVE-2003-0410 2003-06-30T00:00:00.000-04:00 2016-10-17T22:33:40.203-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20030526 NII Advisory - Buffer Overflow in Analogx Proxy BUGTRAQ 20030526 NII Advisory - Buffer Overflow in Analogx Proxy CONFIRM http://www.analogx.com/contents/download/network/proxy.htm XF analogx-proxy-url-bo(12068) BID 7681 Buffer overflow in AnalogX Proxy 4.13 allows remote attackers to execute arbitrary code via a long URL to port 6588. cpe:/a:sun:one_application_server:7.0::platform cpe:/a:sun:one_application_server:7.0::standard CVE-2003-0411 2003-06-30T00:00:00.000-04:00 2016-10-17T22:33:41.330-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030526 Multiple Vulnerabilities in Sun-One Application Server SUNALERT 55221 SUNALERT 1000610 CIAC N-103 XF sunone-jsp-source-disclosure(12093) BID 7709 MISC http://www.spidynamics.com/sunone_alert.html Sun ONE Application Server 7.0 for Windows 2000/XP allows remote attackers to obtain JSP source code via a request that uses the uppercase ".JSP" extension instead of the lowercase .jsp extension. cpe:/a:sun:one_application_server:7.0 CVE-2003-0412 2003-06-30T00:00:00.000-04:00 2016-10-17T22:33:42.813-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030526 Multiple Vulnerabilities in Sun-One Application Server SUNALERT 55221 SUNALERT 1000610 CIAC N-103 BID 7711 MISC http://www.spidynamics.com/sunone_alert.html Sun ONE Application Server 7.0 for Windows 2000/XP does not log the complete URI of a long HTTP request, which could allow remote attackers to hide malicious activities. cpe:/a:sun:one_application_server:7.0 CVE-2003-0413 2003-06-30T00:00:00.000-04:00 2016-10-17T22:33:44.063-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030526 Multiple Vulnerabilities in Sun-One Application Server SUNALERT 55221 SUNALERT 57605 SUNALERT 201009 SUNALERT 1000610 CIAC N-103 XF sunone-http-error-xss(12095) BID 7710 MISC http://www.spidynamics.com/sunone_alert.html Cross-site scripting (XSS) vulnerability in the webapps-simple sample application for (1) Sun ONE Application Server 7.0 for Windows 2000/XP or (2) Sun Java System Web Server 6.1 allows remote attackers to insert arbitrary web script or HTML via an HTTP request that generates an "Invalid JSP file" error, which inserts the text in the resulting error message. cpe:/a:sun:one_application_server:7.0 CVE-2003-0414 2003-06-30T00:00:00.000-04:00 2016-10-17T22:33:45.283-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030526 Multiple Vulnerabilities in Sun-One Application Server SUNALERT 55221 SUNALERT 1000610 CIAC N-103 XF sunone-insecure-file-permissions(12096) BID 7712 MISC http://www.spidynamics.com/sunone_alert.html The installation of Sun ONE Application Server 7.0 for Windows 2000/XP creates a statefile with world-readable permissions, which allows local users to gain privileges by reading a plaintext password in the statefile. cpe:/a:access-remote-pc.com:remote_pc_access:2.2 CVE-2003-0415 2003-06-30T00:00:00.000-04:00 2016-10-17T22:33:46.517-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030528 Remote PC Access Server 2.2 Vulnerability BID 7698 MISC http://www.ytech.co.il/advisories/rpca/rpcaccess.htm Remote PC Access Server 2.2 allows remote attackers to cause a denial of service (crash) by receiving packets from the server and sending them back to the server. cpe:/a:bandmin:bandmin:1.4 CVE-2003-0416 2003-06-30T00:00:00.000-04:00 2016-10-17T22:33:47.923-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030528 Bandmin 1.4 XSS Exploit XF bandmin-index-xss(12108) BID 7729 Cross-site scripting (XSS) vulnerability in index.cgi for Bandmin 1.4 allows remote attackers to insert arbitrary HTML or script via (1) the year parameter in a showmonth action, (2) the month parameter in a showmonth action, or (3) the host parameter in a showhost action. cpe:/a:super-m:son_hserver:0.2 CVE-2003-0417 2003-06-30T00:00:00.000-04:00 2016-10-17T22:33:49.207-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030529 Son hServer v0.2: directory traversal XF sonhserver-pipe-directory-traversal(12103) BID 7717 Directory traversal vulnerability in Son hServer 0.2 allows remote attackers to read arbitrary files via ".|." (modified dot-dot) sequences. cpe:/o:linux:linux_kernel:2.0 cpe:/o:linux:linux_kernel:2.0.1 cpe:/o:linux:linux_kernel:2.0.2 cpe:/o:linux:linux_kernel:2.0.3 cpe:/o:linux:linux_kernel:2.0.4 cpe:/o:linux:linux_kernel:2.0.5 cpe:/o:linux:linux_kernel:2.0.6 cpe:/o:linux:linux_kernel:2.0.7 cpe:/o:linux:linux_kernel:2.0.8 cpe:/o:linux:linux_kernel:2.0.9 cpe:/o:linux:linux_kernel:2.0.10 cpe:/o:linux:linux_kernel:2.0.11 cpe:/o:linux:linux_kernel:2.0.12 cpe:/o:linux:linux_kernel:2.0.13 cpe:/o:linux:linux_kernel:2.0.14 cpe:/o:linux:linux_kernel:2.0.15 cpe:/o:linux:linux_kernel:2.0.16 cpe:/o:linux:linux_kernel:2.0.17 cpe:/o:linux:linux_kernel:2.0.18 cpe:/o:linux:linux_kernel:2.0.19 cpe:/o:linux:linux_kernel:2.0.20 cpe:/o:linux:linux_kernel:2.0.21 cpe:/o:linux:linux_kernel:2.0.22 cpe:/o:linux:linux_kernel:2.0.23 cpe:/o:linux:linux_kernel:2.0.24 cpe:/o:linux:linux_kernel:2.0.25 cpe:/o:linux:linux_kernel:2.0.26 cpe:/o:linux:linux_kernel:2.0.27 cpe:/o:linux:linux_kernel:2.0.28 cpe:/o:linux:linux_kernel:2.0.29 cpe:/o:linux:linux_kernel:2.0.30 cpe:/o:linux:linux_kernel:2.0.31 cpe:/o:linux:linux_kernel:2.0.32 cpe:/o:linux:linux_kernel:2.0.33 cpe:/o:linux:linux_kernel:2.0.34 cpe:/o:linux:linux_kernel:2.0.35 cpe:/o:linux:linux_kernel:2.0.36 cpe:/o:linux:linux_kernel:2.0.37 cpe:/o:linux:linux_kernel:2.0.38 cpe:/o:linux:linux_kernel:2.0.39 CVE-2003-0418 2003-07-24T00:00:00.000-04:00 2016-10-17T22:33:50.393-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030609 Linux 2.0 remote info leak from too big icmp citation MISC http://www.cartel-securite.fr/pbiondi/adv/CARTSA-20030314-icmpleak.txt CERT-VN VU#471084 The Linux 2.0 kernel IP stack does not properly calculate the size of an ICMP citation, which causes it to include portions of unauthorized memory in ICMP error responses. cpe:/h:smc_networks:barricade_wireless_cable_dsl_broadband_router:smc7004vwbr CVE-2003-0419 2003-07-24T00:00:00.000-04:00 2008-09-05T16:34:16.487-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 MISC http://www.idefense.com/advisory/06.11.03.txt SMC Networks Barricade Wireless Cable/DSL Broadband Router SMC7004VWBR allows remote attackers to cause a denial of service via certain packets to PPTP port 1723 on the internal interface. cpe:/o:apple:mac_os_x_server:10.2.6 CVE-2003-0420 2003-06-13T00:00:00.000-04:00 2017-07-10T21:29:32.057-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS AUSCERT ESB-2003.0415 MISC http://www.kb.cert.org/vuls/id/JPLA-5NTL8E BID 7894 XF macos-dsimportexport-obtain-information(12342) Information leak in dsimportexport for Apple Macintosh OS X Server 10.2.6 allows local users to obtain the username and password of the account running the tool. cpe:/a:apple:darwin_streaming_server:4.1.3 CVE-2003-0421 2003-08-27T00:00:00.000-04:00 2008-09-05T16:34:16.783-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS VULNWATCH 20030723 R7-0015: Multiple Vulnerabilities Apple QuickTime/Darwin Streaming Server MISC http://www.rapid7.com/advisories/R7-0015.html Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to cause a denial of service (crash) via an MS-DOS device name (e.g. AUX) in a request to HTTP port 1220, a different vulnerability than CVE-2003-0502. cpe:/a:apple:darwin_streaming_server:4.1.3 CVE-2003-0422 2003-08-27T00:00:00.000-04:00 2008-09-10T15:18:59.103-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 VULNWATCH 20030723 R7-0015: Multiple Vulnerabilities Apple QuickTime/Darwin Streaming Server MISC http://www.rapid7.com/advisories/R7-0015.html Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to cause a denial of service (crash) via a request to view_broadcast.cgi that does not contain the required parameters. cpe:/a:apple:darwin_streaming_server:4.1.3 CVE-2003-0423 2003-08-27T00:00:00.000-04:00 2008-09-10T15:18:59.163-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 VULNWATCH 20030723 R7-0015: Multiple Vulnerabilities Apple QuickTime/Darwin Streaming Server MISC http://www.rapid7.com/advisories/R7-0015.html parse_xml.cgi in Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to obtain the source code for parseable files via the filename parameter. cpe:/a:apple:darwin_streaming_server:4.1.3 CVE-2003-0424 2003-08-27T00:00:00.000-04:00 2008-09-10T15:18:59.243-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 VULNWATCH 20030723 R7-0015: Multiple Vulnerabilities Apple QuickTime/Darwin Streaming Server MISC http://www.rapid7.com/advisories/R7-0015.html Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to obtain the source code for scripts by appending encoded space (%20) or . (%2e) characters to an HTTP request for the script, e.g. view_broadcast.cgi. cpe:/a:apple:darwin_streaming_server:4.1.3 CVE-2003-0425 2003-08-27T00:00:00.000-04:00 2008-09-10T15:18:59.307-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 VULNWATCH 20030723 R7-0015: Multiple Vulnerabilities Apple QuickTime/Darwin Streaming Server MISC http://www.rapid7.com/advisories/R7-0015.html Directory traversal vulnerability in Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to read arbitrary files via a ... (triple dot) in an HTTP request. cpe:/a:apple:darwin_streaming_server:4.1.3 CVE-2003-0426 2003-08-27T00:00:00.000-04:00 2008-09-05T16:34:17.503-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS VULNWATCH 20030723 R7-0015: Multiple Vulnerabilities Apple QuickTime/Darwin Streaming Server MISC http://www.rapid7.com/advisories/R7-0015.html The installation of Apple QuickTime / Darwin Streaming Server before 4.1.3f starts the administration server with a "Setup Assistant" page that allows remote attackers to set the administrator password and gain privileges before the real administrator. cpe:/a:miod_vallat:mikmod:3.1.6 CVE-2003-0427 2003-07-24T00:00:00.000-04:00 2017-10-10T21:29:09.730-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS DEBIAN DSA-320 REDHAT RHSA-2005:506 Buffer overflow in mikmod 3.1.6 and earlier allows remote attackers to execute arbitrary code via an archive file that contains a file with a long filename. cpe:/a:ethereal_group:ethereal:0.9.12 CVE-2003-0428 2003-07-24T00:00:00.000-04:00 2017-10-10T21:29:09.807-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SCO CSSA-2003-030.0 CONECTIVA CLA-2003:662 DEBIAN DSA-324 CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00010.html CERT-VN VU#542540 REDHAT RHSA-2003:077 Unknown vulnerability in the DCERPC (DCE/RPC) dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (memory consumption) via a certain NDR string. cpe:/a:ethereal_group:ethereal:0.9.12 CVE-2003-0429 2003-07-24T00:00:00.000-04:00 2017-10-10T21:29:09.870-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS SCO CSSA-2003-030.0 CONECTIVA CLA-2003:662 DEBIAN DSA-324 CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00010.html REDHAT RHSA-2003:077 The OSI dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via invalid IPv4 or IPv6 prefix lengths, possibly triggering a buffer overflow. cpe:/a:ethereal_group:ethereal:0.9.12 CVE-2003-0430 2003-07-24T00:00:00.000-04:00 2017-10-10T21:29:09.933-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SCO CSSA-2003-030.0 CONECTIVA CLA-2003:662 CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00010.html REDHAT RHSA-2003:077 The SPNEGO dissector in Ethereal 0.9.12 and earlier allows remote attackers to cause a denial of service (crash) via an invalid ASN.1 value. cpe:/a:ethereal_group:ethereal:0.9.12 CVE-2003-0431 2003-07-24T00:00:00.000-04:00 2017-10-10T21:29:09.997-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov SCO CSSA-2003-030.0 CONECTIVA CLA-2003:662 DEBIAN DSA-324 CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00010.html REDHAT RHSA-2003:077 The tvb_get_nstringz0 function in Ethereal 0.9.12 and earlier does not properly handle a zero-length buffer size, with unknown consequences. cpe:/a:ethereal_group:ethereal:0.9.12 CVE-2003-0432 2003-07-24T00:00:00.000-04:00 2017-10-10T21:29:10.073-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov SCO CSSA-2003-030.0 CONECTIVA CLA-2003:662 DEBIAN DSA-324 CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00010.html REDHAT RHSA-2003:077 Ethereal 0.9.12 and earlier does not handle certain strings properly, with unknown consequences, in the (1) BGP, (2) WTP, (3) DNS, (4) 802.11, (5) ISAKMP, (6) WSP, (7) CLNP, (8) ISIS, and (9) RMI dissectors. cpe:/a:gnocatan-develop:gnocatan:0.6.1 CVE-2003-0433 2003-07-24T00:00:00.000-04:00 2008-09-05T16:34:18.487-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS DEBIAN DSA-315 Multiple buffer overflows in gnocatan 0.6.1 and earlier allow attackers to execute arbitrary code. cpe:/a:adobe:acrobat:5.0.6 cpe:/a:xpdf:xpdf:1.1 cpe:/o:mandrakesoft:mandrake_linux:9.0 cpe:/o:mandrakesoft:mandrake_linux:9.1 cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1 cpe:/o:redhat:enterprise_linux:2.1::advanced_server cpe:/o:redhat:enterprise_linux:2.1::enterprise_server cpe:/o:redhat:enterprise_linux:2.1::workstation cpe:/o:redhat:linux:7.1 cpe:/o:redhat:linux:7.2 cpe:/o:redhat:linux:7.3 cpe:/o:redhat:linux:8.0 cpe:/o:redhat:linux:9.0 cpe:/o:redhat:linux_advanced_workstation:2.1::itanium CVE-2003-0434 2003-07-24T00:00:00.000-04:00 2017-10-10T21:29:10.137-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS FULLDISC 20030613 -10Day CERT Advisory on PDF Files BUGTRAQ 20030709 xpdf vulnerability - CAN-2003-0434 CERT-VN VU#200132 MANDRAKE MDKSA-2003:071 REDHAT RHSA-2003:196 REDHAT RHSA-2003:197 Various PDF viewers including (1) Adobe Acrobat 5.06 and (2) Xpdf 1.01 allow remote attackers to execute arbitrary commands via shell metacharacters in an embedded hyperlink. cpe:/a:typespeed:typespeed:0.4.1 CVE-2003-0435 2003-07-24T00:00:00.000-04:00 2016-10-17T22:33:53.223-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030612 BAZARR THUG LIFE , DONT READ OR VIRUS INFECT YOU DEBIAN DSA-322 Buffer overflow in net_swapscore for typespeed 0.4.1 and earlier allows remote attackers to execute arbitrary code. cpe:/a:mnogosearch:mnogosearch:3.1.20 CVE-2003-0436 2003-07-24T00:00:00.000-04:00 2008-09-10T15:19:00.447-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS FULLDISC 20030610 mnogosearch 3.1.20 and 3.2.10 buffer overflow BID 7865 Buffer overflow in search.cgi for mnoGoSearch 3.1.20 allows remote attackers to execute arbitrary code via a long ul parameter. cpe:/a:mnogosearch:mnogosearch:3.2.10 CVE-2003-0437 2003-07-24T00:00:00.000-04:00 2008-09-10T15:19:00.523-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS FULLDISC 20030610 mnogosearch 3.1.20 and 3.2.10 buffer overflow BID 7866 Buffer overflow in search.cgi for mnoGoSearch 3.2.10 allows remote attackers to execute arbitrary code via a long tmplt parameter. cpe:/a:yuuichi_teranishi:eldav:0.7.2 CVE-2003-0438 2003-07-24T00:00:00.000-04:00 2008-09-05T16:34:19.253-04:00 1.2 LOCAL HIGH NONE NONE PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 DEBIAN DSA-325 eldav WebDAV client for Emacs, version 0.7.2 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files. CVE-2003-0439 2017-05-11T10:29:00.837-04:00 2017-05-11T10:29:00.837-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. cpe:/a:semi:semi:1.14.3 cpe:/o:debian:debian_linux:3.0 CVE-2003-0440 2003-08-18T00:00:00.000-04:00 2017-10-10T21:29:10.213-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS DEBIAN DSA-339 REDHAT RHSA-2003:231 REDHAT RHSA-2003:234 The (1) semi MIME library 1.14.5 and earlier, and (2) wemi 1.14.0 and possibly other versions, allows local users to overwrite arbitrary files via a symlink attack on temporary files. cpe:/a:orville-write:orville-write:2.53 CVE-2003-0441 2004-03-03T00:00:00.000-05:00 2017-07-10T21:29:32.103-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS DEBIAN DSA-326 BID 7988 XF orvillewrite-variables-bo(12381) Multiple buffer overflows in Orville Write (orville-write) 2.53 and earlier allow local users to gain privileges. cpe:/a:php:php:4.3.1 cpe:/o:redhat:linux:8.0 cpe:/o:redhat:linux:9.0 CVE-2003-0442 2003-07-24T00:00:00.000-04:00 2018-05-02T21:29:20.257-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov CONECTIVA CLSA-2003:691 BUGTRAQ 20030530 PHP Trans SID XSS (Was: New php release with security fixes) BUGTRAQ 20030707 [OpenPKG-SA-2003.032] OpenPKG Security Advisory (php) MISC http://shh.thathost.com/secadv/2003-05-11-php.txt CIAC N-112 DEBIAN DSA-351 MANDRAKE MDKSA-2003:082 REDHAT RHSA-2003:204 BID 7761 SECTRACK 1008653 TURBO TLSA-2003-47 XF php-session-id-xss(12259) Cross-site scripting (XSS) vulnerability in the transparent SID support capability for PHP before 4.3.2 (session.use_trans_sid) allows remote attackers to insert arbitrary script via the PHPSESSID parameter. cpe:/a:gtksee:gtksee:0.5 cpe:/a:gtksee:gtksee:0.5.1 CVE-2003-0444 2004-03-29T00:00:00.000-05:00 2017-07-10T21:29:32.243-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS DEBIAN DSA-337 BID 8061 XF gtksee-png-bo(12462) Heap-based buffer overflow in GTKSee 0.5 and 0.5.1 allows remote attackers to execute arbitrary code via a PNG image of certain color depths. cpe:/a:webfs:webfs:1.17 CVE-2003-0445 2003-07-24T00:00:00.000-04:00 2008-09-05T16:34:19.970-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS DEBIAN DSA-328 Buffer overflow in webfs before 1.17.1 allows remote attackers to execute arbitrary code via an HTTP request with a long Request-URI. cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:6.0 CVE-2003-0446 2003-07-24T00:00:00.000-04:00 2017-07-10T21:29:32.323-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030617 Re: Cross-Site Scripting in Unparsable XML Files (GM#013-IE) FULLDISC 20030617 Cross-Site Scripting in Unparsable XML Files (GM#013-IE) BUGTRAQ 20030617 Cross-Site Scripting in Unparsable XML Files (GM#013-IE) BUGTRAQ 20030617 Re: [Full-Disclosure] Cross-Site Scripting in Unparsable XML Files NTBUGTRAQ 20030617 Cross-Site Scripting in Unparsable XML Files (GM#013-IE) MISC http://security.greymagic.com/adv/gm013-ie/ BID 7938 XF ie-msxml-xss(12334) Cross-site scripting (XSS) in Internet Explorer 5.5 and 6.0, possibly in a component that is also used by other Microsoft products, allows remote attackers to insert arbitrary web script via an XML file that contains a parse error, which inserts the script in the resulting error message. cpe:/a:microsoft:ie:5.01 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:6.0 CVE-2003-0447 2003-07-24T00:00:00.000-04:00 2016-10-17T22:33:57.003-04:00 5.1 NETWORK HIGH NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS FULLDISC 20030617 Script Injection to Custom HTTP Errors in Local Zone (GM#014-IE) BUGTRAQ 20030617 Script Injection to Custom HTTP Errors in Local Zone (GM#014-IE) NTBUGTRAQ 20030617 Script Injection to Custom HTTP Errors in Local Zone (GM#014-IE) MISC http://security.greymagic.com/adv/gm014-ie/ The Custom HTTP Errors capability in Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute script in the Local Zone via an argument to shdocvw.dll that causes a "javascript:" link to be generated. cpe:/a:aboleo.net:portmon:1.7 CVE-2003-0448 2003-07-24T00:00:00.000-04:00 2016-10-17T22:33:58.160-04:00 3.6 LOCAL LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030618 Portmon file arbitrary read/write access vulnerability Portmon 1.7 and possibly earlier versions allows local users to read and write arbitrary files via the (1) -c (host file) or (2) -l (log file) command line options. cpe:/a:progress:database:9.1 CVE-2003-0449 2003-08-07T00:00:00.000-04:00 2016-10-17T22:33:59.440-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030614 SRT2003-06-13-0945 - Progress PATH based dlopen() issue BUGTRAQ 20030614 SRT2003-06-13-1009 - Progress _dbagent -installdir dlopen() issue MISC http://www.secnetops.com/research/advisories/SRT2003-06-13-0945.txt MISC http://www.secnetops.com/research/advisories/SRT2003-06-13-1009.txt Progress Database 9.1 to 9.1D06 trusts user input to find and load libraries using dlopen, which allows local users to gain privileges via (1) a PATH environment variable that points to malicious libraries, as demonstrated using libjutil.so in_proapsv, or (2) the -installdir command line parameter, as demonstrated using librocket_r.so in _dbagent. cpe:/a:cistron:radius_daemon:1.6.6 CVE-2003-0450 2003-08-07T00:00:00.000-04:00 2008-09-10T15:19:02.743-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS MISC http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=196063 CONECTIVA CLA-2003:664 DEBIAN DSA-321 SUSE SuSE-SA:2003:030 TURBO TLSA-2003-40 Cistron RADIUS daemon (radiusd-cistron) 1.6.6 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large value in an NAS-Port attribute, which is interpreted as a negative number and causes a buffer overflow. cpe:/a:xblockout:xbl:1.0j CVE-2003-0451 2003-08-07T00:00:00.000-04:00 2008-09-05T16:34:20.847-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS DEBIAN DSA-327 Multiple buffer overflows in xbl before 1.0k allow local users to gain privileges via certain long command line arguments. cpe:/a:gunnar_ritter:osh:1.7-10 CVE-2003-0452 2003-08-07T00:00:00.000-04:00 2008-09-05T16:34:20.987-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS DEBIAN DSA-329 Buffer overflows in osh before 1.7-11 allow local users to execute arbitrary code and bypass shell restrictions via (1) long environment variables or (2) long "file redirections." cpe:/a:ehud_gavron:traceroute-nanog:6.1.1 CVE-2003-0453 2003-08-07T00:00:00.000-04:00 2016-10-17T22:34:00.817-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030620 BAZARR FAREWELL DEBIAN DSA-348 traceroute-nanog 6.1.1 allows local users to overwrite unauthorized memory and possibly execute arbitrary code via certain "nprobes" and "max_ttl" arguments that cause an integer overflow that is used when allocating memory, which leads to a buffer overflow. cpe:/a:joe_rumsey:xgalaga:2.0.34 CVE-2003-0454 2003-08-07T00:00:00.000-04:00 2008-09-05T16:34:21.283-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS DEBIAN DSA-334 Multiple buffer overflows in xgalaga 2.0.34 and earlier allow local users to gain privileges via a long HOME environment variable. cpe:/a:imagemagick:libmagick_library:5.5 CVE-2003-0455 2003-08-07T00:00:00.000-04:00 2016-10-17T22:34:01.973-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030710 [OpenPKG-SA-2003.034] OpenPKG Security Advisory (imagemagick) DEBIAN DSA-331 REDHAT RHSA-2004:494 The imagemagick libmagick library 5.5 and earlier creates temporary files insecurely, which allows local users to create or overwrite arbitrary files. cpe:/a:deerfield:visnetic_website:3.5.13 cpe:/a:deerfield:visnetic_website:3.5.15 cpe:/a:deerfield:visnetic_website:3.5.17 CVE-2003-0456 2003-08-18T00:00:00.000-04:00 2017-07-10T21:29:32.383-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov VULNWATCH 20030701 VisNetic WebSite Path Disclosure Vulnerability BUGTRAQ 20030701 VisNetic WebSite Path Disclosure Vulnerability MISC http://www.krusesecurity.dk/advisories/vis0103.txt BID 8075 XF visnetic-website-path-disclosure(12483) VisNetic WebSite 3.5 allows remote attackers to obtain the full pathname of the server via a request containing a folder that does not exist, which leaks the pathname in an error message, as demonstrated using _vti_bin/fpcount.exe. cpe:/a:hp:nonstop_seeview_server_gateway:d40.00 cpe:/a:hp:nonstop_seeview_server_gateway:d41.00 cpe:/a:hp:nonstop_seeview_server_gateway:d42.00 cpe:/a:hp:nonstop_seeview_server_gateway:d42.01 cpe:/a:hp:nonstop_seeview_server_gateway:d43.00 cpe:/a:hp:nonstop_seeview_server_gateway:d43.01 cpe:/a:hp:nonstop_seeview_server_gateway:d43.02 cpe:/a:hp:nonstop_seeview_server_gateway:d44.00 cpe:/a:hp:nonstop_seeview_server_gateway:d44.01 cpe:/a:hp:nonstop_seeview_server_gateway:d44.02 cpe:/a:hp:nonstop_seeview_server_gateway:d45.00 cpe:/a:hp:nonstop_seeview_server_gateway:d45.01 cpe:/a:hp:nonstop_seeview_server_gateway:d46.00 cpe:/a:hp:nonstop_seeview_server_gateway:d47.00 cpe:/a:hp:nonstop_seeview_server_gateway:d48.00 cpe:/a:hp:nonstop_seeview_server_gateway:d48.01 cpe:/a:hp:nonstop_seeview_server_gateway:d48.02 cpe:/a:hp:nonstop_seeview_server_gateway:d48.03 cpe:/a:hp:nonstop_seeview_server_gateway:g01.00 cpe:/a:hp:nonstop_seeview_server_gateway:g02.00 cpe:/a:hp:nonstop_seeview_server_gateway:g03.00 cpe:/a:hp:nonstop_seeview_server_gateway:g04.00 cpe:/a:hp:nonstop_seeview_server_gateway:g05.00 cpe:/a:hp:nonstop_seeview_server_gateway:g05.01 cpe:/a:hp:nonstop_seeview_server_gateway:g06.00 cpe:/a:hp:nonstop_seeview_server_gateway:g06.01 cpe:/a:hp:nonstop_seeview_server_gateway:g06.03 cpe:/a:hp:nonstop_seeview_server_gateway:g06.04 cpe:/a:hp:nonstop_seeview_server_gateway:g06.05 cpe:/a:hp:nonstop_seeview_server_gateway:g06.06 cpe:/a:hp:nonstop_seeview_server_gateway:g06.07 cpe:/a:hp:nonstop_seeview_server_gateway:g06.08 cpe:/a:hp:nonstop_seeview_server_gateway:g06.09 cpe:/a:hp:nonstop_seeview_server_gateway:g06.10 cpe:/a:hp:nonstop_seeview_server_gateway:g06.11 cpe:/a:hp:nonstop_seeview_server_gateway:g06.12 cpe:/a:hp:nonstop_seeview_server_gateway:g06.13 cpe:/a:hp:nonstop_seeview_server_gateway:g06.14 cpe:/a:hp:nonstop_seeview_server_gateway:g06.15 cpe:/a:hp:nonstop_seeview_server_gateway:g06.16 cpe:/a:hp:nonstop_seeview_server_gateway:g06.17 cpe:/a:hp:nonstop_seeview_server_gateway:g06.18 cpe:/a:hp:nonstop_seeview_server_gateway:g06.19 cpe:/a:hp:nonstop_seeview_server_gateway:g06.20 CVE-2003-0458 2003-08-18T00:00:00.000-04:00 2008-09-05T16:34:21.690-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 HP SSRT3488 BID 8080 Unknown vulnerability in HP NonStop Server D40.00 through D48.03, and G01.00 through G06.20, allows local users to gain additional privileges. cpe:/a:kde:konqueror:2.1.1 cpe:/a:kde:konqueror:2.2.2 cpe:/a:kde:konqueror:3.0 cpe:/a:kde:konqueror:3.0.1 cpe:/a:kde:konqueror:3.0.2 cpe:/a:kde:konqueror:3.0.3 cpe:/a:kde:konqueror:3.0.5 cpe:/a:kde:konqueror:3.1 cpe:/a:kde:konqueror:3.1.1 cpe:/a:kde:konqueror:3.1.2 cpe:/a:kde:konqueror_embedded:0.1 cpe:/a:redhat:analog_real-time_synthesizer:2.1.1-5::i386 cpe:/a:redhat:analog_real-time_synthesizer:2.2-11::i386 cpe:/a:redhat:analog_real-time_synthesizer:2.2-11::ia64 cpe:/a:redhat:kdebase:3.0.3-13::i386 cpe:/a:redhat:kdebase:3.0.3-13::i386_dev cpe:/a:redhat:kdelibs:2.1.1-5::i386 cpe:/a:redhat:kdelibs:2.2-11::i386 cpe:/a:redhat:kdelibs:2.2-11::ia64 cpe:/a:redhat:kdelibs:3.0.0-10::i386 cpe:/a:redhat:kdelibs:3.1-10::i386 cpe:/a:redhat:kdelibs_devel:2.1.1-5::i386_dev cpe:/a:redhat:kdelibs_devel:2.2-11::i386_dev cpe:/a:redhat:kdelibs_devel:2.2-11::ia64_dev cpe:/a:redhat:kdelibs_devel:3.0.0-10::i386_dev cpe:/a:redhat:kdelibs_devel:3.0.3-8::i386_dev cpe:/a:redhat:kdelibs_devel:3.1-10::i386_dev cpe:/a:redhat:kdelibs_sound:2.1.1-5::i386_sound cpe:/a:redhat:kdelibs_sound:2.2-11::i386_sound cpe:/a:redhat:kdelibs_sound:2.2-11::ia64_sound cpe:/a:redhat:kdelibs_sound_devel:2.1.1-5::i386_sound_dev cpe:/a:redhat:kdelibs_sound_devel:2.2-11::i386_sound_dev cpe:/a:redhat:kdelibs_sound_devel:2.2-11::ia64_sound_dev CVE-2003-0459 2003-08-27T00:00:00.000-04:00 2017-10-10T21:29:10.293-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov CONECTIVA CLA-2003:747 FULLDISC 20030729 KDE Security Advisory: Konqueror Referrer Authentication Leak BUGTRAQ 20030802 [slackware-security] KDE packages updated (SSA:2003-213-01) DEBIAN DSA-361 CONFIRM http://www.kde.org/info/security/advisory-20030729-1.txt MANDRAKE MDKSA-2003:079 REDHAT RHSA-2003:235 REDHAT RHSA-2003:236 TURBO TLSA-2003-45 KDE Konqueror for KDE 3.1.2 and earlier does not remove authentication credentials from URLs of the "user:password@host" form in the HTTP-Referer header, which could allow remote web sites to steal the credentials for pages that link to the sites. cpe:/a:apache:http_server:1.3.27 CVE-2003-0460 2003-08-27T00:00:00.000-04:00 2008-09-05T16:34:22.143-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CONFIRM http://www.apache.org/dist/httpd/Announcement.html CERT-VN VU#694428 The rotatelogs program on Apache before 1.3.28, for Windows and OS/2 systems, does not properly ignore certain control characters that are received over the pipe, which could allow remote attackers to cause a denial of service. cpe:/o:redhat:linux:7.1 cpe:/o:redhat:linux:7.2 cpe:/o:redhat:linux:7.3 cpe:/o:redhat:linux:8.0 cpe:/o:redhat:linux:9.0 CVE-2003-0461 2003-08-27T00:00:00.000-04:00 2017-10-10T21:29:10.357-04:00 2.1 LOCAL LOW NONE PARTIAL NONE NONE http://nvd.nist.gov MISC http://rsbac.dyndns.org/pipermail/rsbac/2002-May/000162.html DEBIAN DSA-358 DEBIAN DSA-423 REDHAT RHSA-2003:238 REDHAT RHSA-2004:188 /proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords. cpe:/a:mandrakesoft:mandrake_multi_network_firewall:8.2 cpe:/o:linux:linux_kernel:2.4.0 cpe:/o:linux:linux_kernel:2.4.1 cpe:/o:linux:linux_kernel:2.4.2 cpe:/o:linux:linux_kernel:2.4.3 cpe:/o:linux:linux_kernel:2.4.4 cpe:/o:linux:linux_kernel:2.4.5 cpe:/o:linux:linux_kernel:2.4.6 cpe:/o:linux:linux_kernel:2.4.7 cpe:/o:linux:linux_kernel:2.4.8 cpe:/o:linux:linux_kernel:2.4.9 cpe:/o:linux:linux_kernel:2.4.10 cpe:/o:linux:linux_kernel:2.4.11 cpe:/o:linux:linux_kernel:2.4.12 cpe:/o:linux:linux_kernel:2.4.13 cpe:/o:linux:linux_kernel:2.4.14 cpe:/o:linux:linux_kernel:2.4.15 cpe:/o:linux:linux_kernel:2.4.16 cpe:/o:linux:linux_kernel:2.4.17 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel:2.4.19 cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.4.21 cpe:/o:mandrakesoft:mandrake_linux:8.2 cpe:/o:mandrakesoft:mandrake_linux:8.2::ppc cpe:/o:mandrakesoft:mandrake_linux:9.0 cpe:/o:mandrakesoft:mandrake_linux_corporate_server:2.1 CVE-2003-0462 2003-08-27T00:00:00.000-04:00 2017-10-10T21:29:10.433-04:00 1.2 LOCAL HIGH NONE NONE NONE PARTIAL http://nvd.nist.gov DEBIAN DSA-358 DEBIAN DSA-423 REDHAT RHSA-2003:198 REDHAT RHSA-2003:238 REDHAT RHSA-2003:239 A race condition in the way env_start and env_end pointers are initialized in the execve system call and used in fs/proc/base.c on Linux 2.4 allows local users to cause a denial of service (crash). CVE-2003-0463 2003-12-31T00:00:00.000-05:00 2008-09-10T15:19:05.273-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none. cpe:/o:redhat:linux:7.1 cpe:/o:redhat:linux:7.2 cpe:/o:redhat:linux:7.3 cpe:/o:redhat:linux:8.0 cpe:/o:redhat:linux:9.0 CVE-2003-0464 2003-08-27T00:00:00.000-04:00 2018-05-02T21:29:20.333-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov REDHAT RHSA-2003:238 The RPC code in Linux kernel 2.4 sets the reuse flag when sockets are created, which could allow local users to bind to UDP ports that are used by privileged services such as nfsd. cpe:/o:linux:linux_kernel:2.4.0 cpe:/o:linux:linux_kernel:2.5.0 CVE-2003-0465 2003-08-18T00:00:00.000-04:00 2017-10-10T21:29:10.510-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov CONFIRM http://marc.info/?l=linux-kernel&m=105796021120436&w=2 CONFIRM http://marc.info/?l=linux-kernel&m=105796415223490&w=2 REDHAT RHSA-2004:188 The kernel strncpy function in Linux 2.4 and 2.5 does not %NUL pad the buffer on architectures other than x86, as opposed to the expected behavior of strncpy as implemented in libc, which could lead to information leaks. cpe:/a:redhat:wu_ftpd:2.6.1-16::i386 cpe:/a:redhat:wu_ftpd:2.6.1-16::powerpc cpe:/a:redhat:wu_ftpd:2.6.1-18::i386 cpe:/a:redhat:wu_ftpd:2.6.1-18::ia64 cpe:/a:redhat:wu_ftpd:2.6.2-5::i386 cpe:/a:redhat:wu_ftpd:2.6.2-8::i386 cpe:/a:washington_university:wu-ftpd:2.5.0 cpe:/a:washington_university:wu-ftpd:2.6.0 cpe:/a:washington_university:wu-ftpd:2.6.1 cpe:/a:washington_university:wu-ftpd:2.6.2 cpe:/o:apple:mac_os_x:10.2.6 cpe:/o:apple:mac_os_x_server:10.2.6 cpe:/o:freebsd:freebsd:4.0 cpe:/o:freebsd:freebsd:4.0:alpha cpe:/o:freebsd:freebsd:4.1 cpe:/o:freebsd:freebsd:4.1.1 cpe:/o:freebsd:freebsd:4.1.1:release cpe:/o:freebsd:freebsd:4.1.1:stable cpe:/o:freebsd:freebsd:4.2 cpe:/o:freebsd:freebsd:4.2:stable cpe:/o:freebsd:freebsd:4.3 cpe:/o:freebsd:freebsd:4.3:release cpe:/o:freebsd:freebsd:4.3:releng cpe:/o:freebsd:freebsd:4.3:stable cpe:/o:freebsd:freebsd:4.4 cpe:/o:freebsd:freebsd:4.4:releng cpe:/o:freebsd:freebsd:4.4:stable cpe:/o:freebsd:freebsd:4.5 cpe:/o:freebsd:freebsd:4.5:release cpe:/o:freebsd:freebsd:4.5:stable cpe:/o:freebsd:freebsd:4.6 cpe:/o:freebsd:freebsd:4.6:release cpe:/o:freebsd:freebsd:4.6:stable cpe:/o:freebsd:freebsd:4.6.2 cpe:/o:freebsd:freebsd:4.7 cpe:/o:freebsd:freebsd:4.7:release cpe:/o:freebsd:freebsd:4.7:stable cpe:/o:freebsd:freebsd:4.8 cpe:/o:freebsd:freebsd:4.8:pre-release cpe:/o:freebsd:freebsd:5.0 cpe:/o:freebsd:freebsd:5.0:alpha cpe:/o:netbsd:netbsd:1.5 cpe:/o:netbsd:netbsd:1.5.1 cpe:/o:netbsd:netbsd:1.5.2 cpe:/o:netbsd:netbsd:1.5.3 cpe:/o:netbsd:netbsd:1.6 cpe:/o:netbsd:netbsd:1.6.1 cpe:/o:openbsd:openbsd:2.0 cpe:/o:openbsd:openbsd:2.1 cpe:/o:openbsd:openbsd:2.2 cpe:/o:openbsd:openbsd:2.3 cpe:/o:openbsd:openbsd:2.4 cpe:/o:openbsd:openbsd:2.5 cpe:/o:openbsd:openbsd:2.6 cpe:/o:openbsd:openbsd:2.7 cpe:/o:openbsd:openbsd:2.8 cpe:/o:openbsd:openbsd:2.9 cpe:/o:openbsd:openbsd:3.0 cpe:/o:openbsd:openbsd:3.1 cpe:/o:openbsd:openbsd:3.2 cpe:/o:openbsd:openbsd:3.3 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0::x86 CVE-2003-0466 2003-08-27T00:00:00.000-04:00 2018-05-02T21:29:20.520-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS NETBSD NetBSD-SA2003-011.txt.asc VULNWATCH 20030731 wu-ftpd fb_realpath() off-by-one bug IMMUNIX IMNX-2003-7+-019-01 MISC http://isec.pl/vulnerabilities/isec-0011-wu-ftpd.txt BUGTRAQ 20030731 wu-ftpd fb_realpath() off-by-one bug FREEBSD FreeBSD-SA-03:08 BUGTRAQ 20030804 wu-ftpd-2.6.2 off-by-one remote exploit. BUGTRAQ 20030804 Off-by-one Buffer Overflow Vulnerability in BSD libc realpath(3) SECTRACK 1007380 SUNALERT 1001257 DEBIAN DSA-357 CERT-VN VU#743092 MANDRAKE MDKSA-2003:080 SUSE SuSE-SA:2003:032 REDHAT RHSA-2003:245 REDHAT RHSA-2003:246 BUGTRAQ 20060213 Latest wu-ftpd exploit :-s BUGTRAQ 20060214 Re: Latest wu-ftpd exploit :-s BID 8315 TURBO TLSA-2003-46 XF libc-realpath-offbyone-bo(12785) Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO. cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.4.21 cpe:/o:linux:linux_kernel:2.4.21:pre1 cpe:/o:linux:linux_kernel:2.4.21:pre4 cpe:/o:linux:linux_kernel:2.4.21:pre7 CVE-2003-0467 2003-08-27T00:00:00.000-04:00 2016-10-17T22:34:08.163-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030802 [SECURITY] Netfilter Security Advisory: NAT Remote DOS (SACK mangle) Unknown vulnerability in ip_nat_sack_adjust of Netfilter in Linux kernels 2.4.20, and some 2.5.x, when CONFIG_IP_NF_NAT_FTP or CONFIG_IP_NF_NAT_IRC is enabled, or the ip_nat_ftp or ip_nat_irc modules are loaded, allows remote attackers to cause a denial of service (crash) in systems using NAT, possibly due to an integer signedness error. cpe:/a:wietse_venema:postfix:1.0.21 cpe:/a:wietse_venema:postfix:1.1.11 cpe:/a:wietse_venema:postfix:1999-09-06 cpe:/a:wietse_venema:postfix:1999-12-31 cpe:/a:wietse_venema:postfix:2000-02-28 cpe:/a:wietse_venema:postfix:2001-11-15 cpe:/o:conectiva:linux:7.0 cpe:/o:conectiva:linux:8.0 CVE-2003-0468 2003-08-27T00:00:00.000-04:00 2017-10-10T21:29:10.573-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONECTIVA CLA-2003:717 BUGTRAQ 20030804 Postfix 1.1.12 remote DoS / Postfix 1.1.11 bounce scanning DEBIAN DSA-363 MANDRAKE MDKSA-2003:081 SUSE SuSE-SA:2003:033 REDHAT RHSA-2003:251 BID 8333 Postfix 1.1.11 and earlier allows remote attackers to use Postfix to conduct "bounce scans" or DDos attacks of other hosts via an email address to the local host containing the target IP address and service name followed by a "!" string, which causes Postfix to attempt to use SMTP to communicate with the target on the associated port. cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2003_server:64-bit cpe:/o:microsoft:windows_2003_server:r2 cpe:/o:microsoft:windows_98::gold cpe:/o:microsoft:windows_98se cpe:/o:microsoft:windows_me cpe:/o:microsoft:windows_nt:4.0::server cpe:/o:microsoft:windows_nt:4.0::terminal_server cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_xp::gold CVE-2003-0469 2003-08-07T00:00:00.000-04:00 2018-10-12T17:32:45.570-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS FULLDISC 20030701 PoC for Internet Explorer >=5.0 buffer overflow (trivial exploit for hard case). FULLDISC 20030625 Re: Internet Explorer >=5.0 : Buffer overflow BUGTRAQ 20030622 Internet Explorer >=5.0 : Buffer overflow CERT CA-2003-14 CERT-VN VU#823260 BID 8016 MS MS03-023 Buffer overflow in the HTML Converter (HTML32.cnv) on various Windows operating systems allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via cut-and-paste operation, as demonstrated in Internet Explorer 5.0 using a long "align" argument in an HR tag. cpe:/a:symantec:security_check CVE-2003-0470 2003-08-07T00:00:00.000-04:00 2017-07-10T21:29:32.540-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS FULLDISC 20030622 Symantec ActiveX control buffer overflow BUGTRAQ 20030624 [Symantec Security Advisor] Symantec Security Check ActiveX Buffer Overflow SECTRACK 1007029 CERT-VN VU#527228 BID 8008 XF symantec-security-activex-bo(12423) Buffer overflow in the "RuFSI Utility Class" ActiveX control (aka "RuFSI Registry Information Class"), as used for the Symantec Security Check service, allows remote attackers to execute arbitrary code via a long argument to CompareVersionStrings. cpe:/a:alt-n:webadmin CVE-2003-0471 2003-08-07T00:00:00.000-04:00 2016-10-17T22:34:13.320-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030624 Remote Buffer Overrun WebAdmin.exe BUGTRAQ 20030624 Re: WebAdmin from ALT-N remote exploit PoC BID 8024 Buffer overflow in WebAdmin.exe for WebAdmin allows remote attackers to execute arbitrary code via an HTTP request to WebAdmin.dll with a long USER argument. cpe:/o:sgi:irix:6.5.19 CVE-2003-0472 2003-08-07T00:00:00.000-04:00 2017-07-10T21:29:32.587-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SGI 20030607-01-P BID 8027 XF irix-inetd-portscan-dos(12676) The IPv6 capability in IRIX 6.5.19 allows remote attackers to cause a denial of service (hang) in inetd via port scanning. cpe:/o:sgi:irix:6.5.19 CVE-2003-0473 2003-08-07T00:00:00.000-04:00 2017-07-10T21:29:32.650-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov SGI 20030607-01-P BID 8029 XF irix-snoop-gain-privileges(12677) Unknown vulnerability in the IPv6 capability in IRIX 6.5.19 causes snoop to process packets as the root user, with unknown implications. cpe:/a:ashley_brown:iweb_server CVE-2003-0474 2003-08-07T00:00:00.000-04:00 2016-10-17T22:34:14.630-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030416 SFAD03-001: iWeb Mini Web Server Remote Directory Traversal BUGTRAQ 20030627 Re: TA-2003-06 Directory Transversal Vulnerability in iWeb Server Directory traversal vulnerability in iWeb Server allows remote attackers to read arbitrary files via an HTTP request containing .. sequences, a different vulnerability than CVE-2003-0475. cpe:/a:ashley_brown:iweb_server CVE-2003-0475 2003-08-07T00:00:00.000-04:00 2016-10-17T22:34:16.177-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030623 TA-2003-06 Directory Transversal Vulnerability in iWeb Server 2 BUGTRAQ 20030627 Re: TA-2003-06 Directory Transversal Vulnerability in iWeb Server Directory traversal vulnerability in iWeb Server 2 allows remote attackers to read arbitrary files via an HTTP request containing URL-encoded .. sequences ("%5c%2e%2e"), a different vulnerability than CVE-2003-0474. cpe:/o:linux:linux_kernel:2.4.0 CVE-2003-0476 2003-08-07T00:00:00.000-04:00 2018-05-02T21:29:20.630-04:00 2.1 LOCAL LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030626 Linux 2.4.x execve() file read race vulnerability DEBIAN DSA-358 DEBIAN DSA-423 MANDRAKE MDKSA-2003:074 REDHAT RHSA-2003:238 REDHAT RHSA-2003:368 REDHAT RHSA-2003:408 The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, which allows local users to gain read access to restricted file descriptors. cpe:/a:wzdftpd:wzdftpd:0.1_rc4 CVE-2003-0477 2003-08-07T00:00:00.000-04:00 2016-10-17T22:34:18.553-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030627 wzdftpd remote DoS CONFIRM http://www.wzdftpd.net/changea.html wzdftpd 0.1rc4 and earlier allows remote attackers to cause a denial of service (crash) via a PORT command without an argument. cpe:/a:andromede:adromedeircd:1.2.3 cpe:/a:daniel_moss:methane:0.1.1 cpe:/a:hans_westerhof:digatech:1.2.1 cpe:/a:wenet:ircd-ru cpe:/o:bahamut:ircd:1.4.35 CVE-2003-0478 2003-08-07T00:00:00.000-04:00 2016-10-17T22:34:19.727-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030626 Bahamut IRCd <= 1.4.35 and several derived daemons BUGTRAQ 20030627 Re: Bahamut IRCd <= 1.4.35 and several derived daemons BUGTRAQ 20030627 Bahamut DoS Format string vulnerability in (1) Bahamut IRCd 1.4.35 and earlier, and other IRC daemons based on Bahamut including (2) digatech 1.2.1, (3) methane 0.1.1, (4) AndromedeIRCd 1.2.3-Release, and (5) ircd-RU, when running in debug mode, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a request containing format strings. cpe:/a:affordable_web_space_design:affordable_web_space_design_webbbs CVE-2003-0479 2003-08-07T00:00:00.000-04:00 2016-10-17T22:34:20.993-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030627 WebBBS Guestbook : Cross Site Scripting Cross-site scripting (XSS) vulnerability in the guestbook for WebBBS allows remote attackers to insert arbitrary web script via the (1) Name, (2) Email, or (3) Message fields. cpe:/a:vmware:workstation:4.0 CVE-2003-0480 2003-08-07T00:00:00.000-04:00 2016-10-17T22:34:22.197-04:00 3.7 LOCAL HIGH NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030627 VMware Workstation 4.0: Possible privilege escalation on the host CONFIRM http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=1019 VMware Workstation 4.0 for Linux allows local users to overwrite arbitrary files and gain privileges via "symlink manipulation." cpe:/a:gero_kohnert:tutos:1.1 CVE-2003-0481 2003-08-07T00:00:00.000-04:00 2016-10-17T22:34:23.757-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030623 [KSA-001] Multiple vulnerabilities in Tutos Multiple cross-site scripting (XSS) vulnerabilities in TUTOS 1.1 allow remote attackers to insert arbitrary web script, as demonstrated using the msg parameter to file_select.php. cpe:/a:gero_kohnert:tutos:1.1 CVE-2003-0482 2003-08-07T00:00:00.000-04:00 2016-10-17T22:34:24.900-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030623 [KSA-001] Multiple vulnerabilities in Tutos TUTOS 1.1 allows remote attackers to execute arbitrary code by uploading the code using file_new.php, then directly accessing the uploaded code via a request to the repository containing the code. cpe:/a:xmb_forum:xmb:1.8 CVE-2003-0483 2003-08-07T00:00:00.000-04:00 2016-10-17T22:34:26.057-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030623 Many XSS Vulnerabilities in XMB Forum. Cross-site scripting (XSS) vulnerabilities in XMB Forum 1.8 Partagium allow remote attackers to insert arbitrary script via (1) the member parameter to member.php or (2) the action parameter to buddy.php. cpe:/a:phpbb_group:phpbb CVE-2003-0484 2003-08-07T00:00:00.000-04:00 2016-10-17T22:34:27.167-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030621 XSS Exploit In phpBB viewtopic.php Cross-site scripting (XSS) vulnerability in viewtopic.php for phpBB allows remote attackers to insert arbitrary web script via the topic_id parameter. cpe:/a:progress:4gl_compiler:9.1:d06 CVE-2003-0485 2003-08-07T00:00:00.000-04:00 2016-10-17T22:34:28.760-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030620 SRT2003-06-20-1232 - Progress 4GL Compiler datatype overflow BID 7997 Buffer overflow in Progress 4GL Compiler 9.1D06 and earlier allows attackers to execute arbitrary code via source code containing a long, invalid data type. cpe:/a:phpbb_group:phpbb:2.0.5 CVE-2003-0486 2003-08-07T00:00:00.000-04:00 2017-07-10T21:29:32.743-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030619 phpBB password disclosure by sql injection CONFIRM http://www.phpbb.com/phpBB/viewtopic.php?t=112052 BID 7979 XF phpbb-viewtopic-sql-injection(12366) SQL injection vulnerability in viewtopic.php for phpBB 2.0.5 and earlier allows remote attackers to steal password hashes via the topic_id parameter. cpe:/a:kerio:kerio_mailserver:5.6.3 CVE-2003-0487 2003-08-07T00:00:00.000-04:00 2017-07-10T21:29:32.807-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030618 Multiple buffer overflows and XSS in Kerio MailServer MISC http://nautopia.org/vulnerabilidades/kerio_mailserver.htm BID 7967 XF kerio-multiple-modules-bo(12368) Multiple buffer overflows in Kerio MailServer 5.6.3 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via (1) a long showuser parameter in the do_subscribe module, (2) a long folder parameter in the add_acl module, (3) a long folder parameter in the list module, and (4) a long user parameter in the do_map module. cpe:/a:kerio:kerio_mailserver:5.6.3 CVE-2003-0488 2003-08-07T00:00:00.000-04:00 2017-07-10T21:29:32.853-04:00 5.1 NETWORK HIGH NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030618 Multiple buffer overflows and XSS in Kerio MailServer MISC http://nautopia.org/vulnerabilidades/kerio_mailserver.htm BID 7966 BID 7968 XF kerio-multiple-modules-xss(12367) Multiple cross-site scripting (XSS) vulnerabilities in Kerio MailServer 5.6.3 allow remote attackers to insert arbitrary web script via (1) the add_name parameter in the add_acl module, or (2) the alias parameter in the do_map module. cpe:/a:michael_c._toren:tcptraceroute:1.4 CVE-2003-0489 2003-08-07T00:00:00.000-04:00 2008-09-05T16:34:26.707-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS DEBIAN DSA-330 tcptraceroute 1.4 and earlier does not fully drop privileges after obtaining a file descriptor for capturing packets, which may allow local users to gain access to the descriptor via a separate vulnerability in tcptraceroute. cpe:/a:dantz:retrospect_client:5.0.540 CVE-2003-0490 2003-08-07T00:00:00.000-04:00 2016-10-17T22:34:33.667-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030616 Dantz Retrospect Client 5.0.540 for Mac OS X - permission issues The installation of Dantz Retrospect Client 5.0.540 on MacOS X 10.2.6, and possibly other versions, creates critical directories and files with world-writable permissions, which allows local users to gain privileges as other users by replacing programs with malicious code. cpe:/a:mytutorials:tutorials:2.0 CVE-2003-0491 2003-08-07T00:00:00.000-04:00 2016-10-17T22:34:34.807-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030616 Directory traversal vulnerability on Xoops/E-xoops CMS module "tutorials" The Tutorials 2.0 module in XOOPS and E-XOOPS allows remote attackers to execute arbitrary code by uploading a PHP file without a MIME image type, then directly accessing the uploaded file. cpe:/a:snitz_communications:snitz_forums_2000:3.4.03 CVE-2003-0492 2003-08-07T00:00:00.000-04:00 2017-07-10T21:29:32.900-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030616 Multiple Vulnerabilities In Snitz Forums BID 7922 XF snitz-search-xss(12325) Cross-site scripting (XSS) vulnerability in search.asp for Snitz Forums 3.4.03 and earlier allows remote attackers to execute arbitrary web script via the Search parameter. cpe:/a:snitz_communications:snitz_forums_2000:3.4.03 CVE-2003-0493 2003-08-07T00:00:00.000-04:00 2016-10-17T22:34:37.277-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030616 Multiple Vulnerabilities In Snitz Forums BID 7924 Snitz Forums 3.4.03 and earlier allows attackers to gain privileges as other users by stealing and replaying the encrypted password after obtaining a valid session ID. cpe:/a:snitz_communications:snitz_forums_2000:3.4.03 CVE-2003-0494 2003-08-07T00:00:00.000-04:00 2017-07-10T21:29:32.947-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030616 Multiple Vulnerabilities In Snitz Forums BID 7925 XF snitz-forums-password-reset(12326) password.asp in Snitz Forums 3.4.03 and earlier allows remote attackers to reset passwords and gain privileges as other users by via a direct request to password.asp with a modified member id. cpe:/a:ledscripts.com:lednews:0.7 CVE-2003-0495 2003-08-07T00:00:00.000-04:00 2017-07-10T21:29:33.027-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030615 XSS Vulnerability in LedNews (CGI/Perl) v0.7 BID 7920 XF lednews-message-xss(12304) Cross-site scripting (XSS) vulnerability in LedNews 0.7 allows remote attackers to insert arbitrary web script via a news item. cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2000::sp1 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 cpe:/o:microsoft:windows_2000_terminal_services cpe:/o:microsoft:windows_2000_terminal_services::sp1 cpe:/o:microsoft:windows_2000_terminal_services::sp2 cpe:/o:microsoft:windows_2000_terminal_services::sp3 CVE-2003-0496 2003-08-18T00:00:00.000-04:00 2019-04-30T10:27:13.710-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20030709 Pipe Filename Local Privilege Escalation FAQ BUGTRAQ 20030714 @stake named pipe exploit BUGTRAQ 20030715 CreateFile exploit, (working) ATSTAKE A070803-1 Microsoft SQL Server before Windows 2000 SP4 allows local users to gain privileges as the SQL Server user by calling the xp_fileexist extended stored procedure with a named pipe as an argument instead of a normal file. cpe:/a:intersystems:cache_database:5 CVE-2003-0497 2003-08-07T00:00:00.000-04:00 2019-10-10T07:17:40.910-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS IDEFENSE 20030701 Caché Insecure Installation File and Directory Permissions CONFIRM https://www.intersystems.com/support-learning/support/product-news-alerts/support-alerts-2003/ Cach? Database 5.x installs /cachesys/bin/cache with world-writable permissions, which allows local users to gain privileges by modifying cache and executing it via cuxs. cpe:/a:intersystems:cache_database:5 CVE-2003-0498 2003-08-07T00:00:00.000-04:00 2019-10-10T07:17:40.973-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS IDEFENSE 20030701 Caché Insecure Installation File and Directory Permissions CONFIRM https://www.intersystems.com/support-learning/support/product-news-alerts/support-alerts-2003/ Cach? Database 5.x installs the /cachesys/csp directory with insecure permissions, which allows local users to execute arbitrary code by adding server-side scripts that are executed with root privileges. cpe:/a:mantis:mantis:0.17.5 CVE-2003-0499 2003-08-07T00:00:00.000-04:00 2016-12-07T21:59:23.690-05:00 3.6 LOCAL LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov DEBIAN DSA-335 Mantis 0.17.5 and earlier stores its database password in cleartext in a world-readable configuration file, which allows local users to perform unauthorized database operations. cpe:/a:proftpd_project:proftpd:1.2.9_rc1 CVE-2003-0500 2003-08-07T00:00:00.000-04:00 2008-09-05T16:34:28.610-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS FULLDISC 20030618 SQL Inject in ProFTPD login against Postgresql using mod_sql DEBIAN DSA-338 SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD before 1.2.9rc1 allows remote attackers to execute arbitrary SQL and gain privileges by bypassing authentication or stealing passwords via the USER name. cpe:/o:linux:linux_kernel:2.6.20.1 CVE-2003-0501 2003-08-07T00:00:00.000-04:00 2018-05-02T21:29:20.723-04:00 2.1 LOCAL LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030620 Linux /proc sensitive information disclosure DEBIAN DSA-358 DEBIAN DSA-423 REDHAT RHSA-2003:198 REDHAT RHSA-2003:238 REDHAT RHSA-2003:239 The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries. cpe:/a:apple:darwin_streaming_server:4.1.3g CVE-2003-0502 2003-08-27T00:00:00.000-04:00 2011-03-07T21:12:41.783-05:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS VULNWATCH 20030723 R7-0015: Multiple Vulnerabilities Apple QuickTime/Darwin Streaming Server MISC http://www.rapid7.com/advisories/R7-0015.html Apple QuickTime / Darwin Streaming Server before 4.1.3g allows remote attackers to cause a denial of service (crash) via a .. (dot dot) sequence followed by an MS-DOS device name (e.g. AUX) in a request to HTTP port 1220, a different vulnerability than CVE-2003-0421. cpe:/o:microsoft:windows_2000::sp3 CVE-2003-0503 2003-08-07T00:00:00.000-04:00 2016-10-17T22:34:44.433-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030703 [SNS Advisory No.65] Windows 2000 ShellExecute() API Let Applications to Cause Buffer Overflow NTBUGTRAQ 20030703 [SNS Advisory No.65] Windows 2000 ShellExecute() API Let Applications to Cause Buffer Overflow MISC http://www.lac.co.jp/security/intelligence/SNSAdvisory/65.html Buffer overflow in the ShellExecute API function of SHELL32.DLL in Windows 2000 before SP4 may allow attackers to cause a denial of service or execute arbitrary code via a long third argument. cpe:/a:phpgroupware:phpgroupware:0.9.14.003 CVE-2003-0504 2003-08-07T00:00:00.000-04:00 2016-10-17T22:34:45.823-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov CONECTIVA CLA-2003:697 BUGTRAQ 20030702 [KSA-003] Cross Site Scripting Vulnerability in Phpgroupware DEBIAN DSA-365 MANDRAKE MDKSA-2003:077 MISC http://www.security-corporation.com/articles-20030702-005.html Multiple cross-site scripting (XSS) vulnerabilities in Phpgroupware 0.9.14.003 (aka webdistro) allow remote attackers to insert arbitrary HTML or web script, as demonstrated with a request to index.php in the addressbook module. cpe:/a:microsoft:netmeeting:3.0.1 CVE-2003-0505 2003-08-07T00:00:00.000-04:00 2016-10-17T22:34:47.013-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030702 CORE-2003-0305-04: NetMeeting Directory Traversal Vulnerability BID 7931 Directory traversal vulnerability in Microsoft NetMeeting 3.01 2000 before SP4 allows remote attackers to read arbitrary files via "..\.." (dot dot) sequences in a file transfer request. cpe:/a:microsoft:netmeeting:3.0.1 CVE-2003-0506 2003-08-07T00:00:00.000-04:00 2016-10-17T22:34:48.167-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030702 CORE-2003-0305-04: NetMeeting Directory Traversal Vulnerability Microsoft NetMeeting 3.01 2000 before SP4 allows remote attackers to cause a denial of service (shutdown of NetMeeting conference) via malformed packets, as demonstrated via the chat conversation. cpe:/o:microsoft:windows_2000::sp3 CVE-2003-0507 2003-08-07T00:00:00.000-04:00 2016-10-17T22:34:49.247-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030702 CORE-2003-0305-03: Active Directory Stack Overflow MSKB Q319709 CERT-VN VU#594108 BID 7930 Stack-based buffer overflow in Active Directory in Windows 2000 before SP4 allows remote attackers to cause a denial of service (reboot) and possibly execute arbitrary code via an LDAP version 3 search request with a large number of (1) "AND," (2) "OR," and possibly other statements, which causes LSASS.EXE to crash. cpe:/a:adobe:acrobat_reader:5.0.7 CVE-2003-0508 2003-08-07T00:00:00.000-04:00 2016-10-17T22:34:50.527-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030701 [sec-labs] Adobe Acrobat Reader <=5.0.7 Buffer Overflow BUGTRAQ 20030709 Acroread 5.0.7 buffer overflow Buffer overflow in the WWWLaunchNetscape function of Adobe Acrobat Reader (acroread) 5.0.7 and earlier allows remote attackers to execute arbitrary code via a .pdf file with a long mailto link. cpe:/a:cyberstrong:eshop:4.2 CVE-2003-0509 2003-08-07T00:00:00.000-04:00 2017-07-10T21:29:33.087-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030701 CyberStrong Shopping Cart - Advisory & Exploit Code SECTRACK 1007092 BID 14101 BID 14103 BID 14112 XF cyberstrongeshop-multiple-sql-injection(12485) SQL injection vulnerability in Cyberstrong eShop 4.2 and earlier allows remote attackers to steal authentication information and gain privileges via the ProductCode parameter in (1) 10expand.asp, (2) 10browse.asp, and (3) 20review.asp. cpe:/a:ezbounce:ezbounce:1.0 cpe:/a:ezbounce:ezbounce:1.1 cpe:/a:ezbounce:ezbounce:1.2 cpe:/a:ezbounce:ezbounce:1.3 cpe:/a:ezbounce:ezbounce:1.4 cpe:/a:ezbounce:ezbounce:1.5 cpe:/a:ezbounce:ezbounce:1.6 cpe:/a:ezbounce:ezbounce:1.7 cpe:/a:ezbounce:ezbounce:1.8 cpe:/a:ezbounce:ezbounce:1.9 cpe:/a:ezbounce:ezbounce:1.10 cpe:/a:ezbounce:ezbounce:1.11 cpe:/a:ezbounce:ezbounce:1.12 cpe:/a:ezbounce:ezbounce:1.13 cpe:/a:ezbounce:ezbounce:1.14 cpe:/a:ezbounce:ezbounce:1.15 cpe:/a:ezbounce:ezbounce:1.16 cpe:/a:ezbounce:ezbounce:1.17 cpe:/a:ezbounce:ezbounce:1.18 cpe:/a:ezbounce:ezbounce:1.19 cpe:/a:ezbounce:ezbounce:1.20 cpe:/a:ezbounce:ezbounce:1.21 cpe:/a:ezbounce:ezbounce:1.22 cpe:/a:ezbounce:ezbounce:1.23 cpe:/a:ezbounce:ezbounce:1.24 cpe:/a:ezbounce:ezbounce:1.25 cpe:/a:ezbounce:ezbounce:1.26 cpe:/a:ezbounce:ezbounce:1.27 cpe:/a:ezbounce:ezbounce:1.28 cpe:/a:ezbounce:ezbounce:1.29 cpe:/a:ezbounce:ezbounce:1.30 cpe:/a:ezbounce:ezbounce:1.31 cpe:/a:ezbounce:ezbounce:1.32 cpe:/a:ezbounce:ezbounce:1.33 cpe:/a:ezbounce:ezbounce:1.34 cpe:/a:ezbounce:ezbounce:1.35 cpe:/a:ezbounce:ezbounce:1.36 cpe:/a:ezbounce:ezbounce:1.37 cpe:/a:ezbounce:ezbounce:1.38 cpe:/a:ezbounce:ezbounce:1.39 cpe:/a:ezbounce:ezbounce:1.40 cpe:/a:ezbounce:ezbounce:1.41 cpe:/a:ezbounce:ezbounce:1.42 cpe:/a:ezbounce:ezbounce:1.43 cpe:/a:ezbounce:ezbounce:1.44 cpe:/a:ezbounce:ezbounce:1.45 cpe:/a:ezbounce:ezbounce:1.46 cpe:/a:ezbounce:ezbounce:1.47 cpe:/a:ezbounce:ezbounce:1.48 cpe:/a:ezbounce:ezbounce:1.49 cpe:/a:ezbounce:ezbounce:1.50 CVE-2003-0510 2003-08-07T00:00:00.000-04:00 2016-10-17T22:34:52.967-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONFIRM http://druglord.freelsd.org/ezbounce/ BUGTRAQ 20030701 ezbounce[v1.0-(1.04a/1.50pre6)]: remote format string exploit. Format string vulnerability in ezbounce 1.0 through 1.50 allows remote attackers to execute arbitrary code via the "sessions" command. cpe:/o:cisco:ios:12.2%284%29ja cpe:/o:cisco:ios:12.2%284%29ja1 cpe:/o:cisco:ios:12.2%288%29ja cpe:/o:cisco:ios:12.2%2811%29ja CVE-2003-0511 2003-08-27T00:00:00.000-04:00 2017-10-10T21:29:10.637-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov VULNWATCH 20030728 Cisco Aironet AP 1100 Malformed HTTP Request Crash Vulnerability CISCO 20030728 HTTP GET Vulnerability in AP1x00 MISC http://www.vigilante.com/inetsecurity/advisories/VIGILANTE-2003001.htm The web server for Cisco Aironet AP1x00 Series Wireless devices running certain versions of IOS 12.2 allow remote attackers to cause a denial of service (reload) via a malformed URL. cpe:/o:cisco:ios:12.0%2824%29s1 cpe:/o:cisco:ios:12.0%2824.2%29s cpe:/o:cisco:ios:12.2%2811%29ja1 cpe:/o:cisco:ios:12.2%2814.5%29 cpe:/o:cisco:ios:12.2%2814.5%29t cpe:/o:cisco:ios:12.2%2815%29zn cpe:/o:cisco:ios:12.2%2815.1%29s cpe:/o:cisco:ios:12.2%2816%29b cpe:/o:cisco:ios:12.2%2816.1%29b CVE-2003-0512 2003-08-27T00:00:00.000-04:00 2017-10-10T21:29:10.700-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov VULNWATCH 20030728 Cisco Aironet AP1100 Valid Account Disclosure Vulnerability CISCO 20030724 Enumerating Locally Defined Users in Cisco IOS CERT-VN VU#886796 MISC http://www.vigilante.com/inetsecurity/advisories/VIGILANTE-2003002.htm Cisco IOS 12.2 and earlier generates a "% Login invalid" message instead of prompting for a password when an invalid username is provided, which allows remote attackers to identify valid usernames on the system and conduct brute force password guessing, as reported for the Aironet Bridge. cpe:/a:microsoft:ie:5.0.1 cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:5.0.1:sp4 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.5:sp1 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:6.0:sp1 CVE-2003-0513 2004-04-15T00:00:00.000-04:00 2008-09-05T16:34:30.847-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS VULNWATCH 20040310 Corsaire Security Advisory: Multiple vendor HTTP user agent cookie path traversal issue FULLDISC 20040310 Corsaire Security Advisory: Multiple vendor HTTP user agent cookie path traversal issue Microsoft Internet Explorer allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Internet Explorer to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. cpe:/a:apple:safari:1.0 cpe:/a:apple:safari:1.1 CVE-2003-0514 2004-04-15T00:00:00.000-04:00 2008-09-05T16:34:31.017-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS VULNWATCH 20040310 Corsaire Security Advisory: Multiple vendor HTTP user agent cookie path traversal issue FULLDISC 20040310 Corsaire Security Advisory: Multiple vendor HTTP user agent cookie path traversal issue Apple Safari allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Safari to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. cpe:/a:teapop:teapop:0.3.4 cpe:/a:teapop:teapop:0.3.5 CVE-2003-0515 2003-08-18T00:00:00.000-04:00 2008-09-10T15:19:27.790-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS DEBIAN DSA-347 SQL injection vulnerabilities in the (1) PostgreSQL or (2) MySQL authentication modules for teapop 0.3.5 and earlier allow attackers to execute arbitrary SQL and possibly gain privileges. cpe:/a:gert_doering:mgetty:1.1.28 CVE-2003-0516 2003-08-18T00:00:00.000-04:00 2008-09-10T15:19:29.040-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_USER_ACCESS CONFIRM ftp://alpha.greenie.net/pub/mgetty/source/1.1/mgetty1.1.29-Nov25.tar.gz cnd.c in mgetty 1.1.28 and earlier does not properly filter non-printable characters and quotes, which may allow remote attackers to execute arbitrary commands via shell metacharacters in (1) caller ID or (2) caller name strings. cpe:/a:gert_doering:mgetty:1.1.19 cpe:/a:gert_doering:mgetty:1.1.20 cpe:/a:gert_doering:mgetty:1.1.21 cpe:/a:gert_doering:mgetty:1.1.22 cpe:/a:gert_doering:mgetty:1.1.28 CVE-2003-0517 2003-08-18T00:00:00.000-04:00 2008-09-05T16:34:31.487-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CONFIRM ftp://alpha.greenie.net/pub/mgetty/source/1.1/mgetty1.1.29-Nov25.tar.gz faxrunqd.in in mgetty 1.1.28 and earlier allows local users to overwrite files via a symlink attack on JOB files. cpe:/o:apple:mac_os_x:10.2 cpe:/o:apple:mac_os_x:10.2.1 cpe:/o:apple:mac_os_x:10.2.2 cpe:/o:apple:mac_os_x:10.2.3 cpe:/o:apple:mac_os_x:10.2.4 cpe:/o:apple:mac_os_x:10.2.5 cpe:/o:apple:mac_os_x:10.2.6 cpe:/o:apple:mac_os_x_server:10.2 cpe:/o:apple:mac_os_x_server:10.2.1 cpe:/o:apple:mac_os_x_server:10.2.2 cpe:/o:apple:mac_os_x_server:10.2.3 cpe:/o:apple:mac_os_x_server:10.2.4 cpe:/o:apple:mac_os_x_server:10.2.5 cpe:/o:apple:mac_os_x_server:10.2.6 CVE-2003-0518 2003-08-18T00:00:00.000-04:00 2008-09-10T15:19:29.617-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20030704 MacOSX - crash screensaver locked with password and get the desktop back BUGTRAQ 20030715 FIXED: MacOSX - crash screensaver locked with password and get thedesktop back CONFIRM http://docs.info.apple.com/article.html?artnum=120232 The screen saver in MacOS X allows users with physical access to cause the screen saver to crash and gain access to the underlying session via a large number of characters in the password field, possibly triggering a buffer overflow. cpe:/a:microsoft:ie:5.0 cpe:/a:microsoft:ie:6.0 CVE-2003-0519 2003-08-18T00:00:00.000-04:00 2008-09-05T16:34:31.860-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 FULLDISC 20030707 Internet Explorer 6 DoS Bug Certain versions of Internet Explorer 5 and 6, in certain Windows environments, allow remote attackers to cause a denial of service (freeze) via a URL to C:\aux (MS-DOS device name) and possibly other devices. cpe:/a:cerulean_studios:trillian:0.74 cpe:/a:cerulean_studios:trillian:1.0 CVE-2003-0520 2003-08-18T00:00:00.000-04:00 2016-10-17T22:34:54.137-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030704 Trillian Remote DoS BID 8107 Trillian 1.0 Pro and 0.74 Freeware allows remote attackers to cause a denial of service (crash) via a TypingUser message in which the "TypingUser" string has been modified. cpe:/a:cpanel:cpanel:5.0 cpe:/a:cpanel:cpanel:5.3 cpe:/a:cpanel:cpanel:6.0 cpe:/a:cpanel:cpanel:6.2 cpe:/a:cpanel:cpanel:6.4 cpe:/a:cpanel:cpanel:6.4.1 cpe:/a:cpanel:cpanel:6.4.2 cpe:/a:cpanel:cpanel:6.4.2_stable_48 CVE-2003-0521 2003-08-18T00:00:00.000-04:00 2016-10-17T22:34:55.403-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030706 cPanel Malicious HTML Tags Injection Vulnerability Cross-site scripting (XSS) vulnerability in cPanel 6.4.2 allows remote attackers to insert arbitrary HTML and possibly gain cPanel administrator privileges via script in a URL that is logged but not properly quoted when displayed via the (1) Error Log or (2) Latest Visitors screens. cpe:/a:early_impact:productcart:1.5 cpe:/a:early_impact:productcart:1.6b cpe:/a:early_impact:productcart:1.6b001 cpe:/a:early_impact:productcart:1.6b002 cpe:/a:early_impact:productcart:1.6b003 cpe:/a:early_impact:productcart:1.6br cpe:/a:early_impact:productcart:1.6br001 cpe:/a:early_impact:productcart:1.6br003 cpe:/a:early_impact:productcart:1.5002 cpe:/a:early_impact:productcart:1.5003 cpe:/a:early_impact:productcart:1.5003r cpe:/a:early_impact:productcart:1.5004 cpe:/a:early_impact:productcart:1.6002 cpe:/a:early_impact:productcart:1.6003 cpe:/a:early_impact:productcart:2 cpe:/a:early_impact:productcart:2br000 CVE-2003-0522 2003-08-18T00:00:00.000-04:00 2016-10-17T22:34:56.920-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030704 Another ProductCart SQL Injection Vulnerability BUGTRAQ 20030705 Re: Another ProductCart SQL Injection Vulnerability Multiple SQL injection vulnerabilities in ProductCart 1.5 through 2 allow remote attackers to (1) gain access to the admin control panel via the idadmin parameter to login.asp or (2) gain other privileges via the Email parameter to Custva.asp. cpe:/a:early_impact:productcart:1.5 cpe:/a:early_impact:productcart:1.6b cpe:/a:early_impact:productcart:1.6b001 cpe:/a:early_impact:productcart:1.6b002 cpe:/a:early_impact:productcart:1.6b003 cpe:/a:early_impact:productcart:1.6br cpe:/a:early_impact:productcart:1.6br001 cpe:/a:early_impact:productcart:1.6br003 cpe:/a:early_impact:productcart:1.5002 cpe:/a:early_impact:productcart:1.5003 cpe:/a:early_impact:productcart:1.5003r cpe:/a:early_impact:productcart:1.5004 cpe:/a:early_impact:productcart:1.6002 cpe:/a:early_impact:productcart:1.6003 cpe:/a:early_impact:productcart:2 cpe:/a:early_impact:productcart:2br000 CVE-2003-0523 2003-08-18T00:00:00.000-04:00 2016-10-17T22:34:58.187-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030705 ProductCart XSS Vulnerability Cross-site scripting (XSS) vulnerability in msg.asp for certain versions of ProductCart allow remote attackers to execute arbitrary web script via the message parameter. cpe:/a:knoppix:knoppix:3.1 CVE-2003-0524 2003-08-18T00:00:00.000-04:00 2016-10-17T22:34:59.467-04:00 6.2 LOCAL HIGH NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030708 Qt temporary files race condition in Knoppix 3.1 Qt in Knoppix 3.1 Live CD allows local users to overwrite arbitrary files via a symlink attack on the qt_plugins_3.0rc temporary file in the .qt directory. cpe:/o:microsoft:windows_nt:4.0::enterprise_server cpe:/o:microsoft:windows_nt:4.0::server cpe:/o:microsoft:windows_nt:4.0::terminal_server cpe:/o:microsoft:windows_nt:4.0:sp1:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp1:server cpe:/o:microsoft:windows_nt:4.0:sp1:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp2:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp2:server cpe:/o:microsoft:windows_nt:4.0:sp2:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp3:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp3:server cpe:/o:microsoft:windows_nt:4.0:sp3:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp4:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp4:server cpe:/o:microsoft:windows_nt:4.0:sp4:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp5:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp5:server cpe:/o:microsoft:windows_nt:4.0:sp5:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6:server cpe:/o:microsoft:windows_nt:4.0:sp6:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6a:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6a:server CVE-2003-0525 2003-08-27T00:00:00.000-04:00 2018-10-12T17:32:46.210-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov ATSTAKE A072303-1 MS MS03-029 XF winnt-file-management-dos(12701) The getCanonicalPath function in Windows NT 4.0 may free memory that it does not own and cause heap corruption, which allows attackers to cause a denial of service (crash) via requests that cause a long file name to be passed to getCanonicalPath, as demonstrated on the IBM JVM using a long string to the java.io.getCanonicalPath Java method. cpe:/a:microsoft:isa_server:2000 cpe:/a:microsoft:isa_server:2000:fp1 cpe:/a:microsoft:isa_server:2000:sp1 CVE-2003-0526 2003-08-18T00:00:00.000-04:00 2018-10-12T17:32:46.677-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030716 ISA Server - Error Page Cross Site Scripting VULNWATCH 20030716 Microsoft ISA Server HTTP error handler XSS (TL#007) BUGTRAQ 20030716 Microsoft ISA Server HTTP error handler XSS (TL#007) BUGTRAQ 20030716 ISA Server - Error Page Cross Site Scripting NTBUGTRAQ 20030716 Microsoft ISA Server HTTP error handler XSS (TL#007) MISC http://pivx.com/larholm/adv/TL006 MS MS03-028 Cross-site scripting (XSS) vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to inject arbitrary web script via a URL containing the script in the domain name portion, which is not properly cleansed in the default error pages (1) 500.htm for "500 Internal Server error" or (2) 404.htm for "404 Not Found." cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2000::sp1 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 cpe:/o:microsoft:windows_2000::sp4 cpe:/o:microsoft:windows_2003_server:enterprise::64-bit cpe:/o:microsoft:windows_2003_server:enterprise_64-bit cpe:/o:microsoft:windows_2003_server:r2::64-bit cpe:/o:microsoft:windows_2003_server:r2::datacenter_64-bit cpe:/o:microsoft:windows_2003_server:standard::64-bit cpe:/o:microsoft:windows_2003_server:web cpe:/o:microsoft:windows_nt:4.0::enterprise_server cpe:/o:microsoft:windows_nt:4.0::server cpe:/o:microsoft:windows_nt:4.0::terminal_server cpe:/o:microsoft:windows_nt:4.0::workstation cpe:/o:microsoft:windows_nt:4.0:sp1:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp1:server cpe:/o:microsoft:windows_nt:4.0:sp1:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp1:workstation cpe:/o:microsoft:windows_nt:4.0:sp2:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp2:server cpe:/o:microsoft:windows_nt:4.0:sp2:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp2:workstation cpe:/o:microsoft:windows_nt:4.0:sp3:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp3:server cpe:/o:microsoft:windows_nt:4.0:sp3:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp3:workstation cpe:/o:microsoft:windows_nt:4.0:sp4:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp4:server cpe:/o:microsoft:windows_nt:4.0:sp4:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp4:workstation cpe:/o:microsoft:windows_nt:4.0:sp5:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp5:server cpe:/o:microsoft:windows_nt:4.0:sp5:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp5:workstation cpe:/o:microsoft:windows_nt:4.0:sp6:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6:server cpe:/o:microsoft:windows_nt:4.0:sp6:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6:workstation cpe:/o:microsoft:windows_nt:4.0:sp6a:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6a:server cpe:/o:microsoft:windows_nt:4.0:sp6a:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6a:workstation cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_xp::sp1:home CVE-2003-0528 2003-09-17T00:00:00.000-04:00 2019-04-30T10:27:13.913-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20030911 NSFOCUS SA2003-06 : Microsoft Windows RPC DCOM Interface Heap Overflow Vulnerability BUGTRAQ 20030920 The Analysis of RPC Long Filename Heap Overflow AND a Way to Write Universal Heap Overflow of Windows CERT CA-2003-23 CERT-VN VU#254236 MISC http://www.nsfocus.com/english/homepage/research/0306.htm MS MS03-039 Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed RPC request with a long filename parameter, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0715. cpe:/a:microsoft:ie:5.0.1 cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:6.0:sp1 CVE-2003-0530 2003-08-27T00:00:00.000-04:00 2018-10-12T17:32:49.037-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS SECTRACK 1007538 CERT CA-2003-22 CERT-VN VU#548964 BID 8454 MS MS03-032 XF ie-br549-activex-bo(12962) Buffer overflow in the BR549.DLL ActiveX control for Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to execute arbitrary code. cpe:/a:microsoft:ie:5.0.1 cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.5:sp1 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:6.0:sp1 CVE-2003-0531 2003-08-27T00:00:00.000-04:00 2018-10-12T17:32:49.663-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CERT CA-2003-22 CERT-VN VU#205148 MISC http://www.lac.co.jp/security/english/snsadv_e/67_e.html BID 8457 MS MS03-032 XF ie-cache-script-injection(12961) Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to access and execute script in the My Computer domain using the browser cache via crafted Content-Type and Content-Disposition headers, aka the "Browser Cache Script Execution in My Computer Zone" vulnerability. cpe:/a:microsoft:ie:5.0.1 cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.5:sp1 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:6.0:sp1 CVE-2003-0532 2003-08-27T00:00:00.000-04:00 2018-10-12T17:32:50.287-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030820 EEYE: Internet Explorer Object Data Remote Execution Vulnerability BUGTRAQ 20030820 EEYE: Internet Explorer Object Data Remote Execution Vulnerability MISC http://www.eeye.com/html/Research/Advisories/AD20030820.html CERT-VN VU#865940 MS MS03-032 Internet Explorer 5.01 SP3 through 6.0 SP1 does not properly determine object types that are returned by web servers, which could allow remote attackers to execute arbitrary code via an object tag with a data parameter to a malicious file hosted on a server that returns an unsafe Content-Type, aka the "Object Type" vulnerability. cpe:/a:microsoft:netmeeting cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp4::fr cpe:/o:microsoft:windows_2003_server:r2 cpe:/o:microsoft:windows_98::gold cpe:/o:microsoft:windows_me cpe:/o:microsoft:windows_nt:4.0:sp6a cpe:/o:microsoft:windows_xp::sp1:tablet_pc CVE-2003-0533 2004-06-01T00:00:00.000-04:00 2018-10-12T17:32:50.773-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS FULLDISC 20040413 EEYE: Windows Local Security Authority Service Remote Buffer Overflow BUGTRAQ 20040429 MS04011 Lsasrv.dll RPC buffer overflow remote exploit (PoC) CIAC O-114 EEYE AD20040413C CERT-VN VU#753212 BID 10108 CERT TA04-104A MS MS04-011 XF win-lsass-bo(15699) Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm. cpe:/a:xblockout:xbl:1.0i cpe:/a:xblockout:xbl:1.0k cpe:/a:xblockout:xbl:1.1 CVE-2003-0535 2003-08-18T00:00:00.000-04:00 2008-09-10T15:19:32.820-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS FULLDISC 20030708 Fwd: xbl vulnerabilty DEBIAN DSA-345 Buffer overflow in xbl 1.0k and earlier allows local users to gain privileges via a long -display command line option. cpe:/a:phpsysinfo:phpsysinfo:2.0 cpe:/a:phpsysinfo:phpsysinfo:2.1 CVE-2003-0536 2003-08-18T00:00:00.000-04:00 2016-10-17T22:35:07.453-04:00 3.6 LOCAL LOW NONE PARTIAL NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030425 Unauthorized reading files on phpSysInfo MISC http://sourceforge.net/tracker/index.php?func=detail&aid=670222&group_id=15&atid=100015 DEBIAN DSA-346 Directory traversal vulnerability in phpSysInfo 2.1 and earlier allows attackers with write access to a local directory to read arbitrary files as the PHP user or cause a denial of service via .. (dot dot) sequences in the (1) template or (2) lng parameters. cpe:/a:daiki_ueno:liece_emacs_irc_client:2.0_0.2003-05-27 CVE-2003-0537 2003-08-18T00:00:00.000-04:00 2008-09-05T16:34:34.737-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_USER_ACCESS DEBIAN DSA-341 The liece Emacs IRC client 2.0+0.20030527 and earlier creates temporary files insecurely, which could allow local users to overwrite arbitrary files as other users. cpe:/a:mozart:mozart:1.2.3 cpe:/a:mozart:mozart:1.2.5 CVE-2003-0538 2003-08-18T00:00:00.000-04:00 2008-09-10T15:19:33.103-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS DEBIAN DSA-342 The mailcap file for mozart 1.2.5 and earlier causes Oz applications to be passed to the Oz interpreter, which allows remote attackers to execute arbitrary Oz programs in a MIME-aware client program. cpe:/a:ddskk:ddskk:11.6_.rel.0 cpe:/a:redhat:daredevil_skk:11.3.2::noarch cpe:/a:redhat:daredevil_skk:11.3.5::noarch cpe:/a:redhat:daredevil_skk:11.6.0-6::noarch cpe:/a:redhat:daredevil_skk:11.6.0-8::noarch cpe:/a:redhat:daredevil_skk:11.6.0-10::noarch cpe:/a:redhat:ddskk-xemacs:11.6.0-6::noarch cpe:/a:redhat:ddskk-xemacs:11.6.0-8::noarch cpe:/a:redhat:ddskk-xemacs:11.6.0-10::noarch cpe:/a:skk:skk:10.62a CVE-2003-0539 2003-08-18T00:00:00.000-04:00 2017-10-10T21:29:11.090-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS DEBIAN DSA-343 REDHAT RHSA-2003:242 skk (Simple Kana to Kanji conversion program) 12.1 and earlier, and the ddskk package which is based on skk, creates temporary files insecurely, which allows local users to overwrite arbitrary files. cpe:/a:wietse_venema:postfix:1.0.21 cpe:/a:wietse_venema:postfix:1.1.11 cpe:/a:wietse_venema:postfix:1.1.12 cpe:/a:wietse_venema:postfix:1999-09-06 cpe:/a:wietse_venema:postfix:1999-12-31 cpe:/a:wietse_venema:postfix:2000-02-28 cpe:/a:wietse_venema:postfix:2001-11-15 cpe:/o:conectiva:linux:7.0 cpe:/o:conectiva:linux:8.0 CVE-2003-0540 2003-08-27T00:00:00.000-04:00 2017-10-10T21:29:11.167-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONECTIVA CLA-2003:717 FULLDISC 20030804 Postfix 1.1.12 remote DoS / Postfix 1.1.11 bounce scanning BUGTRAQ 20030804 Postfix 1.1.12 remote DoS / Postfix 1.1.11 bounce scanning TRUSTIX 2003-0029 DEBIAN DSA-363 CERT-VN VU#895508 ENGARDE ESA-20030804-019 MANDRAKE MDKSA-2003:081 SUSE SuSE-SA:2003:033 REDHAT RHSA-2003:251 BID 8333 The address parser code in Postfix 1.1.12 and earlier allows remote attackers to cause a denial of service (lock) via (1) a malformed envelope address to a local host that would generate a bounce and contains the ".!" string in the MAIL FROM or Errors-To headers, which causes nqmgr to lock up, or (2) via a valid MAIL FROM with a RCPT TO containing a ".!" string, which causes an instance of the SMTP listener to lock up. cpe:/a:gnome:gtkhtml:1.1.10 CVE-2003-0541 2003-09-17T00:00:00.000-04:00 2017-10-10T21:29:11.230-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONECTIVA CLA-2003:737 DEBIAN DSA-710 MANDRAKE MDKSA-2003:093 REDHAT RHSA-2003:264 gtkhtml before 1.1.10, as used in Evolution, allows remote attackers to cause a denial of service (crash) via a malformed message that causes a null pointer dereference. cpe:/a:apache:http_server:1.3 cpe:/a:apache:http_server:1.3.1 cpe:/a:apache:http_server:1.3.3 cpe:/a:apache:http_server:1.3.4 cpe:/a:apache:http_server:1.3.6 cpe:/a:apache:http_server:1.3.9 cpe:/a:apache:http_server:1.3.11 cpe:/a:apache:http_server:1.3.12 cpe:/a:apache:http_server:1.3.14 cpe:/a:apache:http_server:1.3.17 cpe:/a:apache:http_server:1.3.18 cpe:/a:apache:http_server:1.3.19 cpe:/a:apache:http_server:1.3.20 cpe:/a:apache:http_server:1.3.22 cpe:/a:apache:http_server:1.3.23 cpe:/a:apache:http_server:1.3.24 cpe:/a:apache:http_server:1.3.25 cpe:/a:apache:http_server:1.3.26 cpe:/a:apache:http_server:1.3.27 cpe:/a:apache:http_server:1.3.28 cpe:/a:apache:http_server:2.0 cpe:/a:apache:http_server:2.0.28 cpe:/a:apache:http_server:2.0.32 cpe:/a:apache:http_server:2.0.35 cpe:/a:apache:http_server:2.0.36 cpe:/a:apache:http_server:2.0.37 cpe:/a:apache:http_server:2.0.38 cpe:/a:apache:http_server:2.0.39 cpe:/a:apache:http_server:2.0.40 cpe:/a:apache:http_server:2.0.41 cpe:/a:apache:http_server:2.0.42 cpe:/a:apache:http_server:2.0.43 cpe:/a:apache:http_server:2.0.44 cpe:/a:apache:http_server:2.0.45 cpe:/a:apache:http_server:2.0.46 cpe:/a:apache:http_server:2.0.47 CVE-2003-0542 2003-11-03T00:00:00.000-05:00 2018-05-02T21:29:20.927-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SCO SCOSA-2004.6 SGI 20031203-01-U SGI 20040202-01-U CONFIRM http://docs.info.apple.com/article.html?artnum=61798 CONFIRM http://httpd.apache.org/dist/httpd/Announcement2.html APPLE APPLE-SA-2004-01-26 CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00045.html BUGTRAQ 20031031 GLSA: apache (200310-04) HP SSRT090208 SUNALERT 101444 SUNALERT 101841 CERT-VN VU#434566 CERT-VN VU#549142 MANDRAKE MDKSA-2003:103 REDHAT RHSA-2003:320 REDHAT RHSA-2003:360 REDHAT RHSA-2003:405 REDHAT RHSA-2004:015 REDHAT RHSA-2005:816 HP HPSBUX0311-301 BUGTRAQ 20031028 [OpenPKG-SA-2003.046] OpenPKG Security Advisory (apache) BID 8911 BID 9504 XF apache-modalias-modrewrite-bo(13400) MLIST [httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html MLIST [httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html Multiple stack-based buffer overflows in (1) mod_alias and (2) mod_rewrite for Apache before 1.3.29 allow attackers to create configuration files to cause a denial of service (crash) or execute arbitrary code via a regular expression with more than 9 captures. cpe:/a:openssl:openssl:0.9.6 cpe:/a:openssl:openssl:0.9.7 CVE-2003-0543 2003-11-17T00:00:00.000-05:00 2018-05-02T21:29:21.100-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONFIRM http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=104893 SUNALERT 201029 CERT CA-2003-26 DEBIAN DSA-393 DEBIAN DSA-394 CERT-VN VU#255484 ENGARDE ESA-20030930-027 REDHAT RHSA-2003:291 REDHAT RHSA-2003:292 BID 8732 MISC http://www.uniras.gov.uk/vuls/2003/006489/openssl.htm VUPEN ADV-2006-3900 CONFIRM http://www-1.ibm.com/support/docview.wss?uid=swg21247112 Integer overflow in OpenSSL 0.9.6 and 0.9.7 allows remote attackers to cause a denial of service (crash) via an SSL client certificate with certain ASN.1 tag values. cpe:/a:openssl:openssl:0.9.6 cpe:/a:openssl:openssl:0.9.7 CVE-2003-0544 2003-11-17T00:00:00.000-05:00 2018-05-02T21:29:21.223-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONFIRM http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=104893 SUNALERT 201029 CERT CA-2003-26 DEBIAN DSA-393 DEBIAN DSA-394 CERT-VN VU#380864 ENGARDE ESA-20030930-027 REDHAT RHSA-2003:291 REDHAT RHSA-2003:292 BID 8732 MISC http://www.uniras.gov.uk/vuls/2003/006489/openssl.htm VUPEN ADV-2006-3900 CONFIRM http://www-1.ibm.com/support/docview.wss?uid=swg21247112 XF openssl-asn1-sslclient-dos(43041) OpenSSL 0.9.6 and 0.9.7 does not properly track the number of characters in certain ASN.1 inputs, which allows remote attackers to cause a denial of service (crash) via an SSL client certificate that causes OpenSSL to read past the end of a buffer when the long form is used. cpe:/a:openssl:openssl:0.9.6 cpe:/a:openssl:openssl:0.9.7 CVE-2003-0545 2003-11-17T00:00:00.000-05:00 2018-05-02T21:29:21.350-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov CERT CA-2003-26 DEBIAN DSA-394 CERT-VN VU#935264 REDHAT RHSA-2003:292 BID 8732 VUPEN ADV-2006-3900 CONFIRM http://www-1.ibm.com/support/docview.wss?uid=swg21247112 Double free vulnerability in OpenSSL 0.9.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an SSL client certificate with a certain invalid ASN.1 encoding. cpe:/a:redhat:up2date:3.0.7-1::i386 cpe:/a:redhat:up2date:3.0.7-1::i386_gnome cpe:/a:redhat:up2date:3.1.23-1::i386 cpe:/a:redhat:up2date:3.1.23-1::i386_gnome CVE-2003-0546 2003-08-27T00:00:00.000-04:00 2017-10-10T21:29:11.293-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS REDHAT RHSA-2003:255 up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised. cpe:/a:gnome:gdm:2.4.1 cpe:/a:gnome:gdm:2.4.1.1 cpe:/a:gnome:gdm:2.4.1.2 cpe:/a:gnome:gdm:2.4.1.3 cpe:/a:gnome:gdm:2.4.1.4 cpe:/a:gnome:gdm:2.4.1.5 cpe:/a:gnome:gdm:2.4.1.6 cpe:/a:redhat:kdebase:2.4.0.7.13::i386 cpe:/a:redhat:kdebase:2.4.1.3.5::i386 CVE-2003-0547 2003-08-27T00:00:00.000-04:00 2017-10-10T21:29:11.357-04:00 2.1 LOCAL LOW NONE PARTIAL NONE NONE http://nvd.nist.gov CONECTIVA CLA-2003:729 CONFIRM http://mail.gnome.org/archives/gnome-hackers/2003-August/msg00045.html BUGTRAQ 20030824 [slackware-security] GDM security update (SSA:2003-236-01) REDHAT RHSA-2003:258 GDM before 2.4.1.6, when using the "examine session errors" feature, allows local users to read arbitrary files via a symlink attack on the ~/.xsession-errors file. cpe:/a:gnome:gdm:2.2.0 cpe:/a:gnome:gdm:2.4.1 cpe:/a:gnome:gdm:2.4.1.1 cpe:/a:gnome:gdm:2.4.1.2 cpe:/a:gnome:gdm:2.4.1.3 cpe:/a:gnome:gdm:2.4.1.4 cpe:/a:gnome:gdm:2.4.1.5 cpe:/a:gnome:gdm:2.4.1.6 cpe:/a:redhat:kdebase:2.0_beta2.45::i386 cpe:/a:redhat:kdebase:2.0_beta2.45::ppc cpe:/a:redhat:kdebase:2.2.3.1.20::i386 cpe:/a:redhat:kdebase:2.2.3.1.20::ia64 cpe:/a:redhat:kdebase:2.2.3.1.22::i386 cpe:/a:redhat:kdebase:2.4.0.7.13::i386 cpe:/a:redhat:kdebase:2.4.1.3.5::i386 cpe:/o:redhat:enterprise_linux:2.1::advanced_server cpe:/o:redhat:enterprise_linux:2.1::advanced_server_ia64 cpe:/o:redhat:enterprise_linux:2.1::enterprise_server cpe:/o:redhat:enterprise_linux:2.1::enterprise_server_ia64 cpe:/o:redhat:enterprise_linux:2.1::workstation cpe:/o:redhat:enterprise_linux:2.1::workstation_ia64 cpe:/o:redhat:linux_advanced_workstation:2.1 CVE-2003-0548 2003-08-27T00:00:00.000-04:00 2017-10-10T21:29:11.433-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONECTIVA CLA-2003:729 CONFIRM http://mail.gnome.org/archives/gnome-hackers/2003-August/msg00045.html REDHAT RHSA-2003:258 REDHAT RHSA-2003:259 The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) when a chosen host expires, a different issue than CVE-2003-0549. cpe:/a:gnome:gdm:2.2.0 cpe:/a:gnome:gdm:2.4.1 cpe:/a:gnome:gdm:2.4.1.1 cpe:/a:gnome:gdm:2.4.1.2 cpe:/a:gnome:gdm:2.4.1.3 cpe:/a:gnome:gdm:2.4.1.4 cpe:/a:gnome:gdm:2.4.1.5 cpe:/a:gnome:gdm:2.4.1.6 cpe:/a:redhat:kdebase:2.0_beta2.45::i386 cpe:/a:redhat:kdebase:2.0_beta2.45::ppc cpe:/a:redhat:kdebase:2.2.3.1.20::i386 cpe:/a:redhat:kdebase:2.2.3.1.20::ia64 cpe:/a:redhat:kdebase:2.2.3.1.22::i386 cpe:/a:redhat:kdebase:2.4.0.7.13::i386 cpe:/a:redhat:kdebase:2.4.1.3.5::i386 cpe:/o:redhat:enterprise_linux:2.1::advanced_server cpe:/o:redhat:enterprise_linux:2.1::advanced_server_ia64 cpe:/o:redhat:enterprise_linux:2.1::enterprise_server cpe:/o:redhat:enterprise_linux:2.1::enterprise_server_ia64 cpe:/o:redhat:enterprise_linux:2.1::workstation cpe:/o:redhat:enterprise_linux:2.1::workstation_ia64 cpe:/o:redhat:linux_advanced_workstation:2.1 CVE-2003-0549 2003-08-27T00:00:00.000-04:00 2017-10-10T21:29:11.510-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONECTIVA CLA-2003:729 CONFIRM http://mail.gnome.org/archives/gnome-hackers/2003-August/msg00045.html REDHAT RHSA-2003:258 REDHAT RHSA-2003:259 The X Display Manager Control Protocol (XDMCP) support for GDM before 2.4.1.6 allows attackers to cause a denial of service (daemon crash) via a short authorization key name. cpe:/o:redhat:linux:2.4.2 CVE-2003-0550 2003-08-27T00:00:00.000-04:00 2017-10-10T21:29:11.573-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov DEBIAN DSA-358 DEBIAN DSA-423 REDHAT RHSA-2003:238 REDHAT RHSA-2003:239 The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology. cpe:/o:redhat:linux:2.4.2 CVE-2003-0551 2003-08-27T00:00:00.000-04:00 2017-10-10T21:29:11.653-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov DEBIAN DSA-358 DEBIAN DSA-423 REDHAT RHSA-2003:198 REDHAT RHSA-2003:238 REDHAT RHSA-2003:239 The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of service. cpe:/o:redhat:linux:2.4.2 CVE-2003-0552 2003-08-27T00:00:00.000-04:00 2017-10-10T21:29:11.730-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov DEBIAN DSA-358 DEBIAN DSA-423 REDHAT RHSA-2003:198 REDHAT RHSA-2003:238 REDHAT RHSA-2003:239 Linux 2.4.x allows remote attackers to spoof the bridge Forwarding table via forged packets whose source addresses are the same as the target. cpe:/a:netscape:navigator:7.0.2 CVE-2003-0553 2003-08-18T00:00:00.000-04:00 2016-10-17T22:35:13.673-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS MISC http://jimmers.russia.webmatrixhosting.net/whitepapers/CDTbug.pdf BUGTRAQ 20030714 Netscape 7.02 Client Detection Tool plug-in buffer overrun Buffer overflow in the Client Detection Tool (CDT) plugin (npcdt.dll) for Netscape 7.02 allows remote attackers to execute arbitrary code via an attachment with a long filename. cpe:/a:neomodus:direct_connect:1.0 CVE-2003-0554 2003-08-18T00:00:00.000-04:00 2016-10-17T22:35:14.890-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov FULLDISC 20030714 [sec-labs] Remote Denial of Service vulnerability in NeoModus Direct Connect 1.0 build 9 BUGTRAQ 20030714 [sec-labs] Remote Denial of Service vulnerability in NeoModus Direct Connect 1.0 build 9 NeoModus Direct Connect 1.0 build 9, and possibly other versions, allows remote attackers to cause a denial of service (connection and possibly memory exhaustion) via a flood of ConnectToMe requests containing arbitrary IP addresses and ports. cpe:/a:imagemagick:imagemagick:5.4.3 CVE-2003-0555 2003-08-18T00:00:00.000-04:00 2016-10-17T22:35:16.097-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030714 ImageMagick's Overflow ImageMagick 5.4.3.x and earlier allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a "%x" filename, possibly triggering a format string vulnerability. cpe:/h:polycom:mgc-100 cpe:/h:polycom:mgc-25:5.51.21 cpe:/h:polycom:mgc-25:5.51.211 cpe:/h:polycom:mgc-50 CVE-2003-0556 2003-08-18T00:00:00.000-04:00 2016-10-17T22:35:17.237-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov FULLDISC 20030712 DoS - Polycom MGC 25 Control Port BUGTRAQ 20030712 DoS - Polycom MGC 25 Control Port Polycom MGC 25 allows remote attackers to cause a denial of service (crash) via a large number of "user" requests to the control port 5003, as demonstrated using the blast TCP stress tester. cpe:/a:lagarde:storefront:6.0 CVE-2003-0557 2003-08-18T00:00:00.000-04:00 2016-10-17T22:35:18.453-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030712 ZH2003-3SA (security advisory): Storefront sql injection: users SQL injection vulnerability in login.asp for StoreFront 6.0, and possibly earlier versions, allows remote attackers to obtain sensitive user information via SQL statements in the password field. cpe:/a:leapware:leapftp:2.7.3.600 CVE-2003-0558 2003-08-18T00:00:00.000-04:00 2016-10-17T22:35:19.580-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030711 LeapFTP remote buffer overflow exploit Buffer overflow in LeapFTP 2.7.3.600 allows remote FTP servers to execute arbitrary code via a long IP address response to a PASV request. cpe:/a:phpforum:phpforum:2.0_rc1 CVE-2003-0559 2003-08-18T00:00:00.000-04:00 2016-10-17T22:35:21.097-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030710 PHP-Include-Hack-Possibility in phpforum 2 RC-1 mainfile.php in phpforum 2 RC-1, and possibly earlier versions, allows remote attackers to execute arbitrary PHP code by modifying the MAIN_PATH parameter to reference a URL on a remote web server that contains the code. cpe:/a:virtual_programming:vp-asp:5.0 CVE-2003-0560 2003-08-18T00:00:00.000-04:00 2016-10-17T22:35:22.610-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030704 VPASP SQL Injection Vulnerability & Exploit CODE BID 8159 SQL injection vulnerability in shopexd.asp for VP-ASP allows remote attackers to gain administrator privileges via the id parameter. cpe:/a:iglooftp:iglooftp_pro:3.8 CVE-2003-0561 2003-08-18T00:00:00.000-04:00 2016-10-17T22:35:23.910-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030707 Multiple Buffer Overflows in IglooFTP PRO BUGTRAQ 20030707 Multiple Buffer Overflows in IglooFTP PRO Multiple buffer overflows in IglooFTP PRO 3.8 allow remote FTP servers to execute arbitrary code via (1) a long FTP banner, or long responses to the client commands (2) USER, (3) PASS, (4) ACCT, and possibly other commands. cpe:/o:novell:netware:5.1 cpe:/o:novell:netware:5.1:sp4 cpe:/o:novell:netware:5.1:sp6 cpe:/o:novell:netware:6.0 cpe:/o:novell:netware:6.0:sp1 cpe:/o:novell:netware:6.0:sp2 CVE-2003-0562 2003-08-27T00:00:00.000-04:00 2016-10-17T22:35:25.173-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov VULNWATCH 20030723 Buffer Overflow in Netware Web Server PERL Handler BUGTRAQ 20030723 NOVL-2003-2966549 - Enterprise Web Server PERL Buffer Overflow BUGTRAQ 20030723 Buffer Overflow in Netware Web Server PERL Handler CONFIRM http://support.novell.com/servlet/tidfinder/2966549 CERT-VN VU#185593 MISC http://www.protego.dk/advisories/200301.html Buffer overflow in the CGI2PERL.NLM PERL handler in Novell Netware 5.1 and 6.0 allows remote attackers to cause a denial of service (ABEND) via a long input string. cpe:/a:hitachi:groupmax_mail_-_security_option:6.0 cpe:/a:hitachi:pki_runtime_library CVE-2003-0564 2003-12-01T00:00:00.000-05:00 2017-10-10T21:29:11.807-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SGI 20040402-01-U HP SSRT4722 FEDORA FLSA:2089 CERT-VN VU#428230 MANDRAKE MDKSA-2004:021 REDHAT RHSA-2004:110 REDHAT RHSA-2004:112 BID 8981 MISC http://www.uniras.gov.uk/vuls/2003/006489/smime.htm XF smime-asn1-bo(13603) Multiple vulnerabilities in multiple vendor implementations of the Secure/Multipurpose Internet Mail Extensions (S/MIME) protocol allow remote attackers to cause a denial of service and possibly execute arbitrary code via an S/MIME email message containing certain unexpected ASN.1 constructs, as demonstrated using the NISSC test suite. CVE-2003-0565 2003-12-01T00:00:00.000-05:00 2005-10-20T00:00:00.000-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CERT-VN VU#927278 MISC http://www.uniras.gov.uk/vuls/2003/006489/x400.htm Multiple vulnerabilities in multiple vendor implementations of the X.400 protocol allow remote attackers to cause a denial of service and possibly execute arbitrary code via an X.400 message containing certain unexpected ASN.1 constructs, as demonstrated using the NISSC test suite. cpe:/a:cisco:optical_networking_systems_software:3.0 cpe:/a:cisco:optical_networking_systems_software:3.1.0 cpe:/a:cisco:optical_networking_systems_software:3.2.0 cpe:/a:cisco:optical_networking_systems_software:3.3.0 cpe:/a:cisco:optical_networking_systems_software:3.4.0 cpe:/a:cisco:optical_networking_systems_software:4.0.0 cpe:/h:cisco:ons_15454_optical_transport_platform cpe:/o:cisco:ios:11.0 cpe:/o:cisco:ios:11.1 cpe:/o:cisco:ios:11.1aa cpe:/o:cisco:ios:11.1ca cpe:/o:cisco:ios:11.1cc cpe:/o:cisco:ios:11.2 cpe:/o:cisco:ios:11.2p cpe:/o:cisco:ios:11.2sa cpe:/o:cisco:ios:11.3 cpe:/o:cisco:ios:11.3t cpe:/o:cisco:ios:12.0 cpe:/o:cisco:ios:12.0da cpe:/o:cisco:ios:12.0db cpe:/o:cisco:ios:12.0dc cpe:/o:cisco:ios:12.0s cpe:/o:cisco:ios:12.0sc cpe:/o:cisco:ios:12.0sl cpe:/o:cisco:ios:12.0sp cpe:/o:cisco:ios:12.0st cpe:/o:cisco:ios:12.0sx cpe:/o:cisco:ios:12.0sy cpe:/o:cisco:ios:12.0sz cpe:/o:cisco:ios:12.0t cpe:/o:cisco:ios:12.0w5 cpe:/o:cisco:ios:12.0wc cpe:/o:cisco:ios:12.0wt cpe:/o:cisco:ios:12.0xa cpe:/o:cisco:ios:12.0xb cpe:/o:cisco:ios:12.0xc cpe:/o:cisco:ios:12.0xd cpe:/o:cisco:ios:12.0xe cpe:/o:cisco:ios:12.0xf cpe:/o:cisco:ios:12.0xg cpe:/o:cisco:ios:12.0xh cpe:/o:cisco:ios:12.0xi cpe:/o:cisco:ios:12.0xj cpe:/o:cisco:ios:12.0xk cpe:/o:cisco:ios:12.0xl cpe:/o:cisco:ios:12.0xm cpe:/o:cisco:ios:12.0xn cpe:/o:cisco:ios:12.0xp cpe:/o:cisco:ios:12.0xq cpe:/o:cisco:ios:12.0xr cpe:/o:cisco:ios:12.0xs cpe:/o:cisco:ios:12.0xu cpe:/o:cisco:ios:12.0xv cpe:/o:cisco:ios:12.0xw cpe:/o:cisco:ios:12.1 cpe:/o:cisco:ios:12.1aa cpe:/o:cisco:ios:12.1ax cpe:/o:cisco:ios:12.1ay cpe:/o:cisco:ios:12.1da cpe:/o:cisco:ios:12.1db cpe:/o:cisco:ios:12.1dc cpe:/o:cisco:ios:12.1e cpe:/o:cisco:ios:12.1ea cpe:/o:cisco:ios:12.1eb cpe:/o:cisco:ios:12.1ec cpe:/o:cisco:ios:12.1ev cpe:/o:cisco:ios:12.1ew cpe:/o:cisco:ios:12.1ex cpe:/o:cisco:ios:12.1ey cpe:/o:cisco:ios:12.1m cpe:/o:cisco:ios:12.1t cpe:/o:cisco:ios:12.1xa cpe:/o:cisco:ios:12.1xb cpe:/o:cisco:ios:12.1xc cpe:/o:cisco:ios:12.1xd cpe:/o:cisco:ios:12.1xe cpe:/o:cisco:ios:12.1xf cpe:/o:cisco:ios:12.1xg cpe:/o:cisco:ios:12.1xh cpe:/o:cisco:ios:12.1xi cpe:/o:cisco:ios:12.1xj cpe:/o:cisco:ios:12.1xk cpe:/o:cisco:ios:12.1xl cpe:/o:cisco:ios:12.1xm cpe:/o:cisco:ios:12.1xp cpe:/o:cisco:ios:12.1xq cpe:/o:cisco:ios:12.1xr cpe:/o:cisco:ios:12.1xs cpe:/o:cisco:ios:12.1xt cpe:/o:cisco:ios:12.1xu cpe:/o:cisco:ios:12.1xv cpe:/o:cisco:ios:12.1xw cpe:/o:cisco:ios:12.1xx cpe:/o:cisco:ios:12.1xy cpe:/o:cisco:ios:12.1xz cpe:/o:cisco:ios:12.1yb cpe:/o:cisco:ios:12.1yc cpe:/o:cisco:ios:12.1yd cpe:/o:cisco:ios:12.1ye cpe:/o:cisco:ios:12.1yf cpe:/o:cisco:ios:12.1yh cpe:/o:cisco:ios:12.1yi cpe:/o:cisco:ios:12.1yj cpe:/o:cisco:ios:12.2 cpe:/o:cisco:ios:12.2b cpe:/o:cisco:ios:12.2bc cpe:/o:cisco:ios:12.2bw cpe:/o:cisco:ios:12.2bx cpe:/o:cisco:ios:12.2bz cpe:/o:cisco:ios:12.2cx cpe:/o:cisco:ios:12.2cy cpe:/o:cisco:ios:12.2da cpe:/o:cisco:ios:12.2dd cpe:/o:cisco:ios:12.2dx cpe:/o:cisco:ios:12.2ja cpe:/o:cisco:ios:12.2mb cpe:/o:cisco:ios:12.2mc cpe:/o:cisco:ios:12.2mx cpe:/o:cisco:ios:12.2s cpe:/o:cisco:ios:12.2sx cpe:/o:cisco:ios:12.2sy cpe:/o:cisco:ios:12.2sz cpe:/o:cisco:ios:12.2t cpe:/o:cisco:ios:12.2xa cpe:/o:cisco:ios:12.2xb cpe:/o:cisco:ios:12.2xc cpe:/o:cisco:ios:12.2xd cpe:/o:cisco:ios:12.2xe cpe:/o:cisco:ios:12.2xf cpe:/o:cisco:ios:12.2xg cpe:/o:cisco:ios:12.2xh cpe:/o:cisco:ios:12.2xi cpe:/o:cisco:ios:12.2xj cpe:/o:cisco:ios:12.2xk cpe:/o:cisco:ios:12.2xl cpe:/o:cisco:ios:12.2xm cpe:/o:cisco:ios:12.2xn cpe:/o:cisco:ios:12.2xq cpe:/o:cisco:ios:12.2xr cpe:/o:cisco:ios:12.2xs cpe:/o:cisco:ios:12.2xt cpe:/o:cisco:ios:12.2xu cpe:/o:cisco:ios:12.2xw cpe:/o:cisco:ios:12.2ya cpe:/o:cisco:ios:12.2yb cpe:/o:cisco:ios:12.2yc cpe:/o:cisco:ios:12.2yd cpe:/o:cisco:ios:12.2yf cpe:/o:cisco:ios:12.2yg cpe:/o:cisco:ios:12.2yh cpe:/o:cisco:ios:12.2yj cpe:/o:cisco:ios:12.2yk cpe:/o:cisco:ios:12.2yl cpe:/o:cisco:ios:12.2ym cpe:/o:cisco:ios:12.2yn cpe:/o:cisco:ios:12.2yo cpe:/o:cisco:ios:12.2yp cpe:/o:cisco:ios:12.2yq cpe:/o:cisco:ios:12.2yr cpe:/o:cisco:ios:12.2ys cpe:/o:cisco:ios:12.2yt cpe:/o:cisco:ios:12.2yu cpe:/o:cisco:ios:12.2yv cpe:/o:cisco:ios:12.2yw cpe:/o:cisco:ios:12.2yx cpe:/o:cisco:ios:12.2yy cpe:/o:cisco:ios:12.2yz cpe:/o:cisco:ios:12.2za cpe:/o:cisco:ios:12.2zb cpe:/o:cisco:ios:12.2zc cpe:/o:cisco:ios:12.2zd cpe:/o:cisco:ios:12.2ze cpe:/o:cisco:ios:12.2zf cpe:/o:cisco:ios:12.2zg cpe:/o:cisco:ios:12.2zh cpe:/o:cisco:ios:12.2zj CVE-2003-0567 2003-08-18T00:00:00.000-04:00 2018-10-30T12:26:17.263-04:00 7.8 NETWORK LOW NONE NONE NONE COMPLETE http://nvd.nist.gov FULLDISC 20030718 (no subject) CERT CA-2003-15 CERT CA-2003-17 CISCO 20030717 IOS Interface Blocked by IPv4 Packet CERT-VN VU#411332 Cisco IOS 11.x and 12.0 through 12.2 allows remote attackers to cause a denial of service (traffic block) by sending a particular sequence of IPv4 packets to an interface on the device, causing the input queue on that interface to be marked as full. CVE-2003-0568 2017-05-11T10:29:00.853-04:00 2017-05-11T10:29:00.853-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. CVE-2003-0569 2017-05-11T10:29:00.887-04:00 2017-05-11T10:29:00.887-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. CVE-2003-0570 2017-05-11T10:29:00.900-04:00 2017-05-11T10:29:00.917-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. CVE-2003-0571 2017-05-11T10:29:00.933-04:00 2017-05-11T10:29:00.933-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. cpe:/o:sgi:irix:6.5.1 cpe:/o:sgi:irix:6.5.2 cpe:/o:sgi:irix:6.5.3 cpe:/o:sgi:irix:6.5.4 cpe:/o:sgi:irix:6.5.5 cpe:/o:sgi:irix:6.5.6 cpe:/o:sgi:irix:6.5.7 cpe:/o:sgi:irix:6.5.8 cpe:/o:sgi:irix:6.5.9 cpe:/o:sgi:irix:6.5.10 cpe:/o:sgi:irix:6.5.11 cpe:/o:sgi:irix:6.5.12 cpe:/o:sgi:irix:6.5.13 cpe:/o:sgi:irix:6.5.14 cpe:/o:sgi:irix:6.5.15f cpe:/o:sgi:irix:6.5.15m cpe:/o:sgi:irix:6.5.16f cpe:/o:sgi:irix:6.5.16m cpe:/o:sgi:irix:6.5.17f cpe:/o:sgi:irix:6.5.17m cpe:/o:sgi:irix:6.5.18f cpe:/o:sgi:irix:6.5.18m cpe:/o:sgi:irix:6.5.19f cpe:/o:sgi:irix:6.5.19m cpe:/o:sgi:irix:6.5.20f cpe:/o:sgi:irix:6.5.20m CVE-2003-0572 2003-08-18T00:00:00.000-04:00 2017-07-10T21:29:33.633-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SGI 20030701-01-P XF irix-nsd-map-dos(12635) Unknown vulnerability in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows attackers to cause a denial of service (memory consumption). cpe:/o:sgi:irix:6.5.1 cpe:/o:sgi:irix:6.5.2 cpe:/o:sgi:irix:6.5.3 cpe:/o:sgi:irix:6.5.4 cpe:/o:sgi:irix:6.5.5 cpe:/o:sgi:irix:6.5.6 cpe:/o:sgi:irix:6.5.7 cpe:/o:sgi:irix:6.5.8 cpe:/o:sgi:irix:6.5.9 cpe:/o:sgi:irix:6.5.10 cpe:/o:sgi:irix:6.5.11 cpe:/o:sgi:irix:6.5.12 cpe:/o:sgi:irix:6.5.13 cpe:/o:sgi:irix:6.5.14 cpe:/o:sgi:irix:6.5.15f cpe:/o:sgi:irix:6.5.15m cpe:/o:sgi:irix:6.5.16f cpe:/o:sgi:irix:6.5.16m cpe:/o:sgi:irix:6.5.17f cpe:/o:sgi:irix:6.5.17m cpe:/o:sgi:irix:6.5.18f cpe:/o:sgi:irix:6.5.18m cpe:/o:sgi:irix:6.5.19f cpe:/o:sgi:irix:6.5.19m cpe:/o:sgi:irix:6.5.20f cpe:/o:sgi:irix:6.5.20m CVE-2003-0573 2003-08-18T00:00:00.000-04:00 2008-09-05T16:34:40.533-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 SGI 20030701-01-P The DNS callbacks in nsd in SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, do not perform sufficient sanity checking, with unknown impact. cpe:/o:sgi:irix:6.5 cpe:/o:sgi:irix:6.5.1 cpe:/o:sgi:irix:6.5.2 cpe:/o:sgi:irix:6.5.3 cpe:/o:sgi:irix:6.5.4 cpe:/o:sgi:irix:6.5.5 cpe:/o:sgi:irix:6.5.6 cpe:/o:sgi:irix:6.5.7 cpe:/o:sgi:irix:6.5.8 cpe:/o:sgi:irix:6.5.9 cpe:/o:sgi:irix:6.5.10 cpe:/o:sgi:irix:6.5.11 cpe:/o:sgi:irix:6.5.12 cpe:/o:sgi:irix:6.5.13 cpe:/o:sgi:irix:6.5.14 cpe:/o:sgi:irix:6.5.15 cpe:/o:sgi:irix:6.5.16 cpe:/o:sgi:irix:6.5.17 cpe:/o:sgi:irix:6.5.18 cpe:/o:sgi:irix:6.5.19 cpe:/o:sgi:irix:6.5.20 CVE-2003-0574 2003-08-18T00:00:00.000-04:00 2008-09-10T15:19:42.383-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS SGI 20030702-01-P Unknown vulnerability in SGI IRIX 6.5.x through 6.5.20, and possibly earlier versions, allows local users to cause a core dump in scheme and possibly gain privileges via certain environment variables, a different vulnerability than CVE-2001-0797 and CVE-1999-0028. cpe:/o:sgi:irix:6.5 cpe:/o:sgi:irix:6.5.1 cpe:/o:sgi:irix:6.5.2 cpe:/o:sgi:irix:6.5.3 cpe:/o:sgi:irix:6.5.4 cpe:/o:sgi:irix:6.5.5 cpe:/o:sgi:irix:6.5.6 cpe:/o:sgi:irix:6.5.7 cpe:/o:sgi:irix:6.5.8 cpe:/o:sgi:irix:6.5.9 cpe:/o:sgi:irix:6.5.10 cpe:/o:sgi:irix:6.5.11 cpe:/o:sgi:irix:6.5.12 cpe:/o:sgi:irix:6.5.13 cpe:/o:sgi:irix:6.5.14 cpe:/o:sgi:irix:6.5.15 cpe:/o:sgi:irix:6.5.16 cpe:/o:sgi:irix:6.5.17 cpe:/o:sgi:irix:6.5.17f cpe:/o:sgi:irix:6.5.17m cpe:/o:sgi:irix:6.5.18 cpe:/o:sgi:irix:6.5.18f cpe:/o:sgi:irix:6.5.18m cpe:/o:sgi:irix:6.5.19 cpe:/o:sgi:irix:6.5.19f cpe:/o:sgi:irix:6.5.19m cpe:/o:sgi:irix:6.5.20 cpe:/o:sgi:irix:6.5.20f cpe:/o:sgi:irix:6.5.20m cpe:/o:sgi:irix:6.5.21 cpe:/o:sgi:irix:6.5.21f cpe:/o:sgi:irix:6.5.21m CVE-2003-0575 2003-08-27T00:00:00.000-04:00 2017-07-10T21:29:33.697-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SGI 20030704-01-P BUGTRAQ 20030730 [LSD] IRIX nsd remote buffer overflow vulnerability CIAC N-130 CERT-VN VU#682900 BID 8304 XF irix-authunix-nsd-bo(12763) Heap-based buffer overflow in the name services daemon (nsd) in SGI IRIX 6.5.x through 6.5.21f, and possibly earlier versions, allows attackers to gain root privileges via the AUTH_UNIX gid list. cpe:/o:sgi:irix:6.5 cpe:/o:sgi:irix:6.5.1 cpe:/o:sgi:irix:6.5.2 cpe:/o:sgi:irix:6.5.3 cpe:/o:sgi:irix:6.5.4 cpe:/o:sgi:irix:6.5.5 cpe:/o:sgi:irix:6.5.6 cpe:/o:sgi:irix:6.5.7 cpe:/o:sgi:irix:6.5.8 cpe:/o:sgi:irix:6.5.9 cpe:/o:sgi:irix:6.5.10 cpe:/o:sgi:irix:6.5.11 cpe:/o:sgi:irix:6.5.12 cpe:/o:sgi:irix:6.5.13 cpe:/o:sgi:irix:6.5.14 cpe:/o:sgi:irix:6.5.15 cpe:/o:sgi:irix:6.5.16 cpe:/o:sgi:irix:6.5.17f cpe:/o:sgi:irix:6.5.17m cpe:/o:sgi:irix:6.5.18f cpe:/o:sgi:irix:6.5.18m cpe:/o:sgi:irix:6.5.19f cpe:/o:sgi:irix:6.5.19m CVE-2003-0576 2003-08-27T00:00:00.000-04:00 2008-09-10T15:19:42.523-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 SGI 20030801-01-P SGI 20030801-02-P Unknown vulnerability in the NFS daemon (nfsd) in SGI IRIX 6.5.19f and earlier allows remote attackers to cause a denial of service (kernel panic) via certain packets that cause XDR decoding errors, a different vulnerability than CVE-2003-0619. cpe:/a:mpg123:mpg123:0.59r cpe:/a:mpg123:mpg123:pre0.59s CVE-2003-0577 2003-08-18T00:00:00.000-04:00 2008-09-10T15:19:42.633-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS SCO CSSA-2004-002.0 CONECTIVA CLA-2003:695 MANDRAKE MDKSA-2003:078 BUGTRAQ 20030116 Re[2]: Local/remote mpg123 exploit BID 6629 mpg123 0.59r allows remote attackers to cause a denial of service and possibly execute arbitrary code via an MP3 file with a zero bitrate, which creates a negative frame size. cpe:/a:ibm:u2_universe:10.0.0.9 CVE-2003-0578 2003-08-18T00:00:00.000-04:00 2016-10-17T22:35:29.253-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030716 SRT2003-07-07-0831 - IBM U2 UniVerse cci_dir creates hard links as root BUGTRAQ 20030716 SRT2003-07-07-0831 - IBM U2 UniVerse cci_dir creates hard links as root cci_dir in IBM U2 UniVerse 10.0.0.9 and earlier creates hard links and unlinks files as root, which allows local users to gain privileges by deleting and overwriting arbitrary files. cpe:/a:ibm:u2_universe:10.0.0.9 CVE-2003-0579 2003-08-18T00:00:00.000-04:00 2016-10-17T22:35:30.537-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030716 SRT2003-07-07-0833 - IBM U2 UniVerse users with uvadm rights can take root via uvadmsh BUGTRAQ 20030716 SRT2003-07-07-0833 - IBM U2 UniVerse users with uvadm rights can take root via uvadmsh uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier trusts the user-supplied -uv.install command line option to find and execute the uv.install program, which allows local users to gain privileges by providing a pathname that is under control of the user. cpe:/a:ibm:u2_universe:10.0.0.9 CVE-2003-0580 2003-08-18T00:00:00.000-04:00 2016-10-17T22:35:31.770-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20030716 SRT2003-07-08-1223 - IBM U2 UniVerse uvadm can take root via buffer overflows BUGTRAQ 20030716 SRT2003-07-08-1223 - IBM U2 UniVerse uvadm can take root via buffer overflows Buffer overflow in uvadmsh in IBM U2 UniVerse 10.0.0.9 and earlier allows the uvadm user to execute arbitrary code via a long -uv.install command line argument. cpe:/a:xfstt:xfstt:1.2.1 cpe:/a:xfstt:xfstt:1.4 CVE-2003-0581 2003-08-18T00:00:00.000-04:00 2016-10-17T22:35:33.317-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030714 xfstt-1.4 vulnerability DEBIAN DSA-360 X Fontserver for Truetype fonts (xfstt) 1.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a (1) FS_QueryXExtents8 or (2) FS_QueryXBitmaps8 packet, and possibly other types of packets, with a large num_ranges value, which causes an out-of-bounds array access. CVE-2003-0582 2003-12-31T00:00:00.000-05:00 2008-09-10T15:19:43.367-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0504. Reason: This candidate is a duplicate of CVE-2003-0504. Notes: All CVE users should reference CVE-2003-0504 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. cpe:/a:tolis_group:bru:17.0 CVE-2003-0583 2003-08-18T00:00:00.000-04:00 2016-10-17T22:35:34.520-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030716 SRT2003-07-16-0358 - bru has buffer overflow and format issues Buffer overflow in Backup and Restore Utility for Unix (BRU) 17.0 and earlier, when running setuid, allows local users to execute arbitrary code via a long command line argument. cpe:/a:tolis_group:bru:17.0 CVE-2003-0584 2003-08-18T00:00:00.000-04:00 2016-10-17T22:35:35.787-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030716 SRT2003-07-16-0358 - bru has buffer overflow and format issues Format string vulnerability in Backup and Restore Utility for Unix (BRU) 17.0 and earlier, when running setuid, allows local users to execute arbitrary code via format string specifiers in a command line argument. cpe:/a:brooky:estore:1.0.2b CVE-2003-0585 2003-08-18T00:00:00.000-04:00 2016-10-17T22:35:37.083-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030717 eStore SQL Injection Vulnerability & Path Disclosure SQL injection vulnerability in login.asp of Brooky eStore 1.0.1 through 1.0.2b allows remote attackers to bypass authentication and execute arbitrary SQL code via the (1) user or (2) pass parameters. cpe:/a:brooky:estore:1.0.2b CVE-2003-0586 2003-08-18T00:00:00.000-04:00 2016-10-17T22:35:38.223-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030717 eStore SQL Injection Vulnerability & Path Disclosure Brooky eStore 1.0.1 through 1.0.2b allows remote attackers to obtain sensitive path information via a direct HTTP request to settings.inc.php. cpe:/a:infopop:ultimate_bulletin_board:6 CVE-2003-0587 2003-08-18T00:00:00.000-04:00 2016-10-17T22:35:39.270-04:00 6.9 LOCAL MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030716 Changing UBB cookie allows account hijack Cross-site scripting (XSS) vulnerability in Infopop Ultimate Bulletin Board (UBB) 6.x allows remote authenticated users to execute arbitrary web script and gain administrative access via the "displayed name" attribute of the "ubber" cookie. cpe:/a:digi-fx:digi-news:1.1 CVE-2003-0588 2003-08-18T00:00:00.000-04:00 2016-10-17T22:35:40.410-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030716 Digi-news and Digi-ads version 1.1 admin access without password admin.php in Digi-news 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password. cpe:/a:digi-fx:digi-news:1.1 CVE-2003-0589 2003-08-18T00:00:00.000-04:00 2016-10-17T22:35:42.053-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030716 Digi-news and Digi-ads version 1.1 admin access without password admin.php in Digi-ads 1.1 allows remote attackers to bypass authentication via a cookie with the username set to the name of the administrator, which satisfies an improper condition in admin.php that does not require a correct password. cpe:/a:splatt:splatt_forum CVE-2003-0590 2003-08-18T00:00:00.000-04:00 2016-10-17T22:35:43.287-04:00 7.1 NETWORK MEDIUM NONE NONE COMPLETE NONE http://nvd.nist.gov BUGTRAQ 20030715 Splatt Forum html injection code in post icon MISC http://members.fortunecity.it/lethalman2002/bugs/splatt.html Cross-site scripting (XSS) vulnerability in Splatt Forum allows remote attackers to insert arbitrary HTML and web script via the post icon (image_subject) field. CVE-2003-0591 2003-08-27T00:00:00.000-04:00 2008-09-10T15:19:44.697-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is a duplicate number that was created during the refinement phase. Notes: All references and descriptions in this candidate have been removed to prevent accidental usage. cpe:/a:kde:konqueror:2.1.1 cpe:/a:kde:konqueror:2.2.2 cpe:/a:kde:konqueror:3.0 cpe:/a:kde:konqueror:3.0.1 cpe:/a:kde:konqueror:3.0.2 cpe:/a:kde:konqueror:3.0.3 cpe:/a:kde:konqueror:3.0.5 cpe:/a:kde:konqueror:3.1 cpe:/a:kde:konqueror:3.1.1 cpe:/a:kde:konqueror:3.1.2 cpe:/a:kde:konqueror_embedded:0.1 CVE-2003-0592 2004-04-15T00:00:00.000-04:00 2017-10-10T21:29:11.980-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20040310 Corsaire Security Advisory: Multiple vendor HTTP user agent cookie path traversal issue FULLDISC 20040310 Corsaire Security Advisory: Multiple vendor HTTP user agent cookie path traversal issue DEBIAN DSA-459 MANDRAKE MDKSA-2004:022 REDHAT RHSA-2004:074 Konqueror in KDE 3.1.3 and earlier (kdelibs) allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Konqueror to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. cpe:/a:opera_software:opera_web_browser:5.0::linux cpe:/a:opera_software:opera_web_browser:5.0::mac cpe:/a:opera_software:opera_web_browser:5.0.2::win32 cpe:/a:opera_software:opera_web_browser:5.1.0::win32 cpe:/a:opera_software:opera_web_browser:5.1.1::win32 cpe:/a:opera_software:opera_web_browser:5.12 cpe:/a:opera_software:opera_web_browser:5.12::win32 cpe:/a:opera_software:opera_web_browser:6.0 cpe:/a:opera_software:opera_web_browser:6.0::win32 cpe:/a:opera_software:opera_web_browser:6.0.1 cpe:/a:opera_software:opera_web_browser:6.0.1::linux cpe:/a:opera_software:opera_web_browser:6.0.1::win32 cpe:/a:opera_software:opera_web_browser:6.0.2::linux cpe:/a:opera_software:opera_web_browser:6.0.2::win32 cpe:/a:opera_software:opera_web_browser:6.0.3::linux cpe:/a:opera_software:opera_web_browser:6.0.3::win32 cpe:/a:opera_software:opera_web_browser:6.0.4::win32 cpe:/a:opera_software:opera_web_browser:6.0.5::win32 cpe:/a:opera_software:opera_web_browser:6.0.6 cpe:/a:opera_software:opera_web_browser:6.0.6::win32 cpe:/a:opera_software:opera_web_browser:6.10::linux cpe:/a:opera_software:opera_web_browser:7.0::win32 cpe:/a:opera_software:opera_web_browser:7.0.1::win32 cpe:/a:opera_software:opera_web_browser:7.0.2::win32 cpe:/a:opera_software:opera_web_browser:7.0.3::win32 cpe:/a:opera_software:opera_web_browser:7.0_beta1::win32 cpe:/a:opera_software:opera_web_browser:7.0_beta2::win32 cpe:/a:opera_software:opera_web_browser:7.10 cpe:/a:opera_software:opera_web_browser:7.11 cpe:/a:opera_software:opera_web_browser:7.11b cpe:/a:opera_software:opera_web_browser:7.11j cpe:/a:opera_software:opera_web_browser:7.20 cpe:/a:opera_software:opera_web_browser:7.20_beta1_build2981 cpe:/a:opera_software:opera_web_browser:7.21 cpe:/a:opera_software:opera_web_browser:7.22 cpe:/a:opera_software:opera_web_browser:7.23 CVE-2003-0593 2004-04-15T00:00:00.000-04:00 2008-09-05T16:34:43.907-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS VULNWATCH 20040310 Corsaire Security Advisory: Multiple vendor HTTP user agent cookie path traversal issue FULLDISC 20040310 Corsaire Security Advisory: Multiple vendor HTTP user agent cookie path traversal issue Opera allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Opera to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. cpe:/a:mozilla:mozilla:1.0 cpe:/a:mozilla:mozilla:1.0:rc1 cpe:/a:mozilla:mozilla:1.0:rc2 cpe:/a:mozilla:mozilla:1.0.1 cpe:/a:mozilla:mozilla:1.0.2 cpe:/a:mozilla:mozilla:1.1 cpe:/a:mozilla:mozilla:1.1:alpha cpe:/a:mozilla:mozilla:1.1:beta cpe:/a:mozilla:mozilla:1.2 cpe:/a:mozilla:mozilla:1.2:alpha cpe:/a:mozilla:mozilla:1.2:beta cpe:/a:mozilla:mozilla:1.2.1 cpe:/a:mozilla:mozilla:1.3 cpe:/a:mozilla:mozilla:1.3.1 cpe:/a:mozilla:mozilla:1.4 cpe:/a:mozilla:mozilla:1.4.1 cpe:/a:mozilla:mozilla:1.4.2 CVE-2003-0594 2004-04-15T00:00:00.000-04:00 2017-10-10T21:29:12.057-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20040310 Corsaire Security Advisory: Multiple vendor HTTP user agent cookie path traversal issue FULLDISC 20040310 Corsaire Security Advisory: Multiple vendor HTTP user agent cookie path traversal issue MANDRAKE MDKSA-2004:021 REDHAT RHSA-2004:112 Mozilla allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Mozilla to send the cookie outside the specified URL subsets, e.g. to a vulnerable application that runs on the same server as the target application. cpe:/a:witango:tango_server:2000 cpe:/a:witango:witango_server:5.0.1.061 CVE-2003-0595 2003-08-27T00:00:00.000-04:00 2008-09-10T15:19:45.913-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS VULNWATCH 20030718 Witango & Tango 2000 Application Server Remote System Buffer Overrun Buffer overflow in WiTango Application Server and Tango 2000 allows remote attackers to execute arbitrary code via a long cookie to Witango_UserReference. cpe:/a:fdclone:fdclone:2.00a CVE-2003-0596 2003-08-27T00:00:00.000-04:00 2016-12-07T21:59:24.800-05:00 3.6 LOCAL LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=186219 DEBIAN DSA-352 FDclone 2.00a, and other versions before 2.02a, creates temporary directories with predictable names and uses them if they already exist, which allows local users to read or modify files of other fdclone users by creating the directory ahead of time. cpe:/o:sco:openserver:5.0.6 cpe:/o:sco:openserver:5.0.7 CVE-2003-0597 2003-08-27T00:00:00.000-04:00 2016-10-17T22:35:45.630-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SCO CSSA-2003-SCO-11 Unknown vulnerability in display of Merge before 5.3.23a in UnixWare 7.1.x allows local users to gain root privileges. CVE-2003-0598 2003-08-27T00:00:00.000-04:00 2008-09-10T15:19:46.477-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0657. Reason: This candidate is a reservation duplicate of CVE-2003-0657. Notes: All CVE users should reference CVE-2003-0657 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. cpe:/a:phpgroupware:phpgroupware:0.9.14.004 cpe:/a:phpgroupware:phpgroupware:0.9.16prerc CVE-2003-0599 2003-08-27T00:00:00.000-04:00 2008-09-05T16:34:44.893-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CONFIRM http://mail.gnu.org/archive/html/phpgroupware-users/2003-07/msg00035.html DEBIAN DSA-365 CONFIRM http://www.phpgroupware.org Unknown vulnerability in the Virtual File System (VFS) capability for phpGroupWare 0.9.16preRC and versions before 0.9.14.004 with unknown implications, related to the VFS path being under the web document root. cpe:/o:apple:mac_os_x_server:10.2 cpe:/o:apple:mac_os_x_server:10.2.1 cpe:/o:apple:mac_os_x_server:10.2.2 cpe:/o:apple:mac_os_x_server:10.2.3 cpe:/o:apple:mac_os_x_server:10.2.4 cpe:/o:apple:mac_os_x_server:10.2.5 cpe:/o:apple:mac_os_x_server:10.2.6 CVE-2003-0601 2004-03-29T00:00:00.000-05:00 2017-07-10T21:29:33.760-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONFIRM http://docs.info.apple.com/article.html?artnum=25631 BID 8266 XF macos-workgroup-gain-access(12728) Workgroup Manager in Apple Mac OS X Server 10.2 through 10.2.6 does not disable a password for a new account before it is saved for the first time, which allows remote attackers to gain unauthorized access via the new account before it is saved. cpe:/a:mozilla:bugzilla:2.16 cpe:/a:mozilla:bugzilla:2.16.1 cpe:/a:mozilla:bugzilla:2.16.2 cpe:/a:mozilla:bugzilla:2.17 cpe:/a:mozilla:bugzilla:2.17.1 cpe:/a:mozilla:bugzilla:2.17.3 CVE-2003-0602 2003-08-27T00:00:00.000-04:00 2008-09-05T16:34:45.220-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS CONECTIVA CLA-2003:653 CONFIRM http://www.bugzilla.org/security/2.16.2/ BID 6861 BID 6868 Multiple cross-site scripting vulnerabilities (XSS) in Bugzilla 2.16.x before 2.16.3 and 2.17.x before 2.17.4 allow remote attackers to insert arbitrary HTML or web script via (1) multiple default German and Russian HTML templates or (2) ALT and NAME attributes in AREA tags as used by the GraphViz graph generation feature for local dependency graphs. cpe:/a:mozilla:bugzilla:2.10 cpe:/a:mozilla:bugzilla:2.12 cpe:/a:mozilla:bugzilla:2.14 cpe:/a:mozilla:bugzilla:2.14.1 cpe:/a:mozilla:bugzilla:2.14.2 cpe:/a:mozilla:bugzilla:2.14.3 cpe:/a:mozilla:bugzilla:2.14.4 cpe:/a:mozilla:bugzilla:2.14.5 cpe:/a:mozilla:bugzilla:2.16 cpe:/a:mozilla:bugzilla:2.16.1 cpe:/a:mozilla:bugzilla:2.16.2 cpe:/a:mozilla:bugzilla:2.17 cpe:/a:mozilla:bugzilla:2.17.1 cpe:/a:mozilla:bugzilla:2.17.3 CVE-2003-0603 2003-08-27T00:00:00.000-04:00 2008-09-05T16:34:45.377-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CONECTIVA CLA-2003:653 CONFIRM http://www.bugzilla.org/security/2.16.2/ BID 7412 Bugzilla 2.16.x before 2.16.3, 2.17.x before 2.17.4, and earlier versions allows local users to overwrite arbitrary files via a symlink attack on temporary files that are created in directories with group-writable or world-writable permissions. cpe:/a:microsoft:windows_media_player:7 cpe:/a:microsoft:windows_media_player:8 CVE-2003-0604 2003-08-27T00:00:00.000-04:00 2018-08-13T17:47:19.353-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030723 Drivial Pursuit: Internet Explorer Browser & Your Files and Folders ! BUGTRAQ 20030723 Re: Drivial Pursuit: Internet Explorer Browser & Your Files and Folders ! NTBUGTRAQ 20030723 Drivial Pursuit: Internet Explorer Browser & Your Files and Folders ! NTBUGTRAQ 20030723 Re: Drivial Pursuit: Internet Explorer Browser & Your Files and Folders ! MISC http://www.malware.com/once.again!.html MISC http://www.pivx.com/larholm/unpatched/ Windows Media Player (WMP) 7 and 8, as running on Internet Explorer and possibly other Microsoft products that process HTML, allows remote attackers to bypass zone restrictions and access or execute arbitrary files via an IFRAME tag pointing to an ASF file whose Content-location contains a File:// URL. cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2000::sp1 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 cpe:/o:microsoft:windows_2000::sp4 CVE-2003-0605 2003-08-27T00:00:00.000-04:00 2019-04-30T10:27:13.913-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS FULLDISC 20030721 Microsoft Windows 2000 RPC DCOM Interface DOS AND Privilege Escalation Vulnerability BUGTRAQ 20030720 Microsoft Windows 2000 RPC DCOM Interface DOS AND Privilege Escalation Vulnerability CERT CA-2003-19 CERT CA-2003-23 CERT-VN VU#326746 MS MS03-039 The RPC DCOM interface in Windows 2000 SP3 and SP4 allows remote attackers to cause a denial of service (crash), and local attackers to use the DoS to hijack the epmapper pipe to gain privileges, via certain messages to the __RemoteGetClassObject interface that cause a NULL pointer to be passed to the PerformScmStage function. cpe:/a:cvsup:cvsup-mirror:1.2 cpe:/a:sup:sup:1.8 CVE-2003-0606 2003-08-27T00:00:00.000-04:00 2008-09-10T15:19:49.307-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS DEBIAN DSA-353 sup 1.8 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files. cpe:/a:stanley_t._shebs:xconq:7.4.1 CVE-2003-0607 2004-03-29T00:00:00.000-05:00 2017-07-10T21:29:33.823-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS DEBIAN DSA-354 BID 8307 XF xconq-user-display-bo(12765) Buffer overflow in xconq 7.4.1 allows local users to become part of the "games" group via the (1) USER or (2) DISPLAY environment variables. cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0::x86 cpe:/o:sun:sunos:- cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-0609 2003-08-27T00:00:00.000-04:00 2018-10-30T12:26:22.763-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030729 Solaris ld.so.1 buffer overflow SUNALERT 55680 IDEFENSE 20030729 Buffer Overflow in Sun Solaris Runtime Linker XF sun-ldso1-ldpreload-bo(12755) Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable. cpe:/a:mcafee:epolicy_orchestrator:3.0 CVE-2003-0610 2003-08-27T00:00:00.000-04:00 2008-09-10T15:19:49.523-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CONFIRM http://www.nai.com/us/promos/mcafee/epo_vulnerabilities.asp Directory traversal vulnerability in ePO agent for McAfee ePolicy Orchestrator 3.0 allows remote attackers to read arbitrary files via a certain HTTP request. cpe:/a:xtokkaetama:xtokkaetama:1.0_b6 CVE-2003-0611 2003-08-27T00:00:00.000-04:00 2008-09-05T16:34:46.563-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS DEBIAN DSA-356 BID 8312 Multiple buffer overflows in xtokkaetama 1.0 allow local users to gain privileges via a long (1) -display command line argument or (2) XTOKKAETAMADIR environment variable. cpe:/a:robert_hyatt:crafty:19.3 CVE-2003-0612 2004-03-29T00:00:00.000-05:00 2017-07-10T21:29:33.947-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=203541 CONFIRM http://packages.debian.org/changelogs/pool/non-free/c/crafty/crafty_19.15-1/changelog.txt SECTRACK 1009393 SECTRACK 1009398 BUGTRAQ 20040315 Crafty Game Stack Overflow & Exploit BID 9893 XF crafty-long-argument-bo(13017) XF crafty-command-line-bo(15501) Multiple buffer overflows in main.c for Crafty 19.3 allow local users to gain group "games" privileges via long command line arguments to crafty.bin. cpe:/a:zblast:zblast:1.2.1 CVE-2003-0613 2003-08-27T00:00:00.000-04:00 2008-09-10T15:19:51.070-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS DEBIAN DSA-369 Buffer overflow in zblast-svgalib of zblast 1.2.1 and earlier allows local users to execute arbitrary code via the high score file. cpe:/a:gallery_project:gallery:1.1 cpe:/a:gallery_project:gallery:1.2 cpe:/a:gallery_project:gallery:1.2.1 cpe:/a:gallery_project:gallery:1.2.1_p1 cpe:/a:gallery_project:gallery:1.2.2 cpe:/a:gallery_project:gallery:1.2.3 cpe:/a:gallery_project:gallery:1.2.4 cpe:/a:gallery_project:gallery:1.2.5 cpe:/a:gallery_project:gallery:1.3 cpe:/a:gallery_project:gallery:1.3.1 cpe:/a:gallery_project:gallery:1.3.2 cpe:/a:gallery_project:gallery:1.3.3 cpe:/a:gallery_project:gallery:1.3.4 CVE-2003-0614 2003-08-27T00:00:00.000-04:00 2018-10-19T11:29:36.510-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov CONFIRM http://gallery.menalto.com/modules.php?op=modload&name=News&file=article&sid=82&mode=thread&order=0&thold=0 BUGTRAQ 20030902 GLSA: gallery (200309-06) DEBIAN DSA-355 BUGTRAQ 20030727 Gallery XSS security advisory (with fix and patch instructions) BUGTRAQ 20040101 Re: Gallery v1.3.3 Cross Site Scripting Vulnerabillity Cross-site scripting (XSS) vulnerability in search.php of Gallery 1.1 through 1.3.4 allows remote attackers to insert arbitrary web script via the searchstring parameter. cpe:/a:cgi.pm:cgi.pm:2.73 cpe:/a:cgi.pm:cgi.pm:2.74 cpe:/a:cgi.pm:cgi.pm:2.75 cpe:/a:cgi.pm:cgi.pm:2.76 cpe:/a:cgi.pm:cgi.pm:2.78 cpe:/a:cgi.pm:cgi.pm:2.79 cpe:/a:cgi.pm:cgi.pm:2.93 cpe:/a:cgi.pm:cgi.pm:2.751 cpe:/a:cgi.pm:cgi.pm:2.753 cpe:/a:openpkg:openpkg:1.2 cpe:/a:openpkg:openpkg:1.3 cpe:/a:openpkg:openpkg:current cpe:/o:debian:debian_linux:3.0::alpha cpe:/o:debian:debian_linux:3.0::arm cpe:/o:debian:debian_linux:3.0::hppa cpe:/o:debian:debian_linux:3.0::ia-32 cpe:/o:debian:debian_linux:3.0::ia-64 cpe:/o:debian:debian_linux:3.0::m68k cpe:/o:debian:debian_linux:3.0::mips cpe:/o:debian:debian_linux:3.0::mipsel cpe:/o:debian:debian_linux:3.0::ppc cpe:/o:debian:debian_linux:3.0::s-390 cpe:/o:debian:debian_linux:3.0::sparc CVE-2003-0615 2003-08-27T00:00:00.000-04:00 2018-05-02T21:29:21.507-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov CONECTIVA CLA-2003:713 BUGTRAQ 20030720 CGI.pm vulnerable to Cross-site Scripting BUGTRAQ 20030806 [OpenPKG-SA-2003.036] OpenPKG Security Advisory (perl-www) FULLDISC 20030720 CGI.pm vulnerable to Cross-site Scripting. SECTRACK 1007234 SUNALERT 101426 CIAC N-155 DEBIAN DSA-371 CERT-VN VU#246409 REDHAT RHSA-2003:256 BID 8231 MANDRAKE MDKSA-2003:084 XF cgi-startform-xss(12669) Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter. cpe:/a:mcafee:epolicy_orchestrator:2.0 cpe:/a:mcafee:epolicy_orchestrator:2.5 cpe:/a:mcafee:epolicy_orchestrator:2.5:sp1 cpe:/a:mcafee:epolicy_orchestrator:2.5.1 CVE-2003-0616 2003-08-27T00:00:00.000-04:00 2013-07-23T01:04:36.740-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS ATSTAKE A073103-1 CONFIRM http://www.nai.com/us/promos/mcafee/epo_vulnerabilities.asp Format string vulnerability in ePO service for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request with format strings in the computerlist parameter, which are used when logging a failed name resolution. cpe:/a:hugo_rabson:mindi:0.58_r5 CVE-2003-0617 2003-08-27T00:00:00.000-04:00 2016-10-17T22:35:53.117-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030902 GLSA: mindi (200309-05) DEBIAN DSA-362 mindi 0.58 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files. cpe:/a:perl:suidperl cpe:/o:debian:debian_linux:3.0 CVE-2003-0618 2004-05-04T00:00:00.000-04:00 2017-07-10T21:29:34.087-04:00 2.1 LOCAL LOW NONE PARTIAL NONE NONE http://nvd.nist.gov CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=203426 DEBIAN DSA-431 BID 9543 XF suidperl-obtain-information(15012) Multiple vulnerabilities in suidperl 5.6.1 and earlier allow a local user to obtain sensitive information about files for which the user does not have appropriate permissions. cpe:/o:linux:linux_kernel:2.4.21 CVE-2003-0619 2003-08-27T00:00:00.000-04:00 2017-10-10T21:29:12.277-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030729 Remote Linux Kernel < 2.4.21 DoS in XDR routine. DEBIAN DSA-358 REDHAT RHSA-2003:198 REDHAT RHSA-2003:239 Integer signedness error in the decode_fh function of nfs3xdr.c in Linux kernel before 2.4.21 allows remote attackers to cause a denial of service (kernel panic) via a negative size value within XDR data of an NFSv3 procedure call. cpe:/a:andries_brouwer:man:2.3.18 cpe:/a:andries_brouwer:man:2.3.19 cpe:/a:andries_brouwer:man:2.3.20 cpe:/a:andries_brouwer:man:2.4 cpe:/a:andries_brouwer:man:2.4.1 CVE-2003-0620 2003-08-27T00:00:00.000-04:00 2016-10-17T22:35:55.430-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030729 man-db[] multiple(4) vulnerabilities. BUGTRAQ 20030730 Re: man-db[] multiple(4) vulnerabilities. DEBIAN DSA-364 Multiple buffer overflows in man-db 2.4.1 and earlier, when installed setuid, allow local users to gain privileges via (1) MANDATORY_MANPATH, MANPATH_MAP, and MANDB_MAP arguments to add_to_dirlist in manp.c, (2) a long pathname to ult_src in ult_src.c, (3) a long .so argument to test_for_include in ult_src.c, (4) a long MANPATH environment variable, or (5) a long PATH environment variable. cpe:/a:bea:tuxedo:6.3 cpe:/a:bea:tuxedo:6.4 cpe:/a:bea:tuxedo:6.5 cpe:/a:bea:tuxedo:7.1 cpe:/a:bea:tuxedo:8.0 cpe:/a:bea:tuxedo:8.1 cpe:/a:bea:weblogic_server:4.2::enterprise cpe:/a:bea:weblogic_server:5.0.1::enterprise cpe:/a:bea:weblogic_server:5.1::enterprise CVE-2003-0621 2003-12-01T00:00:00.000-05:00 2017-07-10T21:29:34.133-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov CONFIRM http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/advisory03_38_00.jsp BUGTRAQ 20031031 Corsaire Security Advisory: BEA Tuxedo Administration CGI multiple argument issues BID 8931 XF bea-tuxedo-file-disclosure(13559) The Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to determine the existence of files outside the web root via modified paths in the INIFILE argument. cpe:/a:bea:tuxedo:6.3 cpe:/a:bea:tuxedo:6.4 cpe:/a:bea:tuxedo:6.5 cpe:/a:bea:tuxedo:7.1 cpe:/a:bea:tuxedo:8.0 cpe:/a:bea:tuxedo:8.1 cpe:/a:bea:weblogic_server:4.2::enterprise cpe:/a:bea:weblogic_server:5.0.1::enterprise cpe:/a:bea:weblogic_server:5.1::enterprise CVE-2003-0622 2003-12-01T00:00:00.000-05:00 2017-07-10T21:29:34.197-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONFIRM http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/advisory03_38_00.jsp BUGTRAQ 20031031 Corsaire Security Advisory: BEA Tuxedo Administration CGI multiple argument issues BID 8931 XF bea-tuxedo-device-dos(13560) The Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to cause a denial of service (hang) via pathname arguments that contain MS-DOS device names such as CON and AUX. cpe:/a:bea:tuxedo:6.3 cpe:/a:bea:tuxedo:6.4 cpe:/a:bea:tuxedo:6.5 cpe:/a:bea:tuxedo:7.1 cpe:/a:bea:tuxedo:8.0 cpe:/a:bea:tuxedo:8.1 cpe:/a:bea:weblogic_server:4.2::enterprise cpe:/a:bea:weblogic_server:5.0.1::enterprise cpe:/a:bea:weblogic_server:5.1::enterprise CVE-2003-0623 2003-12-01T00:00:00.000-05:00 2017-07-10T21:29:34.243-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov CONFIRM http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/advisory03_38_00.jsp BUGTRAQ 20031031 Corsaire Security Advisory: BEA Tuxedo Administration CGI multiple argument issues BID 8931 XF bea-tuxedo-filename-xss(13561) Cross-site scripting (XSS) vulnerability in the Administration Console for BEA Tuxedo 8.1 and earlier allows remote attackers to inject arbitrary web script via the INIFILE argument. cpe:/a:bea:weblogic_server:3.1.8 cpe:/a:bea:weblogic_server:8.1 CVE-2003-0624 2003-12-01T00:00:00.000-05:00 2017-07-10T21:29:34.307-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov MISC http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/SA_BEA03_36.00.jsp BUGTRAQ 20031031 Corsaire Security Advisory: BEA WebLogic example InteractiveQuery.jsp XSS issue BID 8938 XF bea-weblogic-interactivequery-xss(13568) Cross-site scripting (XSS) vulnerability in InteractiveQuery.jsp for BEA WebLogic 8.1 and earlier allows remote attackers to inject malicious web script via the person parameter. cpe:/a:xfstt:xfstt:1.2.1 cpe:/a:xfstt:xfstt:1.4 CVE-2003-0625 2003-08-27T00:00:00.000-04:00 2016-10-17T22:36:02.540-04:00 6.4 NETWORK LOW NONE PARTIAL NONE PARTIAL http://nvd.nist.gov CONFIRM http://developer.berlios.de/forum/forum.php?forum_id=2819 BUGTRAQ 20030727 [PAPER]: Address relay fingerprinting. DEBIAN DSA-360 BID 8255 Off-by-one error in certain versions of xfstt allows remote attackers to read potentially sensitive memory via a malformed client request in the connection handshake, which leaks the memory in the server's response. cpe:/a:peoplesoft:peopletools:8.4 cpe:/a:peoplesoft:peopletools:8.10 cpe:/a:peoplesoft:peopletools:8.11 cpe:/a:peoplesoft:peopletools:8.12 cpe:/a:peoplesoft:peopletools:8.13 cpe:/a:peoplesoft:peopletools:8.14 cpe:/a:peoplesoft:peopletools:8.15 cpe:/a:peoplesoft:peopletools:8.16 cpe:/a:peoplesoft:peopletools:8.17 cpe:/a:peoplesoft:peopletools:8.18 cpe:/a:peoplesoft:peopletools:8.19 cpe:/a:peoplesoft:peopletools:8.20 cpe:/a:peoplesoft:peopletools:8.40 cpe:/a:peoplesoft:peopletools:8.41 cpe:/a:peoplesoft:peopletools:8.42 cpe:/a:peoplesoft:peopletools:8.43 CVE-2003-0626 2003-11-13T00:00:00.000-05:00 2017-07-10T21:29:34.367-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov VULNWATCH 20031113 Corsaire Security Advisory: PeopleSoft PeopleBooks Search CGI multiple argument issues FULLDISC 20031103 Corsaire Security Advisory: PeopleSoft PeopleBooks Search CGI multiple argument issues AUSCERT ESB-2003.0786 BID 9037 XF peoplesoft-searchcgi-directory-traversal(13754) psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote attackers to read arbitrary files via the (1) headername or (2) footername arguments. cpe:/a:peoplesoft:peopletools:8.40 cpe:/a:peoplesoft:peopletools:8.41 cpe:/a:peoplesoft:peopletools:8.42 cpe:/a:peoplesoft:peopletools:8.43 CVE-2003-0627 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:34.430-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov VULNWATCH 20031113 Corsaire Security Advisory: PeopleSoft PeopleBooks Search CGI multiple argument issues FULLDISC 20031103 Corsaire Security Advisory: PeopleSoft PeopleBooks Search CGI multiple argument issues BID 9038 XF peoplesoft-searchcgi-directory-traversal(13754) psdoccgi.exe in PeopleSoft PeopleTools 8.4 through 8.43 allows remote attackers to cause a denial of service (application crash), possibly via the headername and footername arguments. cpe:/a:peoplesoft:peopletools:8.4 cpe:/a:peoplesoft:peopletools:8.10 cpe:/a:peoplesoft:peopletools:8.11 cpe:/a:peoplesoft:peopletools:8.12 cpe:/a:peoplesoft:peopletools:8.13 cpe:/a:peoplesoft:peopletools:8.14 cpe:/a:peoplesoft:peopletools:8.15 cpe:/a:peoplesoft:peopletools:8.16 cpe:/a:peoplesoft:peopletools:8.17 cpe:/a:peoplesoft:peopletools:8.18 cpe:/a:peoplesoft:peopletools:8.19 cpe:/a:peoplesoft:peopletools:8.20 cpe:/a:peoplesoft:peopletools:8.40 cpe:/a:peoplesoft:peopletools:8.41 cpe:/a:peoplesoft:peopletools:8.42 cpe:/a:peoplesoft:peopletools:8.43 CVE-2003-0628 2003-12-15T00:00:00.000-05:00 2016-10-17T22:36:03.820-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20031113 Corsaire Security Advisory: PeopleSoft Gateway Administration servlet path disclosure issue PeopleSoft Gateway Administration servlet (gateway.administration) in PeopleTools 8.43 and earlier allows remote attackers to obtain the full pathnames for server-side include (SSI) files via an HTTP request with an invalid value. cpe:/a:peoplesoft:peopletools:8.4 cpe:/a:peoplesoft:peopletools:8.10 cpe:/a:peoplesoft:peopletools:8.11 cpe:/a:peoplesoft:peopletools:8.12 cpe:/a:peoplesoft:peopletools:8.13 cpe:/a:peoplesoft:peopletools:8.14 cpe:/a:peoplesoft:peopletools:8.15 cpe:/a:peoplesoft:peopletools:8.16 cpe:/a:peoplesoft:peopletools:8.17 cpe:/a:peoplesoft:peopletools:8.18 cpe:/a:peoplesoft:peopletools:8.19 cpe:/a:peoplesoft:peopletools:8.20 cpe:/a:peoplesoft:peopletools:8.40 cpe:/a:peoplesoft:peopletools:8.41 cpe:/a:peoplesoft:peopletools:8.42 cpe:/a:peoplesoft:peopletools:8.43 CVE-2003-0629 2003-12-15T00:00:00.000-05:00 2016-10-17T22:36:04.900-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20031113 Corsaire Security Advisory: PeopleSoft Gateway Administration servlet path disclosure issue Cross-site scripting (XSS) vulnerability in PeopleSoft IScript environment for PeopleTools 8.43 and earlier allows remote attackers to insert arbitrary web script via a certain HTTP request to IScript. cpe:/o:atari800:atari800:1.0.1 cpe:/o:atari800:atari800:1.0.2 cpe:/o:atari800:atari800:1.0.3 cpe:/o:atari800:atari800:1.0.4 cpe:/o:atari800:atari800:1.0.5 cpe:/o:atari800:atari800:1.0.6 cpe:/o:atari800:atari800:1.0.7 cpe:/o:atari800:atari800:1.2 cpe:/o:atari800:atari800:1.2.1 cpe:/o:atari800:atari800:1.2.1_pre0 cpe:/o:atari800:atari800:1.2.2 CVE-2003-0630 2003-10-20T00:00:00.000-04:00 2016-10-17T22:36:06.197-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030902 GLSA: atari800 (200309-07) DEBIAN DSA-359 Multiple buffer overflows in the atari800.svgalib setuid program of the Atari 800 emulator (atari800) before 1.2.2 allow local users to gain privileges via long command line arguments, as demonstrated with the -osa_rom argument. cpe:/a:vmware:gsx_server:2.5.1 cpe:/a:vmware:workstation:4.0 CVE-2003-0631 2003-08-27T00:00:00.000-04:00 2016-10-17T22:36:07.430-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030723 VMware GSX Server 2.5.1 / Workstation 4.0 (for Linux systems) CONFIRM http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=1039 VMware GSX Server 2.5.1 build 4968 and earlier, and Workstation 4.0 and earlier, allows local users to gain root privileges via certain enivronment variables that are used when launching a virtual machine session. cpe:/a:oracle:applications:10.7 cpe:/a:oracle:applications:11.0 cpe:/a:oracle:e-business_suite:11.1 cpe:/a:oracle:e-business_suite:11.2 cpe:/a:oracle:e-business_suite:11.3 cpe:/a:oracle:e-business_suite:11.4 cpe:/a:oracle:e-business_suite:11.5 cpe:/a:oracle:e-business_suite:11.6 cpe:/a:oracle:e-business_suite:11.7 cpe:/a:oracle:e-business_suite:11.8 CVE-2003-0632 2003-08-27T00:00:00.000-04:00 2016-10-17T22:36:09.103-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030724 Integrigy Security Alert - Oracle E-Business Suite FNDWRR Buffer Overflow CONFIRM http://otn.oracle.com/deploy/security/pdf/2003alert56.pdf Buffer overflow in the Oracle Applications Web Report Review (FNDWRR) CGI program (FNDWRR.exe) of Oracle E-Business Suite 11.0 and 11.5.1 through 11.5.8 may allow remote attackers to execute arbitrary code via a long URL. cpe:/a:oracle:applications:10.7 cpe:/a:oracle:applications:11.0 cpe:/a:oracle:e-business_suite:11.1 cpe:/a:oracle:e-business_suite:11.2 cpe:/a:oracle:e-business_suite:11.3 cpe:/a:oracle:e-business_suite:11.4 cpe:/a:oracle:e-business_suite:11.5 cpe:/a:oracle:e-business_suite:11.6 cpe:/a:oracle:e-business_suite:11.7 cpe:/a:oracle:e-business_suite:11.8 CVE-2003-0633 2003-08-27T00:00:00.000-04:00 2016-10-17T22:36:10.243-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030724 Integrigy Security Alert - Oracle E-Business Suite AOL/J Setup Test Information Disclosure CONFIRM http://otn.oracle.com/deploy/security/pdf/2003alert55.pdf BID 8268 Multiple vulnerabilities in aoljtest.jsp of Oracle Applications AOL/J Setup Test Suite in Oracle E-Business Suite 11.5.1 through 11.5.8 allow a remote attacker to obtain sensitive information without authentication, such as the GUEST user password and the application server security key. cpe:/a:oracle:oracle8i:enterprise_8.1.5_.0.0 cpe:/a:oracle:oracle8i:enterprise_8.1.5_.0.2 cpe:/a:oracle:oracle8i:enterprise_8.1.5_.1.0 cpe:/a:oracle:oracle8i:enterprise_8.1.6_.0.0 cpe:/a:oracle:oracle8i:enterprise_8.1.6_.1.0 cpe:/a:oracle:oracle8i:enterprise_8.1.7_.0.0 cpe:/a:oracle:oracle8i:enterprise_8.1.7_.1.0 cpe:/a:oracle:oracle8i:standard_8.1.5 cpe:/a:oracle:oracle8i:standard_8.1.6 cpe:/a:oracle:oracle8i:standard_8.1.7 cpe:/a:oracle:oracle8i:standard_8.1.7_.0.0 cpe:/a:oracle:oracle8i:standard_8.1.7_.1 cpe:/a:oracle:oracle8i:standard_8.1.7_.4 cpe:/a:oracle:oracle9i:client_9.2.0.1 cpe:/a:oracle:oracle9i:client_9.2.0.2 cpe:/a:oracle:oracle9i:enterprise_9.0.1 cpe:/a:oracle:oracle9i:enterprise_9.2.0.1 cpe:/a:oracle:oracle9i:enterprise_9.2.0.2 cpe:/a:oracle:oracle9i:personal_9.0.1 cpe:/a:oracle:oracle9i:personal_9.2.0.1 cpe:/a:oracle:oracle9i:personal_9.2.0.2 cpe:/a:oracle:oracle9i:standard_9.0 cpe:/a:oracle:oracle9i:standard_9.0.1 cpe:/a:oracle:oracle9i:standard_9.0.1.2 cpe:/a:oracle:oracle9i:standard_9.0.1.3 cpe:/a:oracle:oracle9i:standard_9.0.1.4 cpe:/a:oracle:oracle9i:standard_9.0.2 cpe:/a:oracle:oracle9i:standard_9.2.0.1 cpe:/a:oracle:oracle9i:standard_9.2.0.2 CVE-2003-0634 2003-08-27T00:00:00.000-04:00 2017-07-10T21:29:34.510-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030912 Update to the Oracle EXTPROC advisory BUGTRAQ 20030725 Oracle Extproc Buffer Overflow (#NISR25072003) BUGTRAQ 20030725 question about oracle advisory NTBUGTRAQ 20030725 Oracle Extproc Buffer Overflow (#NISR25072003) CONFIRM http://otn.oracle.com/deploy/security/pdf/2003alert57.pdf CERT-VN VU#936868 BID 8267 XF oracle-extproc-bo(12721) Stack-based buffer overflow in the PL/SQL EXTPROC functionality for Oracle9i Database Release 2 and 1, and Oracle 8i, allows authenticated database users, and arbitrary database users in some cases, to execute arbitrary code via a long library name. cpe:/a:novell:ichain:2.2 CVE-2003-0635 2003-08-27T00:00:00.000-04:00 2016-10-17T22:36:12.730-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030606 NOVL-2003-2966205 - iChain 2.2 Field Patch 1a CONFIRM http://support.novell.com/cgi-bin/search/searchtid.cgi?/2966435.htm Unknown vulnerability or vulnerabilities in Novell iChain 2.2 before Support Pack 1, with unknown impact, possibly related to unauthorized access to (1) NCPIP.NLM and (2) JSTCP.NLM. cpe:/a:novell:ichain:2.2 CVE-2003-0636 2003-08-27T00:00:00.000-04:00 2008-09-05T16:34:50.797-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS CONFIRM http://support.novell.com/cgi-bin/search/searchtid.cgi?/2966435.htm Novell iChain 2.2 before Support Pack 1 does not properly verify that URL redirects match the DNS name of an accelerator, which allows attackers to redirect URLs to malicious web sites. cpe:/a:novell:ichain:2.2 CVE-2003-0637 2003-08-27T00:00:00.000-04:00 2008-09-05T16:34:50.953-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CONFIRM http://support.novell.com/cgi-bin/search/searchtid.cgi?/2966435.htm Novell iChain 2.2 before Support Pack 1 uses a shorter timeout for a non-existent user than a valid user, which makes it easier for remote attackers to guess usernames and conduct brute force password guessing. cpe:/a:novell:ichain:2.1 cpe:/a:novell:ichain:2.1:sp1 cpe:/a:novell:ichain:2.1:sp2 CVE-2003-0638 2003-08-27T00:00:00.000-04:00 2016-10-17T22:36:14.010-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030606 NOVL-2003-2966207 - iChain 2.1 Field Patch 3 BUGTRAQ 20030606 NOVL-2003-2966205 - iChain 2.2 Field Patch 1a CONFIRM http://support.novell.com/cgi-bin/search/searchtid.cgi?/2966435.htm Multiple buffer overflows in Novell iChain 2.1 before Field Patch 3, and iChain 2.2 before Field Patch 1a, allow attackers to cause a denial of service (ABEND) and possibly execute arbitrary code via (1) a long user name or (2) an unknown attack related to a "special script against login." cpe:/a:novell:ichain:2.1 cpe:/a:novell:ichain:2.1:sp1 cpe:/a:novell:ichain:2.1:sp2 CVE-2003-0639 2003-08-27T00:00:00.000-04:00 2016-10-17T22:36:15.167-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030606 NOVL-2003-2966205 - iChain 2.2 Field Patch 1a CONFIRM http://support.novell.com/cgi-bin/search/searchtid.cgi?/2966435.htm Unknown vulnerability in Novell iChain 2.2 before Support Pack 1 allows users to access restricted or secure pages without authentication. cpe:/a:bea:weblogic_server cpe:/a:bea:weblogic_server:::express CVE-2003-0640 2003-08-27T00:00:00.000-04:00 2008-09-05T16:34:51.407-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS CONFIRM http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-33.jsp BEA WebLogic Server and Express, when using NodeManager to start servers, provides Operator users with privileges to overwrite usernames and passwords, which may allow Operators to gain Admin privileges. cpe:/a:watchguard:serverlock:2.0 cpe:/a:watchguard:serverlock:2.0.1 cpe:/a:watchguard:serverlock:2.0.2 CVE-2003-0641 2003-08-27T00:00:00.000-04:00 2017-07-10T21:29:34.573-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030717 Bypassing ServerLock protection on Windows 2000 BID 8222 XF serverlock-openprocess-load-module(12665) WatchGuard ServerLock for Windows 2000 before SL 2.0.3 allows local users to load arbitrary modules via the OpenProcess() function, as demonstrated using (1) a DLL injection attack, (2) ZwSetSystemInformation, and (3) API hooking in OpenProcess. cpe:/a:watchguard:serverlock:2.0 cpe:/a:watchguard:serverlock:2.0.1 cpe:/a:watchguard:serverlock:2.0.2 cpe:/a:watchguard:serverlock:2.0.3 CVE-2003-0642 2003-08-27T00:00:00.000-04:00 2017-07-10T21:29:34.617-04:00 2.1 LOCAL LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030717 Bypassing ServerLock protection on Windows 2000 BID 8223 XF serverlock-physicalmemory-symlink(12666) WatchGuard ServerLock for Windows 2000 before SL 2.0.4 allows local users to access kernel memory via a symlink attack on \Device\PhysicalMemory. cpe:/o:linux:linux_kernel:2.4.2 cpe:/o:linux:linux_kernel:2.4.3:pre3 cpe:/o:linux:linux_kernel:2.4.4 cpe:/o:linux:linux_kernel:2.4.5 cpe:/o:linux:linux_kernel:2.4.6 cpe:/o:linux:linux_kernel:2.4.7 cpe:/o:linux:linux_kernel:2.4.8 cpe:/o:linux:linux_kernel:2.4.9 cpe:/o:linux:linux_kernel:2.4.10 cpe:/o:linux:linux_kernel:2.4.11 cpe:/o:linux:linux_kernel:2.4.12 cpe:/o:linux:linux_kernel:2.4.13 cpe:/o:linux:linux_kernel:2.4.14 cpe:/o:linux:linux_kernel:2.4.15 cpe:/o:linux:linux_kernel:2.4.16 cpe:/o:linux:linux_kernel:2.4.17 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel:2.4.18::x86 cpe:/o:linux:linux_kernel:2.4.18:pre1 cpe:/o:linux:linux_kernel:2.4.18:pre2 cpe:/o:linux:linux_kernel:2.4.18:pre3 cpe:/o:linux:linux_kernel:2.4.18:pre4 cpe:/o:linux:linux_kernel:2.4.18:pre5 cpe:/o:linux:linux_kernel:2.4.18:pre6 cpe:/o:linux:linux_kernel:2.4.18:pre7 cpe:/o:linux:linux_kernel:2.4.18:pre8 cpe:/o:linux:linux_kernel:2.4.19 cpe:/o:linux:linux_kernel:2.4.19:pre1 cpe:/o:linux:linux_kernel:2.4.19:pre2 cpe:/o:linux:linux_kernel:2.4.19:pre3 cpe:/o:linux:linux_kernel:2.4.19:pre4 cpe:/o:linux:linux_kernel:2.4.19:pre5 cpe:/o:linux:linux_kernel:2.4.19:pre6 cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.4.21 cpe:/o:linux:linux_kernel:2.4.21:pre1 cpe:/o:linux:linux_kernel:2.4.21:pre4 cpe:/o:linux:linux_kernel:2.4.21:pre7 cpe:/o:linux:linux_kernel:2.4.22:pre10 CVE-2003-0643 2003-07-25T00:00:00.000-04:00 2008-09-10T15:20:01.853-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-05-24T15:15:00.000-04:00 CONFIRM http://gentoo.kems.net/gentoo-x86-portage/sys-kernel/gentoo-sources/ChangeLog MISC http://www.ultramonkey.org/bugs/cve/CAN-2003-0643.shtml MISC http://www.ultramonkey.org/bugs/cve-patch/CAN-2003-0643.patch CONFIRM http://www.xerox.com/downloads/usa/en/c/cert_XRX06_004_v11.pdf Integer signedness error in the Linux Socket Filter implementation (filter.c) in Linux 2.4.3-pre3 to 2.4.22-pre10 allows attackers to cause a denial of service (crash). cpe:/a:johannes_sixt:kdbg:1.1.0 cpe:/a:johannes_sixt:kdbg:1.1.1 cpe:/a:johannes_sixt:kdbg:1.1.2 cpe:/a:johannes_sixt:kdbg:1.1.3 cpe:/a:johannes_sixt:kdbg:1.1.4 cpe:/a:johannes_sixt:kdbg:1.1.5 cpe:/a:johannes_sixt:kdbg:1.1.6 cpe:/a:johannes_sixt:kdbg:1.1.7 cpe:/a:johannes_sixt:kdbg:1.2.0 cpe:/a:johannes_sixt:kdbg:1.2.1 cpe:/a:johannes_sixt:kdbg:1.2.2 cpe:/a:johannes_sixt:kdbg:1.2.3 cpe:/a:johannes_sixt:kdbg:1.2.4 cpe:/a:johannes_sixt:kdbg:1.2.5 cpe:/a:johannes_sixt:kdbg:1.2.6 cpe:/a:johannes_sixt:kdbg:1.2.7 cpe:/a:johannes_sixt:kdbg:1.2.8 CVE-2003-0644 2003-09-07T00:00:00.000-04:00 2008-09-05T16:34:52.127-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-24T15:07:00.000-04:00 ALLOWS_USER_ACCESS MLIST [debian-devel-changes] 20030909 Accepted kdbg 1.2.9-1 (i386 source) CONFIRM http://lists.kde.org/?l=kde-announce&m=106296509815092&w=2 REDHAT RHSA-2005:416 Kdbg 1.1.0 through 1.2.8 does not check permissions of the .kdbgrc file, which allows local users to execute arbitrary commands. cpe:/a:andries_brouwer:man:2.3.20 cpe:/a:andries_brouwer:man:2.4.1 CVE-2003-0645 2003-08-27T00:00:00.000-04:00 2017-07-10T21:29:34.667-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030806 man-db[v2.4.1-]: open_cat_stream() privileged call exploit. DEBIAN DSA-364 BID 8352 XF mandb-opencatstream-gain-privileges(12848) man-db 2.3.12 and 2.3.18 to 2.4.1 uses certain user-controlled DEFINE directives from the ~/.manpath file, even when running setuid, which could allow local users to gain privileges. cpe:/a:trend_micro:damage_cleanup_server:1.0 cpe:/a:trend_micro:housecall:5.5 cpe:/a:trend_micro:housecall:5.7 CVE-2003-0646 2003-08-27T00:00:00.000-04:00 2008-09-10T15:20:02.570-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS CONFIRM http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionID=15274 FULLDISC 20030711 Trend Micro ActiveX Multiple Overflows Multiple buffer overflows in ActiveX controls used by Trend Micro HouseCall 5.5 and 5.7, and Damage Cleanup Server 1.0, allow remote attackers to execute arbitrary code via long parameter strings. cpe:/o:cisco:ios:12.2 CVE-2003-0647 2003-08-27T00:00:00.000-04:00 2008-09-10T15:20:02.633-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS CISCO 20030731 Sending 2GB Data in GET Request Causes Buffer Overflow in Cisco IOS Software CERT-VN VU#579324 Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET request. cpe:/a:fte:fte_text_editor cpe:/o:debian:debian_linux:3.0 CVE-2003-0648 2004-05-04T00:00:00.000-04:00 2017-07-10T21:29:34.727-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SECTRACK 1009655 SECTRACK 1009656 DEBIAN DSA-472 CERT-VN VU#354838 CERT-VN VU#900964 BID 10041 XF ftetexteditor-vfte-bo(15726) Multiple buffer overflows in vfte, based on FTE, before 0.50, allow local users to execute arbitrary code. cpe:/a:xpcd:xpcd:2.08 CVE-2003-0649 2003-08-27T00:00:00.000-04:00 2008-09-10T15:20:02.790-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS DEBIAN DSA-368 MANDRAKE MDKSA-2004:053 Buffer overflow in xpcd-svga for xpcd 2.08 and earlier allows local users to execute arbitrary code via a long HOME environment variable. cpe:/a:gamespy:arcade:1.3e CVE-2003-0650 2003-08-27T00:00:00.000-04:00 2016-10-17T22:36:20.433-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030730 GameSpy Arcade Arbitrary File Writing Vulnerability BUGTRAQ 20030730 GameSpy Arcade Arbitrary File Writing Vulnerability MISC http://www.gamespyarcade.com/features/versions.shtml BID 8309 Directory traversal vulnerability in GSAPAK.EXE for GameSpy Arcade, possibly versions before 1.3e, allows remote attackers to overwrite arbitrary files and execute arbitrary code via .. (dot dot) sequences in filenames in a .APK (Zip) file. cpe:/a:mod_mylo:mod_mylo:0.1 cpe:/a:mod_mylo:mod_mylo:2.0 cpe:/a:mod_mylo:mod_mylo:2.1 CVE-2003-0651 2003-08-27T00:00:00.000-04:00 2008-09-05T16:34:53.237-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20030728 Remotely exploitable overflow in mod_mylo for Apache BID 8287 Buffer overflow in the mylo_log logging function for mod_mylo 0.2.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. cpe:/a:xtokkaetama:xtokkaetama:1.0_b6 CVE-2003-0652 2003-08-27T00:00:00.000-04:00 2016-10-17T22:36:21.653-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030803 xtokkaetama[v1.0b+]: (missed) buffer overflow exploit. DEBIAN DSA-367 Buffer overflow in xtokkaetama allows local users to gain privileges via a long -nickname command line argument, a different vulnerability than CVE-2003-0611. cpe:/o:netbsd:netbsd:1.5 cpe:/o:netbsd:netbsd:1.5.1 cpe:/o:netbsd:netbsd:1.5.2 cpe:/o:netbsd:netbsd:1.5.3 cpe:/o:netbsd:netbsd:1.6 cpe:/o:netbsd:netbsd:1.6.1 CVE-2003-0653 2003-08-27T00:00:00.000-04:00 2008-09-10T15:20:03.493-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 NETBSD NetBSD-SA2003-010 The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTHDR" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel panic or crash) via certain OSI packets. cpe:/a:autorespond:autorespond:2.0.2 CVE-2003-0654 2003-08-27T00:00:00.000-04:00 2008-09-10T15:20:03.557-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS DEBIAN DSA-373 Buffer overflow in autorespond may allow remote attackers to execute arbitrary code as the autorespond user via qmail. cpe:/a:cdrtools:cdrtools:2.0 cpe:/a:cdrtools:cdrtools:2.0.3 CVE-2003-0655 2003-08-27T00:00:00.000-04:00 2016-10-17T22:36:23.107-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030801 SRT2003-08-01-0126 - cdrtools local root exploit MISC http://www.secnetops.com/research/advisories/SRT2003-08-01-0126.txt rscsi in cdrtools 2.01 and earlier allows local users to overwrite arbitrary files and gain root privileges by specifying the target file as a command line argument, which is modified while rscsi is running with privileges. cpe:/a:eroaster:eroaster:2.0.0 cpe:/a:eroaster:eroaster:2.1.0 cpe:/a:eroaster:eroaster:2.2.0 CVE-2003-0656 2003-08-27T00:00:00.000-04:00 2016-10-17T22:36:24.340-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030902 GLSA: eroaster (200309-04) DEBIAN DSA-366 MANDRAKE MDKSA-2003:083 eroaster before 2.2.0 allows local users to overwrite arbitrary files via a symlink attack on a temporary file that is used as a lockfile. cpe:/a:phpgroupware:phpgroupware:0.9.14 CVE-2003-0657 2003-08-27T00:00:00.000-04:00 2008-09-05T16:34:54.173-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS DEBIAN DSA-365 Multiple SQL injection vulnerabilities in the infolog module for phpgroupware 0.9.14 and earlier could allow remote attackers to conduct unauthorized database actions. cpe:/a:caldera:openlinux_server:3.1.1 cpe:/a:caldera:openlinux_workstation:3.1.1 cpe:/a:caldera:openserver:5.0.7 cpe:/o:sco:unixware:7.1.3 CVE-2003-0658 2003-10-20T00:00:00.000-04:00 2008-09-10T15:20:03.867-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules. cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2000::sp1 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 cpe:/o:microsoft:windows_2000::sp4 cpe:/o:microsoft:windows_2003_server:enterprise::64-bit cpe:/o:microsoft:windows_2003_server:enterprise_64-bit cpe:/o:microsoft:windows_2003_server:r2::64-bit cpe:/o:microsoft:windows_2003_server:r2::datacenter_64-bit cpe:/o:microsoft:windows_2003_server:standard::64-bit cpe:/o:microsoft:windows_2003_server:web cpe:/o:microsoft:windows_nt:4.0::enterprise_server cpe:/o:microsoft:windows_nt:4.0::server cpe:/o:microsoft:windows_nt:4.0::terminal_server cpe:/o:microsoft:windows_nt:4.0::workstation cpe:/o:microsoft:windows_nt:4.0:sp1:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp1:server cpe:/o:microsoft:windows_nt:4.0:sp1:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp1:workstation cpe:/o:microsoft:windows_nt:4.0:sp2:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp2:server cpe:/o:microsoft:windows_nt:4.0:sp2:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp2:workstation cpe:/o:microsoft:windows_nt:4.0:sp3:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp3:server cpe:/o:microsoft:windows_nt:4.0:sp3:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp3:workstation cpe:/o:microsoft:windows_nt:4.0:sp4:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp4:server cpe:/o:microsoft:windows_nt:4.0:sp4:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp4:workstation cpe:/o:microsoft:windows_nt:4.0:sp5:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp5:server cpe:/o:microsoft:windows_nt:4.0:sp5:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp5:workstation cpe:/o:microsoft:windows_nt:4.0:sp6:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6:server cpe:/o:microsoft:windows_nt:4.0:sp6:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6:workstation cpe:/o:microsoft:windows_nt:4.0:sp6a:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6a:server cpe:/o:microsoft:windows_nt:4.0:sp6a:workstation cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_xp:::embedded cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_xp::sp1:embedded cpe:/o:microsoft:windows_xp::sp1:home CVE-2003-0659 2003-11-17T00:00:00.000-05:00 2019-04-30T10:27:13.913-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20031016 Listbox And Combobox Control Buffer Overflow NTBUGTRAQ 20031016 Listbox And Combobox Control Buffer Overflow CERT CA-2003-27 CERT-VN VU#967668 BID 8827 MS MS03-045 XF win-user32-control-bo(13424) Buffer overflow in a function in User32.dll on Windows NT through Server 2003 allows local users to execute arbitrary code via long (1) LB_DIR messages to ListBox or (2) CB_DIR messages to ComboBox controls in a privileged application. cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2000::sp1 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 cpe:/o:microsoft:windows_2000::sp4 cpe:/o:microsoft:windows_2003_server:enterprise::64-bit cpe:/o:microsoft:windows_2003_server:enterprise_64-bit cpe:/o:microsoft:windows_2003_server:r2::64-bit cpe:/o:microsoft:windows_2003_server:r2::datacenter_64-bit cpe:/o:microsoft:windows_2003_server:standard::64-bit cpe:/o:microsoft:windows_2003_server:web cpe:/o:microsoft:windows_nt:4.0::enterprise_server cpe:/o:microsoft:windows_nt:4.0::server cpe:/o:microsoft:windows_nt:4.0::terminal_server cpe:/o:microsoft:windows_nt:4.0::workstation cpe:/o:microsoft:windows_nt:4.0:sp1:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp1:server cpe:/o:microsoft:windows_nt:4.0:sp1:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp1:workstation cpe:/o:microsoft:windows_nt:4.0:sp2:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp2:server cpe:/o:microsoft:windows_nt:4.0:sp2:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp2:workstation cpe:/o:microsoft:windows_nt:4.0:sp3:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp3:server cpe:/o:microsoft:windows_nt:4.0:sp3:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp3:workstation cpe:/o:microsoft:windows_nt:4.0:sp4:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp4:server cpe:/o:microsoft:windows_nt:4.0:sp4:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp4:workstation cpe:/o:microsoft:windows_nt:4.0:sp5:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp5:server cpe:/o:microsoft:windows_nt:4.0:sp5:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp5:workstation cpe:/o:microsoft:windows_nt:4.0:sp6:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6:server cpe:/o:microsoft:windows_nt:4.0:sp6:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6:workstation cpe:/o:microsoft:windows_nt:4.0:sp6a:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6a:server cpe:/o:microsoft:windows_nt:4.0:sp6a:workstation cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_xp:::embedded cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_xp::sp1:embedded cpe:/o:microsoft:windows_xp::sp1:home CVE-2003-0660 2003-11-17T00:00:00.000-05:00 2019-04-30T10:27:13.913-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS CERT CA-2003-27 CERT-VN VU#838572 BID 8830 MS MS03-041 XF win-authenticode-code-execution(13422) The Authenticode capability in Microsoft Windows NT through Server 2003 does not prompt the user to download and install ActiveX controls when the system is low on memory, which could allow remote attackers to execute arbitrary code without user approval. cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2000::sp1 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 cpe:/o:microsoft:windows_2000::sp4 cpe:/o:microsoft:windows_2003_server:enterprise::64-bit cpe:/o:microsoft:windows_2003_server:enterprise_64-bit cpe:/o:microsoft:windows_2003_server:r2::64-bit cpe:/o:microsoft:windows_2003_server:r2::datacenter_64-bit cpe:/o:microsoft:windows_2003_server:standard::64-bit cpe:/o:microsoft:windows_2003_server:web cpe:/o:microsoft:windows_nt:4.0::enterprise_server cpe:/o:microsoft:windows_nt:4.0::server cpe:/o:microsoft:windows_nt:4.0::terminal_server cpe:/o:microsoft:windows_nt:4.0::workstation cpe:/o:microsoft:windows_nt:4.0:sp1:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp1:server cpe:/o:microsoft:windows_nt:4.0:sp1:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp1:workstation cpe:/o:microsoft:windows_nt:4.0:sp2:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp2:server cpe:/o:microsoft:windows_nt:4.0:sp2:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp2:workstation cpe:/o:microsoft:windows_nt:4.0:sp3:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp3:server cpe:/o:microsoft:windows_nt:4.0:sp3:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp3:workstation cpe:/o:microsoft:windows_nt:4.0:sp4:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp4:server cpe:/o:microsoft:windows_nt:4.0:sp4:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp4:workstation cpe:/o:microsoft:windows_nt:4.0:sp5:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp5:server cpe:/o:microsoft:windows_nt:4.0:sp5:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp5:workstation cpe:/o:microsoft:windows_nt:4.0:sp6:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6:server cpe:/o:microsoft:windows_nt:4.0:sp6:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6:workstation cpe:/o:microsoft:windows_nt:4.0:sp6a:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6a:server cpe:/o:microsoft:windows_nt:4.0:sp6a:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6a:workstation cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_xp::sp1:home CVE-2003-0661 2003-10-20T00:00:00.000-04:00 2019-04-30T10:27:13.913-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov CERT-VN VU#989932 MS MS03-034 The NetBT Name Service (NBNS) for NetBIOS in Windows NT 4.0, 2000, XP, and Server 2003 may include random memory in a response to a NBNS query, which could allow remote attackers to obtain sensitive information. cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2000::sp1 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 cpe:/o:microsoft:windows_2000::sp4 CVE-2003-0662 2003-11-17T00:00:00.000-05:00 2019-04-30T10:27:13.913-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20031016 Microsoft Local Troubleshooter ActiveX control buffer overflow FULLDISC 20031016 Microsoft Local Troubleshooter ActiveX control buffer overflow NTBUGTRAQ 20031016 Microsoft Local Troubleshooter ActiveX control buffer overflow CERT CA-2003-27 CERT-VN VU#989932 BID 8833 MS MS03-042 XF win2k-local-troubleshooter-bo(13423) Buffer overflow in Troubleshooter ActiveX Control (Tshoot.ocx) in Microsoft Windows 2000 SP4 and earlier allows remote attackers to execute arbitrary code via an HTML document with a long argument to the RunQuery2 method. cpe:/o:microsoft:windows_2000 CVE-2003-0663 2004-06-01T00:00:00.000-04:00 2018-10-12T17:32:56.647-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CIAC O-114 CERT-VN VU#639428 BID 10114 CERT TA04-104A MS MS04-011 XF win2k-lsass-ldap-dos(15700) Unknown vulnerability in the Local Security Authority Subsystem Service (LSASS) in Windows 2000 domain controllers allows remote attackers to cause a denial of service via a crafted LDAP message. cpe:/a:microsoft:word:97 cpe:/a:microsoft:word:97:sr1 cpe:/a:microsoft:word:97:sr2 cpe:/a:microsoft:word:98 cpe:/a:microsoft:word:98:::ja cpe:/a:microsoft:word:2000 cpe:/a:microsoft:word:2000:sp2 cpe:/a:microsoft:word:2000:sp3 cpe:/a:microsoft:word:2000:sr1 cpe:/a:microsoft:word:2000:sr1a cpe:/a:microsoft:word:2002 cpe:/a:microsoft:word:2002:sp1 cpe:/a:microsoft:word:2002:sp2 cpe:/a:microsoft:works:2001 cpe:/a:microsoft:works:2002 cpe:/a:microsoft:works:2003 CVE-2003-0664 2003-10-20T00:00:00.000-04:00 2018-10-12T17:32:57.320-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS MS MS03-035 Microsoft Word 2002, 2000, 97, and 98(J) does not properly check certain properties of a document, which allows attackers to bypass the macro security model and automatically execute arbitrary macros via a malicious document. cpe:/a:microsoft:access:97 cpe:/a:microsoft:access:2000 cpe:/a:microsoft:access:2000:sp1 cpe:/a:microsoft:access:2000:sp2 cpe:/a:microsoft:access:2000:sp3 cpe:/a:microsoft:access:2002 cpe:/a:microsoft:access:2002:sp1 cpe:/a:microsoft:access:2002:sp2 CVE-2003-0665 2003-10-20T00:00:00.000-04:00 2018-10-12T17:32:57.587-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CERT-VN VU#992132 BID 8536 MS MS03-038 Buffer overflow in the ActiveX control for Microsoft Access Snapshot Viewer for Access 97, 2000, and 2002 allows remote attackers to execute arbitrary code via long parameters to the control. cpe:/a:microsoft:wordperfect_converter CVE-2003-0666 2003-10-20T00:00:00.000-04:00 2018-10-12T17:32:57.913-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030903 EEYE: Microsoft WordPerfect Document Converter Buffer Overflow BUGTRAQ 20030903 EEYE: Microsoft WordPerfect Document Converter Buffer Overflow BUGTRAQ 20030905 Microsoft WordPerfect Document Converter Exploit MS MS03-036 Buffer overflow in Microsoft Wordperfect Converter allows remote attackers to execute arbitrary code via modified data offset and data size parameters in a Corel WordPerfect file. cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0::x86 cpe:/o:sun:sunos:- cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-0669 2003-08-27T00:00:00.000-04:00 2018-10-30T12:26:22.763-04:00 1.2 LOCAL HIGH NONE NONE NONE PARTIAL http://nvd.nist.gov SUNALERT 47353 Unknown vulnerability in Solaris 2.6 through 9 causes a denial of service (system panic) via "a rare race condition" or an attack by local users. cpe:/a:sustainable_softworks:ipnetmonitorx cpe:/a:sustainable_softworks:ipnetsentryx CVE-2003-0670 2003-08-27T00:00:00.000-04:00 2008-09-10T15:20:05.617-04:00 2.1 LOCAL LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ATSTAKE A080703-1 Sustworks IPNetSentryX and IPNetMonitorX allow local users to sniff network packets via the setuid helper applications (1) RunTCPDump, which calls tcpdump, and (2) RunTCPFlow, which calls tcpflow. cpe:/a:jeremy_elson:tcpflow:0.10 cpe:/a:jeremy_elson:tcpflow:0.11 cpe:/a:jeremy_elson:tcpflow:0.12 cpe:/a:jeremy_elson:tcpflow:0.20 CVE-2003-0671 2003-08-27T00:00:00.000-04:00 2008-09-10T15:20:05.743-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS ATSTAKE A080703-1 ATSTAKE A080703-2 Format string vulnerability in tcpflow, when used in a setuid context, allows local users to execute arbitrary code via the device name argument, as demonstrated in Sustworks IPNetSentryX and IPNetMonitorX the setuid program RunTCPFlow. cpe:/a:leon_j_breedt:pam-pgsql:0.5.1 cpe:/a:leon_j_breedt:pam-pgsql:0.5.2 CVE-2003-0672 2003-08-27T00:00:00.000-04:00 2008-09-10T15:20:05.853-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS DEBIAN DSA-370 Format string vulnerability in pam-pgsql 0.5.2 and earlier allows remote attackers to execute arbitrary code via the username that isp rovided during authentication, which is not properly handled when recording a log message. cpe:/a:sun:iplanet_directory_server:5.0 cpe:/a:sun:iplanet_directory_server:5.1 cpe:/a:sun:iplanet_directory_server:5.1:sp1 cpe:/a:sun:iplanet_directory_server:5.1:sp2 cpe:/a:sun:one_directory_server:5.0 cpe:/a:sun:one_directory_server:5.0:sp1 cpe:/a:sun:one_directory_server:5.0_sp2 cpe:/a:sun:one_directory_server:5.1 cpe:/a:sun:one_directory_server:5.1:sp1 cpe:/a:sun:one_directory_server:5.1:sp2 CVE-2003-0676 2003-08-27T00:00:00.000-04:00 2016-10-17T22:36:28.903-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030808 Directory Traversal in Sun iPlanet Administration Server 5.1 Directory traversal vulnerability in ViewLog for iPlanet Administration Server 5.1 (aka Sun ONE) allows remote attackers to read arbitrary files via "..%2f" (partially encoded dot dot) sequences. cpe:/a:cisco:webns:5.0_0.038s CVE-2003-0677 2003-08-27T00:00:00.000-04:00 2008-09-10T15:20:06.057-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 VULNWATCH 20030807 Cisco CSS 11000 Series DoS BUGTRAQ 20030808 Re: [VulnWatch] Cisco CSS 11000 Series DoS BUGTRAQ 20030807 Cisco CSS 11000 Series DoS Cisco CSS 11000 routers on the CS800 chassis allow remote attackers to cause a denial of service (CPU consumption or reboot) via a large number of TCP SYN packets to the circuit IP address, aka "ONDM Ping failure." CVE-2003-0678 2017-05-11T10:29:00.963-04:00 2017-05-11T10:29:00.963-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. cpe:/o:sgi:irix:6.5.21f CVE-2003-0679 2003-08-27T00:00:00.000-04:00 2008-09-10T15:20:06.117-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 SGI 20030802-01-P Unknown vulnerability in the libcpr library for the Checkpoint/Restart (cpr) system on SGI IRIX 6.5.21f and earlier allows local users to truncate or overwrite certain files. cpe:/o:sgi:irix:6.5.21 cpe:/o:sgi:irix:6.5.21f cpe:/o:sgi:irix:6.5.21m CVE-2003-0680 2003-10-06T00:00:00.000-04:00 2008-09-10T15:20:06.197-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS SGI 20030901-01-P Unknown vulnerability in NFS for SGI IRIX 6.5.21 and earlier may allow an NFS client to bypass read-only restrictions. cpe:/a:sendmail:advanced_message_server:1.2 cpe:/a:sendmail:advanced_message_server:1.3 cpe:/a:sendmail:sendmail:2.6 cpe:/a:sendmail:sendmail:2.6.1 cpe:/a:sendmail:sendmail:2.6.2 cpe:/a:sendmail:sendmail:3.0 cpe:/a:sendmail:sendmail:3.0.1 cpe:/a:sendmail:sendmail:3.0.2 cpe:/a:sendmail:sendmail:3.0.3 cpe:/a:sendmail:sendmail:8.8.8 cpe:/a:sendmail:sendmail:8.9.0 cpe:/a:sendmail:sendmail:8.9.1 cpe:/a:sendmail:sendmail:8.9.2 cpe:/a:sendmail:sendmail:8.9.3 cpe:/a:sendmail:sendmail:8.10 cpe:/a:sendmail:sendmail:8.10.1 cpe:/a:sendmail:sendmail:8.10.2 cpe:/a:sendmail:sendmail:8.11.0 cpe:/a:sendmail:sendmail:8.11.1 cpe:/a:sendmail:sendmail:8.11.2 cpe:/a:sendmail:sendmail:8.11.3 cpe:/a:sendmail:sendmail:8.11.4 cpe:/a:sendmail:sendmail:8.11.5 cpe:/a:sendmail:sendmail:8.11.6 cpe:/a:sendmail:sendmail:8.12:beta10 cpe:/a:sendmail:sendmail:8.12:beta12 cpe:/a:sendmail:sendmail:8.12:beta16 cpe:/a:sendmail:sendmail:8.12:beta5 cpe:/a:sendmail:sendmail:8.12:beta7 cpe:/a:sendmail:sendmail:8.12.0 cpe:/a:sendmail:sendmail:8.12.1 cpe:/a:sendmail:sendmail:8.12.2 cpe:/a:sendmail:sendmail:8.12.3 cpe:/a:sendmail:sendmail:8.12.4 cpe:/a:sendmail:sendmail:8.12.5 cpe:/a:sendmail:sendmail:8.12.6 cpe:/a:sendmail:sendmail:8.12.7 cpe:/a:sendmail:sendmail:8.12.8 cpe:/a:sendmail:sendmail:8.12.9 cpe:/a:sendmail:sendmail_pro:8.9.2 cpe:/a:sendmail:sendmail_pro:8.9.3 cpe:/a:sendmail:sendmail_switch:2.1 cpe:/a:sendmail:sendmail_switch:2.1.1 cpe:/a:sendmail:sendmail_switch:2.1.2 cpe:/a:sendmail:sendmail_switch:2.1.3 cpe:/a:sendmail:sendmail_switch:2.1.4 cpe:/a:sendmail:sendmail_switch:2.1.5 cpe:/a:sendmail:sendmail_switch:2.2 cpe:/a:sendmail:sendmail_switch:2.2.1 cpe:/a:sendmail:sendmail_switch:2.2.2 cpe:/a:sendmail:sendmail_switch:2.2.3 cpe:/a:sendmail:sendmail_switch:2.2.4 cpe:/a:sendmail:sendmail_switch:2.2.5 cpe:/a:sendmail:sendmail_switch:3.0 cpe:/a:sendmail:sendmail_switch:3.0.1 cpe:/a:sendmail:sendmail_switch:3.0.2 cpe:/a:sendmail:sendmail_switch:3.0.3 cpe:/o:apple:mac_os_x:10.2 cpe:/o:apple:mac_os_x:10.2.1 cpe:/o:apple:mac_os_x:10.2.2 cpe:/o:apple:mac_os_x:10.2.3 cpe:/o:apple:mac_os_x:10.2.4 cpe:/o:apple:mac_os_x:10.2.5 cpe:/o:apple:mac_os_x:10.2.6 cpe:/o:apple:mac_os_x_server:10.2 cpe:/o:apple:mac_os_x_server:10.2.1 cpe:/o:apple:mac_os_x_server:10.2.2 cpe:/o:apple:mac_os_x_server:10.2.3 cpe:/o:apple:mac_os_x_server:10.2.4 cpe:/o:apple:mac_os_x_server:10.2.5 cpe:/o:apple:mac_os_x_server:10.2.6 cpe:/o:gentoo:linux:0.5 cpe:/o:gentoo:linux:0.7 cpe:/o:gentoo:linux:1.1a cpe:/o:gentoo:linux:1.2 cpe:/o:gentoo:linux:1.4:rc1 cpe:/o:gentoo:linux:1.4:rc2 cpe:/o:gentoo:linux:1.4:rc3 cpe:/o:hp:hp-ux:11.00 cpe:/o:hp:hp-ux:11.0.4 cpe:/o:hp:hp-ux:11.11 cpe:/o:hp:hp-ux:11.22 cpe:/o:ibm:aix:4.3.3 cpe:/o:ibm:aix:5.1 cpe:/o:ibm:aix:5.2 cpe:/o:netbsd:netbsd:1.4.3 cpe:/o:netbsd:netbsd:1.5 cpe:/o:netbsd:netbsd:1.5::sh3 cpe:/o:netbsd:netbsd:1.5::x86 cpe:/o:netbsd:netbsd:1.5.1 cpe:/o:netbsd:netbsd:1.5.2 cpe:/o:netbsd:netbsd:1.5.3 cpe:/o:netbsd:netbsd:1.6 cpe:/o:netbsd:netbsd:1.6:beta cpe:/o:netbsd:netbsd:1.6.1 cpe:/o:openbsd:openbsd:3.2 cpe:/o:openbsd:openbsd:3.3 cpe:/o:turbolinux:turbolinux_advanced_server:6.0 cpe:/o:turbolinux:turbolinux_server:6.1 cpe:/o:turbolinux:turbolinux_server:6.5 cpe:/o:turbolinux:turbolinux_server:7.0 cpe:/o:turbolinux:turbolinux_server:8.0 cpe:/o:turbolinux:turbolinux_workstation:6.0 cpe:/o:turbolinux:turbolinux_workstation:7.0 cpe:/o:turbolinux:turbolinux_workstation:8.0 CVE-2003-0681 2003-10-06T00:00:00.000-04:00 2018-05-02T21:29:21.663-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONECTIVA CLA-2003:742 BUGTRAQ 20030917 GLSA: sendmail (200309-13) BUGTRAQ 20030919 [OpenPKG-SA-2003.041] OpenPKG Security Advisory (sendmail) DEBIAN DSA-384 CERT-VN VU#108964 MANDRAKE MDKSA-2003:092 REDHAT RHSA-2003:283 BID 8649 CONFIRM http://www.sendmail.org/8.12.10.html XF sendmail-ruleset-parsing-bo(13216) A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. cpe:/a:openbsd:openssh:3.7.1 CVE-2003-0682 2003-10-06T00:00:00.000-04:00 2018-05-02T21:29:21.787-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONECTIVA CLA-2003:741 REDHAT RHSA-2003:279 BUGTRAQ 20030917 [OpenPKG-SA-2003.040] OpenPKG Security Advisory (openssh) DEBIAN DSA-382 DEBIAN DSA-383 REDHAT RHSA-2003:280 "Memory bugs" in OpenSSH 3.7.1 and earlier, with unknown impact, a different set of vulnerabilities than CVE-2003-0693 and CVE-2003-0695. cpe:/o:sgi:irix:6.5.21f cpe:/o:sgi:irix:6.5.21m CVE-2003-0683 2003-11-03T00:00:00.000-05:00 2008-09-05T16:34:58.203-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS SGI 20031004-01-P BID 8921 NFS in SGI 6.5.21m and 6.5.21f does not perform access checks in certain configurations when an /etc/exports entry uses wildcards without any hostnames or groups, which could allow attackers to bypass intended restrictions. CVE-2003-0684 2017-05-11T10:29:00.980-04:00 2017-05-11T10:29:00.980-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. cpe:/a:netris:netris:0.3 cpe:/a:netris:netris:0.4 cpe:/a:netris:netris:0.5 CVE-2003-0685 2003-08-27T00:00:00.000-04:00 2016-10-17T22:36:32.873-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030812 Netris client Buffer Overflow Vulnerability. DEBIAN DSA-372 Buffer overflow in Netris 0.52 and earlier, and possibly other versions, allows remote malicious Netris servers to execute arbitrary code on netris clients via a long server response. cpe:/a:dave_airlie:pam_smb:1.1 cpe:/a:dave_airlie:pam_smb:1.1.1 cpe:/a:dave_airlie:pam_smb:1.1.2 cpe:/a:dave_airlie:pam_smb:1.1.3 cpe:/a:dave_airlie:pam_smb:1.1.4 cpe:/a:dave_airlie:pam_smb:1.1.5 cpe:/a:dave_airlie:pam_smb:1.1.6 cpe:/a:dave_airlie:pam_smb:2.0_rc4 cpe:/a:redhat:pam_smb:1.1.6-2::i386 cpe:/a:redhat:pam_smb:1.1.6-2::ia64 cpe:/a:redhat:pam_smb:1.1.6-5::i386 cpe:/a:redhat:pam_smb:1.1.6-7::i386 CVE-2003-0686 2003-10-20T00:00:00.000-04:00 2018-05-02T21:29:21.943-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONECTIVA CLA-2003:734 BUGTRAQ 20030901 GLSA: pam_smb (200309-01) CONFIRM http://us2.samba.org/samba/ftp/pam_smb/ DEBIAN DSA-374 CERT-VN VU#680260 REDHAT RHSA-2003:261 REDHAT RHSA-2003:262 TURBO TLSA-2003-50 Buffer overflow in PAM SMB module (pam_smb) 1.1.6 and earlier, when authenticating to a remote service, allows remote attackers to execute arbitrary code. CVE-2003-0687 2004-08-18T00:00:00.000-04:00 2008-09-10T15:20:09.117-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate has been revoked by its Candidate Numbering Authority (CNA) because it was internally assigned to a problem that was not reachable (the affected routine was not used by the software). Notes: none. cpe:/a:redhat:sendmail:8.12.5-7::i386 cpe:/a:redhat:sendmail:8.12.5-7::i386_cf cpe:/a:redhat:sendmail:8.12.5-7::i386_dev cpe:/a:redhat:sendmail:8.12.5-7::i386_doc cpe:/a:redhat:sendmail:8.12.8-4::i386 cpe:/a:redhat:sendmail:8.12.8-4::i386_cf cpe:/a:redhat:sendmail:8.12.8-4::i386_dev cpe:/a:redhat:sendmail:8.12.8-4::i386_doc cpe:/a:sendmail:sendmail:8.12.1 cpe:/a:sendmail:sendmail:8.12.2 cpe:/a:sendmail:sendmail:8.12.3 cpe:/a:sendmail:sendmail:8.12.4 cpe:/a:sendmail:sendmail:8.12.5 cpe:/a:sendmail:sendmail:8.12.6 cpe:/a:sendmail:sendmail:8.12.7 cpe:/a:sendmail:sendmail:8.12.8 cpe:/o:compaq:tru64:5.0a cpe:/o:compaq:tru64:5.1 cpe:/o:freebsd:freebsd:4.6 cpe:/o:freebsd:freebsd:4.7 cpe:/o:freebsd:freebsd:4.8 cpe:/o:freebsd:freebsd:5.0 cpe:/o:openbsd:openbsd:3.2 cpe:/o:sgi:irix:6.5.19 cpe:/o:sgi:irix:6.5.20 cpe:/o:sgi:irix:6.5.21 CVE-2003-0688 2003-10-20T00:00:00.000-04:00 2018-05-02T21:29:22.053-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SGI 20030803-01-P CONECTIVA CLA-2003:727 CERT-VN VU#993452 MANDRAKE MDKSA-2003:086 SUSE SuSE-SA:2003:035 REDHAT RHSA-2003:265 CONFIRM http://www.sendmail.org/dnsmap1.html The DNS map code in Sendmail 8.12.8 and earlier, when using the "enhdnsbl" feature, does not properly initialize certain data structures, which allows remote attackers to cause a denial of service (process crash) via an invalid DNS response that causes Sendmail to free incorrect data. cpe:/o:redhat:enterprise_linux:2.1::advanced_server cpe:/o:redhat:enterprise_linux:2.1::advanced_server_ia64 cpe:/o:redhat:enterprise_linux:2.1::enterprise_server cpe:/o:redhat:enterprise_linux:2.1::enterprise_server_ia64 cpe:/o:redhat:enterprise_linux:2.1::workstation cpe:/o:redhat:enterprise_linux:2.1::workstation_ia64 CVE-2003-0689 2003-10-20T00:00:00.000-04:00 2008-09-10T15:20:09.257-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS REDHAT RHSA-2003:249 REDHAT RHSA-2003:325 The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow. cpe:/o:kde:kde:1.1 cpe:/o:kde:kde:1.1.1 cpe:/o:kde:kde:1.1.2 cpe:/o:kde:kde:1.2 cpe:/o:kde:kde:2.0 cpe:/o:kde:kde:2.0.1 cpe:/o:kde:kde:2.0_beta cpe:/o:kde:kde:2.1 cpe:/o:kde:kde:2.1.1 cpe:/o:kde:kde:2.1.2 cpe:/o:kde:kde:2.2 cpe:/o:kde:kde:2.2.1 cpe:/o:kde:kde:2.2.2 cpe:/o:kde:kde:3.0 cpe:/o:kde:kde:3.0.1 cpe:/o:kde:kde:3.0.2 cpe:/o:kde:kde:3.0.3 cpe:/o:kde:kde:3.0.3a cpe:/o:kde:kde:3.0.4 cpe:/o:kde:kde:3.0.5 cpe:/o:kde:kde:3.0.5a cpe:/o:kde:kde:3.0.5b cpe:/o:kde:kde:3.1 cpe:/o:kde:kde:3.1.1 cpe:/o:kde:kde:3.1.1a cpe:/o:kde:kde:3.1.2 cpe:/o:kde:kde:3.1.3 CVE-2003-0690 2003-10-06T00:00:00.000-04:00 2017-10-10T21:29:12.950-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS MISC http://cert.uni-stuttgart.de/archive/suse/security/2002/12/msg00101.html CONECTIVA CLA-2003:747 BUGTRAQ 20030916 [KDE SECURITY ADVISORY] KDM vulnerabilities DEBIAN DSA-388 DEBIAN DSA-443 CONFIRM http://www.kde.org/info/security/advisory-20030916-1.txt MANDRAKE MDKSA-2003:091 REDHAT RHSA-2003:270 REDHAT RHSA-2003:286 REDHAT RHSA-2003:287 REDHAT RHSA-2003:288 REDHAT RHSA-2003:289 KDM in KDE 3.1.3 and earlier does not verify whether the pam_setcred function call succeeds, which may allow attackers to gain root privileges by triggering error conditions within PAM modules, as demonstrated in certain configurations of the MIT pam_krb5 module. CVE-2003-0691 2003-12-31T00:00:00.000-05:00 2008-09-10T15:20:09.680-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not associated with any specific security issue. Notes: none. cpe:/o:kde:kde:1.1 cpe:/o:kde:kde:1.1.1 cpe:/o:kde:kde:1.1.2 cpe:/o:kde:kde:1.2 cpe:/o:kde:kde:2.0 cpe:/o:kde:kde:2.0.1 cpe:/o:kde:kde:2.0_beta cpe:/o:kde:kde:2.1 cpe:/o:kde:kde:2.1.1 cpe:/o:kde:kde:2.1.2 cpe:/o:kde:kde:2.2 cpe:/o:kde:kde:2.2.1 cpe:/o:kde:kde:2.2.2 cpe:/o:kde:kde:3.0 cpe:/o:kde:kde:3.0.1 cpe:/o:kde:kde:3.0.2 cpe:/o:kde:kde:3.0.3 cpe:/o:kde:kde:3.0.3a cpe:/o:kde:kde:3.0.4 cpe:/o:kde:kde:3.0.5 cpe:/o:kde:kde:3.0.5a cpe:/o:kde:kde:3.0.5b cpe:/o:kde:kde:3.1 cpe:/o:kde:kde:3.1.1 cpe:/o:kde:kde:3.1.1a cpe:/o:kde:kde:3.1.2 cpe:/o:kde:kde:3.1.3 CVE-2003-0692 2003-10-06T00:00:00.000-04:00 2017-10-10T21:29:13.010-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS MISC http://cert.uni-stuttgart.de/archive/suse/security/2002/12/msg00101.html CONECTIVA CLA-2003:747 BUGTRAQ 20030916 [KDE SECURITY ADVISORY] KDM vulnerabilities DEBIAN DSA-388 CONFIRM http://www.kde.org/info/security/advisory-20030916-1.txt MANDRAKE MDKSA-2003:091 REDHAT RHSA-2003:270 REDHAT RHSA-2003:288 KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session. cpe:/a:openbsd:openssh:3.7 CVE-2003-0693 2003-09-22T00:00:00.000-04:00 2018-05-02T21:29:22.177-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS FULLDISC 20030915 new ssh exploit? FULLDISC 20030915 openssh remote exploit FULLDISC 20030916 The lowdown on SSH vulnerability BUGTRAQ 20030916 OpenSSH Buffer Management Bug Advisory REDHAT RHSA-2003:279 BUGTRAQ 20030916 [slackware-security] OpenSSH Security Advisory (SSA:2003-259-01) TRUSTIX 2003-0033 BUGTRAQ 20030917 [OpenPKG-SA-2003.040] OpenPKG Security Advisory (openssh) SUNALERT 1000620 CERT CA-2003-24 DEBIAN DSA-382 DEBIAN DSA-383 CERT-VN VU#333628 MANDRAKE MDKSA-2003:090 CONFIRM http://www.openssh.com/txt/buffer.adv REDHAT RHSA-2003:280 XF openssh-packet-bo(13191) A "buffer management error" in buffer_append_space of buffer.c for OpenSSH before 3.7 may allow remote attackers to execute arbitrary code by causing an incorrect amount of memory to be freed and corrupting the heap, a different vulnerability than CVE-2003-0695. cpe:/a:sendmail:advanced_message_server:1.2 cpe:/a:sendmail:advanced_message_server:1.3 cpe:/a:sendmail:sendmail:2.6 cpe:/a:sendmail:sendmail:2.6.1 cpe:/a:sendmail:sendmail:2.6.2 cpe:/a:sendmail:sendmail:3.0 cpe:/a:sendmail:sendmail:3.0.1 cpe:/a:sendmail:sendmail:3.0.2 cpe:/a:sendmail:sendmail:3.0.3 cpe:/a:sendmail:sendmail:8.8.8 cpe:/a:sendmail:sendmail:8.9.0 cpe:/a:sendmail:sendmail:8.9.1 cpe:/a:sendmail:sendmail:8.9.2 cpe:/a:sendmail:sendmail:8.9.3 cpe:/a:sendmail:sendmail:8.10 cpe:/a:sendmail:sendmail:8.10.1 cpe:/a:sendmail:sendmail:8.10.2 cpe:/a:sendmail:sendmail:8.11.0 cpe:/a:sendmail:sendmail:8.11.1 cpe:/a:sendmail:sendmail:8.11.2 cpe:/a:sendmail:sendmail:8.11.3 cpe:/a:sendmail:sendmail:8.11.4 cpe:/a:sendmail:sendmail:8.11.5 cpe:/a:sendmail:sendmail:8.11.6 cpe:/a:sendmail:sendmail:8.12:beta10 cpe:/a:sendmail:sendmail:8.12:beta12 cpe:/a:sendmail:sendmail:8.12:beta16 cpe:/a:sendmail:sendmail:8.12:beta5 cpe:/a:sendmail:sendmail:8.12:beta7 cpe:/a:sendmail:sendmail:8.12.0 cpe:/a:sendmail:sendmail:8.12.1 cpe:/a:sendmail:sendmail:8.12.2 cpe:/a:sendmail:sendmail:8.12.3 cpe:/a:sendmail:sendmail:8.12.4 cpe:/a:sendmail:sendmail:8.12.5 cpe:/a:sendmail:sendmail:8.12.6 cpe:/a:sendmail:sendmail:8.12.7 cpe:/a:sendmail:sendmail:8.12.8 cpe:/a:sendmail:sendmail:8.12.9 cpe:/a:sendmail:sendmail_pro:8.9.2 cpe:/a:sendmail:sendmail_pro:8.9.3 cpe:/a:sendmail:sendmail_switch:2.1 cpe:/a:sendmail:sendmail_switch:2.1.1 cpe:/a:sendmail:sendmail_switch:2.1.2 cpe:/a:sendmail:sendmail_switch:2.1.3 cpe:/a:sendmail:sendmail_switch:2.1.4 cpe:/a:sendmail:sendmail_switch:2.1.5 cpe:/a:sendmail:sendmail_switch:2.2 cpe:/a:sendmail:sendmail_switch:2.2.1 cpe:/a:sendmail:sendmail_switch:2.2.2 cpe:/a:sendmail:sendmail_switch:2.2.3 cpe:/a:sendmail:sendmail_switch:2.2.4 cpe:/a:sendmail:sendmail_switch:2.2.5 cpe:/a:sendmail:sendmail_switch:3.0 cpe:/a:sendmail:sendmail_switch:3.0.1 cpe:/a:sendmail:sendmail_switch:3.0.2 cpe:/a:sendmail:sendmail_switch:3.0.3 cpe:/o:apple:mac_os_x:10.2 cpe:/o:apple:mac_os_x:10.2.1 cpe:/o:apple:mac_os_x:10.2.2 cpe:/o:apple:mac_os_x:10.2.3 cpe:/o:apple:mac_os_x:10.2.4 cpe:/o:apple:mac_os_x:10.2.5 cpe:/o:apple:mac_os_x:10.2.6 cpe:/o:apple:mac_os_x_server:10.2 cpe:/o:apple:mac_os_x_server:10.2.1 cpe:/o:apple:mac_os_x_server:10.2.2 cpe:/o:apple:mac_os_x_server:10.2.3 cpe:/o:apple:mac_os_x_server:10.2.4 cpe:/o:apple:mac_os_x_server:10.2.5 cpe:/o:apple:mac_os_x_server:10.2.6 cpe:/o:compaq:tru64:4.0f cpe:/o:compaq:tru64:4.0f_pk6_bl17 cpe:/o:compaq:tru64:4.0f_pk7_bl18 cpe:/o:compaq:tru64:4.0f_pk8_bl22 cpe:/o:compaq:tru64:4.0g cpe:/o:compaq:tru64:4.0g_pk3_bl17 cpe:/o:compaq:tru64:4.0g_pk4_bl22 cpe:/o:compaq:tru64:5.1 cpe:/o:compaq:tru64:5.1_pk3_bl17 cpe:/o:compaq:tru64:5.1_pk4_bl18 cpe:/o:compaq:tru64:5.1_pk5_bl19 cpe:/o:compaq:tru64:5.1_pk6_bl20 cpe:/o:compaq:tru64:5.1a cpe:/o:compaq:tru64:5.1a_pk1_bl1 cpe:/o:compaq:tru64:5.1a_pk2_bl2 cpe:/o:compaq:tru64:5.1a_pk3_bl3 cpe:/o:compaq:tru64:5.1a_pk4_bl21 cpe:/o:compaq:tru64:5.1a_pk5_bl23 cpe:/o:compaq:tru64:5.1b cpe:/o:compaq:tru64:5.1b_pk1_bl1 cpe:/o:compaq:tru64:5.1b_pk2_bl22 cpe:/o:freebsd:freebsd:3.0:releng cpe:/o:freebsd:freebsd:4.0:releng cpe:/o:freebsd:freebsd:4.3:release_p38 cpe:/o:freebsd:freebsd:4.3:releng cpe:/o:freebsd:freebsd:4.4:release_p42 cpe:/o:freebsd:freebsd:4.4:releng cpe:/o:freebsd:freebsd:4.5:release_p32 cpe:/o:freebsd:freebsd:4.5:releng cpe:/o:freebsd:freebsd:4.6:release_p20 cpe:/o:freebsd:freebsd:4.6:releng cpe:/o:freebsd:freebsd:4.7:release_p17 cpe:/o:freebsd:freebsd:4.7:releng cpe:/o:freebsd:freebsd:4.8:release_p6 cpe:/o:freebsd:freebsd:4.8:releng cpe:/o:freebsd:freebsd:4.9:pre-release cpe:/o:freebsd:freebsd:5.0:release_p14 cpe:/o:freebsd:freebsd:5.0:releng cpe:/o:freebsd:freebsd:5.1:release_p5 cpe:/o:freebsd:freebsd:5.1:releng cpe:/o:gentoo:linux:0.5 cpe:/o:gentoo:linux:0.7 cpe:/o:gentoo:linux:1.1a cpe:/o:gentoo:linux:1.2 cpe:/o:gentoo:linux:1.4:rc1 cpe:/o:gentoo:linux:1.4:rc2 cpe:/o:gentoo:linux:1.4:rc3 cpe:/o:hp:hp-ux:11.00 cpe:/o:hp:hp-ux:11.0.4 cpe:/o:hp:hp-ux:11.11 cpe:/o:hp:hp-ux:11.22 cpe:/o:ibm:aix:4.3.3 cpe:/o:ibm:aix:5.1 cpe:/o:ibm:aix:5.2 cpe:/o:netbsd:netbsd:1.4.3 cpe:/o:netbsd:netbsd:1.5 cpe:/o:netbsd:netbsd:1.5::sh3 cpe:/o:netbsd:netbsd:1.5::x86 cpe:/o:netbsd:netbsd:1.5.1 cpe:/o:netbsd:netbsd:1.5.2 cpe:/o:netbsd:netbsd:1.5.3 cpe:/o:netbsd:netbsd:1.6 cpe:/o:netbsd:netbsd:1.6:beta cpe:/o:netbsd:netbsd:1.6.1 cpe:/o:sgi:irix:6.5.15 cpe:/o:sgi:irix:6.5.16 cpe:/o:sgi:irix:6.5.17f cpe:/o:sgi:irix:6.5.17m cpe:/o:sgi:irix:6.5.18f cpe:/o:sgi:irix:6.5.18m cpe:/o:sgi:irix:6.5.19f cpe:/o:sgi:irix:6.5.19m cpe:/o:sgi:irix:6.5.20f cpe:/o:sgi:irix:6.5.20m cpe:/o:sgi:irix:6.5.21f cpe:/o:sgi:irix:6.5.21m cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0::x86 cpe:/o:sun:sunos:- cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 cpe:/o:turbolinux:turbolinux_advanced_server:6.0 cpe:/o:turbolinux:turbolinux_server:6.1 cpe:/o:turbolinux:turbolinux_server:6.5 cpe:/o:turbolinux:turbolinux_server:7.0 cpe:/o:turbolinux:turbolinux_server:8.0 cpe:/o:turbolinux:turbolinux_workstation:6.0 cpe:/o:turbolinux:turbolinux_workstation:7.0 cpe:/o:turbolinux:turbolinux_workstation:8.0 CVE-2003-0694 2003-10-06T00:00:00.000-04:00 2018-10-30T12:26:22.763-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SCO SCOSA-2004.11 FULLDISC 20030917 Sendmail 8.12.9 prescan bug (a new one) [CAN-2003-0694] VULNWATCH 20030917 Zalewski Advisory - Sendmail 8.12.9 prescan bug CONECTIVA CLA-2003:742 BUGTRAQ 20030917 Sendmail 8.12.9 prescan bug (a new one) [CAN-2003-0694] BUGTRAQ 20030917 [slackware-security] Sendmail vulnerabilities fixed (SSA:2003-260-02) BUGTRAQ 20030917 GLSA: sendmail (200309-13) BUGTRAQ 20030919 [OpenPKG-SA-2003.041] OpenPKG Security Advisory (sendmail) CERT CA-2003-25 DEBIAN DSA-384 CERT-VN VU#784980 MANDRAKE MDKSA-2003:092 REDHAT RHSA-2003:283 REDHAT RHSA-2003:284 CONFIRM http://www.sendmail.org/8.12.10.html The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks, as demonstrated using the parseaddr function in parseaddr.c. cpe:/a:openbsd:openssh:3.7.1 CVE-2003-0695 2003-10-06T00:00:00.000-04:00 2018-05-02T21:29:22.490-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONECTIVA CLA-2003:741 REDHAT RHSA-2003:279 TRUSTIX 2003-0033 BUGTRAQ 20030917 [OpenPKG-SA-2003.040] OpenPKG Security Advisory (openssh) BUGTRAQ 20030917 [slackware-security] OpenSSH updated again (SSA:2003-260-01) MISC http://marc.info/?l=openbsd-security-announce&m=106375582924840 DEBIAN DSA-382 DEBIAN DSA-383 MANDRAKE MDKSA-2003:090 CONFIRM http://www.openssh.com/txt/buffer.adv REDHAT RHSA-2003:280 Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using (1) buffer_init in buffer.c, (2) buffer_free in buffer.c, or (3) a separate function in channels.c, a different vulnerability than CVE-2003-0693. cpe:/o:ibm:aix:5.1 cpe:/o:ibm:aix:5.2 CVE-2003-0696 2004-01-20T00:00:00.000-05:00 2017-07-10T21:29:35.213-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BID 8738 XF aix-sendmail-getipnodebyname-dos(13328) CONFIRM https://techsupport.services.ibm.com/server/pseries.subscriptionSvcs?mode=7&heading=AIX51&topic=SECURITY&month=200310&label=getipnodebyname%28%29+API+does+not+close+sockets.&date=20031001&bulletin=datafile150755&embed=true The getipnodebyname() API in AIX 5.1 and 5.2 does not properly close sockets, which allows attackers to cause a denial of service (resource exhaustion). cpe:/o:ibm:aix:4.3 cpe:/o:ibm:aix:5.1 cpe:/o:ibm:aix:5.2 CVE-2003-0697 2003-10-06T00:00:00.000-04:00 2008-09-10T15:20:12.633-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS CONFIRM http://www-1.ibm.com/services/continuity/recover1.nsf/mss/MSS-OAR-E01-2003.1605.1 AIXAPAR IY45250 AIXAPAR IY45344 AIXAPAR IY46256 Format string vulnerability in lpd in the bos.rte.printers fileset for AIX 4.3 through 5.2, with debug enabled, allows local users to cause a denial of service (crash) or gain root privileges. CVE-2003-0698 2003-12-31T00:00:00.000-05:00 2008-09-10T15:20:13.070-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0743. Reason: This candidate is a duplicate of CVE-2003-0743. Notes: All CVE users should reference CVE-2003-0743 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. cpe:/o:redhat:enterprise_linux:2.1::advanced_server cpe:/o:redhat:linux_advanced_workstation:2.1 CVE-2003-0699 2003-08-27T00:00:00.000-04:00 2017-10-10T21:29:13.073-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS REDHAT RHSA-2003:198 REDHAT RHSA-2003:238 REDHAT RHSA-2003:239 The C-Media PCI sound driver in Linux before 2.4.21 does not use the get_user function to access userspace, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0700. cpe:/a:redhat:kernel:2.4.21 CVE-2003-0700 2004-02-17T00:00:00.000-05:00 2017-10-10T21:29:13.183-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS REDHAT RHSA-2003:238 REDHAT RHSA-2004:044 The C-Media PCI sound driver in Linux before 2.4.22 does not use the get_user function to access userspace in certain conditions, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0699. cpe:/a:microsoft:ie:5.01 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:6.0::windows_server_2003 CVE-2003-0701 2003-08-27T00:00:00.000-04:00 2018-10-12T17:32:58.413-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030820 [SNS Advisory No.68] Internet Explorer Object Type Buffer Overflow in Double-Byte Character Set Environment CERT-VN VU#334928 MS MS03-032 XF ie-dbcs-object-bo(12970) Buffer overflow in Internet Explorer 6 SP1 for certain languages that support double-byte encodings (e.g., Japanese) allows remote attackers to execute arbitrary code via the Type property of an Object tag, a variant of CVE-2003-0344. cpe:/a:iss:realsecure_server_sensor:7.0:xpu20.16 cpe:/a:iss:realsecure_server_sensor:7.0:xpu20.18 CVE-2003-0702 2003-10-20T00:00:00.000-04:00 2017-07-10T21:29:35.337-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030905 ISS Server Sensor Denial of Service MISC http://www.enteredge.com/research/CAN-2003-0702.asp XF realsecure-isapi-dos(13088) Unknown vulnerability in an ISAPI plugin for ISS Server Sensor 7.0 XPU 20.16, 20.18, and possibly other versions before 20.19, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code in Internet Information Server (IIS) via a certain URL through SSL. cpe:/a:kismac:kismac:0.05d CVE-2003-0703 2003-09-17T00:00:00.000-04:00 2017-07-10T21:29:35.400-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS ATSTAKE A082203-1 BID 8497 XF kismac-driverkext-load-modules(13007) XF kismac-exchangekernel-kernel-overwrite(13008) KisMAC before 0.05d trusts user-supplied variables to load arbitrary kernels or kernel modules, which allows local users to gain privileges via the $DRIVER_KEXT environment variable as used in (1) viha_driver.sh, (2) macjack_load.sh, or (3) airojack_load.sh, or (4) via "similar techniques" using exchangeKernel.sh. cpe:/a:kismac:kismac:0.05d CVE-2003-0704 2003-09-17T00:00:00.000-04:00 2017-07-10T21:29:35.463-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS ATSTAKE A082203-1 BID 8497 XF kismac-driverkext-modify-ownership(13006) XF kismac-setuid-modify-ownership(13009) XF kismac-viha-gain-privileges(13010) KisMAC before 0.05d trusts user-supplied variables when chown'ing files or directories, which allows local users to gain privileges via the $DRIVER_KEXT environment variable in (1) viha_driver.sh, (2) macjack_load.sh, (3) airojack_load.sh, (4) setuid_enable.sh, (5) setuid_disable.sh, and using a "similar technique" for (6) viha_prep.sh and (7) viha_unprep.sh. cpe:/a:nicolas_boullis:mah-jong:1.4 CVE-2003-0705 2003-09-17T00:00:00.000-04:00 2008-09-10T15:20:13.930-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS DEBIAN DSA-378 Buffer overflow in mah-jong 1.5.6 and earlier allows remote attackers to execute arbitrary code. cpe:/a:nicolas_boullis:mah-jong:1.4 CVE-2003-0706 2003-09-17T00:00:00.000-04:00 2008-09-10T15:20:13.993-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 DEBIAN DSA-378 Unknown vulnerability in mah-jong 1.5.6 and earlier allows remote attackers to cause a denial of service (tight loop). cpe:/a:tomi_manninen:linuxnode:0.3.2 CVE-2003-0707 2003-10-20T00:00:00.000-04:00 2008-09-05T16:35:02.360-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_USER_ACCESS DEBIAN DSA-375 Buffer overflow in LinuxNode (node) before 0.3.2 allows remote attackers to execute arbitrary code. cpe:/a:tomi_manninen:linuxnode:0.3.2 CVE-2003-0708 2003-10-20T00:00:00.000-04:00 2008-09-05T16:35:02.517-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_USER_ACCESS DEBIAN DSA-375 Format string vulnerability in LinuxNode (node) before 0.3.2 may allow attackers to cause a denial of service or execute arbitrary code. cpe:/a:whois:whois:4.5.7 cpe:/a:whois:whois:4.6.6 CVE-2003-0709 2003-10-20T00:00:00.000-04:00 2008-09-10T15:20:14.210-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS MISC http://www.zone-h.org/en/advisories/read/id=2925/ Buffer overflow in the whois client, which is not setuid but is sometimes called from within CGI programs, may allow remote attackers to execute arbitrary code via a long command line option. cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2000::sp1 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 cpe:/o:microsoft:windows_2000::sp4 cpe:/o:microsoft:windows_2003_server:enterprise::64-bit cpe:/o:microsoft:windows_2003_server:enterprise_64-bit cpe:/o:microsoft:windows_2003_server:r2::64-bit cpe:/o:microsoft:windows_2003_server:r2::datacenter_64-bit cpe:/o:microsoft:windows_2003_server:standard::64-bit cpe:/o:microsoft:windows_2003_server:web cpe:/o:microsoft:windows_me cpe:/o:microsoft:windows_nt:4.0::enterprise_server cpe:/o:microsoft:windows_nt:4.0::server cpe:/o:microsoft:windows_nt:4.0::terminal_server cpe:/o:microsoft:windows_nt:4.0::workstation cpe:/o:microsoft:windows_nt:4.0:sp1:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp1:server cpe:/o:microsoft:windows_nt:4.0:sp1:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp1:workstation cpe:/o:microsoft:windows_nt:4.0:sp2:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp2:server cpe:/o:microsoft:windows_nt:4.0:sp2:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp2:workstation cpe:/o:microsoft:windows_nt:4.0:sp3:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp3:server cpe:/o:microsoft:windows_nt:4.0:sp3:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp3:workstation cpe:/o:microsoft:windows_nt:4.0:sp4:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp4:server cpe:/o:microsoft:windows_nt:4.0:sp4:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp4:workstation cpe:/o:microsoft:windows_nt:4.0:sp5:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp5:server cpe:/o:microsoft:windows_nt:4.0:sp5:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp5:workstation cpe:/o:microsoft:windows_nt:4.0:sp6:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6:server cpe:/o:microsoft:windows_nt:4.0:sp6:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6:workstation cpe:/o:microsoft:windows_nt:4.0:sp6a:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6a:server cpe:/o:microsoft:windows_nt:4.0:sp6a:workstation cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_xp::sp1:home CVE-2003-0711 2003-11-17T00:00:00.000-05:00 2019-04-30T10:27:13.913-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20031016 Microsoft PCHealth 2003/XP Buffer Overflow (#NISR15102003) NTBUGTRAQ 20031016 Microsoft PCHealth 2003/XP Buffer Overflow (#NISR15102003) CERT CA-2003-27 CERT-VN VU#467036 MISC http://www.ngssoftware.com/advisories/ms-pchealth.txt BID 8828 MS MS03-044 Stack-based buffer overflow in the PCHealth system in the Help and Support Center function in Windows XP and Windows Server 2003 allows remote attackers to execute arbitrary code via a long query in an HCP URL. cpe:/a:microsoft:exchange_server:5.5 cpe:/a:microsoft:exchange_server:5.5:sp1 cpe:/a:microsoft:exchange_server:5.5:sp2 cpe:/a:microsoft:exchange_server:5.5:sp3 cpe:/a:microsoft:exchange_server:5.5:sp4 CVE-2003-0712 2003-11-17T00:00:00.000-05:00 2018-10-12T17:33:00.570-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20031016 Vulnerability in Exchange Server 5.5 Outlook Web Access Could Allow CERT CA-2003-27 CERT-VN VU#435444 BID 8832 MS MS03-047 Cross-site scripting (XSS) vulnerability in the HTML encoding for the Compose New Message form in Microsoft Exchange Server 5.5 Outlook Web Access (OWA) allows remote attackers to execute arbitrary web script. cpe:/a:microsoft:exchange_server:5.5 cpe:/a:microsoft:exchange_server:5.5:sp1 cpe:/a:microsoft:exchange_server:5.5:sp2 cpe:/a:microsoft:exchange_server:5.5:sp3 cpe:/a:microsoft:exchange_server:5.5:sp4 cpe:/a:microsoft:exchange_server:2000 cpe:/a:microsoft:exchange_server:2000:sp1 cpe:/a:microsoft:exchange_server:2000:sp2 cpe:/a:microsoft:exchange_server:2000:sp3 CVE-2003-0714 2003-11-17T00:00:00.000-05:00 2018-10-12T17:33:01.070-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20031022 MS03-046 Microsoft Exchange 2000 Heap Overflow CERT CA-2003-27 CERT-VN VU#422156 BID 8838 MS MS03-046 The Internet Mail Service in Exchange Server 5.5 and Exchange 2000 allows remote attackers to cause a denial of service (memory exhaustion) by directly connecting to the SMTP service and sending a certain extended verb request, possibly triggering a buffer overflow in Exchange 2000. cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2000::sp1 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 cpe:/o:microsoft:windows_2000::sp4 cpe:/o:microsoft:windows_2003_server:enterprise::64-bit cpe:/o:microsoft:windows_2003_server:enterprise_64-bit cpe:/o:microsoft:windows_2003_server:r2::64-bit cpe:/o:microsoft:windows_2003_server:r2::datacenter_64-bit cpe:/o:microsoft:windows_2003_server:standard::64-bit cpe:/o:microsoft:windows_2003_server:web cpe:/o:microsoft:windows_nt:4.0::enterprise_server cpe:/o:microsoft:windows_nt:4.0::server cpe:/o:microsoft:windows_nt:4.0::terminal_server cpe:/o:microsoft:windows_nt:4.0::workstation cpe:/o:microsoft:windows_nt:4.0:sp1:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp1:server cpe:/o:microsoft:windows_nt:4.0:sp1:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp1:workstation cpe:/o:microsoft:windows_nt:4.0:sp2:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp2:server cpe:/o:microsoft:windows_nt:4.0:sp2:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp2:workstation cpe:/o:microsoft:windows_nt:4.0:sp3:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp3:server cpe:/o:microsoft:windows_nt:4.0:sp3:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp3:workstation cpe:/o:microsoft:windows_nt:4.0:sp4:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp4:server cpe:/o:microsoft:windows_nt:4.0:sp4:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp4:workstation cpe:/o:microsoft:windows_nt:4.0:sp5:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp5:server cpe:/o:microsoft:windows_nt:4.0:sp5:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp5:workstation cpe:/o:microsoft:windows_nt:4.0:sp6:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6:server cpe:/o:microsoft:windows_nt:4.0:sp6:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6:workstation cpe:/o:microsoft:windows_nt:4.0:sp6a:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6a:server cpe:/o:microsoft:windows_nt:4.0:sp6a:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6a:workstation cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_xp::sp1:home CVE-2003-0715 2003-09-17T00:00:00.000-04:00 2019-04-30T10:27:13.913-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030910 EEYE: Microsoft RPC Heap Corruption Vulnerability - Part II CERT CA-2003-23 CERT-VN VU#483492 MS MS03-039 Heap-based buffer overflow in the Distributed Component Object Model (DCOM) interface in the RPCSS Service allows remote attackers to execute arbitrary code via a malformed DCERPC DCOM object activation request packet with modified length fields, a different vulnerability than CVE-2003-0352 (Blaster/Nachi) and CVE-2003-0528. cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2000::sp1 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 cpe:/o:microsoft:windows_2000::sp4 cpe:/o:microsoft:windows_2003_server:enterprise::64-bit cpe:/o:microsoft:windows_2003_server:enterprise_64-bit cpe:/o:microsoft:windows_2003_server:r2::64-bit cpe:/o:microsoft:windows_2003_server:r2::datacenter_64-bit cpe:/o:microsoft:windows_2003_server:standard::64-bit cpe:/o:microsoft:windows_2003_server:web cpe:/o:microsoft:windows_me cpe:/o:microsoft:windows_nt:4.0::enterprise_server cpe:/o:microsoft:windows_nt:4.0::server cpe:/o:microsoft:windows_nt:4.0::terminal_server cpe:/o:microsoft:windows_nt:4.0::workstation cpe:/o:microsoft:windows_nt:4.0:sp1:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp1:server cpe:/o:microsoft:windows_nt:4.0:sp1:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp1:workstation cpe:/o:microsoft:windows_nt:4.0:sp2:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp2:server cpe:/o:microsoft:windows_nt:4.0:sp2:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp2:workstation cpe:/o:microsoft:windows_nt:4.0:sp3:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp3:server cpe:/o:microsoft:windows_nt:4.0:sp3:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp3:workstation cpe:/o:microsoft:windows_nt:4.0:sp4:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp4:server cpe:/o:microsoft:windows_nt:4.0:sp4:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp4:workstation cpe:/o:microsoft:windows_nt:4.0:sp5:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp5:server cpe:/o:microsoft:windows_nt:4.0:sp5:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp5:workstation cpe:/o:microsoft:windows_nt:4.0:sp6:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6:server cpe:/o:microsoft:windows_nt:4.0:sp6:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6:workstation cpe:/o:microsoft:windows_nt:4.0:sp6a:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6a:server cpe:/o:microsoft:windows_nt:4.0:sp6a:workstation cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_xp::sp1:home CVE-2003-0717 2003-11-17T00:00:00.000-05:00 2019-04-30T10:27:13.913-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20031018 Proof of concept for Windows Messenger Service overflow BUGTRAQ 20031016 MS03-043 Popup Messenger Servce buffer-overflow CERT CA-2003-27 CERT-VN VU#575892 BID 8826 MS MS03-043 The Messenger Service for Windows NT through Server 2003 does not properly verify the length of the message, which allows remote attackers to execute arbitrary code via a buffer overflow attack. cpe:/a:microsoft:internet_information_server:5.1 cpe:/a:microsoft:internet_information_server:6.0 cpe:/a:microsoft:internet_information_services:5.0 CVE-2003-0718 2004-11-03T00:00:00.000-05:00 2018-10-30T12:25:10.357-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20041012 Microsoft IIS 5.x/6.0 WebDAV (XML parser) attribute blowup DoS MS MS04-030 XF iis-webdav-xml-attribute-dos(17645) XF iis-ms04030-patch(17656) The WebDAV Message Handler for Internet Information Services (IIS) 5.0, 5.1, and 6.0 allows remote attackers to cause a denial of service (memory and CPU exhaustion, application crash) via a PROPFIND request with an XML message containing XML elements with a large number of attributes. cpe:/a:microsoft:netmeeting cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp4::fr cpe:/o:microsoft:windows_2003_server:r2 cpe:/o:microsoft:windows_98::gold cpe:/o:microsoft:windows_me cpe:/o:microsoft:windows_nt:4.0:sp6a cpe:/o:microsoft:windows_xp::sp1:tablet_pc CVE-2003-0719 2004-06-01T00:00:00.000-04:00 2018-10-12T17:33:05.117-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CERT-VN VU#586540 BUGTRAQ 20040430 A technical description of the SSL PCT vulnerability (CVE-2003-0719) CERT TA04-104A ISS 20040413 Microsoft SSL Library Remote Compromise Vulnerability MS MS04-011 Buffer overflow in the Private Communications Transport (PCT) protocol implementation in the Microsoft SSL library, as used in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via PCT 1.0 handshake packets. cpe:/a:university_of_washington:pine:3.98 cpe:/a:university_of_washington:pine:4.0.2 cpe:/a:university_of_washington:pine:4.0.4 cpe:/a:university_of_washington:pine:4.10 cpe:/a:university_of_washington:pine:4.20 cpe:/a:university_of_washington:pine:4.21 cpe:/a:university_of_washington:pine:4.30 cpe:/a:university_of_washington:pine:4.33 cpe:/a:university_of_washington:pine:4.44 cpe:/a:university_of_washington:pine:4.50 cpe:/a:university_of_washington:pine:4.52 cpe:/a:university_of_washington:pine:4.53 cpe:/a:university_of_washington:pine:4.56 CVE-2003-0720 2003-09-17T00:00:00.000-04:00 2018-05-02T21:29:22.600-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030910 iDEFENSE Security Advisory 09.10.03: Two Exploitable Overflows in PINE BUGTRAQ 20030910 iDEFENSE Security Advisory 09.10.03: Two Exploitable Overflows in PINE BUGTRAQ 20030911 [slackware-security] security issues in pine (SSA:2003-253-01) MISC http://www.idefense.com/advisory/09.10.03.txt REDHAT RHSA-2003:273 REDHAT RHSA-2003:274 Buffer overflow in PINE before 4.58 allows remote attackers to execute arbitrary code via a malformed message/external-body MIME type. cpe:/a:university_of_washington:pine:3.98 cpe:/a:university_of_washington:pine:4.0.2 cpe:/a:university_of_washington:pine:4.0.4 cpe:/a:university_of_washington:pine:4.10 cpe:/a:university_of_washington:pine:4.20 cpe:/a:university_of_washington:pine:4.21 cpe:/a:university_of_washington:pine:4.30 cpe:/a:university_of_washington:pine:4.33 cpe:/a:university_of_washington:pine:4.44 cpe:/a:university_of_washington:pine:4.50 cpe:/a:university_of_washington:pine:4.52 cpe:/a:university_of_washington:pine:4.53 cpe:/a:university_of_washington:pine:4.56 CVE-2003-0721 2003-09-17T00:00:00.000-04:00 2018-05-02T21:29:22.693-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS FULLDISC 20030911 Pine: .procmailrc rule against integer overflow BUGTRAQ 20030911 [slackware-security] security issues in pine (SSA:2003-253-01) BUGTRAQ 20030915 remote Pine <= 4.56 exploit fully automatic IDEFENSE 20030910 Two Exploitable Overflows in PINE REDHAT RHSA-2003:273 REDHAT RHSA-2003:274 Integer signedness error in rfc2231_get_param from strings.c in PINE before 4.58 allows remote attackers to execute arbitrary code via an email that causes an out-of-bounds array access using a negative number. cpe:/o:sun:solaris CVE-2003-0722 2003-09-22T00:00:00.000-04:00 2017-10-10T21:29:13.730-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20030918 Solaris SADMIND Exploitation BUGTRAQ 20030918 Solaris SADMIND Exploitation SUNALERT 56740 CIAC N-148 MISC http://www.idefense.com/advisory/09.16.03.txt CERT-VN VU#41870 BID 8615 The default installation of sadmind on Solaris uses weak authentication (AUTH_SYS), which allows local and remote attackers to spoof Solstice AdminSuite clients and gain root privileges via a certain sequence of RPC packets. cpe:/a:gkrellm:gkrellm:2.1.7 cpe:/a:gkrellm:gkrellm:2.1.13 CVE-2003-0723 2003-10-20T00:00:00.000-04:00 2008-09-10T15:20:15.633-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS MANDRAKE MDKSA-2003:087 Buffer overflow in gkrellmd for gkrellm 2.1.x before 2.1.14 may allow remote attackers to execute arbitrary code. cpe:/o:compaq:tru64:5.1a cpe:/o:compaq:tru64:5.1a_pk1_bl1 cpe:/o:compaq:tru64:5.1a_pk2_bl2 cpe:/o:compaq:tru64:5.1a_pk3_bl3 cpe:/o:compaq:tru64:5.1a_pk4_bl21 cpe:/o:compaq:tru64:5.1a_pk5_bl23 cpe:/o:compaq:tru64:5.1b_pk2_bl22 CVE-2003-0724 2003-10-20T00:00:00.000-04:00 2008-09-05T16:35:05.140-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS HP SSRT3588 BID 8492 ssh on HP Tru64 UNIX 5.1B and 5.1A does not properly handle RSA signatures when digital certificates and RSA keys are used, which could allow local and remote attackers to gain privileges. cpe:/a:realnetworks:helix_universal_server:8.0.1 cpe:/a:realnetworks:helix_universal_server:9.0 cpe:/a:realnetworks:helix_universal_server:9.0.1 cpe:/a:realnetworks:helix_universal_server:9.0.2.794 cpe:/a:realnetworks:realserver:7.0 cpe:/a:realnetworks:realserver:7.0.1 cpe:/a:realnetworks:realserver:7.0.2 cpe:/a:realnetworks:realserver:8.0 cpe:/a:realnetworks:realserver:8.0.1 cpe:/a:realnetworks:realserver:8.0.2 cpe:/a:realnetworks:realserver:8.0_beta cpe:/a:realnetworks:realserver:g2_1.0 CVE-2003-0725 2003-10-20T00:00:00.000-04:00 2008-09-05T16:35:05.313-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_USER_ACCESS VULNWATCH 20030825 New Bug in RealServer MISC http://lists.immunitysec.com/pipermail/dailydave/2003-August/000030.html CERT-VN VU#934932 BID 8476 CONFIRM http://www.service.real.com/help/faq/security/rootexploit082203.html Buffer overflow in the RTSP protocol parser for the View Source plug-in (vsrcplin.so or vsrcplin3260.dll) for RealNetworks Helix Universal Server 9 and RealSystem Server 8, 7 and RealServer G2 allows remote attackers to execute arbitrary code. cpe:/a:realnetworks:realone_desktop_manager cpe:/a:realnetworks:realone_enterprise_desktop:6.0.11.774 cpe:/a:realnetworks:realone_player:2.0 cpe:/a:realnetworks:realone_player:6.0.10.505:gold cpe:/a:realnetworks:realone_player:6.0.11.818 cpe:/a:realnetworks:realone_player:6.0.11.830 cpe:/a:realnetworks:realone_player:6.0.11.841 cpe:/a:realnetworks:realone_player:6.0.11.853 CVE-2003-0726 2003-10-20T00:00:00.000-04:00 2017-07-10T21:29:35.603-04:00 5.1 NETWORK HIGH NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS SECTRACK 1007532 MISC http://www.digitalpranksters.com/advisories/realnetworks/smilscriptprotocol.html BUGTRAQ 20030827 RealOne Player Allows Cross Zone and Domain Access BID 8453 CONFIRM http://www.service.real.com/help/faq/security/securityupdate_august2003.html XF realone-smil-execute-code(13028) RealOne player allows remote attackers to execute arbitrary script in the "My Computer" zone via a SMIL presentation with a URL that references a scripting protocol, which is executed in the security context of the previously loaded URL, as demonstrated using a "javascript:" URL in the area tag. cpe:/a:oracle:database_server CVE-2003-0727 2003-10-20T00:00:00.000-04:00 2017-09-27T21:29:00.293-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONFIRM http://otn.oracle.com/deploy/security/pdf/2003Alert58.pdf EXPLOIT-DB 42780 Multiple buffer overflows in the XML Database (XDB) functionality for Oracle 9i Database Release 2 allow local users to cause a denial of service or hijack user sessions. cpe:/a:horde:horde:2.2.4 CVE-2003-0728 2003-10-20T00:00:00.000-04:00 2016-10-17T22:36:56.207-04:00 6.4 NETWORK LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030813 PCL-0001: Remote Vulnerability in HORDE MTA < 2.2.4 BUGTRAQ 20030901 GLSA: horde (200309-02) Horde before 2.2.4 allows remote malicious web sites to steal session IDs and read or create arbitrary email by stealing the ID from a referrer URL. cpe:/a:tellurian:tftpdnt:1.8 cpe:/a:tellurian:tftpdnt:2.0 CVE-2003-0729 2003-10-20T00:00:00.000-04:00 2016-10-17T22:36:57.377-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030901 Security Vulnerability in Tellurian TftpdNT (Long Filename) BUGTRAQ 20030901 Security Vulnerability in Tellurian TftpdNT (Long Filename) MISC http://www.securiteam.com/windowsntfocus/5RP0M1PAUM.html Buffer overflow in Tellurian TftpdNT 1.8 allows remote attackers to execute arbitrary code via a TFTP request with a long filename. cpe:/a:xfree86_project:x11r6:4.2.1 cpe:/a:xfree86_project:x11r6:4.3.0 cpe:/o:netbsd:netbsd:1.5 cpe:/o:netbsd:netbsd:1.5.1 cpe:/o:netbsd:netbsd:1.5.2 cpe:/o:netbsd:netbsd:1.5.3 cpe:/o:netbsd:netbsd:1.6 cpe:/o:netbsd:netbsd:1.6.1 CVE-2003-0730 2003-10-20T00:00:00.000-04:00 2016-10-17T22:36:58.597-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS NETBSD NetBSD-SA2003-015 SGI 20031101-01-U CONECTIVA CLA-2004:821 BUGTRAQ 20030830 Multiple integer overflows in XFree86 (local/remote) SUNALERT 102803 CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2007-074.htm DEBIAN DSA-380 MANDRAKE MDKSA-2003:089 REDHAT RHSA-2003:286 REDHAT RHSA-2003:287 REDHAT RHSA-2003:288 REDHAT RHSA-2003:289 BID 8514 VUPEN ADV-2007-0589 Multiple integer overflows in the font libraries for XFree86 4.3.0 allow local or remote attackers to cause a denial of service or execute arbitrary code via heap-based and stack-based buffer overflow attacks. cpe:/a:cisco:ciscoworks_common_management_foundation:2.0 cpe:/a:cisco:ciscoworks_common_management_foundation:2.1 cpe:/a:cisco:resource_manager:1.0 cpe:/a:cisco:resource_manager:1.1 cpe:/a:cisco:resource_manager_essentials:2.0 cpe:/a:cisco:resource_manager_essentials:2.1 cpe:/a:cisco:resource_manager_essentials:2.2 cpe:/o:cisco:ciscoworks_cd1:1st cpe:/o:cisco:ciscoworks_cd1:2nd cpe:/o:cisco:ciscoworks_cd1:3rd cpe:/o:cisco:ciscoworks_cd1:4th cpe:/o:cisco:ciscoworks_cd1:5th CVE-2003-0731 2003-10-20T00:00:00.000-04:00 2008-09-10T15:20:19.413-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS CISCO 20030813 CiscoWorks Application Vulnerabilities BUGTRAQ 20030813 Portcullis Security Advisory: CiscoWorks 2000 Privilege Escalation Vulnerabilities CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to gain administrative privileges via a certain POST request to com.cisco.nm.cmf.servlet.CsAuthServlet, possibly involving the "cmd" parameter with a modifyUser value and a modified "priviledges" parameter. cpe:/a:cisco:ciscoworks_common_management_foundation:2.0 cpe:/a:cisco:ciscoworks_common_management_foundation:2.1 cpe:/a:cisco:resource_manager:1.0 cpe:/a:cisco:resource_manager:1.1 cpe:/a:cisco:resource_manager_essentials:2.0 cpe:/a:cisco:resource_manager_essentials:2.1 cpe:/a:cisco:resource_manager_essentials:2.2 cpe:/o:cisco:ciscoworks_cd1:1st cpe:/o:cisco:ciscoworks_cd1:2nd cpe:/o:cisco:ciscoworks_cd1:3rd cpe:/o:cisco:ciscoworks_cd1:4th cpe:/o:cisco:ciscoworks_cd1:5th CVE-2003-0732 2003-10-20T00:00:00.000-04:00 2008-09-05T16:35:06.547-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS CISCO 20030813 CiscoWorks Application Vulnerabilities BUGTRAQ 20030813 Portcullis Security Advisory: CiscoWorks 2000 Privilege Escalation Vulnerabilities CiscoWorks Common Management Foundation (CMF) 2.1 and earlier allows the guest user to obtain restricted information and possibly gain administrative privileges by changing the "guest" user to the Admin user on the Modify or delete users pages. cpe:/a:bea:liquid_data:1.1 cpe:/a:bea:weblogic_integration:2.0 cpe:/a:bea:weblogic_integration:7.0 cpe:/a:bea:weblogic_server:5.1 cpe:/a:bea:weblogic_server:7.0::express CVE-2003-0733 2003-10-20T00:00:00.000-04:00 2008-09-05T16:35:06.717-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS CONFIRM http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/SA_BEA03_36.00.jsp BID 8357 Multiple cross-site scripting (XSS) vulnerabilities in WebLogic Integration 7.0 and 2.0, Liquid Data 1.1, and WebLogic Server and Express 5.1 through 7.0, allow remote attackers to execute arbitrary web script and steal authentication credentials via (1) a forward instruction to the Servlet container or (2) other vulnerabilities in the WebLogic Server console application. cpe:/a:padl_software:pam_ldap:162 CVE-2003-0734 2003-10-20T00:00:00.000-04:00 2008-09-10T15:20:19.617-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS MANDRAKE MDKSA-2003:088 Unknown vulnerability in the pam_filter mechanism in pam_ldap before version 162, when LDAP based authentication is being used, allows users to bypass host-based access restrictions and log onto the system. cpe:/a:phpwebsite:phpwebsite:0.9.0 CVE-2003-0735 2003-10-20T00:00:00.000-04:00 2016-10-17T22:36:59.893-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030810 phpWebSite SQL Injection & DoS & XSS Vulnerabilities BUGTRAQ 20030902 GLSA: phpwebsite (200309-03) CERT-VN VU#925166 SQL injection vulnerability in the Calendar module of phpWebSite 0.9.x and earlier allows remote attackers to execute arbitrary SQL queries, as demonstrated using the year parameter. cpe:/a:phpwebsite:phpwebsite:0.9.0 CVE-2003-0736 2003-10-20T00:00:00.000-04:00 2016-10-17T22:37:01.267-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030810 phpWebSite SQL Injection & DoS & XSS Vulnerabilities BUGTRAQ 20030902 GLSA: phpwebsite (200309-03) CERT-VN VU#664422 Multiple cross-site scripting (XSS) vulnerabilities in phpWebSite 0.9.x and earlier allow remote attackers to execute arbitrary web script via (1) the day parameter in the calendar module, (2) the fatcat_id parameter in the fatcat module, (3) the PAGE_id parameter in the pagemaster module, (4) the PDA_limit parameter in the search, and (5) possibly other parameters in the calendar, fatcat, and pagemaster modules. cpe:/a:phpwebsite:phpwebsite:0.9.0 CVE-2003-0737 2003-10-20T00:00:00.000-04:00 2016-10-17T22:37:02.363-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030810 phpWebSite SQL Injection & DoS & XSS Vulnerabilities BUGTRAQ 20030902 GLSA: phpwebsite (200309-03) The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to obtain the full pathname of phpWebSite via an invalid year, which generates an error from localtime() in TimeZone.php of the Pear library. cpe:/a:phpwebsite:phpwebsite:0.9.0 CVE-2003-0738 2003-10-20T00:00:00.000-04:00 2016-10-17T22:37:03.580-04:00 7.8 NETWORK LOW NONE NONE NONE COMPLETE http://nvd.nist.gov BUGTRAQ 20030810 phpWebSite SQL Injection & DoS & XSS Vulnerabilities BUGTRAQ 20030902 GLSA: phpwebsite (200309-03) The calendar module in phpWebSite 0.9.x and earlier allows remote attackers to cause a denial of service (crash) via a long year parameter. cpe:/a:vmware:workstation:4.0.1_build_5289 CVE-2003-0739 2003-10-20T00:00:00.000-04:00 2016-10-17T22:37:04.787-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030807 VMware Workstation 4.0.1 (for Linux systems) vulnerability CONFIRM http://www.vmware.com/support/kb/enduser/std_adp.php?p_faqid=1106 VMware Workstation 4.0.1 for Linux, build 5289 and earlier, allows local users to delete arbitrary files via a symlink attack. cpe:/a:stunnel:stunnel:3.3 cpe:/a:stunnel:stunnel:3.4a cpe:/a:stunnel:stunnel:3.7 cpe:/a:stunnel:stunnel:3.8 cpe:/a:stunnel:stunnel:3.9 cpe:/a:stunnel:stunnel:3.10 cpe:/a:stunnel:stunnel:3.11 cpe:/a:stunnel:stunnel:3.12 cpe:/a:stunnel:stunnel:3.13 cpe:/a:stunnel:stunnel:3.14 cpe:/a:stunnel:stunnel:3.15 cpe:/a:stunnel:stunnel:3.16 cpe:/a:stunnel:stunnel:3.17 cpe:/a:stunnel:stunnel:3.18 cpe:/a:stunnel:stunnel:3.19 cpe:/a:stunnel:stunnel:3.20 cpe:/a:stunnel:stunnel:3.21 cpe:/a:stunnel:stunnel:3.21a cpe:/a:stunnel:stunnel:3.21b cpe:/a:stunnel:stunnel:3.21c cpe:/a:stunnel:stunnel:3.22 cpe:/a:stunnel:stunnel:3.24 cpe:/a:stunnel:stunnel:4.0 CVE-2003-0740 2003-10-20T00:00:00.000-04:00 2016-10-17T22:37:06.113-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONECTIVA CLA-2003:736 BUGTRAQ 20030903 Stunnel-3.x Daemon Hijacking MANDRAKE MDKSA-2003:108 REDHAT RHSA-2003:297 Stunnel 4.00, and 3.24 and earlier, leaks a privileged file descriptor returned by listen(), which allows local users to hijack the Stunnel server. CVE-2003-0741 2017-05-11T10:29:00.993-04:00 2017-05-11T10:29:01.010-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. cpe:/o:sco:openserver:5.0.5 cpe:/o:sco:openserver:5.0.6 cpe:/o:sco:openserver:5.0.7 CVE-2003-0742 2003-10-06T00:00:00.000-04:00 2008-09-10T15:20:20.103-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS SCO Internet Manager (mana) allows local users to execute arbitrary programs by setting the REMOTE_ADDR environment variable to cause menu.mana to run as if it were called from ncsa_httpd, then modifying the PATH environment variable to point to a malicious "hostname" program. cpe:/a:university_of_cambridge:exim:3.0 cpe:/a:university_of_cambridge:exim:3.3 cpe:/a:university_of_cambridge:exim:3.3.1 cpe:/a:university_of_cambridge:exim:3.3.2 cpe:/a:university_of_cambridge:exim:3.11 cpe:/a:university_of_cambridge:exim:3.12 cpe:/a:university_of_cambridge:exim:3.13 cpe:/a:university_of_cambridge:exim:3.14 cpe:/a:university_of_cambridge:exim:3.15 cpe:/a:university_of_cambridge:exim:3.16 cpe:/a:university_of_cambridge:exim:3.17 cpe:/a:university_of_cambridge:exim:3.18 cpe:/a:university_of_cambridge:exim:3.19 cpe:/a:university_of_cambridge:exim:3.20 cpe:/a:university_of_cambridge:exim:3.21 cpe:/a:university_of_cambridge:exim:3.22 cpe:/a:university_of_cambridge:exim:3.30 cpe:/a:university_of_cambridge:exim:3.31 cpe:/a:university_of_cambridge:exim:3.32 cpe:/a:university_of_cambridge:exim:3.33 cpe:/a:university_of_cambridge:exim:3.34 cpe:/a:university_of_cambridge:exim:3.35 cpe:/a:university_of_cambridge:exim:3.36 cpe:/a:university_of_cambridge:exim:4.10 cpe:/a:university_of_cambridge:exim:4.20 CVE-2003-0743 2003-10-20T00:00:00.000-04:00 2016-10-17T22:37:07.410-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONECTIVA CLA-2003:735 BUGTRAQ 20030901 exim remote heap overflow, probably not exploitable VULN-DEV 20030903 Re: exim remote heap overflow, probably not exploitable CONFIRM http://packages.debian.org/changelogs/pool/main/e/exim/exim_3.36-13/changelog CONFIRM http://packages.debian.org/changelogs/pool/main/e/exim4/exim4_4.34-10/changelog DEBIAN DSA-376 CONFIRM http://www.exim.org/pipermail/exim-announce/2003q3/000094.html MLIST [Exim] 20030814 Minor security bug MLIST [Exim] 20030815 Minor security bug Heap-based buffer overflow in smtp_in.c for Exim 3 (exim3) before 3.36 and Exim 4 (exim4) before 4.21 may allow remote attackers to execute arbitrary code via an invalid (1) HELO or (2) EHLO argument with a large number of spaces followed by a NULL character and a newline, which is not properly trimmed before the "(no argument given)" string is appended to the buffer. cpe:/a:leafnode:leafnode:1.9.19 cpe:/a:leafnode:leafnode:1.9.20 cpe:/a:leafnode:leafnode:1.9.21 cpe:/a:leafnode:leafnode:1.9.22 cpe:/a:leafnode:leafnode:1.9.23 cpe:/a:leafnode:leafnode:1.9.24 cpe:/a:leafnode:leafnode:1.9.25 cpe:/a:leafnode:leafnode:1.9.26 cpe:/a:leafnode:leafnode:1.9.27 cpe:/a:leafnode:leafnode:1.9.29 cpe:/a:leafnode:leafnode:1.9.30 cpe:/a:leafnode:leafnode:1.9.31 cpe:/a:leafnode:leafnode:1.9.35 cpe:/a:leafnode:leafnode:1.9.36 cpe:/a:leafnode:leafnode:1.9.37 cpe:/a:leafnode:leafnode:1.9.38 cpe:/a:leafnode:leafnode:1.9.39 cpe:/a:leafnode:leafnode:1.9.40 cpe:/a:leafnode:leafnode:1.9.41 CVE-2003-0744 2003-10-20T00:00:00.000-04:00 2016-10-17T22:37:08.943-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov VULNWATCH 20030903 leafnode 1.9.3 - 1.9.41 security announcement SA-2003-01 CONFIRM http://leafnode.sourceforge.net/leafnode-SA-2003-01.txt BUGTRAQ 20030904 leafnode 1.9.3 - 1.9.41 security announcement SA-2003-01 BID 8541 The fetchnews NNTP client in leafnode 1.9.3 to 1.9.41 allows remote attackers to cause a denial of service (process hang and termination) via certain malformed Usenet news articles that cause fetchnews to hang while waiting for input. cpe:/a:castle_rock_computing:snmpc:5.1 cpe:/a:castle_rock_computing:snmpc:6.0 cpe:/a:castle_rock_computing:snmpc:6.0.5 cpe:/a:castle_rock_computing:snmpc:6.0.8 CVE-2003-0745 2003-10-20T00:00:00.000-04:00 2008-09-10T15:20:20.913-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS BUGTRAQ 20030825 SNMPc v5 and v6 remote vulnerability SNMPc 6.0.8 and earlier performs authentication to the server on the client side, which allows remote attackers to gain privileges by decrypting the password that is returned by the server. cpe:/a:hp:openview CVE-2003-0746 2003-10-20T00:00:00.000-04:00 2008-09-05T16:35:08.750-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 SGI 20030902-01-P HP HPSBUX0308-274 CERT-VN VU#377804 Various Distributed Computing Environment (DCE) implementations, including HP OpenView, allow remote attackers to cause a denial of service (process hang or termination) via certain malformed inputs, as triggered by attempted exploits against the vulnerabilities CVE-2003-0352 or CVE-2003-0605, such as the Blaster/MSblast/LovSAN worm. cpe:/a:sap:internet_transaction_server:4620.2.0.323011 CVE-2003-0747 2003-10-20T00:00:00.000-04:00 2017-07-10T21:29:35.667-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030830 SAP Internet Transaction Server BID 8515 XF its-wgatedll-information-disclosure(13063) wgate.dll in SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to obtain potentially sensitive information such as directory structure and operating system via incorrect parameters (1) ~service, (2) ~templatelanguage, (3) ~language, (4) ~theme, or (5) ~template, which leaks the information in the resulting error message. cpe:/a:sap:internet_transaction_server:4620.2.0.323011 CVE-2003-0748 2003-10-20T00:00:00.000-04:00 2017-07-10T21:29:35.713-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030830 SAP Internet Transaction Server BID 8516 XF its-wgatedll-directory-traversal(13066) Directory traversal vulnerability in wgate.dll for SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the ~theme parameter and a ~template parameter with a filename followed by space characters, which can prevent SAP from effectively adding a .html extension to the filename. cpe:/a:sap:internet_transaction_server:4620.2.0.323011 CVE-2003-0749 2003-10-20T00:00:00.000-04:00 2008-09-05T16:35:09.217-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20030830 SAP Internet Transaction Server BID 8517 Cross-site scripting (XSS) vulnerability in wgate.dll for SAP Internet Transaction Server (ITS) 4620.2.0.323011 allows remote attackers to insert arbitrary web script and steal cookies via the ~service parameter. cpe:/a:py-membres:py-membres:4.0 cpe:/a:py-membres:py-membres:4.1 cpe:/a:py-membres:py-membres:4.2 CVE-2003-0750 2003-10-20T00:00:00.000-04:00 2008-09-10T15:20:21.290-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS VULNWATCH 20030826 [PHP] PY-Membres 4.2 : Admin Access, SQL Injection secure.php in PY-Membres 4.2 and earlier allows remote attackers to bypass authentication by setting the adminpy parameter. cpe:/a:py-membres:py-membres:4.0 cpe:/a:py-membres:py-membres:4.1 cpe:/a:py-membres:py-membres:4.2 CVE-2003-0751 2003-10-20T00:00:00.000-04:00 2008-09-10T15:20:21.353-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS VULNWATCH 20030826 [PHP] PY-Membres 4.2 : Admin Access, SQL Injection SQL injection vulnerability in pass_done.php for PY-Membres 4.2 and earlier allows remote attackers to execute arbitrary SQL queries via the email parameter. cpe:/a:attila-php.net:attilaphp:3.0 CVE-2003-0752 2003-10-20T00:00:00.000-04:00 2008-09-05T16:35:09.640-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS VULNWATCH 20030826 [PHP] AttilaPHP 3.0 : User/Admin Access SQL injection vulnerability in global.php3 of AttilaPHP 3.0, and possibly earlier versions, allows remote attackers to bypass authentication via a modified cook_id parameter. cpe:/a:newsphp:newsphp:216 CVE-2003-0753 2003-10-20T00:00:00.000-04:00 2008-09-10T15:20:21.493-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 BUGTRAQ 20030824 newsPHP file inclusion & bad login validation nphpd.php in newsPHP 216 and earlier allows remote attackers to read arbitrary files via a full pathname to the target file in the nphp_config[LangFile] parameter. cpe:/a:newsphp:newsphp:216 CVE-2003-0754 2003-10-20T00:00:00.000-04:00 2008-09-10T15:20:21.570-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20030824 newsPHP file inclusion & bad login validation nphpd.php in newsPHP 216 and earlier allows remote attackers to bypass authentication via an HTTP request with a modified nphp_users array, which is used for authentication. cpe:/a:gtkftpd:gtkftp:1.0.2 cpe:/a:gtkftpd:gtkftp:1.0.3 cpe:/a:gtkftpd:gtkftp:1.0.4 CVE-2003-0755 2003-10-20T00:00:00.000-04:00 2008-09-10T15:20:21.633-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS VULN-DEV 20030826 gtkftpd[v1.0.4(and below)]: remote root buffer overflow exploit. Buffer overflow in sys_cmd.c for gtkftpd 1.0.4 and earlier allows remote attackers to execute arbitrary code by creating long directory names and listing them with a LIST command. cpe:/a:sitebuilder:sitebuilder:1.4 CVE-2003-0756 2003-10-20T00:00:00.000-04:00 2008-09-10T15:20:21.710-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 BUGTRAQ 20030831 Directory Traversal in SITEBUILDER - v1.4 Directory traversal vulnerability in sitebuilder.cgi in SiteBuilder 1.4 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the selectedpage parameter. cpe:/a:checkpoint:firewall-1:4.0 cpe:/a:checkpoint:firewall-1:4.1 CVE-2003-0757 2003-10-20T00:00:00.000-04:00 2008-09-05T16:35:10.467-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 BUGTRAQ 20030902 IRM 007: The IP addresses of Check Point Firewall-1 internal interfaces may be enumerated using SecuRemote Check Point FireWall-1 4.0 and 4.1 before SP5 allows remote attackers to obtain the IP addresses of internal interfaces via certain SecuRemote requests to TCP ports 256 or 264, which leaks the IP addresses in a reply packet. cpe:/a:ibm:db2_universal_database:7.2::linux CVE-2003-0758 2003-10-06T00:00:00.000-04:00 2017-07-10T21:29:35.760-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20030918 CORE-2003-0531: Multiple IBM DB2 Stack Overflow Vulnerabilities BUGTRAQ 20030918 CORE-2003-0531: Multiple IBM DB2 Stack Overflow Vulnerabilities CIAC N-154 MISC http://www.coresecurity.com/common/showdoc.php?idx=366&idxseccion=10 BID 8552 XF ibm-db2-db2dart-bo(13218) Buffer overflow in db2dart in IBM DB2 Universal Data Base 7.2 before Fixpak 10 allows local users to gain root privileges via a long command line argument. cpe:/a:ibm:db2_universal_database:7.2::linux CVE-2003-0759 2003-10-06T00:00:00.000-04:00 2016-10-17T22:37:11.397-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CONFIRM ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/db2aixv7/FP10a_U495172/FixpakReadme.txt VULNWATCH 20030918 CORE-2003-0531: Multiple IBM DB2 Stack Overflow Vulnerabilities BUGTRAQ 20030918 CORE-2003-0531: Multiple IBM DB2 Stack Overflow Vulnerabilities CIAC N-154 MISC http://www.coresecurity.com/common/showdoc.php?idx=366&idxseccion=10 BID 8553 AIXAPAR IY47653 Buffer overflow in db2licm in IBM DB2 Universal Data Base 7.2 before Fixpak 10a allows local users to gain root privileges via a long command line argument. cpe:/a:optisoft:blubster:2.5 CVE-2003-0760 2003-09-17T00:00:00.000-04:00 2017-07-10T21:29:35.853-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov MISC http://www.securiteam.com/windowsntfocus/5RP0N15AUC.html BID 8482 XF blubster-port701-dos(13012) Blubster 2.5 allows remote attackers to cause a denial of service (crash) via a flood of connections to UDP port 701. cpe:/a:digium:asterisk:1.2.13 CVE-2003-0761 2003-09-17T00:00:00.000-04:00 2008-09-05T16:35:11.093-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS ATSTAKE A090403-1 Buffer overflow in the get_msg_text of chan_sip.c in the Session Initiation Protocol (SIP) protocol implementation for Asterisk releases before August 15, 2003, allows remote attackers to execute arbitrary code via certain (1) MESSAGE or (2) INFO requests. cpe:/a:foxweb:foxweb:2.5 CVE-2003-0762 2003-09-17T00:00:00.000-04:00 2008-09-10T15:20:23.557-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS VULNWATCH 20030905 [SCAN Associates Sdn Bhd Security Advisory] Foxweb 2.5 bufferoverflow in CGI and ISAPI extension Buffer overflow in (1) foxweb.dll and (2) foxweb.exe of Foxweb 2.5 allows remote attackers to execute arbitrary code via a long URL (PATH_INFO value). cpe:/a:squished_mosquito:escapade CVE-2003-0763 2003-09-17T00:00:00.000-04:00 2016-10-17T22:37:12.660-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030909 Escapade Scripting Engine XSS Vulnerability and Path Disclosure Cross-site scripting (XSS) vulnerability in Escapade Scripting Engine (ESP) allows remote attackers to inject arbitrary script via the method parameter, as demonstrated using the PAGE parameter. cpe:/a:squished_mosquito:escapade CVE-2003-0764 2003-09-17T00:00:00.000-04:00 2016-10-17T22:37:13.647-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030909 Escapade Scripting Engine XSS Vulnerability and Path Disclosure Escapade Scripting Engine (ESP) allows remote attackers to obtain sensitive path information via a malformed request, which leaks the information in an error message, as demonstrated using the PAGE parameter. cpe:/a:nullsoft:winamp:2.81 cpe:/a:nullsoft:winamp:2.91 cpe:/a:nullsoft:winamp:3.0 cpe:/a:nullsoft:winamp:3.1 CVE-2003-0765 2003-09-17T00:00:00.000-04:00 2016-10-17T22:37:14.740-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030908 Winamp 2.91 lets code execution through MIDI files The IN_MIDI.DLL plugin 3.01 and earlier, as used in Winamp 2.91, allows remote attackers to execute arbitrary code via a MIDI file with a large "Track data size" value. cpe:/a:ftp_desktop:ftp_desktop:3.5 CVE-2003-0766 2003-09-17T00:00:00.000-04:00 2017-04-28T21:59:00.757-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030908 Multiple Heap Overflows in FTP Desktop Multiple heap-based buffer overflows in FTP Desktop client 3.5, and possibly earlier versions, allow remote malicious servers to execute arbitrary code via (1) a long FTP banner, (2) a long response to a USER command, or (3) a long response to a PASS command. cpe:/a:gamespy:roger_wilco_dedicated_server:0.26 cpe:/a:gamespy:roger_wilco_dedicated_server:0.27 cpe:/a:gamespy:roger_wilco_dedicated_server:0.28 cpe:/a:gamespy:roger_wilco_dedicated_server:0.29 cpe:/a:gamespy:roger_wilco_dedicated_server:0.30a cpe:/a:gamespy:roger_wilco_graphical_server:1.4.1.1 cpe:/a:gamespy:roger_wilco_graphical_server:1.4.1.2 cpe:/a:gamespy:roger_wilco_graphical_server:1.4.1.3 cpe:/a:gamespy:roger_wilco_graphical_server:1.4.1.4 cpe:/a:gamespy:roger_wilco_graphical_server:1.4.1.5 cpe:/a:gamespy:roger_wilco_graphical_server:1.4.1.6 CVE-2003-0767 2003-09-17T00:00:00.000-04:00 2016-10-17T22:37:17.460-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030908 Rogerwilco: server's buffer overflow Buffer overflow in RogerWilco graphical server 1.4.1.6 and earlier, dedicated server 0.32a and earlier for Windows, and 0.27 and earlier for Linux and BSD, allows remote attackers to cause a denial of service and execute arbitrary code via a client request with a large length value. cpe:/a:microsoft:asp.net:1.1 CVE-2003-0768 2003-09-22T00:00:00.000-04:00 2016-10-17T22:37:18.567-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030908 Advisory: Incorrect Handling of XSS Protection in ASP.Net Microsoft ASP.Net 1.1 allows remote attackers to bypass the Cross-Site Scripting (XSS) and Script Injection protection feature via a null character in the beginning of a tag name. cpe:/a:mirabilis:icq:2003a_build3777 cpe:/a:mirabilis:icq:2003a_build3799 cpe:/a:mirabilis:icq:2003a_build3800 CVE-2003-0769 2003-09-22T00:00:00.000-04:00 2008-09-10T15:20:24.040-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 Cross-site scripting (XSS) vulnerability in the ICQ Web Front guestbook (guestbook.html) allows remote attackers to insert arbitrary web script and HTML via the message field. cpe:/a:ikonboard.com:ikonboard:3.1.1 cpe:/a:ikonboard.com:ikonboard:3.1.2a CVE-2003-0770 2003-09-22T00:00:00.000-04:00 2016-10-17T22:37:19.833-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030917 Exploit: IkonBoard 3.1.1/3.1.2a arbitrary command execution BUGTRAQ 20030401 IkonBoard v3.1.1: arbitrary command execution BUGTRAQ 20030908 IkonBoard 3.1.2a arbitrary command execution FUNC.pm in IkonBoard 3.1.2a and earlier, including 3.1.1, does not properly cleanse the "lang" cookie when it contains illegal characters, which allows remote attackers to execute arbitrary code when the cookie is inserted into a Perl "eval" statement. cpe:/a:apache_gallery:apache_gallery:0.4 cpe:/a:apache_gallery:apache_gallery:0.4.1 cpe:/a:apache_gallery:apache_gallery:0.5 cpe:/a:apache_gallery:apache_gallery:0.5.1 cpe:/a:apache_gallery:apache_gallery:0.6 CVE-2003-0771 2003-09-22T00:00:00.000-04:00 2016-10-17T22:37:21.007-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030907 Apache::Gallery local webserver compromise, privilege escalation Gallery.pm in Apache::Gallery (aka A::G) uses predictable temporary filenames when running Inline::C, which allows local users to execute arbitrary code by creating and modifying the files before Apache::Gallery does. cpe:/a:ipswitch:ws_ftp_server:4.01 cpe:/a:progress:ipswitch_ws_ftp_server:3.4 CVE-2003-0772 2003-09-22T00:00:00.000-04:00 2019-08-13T10:39:50.873-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030906 Remote and Local Vulnerabilities In WS_FTP Server CERT-VN VU#219140 CERT-VN VU#792284 BID 8542 XF wsftp-ftp-command-bo(13119) Multiple buffer overflows in WS_FTP 3 and 4 allow remote authenticated users to cause a denial of service and possibly execute arbitrary code via long (1) APPE (append) or (2) STAT (status) arguments. cpe:/a:sane:sane:1.0.0 cpe:/a:sane:sane:1.0.1 cpe:/a:sane:sane:1.0.2 cpe:/a:sane:sane:1.0.3 cpe:/a:sane:sane:1.0.4 cpe:/a:sane:sane:1.0.5 cpe:/a:sane:sane:1.0.6 cpe:/a:sane:sane:1.0.7 cpe:/a:sane:sane:1.0.7_beta1 cpe:/a:sane:sane:1.0.7_beta2 cpe:/a:sane:sane:1.0.8 cpe:/a:sane:sane:1.0.9 cpe:/a:sane:sane-backend:1.0.10 CVE-2003-0773 2003-09-22T00:00:00.000-04:00 2013-08-23T00:29:24.820-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS SCO CSSA-2004-005.0 DEBIAN DSA-379 MANDRAKE MDKSA-2003:099 SUSE SuSE-SA:2003:046 REDHAT RHSA-2003:278 REDHAT RHSA-2003:285 BID 8593 BID 8595 saned in sane-backends 1.0.7 and earlier does not check the IP address of the connecting host during the SANE_NET_INIT RPC call, which allows remote attackers to use that call even if they are restricted in saned.conf. cpe:/a:sane:sane:1.0.0 cpe:/a:sane:sane:1.0.1 cpe:/a:sane:sane:1.0.2 cpe:/a:sane:sane:1.0.3 cpe:/a:sane:sane:1.0.4 cpe:/a:sane:sane:1.0.5 cpe:/a:sane:sane:1.0.6 cpe:/a:sane:sane:1.0.7 cpe:/a:sane:sane:1.0.7_beta1 cpe:/a:sane:sane:1.0.7_beta2 cpe:/a:sane:sane:1.0.8 cpe:/a:sane:sane:1.0.9 cpe:/a:sane:sane-backend:1.0.10 CVE-2003-0774 2003-09-22T00:00:00.000-04:00 2008-09-10T15:20:25.257-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS SCO CSSA-2004-005.0 DEBIAN DSA-379 MANDRAKE MDKSA-2003:099 SUSE SuSE-SA:2003:046 REDHAT RHSA-2003:278 REDHAT RHSA-2003:285 BID 8593 saned in sane-backends 1.0.7 and earlier does not quickly handle connection drops, which allows remote attackers to cause a denial of service (segmentation fault) when invalid memory is accessed. cpe:/a:sane:sane:1.0.0 cpe:/a:sane:sane:1.0.1 cpe:/a:sane:sane:1.0.2 cpe:/a:sane:sane:1.0.3 cpe:/a:sane:sane:1.0.4 cpe:/a:sane:sane:1.0.5 cpe:/a:sane:sane:1.0.6 cpe:/a:sane:sane:1.0.7 cpe:/a:sane:sane:1.0.7_beta1 cpe:/a:sane:sane:1.0.7_beta2 cpe:/a:sane:sane:1.0.8 cpe:/a:sane:sane:1.0.9 cpe:/a:sane:sane-backend:1.0.10 CVE-2003-0775 2003-09-22T00:00:00.000-04:00 2008-09-10T15:20:25.337-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 SCO CSSA-2004-005.0 DEBIAN DSA-379 MANDRAKE MDKSA-2003:099 SUSE SuSE-SA:2003:046 REDHAT RHSA-2003:278 REDHAT RHSA-2003:285 BID 8593 BID 8600 saned in sane-backends 1.0.7 and earlier calls malloc with an arbitrary size value if a connection is dropped before the size value has been sent, which allows remote attackers to cause a denial of service (memory consumption or crash). cpe:/a:sane:sane:1.0.0 cpe:/a:sane:sane:1.0.1 cpe:/a:sane:sane:1.0.2 cpe:/a:sane:sane:1.0.3 cpe:/a:sane:sane:1.0.4 cpe:/a:sane:sane:1.0.5 cpe:/a:sane:sane:1.0.6 cpe:/a:sane:sane:1.0.7 cpe:/a:sane:sane:1.0.7_beta1 cpe:/a:sane:sane:1.0.7_beta2 cpe:/a:sane:sane:1.0.8 cpe:/a:sane:sane:1.0.9 cpe:/a:sane:sane-backend:1.0.10 CVE-2003-0776 2003-09-22T00:00:00.000-04:00 2008-09-10T15:20:25.413-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS SCO CSSA-2004-005.0 DEBIAN DSA-379 MANDRAKE MDKSA-2003:099 SUSE SuSE-SA:2003:046 REDHAT RHSA-2003:278 REDHAT RHSA-2003:285 BID 8593 saned in sane-backends 1.0.7 and earlier does not properly "check the validity of the RPC numbers it gets before getting the parameters," with unknown consequences. cpe:/a:sane:sane:1.0.0 cpe:/a:sane:sane:1.0.1 cpe:/a:sane:sane:1.0.2 cpe:/a:sane:sane:1.0.3 cpe:/a:sane:sane:1.0.4 cpe:/a:sane:sane:1.0.5 cpe:/a:sane:sane:1.0.6 cpe:/a:sane:sane:1.0.7 cpe:/a:sane:sane:1.0.7_beta1 cpe:/a:sane:sane:1.0.7_beta2 cpe:/a:sane:sane:1.0.8 cpe:/a:sane:sane:1.0.9 cpe:/a:sane:sane-backend:1.0.10 CVE-2003-0777 2003-09-22T00:00:00.000-04:00 2008-09-10T15:20:25.477-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 SCO CSSA-2004-005.0 DEBIAN DSA-379 MANDRAKE MDKSA-2003:099 SUSE SuSE-SA:2003:046 REDHAT RHSA-2003:278 REDHAT RHSA-2003:285 BID 8593 BID 8597 saned in sane-backends 1.0.7 and earlier, when debug messages are enabled, does not properly handle dropped connections, which can prevent strings from being null terminated and cause a denial of service (segmentation fault). cpe:/a:sane:sane:1.0.0 cpe:/a:sane:sane:1.0.1 cpe:/a:sane:sane:1.0.2 cpe:/a:sane:sane:1.0.3 cpe:/a:sane:sane:1.0.4 cpe:/a:sane:sane:1.0.5 cpe:/a:sane:sane:1.0.6 cpe:/a:sane:sane:1.0.7 cpe:/a:sane:sane:1.0.7_beta1 cpe:/a:sane:sane:1.0.7_beta2 cpe:/a:sane:sane:1.0.8 cpe:/a:sane:sane:1.0.9 cpe:/a:sane:sane-backend:1.0.10 CVE-2003-0778 2003-09-22T00:00:00.000-04:00 2008-09-10T15:20:25.540-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 SCO CSSA-2004-005.0 DEBIAN DSA-379 MANDRAKE MDKSA-2003:099 SUSE SuSE-SA:2003:046 REDHAT RHSA-2003:278 REDHAT RHSA-2003:285 BID 8593 BID 8596 saned in sane-backends 1.0.7 and earlier, and possibly later versions, does not properly allocate memory in certain cases, which could allow attackers to cause a denial of service (memory consumption). cpe:/a:digium:asterisk:0.1.7 cpe:/a:digium:asterisk:0.1.8 cpe:/a:digium:asterisk:0.1.9 cpe:/a:digium:asterisk:0.1.9.1 cpe:/a:digium:asterisk:0.2 cpe:/a:digium:asterisk:0.3 cpe:/a:digium:asterisk:0.4 CVE-2003-0779 2003-09-22T00:00:00.000-04:00 2008-09-10T15:20:25.617-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS ATSTAKE A091103-1 SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a CallerID string. cpe:/a:mysql:mysql:4.1.0:alpha cpe:/a:mysql:mysql:4.1.0.0 cpe:/a:oracle:mysql:3.23 cpe:/a:oracle:mysql:3.23.2 cpe:/a:oracle:mysql:3.23.3 cpe:/a:oracle:mysql:3.23.4 cpe:/a:oracle:mysql:3.23.5 cpe:/a:oracle:mysql:3.23.8 cpe:/a:oracle:mysql:3.23.9 cpe:/a:oracle:mysql:3.23.10 cpe:/a:oracle:mysql:3.23.22 cpe:/a:oracle:mysql:3.23.23 cpe:/a:oracle:mysql:3.23.24 cpe:/a:oracle:mysql:3.23.25 cpe:/a:oracle:mysql:3.23.26 cpe:/a:oracle:mysql:3.23.27 cpe:/a:oracle:mysql:3.23.28 cpe:/a:oracle:mysql:3.23.28:gamma cpe:/a:oracle:mysql:3.23.29 cpe:/a:oracle:mysql:3.23.30 cpe:/a:oracle:mysql:3.23.31 cpe:/a:oracle:mysql:3.23.32 cpe:/a:oracle:mysql:3.23.33 cpe:/a:oracle:mysql:3.23.34 cpe:/a:oracle:mysql:3.23.36 cpe:/a:oracle:mysql:3.23.37 cpe:/a:oracle:mysql:3.23.38 cpe:/a:oracle:mysql:3.23.39 cpe:/a:oracle:mysql:3.23.40 cpe:/a:oracle:mysql:3.23.41 cpe:/a:oracle:mysql:3.23.42 cpe:/a:oracle:mysql:3.23.43 cpe:/a:oracle:mysql:3.23.44 cpe:/a:oracle:mysql:3.23.45 cpe:/a:oracle:mysql:3.23.46 cpe:/a:oracle:mysql:3.23.47 cpe:/a:oracle:mysql:3.23.48 cpe:/a:oracle:mysql:3.23.49 cpe:/a:oracle:mysql:3.23.50 cpe:/a:oracle:mysql:3.23.51 cpe:/a:oracle:mysql:3.23.52 cpe:/a:oracle:mysql:3.23.53 cpe:/a:oracle:mysql:3.23.53a cpe:/a:oracle:mysql:3.23.54 cpe:/a:oracle:mysql:3.23.54a cpe:/a:oracle:mysql:3.23.55 cpe:/a:oracle:mysql:3.23.56 cpe:/a:oracle:mysql:4.0.0 cpe:/a:oracle:mysql:4.0.1 cpe:/a:oracle:mysql:4.0.2 cpe:/a:oracle:mysql:4.0.3 cpe:/a:oracle:mysql:4.0.4 cpe:/a:oracle:mysql:4.0.5 cpe:/a:oracle:mysql:4.0.5a cpe:/a:oracle:mysql:4.0.6 cpe:/a:oracle:mysql:4.0.7 cpe:/a:oracle:mysql:4.0.7:gamma cpe:/a:oracle:mysql:4.0.8 cpe:/a:oracle:mysql:4.0.8:gamma cpe:/a:oracle:mysql:4.0.9 cpe:/a:oracle:mysql:4.0.9:gamma cpe:/a:oracle:mysql:4.0.10 cpe:/a:oracle:mysql:4.0.11 cpe:/a:oracle:mysql:4.0.11:gamma cpe:/a:oracle:mysql:4.0.12 cpe:/a:oracle:mysql:4.0.13 cpe:/a:oracle:mysql:4.0.14 cpe:/o:conectiva:linux:7.0 cpe:/o:conectiva:linux:8.0 cpe:/o:conectiva:linux:9.0 CVE-2003-0780 2003-09-22T00:00:00.000-04:00 2019-10-07T12:42:21.527-04:00 9.0 NETWORK LOW SINGLE_INSTANCE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CONECTIVA CLA-2003:743 FULLDISC 20030910 Buffer overflow in MySQL BUGTRAQ 20030913 exploit for mysql -- [get_salt_from_password] problem TRUSTIX 2003-0034 DEBIAN DSA-381 CERT-VN VU#516492 MANDRAKE MDKSA-2003:094 REDHAT RHSA-2003:281 REDHAT RHSA-2003:282 BUGTRAQ 20030910 Buffer overflow in MySQL Buffer overflow in get_salt_from_password from sql_acl.cc for MySQL 4.0.14 and earlier, and 3.23.x, allows attackers with ALTER TABLE privileges to execute arbitrary code via a long Password field. cpe:/a:ecartis:ecartis:1.0.0 CVE-2003-0781 2004-05-04T00:00:00.000-04:00 2017-07-10T21:29:35.963-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS DEBIAN DSA-467 XF ecartis-subscribe-password-disclosure(12929) Unknown vulnerability in ecartis before 1.0.0 does not properly validate user input, which allows attackers to obtain mailing list passwords. cpe:/a:ecartis:ecartis:1.0.0 CVE-2003-0782 2004-05-04T00:00:00.000-04:00 2017-07-10T21:29:36.027-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS DEBIAN DSA-467 XF ecartis-multiple-bo(12928) Multiple buffer overflows in ecartis before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code. cpe:/a:yongguang_zhang:hztty:2.0 CVE-2003-0783 2003-10-06T00:00:00.000-04:00 2017-07-10T21:29:36.073-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030921 Fw: 0x333hztty => hztty 2.0 local root exploit SECTRACK 1007756 SECTRACK 1007757 DEBIAN DSA-385 BID 8656 XF hztty-bo(13243) Multiple buffer overflows in hztty 2.0 allow local users to gain root privileges. cpe:/o:ibm:aix:4.3.3 cpe:/o:ibm:aix:5.1 cpe:/o:ibm:aix:5.2 CVE-2003-0784 2003-10-06T00:00:00.000-04:00 2008-09-10T15:20:25.960-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS AIXAPAR IY47764 Format string vulnerability in tsm for the bos.rte.security fileset on AIX 5.2 allows remote attackers to gain root privileges via login, and local users to gain privileges via login, su, or passwd, with a username that contains format string specifiers. cpe:/h:brian_bassett:ipmasq:3.5.10 CVE-2003-0785 2003-10-06T00:00:00.000-04:00 2008-09-10T15:20:26.023-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS DEBIAN DSA-389 ipmasq before 3.5.12, in certain configurations, may forward packets to the external interface even if the packets are not associated with an established connection, which could allow remote attackers to bypass intended filtering. cpe:/a:openbsd:openssh:3.7.1 cpe:/a:openbsd:openssh:3.7.1p1 CVE-2003-0786 2003-11-17T00:00:00.000-05:00 2008-09-10T15:20:26.103-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS FULLDISC 20030924 [OpenPKG-SA-2003.042] OpenPKG Security Advisory (openssh) CERT-VN VU#602204 CONFIRM http://www.openssh.com/txt/sshpam.adv BUGTRAQ 20030923 Portable OpenSSH 3.7.1p2 released BUGTRAQ 20030923 Multiple PAM vulnerabilities in portable OpenSSH BID 8677 The SSH1 PAM challenge response authentication in OpenSSH 3.7.1 and 3.7.1p1, when Privilege Separation is disabled, does not check the result of the authentication attempt, which can allow remote attackers to gain privileges. cpe:/a:openbsd:openssh:3.7.1 cpe:/a:openbsd:openssh:3.7.1p1 CVE-2003-0787 2003-11-17T00:00:00.000-05:00 2008-09-10T15:20:26.163-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS FULLDISC 20030924 [OpenPKG-SA-2003.042] OpenPKG Security Advisory (openssh) CERT-VN VU#209807 CONFIRM http://www.openssh.com/txt/sshpam.adv BUGTRAQ 20030923 Portable OpenSSH 3.7.1p2 released BUGTRAQ 20030923 Multiple PAM vulnerabilities in portable OpenSSH BID 8677 The PAM conversation function in OpenSSH 3.7.1 and 3.7.1p1 interprets an array of structures as an array of pointers, which allows attackers to modify the stack and possibly gain privileges. cpe:/a:easy_software_products:cups:1.0.4 cpe:/a:easy_software_products:cups:1.0.4_8 cpe:/a:easy_software_products:cups:1.1.1 cpe:/a:easy_software_products:cups:1.1.4 cpe:/a:easy_software_products:cups:1.1.4_2 cpe:/a:easy_software_products:cups:1.1.4_3 cpe:/a:easy_software_products:cups:1.1.4_5 cpe:/a:easy_software_products:cups:1.1.6 cpe:/a:easy_software_products:cups:1.1.7 cpe:/a:easy_software_products:cups:1.1.10 cpe:/a:easy_software_products:cups:1.1.12 cpe:/a:easy_software_products:cups:1.1.13 cpe:/a:easy_software_products:cups:1.1.14 cpe:/a:easy_software_products:cups:1.1.15 cpe:/a:easy_software_products:cups:1.1.16 cpe:/a:easy_software_products:cups:1.1.17 cpe:/a:easy_software_products:cups:1.1.18 CVE-2003-0788 2003-12-01T00:00:00.000-05:00 2017-07-10T21:29:36.133-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov MISC http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=97958 CONECTIVA CLA-2003:779 CONECTIVA CLA-2003:788 MANDRAKE MDKSA-2003:104 REDHAT RHSA-2003:275 BID 8952 TURBO TLSA-2003-63 XF cups-ipp-dos(13584) Unknown vulnerability in the Internet Printing Protocol (IPP) implementation in CUPS before 1.1.19 allows remote attackers to cause a denial of service (CPU consumption from a "busy loop") via certain inputs to the IPP port (TCP 631). cpe:/a:apache:http_server:2.0.48 CVE-2003-0789 2003-11-03T00:00:00.000-05:00 2017-07-10T21:29:36.197-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov CONFIRM http://apache.secsup.org/dist/httpd/Announcement2.html CONECTIVA CLA-2003:775 CONFIRM http://docs.info.apple.com/article.html?artnum=61798 APPLE APPLE-SA-2004-01-26 CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00045.html BUGTRAQ 20031031 GLSA: apache (200310-04) GENTOO 200310-04 CIAC O-015 MANDRAKE MDKSA-2003:103 REDHAT RHSA-2003:320 HP HPSBUX0311-301 BID 8926 BID 9504 XF apache-modcgi-info-disclosure(13552) MLIST [httpd-cvs] 20190815 svn commit: r1048742 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html MLIST [httpd-cvs] 20190815 svn commit: r1048743 [2/4] - in /websites/staging/httpd/trunk/content: ./ security/vulnerabilities-httpd.xml security/vulnerabilities_13.html security/vulnerabilities_20.html security/vulnerabilities_22.html security/vulnerabilities_24.html mod_cgid in Apache before 2.0.48, when using a threaded MPM, does not properly handle CGI redirect paths, which could cause Apache to send the output of a CGI program to the wrong client. CVE-2003-0790 2003-11-17T00:00:00.000-05:00 2008-09-10T15:20:28.117-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: the reported issue is not a vulnerability or exposure. Notes: This candidate was assigned to a "head-reading" bug in a component of fetchmail 6.2.4 and earlier, which was claimed to allow a denial of service. However, the bug is in a broken component of fetchmail that is not "reachable" by any execution path, so it cannot be triggered by any sort of attack and is not exploitable. cpe:/a:mozilla:mozilla:0.8 cpe:/a:mozilla:mozilla:0.9.2 cpe:/a:mozilla:mozilla:0.9.2.1 cpe:/a:mozilla:mozilla:0.9.3 cpe:/a:mozilla:mozilla:0.9.4 cpe:/a:mozilla:mozilla:0.9.4.1 cpe:/a:mozilla:mozilla:0.9.5 cpe:/a:mozilla:mozilla:0.9.6 cpe:/a:mozilla:mozilla:0.9.7 cpe:/a:mozilla:mozilla:0.9.8 cpe:/a:mozilla:mozilla:0.9.9 cpe:/a:mozilla:mozilla:0.9.35 cpe:/a:mozilla:mozilla:0.9.48 cpe:/a:mozilla:mozilla:1.0 cpe:/a:mozilla:mozilla:1.0:rc1 cpe:/a:mozilla:mozilla:1.0:rc2 cpe:/a:mozilla:mozilla:1.0.1 cpe:/a:mozilla:mozilla:1.0.2 cpe:/a:mozilla:mozilla:1.1 cpe:/a:mozilla:mozilla:1.1:alpha cpe:/a:mozilla:mozilla:1.1:beta cpe:/a:mozilla:mozilla:1.2 cpe:/a:mozilla:mozilla:1.2:alpha cpe:/a:mozilla:mozilla:1.2:beta cpe:/a:mozilla:mozilla:1.2.1 cpe:/a:mozilla:mozilla:1.3 cpe:/a:mozilla:mozilla:1.3.1 cpe:/a:mozilla:mozilla:1.4 cpe:/a:mozilla:mozilla:1.4:alpha cpe:/a:mozilla:mozilla:1.4:beta cpe:/o:sco:openserver:5.0.7 CVE-2003-0791 2003-10-07T00:00:00.000-04:00 2008-09-10T15:20:29.147-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-24T17:50:00.000-04:00 ALLOWS_USER_ACCESS MANDRAKE MDKSA-2004:021 SCO SCOSA-2004.8 BID 9322 MISC https://bugzilla.mozilla.org/show_bug.cgi?id=221526 The Script.prototype.freeze/thaw functionality in Mozilla 1.4 and earlier allows attackers to execute native methods by modifying the string used as input to the script.thaw JavaScript function, which is then deserialized and executed. cpe:/a:fetchmail:fetchmail:4.5.1 cpe:/a:fetchmail:fetchmail:4.5.2 cpe:/a:fetchmail:fetchmail:4.5.3 cpe:/a:fetchmail:fetchmail:4.5.4 cpe:/a:fetchmail:fetchmail:4.5.5 cpe:/a:fetchmail:fetchmail:4.5.6 cpe:/a:fetchmail:fetchmail:4.5.7 cpe:/a:fetchmail:fetchmail:4.5.8 cpe:/a:fetchmail:fetchmail:4.6.0 cpe:/a:fetchmail:fetchmail:4.6.1 cpe:/a:fetchmail:fetchmail:4.6.2 cpe:/a:fetchmail:fetchmail:4.6.3 cpe:/a:fetchmail:fetchmail:4.6.4 cpe:/a:fetchmail:fetchmail:4.6.5 cpe:/a:fetchmail:fetchmail:4.6.6 cpe:/a:fetchmail:fetchmail:4.6.7 cpe:/a:fetchmail:fetchmail:4.6.8 cpe:/a:fetchmail:fetchmail:4.6.9 cpe:/a:fetchmail:fetchmail:4.7.0 cpe:/a:fetchmail:fetchmail:4.7.1 cpe:/a:fetchmail:fetchmail:4.7.2 cpe:/a:fetchmail:fetchmail:4.7.3 cpe:/a:fetchmail:fetchmail:4.7.4 cpe:/a:fetchmail:fetchmail:4.7.5 cpe:/a:fetchmail:fetchmail:4.7.6 cpe:/a:fetchmail:fetchmail:4.7.7 cpe:/a:fetchmail:fetchmail:5.0.0 cpe:/a:fetchmail:fetchmail:5.0.1 cpe:/a:fetchmail:fetchmail:5.0.2 cpe:/a:fetchmail:fetchmail:5.0.3 cpe:/a:fetchmail:fetchmail:5.0.4 cpe:/a:fetchmail:fetchmail:5.0.5 cpe:/a:fetchmail:fetchmail:5.0.6 cpe:/a:fetchmail:fetchmail:5.0.7 cpe:/a:fetchmail:fetchmail:5.0.8 cpe:/a:fetchmail:fetchmail:5.1.0 cpe:/a:fetchmail:fetchmail:5.1.4 cpe:/a:fetchmail:fetchmail:5.2.0 cpe:/a:fetchmail:fetchmail:5.2.1 cpe:/a:fetchmail:fetchmail:5.2.3 cpe:/a:fetchmail:fetchmail:5.2.4 cpe:/a:fetchmail:fetchmail:5.2.7 cpe:/a:fetchmail:fetchmail:5.2.8 cpe:/a:fetchmail:fetchmail:5.3.0 cpe:/a:fetchmail:fetchmail:5.3.1 cpe:/a:fetchmail:fetchmail:5.3.3 cpe:/a:fetchmail:fetchmail:5.3.8 cpe:/a:fetchmail:fetchmail:5.4.0 cpe:/a:fetchmail:fetchmail:5.4.3 cpe:/a:fetchmail:fetchmail:5.4.4 cpe:/a:fetchmail:fetchmail:5.4.5 cpe:/a:fetchmail:fetchmail:5.5.0 cpe:/a:fetchmail:fetchmail:5.5.2 cpe:/a:fetchmail:fetchmail:5.5.3 cpe:/a:fetchmail:fetchmail:5.5.5 cpe:/a:fetchmail:fetchmail:5.5.6 cpe:/a:fetchmail:fetchmail:5.6.0 cpe:/a:fetchmail:fetchmail:5.7.0 cpe:/a:fetchmail:fetchmail:5.7.2 cpe:/a:fetchmail:fetchmail:5.7.4 cpe:/a:fetchmail:fetchmail:5.8 cpe:/a:fetchmail:fetchmail:5.8.1 cpe:/a:fetchmail:fetchmail:5.8.2 cpe:/a:fetchmail:fetchmail:5.8.3 cpe:/a:fetchmail:fetchmail:5.8.4 cpe:/a:fetchmail:fetchmail:5.8.5 cpe:/a:fetchmail:fetchmail:5.8.6 cpe:/a:fetchmail:fetchmail:5.8.11 cpe:/a:fetchmail:fetchmail:5.8.13 cpe:/a:fetchmail:fetchmail:5.8.14 cpe:/a:fetchmail:fetchmail:5.8.17 cpe:/a:fetchmail:fetchmail:5.9.0 cpe:/a:fetchmail:fetchmail:5.9.4 cpe:/a:fetchmail:fetchmail:5.9.5 cpe:/a:fetchmail:fetchmail:5.9.8 cpe:/a:fetchmail:fetchmail:5.9.10 cpe:/a:fetchmail:fetchmail:5.9.11 cpe:/a:fetchmail:fetchmail:5.9.13 cpe:/a:fetchmail:fetchmail:6.0.0 cpe:/a:fetchmail:fetchmail:6.1.0 cpe:/a:fetchmail:fetchmail:6.1.3 cpe:/a:fetchmail:fetchmail:6.2.0 cpe:/a:fetchmail:fetchmail:6.2.1 cpe:/a:fetchmail:fetchmail:6.2.2 cpe:/a:fetchmail:fetchmail:6.2.3 cpe:/a:fetchmail:fetchmail:6.2.4 CVE-2003-0792 2003-11-17T00:00:00.000-05:00 2017-07-10T21:29:36.277-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SCO CSSA-2004-004.0 BUGTRAQ 20040220 LNSA-#2004-0002: Fetchmail 6.2.4 and earlier remote denial of service GENTOO GLSA-200403-10 MANDRAKE MDKSA-2003:101 IMMUNIX IMNX-2003-7+-023-01 BID 8843 TURBO TLSA-2003-61 XF fetchmail-email-dos(13450) Fetchmail 6.2.4 and earlier does not properly allocate memory for long lines, which allows remote attackers to cause a denial of service (crash) via a certain email. cpe:/a:gnome:gdm:2.2.5.4 cpe:/a:gnome:gdm:2.4.1 cpe:/a:gnome:gdm:2.4.1.1 cpe:/a:gnome:gdm:2.4.1.2 cpe:/a:gnome:gdm:2.4.1.3 cpe:/a:gnome:gdm:2.4.1.4 cpe:/a:gnome:gdm:2.4.1.5 cpe:/a:gnome:gdm:2.4.1.6 cpe:/a:gnome:gdm:2.4.4 CVE-2003-0793 2003-11-17T00:00:00.000-05:00 2017-07-10T21:29:36.353-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONFIRM http://cvs.gnome.org/bonsai/cvsblame.cgi?file=gdm2/NEWS&rev=&root=/cvs/gnome CONECTIVA CLA-2003:766 MANDRAKE MDKSA-2003:100 BID 8846 XF gdm-dos(13447) GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not restrict the size of input, which allows attackers to cause a denial of service (memory consumption). cpe:/a:gnome:gdm:2.2.5.4 cpe:/a:gnome:gdm:2.4.1 cpe:/a:gnome:gdm:2.4.1.1 cpe:/a:gnome:gdm:2.4.1.2 cpe:/a:gnome:gdm:2.4.1.3 cpe:/a:gnome:gdm:2.4.1.4 cpe:/a:gnome:gdm:2.4.1.5 cpe:/a:gnome:gdm:2.4.1.6 cpe:/a:gnome:gdm:2.4.4 CVE-2003-0794 2003-11-17T00:00:00.000-05:00 2017-07-10T21:29:36.417-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONFIRM http://cvs.gnome.org/bonsai/cvsblame.cgi?file=gdm2/NEWS&rev=&root=/cvs/gnome CONECTIVA CLA-2003:766 MANDRAKE MDKSA-2003:100 BID 8846 XF gdm-command-dos(13448) GDM 2.4.4.x before 2.4.4.4, and 2.4.1.x before 2.4.1.7, does not limit the number or duration of commands and uses a blocking socket connection, which allows attackers to cause a denial of service (resource exhaustion) by sending commands and not reading the results. cpe:/a:gnu:zebra:0.91a cpe:/a:gnu:zebra:0.92a cpe:/a:gnu:zebra:0.93a cpe:/a:gnu:zebra:0.93b cpe:/a:quagga:quagga:0.95 cpe:/a:quagga:quagga:0.96 cpe:/a:quagga:quagga:0.96.1 cpe:/a:quagga:quagga:0.96.2 cpe:/a:quagga:quagga:0.96.3 cpe:/a:sgi:propack:2.2.1 cpe:/a:sgi:propack:2.3 CVE-2003-0795 2003-12-15T00:00:00.000-05:00 2016-10-17T22:37:28.367-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20031114 Quagga remote vulnerability DEBIAN DSA-415 REDHAT RHSA-2003:305 REDHAT RHSA-2003:307 The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to the telnet CLI port, which may trigger a null dereference. cpe:/o:sgi:irix:6.5 cpe:/o:sgi:irix:6.5.1 cpe:/o:sgi:irix:6.5.2 cpe:/o:sgi:irix:6.5.3 cpe:/o:sgi:irix:6.5.4 cpe:/o:sgi:irix:6.5.5 cpe:/o:sgi:irix:6.5.6 cpe:/o:sgi:irix:6.5.7 cpe:/o:sgi:irix:6.5.8 cpe:/o:sgi:irix:6.5.9 cpe:/o:sgi:irix:6.5.10 cpe:/o:sgi:irix:6.5.11 cpe:/o:sgi:irix:6.5.12 cpe:/o:sgi:irix:6.5.13 cpe:/o:sgi:irix:6.5.14 cpe:/o:sgi:irix:6.5.15 cpe:/o:sgi:irix:6.5.16 cpe:/o:sgi:irix:6.5.17f cpe:/o:sgi:irix:6.5.17m cpe:/o:sgi:irix:6.5.18f cpe:/o:sgi:irix:6.5.18m cpe:/o:sgi:irix:6.5.19f cpe:/o:sgi:irix:6.5.19m cpe:/o:sgi:irix:6.5.20f cpe:/o:sgi:irix:6.5.20m cpe:/o:sgi:irix:6.5.21f cpe:/o:sgi:irix:6.5.21m cpe:/o:sgi:irix:6.5.22 CVE-2003-0796 2004-03-29T00:00:00.000-05:00 2017-07-10T21:29:36.493-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS SGI 20031102-01-P SGI 20031102-02-P BID 9085 XF rpcmountd-mount-gain-access(13807) Unknown vulnerability in rpc.mountd SGI IRIX 6.5.18 through 6.5.22 allows remote attackers to mount from unprivileged ports even with the -n option disabled. cpe:/o:sgi:irix:6.5 cpe:/o:sgi:irix:6.5.1 cpe:/o:sgi:irix:6.5.2 cpe:/o:sgi:irix:6.5.3 cpe:/o:sgi:irix:6.5.4 cpe:/o:sgi:irix:6.5.5 cpe:/o:sgi:irix:6.5.6 cpe:/o:sgi:irix:6.5.7 cpe:/o:sgi:irix:6.5.8 cpe:/o:sgi:irix:6.5.9 cpe:/o:sgi:irix:6.5.10 cpe:/o:sgi:irix:6.5.11 cpe:/o:sgi:irix:6.5.12 cpe:/o:sgi:irix:6.5.13 cpe:/o:sgi:irix:6.5.14 cpe:/o:sgi:irix:6.5.15 cpe:/o:sgi:irix:6.5.16 cpe:/o:sgi:irix:6.5.17f cpe:/o:sgi:irix:6.5.17m cpe:/o:sgi:irix:6.5.18 cpe:/o:sgi:irix:6.5.18f cpe:/o:sgi:irix:6.5.18m cpe:/o:sgi:irix:6.5.19 cpe:/o:sgi:irix:6.5.19f cpe:/o:sgi:irix:6.5.19m cpe:/o:sgi:irix:6.5.20 cpe:/o:sgi:irix:6.5.20f cpe:/o:sgi:irix:6.5.20m cpe:/o:sgi:irix:6.5.21 cpe:/o:sgi:irix:6.5.21f cpe:/o:sgi:irix:6.5.21m cpe:/o:sgi:irix:6.5.22 CVE-2003-0797 2004-03-29T00:00:00.000-05:00 2017-07-10T21:29:36.573-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SGI 20031102-01-P SGI 20031102-02-P BID 9084 XF rpcmountd-dos(13808) Unknown vulnerability in rpc.mountd in SGI IRIX 6.5 through 6.5.22 allows remote attackers to cause a denial of service (process death) via unknown attack vectors. CVE-2003-0798 2017-05-11T10:29:01.027-04:00 2017-05-11T10:29:01.027-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. CVE-2003-0799 2017-05-11T10:29:01.040-04:00 2017-05-11T10:29:01.040-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. CVE-2003-0800 2017-05-11T10:29:01.073-04:00 2017-05-11T10:29:01.073-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. cpe:/a:nokia:electronic_documentation:5.0 CVE-2003-0801 2003-10-06T00:00:00.000-04:00 2008-09-10T15:20:29.993-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ATSTAKE A091503-1 Cross-site scripting (XSS) vulnerability in Nokia Electronic Documentation (NED) 5.0 allows remote attackers to execute arbitrary web script and steal cookies via a URL to the docs/ directory that contains the script. cpe:/a:nokia:electronic_documentation:5.0 CVE-2003-0802 2003-10-06T00:00:00.000-04:00 2008-09-10T15:20:30.057-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ATSTAKE A091503-1 Nokia Electronic Documentation (NED) 5.0 allows remote attackers to obtain a directory listing of the WebLogic web root, and the physical path of the NED server, via a "retrieve" action with a location parameter of . (dot). cpe:/a:nokia:electronic_documentation:5.0 CVE-2003-0803 2003-10-06T00:00:00.000-04:00 2008-09-10T15:20:30.117-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS ATSTAKE A091503-1 Nokia Electronic Documentation (NED) 5.0 allows remote attackers to use NED as an open HTTP proxy via a URL in the location parameter, which NED accesses and returns to the user. cpe:/o:apple:mac_os_x:10.2 cpe:/o:apple:mac_os_x:10.2.1 cpe:/o:apple:mac_os_x:10.2.2 cpe:/o:apple:mac_os_x:10.2.3 cpe:/o:apple:mac_os_x:10.2.4 cpe:/o:apple:mac_os_x:10.2.5 cpe:/o:apple:mac_os_x:10.2.6 cpe:/o:apple:mac_os_x:10.2.7 cpe:/o:apple:mac_os_x_server:10.2 cpe:/o:apple:mac_os_x_server:10.2.1 cpe:/o:apple:mac_os_x_server:10.2.2 cpe:/o:apple:mac_os_x_server:10.2.3 cpe:/o:apple:mac_os_x_server:10.2.4 cpe:/o:apple:mac_os_x_server:10.2.5 cpe:/o:apple:mac_os_x_server:10.2.6 cpe:/o:apple:mac_os_x_server:10.2.7 cpe:/o:freebsd:freebsd:4.0 cpe:/o:freebsd:freebsd:4.1 cpe:/o:freebsd:freebsd:4.1.1 cpe:/o:freebsd:freebsd:4.2 cpe:/o:freebsd:freebsd:4.3 cpe:/o:freebsd:freebsd:4.4 cpe:/o:freebsd:freebsd:4.5 cpe:/o:freebsd:freebsd:4.6 cpe:/o:freebsd:freebsd:4.6.2 cpe:/o:freebsd:freebsd:4.7 cpe:/o:freebsd:freebsd:4.8 cpe:/o:freebsd:freebsd:4.9:pre-release cpe:/o:freebsd:freebsd:5.0 cpe:/o:freebsd:freebsd:5.1 cpe:/o:openbsd:openbsd:3.2 cpe:/o:openbsd:openbsd:3.3 cpe:/o:openbsd:openbsd:3.4 CVE-2003-0804 2003-11-17T00:00:00.000-05:00 2008-09-10T15:20:30.570-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 FREEBSD FreeBSD-SA-03:14 SGI 20040502-01-P CONFIRM http://docs.info.apple.com/article.html?artnum=61798 The arplookup function in FreeBSD 5.1 and earlier, Mac OS X before 10.2.8, and possibly other BSD-based systems, allows remote attackers on a local subnet to cause a denial of service (resource starvation and panic) via a flood of spoofed ARP requests. cpe:/a:university_of_minnesota:gopherd:2.0.3 cpe:/a:university_of_minnesota:gopherd:2.0.4 cpe:/a:university_of_minnesota:gopherd:2.3 cpe:/a:university_of_minnesota:gopherd:2.3.1 cpe:/a:university_of_minnesota:gopherd:3.0.0 cpe:/a:university_of_minnesota:gopherd:3.0.1 cpe:/a:university_of_minnesota:gopherd:3.0.2 cpe:/a:university_of_minnesota:gopherd:3.0.3 cpe:/a:university_of_minnesota:gopherd:3.0.4 cpe:/a:university_of_minnesota:gopherd:3.0.5 CVE-2003-0805 2003-10-06T00:00:00.000-04:00 2016-10-17T22:37:29.600-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030712 UMN gopherd[2.x.x/3.x.x]: ftp gateway, and GSisText() buffer BUGTRAQ 20030818 FW: [gopher] UMN Gopher 3.0.6 released DEBIAN DSA-387 Multiple buffer overflows in UMN gopher daemon (gopherd) 2.x and 3.x before 3.0.6 allows attackers to execute arbitrary code via (1) a long filename as a result of a LIST command, and (2) the GSisText function, which calculates the view-type. cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 cpe:/o:microsoft:windows_2000::sp4::fr cpe:/o:microsoft:windows_nt:4.0:sp6a cpe:/o:microsoft:windows_xp::sp1:tablet_pc CVE-2003-0806 2004-06-01T00:00:00.000-04:00 2018-10-12T17:33:06.303-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CIAC O-114 CERT-VN VU#471260 BID 10126 CERT TA04-104A MS MS04-011 XF win-winlogon-bo(15702) Buffer overflow in the Windows logon process (winlogon) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1, when a member of a domain, allows remote attackers to execute arbitrary code. cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2003_server:r2 cpe:/o:microsoft:windows_nt:4.0::server cpe:/o:microsoft:windows_nt:4.0::terminal_server cpe:/o:microsoft:windows_xp::gold CVE-2003-0807 2004-06-01T00:00:00.000-04:00 2018-10-12T17:33:07.320-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SECTRACK 1009762 CIAC O-115 CERT-VN VU#698564 BID 10123 CERT TA04-104A MS MS04-012 XF win-cis-rpc-http-dos(15709) Buffer overflow in the COM Internet Services and in the RPC over HTTP Proxy components for Microsoft Windows NT Server 4.0, NT 4.0 Terminal Server Edition, 2000, XP, and Server 2003 allows remote attackers to cause a denial of service via a crafted request. cpe:/a:microsoft:ie:5.0.1 cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.5:sp1 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:6.0:sp1 CVE-2003-0809 2003-11-17T00:00:00.000-05:00 2018-10-12T17:33:08.413-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BID 8565 MS MS03-040 XF ie-xmlobject-code-execution(13300) Internet Explorer 5.01 through 6.0 does not properly handle object tags returned from a Web server during XML data binding, which allows remote attackers to execute arbitrary code via an HTML e-mail message or web page. cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2000::sp1 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 cpe:/o:microsoft:windows_2000::sp4 cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_xp:::media_center cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_xp::sp1:home CVE-2003-0812 2003-12-15T00:00:00.000-05:00 2019-04-30T10:27:13.913-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20031111 EEYE: Windows Workstation Service Remote Buffer Overflow BUGTRAQ 20031112 Proof of concept for Windows Workstation Service overflow CERT CA-2003-28 CISCO 20040129 Buffer Overrun in Microsoft Windows 2000 Workstation Service (MS03-049) CERT-VN VU#567620 BID 9011 MS MS03-049 Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file ("NetSetup.LOG"), as demonstrated using the NetAddAlternateComputerName API. cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2000::sp1 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 cpe:/o:microsoft:windows_2000::sp4 cpe:/o:microsoft:windows_2003_server:enterprise::64-bit cpe:/o:microsoft:windows_2003_server:enterprise_64-bit cpe:/o:microsoft:windows_2003_server:r2::64-bit cpe:/o:microsoft:windows_2003_server:r2::datacenter_64-bit cpe:/o:microsoft:windows_2003_server:standard::64-bit cpe:/o:microsoft:windows_2003_server:web cpe:/o:microsoft:windows_nt:4.0::enterprise_server cpe:/o:microsoft:windows_nt:4.0::server cpe:/o:microsoft:windows_nt:4.0::terminal_server cpe:/o:microsoft:windows_nt:4.0::workstation cpe:/o:microsoft:windows_nt:4.0:sp1:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp1:server cpe:/o:microsoft:windows_nt:4.0:sp1:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp1:workstation cpe:/o:microsoft:windows_nt:4.0:sp2:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp2:server cpe:/o:microsoft:windows_nt:4.0:sp2:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp2:workstation cpe:/o:microsoft:windows_nt:4.0:sp3:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp3:server cpe:/o:microsoft:windows_nt:4.0:sp3:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp3:workstation cpe:/o:microsoft:windows_nt:4.0:sp4:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp4:server cpe:/o:microsoft:windows_nt:4.0:sp4:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp4:workstation cpe:/o:microsoft:windows_nt:4.0:sp5:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp5:server cpe:/o:microsoft:windows_nt:4.0:sp5:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp5:workstation cpe:/o:microsoft:windows_nt:4.0:sp6:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6:server cpe:/o:microsoft:windows_nt:4.0:sp6:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6:workstation cpe:/o:microsoft:windows_nt:4.0:sp6a:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6a:server cpe:/o:microsoft:windows_nt:4.0:sp6a:workstation cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_xp:::embedded cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_xp::sp1:embedded cpe:/o:microsoft:windows_xp::sp1:home CVE-2003-0813 2003-11-17T00:00:00.000-05:00 2019-04-30T10:27:13.913-04:00 5.1 NETWORK HIGH NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS FULLDISC 20031010 Re : [VERY] BAD news on RPC DCOM Exploit FULLDISC 20031010 Re: Bad news on RPC DCOM vulnerability FULLDISC 20031011 Bad news on RPC DCOM2 vulnerability BUGTRAQ 20031010 Bad news on RPC DCOM vulnerability BUGTRAQ 20031011 RE: Bad news on RPC DCOM vulnerability NTBUGTRAQ 20031010 Bad news on RPC DCOM vulnerability CERT-VN VU#547820 BID 8811 MISC http://www.securitylab.ru/_exploits/rpc2.c.txt CERT TA04-104A ISS 20031014 Microsoft RPC Race Condition Denial of Service MS MS04-012 A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed allows remote attackers to cause a denial of service (crash or reboot) by causing two threads to process the same RPC request, which causes one thread to use memory after it has been freed, a different vulnerability than CVE-2003-0352 (Blaster/Nachi), CVE-2003-0715, and CVE-2003-0528, and as demonstrated by certain exploits against those vulnerabilities. cpe:/a:microsoft:ie:5.0.1 cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.5:sp1 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:6.0:sp1 CVE-2003-0814 2004-02-03T00:00:00.000-05:00 2018-10-12T17:33:12.117-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS SECTRACK 1007687 BUGTRAQ 20030910 MSIE->BodyRefreshLoadsJPU:refresh is a new navigation method CERT-VN VU#326412 MISC http://www.safecenter.net/liudieyu/BodyRefreshLoadsJPU/BodyRefreshLoadsJPU-Content.htm BUGTRAQ 20030911 LiuDieYu's missing files are here. MS MS03-048 Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and execute Javascript by setting the window's "href" to the malicious Javascript, then calling execCommand("Refresh") to refresh the page, aka BodyRefreshLoadsJPU or the "ExecCommand Cross Domain" vulnerability. cpe:/a:microsoft:ie:5.0.1 cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.5:sp1 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:6.0:sp1 CVE-2003-0815 2004-02-03T00:00:00.000-05:00 2018-10-12T17:33:13.883-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030910 MSIE->LinkillerJPU:another caller-based authorization(is broken). BUGTRAQ 20030910 MSIE->Findeath: break caller-based authorization SECTRACK 1007687 CIAC O-021 BUGTRAQ 20030910 MSIE->LinkillerSaveRef:another caller-based authorization MISC http://www.safecenter.net/UMBRELLAWEBV4/Linkiller/Linkiller-Content.HTM MISC http://www.safecenter.net/UMBRELLAWEBV4/LinkillerJPU/LinkillerJPU-Content.HTM MISC http://www.safecenter.net/UMBRELLAWEBV4/LinkillerSaveRef/LinkillerSaveRef-Content.HTM BUGTRAQ 20030911 LiuDieYu's missing files are here. BID 9014 MS MS03-048 XF ie-pointer-zone-bypass(13676) Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions and read arbitrary files by (1) modifying the createTextRange method and using CreateLink, as demonstrated using LinkillerSaveRef, LinkillerJPU, and Linkiller, or (2) modifying the createRange method and using the FIND dialog to select text, as demonstrated using Findeath, aka the "Function Pointer Override Cross Domain" vulnerability. cpe:/a:microsoft:ie:5.0.1 cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.5:sp1 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:6.0:sp1 CVE-2003-0816 2004-02-03T00:00:00.000-05:00 2018-10-12T17:33:17.007-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030910 MSIE->RefBack BUGTRAQ 20030910 MSIE->NAFjpuInHistory BUGTRAQ 20030910 MSIE->WsFakeSrc BUGTRAQ 20030910 MSIE->WsOpenFileJPU BUGTRAQ 20030910 MSIE->WsBASEjpu BUGTRAQ 20030910 MSIE->BackMyParent2:Multi-Thread version SECTRACK 1007687 BUGTRAQ 20030910 MSIE->WsOpenJpuInHistory CERT-VN VU#652452 CERT-VN VU#771604 MISC http://www.safecenter.net/liudieyu/BackMyParent/BackMyParent-content.htm MISC http://www.safecenter.net/liudieyu/BackMyParent2/BackMyParent2-Content.HTM MISC http://www.safecenter.net/liudieyu/NAFjpuInHistory/NAFjpuInHistory-Content.HTM MISC http://www.safecenter.net/liudieyu/RefBack/RefBack-Content.HTM MISC http://www.safecenter.net/liudieyu/WsBASEjpu/WsBASEjpu-Content.HTM MISC http://www.safecenter.net/liudieyu/WsFakeSrc/WsFakeSrc-Content.HTM MISC http://www.safecenter.net/liudieyu/WsOpenJpuInHistory/WsOpenJpuInHistory-Content.HTM MISC http://www.safecenter.net/UMBRELLAWEBV4/NAFfileJPU/NAFfileJPU-Content.htm MISC http://www.safecenter.net/UMBRELLAWEBV4/WsOpenFileJPU/WsOpenFileJPU-Content.HTM BUGTRAQ 20030910 MSIE->NAFfileJPU BUGTRAQ 20030911 LiuDieYu's missing files are here. MS MS03-048 Internet Explorer 6 SP1 and earlier allows remote attackers to bypass zone restrictions by (1) using the NavigateAndFind method to load a file: URL containing Javascript, as demonstrated by NAFfileJPU, (2) using the window.open method to load a file: URL containing Javascript, as demonstrated using WsOpenFileJPU, (3) setting the href property in the base tag for the _search window, as demonstrated using WsBASEjpu, (4) loading the search window into an Iframe, as demonstrated using WsFakeSrc, (5) caching a javascript: URL in the browser history, then accessing that URL in the same frame as the target domain, as demonstrated using WsOpenJpuInHistory, NAFjpuInHistory, BackMyParent, BackMyParent2, and RefBack, aka the "Script URLs Cross Domain" vulnerability. cpe:/a:microsoft:ie:5.0.1 cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.5:sp1 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:6.0:sp1 CVE-2003-0817 2004-02-03T00:00:00.000-05:00 2018-10-12T17:33:21.663-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BID 9012 MS MS03-048 Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions and read arbitrary files via an XML object. cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2000::sp1 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 cpe:/o:microsoft:windows_2003_server:enterprise::64-bit cpe:/o:microsoft:windows_2003_server:enterprise_64-bit cpe:/o:microsoft:windows_2003_server:r2::64-bit cpe:/o:microsoft:windows_2003_server:r2::datacenter_64-bit cpe:/o:microsoft:windows_2003_server:standard::64-bit cpe:/o:microsoft:windows_2003_server:web cpe:/o:microsoft:windows_nt:4.0::server cpe:/o:microsoft:windows_nt:4.0::terminal_server cpe:/o:microsoft:windows_nt:4.0::workstation cpe:/o:microsoft:windows_nt:4.0:sp1:server cpe:/o:microsoft:windows_nt:4.0:sp1:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp1:workstation cpe:/o:microsoft:windows_nt:4.0:sp2:server cpe:/o:microsoft:windows_nt:4.0:sp2:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp2:workstation cpe:/o:microsoft:windows_nt:4.0:sp3:server cpe:/o:microsoft:windows_nt:4.0:sp3:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp3:workstation cpe:/o:microsoft:windows_nt:4.0:sp4:server cpe:/o:microsoft:windows_nt:4.0:sp4:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp4:workstation cpe:/o:microsoft:windows_nt:4.0:sp5:server cpe:/o:microsoft:windows_nt:4.0:sp5:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp5:workstation cpe:/o:microsoft:windows_nt:4.0:sp6:server cpe:/o:microsoft:windows_nt:4.0:sp6:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6:workstation cpe:/o:microsoft:windows_nt:4.0:sp6a:server cpe:/o:microsoft:windows_nt:4.0:sp6a:workstation cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_xp::sp1:home CVE-2003-0818 2004-03-03T00:00:00.000-05:00 2019-04-30T10:27:13.710-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20040210 EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption BUGTRAQ 20040210 EEYE: Microsoft ASN.1 Library Bit String Heap Corruption NTBUGTRAQ 20040210 EEYE: Microsoft ASN.1 Library Length Overflow Heap Corruption NTBUGTRAQ 20040210 EEYE: Microsoft ASN.1 Library Bit String Heap Corruption CERT-VN VU#216324 CERT-VN VU#583108 CERT TA04-041A MS MS04-007 Multiple integer overflows in Microsoft ASN.1 library (MSASN1.DLL), as used in LSASS.EXE, CRYPT32.DLL, and other Microsoft executables and libraries on Windows NT 4.0, 2000, and XP, allow remote attackers to execute arbitrary code via ASN.1 BER encodings with (1) very large length fields that cause arbitrary heap data to be overwritten, or (2) modified bit strings. cpe:/a:microsoft:proxy_server:2.0 cpe:/a:microsoft:proxy_server:2.0:sp1 CVE-2003-0819 2004-02-17T00:00:00.000-05:00 2018-10-12T17:33:24.757-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CERT CA-2004-01 CERT-VN VU#749342 BID 9406 BID 9408 SECTRACK 1008698 MISC http://www.uniras.gov.uk/vuls/2004/006489/h323.htm MS MS04-001 Buffer overflow in the H.323 filter of Microsoft Internet Security and Acceleration Server 2000 allows remote attackers to execute arbitrary code in the Microsoft Firewall Service via certain H.323 traffic, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. cpe:/a:microsoft:word:97 cpe:/a:microsoft:word:97:::ja cpe:/a:microsoft:word:97:::ko cpe:/a:microsoft:word:97:::zh cpe:/a:microsoft:word:97:sr1 cpe:/a:microsoft:word:97:sr2 cpe:/a:microsoft:word:98 cpe:/a:microsoft:word:98:::ja cpe:/a:microsoft:word:98:::ko cpe:/a:microsoft:word:98:::zh cpe:/a:microsoft:word:98:sr1::ja cpe:/a:microsoft:word:98:sr2::ja cpe:/a:microsoft:word:2000 cpe:/a:microsoft:word:2000:::ja cpe:/a:microsoft:word:2000:::ko cpe:/a:microsoft:word:2000:::zh cpe:/a:microsoft:word:2000:sp2 cpe:/a:microsoft:word:2000:sp3 cpe:/a:microsoft:word:2000:sr1 cpe:/a:microsoft:word:2000:sr1a cpe:/a:microsoft:word:2002 cpe:/a:microsoft:word:2002:sp1 cpe:/a:microsoft:word:2002:sp2 cpe:/a:microsoft:works:2001 cpe:/a:microsoft:works:2002 cpe:/a:microsoft:works:2003 cpe:/a:microsoft:works:2004 CVE-2003-0820 2003-12-15T00:00:00.000-05:00 2018-10-12T17:33:25.557-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20031015 Few issues previously unpublished in English MISC http://www.security.nnov.ru/search/document.asp?docid=5243 BID 8835 MS MS03-050 XF word-macro-execute-code(13682) Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute arbitrary code via a buffer overflow attack. cpe:/a:microsoft:word:97 cpe:/a:microsoft:word:97:::ja cpe:/a:microsoft:word:97:::ko cpe:/a:microsoft:word:97:::zh cpe:/a:microsoft:word:97:sr1 cpe:/a:microsoft:word:97:sr2 cpe:/a:microsoft:word:98 cpe:/a:microsoft:word:98:::ja cpe:/a:microsoft:word:98:::ko cpe:/a:microsoft:word:98:::zh cpe:/a:microsoft:word:98:sr1::ja cpe:/a:microsoft:word:98:sr2::ja cpe:/a:microsoft:word:2000 cpe:/a:microsoft:word:2000:::ja cpe:/a:microsoft:word:2000:::ko cpe:/a:microsoft:word:2000:::zh cpe:/a:microsoft:word:2000:sp2 cpe:/a:microsoft:word:2000:sp3 cpe:/a:microsoft:word:2000:sr1 cpe:/a:microsoft:word:2000:sr1a cpe:/a:microsoft:word:2002 cpe:/a:microsoft:word:2002:sp1 cpe:/a:microsoft:word:2002:sp2 cpe:/a:microsoft:works:2001 cpe:/a:microsoft:works:2002 cpe:/a:microsoft:works:2003 cpe:/a:microsoft:works:2004 CVE-2003-0821 2003-12-15T00:00:00.000-05:00 2018-10-12T17:33:26.757-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BID 9010 MS MS03-050 XF excel-macro-execute-code(13681) Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model. cpe:/a:microsoft:frontpage_server_extensions:2000 cpe:/a:microsoft:frontpage_server_extensions:2002 cpe:/a:microsoft:sharepoint_team_services:2002 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_xp::sp1:home CVE-2003-0822 2003-12-15T00:00:00.000-05:00 2019-04-30T10:27:12.397-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20031112 Frontpage Extensions Remote Command Execution NTBUGTRAQ 20031112 Frontpage Extensions Remote Command Execution CERT-VN VU#279156 MS MS03-051 XF fpse-debug-bo(13674) Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request. cpe:/a:microsoft:ie:5.0.1 cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.5:sp1 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:6.0:sp1 CVE-2003-0823 2004-02-03T00:00:00.000-05:00 2018-10-12T17:33:29.133-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030910 MSIE->HijackClick: 1+1=2 CERT-VN VU#413886 BUGTRAQ 20030911 LiuDieYu's missing files are here. SECTRACK 1006036 MS MS03-048 Internet Explorer 6 SP1 and earlier allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by calling the window.moveBy method, aka HijackClick, a different vulnerability than CVE-2003-1027. cpe:/a:microsoft:frontpage_server_extensions:2000 cpe:/a:microsoft:frontpage_server_extensions:2002 cpe:/a:microsoft:sharepoint_team_services:2002 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_xp::sp1:home CVE-2003-0824 2003-12-15T00:00:00.000-05:00 2019-04-30T10:27:12.397-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CERT-VN VU#179012 MS MS03-051 XF fpse-smarthtml-dos(13680) Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain request. cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2000::sp1 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 cpe:/o:microsoft:windows_2000::sp4 cpe:/o:microsoft:windows_2003_server::r2:x64 cpe:/o:microsoft:windows_2003_server:enterprise::64-bit cpe:/o:microsoft:windows_2003_server:enterprise_64-bit cpe:/o:microsoft:windows_2003_server:r2::datacenter_64-bit cpe:/o:microsoft:windows_2003_server:standard::64-bit cpe:/o:microsoft:windows_2003_server:web cpe:/o:microsoft:windows_nt:4.0::enterprise_server cpe:/o:microsoft:windows_nt:4.0::server cpe:/o:microsoft:windows_nt:4.0::terminal_server cpe:/o:microsoft:windows_nt:4.0:sp1:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp1:server cpe:/o:microsoft:windows_nt:4.0:sp1:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp2:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp2:server cpe:/o:microsoft:windows_nt:4.0:sp2:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp3:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp3:server cpe:/o:microsoft:windows_nt:4.0:sp3:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp4:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp4:server cpe:/o:microsoft:windows_nt:4.0:sp4:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp5:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp5:server cpe:/o:microsoft:windows_nt:4.0:sp5:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6:server cpe:/o:microsoft:windows_nt:4.0:sp6:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6a:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6a:server CVE-2003-0825 2004-03-03T00:00:00.000-05:00 2019-04-30T10:27:13.913-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CIAC O-077 CERT-VN VU#445214 BID 9624 MS MS04-006 XF win-wins-gsflag-dos(15037) The Windows Internet Naming Service (WINS) for Microsoft Windows Server 2003, and possibly Windows NT and Server 2000, does not properly validate the length of certain packets, which allows attackers to cause a denial of service and possibly execute arbitrary code. cpe:/a:gnu:lsh:1.4 cpe:/a:gnu:lsh:1.4.1 cpe:/a:gnu:lsh:1.4.2 CVE-2003-0826 2003-10-06T00:00:00.000-04:00 2016-10-17T22:37:41.197-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONFIRM http://bugs.debian.org/211662 FULLDISC 20030919 lsh patch (was Re: [Full-Disclosure] new ssh exploit?) CONFIRM http://lists.lysator.liu.se/pipermail/lsh-bugs/2003q3/000120.html BUGTRAQ 20030919 Remote root vuln in lsh 1.4.x BUGTRAQ 20030920 LSH: Buffer overrun and remote root compromise in lshd DEBIAN DSA-717 lsh daemon (lshd) does not properly return from certain functions in (1) read_line.c, (2) channel_commands.c, or (3) client_keyexchange.c when long input is provided, which could allow remote attackers to execute arbitrary code via a heap-based buffer overflow attack. cpe:/a:ibm:db2_universal_database:7.1::linux cpe:/a:ibm:db2_universal_database:7.2::linux CVE-2003-0827 2003-10-06T00:00:00.000-04:00 2016-10-17T22:37:42.433-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030919 AppSecInc Security Alert: Denial of Service Vulnerability in DB2 Discovery Service AIXAPAR IY47686 The DB2 Discovery Service for IBM DB2 before FixPak 10a allows remote attackers to cause a denial of service (crash) via a long packet to UDP port 523. cpe:/a:gus_and_psilord:freesweep:0.88 cpe:/a:gus_and_psilord:freesweep:0.90 CVE-2003-0828 2004-03-29T00:00:00.000-05:00 2017-07-10T21:29:37.180-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS DEBIAN DSA-391 BID 8716 XF freesweep-bo(13301) Buffer overflow in freesweep in Debian GNU/Linux 3.0 allows local users to gain "games" group privileges when processing environment variables. cpe:/a:marbles:marbles:1.0.1 CVE-2003-0830 2003-11-17T00:00:00.000-05:00 2008-09-10T15:20:35.757-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS DEBIAN DSA-390 Buffer overflow in marbles 1.0.2 and earlier allows local users to gain privileges via a long HOME environment variable. cpe:/a:proftpd_project:proftpd:1.2.7 cpe:/a:proftpd_project:proftpd:1.2.7_rc1 cpe:/a:proftpd_project:proftpd:1.2.7_rc2 cpe:/a:proftpd_project:proftpd:1.2.7_rc3 cpe:/a:proftpd_project:proftpd:1.2.8 cpe:/a:proftpd_project:proftpd:1.2.8_rc1 cpe:/a:proftpd_project:proftpd:1.2.8_rc2 cpe:/a:proftpd_project:proftpd:1.2.9_rc1 cpe:/a:proftpd_project:proftpd:1.2.9_rc2 CVE-2003-0831 2003-11-17T00:00:00.000-05:00 2017-10-04T21:29:00.417-04:00 9.0 NETWORK LOW SINGLE_INSTANCE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS FULLDISC 20031014 Another ProFTPd root EXPLOIT ? BUGTRAQ 20030924 [slackware-security] ProFTPD Security Advisory (SSA:2003-259-02) BUGTRAQ 20031013 Remote root exploit for proftpd \n bug CERT-VN VU#405348 MANDRAKE MDKSA-2003:095 ISS 20030923 ProFTPD ASCII File Remote Compromise Vulnerability XF proftpd-ascii-xfer-newline-bo(12200) EXPLOIT-DB 107 ProFTPD 1.2.7 through 1.2.9rc2 does not properly translate newline characters when transferring files in ASCII mode, which allows remote attackers to execute arbitrary code via a buffer overflow using certain files. cpe:/a:webfs:webfs:1.17 cpe:/a:webfs:webfs:1.18 cpe:/a:webfs:webfs:1.19 cpe:/a:webfs:webfs:1.20 CVE-2003-0832 2003-11-17T00:00:00.000-05:00 2008-09-10T15:20:35.897-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 DEBIAN DSA-392 Directory traversal vulnerability in webfs before 1.20 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a Hostname header. cpe:/a:webfs:webfs:1.17 cpe:/a:webfs:webfs:1.18 cpe:/a:webfs:webfs:1.19 cpe:/a:webfs:webfs:1.20 CVE-2003-0833 2003-11-17T00:00:00.000-05:00 2008-09-10T15:20:35.993-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS DEBIAN DSA-392 Stack-based buffer overflow in webfs before 1.20 allows attackers to execute arbitrary code by creating directories that result in a long pathname. cpe:/o:sco:open_unix:8.0 cpe:/o:sco:unixware:7.1.1 cpe:/o:sco:unixware:7.1.3 CVE-2003-0834 2003-12-01T00:00:00.000-05:00 2018-05-02T21:29:22.803-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SGI 20040801-01-P HP HPSBUX0311-297 SUNALERT 57414 IDEFENSE 20040825 CDE libDtHelp LOGNAME Buffer Overflow Vulnerability CERT-VN VU#575804 BID 8973 Buffer overflow in CDE libDtHelp library allows local users to execute arbitrary code via (1) a modified DTHELPUSERSEARCHPATH environment variable and the Help feature, (2) DTSEARCHPATH, or (3) LOGNAME. cpe:/a:mplayer:mplayer:0.90 cpe:/a:mplayer:mplayer:0.90_pre cpe:/a:mplayer:mplayer:0.90_rc cpe:/a:mplayer:mplayer:0.90_rc4 cpe:/a:mplayer:mplayer:0.91 cpe:/a:mplayer:mplayer:1.0_pre1 CVE-2003-0835 2003-11-17T00:00:00.000-05:00 2016-10-17T22:37:44.853-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONECTIVA CLA-2003:760 BUGTRAQ 20030925 MPlayer Security Advisory #01: Remotely exploitable buffer overflow BUGTRAQ 20030926 Mplayer Buffer Overflow BUGTRAQ 20030929 GLSA: media-video/mplayer (200309-15) CONFIRM http://www.mplayerhq.hu/homepage/design6/news.html Multiple buffer overflows in asf_http_request of MPlayer before 0.92 allows remote attackers to execute arbitrary code via an ASX header with a long hostname. cpe:/a:ibm:db2_universal_database:7.2::linux cpe:/a:ibm:db2_universal_database:8.1::aix CVE-2003-0836 2003-11-17T00:00:00.000-05:00 2008-09-10T15:20:37.647-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 before Fixpak 10 and 10a, and 8.1 before Fixpak 2, allows attackers with "Connect" privileges to execute arbitrary code via a LOAD command. cpe:/a:ibm:db2_universal_database:7.2::linux CVE-2003-0837 2003-11-17T00:00:00.000-05:00 2017-07-10T21:29:37.307-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20031001 ptl-2003-02: IBM DB2 INVOKE Command Stack Overflow Vulnerability BID 8743 XF db2-invoke-bo(13331) Stack-based buffer overflow in IBM DB2 Universal Data Base 7.2 for Windows, before Fixpak 10a, allows attackers with "Connect" privileges to execute arbitrary code via the INVOKE command. cpe:/a:microsoft:ie:5.0.1 cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.5:sp1 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:6.0:sp1 CVE-2003-0838 2003-11-17T00:00:00.000-05:00 2018-10-12T17:33:33.447-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS FULLDISC 20030907 BAD NEWS: Microsoft Security Bulletin MS03-032 BUGTRAQ 20030907 BAD NEWS: Microsoft Security Bulletin MS03-032 BUGTRAQ 20030908 Temporary Fix for IE Zero Day Malware RE: BAD NEWS: Microsoft Security Bulletin MS03-032 NTBUGTRAQ 20030907 BAD NEWS: Microsoft Security Bulletin MS03-032 MISC http://securityresponse.symantec.com/avcenter/venc/data/trojan.qhosts.html NTBUGTRAQ 20031001 DNS/Hosts file issues BID 8556 MS MS03-040 XF ie-popup-code-execution(13314) Internet Explorer allows remote attackers to bypass zone restrictions to inject and execute arbitrary programs by creating a popup window and inserting ActiveX object code with a "data" tag pointing to the malicious code, which Internet Explorer treats as HTML or Javascript, but later executes as an HTA application, a different vulnerability than CVE-2003-0532, and as exploited using the QHosts Trojan horse (aka Trojan.Qhosts, QHosts-1, VBS.QHOSTS, or aolfix.exe). cpe:/o:microsoft:windows_2003_server:r2 CVE-2003-0839 2003-11-17T00:00:00.000-05:00 2016-10-17T22:37:48.793-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20031008 Microsoft Windows Server 2003 "Shell Folders" Directory Traversal Vulnerability MISC http://www.geocities.co.jp/SiliconValley/1667/advisory08e.html Directory traversal vulnerability in the "Shell Folders" capability in Microsoft Windows Server 2003 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a "shell:" link. cpe:/o:hp:hp-ux:11.00 CVE-2003-0840 2003-11-17T00:00:00.000-05:00 2016-10-17T22:37:50.137-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20031008 HPUX dtprintinfo buffer overflow vulnerability Buffer overflow in dtprintinfo on HP-UX 11.00, and possibly other operating systems, allows local users to gain root privileges via a long DISPLAY environment variable. cpe:/a:oracle:peopletools:8.42 CVE-2003-0841 2003-11-17T00:00:00.000-05:00 2019-08-19T11:38:36.060-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2019-08-15T13:42:51.200-04:00 BUGTRAQ 20031007 PeopleSoft Grid Option Vulnerability The grid option in PeopleSoft 8.42 stores temporary .xls files in guessable directories under the web document root, which allows remote attackers to steal search results by directly accessing the files via a URL request. cpe:/a:dag_apt_repository:mod_gzip:1.3.26.1a CVE-2003-0842 2003-11-17T00:00:00.000-05:00 2016-10-17T22:37:52.387-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030601 Mod_gzip Debug Mode Vulnerabilities Stack-based buffer overflow in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode, allows remote attackers to execute arbitrary code via a long filename in a GET request with an "Accept-Encoding: gzip" header. cpe:/a:dag_apt_repository:mod_gzip:1.3.26.1a CVE-2003-0843 2003-11-17T00:00:00.000-05:00 2016-10-17T22:37:53.730-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030601 Mod_gzip Debug Mode Vulnerabilities Format string vulnerability in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode and using the Apache log, allows remote attackers to execute arbitrary code via format string characters in an HTTP GET request with an "Accept-Encoding: gzip" header. cpe:/a:dag_apt_repository:mod_gzip:1.3.26.1a CVE-2003-0844 2003-11-17T00:00:00.000-05:00 2016-10-17T22:37:54.887-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030601 Mod_gzip Debug Mode Vulnerabilities mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode without the Apache log, allows local users to overwrite arbitrary files via (1) a symlink attack on predictable temporary filenames on Unix systems, or (2) an NTFS hard link on Windows systems when the "Strengthen default permissions of internal system objects" policy is not enabled. CVE-2003-0845 2003-11-17T00:00:00.000-05:00 2017-10-10T21:29:15.307-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20031005 JBoss 3.2.1: Remote Command Injection BUGTRAQ 20031006 Update JBoss 308 & 321: Remote Command Injection CONFIRM http://sourceforge.net/docman/display_doc.php?docid=19314&group_id=22866 REDHAT RHSA-2007:1048 BID 8773 Unknown vulnerability in the HSQLDB component in JBoss 3.2.1 and 3.0.8 on Java 1.4.x platforms, when running in the default configuration, allows remote attackers to conduct unauthorized activities and possibly execute arbitrary code via certain SQL statements to (1) TCP port 1701 in JBoss 3.2.1, and (2) port 1476 in JBoss 3.0.8. cpe:/o:suse:suse_linux:7.3::pro CVE-2003-0846 2003-11-17T00:00:00.000-05:00 2016-10-17T22:37:57.373-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20031006 Local root exploit in SuSE Linux 7.3Pro BUGTRAQ 20031006 Re: Local root exploit in SuSE Linux 8.2Pro SuSEconfig.javarunt in the javarunt package on SuSE Linux 7.3Pro allows local users to overwrite arbitrary files via a symlink attack on the .java_wrapper temporary file. cpe:/o:suse:suse_linux:8.2::professional CVE-2003-0847 2003-11-17T00:00:00.000-05:00 2016-10-17T22:37:58.527-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20031006 Local root exploit in SuSE Linux 8.2Pro BUGTRAQ 20031006 Re: Local root exploit in SuSE Linux 8.2Pro SuSEconfig.susewm in the susewm package on SuSE Linux 8.2Pro allows local users to overwrite arbitrary files via a symlink attack on the susewm.$$ temporary file. cpe:/a:slocate:slocate:2.1 cpe:/a:slocate:slocate:2.2 cpe:/a:slocate:slocate:2.3 cpe:/a:slocate:slocate:2.4 cpe:/a:slocate:slocate:2.5 cpe:/a:slocate:slocate:2.6 CVE-2003-0848 2003-11-17T00:00:00.000-05:00 2017-10-10T21:29:15.387-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS SCO CSSA-2004-001.0 SGI 20040201-01-U SGI 20040202-01-U BUGTRAQ 20031006 SA-20031006 slocate vulnerability BUGTRAQ 20031011 SA-20031006 slocate buffer overflow - exploitation proof REDHAT RHSA-2004:040 DEBIAN DSA-428 MISC http://www.ebitech.sk/patrik/SA/SA-20031006.txt MISC http://www.ebitech.sk/patrik/SA/SA-20031006-A.txt MANDRAKE MDKSA-2004:004 FEDORA FEDORA-2004-059 REDHAT RHSA-2004:041 TRUSTIX 2004-0005 Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative "pathlen" value to be used. cpe:/a:gnu:cfengine:2.0.0 cpe:/a:gnu:cfengine:2.0.1 cpe:/a:gnu:cfengine:2.0.2 cpe:/a:gnu:cfengine:2.0.3 cpe:/a:gnu:cfengine:2.0.4 cpe:/a:gnu:cfengine:2.0.5 cpe:/a:gnu:cfengine:2.0.5:b1 cpe:/a:gnu:cfengine:2.0.5:pre cpe:/a:gnu:cfengine:2.0.5:pre2 cpe:/a:gnu:cfengine:2.0.6 cpe:/a:gnu:cfengine:2.0.7 cpe:/a:gnu:cfengine:2.0.7:p1 cpe:/a:gnu:cfengine:2.0.7:p2 cpe:/a:gnu:cfengine:2.0.7:p3 cpe:/a:gnu:cfengine:2.1.0:a6 cpe:/a:gnu:cfengine:2.1.0:a8 cpe:/a:gnu:cfengine:2.1.0:a9 CVE-2003-0849 2003-11-17T00:00:00.000-05:00 2016-10-17T22:38:00.937-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030925 Cfengine2 cfservd remote stack overflow BUGTRAQ 20030928 cfengine2-2.0.3 remote exploit for redhat BUGTRAQ 20031005 GLSA: cfengine (200310-02) Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote attackers to execute arbitrary code via certain packets with modified length values, which is trusted by the ReceiveTransaction function when using a buffer provided by the BusyWithConnection function. cpe:/a:dug_song:dsniff:2.3 cpe:/a:rafal_wojtczuk:libnids:1.11 cpe:/a:rafal_wojtczuk:libnids:1.12 cpe:/a:rafal_wojtczuk:libnids:1.13 cpe:/a:rafal_wojtczuk:libnids:1.14 cpe:/a:rafal_wojtczuk:libnids:1.16 cpe:/a:rafal_wojtczuk:libnids:1.17 CVE-2003-0850 2003-11-17T00:00:00.000-05:00 2016-10-17T22:38:02.280-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONECTIVA CLA-2003:773 BUGTRAQ 20031027 Libnids <= 1.17 buffer overflow CONFIRM http://sourceforge.net/project/shownotes.php?release_id=191323 DEBIAN DSA-410 The TCP reassembly functionality in libnids before 1.18 allows remote attackers to cause "memory corruption" and possibly execute arbitrary code via "overlarge TCP packets." cpe:/a:cisco:css11000_content_services_switch cpe:/a:cisco:pix_firewall:6.2.2_.111 cpe:/a:openssl:openssl:0.9.6 cpe:/a:openssl:openssl:0.9.6a cpe:/a:openssl:openssl:0.9.6b cpe:/a:openssl:openssl:0.9.6c cpe:/a:openssl:openssl:0.9.6d cpe:/a:openssl:openssl:0.9.6e cpe:/a:openssl:openssl:0.9.6f cpe:/a:openssl:openssl:0.9.6g cpe:/a:openssl:openssl:0.9.6h cpe:/a:openssl:openssl:0.9.6i cpe:/a:openssl:openssl:0.9.6j cpe:/a:openssl:openssl:0.9.6k cpe:/a:openssl:openssl:0.9.7 cpe:/a:openssl:openssl:0.9.7a cpe:/a:openssl:openssl:0.9.7b cpe:/o:cisco:ios:12.1%2811%29e cpe:/o:cisco:ios:12.1%2811b%29e cpe:/o:cisco:ios:12.2sx cpe:/o:cisco:ios:12.2sy cpe:/o:cisco:pix_firewall_software:6.0 cpe:/o:cisco:pix_firewall_software:6.0%281%29 cpe:/o:cisco:pix_firewall_software:6.0%282%29 cpe:/o:cisco:pix_firewall_software:6.0%283%29 cpe:/o:cisco:pix_firewall_software:6.0%284%29 cpe:/o:cisco:pix_firewall_software:6.0%284.101%29 cpe:/o:cisco:pix_firewall_software:6.1 cpe:/o:cisco:pix_firewall_software:6.1%281%29 cpe:/o:cisco:pix_firewall_software:6.1%282%29 cpe:/o:cisco:pix_firewall_software:6.1%283%29 cpe:/o:cisco:pix_firewall_software:6.1%284%29 cpe:/o:cisco:pix_firewall_software:6.1%285%29 cpe:/o:cisco:pix_firewall_software:6.2 cpe:/o:cisco:pix_firewall_software:6.2%281%29 cpe:/o:cisco:pix_firewall_software:6.2%282%29 cpe:/o:cisco:pix_firewall_software:6.2%283%29 cpe:/o:cisco:pix_firewall_software:6.3%281%29 cpe:/o:cisco:pix_firewall_software:6.3%283.102%29 CVE-2003-0851 2003-12-01T00:00:00.000-05:00 2018-10-30T12:26:18.123-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov NETBSD NetBSD-SA2004-003 SGI 20040304-01-U BUGTRAQ 20031104 [OpenSSL Advisory] Denial of Service in ASN.1 parsing BUGTRAQ 20040508 [FLSA-2004:1395] Updated OpenSSL resolves security vulnerability REDHAT RHSA-2004:119 CISCO 20030930 SSL Implementation Vulnerabilities CERT-VN VU#412478 CONFIRM http://www.openssl.org/news/secadv_20031104.txt FEDORA FEDORA-2005-1042 BID 8970 OpenSSL 0.9.6k allows remote attackers to cause a denial of service (crash via large recursion) via malformed ASN.1 sequences. cpe:/a:sylpheed:sylpheed:0.9.4 cpe:/a:sylpheed:sylpheed:0.9.5 cpe:/a:sylpheed:sylpheed:0.9.6 cpe:/a:sylpheed-claws:sylpheed-claws:0.9.4 cpe:/a:sylpheed-claws:sylpheed-claws:0.9.5 cpe:/a:sylpheed-claws:sylpheed-claws:0.9.6 CVE-2003-0852 2003-11-17T00:00:00.000-05:00 2017-07-10T21:29:37.430-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov FULLDISC 20031022 Sylpheed-claws format string bug, yet still sylpheed much better than windows CONFIRM http://sylpheed.good-day.net/#changes MISC http://www.guninski.com/sylph.html BID 8877 XF sylpheed-smtp-format-string(13508) Format string vulnerability in send_message.c for Sylpheed-claws 0.9.4 through 0.9.6 allows remote SMTP servers to cause a denial of service (crash) in sylpheed via format strings in an error message. cpe:/a:gnu:fileutils:4.0 cpe:/a:gnu:fileutils:4.0.36 cpe:/a:gnu:fileutils:4.1 cpe:/a:gnu:fileutils:4.1.6 cpe:/a:gnu:fileutils:4.1.7 cpe:/a:washington_university:wu-ftpd:2.4.1 cpe:/a:washington_university:wu-ftpd:2.4.2_beta2::academ cpe:/a:washington_university:wu-ftpd:2.4.2_beta18::academ cpe:/a:washington_university:wu-ftpd:2.4.2_beta18_vr4 cpe:/a:washington_university:wu-ftpd:2.4.2_beta18_vr5 cpe:/a:washington_university:wu-ftpd:2.4.2_beta18_vr6 cpe:/a:washington_university:wu-ftpd:2.4.2_beta18_vr7 cpe:/a:washington_university:wu-ftpd:2.4.2_beta18_vr8 cpe:/a:washington_university:wu-ftpd:2.4.2_beta18_vr9 cpe:/a:washington_university:wu-ftpd:2.4.2_beta18_vr10 cpe:/a:washington_university:wu-ftpd:2.4.2_beta18_vr11 cpe:/a:washington_university:wu-ftpd:2.4.2_beta18_vr12 cpe:/a:washington_university:wu-ftpd:2.4.2_beta18_vr13 cpe:/a:washington_university:wu-ftpd:2.4.2_beta18_vr14 cpe:/a:washington_university:wu-ftpd:2.4.2_beta18_vr15 cpe:/a:washington_university:wu-ftpd:2.4.2_vr16 cpe:/a:washington_university:wu-ftpd:2.4.2_vr17 cpe:/a:washington_university:wu-ftpd:2.5.0 cpe:/a:washington_university:wu-ftpd:2.6.0 cpe:/a:washington_university:wu-ftpd:2.6.1 cpe:/a:washington_university:wu-ftpd:2.6.2 CVE-2003-0853 2003-11-17T00:00:00.000-05:00 2008-09-10T15:20:44.070-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CONECTIVA CLA-2003:768 CONECTIVA CLA-2003:771 FULLDISC 20031022 Fun with /bin/ls, yet still ls better than windows CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf MISC http://www.guninski.com/binls.html MANDRAKE MDKSA-2003:106 REDHAT RHSA-2003:309 REDHAT RHSA-2003:310 IMMUNIX IMNX-2003-7+-026-01 BID 8875 TURBO TLSA-2003-60 An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd. cpe:/a:gnu:fileutils:4.0 cpe:/a:gnu:fileutils:4.0.36 cpe:/a:gnu:fileutils:4.1 cpe:/a:gnu:fileutils:4.1.6 cpe:/a:gnu:fileutils:4.1.7 cpe:/a:washington_university:wu-ftpd:2.4.1 cpe:/a:washington_university:wu-ftpd:2.4.2_beta2::academ cpe:/a:washington_university:wu-ftpd:2.4.2_beta18::academ cpe:/a:washington_university:wu-ftpd:2.4.2_beta18_vr4 cpe:/a:washington_university:wu-ftpd:2.4.2_beta18_vr5 cpe:/a:washington_university:wu-ftpd:2.4.2_beta18_vr6 cpe:/a:washington_university:wu-ftpd:2.4.2_beta18_vr7 cpe:/a:washington_university:wu-ftpd:2.4.2_beta18_vr8 cpe:/a:washington_university:wu-ftpd:2.4.2_beta18_vr9 cpe:/a:washington_university:wu-ftpd:2.4.2_beta18_vr10 cpe:/a:washington_university:wu-ftpd:2.4.2_beta18_vr11 cpe:/a:washington_university:wu-ftpd:2.4.2_beta18_vr12 cpe:/a:washington_university:wu-ftpd:2.4.2_beta18_vr13 cpe:/a:washington_university:wu-ftpd:2.4.2_beta18_vr14 cpe:/a:washington_university:wu-ftpd:2.4.2_beta18_vr15 cpe:/a:washington_university:wu-ftpd:2.4.2_vr16 cpe:/a:washington_university:wu-ftpd:2.4.2_vr17 cpe:/a:washington_university:wu-ftpd:2.5.0 cpe:/a:washington_university:wu-ftpd:2.6.0 cpe:/a:washington_university:wu-ftpd:2.6.1 cpe:/a:washington_university:wu-ftpd:2.6.2 CVE-2003-0854 2003-11-17T00:00:00.000-05:00 2017-10-10T21:29:15.467-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONECTIVA CLA-2003:768 CONECTIVA CLA-2003:771 FULLDISC 20031022 Fun with /bin/ls, yet still ls better than windows CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2005-213.pdf DEBIAN DSA-705 MISC http://www.guninski.com/binls.html MANDRAKE MDKSA-2003:106 REDHAT RHSA-2003:309 REDHAT RHSA-2003:310 IMMUNIX IMNX-2003-7+-026-01 TURBO TLSA-2003-60 EXPLOIT-DB 115 ls in the fileutils or coreutils packages allows local users to consume a large amount of memory via a large -w value, which can be remotely exploited via applications that use ls, such as wu-ftpd. cpe:/a:charles_kerr:pan:0.13.3 CVE-2003-0855 2003-11-03T00:00:00.000-05:00 2008-09-05T16:35:26.593-04:00 7.8 NETWORK LOW NONE NONE NONE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 SGI 20040202-01-U CONFIRM http://bugzilla.gnome.org/show_bug.cgi?id=107025 CONFIRM http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=107519 REDHAT RHSA-2003:311 REDHAT RHSA-2003:312 Pan 0.13.3 and earlier allows remote attackers to cause a denial of service (crash) via a news post with a long author email address. cpe:/a:stephen_hemminger:iproute:2.4.7 CVE-2003-0856 2003-12-15T00:00:00.000-05:00 2017-10-10T21:29:15.527-04:00 4.9 LOCAL LOW NONE NONE NONE COMPLETE http://nvd.nist.gov DEBIAN DSA-492 SUSE SUSE-SR:2005:001 FEDORA FEDORA-2004-115 REDHAT RHSA-2003:316 REDHAT RHSA-2003:317 iproute 2.4.7 and earlier allows local users to cause a denial of service via spoofed messages as other users to the kernel netlink interface. cpe:/o:redhat:enterprise_linux:2.1 cpe:/o:redhat:enterprise_linux:3.0 CVE-2003-0857 2003-12-31T00:00:00.000-05:00 2008-09-05T16:35:26.953-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-11-29T11:57:00.000-05:00 CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=108574 The (1) ipq_read and (2) ipulog_read functions in iptables allow local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface. cpe:/a:gnu:zebra:0.91 cpe:/a:quagga:quagga_routing_software_suite:0.95 CVE-2003-0858 2003-12-15T00:00:00.000-05:00 2017-10-10T21:29:15.590-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov DEBIAN DSA-415 REDHAT RHSA-2003:305 REDHAT RHSA-2003:307 REDHAT RHSA-2003:315 Zebra 0.93b and earlier, and quagga before 0.95, allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface. cpe:/a:gnu:glibc:2.3.2 cpe:/a:gnu:zebra:0.91a cpe:/a:gnu:zebra:0.92a cpe:/a:gnu:zebra:0.93a cpe:/a:gnu:zebra:0.93b cpe:/a:quagga:quagga_routing_software_suite:0.96.2 cpe:/a:sgi:propack:2.2.1 cpe:/a:sgi:propack:2.3 cpe:/h:intel:ia64 cpe:/o:redhat:enterprise_linux:2.1::advanced_server cpe:/o:redhat:enterprise_linux:2.1::advanced_server_ia64 cpe:/o:redhat:enterprise_linux:2.1::enterprise_server cpe:/o:redhat:enterprise_linux:2.1::enterprise_server_ia64 cpe:/o:redhat:enterprise_linux:2.1::workstation cpe:/o:redhat:enterprise_linux:2.1::workstation_ia64 cpe:/o:redhat:enterprise_linux:3.0::advanced_servers cpe:/o:redhat:enterprise_linux:3.0::enterprise_server cpe:/o:redhat:linux_advanced_workstation:2.1::itanium_processor CVE-2003-0859 2003-12-15T00:00:00.000-05:00 2017-10-10T21:29:15.667-04:00 4.9 LOCAL LOW NONE NONE NONE COMPLETE http://nvd.nist.gov REDHAT RHSA-2003:325 REDHAT RHSA-2003:334 The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface. cpe:/a:php:php:4.0 cpe:/a:php:php:4.0.1 cpe:/a:php:php:4.0.1:patch1 cpe:/a:php:php:4.0.1:patch2 cpe:/a:php:php:4.0.2 cpe:/a:php:php:4.0.3 cpe:/a:php:php:4.0.3:patch1 cpe:/a:php:php:4.0.4 cpe:/a:php:php:4.0.5 cpe:/a:php:php:4.0.6 cpe:/a:php:php:4.0.7 cpe:/a:php:php:4.0.7:rc1 cpe:/a:php:php:4.0.7:rc2 cpe:/a:php:php:4.0.7:rc3 cpe:/a:php:php:4.1.0 cpe:/a:php:php:4.1.1 cpe:/a:php:php:4.1.2 cpe:/a:php:php:4.2::dev cpe:/a:php:php:4.2.0 cpe:/a:php:php:4.2.1 cpe:/a:php:php:4.2.2 cpe:/a:php:php:4.2.3 cpe:/a:php:php:4.3.0 cpe:/a:php:php:4.3.1 cpe:/a:php:php:4.3.2 CVE-2003-0860 2003-11-17T00:00:00.000-05:00 2018-10-30T12:25:35.387-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CONFIRM http://www.php.net/ChangeLog-4.php#4.3.3 CONFIRM http://www.php.net/release_4_3_3.php Buffer overflows in PHP before 4.3.3 have unknown impact and unknown attack vectors. cpe:/a:php:php:4.0 cpe:/a:php:php:4.0.1 cpe:/a:php:php:4.0.1:patch1 cpe:/a:php:php:4.0.1:patch2 cpe:/a:php:php:4.0.2 cpe:/a:php:php:4.0.3 cpe:/a:php:php:4.0.3:patch1 cpe:/a:php:php:4.0.4 cpe:/a:php:php:4.0.5 cpe:/a:php:php:4.0.6 cpe:/a:php:php:4.0.7 cpe:/a:php:php:4.0.7:rc1 cpe:/a:php:php:4.0.7:rc2 cpe:/a:php:php:4.0.7:rc3 cpe:/a:php:php:4.1.0 cpe:/a:php:php:4.1.1 cpe:/a:php:php:4.1.2 cpe:/a:php:php:4.2::dev cpe:/a:php:php:4.2.0 cpe:/a:php:php:4.2.1 cpe:/a:php:php:4.2.2 cpe:/a:php:php:4.2.3 cpe:/a:php:php:4.3.0 cpe:/a:php:php:4.3.1 cpe:/a:php:php:4.3.2 CVE-2003-0861 2003-11-17T00:00:00.000-05:00 2018-10-30T12:25:35.387-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CONFIRM http://www.php.net/ChangeLog-4.php#4.3.3 CONFIRM http://www.php.net/release_4_3_3.php Integer overflows in (1) base64_encode and (2) the GD library for PHP before 4.3.3 have unknown impact and unknown attack vectors. CVE-2003-0862 2003-11-17T00:00:00.000-05:00 2008-09-10T15:20:46.647-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0813. Reason: This candidate is a duplicate of CVE-2003-0813. Notes: All CVE users should reference CVE-2003-0813 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. cpe:/a:php:php:4.3.0 cpe:/a:php:php:4.3.1 cpe:/a:php:php:4.3.2 CVE-2003-0863 2003-11-17T00:00:00.000-05:00 2018-10-30T12:25:35.387-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030716 PHP safe mode broken? The php_check_safe_mode_include_dir function in fopen_wrappers.c of PHP 4.3.x returns a success value (0) when the safe_mode_include_dir variable is not specified in configuration, which differs from the previous failure value and may allow remote attackers to exploit file include vulnerabilities in PHP applications. cpe:/a:ircnet:ircnet_ircd:2.10 cpe:/a:ircnet:ircnet_ircd:2.10.3_p3 CVE-2003-0864 2003-11-17T00:00:00.000-05:00 2017-07-10T21:29:37.493-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONFIRM ftp://ftp.irc.org/irc/server/ChangeLog CONECTIVA CLA-2003:765 BUGTRAQ 20031012 buffer overflow in IRCD software BUGTRAQ 20031019 [OpenPKG-SA-2003.045] OpenPKG Security Advisory (ircd) BID 8817 XF ircd-mjoin-bo(13408) Buffer overflow in m_join in channel.c for IRCnet IRCD 2.10.x to 2.10.3p3 allows remote attackers to cause a denial of service. cpe:/a:mpg123:mpg123:0.59r cpe:/a:mpg123:mpg123:0.59s CVE-2003-0865 2003-11-17T00:00:00.000-05:00 2016-10-17T22:38:07.217-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS SCO CSSA-2004-002.0 CONECTIVA CLA-2003:781 BUGTRAQ 20030930 GLSA: mpg123 (200309-17) DEBIAN DSA-435 BUGTRAQ 20030923 mpg123[v0.59r,v0.59s]: remote client-side heap corruption exploit. BID 8680 Heap-based buffer overflow in readstring of httpget.c for mpg123 0.59r and 0.59s allows remote attackers to execute arbitrary code via a long request. cpe:/a:apache:tomcat:4.0.0 cpe:/a:apache:tomcat:4.0.1 cpe:/a:apache:tomcat:4.0.2 cpe:/a:apache:tomcat:4.0.3 cpe:/a:apache:tomcat:4.0.4 cpe:/a:apache:tomcat:4.0.5 cpe:/a:apache:tomcat:4.0.6 CVE-2003-0866 2003-11-17T00:00:00.000-05:00 2019-03-25T07:29:02.783-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=215506 SUNALERT 239312 CONFIRM http://tomcat.apache.org/security-4.html DEBIAN DSA-395 BID 8824 VUPEN ADV-2008-1979 XF tomcat-non-http-dos(13429) MLIST [tomcat-dev] 20190319 svn commit: r1855831 [21/30] - in /tomcat/site/trunk: ./ docs/ xdocs/ MLIST [tomcat-dev] 20190325 svn commit: r1856174 [19/29] - in /tomcat/site/trunk: docs/ xdocs/ xdocs/stylesheets/ The Catalina org.apache.catalina.connector.http package in Tomcat 4.0.x up to 4.0.3 allows remote attackers to cause a denial of service via several requests that do not follow the HTTP protocol, which causes Tomcat to reject later requests. CVE-2003-0867 2003-11-17T00:00:00.000-05:00 2008-09-10T15:20:48.243-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0662. Reason: This candidate is a duplicate of CVE-2003-0662. Notes: All CVE users should reference CVE-2003-0662 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. CVE-2003-0868 2017-05-11T10:29:01.087-04:00 2017-05-11T10:29:01.087-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. CVE-2003-0869 2017-05-11T10:29:01.103-04:00 2017-05-11T10:29:01.120-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. cpe:/a:opera_software:opera_web_browser:7.11 cpe:/a:opera_software:opera_web_browser:7.20 CVE-2003-0870 2003-11-17T00:00:00.000-05:00 2017-07-10T21:29:37.620-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS VULNWATCH 20031020 Opera HREF escaped server name overflow ATSTAKE A102003-1 BID 8853 XF opera-escape-heap-overflow(13458) Heap-based buffer overflow in Opera 7.11 and 7.20 allows remote attackers to execute arbitrary code via an HREF with a large number of escaped characters in the server name. cpe:/o:apple:mac_os_x:10.3 cpe:/o:apple:mac_os_x_server:10.3 CVE-2003-0871 2003-11-03T00:00:00.000-05:00 2008-09-10T15:20:48.383-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS APPLE APPLE-SA-2003-10-28 BID 8922 Unknown vulnerability in QuickTime Java in Mac OS X v10.3 and Mac OS X Server 10.3 allows attackers to gain "unauthorized access to a system." cpe:/o:sco:openserver:5.0.5 CVE-2003-0872 2003-11-17T00:00:00.000-05:00 2008-09-05T16:35:29.047-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 SCO CSSA-2003-SCO.27 BID 8864 Certain scripts in OpenServer before 5.0.6 allow local users to overwrite files and conduct other unauthorized activities via a symlink attack on temporary files. CVE-2003-0873 2017-05-11T10:29:01.137-04:00 2017-05-11T10:29:01.137-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. cpe:/a:deskpro:deskpro:1.1_.0 CVE-2003-0874 2003-11-17T00:00:00.000-05:00 2017-07-10T21:29:37.680-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov VULNWATCH 20031020 Multiple SQL Injection Vulnerabilities in DeskPRO BUGTRAQ 20031020 Multiple SQL Injection Vulnerabilities in DeskPRO MISC http://www.securiteam.com/unixfocus/6R0052K8KM.html BID 8856 XF deskpro-multiple-sql-injection(13391) Multiple SQL injection vulnerabilities in DeskPRO 1.1.0 and earlier allow remote attackers to insert arbitrary SQL and conduct unauthorized activities via (1) the cat parameter in faq.php, (2) the article parameter in faq.php, (3) the tickedid parameter in view.php, and (4) the Password entry on the logon screen. cpe:/a:openslp:openslp:1.0.11 CVE-2003-0875 2003-11-17T00:00:00.000-05:00 2016-10-17T22:38:09.843-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov CONECTIVA CLA-2003:723 BUGTRAQ 20030818 OpenSLP initscript symlink vulnerability Symbolic link vulnerability in the slpd script slpd.all_init for OpenSLP before 1.0.11 allows local users to overwrite arbitrary files via the route.check temporary file. cpe:/o:apple:mac_os_x:10.0 cpe:/o:apple:mac_os_x:10.0.1 cpe:/o:apple:mac_os_x:10.0.2 cpe:/o:apple:mac_os_x:10.0.3 cpe:/o:apple:mac_os_x:10.0.4 cpe:/o:apple:mac_os_x:10.1 cpe:/o:apple:mac_os_x:10.1.1 cpe:/o:apple:mac_os_x:10.1.2 cpe:/o:apple:mac_os_x:10.1.3 cpe:/o:apple:mac_os_x:10.1.4 cpe:/o:apple:mac_os_x:10.1.5 cpe:/o:apple:mac_os_x:10.2 cpe:/o:apple:mac_os_x:10.2.1 cpe:/o:apple:mac_os_x:10.2.2 cpe:/o:apple:mac_os_x:10.2.3 cpe:/o:apple:mac_os_x:10.2.4 cpe:/o:apple:mac_os_x:10.2.5 cpe:/o:apple:mac_os_x:10.2.6 cpe:/o:apple:mac_os_x:10.2.7 cpe:/o:apple:mac_os_x:10.2.8 cpe:/o:apple:mac_os_x_server:10.0 cpe:/o:apple:mac_os_x_server:10.2 cpe:/o:apple:mac_os_x_server:10.2.1 cpe:/o:apple:mac_os_x_server:10.2.2 cpe:/o:apple:mac_os_x_server:10.2.3 cpe:/o:apple:mac_os_x_server:10.2.4 cpe:/o:apple:mac_os_x_server:10.2.5 cpe:/o:apple:mac_os_x_server:10.2.6 cpe:/o:apple:mac_os_x_server:10.2.7 cpe:/o:apple:mac_os_x_server:10.2.8 CVE-2003-0876 2003-11-03T00:00:00.000-05:00 2017-07-10T21:29:37.743-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov ATSTAKE A102803-1 BID 8916 BID 8917 XF macos-insecure-file-permissions(13537) Finder in Mac OS X 10.2.8 and earlier sets global read/write/execute permissions on directories when they are dragged (copied) from a mounted volume such as a disk image (DMG), which could cause the directories to have less restrictive permissions than intended. cpe:/o:apple:mac_os_x:10.0 cpe:/o:apple:mac_os_x:10.0.1 cpe:/o:apple:mac_os_x:10.0.2 cpe:/o:apple:mac_os_x:10.0.3 cpe:/o:apple:mac_os_x:10.0.4 cpe:/o:apple:mac_os_x:10.1 cpe:/o:apple:mac_os_x:10.1.1 cpe:/o:apple:mac_os_x:10.1.2 cpe:/o:apple:mac_os_x:10.1.3 cpe:/o:apple:mac_os_x:10.1.4 cpe:/o:apple:mac_os_x:10.1.5 cpe:/o:apple:mac_os_x:10.2 cpe:/o:apple:mac_os_x:10.2.1 cpe:/o:apple:mac_os_x:10.2.2 cpe:/o:apple:mac_os_x:10.2.3 cpe:/o:apple:mac_os_x:10.2.4 cpe:/o:apple:mac_os_x:10.2.5 cpe:/o:apple:mac_os_x:10.2.6 cpe:/o:apple:mac_os_x:10.2.7 cpe:/o:apple:mac_os_x:10.2.8 CVE-2003-0877 2003-11-03T00:00:00.000-05:00 2017-07-10T21:29:37.790-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS ATSTAKE A102803-1 BID 8914 BID 8917 XF macos-core-files-symlink(13542) Mac OS X before 10.3 with core files enabled allows local users to overwrite arbitrary files and read core files via a symlink attack on core files that are created with predictable names in the /cores directory. cpe:/o:apple:mac_os_x:10.3 CVE-2003-0878 2003-11-03T00:00:00.000-05:00 2008-09-05T16:35:29.920-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CONFIRM http://docs.info.apple.com/article.html?artnum=61798 CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00038.html slpd daemon in Mac OS X before 10.3 allows local users to overwrite arbitrary files via a symlink attack on a temporary file, a different vulnerability than CVE-2003-0875. CVE-2003-0879 2003-11-17T00:00:00.000-05:00 2008-09-10T15:20:51.477-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0518. Reason: This candidate is a reservation duplicate of CVE-2003-0518. Notes: All CVE users should reference CVE-2003-0518 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. cpe:/o:apple:mac_os_x:10.3 CVE-2003-0880 2003-11-03T00:00:00.000-05:00 2008-09-05T16:35:30.170-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS CONFIRM http://docs.info.apple.com/article.html?artnum=61798 CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00038.html Unknown vulnerability in Mac OS X before 10.3 allows local users to access Dock functions from behind Screen Effects when Full Keyboard Access is enabled using the Keyboard pane in System Preferences. cpe:/o:apple:mac_os_x:10.3 CVE-2003-0881 2003-11-03T00:00:00.000-05:00 2008-09-05T16:35:30.327-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS CONFIRM http://docs.info.apple.com/article.html?artnum=61798 CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00038.html Mail in Mac OS X before 10.3, when configured to use MD5 Challenge Response, uses plaintext authentication if the CRAM-MD5 hashed login fails, which could allow remote attackers to gain privileges by sniffing the password. cpe:/o:apple:mac_os_x:10.3 CVE-2003-0882 2003-11-03T00:00:00.000-05:00 2008-09-05T16:35:30.483-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CONFIRM http://docs.info.apple.com/article.html?artnum=61798 CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00038.html Mac OS X before 10.3 initializes the TCP timestamp with a constant number, which allows remote attackers to determine the system's uptime via the ID field in a TCP packet. cpe:/o:apple:mac_os_x:10.3 CVE-2003-0883 2003-11-03T00:00:00.000-05:00 2008-09-05T16:35:30.623-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS CONFIRM http://docs.info.apple.com/article.html?artnum=61798 CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00038.html The System Preferences capability in Mac OS X before 10.3 allows local users to access secure Preference Panes for a short period after an administrator has authenticated to the system. cpe:/a:xscreensaver:xscreensaver:4.14 CVE-2003-0885 2003-12-31T00:00:00.000-05:00 2008-09-05T16:35:30.780-04:00 6.4 NETWORK LOW NONE NONE PARTIAL PARTIAL http://nvd.nist.gov 2006-03-01T09:28:00.000-05:00 CONFIRM http://bugs.gentoo.org/show_bug.cgi?id=41253 CONFIRM http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=182286 Xscreensaver 4.14 contains certain debugging code that should have been omitted, which causes Xscreensaver to create temporary files insecurely in the (1) apple2, (2) xanalogtv, and (3) pong screensavers, and allows local users to overwrite arbitrary files via a symlink attack. cpe:/a:hylafax:hylafax:4.1 cpe:/a:hylafax:hylafax:4.1.1 cpe:/a:hylafax:hylafax:4.1.2 cpe:/a:hylafax:hylafax:4.1.3 cpe:/a:hylafax:hylafax:4.1.5 cpe:/a:hylafax:hylafax:4.1.6 cpe:/a:hylafax:hylafax:4.1.7 CVE-2003-0886 2003-12-01T00:00:00.000-05:00 2016-10-17T22:38:11.107-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CONECTIVA CLA-2003:783 BUGTRAQ 20031111 HylaFAX - Format String Vulnerability Fixed DEBIAN DSA-401 MANDRAKE MDKSA-2003:105 SUSE SuSE-SA:2003:045 Format string vulnerability in hfaxd for Hylafax 4.1.7 and earlier allows remote attackers to execute arbitrary code. cpe:/a:angus_mackay:ez-ipupdate:3.0.11b5 cpe:/a:angus_mackay:ez-ipupdate:3.0.11b7 CVE-2003-0887 2003-12-31T00:00:00.000-05:00 2008-09-05T16:35:31.093-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2006-01-03T10:12:00.000-05:00 CONFIRM http://cvs.mandriva.com/cgi-bin/viewcvs.cgi/SPECS/ez-ipupdate/ez-ipupdate.spec?r1=1.4&r2=1.5 CONFIRM http://cvs.mandriva.com/cgi-bin/viewcvs.cgi/SPECS/ez-ipupdate/ez-ipupdate.spec?rev=1.6 ez-ipupdate 3.0.11b7 and earlier creates insecure temporary cache files, which allows local users to conduct unauthorized operations via a symlink attack on the ez-ipupdate.cache file. cpe:/a:oracle:oracle9i:enterprise_9.0.1 cpe:/a:oracle:oracle9i:enterprise_9.2.0.4 cpe:/a:oracle:oracle9i:personal_9.0.1 cpe:/a:oracle:oracle9i:personal_9.2.0.4 cpe:/a:oracle:oracle9i:standard_9.0 cpe:/a:oracle:oracle9i:standard_9.0.1 cpe:/a:oracle:oracle9i:standard_9.0.1.2 cpe:/a:oracle:oracle9i:standard_9.0.1.3 cpe:/a:oracle:oracle9i:standard_9.0.1.4 cpe:/a:oracle:oracle9i:standard_9.0.2 cpe:/a:oracle:oracle9i:standard_9.2.0.4 CVE-2003-0894 2003-11-17T00:00:00.000-05:00 2017-07-10T21:29:37.853-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS CONFIRM http://otn.oracle.com/deploy/security/pdf/2003alert59.pdf SECTRACK 1007956 CERT-VN VU#496340 BID 8844 BID 8845 XF oracle-oracleo-binaries-bo(13451) Buffer overflow in the (1) oracle and (2) oracleO programs in Oracle 9i Database 9.0.x and 9.2.x before 9.2.0.4 allows local users to execute arbitrary code via a long command line argument. cpe:/o:apple:mac_os_x:10.2 cpe:/o:apple:mac_os_x:10.2.1 cpe:/o:apple:mac_os_x:10.2.2 cpe:/o:apple:mac_os_x:10.2.3 cpe:/o:apple:mac_os_x:10.2.4 cpe:/o:apple:mac_os_x:10.2.5 cpe:/o:apple:mac_os_x:10.2.6 cpe:/o:apple:mac_os_x:10.2.7 cpe:/o:apple:mac_os_x:10.2.8 CVE-2003-0895 2003-11-03T00:00:00.000-05:00 2017-07-10T21:29:37.917-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00038.html ATSTAKE A102803-3 BID 8913 XF macos-long-command-bo(13541) Buffer overflow in the Mac OS X kernel 10.2.8 and earlier allows local users, and possibly remote attackers, to cause a denial of service (crash), access portions of memory, and possibly execute arbitrary code via a long command line argument (argv[]). cpe:/a:sun:jre:1.4.1:update3 CVE-2003-0896 2003-11-17T00:00:00.000-05:00 2016-10-17T22:38:12.327-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS MISC http://lsd-pl.net/code/JVM/jre.tar.gz BUGTRAQ 20021023 [LSD] Security vulnerability in SUN's Java Virtual Machine implementation SUNALERT 57221 SUNALERT 200356 HP HPSBUX0311-295 BUGTRAQ 20031027 Re: [LSD] Security vulnerability in SUN's Java Virtual Machine implementation BUGTRAQ 20031027 Re: [LSD] Security vulnerability in SUN's Java Virtual Machineimplementation BID 8879 The loadClass method of the sun.applet.AppletClassLoader class in the Java Virtual Machine (JVM) in Sun SDK and JRE 1.4.1_03 and earlier allows remote attackers to bypass sandbox restrictions and execute arbitrary code via a loaded class name that contains "/" (slash) instead of "." (dot) characters, which bypasses a call to the Security Manager's checkPackageAccess method. cpe:/o:microsoft:windows_xp::gold CVE-2003-0897 2003-11-17T00:00:00.000-05:00 2017-07-10T21:29:37.977-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20031023 Shatter XP XF winxp-commctl32-code-execution(13558) "Shatter" vulnerability in CommCtl32.dll in Windows XP may allow local users to execute arbitrary code by sending (1) BCM_GETTEXTMARGIN or (2) BCM_SETTEXTMARGIN button control messages to privileged applications. cpe:/a:ibm:db2_universal_database:7.1::linux cpe:/a:ibm:db2_universal_database:8.0::linux CVE-2003-0898 2003-11-17T00:00:00.000-05:00 2016-10-17T22:38:14.623-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONFIRM ftp://ftp.software.ibm.com/ps/products/db2/fixes/english-us/db2aixv7/FP10a_U495172/FixpakReadme.txt BUGTRAQ 20030805 Local Vulnerability in IBM DB2 7.1 db2job binary IBM DB2 7.2 before FixPak 10a, and earlier versions including 7.1, allows local users to overwrite arbitrary files and gain privileges via a symlink attack on (1) db2job and (2) db2job2. cpe:/a:acme_labs:thttpd:2.21 cpe:/a:acme_labs:thttpd:2.21b cpe:/a:acme_labs:thttpd:2.22 cpe:/a:acme_labs:thttpd:2.23b1 CVE-2003-0899 2003-11-03T00:00:00.000-05:00 2017-07-10T21:29:38.040-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20031027 Remote overflow in thttpd BID 8906 XF thttpd-defang-bo(13530) DEBIAN DSA-396 Buffer overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 allows remote attackers to execute arbitrary code via requests that contain '<' or '>' characters, which trigger the overflow when the characters are expanded to "&lt;" and "&gt;" sequences. cpe:/a:larry_wall:perl:5.8.1 CVE-2003-0900 2003-12-31T00:00:00.000-05:00 2008-09-05T16:35:32.247-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2005-05-24T14:49:00.000-04:00 CONFIRM https://bugzilla.redhat.com/bugzilla/long_list.cgi?buglist=108711 Perl 5.8.1 on Fedora Core does not properly initialize the random number generator when forking, which makes it easier for attackers to predict random numbers. cpe:/a:postgresql:postgresql:7.2 cpe:/a:postgresql:postgresql:7.2.1 cpe:/a:postgresql:postgresql:7.2.2 cpe:/a:postgresql:postgresql:7.2.3 cpe:/a:postgresql:postgresql:7.2.4 cpe:/a:postgresql:postgresql:7.3 cpe:/a:postgresql:postgresql:7.3.1 cpe:/a:postgresql:postgresql:7.3.2 cpe:/a:postgresql:postgresql:7.3.3 CVE-2003-0901 2003-11-03T00:00:00.000-05:00 2008-09-05T16:35:32.390-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS CONFIRM http://developer.postgresql.org/cvsweb.cgi/pgsql-server/src/backend/utils/adt/ascii.c CONECTIVA CLA-2003:784 CONECTIVA CLSA-2003:772 DEBIAN DSA-397 REDHAT RHSA-2003:313 REDHAT RHSA-2003:314 BID 8741 Buffer overflow in to_ascii for PostgreSQL 7.2.x, and 7.3.x before 7.3.4, allows remote attackers to execute arbitrary code. cpe:/a:minimalist:minimalist:2.2 cpe:/a:minimalist:minimalist:2.4 CVE-2003-0902 2004-02-03T00:00:00.000-05:00 2008-09-10T15:20:54.460-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS DEBIAN DSA-402 Unknown vulnerability in minimalist mailing list manager 2.4, 2.2, and possibly other versions, allows remote attackers to execute arbitrary commands. cpe:/a:microsoft:data_access_components:2.5 cpe:/a:microsoft:data_access_components:2.6 cpe:/a:microsoft:data_access_components:2.7 cpe:/a:microsoft:data_access_components:2.8 CVE-2003-0903 2004-02-17T00:00:00.000-05:00 2018-10-12T17:33:34.727-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov CERT-VN VU#139150 BID 9407 MS MS04-003 XF mdac-broadcastrequest-bo(14187) Buffer overflow in a component of Microsoft Data Access Components (MDAC) 2.5 through 2.8 allows remote attackers to execute arbitrary code via a malformed UDP response to a broadcast request. cpe:/a:microsoft:exchange_server:2003 cpe:/a:microsoft:sharepoint_services:2.0 cpe:/o:microsoft:windows_2003_server:enterprise::64-bit cpe:/o:microsoft:windows_2003_server:enterprise_64-bit cpe:/o:microsoft:windows_2003_server:r2::64-bit cpe:/o:microsoft:windows_2003_server:r2::datacenter_64-bit cpe:/o:microsoft:windows_2003_server:standard::64-bit cpe:/o:microsoft:windows_2003_server:web CVE-2003-0904 2004-01-20T00:00:00.000-05:00 2018-10-12T17:33:35.807-04:00 6.0 NETWORK MEDIUM SINGLE_INSTANCE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CERT-VN VU#530660 CONFIRM http://www.microsoft.com/exchange/support/e2k3owa.asp NTBUGTRAQ 20031114 Exchange 2003 OWA major security flaw BID 9118 BID 9409 MS MS04-002 XF exchange-owa-account-access(13869) Microsoft Exchange 2003 and Outlook Web Access (OWA), when configured to use NTLM authentication, does not properly reuse HTTP connections, which can cause OWA users to view mailboxes of other users when Kerberos has been disabled as an authentication method for IIS 6.0, e.g. when SharePoint Services 2.0 is installed. cpe:/a:microsoft:windows_media_services:4.1 CVE-2003-0905 2004-04-15T00:00:00.000-04:00 2018-10-12T17:33:36.727-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CERT-VN VU#982630 BID 9825 MS MS04-008 XF win-media-services-dos(15038) Unknown vulnerability in Windows Media Station Service and Windows Media Monitor Service components of Windows Media Services 4.1 allows remote attackers to cause a denial of service (disallowing new connections) via a certain sequence of TCP/IP packets. cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp4::fr cpe:/o:microsoft:windows_nt:4.0:sp6a cpe:/o:microsoft:windows_xp::sp1:tablet_pc CVE-2003-0906 2004-06-01T00:00:00.000-04:00 2018-10-12T17:33:37.273-04:00 7.6 NETWORK HIGH NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CERT-VN VU#547028 BID 10120 CERT TA04-104A MS MS04-011 Buffer overflow in the rendering for (1) Windows Metafile (WMF) or (2) Enhanced Metafile (EMF) image formats in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, and XP SP1 allows remote attackers to execute arbitrary code via a malformed WMF or EMF image. cpe:/o:microsoft:windows_2003_server:r2 cpe:/o:microsoft:windows_xp::sp1:tablet_pc CVE-2003-0907 2004-06-01T00:00:00.000-04:00 2018-10-12T17:33:38.040-04:00 5.1 NETWORK HIGH NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS FULLDISC 20040413 Microsoft Help and Support Center argument injection vulnerability BUGTRAQ 20040413 [Full-Disclosure] iDEFENSE Security Advisory 04.13.04 - Microsoft Help and Support CIAC O-114 MISC http://www.idefense.com/application/poi/display?id=100&type=vulnerabilities CERT-VN VU#260588 BID 10119 CERT TA04-104A MS MS04-011 XF win-hcpurl-code-execution(15704) Help and Support Center in Microsoft Windows XP SP1 does not properly validate HCP URLs, which allows remote attackers to execute arbitrary code via quotation marks in an hcp:// URL, which are not quoted when constructing the argument list to HelpCtr.exe. cpe:/o:microsoft:windows_2000 CVE-2003-0908 2004-06-01T00:00:00.000-04:00 2018-10-12T17:33:39.243-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20040414 [SHATTER Team Security Alert] Microsoft Windows Utility Manager Vulnerability MISC http://www.appsecinc.com/resources/alerts/general/04-0001.html CIAC O-114 CERT-VN VU#526084 MISC http://www.securiteam.com/windowsntfocus/5LP0C2ACKU.html BID 10124 CERT TA04-104A MS MS04-011 XF win2k-utilitymgr-gain-privileges(15632) The Utility Manager in Microsoft Windows 2000 executes winhlp32.exe with system privileges, which allows local users to execute arbitrary code via a "Shatter" style attack using a Windows message that accesses the context sensitive help button in the GUI, as demonstrated using the File Open dialog in the Help window, a different vulnerability than CVE-2004-0213. cpe:/o:microsoft:windows_xp::gold CVE-2003-0909 2004-06-01T00:00:00.000-04:00 2018-10-12T17:33:40.180-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CIAC O-114 CERT-VN VU#206468 BID 10125 CERT TA04-104A MS MS04-011 XF winxp-task-gain-privileges(15678) Windows XP allows local users to execute arbitrary programs by creating a task at an elevated privilege level through the eventtriggers.exe command-line tool or the Task Scheduler service, aka "Windows Management Vulnerability." cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_nt:4.0 CVE-2003-0910 2004-06-01T00:00:00.000-04:00 2018-10-12T17:33:40.867-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS FULLDISC 20040413 EEYE: Windows Expand-Down Data Segment Local Privilege Escalation CIAC O-114 EEYE AD20040413D CERT-VN VU#122076 BID 10122 CERT TA04-104A MS MS04-011 XF win-ldt-gain-privileges(15707) The NtSetLdtEntries function in the programming interface for the Local Descriptor Table (LDT) in Windows NT 4.0 and Windows 2000 allows local attackers to gain access to kernel memory and execute arbitrary code via an expand-down data segment descriptor descriptor that points to protected memory. cpe:/o:apple:mac_os_x:10.3 cpe:/o:apple:mac_os_x_server:10.3 CVE-2003-0913 2003-12-01T00:00:00.000-05:00 2017-07-10T21:29:38.417-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONFIRM http://docs.info.apple.com/article.html?artnum=120269 CONFIRM http://docs.info.apple.com/article.html?artnum=61798 CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00040.html BID 8979 XF macos-terminal-gain-access(13620) Unknown vulnerability in the Terminal application for Mac OS X 10.3 (Client and Server) may allow "unauthorized access." cpe:/a:isc:bind:8.2.3 cpe:/a:isc:bind:8.2.4 cpe:/a:isc:bind:8.2.5 cpe:/a:isc:bind:8.2.6 cpe:/a:isc:bind:8.2.7 cpe:/a:isc:bind:8.3.0 cpe:/a:isc:bind:8.3.1 cpe:/a:isc:bind:8.3.2 cpe:/a:isc:bind:8.3.3 cpe:/a:isc:bind:8.3.4 cpe:/a:isc:bind:8.3.5 cpe:/a:isc:bind:8.3.6 cpe:/a:isc:bind:8.4 cpe:/a:isc:bind:8.4.1 cpe:/a:nixu:namesurfer:standard_3.0.1 cpe:/a:nixu:namesurfer:suite_3.0.1 cpe:/o:compaq:tru64:4.0f cpe:/o:compaq:tru64:4.0f_pk6_bl17 cpe:/o:compaq:tru64:4.0f_pk7_bl18 cpe:/o:compaq:tru64:4.0f_pk8_bl22 cpe:/o:compaq:tru64:4.0g cpe:/o:compaq:tru64:4.0g_pk3_bl17 cpe:/o:compaq:tru64:4.0g_pk4_bl22 cpe:/o:compaq:tru64:5.1 cpe:/o:compaq:tru64:5.1_pk3_bl17 cpe:/o:compaq:tru64:5.1_pk4_bl18 cpe:/o:compaq:tru64:5.1_pk5_bl19 cpe:/o:compaq:tru64:5.1_pk6_bl20 cpe:/o:compaq:tru64:5.1a cpe:/o:compaq:tru64:5.1a_pk1_bl1 cpe:/o:compaq:tru64:5.1a_pk2_bl2 cpe:/o:compaq:tru64:5.1a_pk3_bl3 cpe:/o:compaq:tru64:5.1a_pk4_bl21 cpe:/o:compaq:tru64:5.1a_pk5_bl23 cpe:/o:compaq:tru64:5.1b cpe:/o:compaq:tru64:5.1b_pk1_bl1 cpe:/o:compaq:tru64:5.1b_pk2_bl22 cpe:/o:freebsd:freebsd:4.4 cpe:/o:freebsd:freebsd:4.5 cpe:/o:freebsd:freebsd:4.6 cpe:/o:freebsd:freebsd:4.6.2 cpe:/o:freebsd:freebsd:4.7 cpe:/o:freebsd:freebsd:4.8 cpe:/o:freebsd:freebsd:4.9 cpe:/o:freebsd:freebsd:5.0 cpe:/o:hp:hp-ux:11.00 cpe:/o:hp:hp-ux:11.11 cpe:/o:ibm:aix:5.1l cpe:/o:netbsd:netbsd:1.6 cpe:/o:netbsd:netbsd:1.6.1 cpe:/o:netbsd:netbsd:current cpe:/o:sco:unixware:7.1.1 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0::x86 cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-0914 2003-12-15T00:00:00.000-05:00 2018-10-30T12:26:22.763-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov SCO CSSA-2004-003.0 SCO CSSA-2003-SCO.33 SUNALERT 57434 DEBIAN DSA-409 CERT-VN VU#734644 TRUSTIX 2003-0044 ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value. CVE-2003-0917 2017-05-11T10:29:01.150-04:00 2017-05-11T10:29:01.150-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. CVE-2003-0918 2017-05-11T10:29:01.183-04:00 2017-05-11T10:29:01.183-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. CVE-2003-0919 2017-05-11T10:29:01.197-04:00 2017-05-11T10:29:01.197-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. CVE-2003-0920 2017-05-11T10:29:01.213-04:00 2017-05-11T10:29:01.213-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. CVE-2003-0921 2017-05-11T10:29:01.243-04:00 2017-05-11T10:29:01.243-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. CVE-2003-0922 2017-05-11T10:29:01.290-04:00 2017-05-11T10:29:01.290-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. CVE-2003-0923 2017-05-11T10:29:01.323-04:00 2017-05-11T10:29:01.323-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. cpe:/a:netpbm:netpbm:9.25 CVE-2003-0924 2004-02-17T00:00:00.000-05:00 2017-10-09T21:30:14.987-04:00 3.7 LOCAL HIGH NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS SGI 20040201-01-U DEBIAN DSA-426 GENTOO GLSA-200410-02 CERT-VN VU#487102 MANDRAKE MDKSA-2004:011 REDHAT RHSA-2004:030 REDHAT RHSA-2004:031 BID 9442 XF netpbm-temp-insecure-file(14874) netpbm 9.25 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files. cpe:/a:ethereal_group:ethereal:0.9 cpe:/a:ethereal_group:ethereal:0.9.1 cpe:/a:ethereal_group:ethereal:0.9.2 cpe:/a:ethereal_group:ethereal:0.9.3 cpe:/a:ethereal_group:ethereal:0.9.4 cpe:/a:ethereal_group:ethereal:0.9.5 cpe:/a:ethereal_group:ethereal:0.9.6 cpe:/a:ethereal_group:ethereal:0.9.7 cpe:/a:ethereal_group:ethereal:0.9.8 cpe:/a:ethereal_group:ethereal:0.9.9 cpe:/a:ethereal_group:ethereal:0.9.10 cpe:/a:ethereal_group:ethereal:0.9.11 cpe:/a:ethereal_group:ethereal:0.9.12 cpe:/a:ethereal_group:ethereal:0.9.13 cpe:/a:ethereal_group:ethereal:0.9.14 cpe:/a:ethereal_group:ethereal:0.9.15 CVE-2003-0925 2003-12-01T00:00:00.000-05:00 2017-10-10T21:29:16.107-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONECTIVA CLA-2003:780 DEBIAN DSA-407 CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00011.html MANDRAKE MDKSA-2003:114 REDHAT RHSA-2003:323 REDHAT RHSA-2003:324 BID 8951 TURBO TLSA-2003-64 Buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed GTP MSISDN string. cpe:/a:ethereal_group:ethereal:0.9 cpe:/a:ethereal_group:ethereal:0.9.1 cpe:/a:ethereal_group:ethereal:0.9.2 cpe:/a:ethereal_group:ethereal:0.9.3 cpe:/a:ethereal_group:ethereal:0.9.4 cpe:/a:ethereal_group:ethereal:0.9.5 cpe:/a:ethereal_group:ethereal:0.9.6 cpe:/a:ethereal_group:ethereal:0.9.7 cpe:/a:ethereal_group:ethereal:0.9.8 cpe:/a:ethereal_group:ethereal:0.9.9 cpe:/a:ethereal_group:ethereal:0.9.10 cpe:/a:ethereal_group:ethereal:0.9.11 cpe:/a:ethereal_group:ethereal:0.9.12 cpe:/a:ethereal_group:ethereal:0.9.13 cpe:/a:ethereal_group:ethereal:0.9.14 cpe:/a:ethereal_group:ethereal:0.9.15 CVE-2003-0926 2003-12-01T00:00:00.000-05:00 2017-10-10T21:29:16.167-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONECTIVA CLA-2003:780 DEBIAN DSA-407 CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00011.html MANDRAKE MDKSA-2003:114 REDHAT RHSA-2003:323 REDHAT RHSA-2003:324 BID 8951 TURBO TLSA-2003-64 Ethereal 0.9.15 and earlier, and Tethereal, allows remote attackers to cause a denial of service (crash) via certain malformed (1) ISAKMP or (2) MEGACO packets. cpe:/a:ethereal_group:ethereal:0.9 cpe:/a:ethereal_group:ethereal:0.9.1 cpe:/a:ethereal_group:ethereal:0.9.2 cpe:/a:ethereal_group:ethereal:0.9.3 cpe:/a:ethereal_group:ethereal:0.9.4 cpe:/a:ethereal_group:ethereal:0.9.5 cpe:/a:ethereal_group:ethereal:0.9.6 cpe:/a:ethereal_group:ethereal:0.9.7 cpe:/a:ethereal_group:ethereal:0.9.8 cpe:/a:ethereal_group:ethereal:0.9.9 cpe:/a:ethereal_group:ethereal:0.9.10 cpe:/a:ethereal_group:ethereal:0.9.11 cpe:/a:ethereal_group:ethereal:0.9.12 cpe:/a:ethereal_group:ethereal:0.9.13 cpe:/a:ethereal_group:ethereal:0.9.14 cpe:/a:ethereal_group:ethereal:0.9.15 CVE-2003-0927 2003-12-01T00:00:00.000-05:00 2017-10-10T21:29:16.230-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONECTIVA CLA-2003:780 DEBIAN DSA-407 CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00011.html MANDRAKE MDKSA-2003:114 REDHAT RHSA-2003:323 REDHAT RHSA-2003:324 BID 8951 TURBO TLSA-2003-64 XF ethereal-socks-heap-overflow(13578) Heap-based buffer overflow in Ethereal 0.9.15 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via the SOCKS dissector. cpe:/a:clearswift:mailsweeper:4.3.15 CVE-2003-0928 2004-09-28T00:00:00.000-04:00 2016-10-17T22:38:18.173-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20040813 Corsaire Security Advisory - Clearswift MAILsweeper multiple encoding/compression issues MISC http://www.corsaire.com/advisories/c030807-001.txt Clearswift MAILsweeper before 4.3.15 does not properly detect and filter RAR 3.20 encoded files, which allows remote attackers to bypass intended policy. cpe:/a:clearswift:mailsweeper:4.3.15 CVE-2003-0929 2004-09-28T00:00:00.000-04:00 2016-10-17T22:38:19.280-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20040813 Corsaire Security Advisory - Clearswift MAILsweeper multiple encoding/compression issues MISC http://www.corsaire.com/advisories/c030807-001.txt Clearswift MAILsweeper before 4.3.15 does not properly detect and filter ZIP 6.0 encoded files, which allows remote attackers to bypass intended policy. cpe:/a:clearswift:mailsweeper:4.3.15 CVE-2003-0930 2004-09-28T00:00:00.000-04:00 2016-10-17T22:38:20.407-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20040813 Corsaire Security Advisory - Clearswift MAILsweeper multiple encoding/compression issues MISC http://www.corsaire.com/advisories/c030807-001.txt Clearswift MAILsweeper before 4.3.15 does not properly detect filenames in BinHex (HQX) encoded files, which allows remote attackers to bypass intended policy. cpe:/a:sygate_technologies:enforcer:4.0 CVE-2003-0931 2004-09-28T00:00:00.000-04:00 2017-07-10T21:29:38.527-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20040810 Corsaire Security Advisory - Sygate Enforcer discovery packet DoS issue MISC http://www.corsaire.com/advisories/c031120-001.txt XF sygate-enforcer-payload-dos(16949) Sygate Enforcer 4.0 earlier allows remote attackers to cause a denial of service (service hang) by replaying a malformed discovery packet to UDP port 39999. cpe:/a:omega-rpg:omega-rpg:0.9.0_pa9 CVE-2003-0932 2003-12-15T00:00:00.000-05:00 2008-09-10T15:20:56.930-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS DEBIAN DSA-400 Buffer overflow in omega-rpg 0.90 allows local users to execute arbitrary code via a long (1) command line or (2) environment variable. cpe:/a:conquest:conquest:7.1.1_-6 CVE-2003-0933 2003-12-01T00:00:00.000-05:00 2008-09-10T15:20:57.070-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS DEBIAN DSA-398 Buffer overflow in conquest 7.2 and earlier may allow a local user to execute arbitrary code via a long environment variable. cpe:/h:symbol_technologies:pdt:8100 CVE-2003-0934 2003-12-01T00:00:00.000-05:00 2016-10-17T22:38:22.737-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20031110 Symbol Technologies Default WEP KEYS Vulnerability MISC http://www.secnap.net/security/031106.html Symbol Access Portable Data Terminal (PDT) 8100 does not hide the default WEP keys if they are not changed, which could allow attackers to retrieve the keys and gain access to the wireless network. cpe:/a:net-snmp:net-snmp:5.0.1 cpe:/a:net-snmp:net-snmp:5.0.3 cpe:/a:net-snmp:net-snmp:5.0.4_pre2 cpe:/a:net-snmp:net-snmp:5.0.5 cpe:/a:net-snmp:net-snmp:5.0.6 cpe:/a:net-snmp:net-snmp:5.0.7 cpe:/a:net-snmp:net-snmp:5.0.8 CVE-2003-0935 2003-12-01T00:00:00.000-05:00 2017-10-10T21:29:16.293-04:00 6.4 NETWORK LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov CONECTIVA CLA-2003:778 CONFIRM http://sourceforge.net/forum/forum.php?forum_id=308015 REDHAT RHSA-2003:335 REDHAT RHSA-2004:023 Net-SNMP before 5.0.9 allows a user or community to access data in MIB objects, even if that data is not allowed to be viewed. cpe:/a:symantec:pcanywhere:10.0 cpe:/a:symantec:pcanywhere:10.5 cpe:/a:symantec:pcanywhere:11.0 CVE-2003-0936 2003-12-15T00:00:00.000-05:00 2016-10-17T22:38:24.220-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20031113 SRT2003-11-13-0218 - PCAnywhere local SYSTEM exploit BUGTRAQ 20031113 RE: Secure Network Operations SRT2003-11-13-0218, PCAnywhere allows local users to become SYSTEM CONFIRM http://securityresponse.symantec.com/avcenter/security/Content/2003.11.13.html Symantec PCAnywhere 10.x and 11, when started as a service, allows attackers to gain SYSTEM privileges via the help interface using AWHOST32.exe. cpe:/o:sco:open_unix:8.0 cpe:/o:sco:unixware:7.1.1 cpe:/o:sco:unixware:7.1.3 CVE-2003-0937 2003-12-15T00:00:00.000-05:00 2016-10-17T22:38:25.283-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS SCO CSSA-2003-SCO.32 BUGTRAQ 20031112 Insecure handling of procfs descriptors in UnixWare can lead to local privilege escalation. MISC http://www.texonet.com/advisories/TEXONET-20031024.txt SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which leaves the descriptor open to the user. cpe:/a:sap:sap_db:7.4.03.27 CVE-2003-0938 2003-12-15T00:00:00.000-05:00 2017-07-10T21:29:38.573-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS ATSTAKE A111703-1 XF sapdb-NETAPI32-gain-privileges(13765) vos24u.c in SAP database server (SAP DB) 7.4.03.27 and earlier allows local users to gain SYSTEM privileges via a malicious "NETAPI32.DLL" in the current working directory, which is found and loaded by SAP DB before the real DLL, as demonstrated using the SQLAT stored procedure. cpe:/a:sap:sap_db:7.4.03.27 CVE-2003-0939 2003-12-15T00:00:00.000-05:00 2008-09-05T16:35:36.780-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS ATSTAKE A111703-1 CONFIRM http://www.sapdb.org/7.4/new_relinfo.txt eo420_GetStringFromVarPart in veo420.c for SAP database server (SAP DB) 7.4.03.27 and earlier may allow remote attackers to execute arbitrary code via a connect packet with a 256 byte segment to the niserver (aka serv.exe) process on TCP port 7269, which prevents the server from NULL terminating the string and leads to a buffer overflow. cpe:/a:sap:sap_db:7.4.03.29 CVE-2003-0940 2003-12-15T00:00:00.000-05:00 2008-09-05T16:35:36.937-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ATSTAKE A111703-2 Directory traversal vulnerability in sqlfopenc for web-tools in SAP DB before 7.4.03.30 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a URL. cpe:/a:sap:sap_db:7.4.03.29 CVE-2003-0941 2003-12-15T00:00:00.000-05:00 2008-09-05T16:35:37.107-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS ATSTAKE A111703-2 web-tools in SAP DB before 7.4.03.30 allows remote attackers to access the Web Agent Administration pages and modify configuration via a direct request to waadmin.wa. cpe:/a:sap:sap_db:7.4.03.29 CVE-2003-0942 2003-12-15T00:00:00.000-05:00 2008-09-05T16:35:37.263-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS ATSTAKE A111703-2 Buffer overflow in Web Agent Administration service in web-tools for SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a long Name parameter to waadmin.wa. cpe:/a:sap:sap_db:7.4.03.29 CVE-2003-0943 2003-12-15T00:00:00.000-05:00 2008-09-05T16:35:37.403-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS ATSTAKE A111703-2 web-tools in SAP DB before 7.4.03.30 installs several services that are enabled by default, which could allow remote attackers to obtain potentially sensitive information or redirect attacks against internal databases via (1) waecho, (2) Web SQL Interface (websql), or (3) Web Database Manager (webdbm). cpe:/a:sap:sap_db:7.4.03.29 CVE-2003-0944 2003-12-15T00:00:00.000-05:00 2008-09-05T16:35:37.560-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS ATSTAKE A111703-2 Buffer overflow in the WAECHO default service in web-tools in SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a URL with a long requestURI. cpe:/a:sap:sap_db:7.4.03.29 CVE-2003-0945 2003-12-15T00:00:00.000-05:00 2017-07-10T21:29:38.620-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS ATSTAKE A111703-2 XF sapdb-manager-sessionid-predictable(13774) The Web Database Manager in web-tools for SAP DB before 7.4.03.30 generates predictable session IDs, which allows remote attackers to conduct unauthorized activities. cpe:/a:clam_anti-virus:clamav:0.60 cpe:/a:clam_anti-virus:clamav:0.60p CVE-2003-0946 2003-12-15T00:00:00.000-05:00 2016-10-17T22:38:26.360-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20031112 SRT2003-11-11-1151 - clamav-milter remote exploit / DoS CONFIRM http://sourceforge.net/project/shownotes.php?release_id=197038 Format string vulnerability in clamav-milter for Clam AntiVirus 0.60 through 0.60p, and other versions before 0.65, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in the email address argument of a "MAIL FROM" command. CVE-2003-0947 2003-12-15T00:00:00.000-05:00 2016-10-17T22:38:27.563-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20031112 iwconfig vulnerability - the last code was demaged sending by email Buffer overflow in iwconfig, when installed setuid, allows local users to execute arbitrary code via a long OUT environment variable. cpe:/a:wireless_tools:wireless_tools:19 cpe:/a:wireless_tools:wireless_tools:20 cpe:/a:wireless_tools:wireless_tools:21 cpe:/a:wireless_tools:wireless_tools:22 cpe:/a:wireless_tools:wireless_tools:23 cpe:/a:wireless_tools:wireless_tools:24 cpe:/a:wireless_tools:wireless_tools:25 cpe:/a:wireless_tools:wireless_tools:26 CVE-2003-0948 2003-12-15T00:00:00.000-05:00 2008-09-05T16:35:38.187-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS MISC http://www.securiteam.com/exploits/6Y00R1P8KY.html BID 8901 Buffer overflow in iwconfig allows local users to execute arbitrary code via a long HOME environment variable. cpe:/a:michael_bischoff:xsok:1.02 CVE-2003-0949 2004-02-03T00:00:00.000-05:00 2017-07-10T21:29:38.680-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS DEBIAN DSA-405 BID 9321 XF xsok-command-execution(14098) xsok 1.02 does not properly drop privileges before finding and executing the "gunzip" program, which allows local users to execute arbitrary commands. cpe:/a:peoplesoft:peopletools:8.4 cpe:/a:peoplesoft:peopletools:8.10 cpe:/a:peoplesoft:peopletools:8.11 cpe:/a:peoplesoft:peopletools:8.12 cpe:/a:peoplesoft:peopletools:8.13 cpe:/a:peoplesoft:peopletools:8.14 cpe:/a:peoplesoft:peopletools:8.15 cpe:/a:peoplesoft:peopletools:8.16 cpe:/a:peoplesoft:peopletools:8.17 cpe:/a:peoplesoft:peopletools:8.18 cpe:/a:peoplesoft:peopletools:8.19 cpe:/a:peoplesoft:peopletools:8.20 cpe:/a:peoplesoft:peopletools:8.40 cpe:/a:peoplesoft:peopletools:8.41 cpe:/a:peoplesoft:peopletools:8.42 cpe:/a:peoplesoft:peopletools:8.43 CVE-2003-0950 2003-12-15T00:00:00.000-05:00 2017-07-10T21:29:38.743-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BID 9041 ISS 20031112 IClient Servlet Remote Command Execution Vulnerability XF peoplesoft-iclientservlet-file-upload(12805) PeopleSoft PeopleTools 8.1x, 8.2x, and 8.4x allows remote attackers to execute arbitrary commands by uploading a file to the IClient Servlet, guessing the insufficiently random (system time) name of the directory used to store the file, and directly requesting that file. cpe:/o:hp:hp-ux:11.23 CVE-2003-0951 2003-12-15T00:00:00.000-05:00 2017-10-10T21:29:16.340-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS HP HPSBUX0311-296 Partition Manager (parmgr) in HP-UX B.11.23 does not properly validate certificates that are provided by the cimserver, which allows attackers to obtain sensitive data or gain privileges. CVE-2003-0952 2017-05-11T10:29:01.337-04:00 2017-05-11T10:29:01.337-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. CVE-2003-0953 2017-05-11T10:29:01.353-04:00 2017-05-11T10:29:01.370-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. cpe:/o:ibm:aix:4.3.3 cpe:/o:ibm:aix:5.1 cpe:/o:ibm:aix:5.2 CVE-2003-0954 2003-12-31T00:00:00.000-05:00 2008-09-05T16:35:38.843-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-05-24T14:41:00.000-04:00 ALLOWS_ADMIN_ACCESS SECTRACK 1008258 BID 9078 AIXAPAR IY48272 AIXAPAR IY48747 AIXAPAR IY49238 Buffer overflow in rcp for AIX 4.3.3, 5.1 and 5.2 allows local users to gain privileges. cpe:/o:openbsd:openbsd:3.3 cpe:/o:openbsd:openbsd:3.4 CVE-2003-0955 2003-12-15T00:00:00.000-05:00 2016-10-17T22:38:28.753-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS OPENBSD 20031105 005: RELIABILITY FIX: November 4, 2003 FULLDISC 20031104 OpenBSD kernel overflow, yet still *BSD much better than windows CONFIRM http://marc.info/?l=openbsd-security-announce&m=106808820119679&w=2 CONFIRM http://marc.info/?l=openbsd-security-announce&m=106917441524978&w=2 MISC http://www.guninski.com/msuxobsd2.html OPENBSD 20031104 010: RELIABILITY FIX: November 4, 2003 BID 8978 OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled by (1) ibcs2_exec.c in the iBCS2 emulation (compat_ibcs2) or (2) exec_elf.c, which leads to a stack-based buffer overflow. cpe:/o:linux:linux_kernel:2.4.22 CVE-2003-0956 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:38.790-04:00 2.6 LOCAL HIGH NONE PARTIAL PARTIAL NONE http://nvd.nist.gov CONFIRM http://linux.bkbits.net:8080/linux-2.4/cset@3ef33d95ym_22QH2xwhDMt264M55Fg XF linux-kernel-odirect-information-disclosure(42942) Multiple race conditions in the handling of O_DIRECT in Linux kernel prior to version 2.4.22 could cause stale data to be returned from the disk when handling sparse files, or cause incorrect data to be returned when a file is truncated as it is being read, which might allow local users to obtain sensitive data that was originally owned by other users, a different vulnerability than CVE-2003-0018. CVE-2003-0959 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:38.853-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CONFIRM http://linux.bkbits.net:8080/linux-2.4/cset@3ed382f7UfJ9Q2LKCJq1Tc5B7-EC5A XF linux-kernel-unspecified-priv-escalation(43072) Multiple integer overflows in the 32bit emulation for AMD64 architectures in Linux 2.4 kernel before 2.4.21 allows attackers to cause a denial of service or gain root privileges via unspecified vectors that trigger copy_from_user function calls with improper length arguments. cpe:/a:openca:openca:0.8.0 cpe:/a:openca:openca:0.8.1 cpe:/a:openca:openca:0.8.6 cpe:/a:openca:openca:0.9.0 cpe:/a:openca:openca:0.9.0.1 cpe:/a:openca:openca:0.9.0.2 cpe:/a:openca:openca:0.9.1 cpe:/a:openca:openca:0.9.1.2 cpe:/a:openca:openca:0.9.1.3 CVE-2003-0960 2003-12-15T00:00:00.000-05:00 2016-10-17T22:38:29.830-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20031128 [OpenCA Advisory] Vulnerabilities in signature verification OpenCA before 0.9.1.4 does not use the correct certificate in a chain to check the serial, which could cause OpenCA to accept revoked or expired certificates. cpe:/o:linux:linux_kernel:2.4.22 CVE-2003-0961 2003-12-15T00:00:00.000-05:00 2016-10-17T22:38:31.253-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CONECTIVA CLA-2003:796 MISC http://isec.pl/papers/linux_kernel_do_brk.pdf BUGTRAQ 20031204 [iSEC] Linux kernel do_brk() vulnerability details BUGTRAQ 20031204 Hot fix for do_brk bug BUGTRAQ 20040112 SmoothWall Project Security Advisory SWP-2004:001 DEBIAN DSA-403 DEBIAN DSA-417 DEBIAN DSA-423 DEBIAN DSA-433 DEBIAN DSA-439 DEBIAN DSA-440 DEBIAN DSA-442 DEBIAN DSA-450 DEBIAN DSA-470 DEBIAN DSA-475 CERT-VN VU#301156 MANDRAKE MDKSA-2003:110 SUSE SuSE-SA:2003:049 REDHAT RHSA-2003:368 REDHAT RHSA-2003:389 Integer overflow in the do_brk function for the brk system call in Linux kernel 2.4.22 and earlier allows local users to gain root privileges. cpe:/a:andrew_tridgell:rsync:2.3.1 cpe:/a:andrew_tridgell:rsync:2.3.2 cpe:/a:andrew_tridgell:rsync:2.4.0 cpe:/a:andrew_tridgell:rsync:2.4.1 cpe:/a:andrew_tridgell:rsync:2.4.3 cpe:/a:andrew_tridgell:rsync:2.4.4 cpe:/a:andrew_tridgell:rsync:2.4.5 cpe:/a:andrew_tridgell:rsync:2.4.6 cpe:/a:andrew_tridgell:rsync:2.4.8 cpe:/a:andrew_tridgell:rsync:2.5.0 cpe:/a:andrew_tridgell:rsync:2.5.1 cpe:/a:andrew_tridgell:rsync:2.5.2 cpe:/a:andrew_tridgell:rsync:2.5.3 cpe:/a:andrew_tridgell:rsync:2.5.4 cpe:/a:andrew_tridgell:rsync:2.5.5 cpe:/a:andrew_tridgell:rsync:2.5.6 cpe:/a:redhat:rsync:2.4.6-2::i386 cpe:/a:redhat:rsync:2.4.6-5::i386 cpe:/a:redhat:rsync:2.4.6-5::ia64 cpe:/a:redhat:rsync:2.5.4-2::i386 cpe:/a:redhat:rsync:2.5.5-1::i386 cpe:/a:redhat:rsync:2.5.5-4::i386 cpe:/o:engardelinux:secure_community:1.0.1 cpe:/o:engardelinux:secure_community:2.0 cpe:/o:engardelinux:secure_linux:1.1::professional cpe:/o:engardelinux:secure_linux:1.2::professional cpe:/o:engardelinux:secure_linux:1.5::professional cpe:/o:slackware:slackware_linux:8.1 cpe:/o:slackware:slackware_linux:9.0 cpe:/o:slackware:slackware_linux:9.1 cpe:/o:slackware:slackware_linux:current CVE-2003-0962 2003-12-15T00:00:00.000-05:00 2018-05-02T21:29:23.193-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS SGI 20031202-01-U CONECTIVA CLA-2003:794 BUGTRAQ 20031204 rsync security advisory (fwd) TRUSTIX 2003-0048 BUGTRAQ 20031204 [OpenPKG-SA-2003.051] OpenPKG Security Advisory (rsync) BUGTRAQ 20031204 GLSA: exploitable heap overflow in rsync (200312-03) CERT-VN VU#325603 MANDRAKE MDKSA-2003:111 REDHAT RHSA-2003:398 BID 9153 XF linux-rsync-heap-overflow(13899) Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail. cpe:/a:alexander_v._lukyanov:lftp:2.3 cpe:/a:alexander_v._lukyanov:lftp:2.4.9 cpe:/a:alexander_v._lukyanov:lftp:2.5.2 cpe:/a:alexander_v._lukyanov:lftp:2.6.0 cpe:/a:alexander_v._lukyanov:lftp:2.6.3 cpe:/a:alexander_v._lukyanov:lftp:2.6.4 cpe:/a:alexander_v._lukyanov:lftp:2.6.5 cpe:/a:alexander_v._lukyanov:lftp:2.6.6 cpe:/a:alexander_v._lukyanov:lftp:2.6.7 cpe:/a:alexander_v._lukyanov:lftp:2.6.8 cpe:/a:alexander_v._lukyanov:lftp:2.6.9 CVE-2003-0963 2004-01-05T00:00:00.000-05:00 2017-10-10T21:29:16.417-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS SGI 20040101-01-U SGI 20040202-01-U BUGTRAQ 20031212 [slackware-security] lftp security update (SSA:2003-346-01) BUGTRAQ 20031213 lftp buffer overflows BUGTRAQ 20031217 [OpenPKG-SA-2003.053] OpenPKG Security Advisory (lftp) BUGTRAQ 20031218 GLSA: lftp (200312-07) CONECTIVA CLA-2004:800 DEBIAN DSA-406 MANDRAKE MDKSA-2003:116 SUSE SuSE-SA:2003:051 REDHAT RHSA-2003:403 REDHAT RHSA-2003:404 Buffer overflows in (1) try_netscape_proxy and (2) try_squid_eplf for lftp 2.6.9 and earlier allow remote HTTP servers to execute arbitrary code via long directory names that are processed by the ls or rels commands. CVE-2003-0964 2003-11-17T00:00:00.000-05:00 2008-09-10T15:21:00.523-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: N/A. Notes: none. cpe:/a:gnu:mailman:2.1.4 CVE-2003-0965 2004-02-17T00:00:00.000-05:00 2017-10-10T21:29:16.480-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONECTIVA CLA-2004:842 MLIST [Mailman-Announce] 20031231 RELEASED Mailman 2.1.4 DEBIAN DSA-436 MANDRAKE MDKSA-2004:013 REDHAT RHSA-2004:020 BID 9336 XF mailman-admin-xss(14121) Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities. cpe:/a:elm_development_group:elm:2.5.6 CVE-2003-0966 2004-02-17T00:00:00.000-05:00 2017-10-09T21:30:15.033-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS SGI 20040103-01-U MISC http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=112078 REDHAT RHSA-2004:009 BID 9430 XF elm-frm-subject-bo(14840) Buffer overflow in the frm command in elm 2.5.6 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code via a long Subject line. cpe:/a:freeradius:freeradius:0.9.2 CVE-2003-0967 2003-12-15T00:00:00.000-05:00 2017-10-10T21:29:16.543-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20031120 Remote DoS in FreeRADIUS, all versions. BUGTRAQ 20031121 FreeRADIUS 0.9.2 "Tunnel-Password" attribute Handling Vulnerability CONFIRM http://marc.info/?l=freeradius-users&m=106947389449613&w=2 REDHAT RHSA-2003:386 rad_decode in FreeRADIUS 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a short RADIUS string attribute with a tag, which causes memcpy to be called with a -1 length argument, as demonstrated using the Tunnel-Password attribute. CVE-2003-0968 2003-12-15T00:00:00.000-05:00 2016-10-17T22:38:36.300-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20031126 FreeRADIUS <= 0.9.3 rlm_smb module stack overflow vulnerability Stack-based buffer overflow in SMB_Logon_Server of the rlm_smb experimental module for FreeRADIUS 0.9.3 and earlier allows remote attackers to execute arbitrary code via a long User-Password attribute. cpe:/a:mpg321:mpg321:0.2.10 CVE-2003-0969 2004-01-20T00:00:00.000-05:00 2017-10-09T21:30:15.283-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS DEBIAN DSA-411 SUSE SuSE-SA:2004:002 BID 9364 XF mpg321-mp3-format-string(14148) mpg321 0.2.10 allows remote attackers to overwrite memory and possibly execute arbitrary code via an mp3 file that passes certain strings to the printf function, possibly triggering a format string vulnerability. cpe:/h:sun:sun_fire:b1600 CVE-2003-0970 2003-12-15T00:00:00.000-05:00 2008-09-05T16:35:41.107-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 SUNALERT 57430 The Network Management Port on Sun Fire B1600 systems allows remote attackers to cause a denial of service (packet loss) via ARP packets, which cause all ports to become temporarily disabled. cpe:/a:gnu:privacy_guard:1.0.2 cpe:/a:gnu:privacy_guard:1.0.3 cpe:/a:gnu:privacy_guard:1.0.3b cpe:/a:gnu:privacy_guard:1.0.4 cpe:/a:gnu:privacy_guard:1.0.5 cpe:/a:gnu:privacy_guard:1.0.6 cpe:/a:gnu:privacy_guard:1.0.7 cpe:/a:gnu:privacy_guard:1.2 cpe:/a:gnu:privacy_guard:1.2.1 cpe:/a:gnu:privacy_guard:1.2.2 cpe:/a:gnu:privacy_guard:1.2.2:rc1 cpe:/a:gnu:privacy_guard:1.2.3 CVE-2003-0971 2003-12-15T00:00:00.000-05:00 2017-10-10T21:29:16.607-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov SGI 20040202-01-U CONECTIVA CLA-2003:798 CONFIRM http://lists.gnupg.org/pipermail/gnupg-announce/2003q4/000276.html CONFIRM http://lists.gnupg.org/pipermail/gnupg-announce/2003q4/000277.html BUGTRAQ 20031127 GnuPG's ElGamal signing keys compromised DEBIAN DSA-429 CERT-VN VU#940388 MANDRAKE MDKSA-2003:109 SUSE SuSE-SA:2003:048 REDHAT RHSA-2003:390 REDHAT RHSA-2003:395 BID 9115 GnuPG (GPG) 1.0.2, and other versions up to 1.2.3, creates ElGamal type 20 (sign+encrypt) keys using the same key component for encryption as for signing, which allows attackers to determine the private key from a signature. cpe:/a:gnu:screen:3.9.4 cpe:/a:gnu:screen:3.9.8 cpe:/a:gnu:screen:3.9.9 cpe:/a:gnu:screen:3.9.10 cpe:/a:gnu:screen:3.9.11 cpe:/a:gnu:screen:3.9.13 cpe:/a:gnu:screen:3.9.15 cpe:/a:gnu:screen:4.0.1 CVE-2003-0972 2003-12-15T00:00:00.000-05:00 2016-10-17T22:38:38.770-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CONECTIVA CLA-2004:809 CONFIRM http://groups.yahoo.com/group/gnu-screen/message/3118 BUGTRAQ 20031127 GNU screen buffer overflow DEBIAN DSA-408 MANDRAKE MDKSA-2003:113 Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" (semicolon) characters in escape sequences, which leads to a buffer overflow. cpe:/a:apache:mod_python:2.7 cpe:/a:apache:mod_python:2.7.1 cpe:/a:apache:mod_python:2.7.2 cpe:/a:apache:mod_python:2.7.3 cpe:/a:apache:mod_python:2.7.4 cpe:/a:apache:mod_python:2.7.5 cpe:/a:apache:mod_python:2.7.6 cpe:/a:apache:mod_python:2.7.7 cpe:/a:apache:mod_python:2.7.8 cpe:/a:apache:mod_python:3.0 cpe:/a:apache:mod_python:3.0.1 cpe:/a:apache:mod_python:3.0.2 cpe:/a:apache:mod_python:3.0.3 CVE-2003-0973 2003-12-15T00:00:00.000-05:00 2017-10-10T21:29:16.667-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov FEDORA FEDORA-2004-1325 CONECTIVA CLA-2004:837 DEBIAN DSA-452 CONFIRM http://www.modpython.org/pipermail/mod_python/2003-November/004005.html REDHAT RHSA-2004:058 REDHAT RHSA-2004:063 Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string. cpe:/a:applied_watch_technologies:applied_watch_command_center:1.0 CVE-2003-0974 2003-12-15T00:00:00.000-05:00 2016-10-17T22:38:39.927-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20031128 Multiple Remote Issues in Applied Watch IDS Suite (advisory attached) BUGTRAQ 20031128 Applied Watch Response to Bugtraq.org post - Was: Multiple Remote Issues in Applied Watch IDS Suite BUGTRAQ 20031201 Re: Multiple Remote Issues in Applied Watch IDS Suite (advisory attached) MISC http://www.bugtraq.org/advisories/_BSSADV-0000.txt BID 9124 Applied Watch Command Center allows remote attackers to conduct unauthorized activities without authentication, such as (1) add new users to a console, as demonstrated using appliedsnatch.c, or (2) add spurious IDS rules to sensors, as demonstrated using addrule.c. cpe:/a:apple:safari:1.0 cpe:/a:apple:safari:1.1 cpe:/o:apple:mac_os_x:10.2.8 cpe:/o:apple:mac_os_x:10.3.1 cpe:/o:apple:mac_os_x_server:10.2.8 cpe:/o:apple:mac_os_x_server:10.3.1 CVE-2003-0975 2003-12-15T00:00:00.000-05:00 2017-07-10T21:29:39.073-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov CONFIRM http://docs.info.apple.com/article.html?artnum=61798 CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00042.html BUGTRAQ 20031118 Apple Safari 1.1 (v100) XF mozilla-netscape-steal-cookies(7973) Apple Safari 1.0 through 1.1 on Mac OS X 10.3.1 and Mac OS X 10.2.8 allows remote attackers to steal user cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain. cpe:/o:novell:netware:6.5 cpe:/o:novell:netware:6.5:sp1 CVE-2003-0976 2003-12-15T00:00:00.000-05:00 2017-07-10T21:29:39.120-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONFIRM http://support.novell.com/cgi-bin/search/searchtid.cgi?/10089375.htm XF netware-nfs-share-access(13915) NFS Server (XNFS.NLM) for Novell NetWare 6.5 does not properly enforce sys:\etc\exports when hostname aliases from sys:etc\hosts file are used, which could allow users to mount file systems when XNFS should deny the host. cpe:/a:cvs:cvs:1.10.7 cpe:/a:cvs:cvs:1.10.8 cpe:/a:cvs:cvs:1.11 cpe:/a:cvs:cvs:1.11.1 cpe:/a:cvs:cvs:1.11.1_p1 cpe:/a:cvs:cvs:1.11.2 cpe:/a:cvs:cvs:1.11.3 cpe:/a:cvs:cvs:1.11.4 cpe:/a:cvs:cvs:1.11.5 cpe:/a:cvs:cvs:1.11.6 cpe:/o:slackware:slackware_linux:8.1 cpe:/o:slackware:slackware_linux:9.0 cpe:/o:slackware:slackware_linux:9.1 CVE-2003-0977 2004-01-05T00:00:00.000-05:00 2017-10-10T21:29:16.763-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS SGI 20040103-01-U SGI 20040202-01-U CONFIRM http://ccvs.cvshome.org/servlets/NewsItemView?newsID=84&JServSessionIdservlets=8u3x1myav1 CONECTIVA CLA-2004:808 BUGTRAQ 20031217 [OpenPKG-SA-2003.052] OpenPKG Security Advisory (cvs) BUGTRAQ 20040129 [FLSA-2004:1207] Updated cvs resolves security vulnerability DEBIAN DSA-422 MANDRAKE MDKSA-2003:112 REDHAT RHSA-2004:003 REDHAT RHSA-2004:004 XF cvs-module-file-manipulation(13929) CVS server before 1.11.10 may allow attackers to cause the CVS server to create directories and files in the file system root directory via malformed module requests. cpe:/a:gnu:privacy_guard:1.2 cpe:/a:gnu:privacy_guard:1.2.1 cpe:/a:gnu:privacy_guard:1.2.2 cpe:/a:gnu:privacy_guard:1.2.2:rc1 cpe:/a:gnu:privacy_guard:1.2.3 cpe:/a:gnu:privacy_guard:1.3.3 CVE-2003-0978 2004-01-05T00:00:00.000-05:00 2017-07-10T21:29:39.227-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20031203 GnuPG 1.2.3, 1.3.3 external HKP interface format string issue SUSE SuSE-SA:2003:048 MISC http://www.s-quadra.com/advisories/Adv-20031203.txt XF gnupg-gpgkeyshkp-format-string(13892) Format string vulnerability in gpgkeys_hkp (experimental HKP interface) for the GnuPG (gpg) client 1.2.3 and earlier, and 1.3.3 and earlier, allows remote attackers or a malicious keyserver to cause a denial of service (crash) and possibly execute arbitrary code during key retrieval. cpe:/a:freescripts:visitorbook:le CVE-2003-0979 2004-01-05T00:00:00.000-05:00 2016-10-17T22:38:44.647-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20031210 Visitorbook LE Multiple Vulnerabilities MISC http://www.westpoint.ltd.uk/advisories/wp-03-0001.txt FreeScripts VisitorBook LE (visitorbook.pl) does not properly escape line breaks in input, which allows remote attackers to (1) use VisitorBook as an open mail relay, when $mailuser is 1, via extra headers in the email field, or (2) cause the guestbook database to be deleted via a large number of line breaks that exceeds the $max_posts variable. cpe:/a:freescripts:visitorbook:le CVE-2003-0980 2004-01-05T00:00:00.000-05:00 2016-10-17T22:38:46.020-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20031210 Visitorbook LE Multiple Vulnerabilities MISC http://www.westpoint.ltd.uk/advisories/wp-03-0001.txt Cross-site scripting (XSS) vulnerability in FreeScripts VisitorBook LE (visitorbook.pl) allows remote attackers to inject arbitrary HTML or web script via (1) the "do" parameter, (2) via the "user" parameter from a host with a malicious reverse DNS name, (3) via quote marks or ampersands in other parameters. cpe:/a:freescripts:visitorbook:le CVE-2003-0981 2004-01-05T00:00:00.000-05:00 2016-10-17T22:38:47.473-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20031210 Visitorbook LE Multiple Vulnerabilities MISC http://www.westpoint.ltd.uk/advisories/wp-03-0001.txt FreeScripts VisitorBook LE (visitorbook.pl) logs the reverse DNS name of a visiting host, which allows remote attackers to spoof the origin of their incoming requests and facilitate cross-site scripting (XSS) attacks. cpe:/a:cisco:application_and_content_networking_software:4.0.3 cpe:/a:cisco:application_and_content_networking_software:4.1.1 cpe:/a:cisco:application_and_content_networking_software:4.1.3 cpe:/a:cisco:application_and_content_networking_software:4.2 cpe:/a:cisco:application_and_content_networking_software:4.2.7 cpe:/a:cisco:application_and_content_networking_software:4.2.9 cpe:/a:cisco:application_and_content_networking_software:5.0 cpe:/a:cisco:application_and_content_networking_software:5.0.1 cpe:/a:cisco:application_and_content_networking_software:5.0.3 cpe:/a:cisco:content_distribution_manager_4630 cpe:/a:cisco:content_distribution_manager_4630:4.0 cpe:/a:cisco:content_distribution_manager_4630:4.1 cpe:/a:cisco:content_distribution_manager_4650 cpe:/a:cisco:content_distribution_manager_4650:4.0 cpe:/a:cisco:content_distribution_manager_4650:4.1 cpe:/a:cisco:content_distribution_manager_4670 cpe:/a:cisco:content_engine:507 cpe:/a:cisco:content_engine:507_2.2_.0 cpe:/a:cisco:content_engine:507_3.1 cpe:/a:cisco:content_engine:507_4.0 cpe:/a:cisco:content_engine:507_4.1 cpe:/a:cisco:content_engine:560 cpe:/a:cisco:content_engine:560_2.2_.0 cpe:/a:cisco:content_engine:560_3.1 cpe:/a:cisco:content_engine:560_4.0 cpe:/a:cisco:content_engine:560_4.1 cpe:/a:cisco:content_engine:590 cpe:/a:cisco:content_engine:590_2.2_.0 cpe:/a:cisco:content_engine:590_3.1 cpe:/a:cisco:content_engine:590_4.0 cpe:/a:cisco:content_engine:590_4.1 cpe:/a:cisco:content_engine:7320 cpe:/a:cisco:content_engine:7320_2.2_.0 cpe:/a:cisco:content_engine:7320_3.1 cpe:/a:cisco:content_engine:7320_4.0 cpe:/a:cisco:content_engine:7320_4.1 cpe:/a:cisco:content_engine_module:for_cisco_router_2600_series cpe:/a:cisco:content_engine_module:for_cisco_router_3600_series cpe:/a:cisco:content_engine_module:for_cisco_router_3700_series cpe:/a:cisco:enterprise_content_delivery_network_software:4.0 cpe:/a:cisco:enterprise_content_delivery_network_software:4.1 cpe:/h:cisco:content_router_4430 cpe:/h:cisco:content_router_4450 CVE-2003-0982 2004-01-05T00:00:00.000-05:00 2018-10-30T12:25:18.480-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CISCO 20031210 Vulnerability in Authentication Library for ACNS CERT-VN VU#352462 BID 9187 XF cisco-acns-password-bo(13945) Buffer overflow in the authentication module for Cisco ACNS 4.x before 4.2.11, and 5.x before 5.0.5, allows remote attackers to execute arbitrary code via a long password. cpe:/h:cisco:80-7111-01_for_the_unity-svrx255-1a cpe:/h:cisco:80-7112-01_for_the_unity-svrx255-2a CVE-2003-0983 2004-01-05T00:00:00.000-05:00 2008-09-10T15:21:19.977-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS CISCO 20031210 Unity Vulnerabilities on IBM-based Servers Cisco Unity on IBM servers is shipped with default settings that should have been disabled by the manufacturer, which allows local or remote attackers to conduct unauthorized activities via (1) a "bubba" local user account, (2) an open TCP port 34571, or (3) when a local DHCP server is unavailable, a DHCP server on the manufacturer's test network. cpe:/o:linux:linux_kernel:2.4.0 cpe:/o:linux:linux_kernel:2.4.0:test1 cpe:/o:linux:linux_kernel:2.4.0:test10 cpe:/o:linux:linux_kernel:2.4.0:test11 cpe:/o:linux:linux_kernel:2.4.0:test12 cpe:/o:linux:linux_kernel:2.4.0:test2 cpe:/o:linux:linux_kernel:2.4.0:test3 cpe:/o:linux:linux_kernel:2.4.0:test4 cpe:/o:linux:linux_kernel:2.4.0:test5 cpe:/o:linux:linux_kernel:2.4.0:test6 cpe:/o:linux:linux_kernel:2.4.0:test7 cpe:/o:linux:linux_kernel:2.4.0:test8 cpe:/o:linux:linux_kernel:2.4.0:test9 cpe:/o:linux:linux_kernel:2.4.1 cpe:/o:linux:linux_kernel:2.4.2 cpe:/o:linux:linux_kernel:2.4.3 cpe:/o:linux:linux_kernel:2.4.4 cpe:/o:linux:linux_kernel:2.4.5 cpe:/o:linux:linux_kernel:2.4.6 cpe:/o:linux:linux_kernel:2.4.7 cpe:/o:linux:linux_kernel:2.4.8 cpe:/o:linux:linux_kernel:2.4.9 cpe:/o:linux:linux_kernel:2.4.10 cpe:/o:linux:linux_kernel:2.4.11 cpe:/o:linux:linux_kernel:2.4.12 cpe:/o:linux:linux_kernel:2.4.13 cpe:/o:linux:linux_kernel:2.4.14 cpe:/o:linux:linux_kernel:2.4.15 cpe:/o:linux:linux_kernel:2.4.16 cpe:/o:linux:linux_kernel:2.4.17 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel:2.4.18::x86 cpe:/o:linux:linux_kernel:2.4.18:pre1 cpe:/o:linux:linux_kernel:2.4.18:pre2 cpe:/o:linux:linux_kernel:2.4.18:pre3 cpe:/o:linux:linux_kernel:2.4.18:pre4 cpe:/o:linux:linux_kernel:2.4.18:pre5 cpe:/o:linux:linux_kernel:2.4.18:pre6 cpe:/o:linux:linux_kernel:2.4.18:pre7 cpe:/o:linux:linux_kernel:2.4.18:pre8 cpe:/o:linux:linux_kernel:2.4.19 cpe:/o:linux:linux_kernel:2.4.19:pre1 cpe:/o:linux:linux_kernel:2.4.19:pre2 cpe:/o:linux:linux_kernel:2.4.19:pre3 cpe:/o:linux:linux_kernel:2.4.19:pre4 cpe:/o:linux:linux_kernel:2.4.19:pre5 cpe:/o:linux:linux_kernel:2.4.19:pre6 cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.4.21 cpe:/o:linux:linux_kernel:2.4.21:pre1 cpe:/o:linux:linux_kernel:2.4.21:pre4 cpe:/o:linux:linux_kernel:2.4.21:pre7 cpe:/o:linux:linux_kernel:2.4.22 CVE-2003-0984 2004-01-05T00:00:00.000-05:00 2017-10-10T21:29:16.870-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONECTIVA CLA-2004:799 BUGTRAQ 20040112 SmoothWall Project Security Advisory SWP-2004:001 DEBIAN DSA-1067 DEBIAN DSA-1069 DEBIAN DSA-1070 DEBIAN DSA-1082 ENGARDE ESA-20040105-001 MANDRAKE MDKSA-2004:001 SUSE SuSE-SA:2003:049 FEDORA FEDORA-2003-046 REDHAT RHSA-2003:417 REDHAT RHSA-2004:188 BID 9154 SECTRACK 1008594 XF linux-rtc-memory-leak(13943) Real time clock (RTC) routines in Linux kernel 2.4.23 and earlier do not properly initialize their structures, which could leak kernel data to user space. cpe:/o:linux:linux_kernel:2.4.0 cpe:/o:linux:linux_kernel:2.4.0:test1 cpe:/o:linux:linux_kernel:2.4.0:test10 cpe:/o:linux:linux_kernel:2.4.0:test11 cpe:/o:linux:linux_kernel:2.4.0:test12 cpe:/o:linux:linux_kernel:2.4.0:test2 cpe:/o:linux:linux_kernel:2.4.0:test3 cpe:/o:linux:linux_kernel:2.4.0:test4 cpe:/o:linux:linux_kernel:2.4.0:test5 cpe:/o:linux:linux_kernel:2.4.0:test6 cpe:/o:linux:linux_kernel:2.4.0:test7 cpe:/o:linux:linux_kernel:2.4.0:test8 cpe:/o:linux:linux_kernel:2.4.0:test9 cpe:/o:linux:linux_kernel:2.4.1 cpe:/o:linux:linux_kernel:2.4.2 cpe:/o:linux:linux_kernel:2.4.3 cpe:/o:linux:linux_kernel:2.4.4 cpe:/o:linux:linux_kernel:2.4.5 cpe:/o:linux:linux_kernel:2.4.6 cpe:/o:linux:linux_kernel:2.4.7 cpe:/o:linux:linux_kernel:2.4.8 cpe:/o:linux:linux_kernel:2.4.9 cpe:/o:linux:linux_kernel:2.4.10 cpe:/o:linux:linux_kernel:2.4.11 cpe:/o:linux:linux_kernel:2.4.12 cpe:/o:linux:linux_kernel:2.4.13 cpe:/o:linux:linux_kernel:2.4.14 cpe:/o:linux:linux_kernel:2.4.15 cpe:/o:linux:linux_kernel:2.4.16 cpe:/o:linux:linux_kernel:2.4.17 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel:2.4.18::x86 cpe:/o:linux:linux_kernel:2.4.18:pre1 cpe:/o:linux:linux_kernel:2.4.18:pre2 cpe:/o:linux:linux_kernel:2.4.18:pre3 cpe:/o:linux:linux_kernel:2.4.18:pre4 cpe:/o:linux:linux_kernel:2.4.18:pre5 cpe:/o:linux:linux_kernel:2.4.18:pre6 cpe:/o:linux:linux_kernel:2.4.18:pre7 cpe:/o:linux:linux_kernel:2.4.18:pre8 cpe:/o:linux:linux_kernel:2.4.19 cpe:/o:linux:linux_kernel:2.4.19:pre1 cpe:/o:linux:linux_kernel:2.4.19:pre2 cpe:/o:linux:linux_kernel:2.4.19:pre3 cpe:/o:linux:linux_kernel:2.4.19:pre4 cpe:/o:linux:linux_kernel:2.4.19:pre5 cpe:/o:linux:linux_kernel:2.4.19:pre6 cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.4.21 cpe:/o:linux:linux_kernel:2.4.21:pre1 cpe:/o:linux:linux_kernel:2.4.21:pre4 cpe:/o:linux:linux_kernel:2.4.21:pre7 cpe:/o:linux:linux_kernel:2.4.22 cpe:/o:linux:linux_kernel:2.4.23 CVE-2003-0985 2004-01-20T00:00:00.000-05:00 2018-05-02T21:29:23.397-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SGI 20040102-01-U BUGTRAQ 20040108 [slackware-security] Slackware 8.1 kernel security update (SSA:2004-008-01) CONECTIVA CLA-2004:799 IMMUNIX IMNX-2004-73-001-01 MISC http://isec.pl/vulnerabilities/isec-0013-mremap.txt CONFIRM http://klecker.debian.org/~joey/security/kernel/patches/patch.CAN-2005-0528.mremap TRUSTIX 2004-0001 BUGTRAQ 20040105 Linux kernel mremap vulnerability BUGTRAQ 20040105 Linux kernel do_mremap() proof-of-concept exploit code BUGTRAQ 20040106 Linux mremap bug correction BUGTRAQ 20040107 [slackware-security] Kernel security update (SSA:2004-006-01) BUGTRAQ 20040112 SmoothWall Project Security Advisory SWP-2004:001 CONFIRM http://svn.debian.org/wsvn/kernel/patch-tracking/CVE-2005-0528?op=file&rev=0&sc=0 CIAC O-045 DEBIAN DSA-413 DEBIAN DSA-417 DEBIAN DSA-423 DEBIAN DSA-427 DEBIAN DSA-439 DEBIAN DSA-440 DEBIAN DSA-442 DEBIAN DSA-450 DEBIAN DSA-470 DEBIAN DSA-475 DEBIAN DSA-1067 DEBIAN DSA-1069 DEBIAN DSA-1070 DEBIAN DSA-1082 CERT-VN VU#490620 CONFIRM http://www.kernel.org/pub/linux/kernel/v2.4/ChangeLog-2.4.24 ENGARDE ESA-20040105-001 MANDRAKE MDKSA-2004:001 SUSE SuSE-SA:2004:003 REDHAT RHSA-2003:416 REDHAT RHSA-2003:417 REDHAT RHSA-2003:418 REDHAT RHSA-2003:419 BID 9356 XF linux-domremap-gain-privileges(14135) The mremap system call (do_mremap) in Linux kernel 2.4.x before 2.4.21, and possibly other versions before 2.4.24, does not properly perform bounds checks, which allows local users to cause a denial of service and possibly gain privileges by causing a remapping of a virtual memory area (VMA) to create a zero length VMA, a different vulnerability than CAN-2004-0077. cpe:/o:linux:linux_kernel:2.4.0:test10 cpe:/o:linux:linux_kernel:2.4.0:test11 cpe:/o:linux:linux_kernel:2.4.0:test12 cpe:/o:linux:linux_kernel:2.4.0:test2 cpe:/o:linux:linux_kernel:2.4.0:test3 cpe:/o:linux:linux_kernel:2.4.0:test4 cpe:/o:linux:linux_kernel:2.4.0:test5 cpe:/o:linux:linux_kernel:2.4.0:test6 cpe:/o:linux:linux_kernel:2.4.0:test7 cpe:/o:linux:linux_kernel:2.4.0:test8 cpe:/o:linux:linux_kernel:2.4.0:test9 cpe:/o:linux:linux_kernel:2.4.18::x86 cpe:/o:linux:linux_kernel:2.4.18:pre1 cpe:/o:linux:linux_kernel:2.4.18:pre2 cpe:/o:linux:linux_kernel:2.4.18:pre3 cpe:/o:linux:linux_kernel:2.4.18:pre4 cpe:/o:linux:linux_kernel:2.4.18:pre5 cpe:/o:linux:linux_kernel:2.4.18:pre6 cpe:/o:linux:linux_kernel:2.4.18:pre7 cpe:/o:linux:linux_kernel:2.4.18:pre8 cpe:/o:linux:linux_kernel:2.4.19:pre1 cpe:/o:linux:linux_kernel:2.4.19:pre2 cpe:/o:linux:linux_kernel:2.4.19:pre3 cpe:/o:linux:linux_kernel:2.4.19:pre4 cpe:/o:linux:linux_kernel:2.4.19:pre5 cpe:/o:linux:linux_kernel:2.4.19:pre6 cpe:/o:linux:linux_kernel:2.4.21:pre1 cpe:/o:linux:linux_kernel:2.4.21:pre4 cpe:/o:linux:linux_kernel:2.4.21:pre7 cpe:/o:linux:linux_kernel:2.4.22:pre10 cpe:/o:linux:linux_kernel:2.4.23 cpe:/o:linux:linux_kernel:2.4.23:pre9 cpe:/o:linux:linux_kernel:2.4.23_ow2 cpe:/o:linux:linux_kernel:2.4.24 cpe:/o:linux:linux_kernel:2.4.24_ow1 cpe:/o:linux:linux_kernel:2.6.0 cpe:/o:linux:linux_kernel:2.6.1:rc1 cpe:/o:linux:linux_kernel:2.6.1:rc2 cpe:/o:linux:linux_kernel:2.6.2 cpe:/o:redhat:enterprise_linux:3.0::advanced_servers cpe:/o:redhat:enterprise_linux:3.0::enterprise_server cpe:/o:redhat:enterprise_linux:3.0::workstation CVE-2003-0986 2003-12-31T00:00:00.000-05:00 2017-10-10T21:29:16.950-04:00 1.7 LOCAL LOW SINGLE_INSTANCE NONE NONE PARTIAL http://nvd.nist.gov CONFIRM http://linux.bkbits.net:8080/linux-2.4/cset@3fdd54b3u9Eq0Wny2Nn1HGfI3pofOQ CONFIRM http://linux.bkbits.net:8080/linux-2.6/cset@3ffcf122S7e3xPZCpibrXq6KRRjwqw REDHAT RHSA-2004:017 Various routines for the ppc64 architecture on Linux kernel 2.6 prior to 2.6.2 and 2.4 prior to 2.4.24 do not use the copy_from_user function when copying data from userspace to kernelspace, which crosses security boundaries and allows local users to cause a denial of service. cpe:/a:apache:http_server:1.3.30 CVE-2003-0987 2004-03-03T00:00:00.000-05:00 2017-10-10T21:29:17.043-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20040512 [OpenPKG-SA-2004.021] OpenPKG Security Advisory (apache) GENTOO GLSA-200405-22 SECTRACK 1008920 SUNALERT 101555 SUNALERT 101841 SUNALERT 57628 CONFIRM http://www.mail-archive.com/dev@httpd.apache.org/msg19007.html CONFIRM http://www.mail-archive.com/dev@httpd.apache.org/msg19014.html MANDRAKE MDKSA-2004:046 REDHAT RHSA-2004:600 REDHAT RHSA-2005:816 BID 9571 SLACKWARE SSA:2004-133 TRUSTIX 2004-0027 XF apache-moddigest-response-replay(15041) mod_digest for Apache before 1.3.31 does not properly verify the nonce of a client response by using a AuthNonce secret. cpe:/o:kde:kde:3.1.0 cpe:/o:kde:kde:3.1.1 cpe:/o:kde:kde:3.1.2 cpe:/o:kde:kde:3.1.3 CVE-2003-0988 2004-02-17T00:00:00.000-05:00 2017-10-09T21:30:15.377-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONECTIVA CLA-2004:810 BUGTRAQ 20040114 KDE Security Advisory: VCF file information reader vulnerability GENTOO GLSA-200404-02 CERT-VN VU#820798 CONFIRM http://www.kde.org/info/security/advisory-20040114-1.txt MANDRAKE MDKSA-2004:003 REDHAT RHSA-2004:005 REDHAT RHSA-2004:006 BID 9419 XF kde-kdepim-bo(14833) Buffer overflow in the VCF file information reader for KDE Personal Information Management (kdepim) suite in KDE 3.1.0 through 3.1.4 allows attackers to execute arbitrary code via a VCF file. cpe:/a:redhat:tcpdump:3.8.0 cpe:/o:redhat:linux:9.0::i386 CVE-2003-0989 2004-02-17T00:00:00.000-05:00 2018-10-19T11:29:38.620-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS CALDERA CSSA-2004-008.0 SCO SCOSA-2004.9 SGI 20040103-01-U SGI 20040202-01-U APPLE APPLE-SA-2004-02-23 TRUSTIX 2004-0004 ENGARDE ESA-20040119-002 BUGTRAQ 20040131 [FLSA-2004:1222] Updated tcpdump resolves security vulnerabilites (resend with correct paths) DEBIAN DSA-425 CERT-VN VU#738518 MANDRAKE MDKSA-2004:008 FEDORA FEDORA-2004-090 FEDORA FEDORA-2004-092 MLIST [fedora-announce-list] 20040311 Re: [SECURITY] Fedora Core 1 Update: tcpdump-3.7.2-8.fc1.1 FEDORA FLSA:1222 REDHAT RHSA-2004:007 REDHAT RHSA-2004:008 BUGTRAQ 20040119 [ESA-20040119-002] 'tcpdump' multiple vulnerabilities. BID 9507 SECTRACK 1008716 tcpdump before 3.8.1 allows remote attackers to cause a denial of service (infinite loop) via certain ISAKMP packets, a different vulnerability than CVE-2004-0057. CVE-2003-0990 2004-01-20T00:00:00.000-05:00 2017-07-10T21:29:39.493-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20031224 Bugtraq Security Systems ADV-0001 MISC http://www.bugtraq.org/advisories/_BSSADV-0001.txt BUGTRAQ 20031226 Re: Reported Command Injection in Squirrelmail GPG BID 9296 XF squirrelmail-parseaddress-command-execution(14079) The parseAddress code in (1) SquirrelMail 1.4.0 and (2) GPG Plugin 1.1 allows remote attackers to execute commands via shell metacharacters in the "To:" field. cpe:/a:gnu:mailman:1.0 cpe:/a:gnu:mailman:1.1 cpe:/a:gnu:mailman:2.0 cpe:/a:gnu:mailman:2.0:beta3 cpe:/a:gnu:mailman:2.0:beta4 cpe:/a:gnu:mailman:2.0:beta5 cpe:/a:gnu:mailman:2.0.1 cpe:/a:gnu:mailman:2.0.2 cpe:/a:gnu:mailman:2.0.3 cpe:/a:gnu:mailman:2.0.4 cpe:/a:gnu:mailman:2.0.5 cpe:/a:gnu:mailman:2.0.6 cpe:/a:gnu:mailman:2.0.7 cpe:/a:gnu:mailman:2.0.8 cpe:/a:gnu:mailman:2.0.9 cpe:/a:gnu:mailman:2.0.10 cpe:/a:gnu:mailman:2.0.11 cpe:/a:gnu:mailman:2.0.12 cpe:/a:gnu:mailman:2.0.13 cpe:/a:gnu:mailman:2.1 cpe:/a:sgi:propack:2.3 CVE-2003-0991 2004-03-03T00:00:00.000-05:00 2017-10-09T21:30:15.437-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SGI 20040201-01-U CONECTIVA CLA-2004:842 MLIST [Mailman-Announce] 20040208 RELEASED: Mailman 2.0.14 patch-only release DEBIAN DSA-436 MANDRAKE MDKSA-2004:013 REDHAT RHSA-2004:019 BID 9620 XF mailman-command-handler-dos(15106) Unknown vulnerability in the mail command handler in Mailman before 2.0.14 allows remote attackers to cause a denial of service (crash) via malformed e-mail commands. cpe:/a:gnu:mailman:2.1.3 CVE-2003-0992 2004-02-17T00:00:00.000-05:00 2017-10-10T21:29:17.120-04:00 4.3 NETWORK MEDIUM NONE PARTIAL NONE NONE http://nvd.nist.gov CONECTIVA CLA-2004:842 CONFIRM http://mail.python.org/pipermail/mailman-announce/2003-September/000061.html MANDRAKE MDKSA-2004:013 REDHAT RHSA-2004:020 Cross-site scripting (XSS) vulnerability in the create CGI script for Mailman before 2.1.3 allows remote attackers to steal cookies of other users. cpe:/a:apache:http_server:1.3 cpe:/a:apache:http_server:1.3.1 cpe:/a:apache:http_server:1.3.3 cpe:/a:apache:http_server:1.3.4 cpe:/a:apache:http_server:1.3.6 cpe:/a:apache:http_server:1.3.7::dev cpe:/a:apache:http_server:1.3.9 cpe:/a:apache:http_server:1.3.11 cpe:/a:apache:http_server:1.3.12 cpe:/a:apache:http_server:1.3.14 cpe:/a:apache:http_server:1.3.17 cpe:/a:apache:http_server:1.3.18 cpe:/a:apache:http_server:1.3.19 cpe:/a:apache:http_server:1.3.20 cpe:/a:apache:http_server:1.3.22 cpe:/a:apache:http_server:1.3.23 cpe:/a:apache:http_server:1.3.24 cpe:/a:apache:http_server:1.3.25 cpe:/a:apache:http_server:1.3.26 cpe:/a:apache:http_server:1.3.27 cpe:/a:apache:http_server:1.3.28 cpe:/a:apache:http_server:1.3.29 CVE-2003-0993 2004-03-29T00:00:00.000-05:00 2017-10-09T21:30:15.517-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS MANDRAKE MDKSA-2004:046 CONFIRM http://issues.apache.org/bugzilla/show_bug.cgi?id=23850 MLIST [apache-cvs] 20040307 cvs commit: apache-1.3/src/modules/standard mod_access.c BUGTRAQ 20040512 [OpenPKG-SA-2004.021] OpenPKG Security Advisory (apache) GENTOO GLSA-200405-22 SUNALERT 101555 SUNALERT 101841 SUNALERT 57628 CONFIRM http://www.apacheweek.com/features/security-13 BID 9829 SLACKWARE SSA:2004-133 TRUSTIX 2004-0027 XF apache-modaccess-obtain-information(15422) mod_access in Apache 1.3 before 1.3.30, when running big-endian 64-bit platforms, does not properly parse Allow/Deny rules using IP addresses without a netmask, which could allow remote attackers to bypass intended access restrictions. cpe:/a:symantec:norton_antivirus:2.1::ms_exchange cpe:/a:symantec:norton_antivirus:2001 cpe:/a:symantec:norton_antivirus:2001::pro cpe:/a:symantec:norton_antivirus:2002 cpe:/a:symantec:norton_antivirus:2002::pro cpe:/a:symantec:norton_antivirus:2003 cpe:/a:symantec:norton_antivirus:2003::pro cpe:/a:symantec:norton_antivirus:2004::pro cpe:/a:symantec:norton_antivirus:v3.0::handhelds cpe:/a:symantec:norton_internet_security:2001 cpe:/a:symantec:norton_internet_security:2001::pro cpe:/a:symantec:norton_internet_security:2002 cpe:/a:symantec:norton_internet_security:2002::pro cpe:/a:symantec:norton_internet_security:2003 cpe:/a:symantec:norton_internet_security:2003::pro cpe:/a:symantec:norton_internet_security:2004 cpe:/a:symantec:norton_internet_security:2004::pro cpe:/a:symantec:norton_system_works:2001 cpe:/a:symantec:norton_system_works:2002 cpe:/a:symantec:norton_system_works:2003 cpe:/a:symantec:norton_system_works:2004 cpe:/a:symantec:windows_liveupdate:1.70.x cpe:/a:symantec:windows_liveupdate:1.90.x CVE-2003-0994 2004-02-03T00:00:00.000-05:00 2016-10-17T22:38:57.927-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20040112 SRT2004-01-9-1022 - Symantec LiveUpdate allows local users to become SYSTEM BUGTRAQ 20040112 Re: SRT2004-01-9-1022 - Symantec LiveUpdate allows local users to become SYSTEM MISC http://www.secnetops.biz/research/SRT2004-01-09-1022.txt The GUI functionality for an interactive session in Symantec LiveUpdate 1.70.x through 1.90.x, as used in Norton Internet Security 2001 through 2004, SystemWorks 2001 through 2004, and AntiVirus and Norton AntiVirus Pro 2001 through 2004, AntiVirus for Handhelds v3.0, allows local users to gain SYSTEM privileges. cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2000::sp1 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 cpe:/o:microsoft:windows_2000::sp4 CVE-2003-0995 2004-01-05T00:00:00.000-05:00 2019-04-30T10:27:13.913-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS MS MS03-039 XF win2k-message-queue-bo(13131) Buffer overflow in the Microsoft Message Queue Manager (MSQM) allows remote attackers to cause a denial of service (RPC service crash) via a queue registration request. cpe:/a:ca:unicenter_remote_control_host:6.0 CVE-2003-0996 2004-01-05T00:00:00.000-05:00 2008-09-05T16:35:45.733-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS CONFIRM http://support.ca.com/techbases/rp/urc6x-secnote.html Unknown "System Security Vulnerability" in Computer Associates (CA) Unicenter Remote Control (URC) 6.0 allows attackers to gain privileges via the help interface. cpe:/a:ca:unicenter_remote_control_host:6.0 CVE-2003-0997 2004-01-05T00:00:00.000-05:00 2008-09-05T16:35:45.887-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CONFIRM http://support.ca.com/techbases/rp/urc6x-secnote.html Unknown "Denial of Service Attack" vulnerability in Computer Associates (CA) Unicenter Remote Control (URC) 6.0 allows attackers to cause a denial of service (CPU consumption in URC host service). cpe:/a:ca:controlit:5.0::advanced cpe:/a:ca:controlit:5.0::enterprise cpe:/a:ca:controlit:5.1::enterprise cpe:/a:ca:unicenter_remote_control:5.2 cpe:/a:ca:unicenter_remote_control:6.0 cpe:/a:ca:unicenter_remote_control_option:5.0 cpe:/a:ca:unicenter_remote_control_option:5.1 cpe:/a:ca:unicenter_remote_control_option:5.1:::de CVE-2003-0998 2004-01-05T00:00:00.000-05:00 2008-09-05T16:35:46.030-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS CONFIRM http://support.ca.com/techbases/rp/urc5x-secnote.html Unknown "potential system security vulnerability" in Computer Associates (CA) Unicenter Remote Control 5.0 through 5.2, and ControlIT 5.0 and 5.1, may allow attackers to gain privileges to the local system account. cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0::x86 cpe:/o:sun:sunos:- cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-0999 2004-01-05T00:00:00.000-05:00 2018-10-30T12:26:22.763-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SUNALERT 57451 Unknown multiple vulnerabilities in (1) lpstat and (2) the libprint library in Solaris 2.6 through 9 may allow attackers to execute arbitrary code or read or write arbitrary files. cpe:/a:xchat:xchat:2.0.6 CVE-2003-1000 2004-01-05T00:00:00.000-05:00 2016-10-17T22:38:59.133-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONFIRM http://mail.nl.linux.org/xchat-announce/2003-12/msg00000.html BUGTRAQ 20031214 GLSA: Malformed dcc send requests in xchat-2.0.6 lead to a denial of service xchat 2.0.6 allows remote attackers to cause a denial of service (crash) via a passive DCC request with an invalid ID number, which causes a null dereference. cpe:/h:cisco:catalyst_6500 cpe:/h:cisco:catalyst_6500_ws-svc-nam-1:2.2%281a%29 cpe:/h:cisco:catalyst_6500_ws-svc-nam-1:3.1%281a%29 cpe:/h:cisco:catalyst_6500_ws-svc-nam-2:2.2%281a%29 cpe:/h:cisco:catalyst_6500_ws-svc-nam-2:3.1%281a%29 cpe:/h:cisco:catalyst_6500_ws-x6380-nam:2.1%282%29 cpe:/h:cisco:catalyst_6500_ws-x6380-nam:3.1%281a%29 cpe:/h:cisco:catalyst_7600_ws-svc-nam-1:2.2%281a%29 cpe:/h:cisco:catalyst_7600_ws-svc-nam-1:3.1%281a%29 cpe:/h:cisco:catalyst_7600_ws-svc-nam-2:2.2%281a%29 cpe:/h:cisco:catalyst_7600_ws-svc-nam-2:3.1%281a%29 cpe:/h:cisco:catalyst_7600_ws-x6380-nam:2.1%282%29 cpe:/h:cisco:catalyst_7600_ws-x6380-nam:3.1%281a%29 cpe:/h:cisco:firewall_services_module cpe:/h:cisco:firewall_services_module:1.1.2 cpe:/o:cisco:catos:5.4%281%29 cpe:/o:cisco:catos:7.5%281%29 cpe:/o:cisco:catos:7.6%281%29 CVE-2003-1001 2004-01-05T00:00:00.000-05:00 2008-09-10T15:21:24.353-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CISCO 20031215 Cisco FWSM Vulnerabilities Buffer overflow in the Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via HTTP auth requests for (1) TACACS+ or (2) RADIUS authentication. cpe:/h:cisco:catalyst_6500 cpe:/h:cisco:catalyst_6500_ws-svc-nam-1:2.2%281a%29 cpe:/h:cisco:catalyst_6500_ws-svc-nam-1:3.1%281a%29 cpe:/h:cisco:catalyst_6500_ws-svc-nam-2:2.2%281a%29 cpe:/h:cisco:catalyst_6500_ws-svc-nam-2:3.1%281a%29 cpe:/h:cisco:catalyst_6500_ws-x6380-nam:2.1%282%29 cpe:/h:cisco:catalyst_6500_ws-x6380-nam:3.1%281a%29 cpe:/h:cisco:catalyst_7600_ws-svc-nam-1:2.2%281a%29 cpe:/h:cisco:catalyst_7600_ws-svc-nam-1:3.1%281a%29 cpe:/h:cisco:catalyst_7600_ws-svc-nam-2:2.2%281a%29 cpe:/h:cisco:catalyst_7600_ws-svc-nam-2:3.1%281a%29 cpe:/h:cisco:catalyst_7600_ws-x6380-nam:2.1%282%29 cpe:/h:cisco:catalyst_7600_ws-x6380-nam:3.1%281a%29 cpe:/h:cisco:firewall_services_module cpe:/h:cisco:firewall_services_module:1.1.2 cpe:/o:cisco:catos:5.4%281%29 cpe:/o:cisco:catos:7.5%281%29 cpe:/o:cisco:catos:7.6%281%29 CVE-2003-1002 2004-01-05T00:00:00.000-05:00 2008-09-10T15:21:24.413-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CISCO 20031215 Cisco FWSM Vulnerabilities Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set. cpe:/a:cisco:pix_firewall:6.2.2_.111 cpe:/o:cisco:pix_firewall_software:5.0 cpe:/o:cisco:pix_firewall_software:5.1 cpe:/o:cisco:pix_firewall_software:5.1%284%29 cpe:/o:cisco:pix_firewall_software:5.1%284.206%29 cpe:/o:cisco:pix_firewall_software:5.2 cpe:/o:cisco:pix_firewall_software:5.2%281%29 cpe:/o:cisco:pix_firewall_software:5.2%282%29 cpe:/o:cisco:pix_firewall_software:5.2%283.210%29 cpe:/o:cisco:pix_firewall_software:5.2%285%29 cpe:/o:cisco:pix_firewall_software:5.2%286%29 cpe:/o:cisco:pix_firewall_software:5.2%287%29 cpe:/o:cisco:pix_firewall_software:5.2%289%29 cpe:/o:cisco:pix_firewall_software:5.3 cpe:/o:cisco:pix_firewall_software:5.3%281%29 cpe:/o:cisco:pix_firewall_software:5.3%281.200%29 cpe:/o:cisco:pix_firewall_software:5.3%282%29 cpe:/o:cisco:pix_firewall_software:5.3%283%29 cpe:/o:cisco:pix_firewall_software:6.0 cpe:/o:cisco:pix_firewall_software:6.0%281%29 cpe:/o:cisco:pix_firewall_software:6.0%282%29 cpe:/o:cisco:pix_firewall_software:6.0%283%29 cpe:/o:cisco:pix_firewall_software:6.0%284%29 cpe:/o:cisco:pix_firewall_software:6.0%284.101%29 cpe:/o:cisco:pix_firewall_software:6.1 cpe:/o:cisco:pix_firewall_software:6.1%281%29 cpe:/o:cisco:pix_firewall_software:6.1%282%29 cpe:/o:cisco:pix_firewall_software:6.1%283%29 cpe:/o:cisco:pix_firewall_software:6.1%284%29 cpe:/o:cisco:pix_firewall_software:6.1%285%29 cpe:/o:cisco:pix_firewall_software:6.2 cpe:/o:cisco:pix_firewall_software:6.2%281%29 cpe:/o:cisco:pix_firewall_software:6.2%282%29 cpe:/o:cisco:pix_firewall_software:6.2%283%29 cpe:/o:cisco:pix_firewall_software:6.2%283.100%29 cpe:/o:cisco:pix_firewall_software:6.3 cpe:/o:cisco:pix_firewall_software:6.3%281%29 cpe:/o:cisco:pix_firewall_software:6.3%283.102%29 CVE-2003-1003 2004-01-05T00:00:00.000-05:00 2018-10-30T12:26:18.123-04:00 7.8 NETWORK LOW NONE NONE NONE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CISCO 20031215 Cisco PIX Vulnerabilities Cisco PIX firewall 5.x.x, and 6.3.1 and earlier, allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set. cpe:/a:cisco:pix_firewall:6.2.2_.111 cpe:/o:cisco:pix_firewall_software:6.2 cpe:/o:cisco:pix_firewall_software:6.2%281%29 cpe:/o:cisco:pix_firewall_software:6.2%282%29 cpe:/o:cisco:pix_firewall_software:6.2%283%29 cpe:/o:cisco:pix_firewall_software:6.2%283.100%29 CVE-2003-1004 2004-01-05T00:00:00.000-05:00 2018-10-30T12:26:18.060-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CISCO 20031215 Cisco PIX Vulnerabilities Cisco PIX firewall 6.2.x through 6.2.3, when configured as a VPN Client, allows remote attackers to cause a denial of service (dropped IPSec tunnel connection) via an IKE Phase I negotiation request to the outside interface of the firewall. cpe:/o:apple:mac_os_x:10.2.8 cpe:/o:apple:mac_os_x:10.3.2 cpe:/o:apple:mac_os_x_server:10.2.8 cpe:/o:apple:mac_os_x_server:10.3.2 CVE-2003-1005 2003-12-31T00:00:00.000-05:00 2008-09-10T15:21:24.633-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-05-24T14:45:00.000-04:00 APPLE APPLE-SA-2003-12-19 AUSCERT ESB-2003.0867 BID 9266 The PKI functionality in Mac OS X 10.2.8 and 10.3.2 allows remote attackers to cause a denial of service (service crash) via malformed ASN.1 sequences. cpe:/o:apple:mac_os_x:10.0 cpe:/o:apple:mac_os_x:10.0.1 cpe:/o:apple:mac_os_x:10.0.2 cpe:/o:apple:mac_os_x:10.0.3 cpe:/o:apple:mac_os_x:10.0.4 cpe:/o:apple:mac_os_x:10.1 cpe:/o:apple:mac_os_x:10.1.1 cpe:/o:apple:mac_os_x:10.1.2 cpe:/o:apple:mac_os_x:10.1.3 cpe:/o:apple:mac_os_x:10.1.4 cpe:/o:apple:mac_os_x:10.1.5 cpe:/o:apple:mac_os_x:10.2 cpe:/o:apple:mac_os_x:10.2.1 cpe:/o:apple:mac_os_x:10.2.2 cpe:/o:apple:mac_os_x:10.2.3 cpe:/o:apple:mac_os_x:10.2.4 cpe:/o:apple:mac_os_x:10.2.5 cpe:/o:apple:mac_os_x:10.2.6 cpe:/o:apple:mac_os_x:10.2.7 cpe:/o:apple:mac_os_x:10.2.8 cpe:/o:apple:mac_os_x:10.3 cpe:/o:apple:mac_os_x:10.3.1 cpe:/o:apple:mac_os_x:10.3.2 cpe:/o:apple:mac_os_x_server:10.0 cpe:/o:apple:mac_os_x_server:10.2 cpe:/o:apple:mac_os_x_server:10.2.1 cpe:/o:apple:mac_os_x_server:10.2.2 cpe:/o:apple:mac_os_x_server:10.2.3 cpe:/o:apple:mac_os_x_server:10.2.4 cpe:/o:apple:mac_os_x_server:10.2.5 cpe:/o:apple:mac_os_x_server:10.2.6 cpe:/o:apple:mac_os_x_server:10.2.7 cpe:/o:apple:mac_os_x_server:10.2.8 cpe:/o:apple:mac_os_x_server:10.3 cpe:/o:apple:mac_os_x_server:10.3.1 cpe:/o:apple:mac_os_x_server:10.3.2 CVE-2003-1006 2004-03-29T00:00:00.000-05:00 2017-07-10T21:29:39.620-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CONFIRM http://docs.info.apple.com/article.html?artnum=61798 CERT-VN VU#878526 BUGTRAQ 20031215 Buffer overflow/privilege escalation in MacOS X BUGTRAQ 20031216 Re: Buffer overflow/privilege escalation in MacOS X BUGTRAQ 20031219 Re: Buffer overflow/privilege escalation in MacOS X - hfs.util also BID 9228 XF macos-cd9660-bo(13995) Buffer overflow in cd9660.util in Apple Mac OS X 10.0 through 10.3.2 and Apple Mac OS X Server 10.0 through 10.3.2 may allow local users to execute arbitrary code via a long command line parameter. cpe:/o:apple:mac_os_x:10.2.8 cpe:/o:apple:mac_os_x:10.3.2 cpe:/o:apple:mac_os_x_server:10.2.8 cpe:/o:apple:mac_os_x_server:10.3.2 CVE-2003-1007 2004-03-29T00:00:00.000-05:00 2017-07-10T21:29:39.680-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONFIRM http://docs.info.apple.com/article.html?artnum=61798 SECTRACK 1008532 BID 9264 XF applefileserver-dos(14051) AppleFileServer (AFS) in Apple Mac OS X 10.2.8 and 10.3.2 does not properly handle certain malformed requests, with unknown impact. cpe:/o:apple:mac_os_x:10.2.8 cpe:/o:apple:mac_os_x:10.3.2 cpe:/o:apple:mac_os_x_server:10.2.8 cpe:/o:apple:mac_os_x_server:10.3.2 CVE-2003-1008 2004-03-29T00:00:00.000-05:00 2017-07-10T21:29:39.727-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONFIRM http://docs.info.apple.com/article.html?artnum=61798 XF macos-screen-saver-bypass(14195) Unknown vulnerability in Mac OS X 10.2.8 and 10.3.2 allows local users to bypass the screen saver login window and write a text clipping to the desktop or another application. cpe:/o:apple:mac_os_x:10.0.2 cpe:/o:apple:mac_os_x:10.0.3 cpe:/o:apple:mac_os_x:10.2.8 cpe:/o:apple:mac_os_x:10.3.2 cpe:/o:apple:mac_os_x_server:10.2 cpe:/o:apple:mac_os_x_server:10.2.1 cpe:/o:apple:mac_os_x_server:10.2.2 cpe:/o:apple:mac_os_x_server:10.2.3 cpe:/o:apple:mac_os_x_server:10.2.4 cpe:/o:apple:mac_os_x_server:10.2.5 cpe:/o:apple:mac_os_x_server:10.2.6 cpe:/o:apple:mac_os_x_server:10.2.7 cpe:/o:apple:mac_os_x_server:10.2.8 cpe:/o:apple:mac_os_x_server:10.3 cpe:/o:apple:mac_os_x_server:10.3.1 cpe:/o:apple:mac_os_x_server:10.3.2 CVE-2003-1009 2004-03-29T00:00:00.000-05:00 2017-07-10T21:29:39.777-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS MISC http://docs.info.apple.com/article.html?artnum=32478 CONFIRM http://docs.info.apple.com/article.html?artnum=61798 MISC http://www.carrel.org/dhcp-vuln.html BID 9110 XF macos-dhcp-gain-privileges(13874) Directory Services in Apple Mac OS X 10.0.2, 10.0.3, 10.2.8, 10.3.2 and Apple Mac OS X Server 10.2 through 10.3.2 accepts authentication server information from unknown LDAP or NetInfo sources as provided by a malicious DHCP server, which allows remote attackers to gain privileges. CVE-2003-1010 2004-03-29T00:00:00.000-05:00 2017-07-10T21:29:39.837-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONFIRM http://docs.info.apple.com/article.html?artnum=61798 BID 9265 XF macos-fsusage-gain-privileges(14193) Unknown vulnerability in fs_usage in Mac OS X 10.2.8 and 10.3.2 and Mac OS X Server 10.2.8 and 10.3.2 allows local users to gain privileges via unknown attack vectors. cpe:/o:apple:mac_os_x:10.0 cpe:/o:apple:mac_os_x:10.0.1 cpe:/o:apple:mac_os_x:10.0.2 cpe:/o:apple:mac_os_x:10.0.3 cpe:/o:apple:mac_os_x:10.0.4 cpe:/o:apple:mac_os_x:10.1 cpe:/o:apple:mac_os_x:10.1.1 cpe:/o:apple:mac_os_x:10.1.2 cpe:/o:apple:mac_os_x:10.1.3 cpe:/o:apple:mac_os_x:10.1.4 cpe:/o:apple:mac_os_x:10.1.5 cpe:/o:apple:mac_os_x:10.2 cpe:/o:apple:mac_os_x:10.2.1 cpe:/o:apple:mac_os_x:10.2.2 cpe:/o:apple:mac_os_x:10.2.3 cpe:/o:apple:mac_os_x:10.2.4 cpe:/o:apple:mac_os_x:10.2.5 cpe:/o:apple:mac_os_x:10.2.6 cpe:/o:apple:mac_os_x:10.2.7 cpe:/o:apple:mac_os_x:10.2.8 CVE-2003-1011 2004-03-29T00:00:00.000-05:00 2017-07-10T21:29:39.883-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CONFIRM http://docs.info.apple.com/article.html?artnum=61798 BUGTRAQ 20031031 Console Root On OSX up to 10.2.8 BID 8945 XF macos-ctrlc-gain-access(13573) Apple Mac OS X 10.0 through 10.2.8 allows local users with a USB keyboard to gain unauthorized access by holding down the CTRL and C keys when the system is booting, which crashes the init process and leaves the user in a root shell. cpe:/a:ethereal_group:ethereal:0.9 cpe:/a:ethereal_group:ethereal:0.9.1 cpe:/a:ethereal_group:ethereal:0.9.2 cpe:/a:ethereal_group:ethereal:0.9.3 cpe:/a:ethereal_group:ethereal:0.9.4 cpe:/a:ethereal_group:ethereal:0.9.5 cpe:/a:ethereal_group:ethereal:0.9.6 cpe:/a:ethereal_group:ethereal:0.9.7 cpe:/a:ethereal_group:ethereal:0.9.8 cpe:/a:ethereal_group:ethereal:0.9.9 cpe:/a:ethereal_group:ethereal:0.9.10 cpe:/a:ethereal_group:ethereal:0.9.11 cpe:/a:ethereal_group:ethereal:0.9.12 cpe:/a:ethereal_group:ethereal:0.9.13 cpe:/a:ethereal_group:ethereal:0.9.14 cpe:/a:ethereal_group:ethereal:0.9.15 cpe:/a:ethereal_group:ethereal:0.9.16 CVE-2003-1012 2004-01-05T00:00:00.000-05:00 2017-10-10T21:29:17.247-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SGI 20040103-01-U SGI 20040202-01-U CONECTIVA CLA-2004:801 DEBIAN DSA-407 CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00012.html MANDRAKE MDKSA-2004:002 REDHAT RHSA-2004:001 REDHAT RHSA-2004:002 The SMB dissector in Ethereal before 0.10.0 allows remote attackers to cause a denial of service via a malformed SMB packet that triggers a segmentation fault during processing of Selected packets. cpe:/a:ethereal_group:ethereal:0.9 cpe:/a:ethereal_group:ethereal:0.9.1 cpe:/a:ethereal_group:ethereal:0.9.2 cpe:/a:ethereal_group:ethereal:0.9.3 cpe:/a:ethereal_group:ethereal:0.9.4 cpe:/a:ethereal_group:ethereal:0.9.5 cpe:/a:ethereal_group:ethereal:0.9.6 cpe:/a:ethereal_group:ethereal:0.9.7 cpe:/a:ethereal_group:ethereal:0.9.8 cpe:/a:ethereal_group:ethereal:0.9.9 cpe:/a:ethereal_group:ethereal:0.9.10 cpe:/a:ethereal_group:ethereal:0.9.11 cpe:/a:ethereal_group:ethereal:0.9.12 cpe:/a:ethereal_group:ethereal:0.9.13 cpe:/a:ethereal_group:ethereal:0.9.14 cpe:/a:ethereal_group:ethereal:0.9.15 cpe:/a:ethereal_group:ethereal:0.9.16 CVE-2003-1013 2004-01-05T00:00:00.000-05:00 2017-10-10T21:29:17.323-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SGI 20040103-01-U SGI 20040202-01-U CONECTIVA CLA-2004:801 DEBIAN DSA-407 CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00012.html MANDRAKE MDKSA-2004:002 REDHAT RHSA-2004:001 REDHAT RHSA-2004:002 The Q.931 dissector in Ethereal before 0.10.0, and Tethereal, allows remote attackers to cause a denial of service (crash) via a malformed Q.931, which triggers a null dereference. CVE-2003-1014 2004-10-20T00:00:00.000-04:00 2017-07-10T21:29:39.947-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20040914 Corsaire Security Advisory - Multiple vendor MIME field multiple occurrence issue MISC http://www.uniras.gov.uk/vuls/2004/380375/mime.htm XF mime-field-filtering-bypass(17333) Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use multiple MIME fields with the same name, which may be interpreted differently by mail clients. cpe:/a:clearswift:mailsweeper:4.3.7 cpe:/a:clearswift:mailsweeper:4.3.8 cpe:/a:clearswift:mailsweeper:4.3.10 cpe:/a:clearswift:mailsweeper:4.3.11 cpe:/a:clearswift:mailsweeper:4.3.13 cpe:/a:clearswift:mailsweeper:4.3.14 cpe:/a:clearswift:mailsweeper:4.3.15 cpe:/a:f-secure:internet_gatekeeper:6.3 cpe:/a:f-secure:internet_gatekeeper:6.4 cpe:/a:f-secure:internet_gatekeeper:6.31 cpe:/a:f-secure:internet_gatekeeper:6.32 cpe:/a:paul_l_daniels:ripmime:1.2.0 cpe:/a:paul_l_daniels:ripmime:1.2.1 cpe:/a:paul_l_daniels:ripmime:1.2.2 cpe:/a:paul_l_daniels:ripmime:1.2.3 cpe:/a:paul_l_daniels:ripmime:1.2.4 cpe:/a:paul_l_daniels:ripmime:1.2.5 cpe:/a:paul_l_daniels:ripmime:1.2.6 cpe:/a:paul_l_daniels:ripmime:1.2.7 cpe:/a:paul_l_daniels:ripmime:1.3.2.0 cpe:/a:paul_l_daniels:ripmime:1.3.2.2 cpe:/a:paul_l_daniels:ripmime:1.3.2.3 CVE-2003-1015 2004-10-20T00:00:00.000-04:00 2017-07-10T21:29:40.010-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20040914 Corsaire Security Advisory - Multiple vendor MIME field whitespace issue MISC http://www.uniras.gov.uk/vuls/2004/380375/mime.htm XF mime-tools-incorrect-concatenation(9273) Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use whitespace in an unusual fashion, which may be interpreted differently by mail clients. cpe:/a:clearswift:mailsweeper:4.3.7 cpe:/a:clearswift:mailsweeper:4.3.8 cpe:/a:clearswift:mailsweeper:4.3.10 cpe:/a:clearswift:mailsweeper:4.3.11 cpe:/a:clearswift:mailsweeper:4.3.13 cpe:/a:clearswift:mailsweeper:4.3.14 cpe:/a:clearswift:mailsweeper:4.3.15 cpe:/a:f-secure:internet_gatekeeper:6.3 cpe:/a:f-secure:internet_gatekeeper:6.4 cpe:/a:f-secure:internet_gatekeeper:6.31 cpe:/a:f-secure:internet_gatekeeper:6.32 cpe:/a:paul_l_daniels:ripmime:1.2.0 cpe:/a:paul_l_daniels:ripmime:1.2.1 cpe:/a:paul_l_daniels:ripmime:1.2.2 cpe:/a:paul_l_daniels:ripmime:1.2.3 cpe:/a:paul_l_daniels:ripmime:1.2.4 cpe:/a:paul_l_daniels:ripmime:1.2.5 cpe:/a:paul_l_daniels:ripmime:1.2.6 cpe:/a:paul_l_daniels:ripmime:1.2.7 cpe:/a:paul_l_daniels:ripmime:1.3.2.0 cpe:/a:paul_l_daniels:ripmime:1.3.2.2 cpe:/a:paul_l_daniels:ripmime:1.3.2.3 CVE-2003-1016 2004-10-20T00:00:00.000-04:00 2017-07-10T21:29:40.057-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20040914 Corsaire Security Advisory - Multiple vendor MIME field quoting issue MISC http://www.uniras.gov.uk/vuls/2004/380375/mime.htm XF mime-quote-filtering-bypass(17336) Multiple content security gateway and antivirus products allow remote attackers to bypass content restrictions via MIME messages that use malformed quoting in MIME headers, parameters, and values, including (1) fields that should not be quoted, (2) duplicate quotes, or (3) missing leading or trailing quote characters, which may be interpreted differently by mail clients. cpe:/a:macromedia:director:5.0 cpe:/a:macromedia:flash_player:4.0_r12 cpe:/a:macromedia:flash_player:5.0 cpe:/a:macromedia:flash_player:5.0_r50 cpe:/a:macromedia:flash_player:6.0 cpe:/a:macromedia:flash_player:6.0.29.0 cpe:/a:macromedia:flash_player:6.0.40.0 cpe:/a:macromedia:flash_player:6.0.47.0 cpe:/a:macromedia:flash_player:6.0.65.0 cpe:/a:macromedia:flash_player:6.0.79.0 CVE-2003-1017 2004-01-05T00:00:00.000-05:00 2017-07-10T21:29:40.120-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov CONFIRM http://www.macromedia.com/devnet/security/security_zone/mpsb03-08.html BID 8900 XF flash-file-predictable-location(14013) Macromedia Flash Player before 7,0,19,0 stores a Flash data file in a predictable location that is accessible to web browsers such as Internet Explorer and Opera, which allows remote attackers to read restricted files via vulnerabilities in web browsers whose exploits rely on predictable names. cpe:/o:ibm:aix:4.3.3 cpe:/o:ibm:aix:5.1 cpe:/o:ibm:aix:5.2 CVE-2003-1018 2004-03-29T00:00:00.000-05:00 2017-07-10T21:29:40.180-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BID 9254 IBM MSS-OAR-E01-20 XF aix-enq-format-string(14037) Format string vulnerability in enq command in AIX 4.3, 5.1, and 5.2 allows local users with rintq group privileges to gain privileges via unknown attack vectors. cpe:/a:irssi:irssi:0.8.4 cpe:/a:irssi:irssi:0.8.5 cpe:/a:irssi:irssi:0.8.6 cpe:/a:irssi:irssi:0.8.7 cpe:/a:irssi:irssi:0.8.8 cpe:/o:mandrakesoft:mandrake_linux:9.1 cpe:/o:mandrakesoft:mandrake_linux:9.1::ppc cpe:/o:mandrakesoft:mandrake_linux:9.2 cpe:/o:mandrakesoft:mandrake_linux:9.2::amd64 CVE-2003-1020 2004-01-05T00:00:00.000-05:00 2017-07-10T21:29:40.243-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov MANDRAKE MDKSA-2003:117 BUGTRAQ 20031211 irssi - potential remote crash XF irssi-dos(13973) The format_send_to_gui function in formats.c for irssi before 0.8.9 allows remote IRC users to cause a denial of service (crash). CVE-2003-1021 2005-01-26T00:00:00.000-05:00 2017-07-10T21:29:40.290-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SCO SCOSA-2005.5 CERT-VN VU#972598 BID 12372 XF openserver-scosession-gain-privilege(19479) The scosession program in OpenServer 5.0.6 and 5.0.7 allows local users to gain privileges via crafted strings on the commandline. cpe:/a:debian:fsp:2.81.b18 CVE-2003-1022 2004-01-20T00:00:00.000-05:00 2017-10-09T21:30:15.580-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CIAC O-048 DEBIAN DSA-416 BID 9377 XF fspsuite-dot-directory-traversal(14154) Directory traversal vulnerability in fsp before 2.81.b18 allows remote users to access files outside the FSP root directory. cpe:/a:midnight_commander:midnight_commander:4.5.52 cpe:/a:midnight_commander:midnight_commander:4.5.55 cpe:/a:midnight_commander:midnight_commander:4.6 CVE-2003-1023 2004-01-20T00:00:00.000-05:00 2017-10-10T21:29:17.387-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CALDERA CSSA-2004-014.0 SGI 20040201-01-U SGI 20040202-01-U BUGTRAQ 20030919 uninitialized buffer in midnight commander CONECTIVA CLA-2004:833 FEDORA FEDORA-2004-058 BUGTRAQ 20040405 [OpenPKG-SA-2004.009] OpenPKG Security Advisory (mc) REDHAT RHSA-2004:034 REDHAT RHSA-2004:035 GENTOO GLSA-200403-09 DEBIAN DSA-424 MANDRAKE MDKSA-2004:007 FEDORA FLSA:1224 BID 8658 XF midnight-commander-vfssresolvesymlink-bo(13247) Stack-based buffer overflow in vfs_s_resolve_symlink of vfs/direntry.c for Midnight Commander (mc) 4.6.0 and earlier, and possibly later versions, allows remote attackers to execute arbitrary code during symlink conversion. cpe:/o:sun:sunos:5.8 CVE-2003-1024 2004-01-20T00:00:00.000-05:00 2018-10-30T12:25:37.090-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SUNALERT 57455 CERT-VN VU#281356 BID 9280 XF solaris-lsf-gain-privileges(14065) Unknown vulnerability in the ls-F builtin function in tcsh on Solaris 8 allows local users to create or delete files as other users, and gain privileges. cpe:/a:microsoft:ie:6.0 CVE-2003-1025 2004-01-20T00:00:00.000-05:00 2018-10-12T17:33:42.243-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov CERT-VN VU#652278 BUGTRAQ 20031209 Internet Explorer URL parsing vulnerability CERT TA04-033A MISC http://www.zapthedingbat.com/security/ex01/vun1.htm MS MS04-004 XF ie-domain-url-spoofing(13935) Internet Explorer 5.01 through 6 SP1 allows remote attackers to spoof the domain of a URL via a "%01" character before an @ sign in the user@domain portion of the URL, which hides the rest of the URL, including the real site, in the address bar, aka the "Improper URL Canonicalization Vulnerability." cpe:/a:microsoft:ie:5.0 cpe:/a:microsoft:ie:5.0.1 cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.5:sp1 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:6.0:sp1 CVE-2003-1026 2004-01-20T00:00:00.000-05:00 2018-10-12T17:33:43.947-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20031125 BackToFramedJpu - a successor of BackToJpu attack BUGTRAQ 20031201 Comments on 5 IE vulnerabilities CERT-VN VU#784102 MISC http://www.safecenter.net/UMBRELLAWEBV4/BackToFramedJpu CERT TA04-033A MS MS04-004 XF ie-subframe-xss(13846) Internet Explorer 5.01 through 6 SP1 allows remote attackers to bypass zone restrictions via a javascript protocol URL in a sub-frame, which is added to the history list and executed in the top window's zone when the history.back (back) function is called, as demonstrated by BackToFramedJpu, aka the "Travel Log Cross Domain Vulnerability." cpe:/a:microsoft:ie:5.0 cpe:/a:microsoft:ie:5.0.1 cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.5:sp1 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:6.0:sp1 CVE-2003-1027 2004-01-20T00:00:00.000-05:00 2018-10-12T17:33:45.977-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20031125 HijackClickV2 - a successor of HijackClick attack BUGTRAQ 20031201 Comments on 5 IE vulnerabilities CERT-VN VU#413886 MISC http://www.safecenter.net/UMBRELLAWEBV4/HijackClickV2 SECTRACK 1006036 CERT TA04-033A MS MS04-004 XF ie-method-perform-actions(13844) Internet Explorer 5.01 through 6 SP1 allows remote attackers to direct drag and drop behaviors and other mouse click actions to other windows by using method caching (SaveRef) to access the window.moveBy method, which is otherwise inaccessible, as demonstrated by HijackClickV2, a different vulnerability than CVE-2003-0823, aka the "Function Pointer Drag and Drop Vulnerability." cpe:/a:microsoft:ie:5.0 cpe:/a:microsoft:ie:5.0.1 cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.5:sp1 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:6.0:sp1 CVE-2003-1028 2004-01-20T00:00:00.000-05:00 2017-07-10T21:29:40.667-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20031125 Note for "Invalid ContentType may disclose cache directory" BUGTRAQ 20031125 Invalid ContentType may disclose cache directory BUGTRAQ 20031201 Comments on 5 IE vulnerabilities MISC http://www.safecenter.net/UMBRELLAWEBV4/threadid10008 XF ie-download-directory-disclosure(13847) The download function of Internet Explorer 6 SP1 allows remote attackers to obtain the cache directory name via an HTTP response with an invalid ContentType and a .htm file, which could allow remote attackers to bypass security mechanisms that rely on random names, as demonstrated by threadid10008. cpe:/a:lbl:tcpdump:3.4 cpe:/a:lbl:tcpdump:3.5 cpe:/a:lbl:tcpdump:3.5.2 cpe:/a:lbl:tcpdump:3.6.2 cpe:/a:lbl:tcpdump:3.6.3 cpe:/a:lbl:tcpdump:3.7 CVE-2003-1029 2004-02-17T00:00:00.000-05:00 2018-10-19T11:29:44.357-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov ENGARDE ESA-20040119-002 BUGTRAQ 20031220 Remote crash in tcpdump from OpenBSD BUGTRAQ 20031221 Re: Remote crash in tcpdump from OpenBSD MLIST [tcpdump-workers] 20031224 Seg fault of tcpdump (v 3.8.1 and below) with malformed l2tp packets DEBIAN DSA-425 MANDRAKE MDKSA-2004:008 BUGTRAQ 20040119 [ESA-20040119-002] 'tcpdump' multiple vulnerabilities. SECTRACK 1008748 The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a packet with invalid data to UDP port 1701, which causes l2tp_avp_print to use a bad length value when calling print_octets. cpe:/a:dameware_development:mini_remote_control_server:3.70_.0.0 cpe:/a:dameware_development:mini_remote_control_server:3.71_.0.0 cpe:/a:dameware_development:mini_remote_control_server:3.72_.0.0 CVE-2003-1030 2004-02-17T00:00:00.000-05:00 2017-07-10T21:29:40.727-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20031214 DameWare Mini Remote Control Server <= 3.72 Buffer Overflow BUGTRAQ 20031219 [Exploit]: DameWare Mini Remote Control Server Overflow Exploit BUGTRAQ 20040110 DameWare Mini Remote Control < v3.73 remote exploit by kralor] MISC http://sh0dan.org/files/dwmrcs372.txt CERT-VN VU#909678 BID 9213 XF dameware-spoof-packet-bo(14001) Buffer overflow in DameWare Mini Remote Control before 3.73 allows remote attackers to execute arbitrary code via a long pre-authentication request to TCP port 6129. CVE-2003-1031 2004-02-17T00:00:00.000-05:00 2008-09-05T16:35:51.527-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 VULNWATCH 20030808 VBulletin New Member XSS Vulnerability Cross-site scripting (XSS) vulnerability in register.php for vBulletin 3.0 Beta 2 allows remote attackers to inject arbitrary HTML or web script via optional fields such as (1) "Interests-Hobbies", (2) "Biography", or (3) "Occupation." cpe:/a:pi3:pi3web:2.0.2_beta_1 CVE-2003-1032 2004-02-17T00:00:00.000-05:00 2016-12-19T21:59:00.227-05:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030602 Tripbit Advisory TA-2003-05 Buffer Overflow Vulnerability in Pi3 Web BUGTRAQ 20030605 Re: Tripbit Advisory TA-2003-05 Buffer Overflow Vulnerability in Pi3 Web SECTRACK 1006913 BID 7787 Pi3Web web server 2.0.2 Beta 1, when the Directory Index is configured to use the "Name" column and sort using the column title as a hyperlink, allows remote attackers to cause a denial of service (crash) via a malformed URL to the web server, possibly involving a buffer overflow. cpe:/a:sap:sap_db:7.3.00 cpe:/a:sap:sap_db:7.4 CVE-2003-1033 2004-04-15T00:00:00.000-04:00 2017-07-10T21:29:40.777-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS MLIST [SAP DB Dev] 20030422 Security Alert: Development Tools BUGTRAQ 20030422 SRT2003-04-22-1336 - SAP DB Development Tools install flaw BID 7407 BID 7408 XF sap-db-gain-privileges(11842) The (1) instdbmsrv and (2) instlserver programs in SAP DB Development Tools 7.x trust the user-provided INSTROOT environment variable as a path when assigning setuid permissions to the lserver program, which allows local users to gain root privileges via a modified INSTROOT that points to a malicious dbmsrv or lserver program. CVE-2003-1034 2004-04-15T00:00:00.000-04:00 2017-07-10T21:29:40.837-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030331 SRT2003-03-31-1219 - SAP world writable server binaries BID 7242 XF sap-db-world-writable(11669) The RPM installation of SAP DB 7.x creates the (1) dbmsrv or (2) lserver programs with world-writable permissions, which allows local users to gain privileges by modifying those programs. cpe:/a:sap:sap_r_3 cpe:/a:sap:sapgui:4.6c::windows cpe:/a:sap:sapgui:4.6d::windows CVE-2003-1035 2004-04-15T00:00:00.000-04:00 2018-10-19T11:29:45.263-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS FULLDISC 20030304 SAP R/3, account locking and RFC SDK BUGTRAQ 20061112 Old SAP exploits BID 7007 XF sap-sapinfo-lockout-bypass(11487) The default installation of SAP R/3 46C/D allows remote attackers to bypass account locking by using the RFC API instead of the SAPGUI to conduct a brute force password guessing attack, which does not lock out the account like the SAPGUI does. cpe:/a:sap:internet_transaction_server:4.6_pl463 cpe:/a:sap:internet_transaction_server:6.10_pl30 cpe:/a:sap:internet_transaction_server:6.20_pl7 CVE-2003-1036 2004-04-15T00:00:00.000-04:00 2017-07-10T21:29:40.947-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS MISC http://www.phenoelit.de/stuff/Phenoelit20c3.pd XF sap-multiple-bo(14186) Multiple buffer overflows in the AGate component for SAP Internet Transaction Server (ITS) allow remote attackers to execute arbitrary code via long (1) ~command, (2) ~runtimemode, or (3) ~session parameters, or (4) a long HTTP Content-Type header. cpe:/a:sap:internet_transaction_server:4.6_pl463 cpe:/a:sap:internet_transaction_server:6.10_pl30 cpe:/a:sap:internet_transaction_server:6.20_pl7 CVE-2003-1037 2004-04-15T00:00:00.000-04:00 2017-07-10T21:29:40.993-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS SECTRACK 1009453 MISC http://www.phenoelit.de/stuff/Phenoelit20c3.pd XF sap-wgate-format-string(15514) Format string vulnerability in the WGate component for SAP Internet Transaction Server (ITS) allows remote attackers to execute arbitrary code via a high "trace level." cpe:/a:sap:internet_transaction_server:4.6_pl463 cpe:/a:sap:internet_transaction_server:6.10_pl30 cpe:/a:sap:internet_transaction_server:6.20_pl7 CVE-2003-1038 2004-04-15T00:00:00.000-04:00 2017-07-10T21:29:41.040-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov MISC http://www.phenoelit.de/stuff/Phenoelit20c3.pd XF sap-agate-path-disclosure(15516) The AGate component for SAP Internet Transaction Server (ITS) allows remote attackers to obtain sensitive information via a ~command parameter with an AgateInstallCheck value, which provides a list of installed DLLs and full pathnames. cpe:/a:sap:mysap_business_suite CVE-2003-1039 2004-04-15T00:00:00.000-04:00 2017-07-10T21:29:41.103-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS MISC http://www.phenoelit.de/stuff/Phenoelit20c3.pd XF mysap-host-header-bo(15513) Multiple buffer overflows in the mySAP.com architecture for SAP allow remote attackers to execute arbitrary code via a long HTTP Host header to (1) Message Server, (2) Web Dispatcher, or (3) Application Server. cpe:/o:linux:linux_kernel:2.4.0 CVE-2003-1040 2004-04-15T00:00:00.000-04:00 2018-08-13T17:47:19.540-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SGI 20040204-01-U CONECTIVA CLSA-2004:820 SUSE SuSE-SA:2003:049 REDHAT RHSA-2004:065 REDHAT RHSA-2004:069 REDHAT RHSA-2004:106 REDHAT RHSA-2004:188 XF linux-kmod-signals-dos(15577) kmod in the Linux kernel does not set its uid, suid, gid, or sgid to 0, which allows local users to cause a denial of service (crash) by sending certain signals to kmod. cpe:/a:microsoft:ie:5 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.5:sp1 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6:windows_server_2003_sp1 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:6.0:sp1 CVE-2003-1041 2004-06-14T00:00:00.000-04:00 2018-10-12T17:33:48.150-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CERT-VN VU#187196 BUGTRAQ 20031230 IE 5.x-6.0 allows executing arbitrary programs using showHelp() BID 9320 CERT TA04-196A MS MS04-023 XF ie-showhelp-directory-traversal(14105) Internet Explorer 5.x and 6.0 allows remote attackers to execute arbitrary programs via a modified directory traversal attack using a URL containing ".." (dot dot) sequences and a filename that ends in "::" which is treated as a .chm file even if it does not have a .chm extension. NOTE: this bug may overlap CVE-2004-0475. cpe:/a:mozilla:bugzilla:2.4 cpe:/a:mozilla:bugzilla:2.6 cpe:/a:mozilla:bugzilla:2.8 cpe:/a:mozilla:bugzilla:2.10 cpe:/a:mozilla:bugzilla:2.12 cpe:/a:mozilla:bugzilla:2.14 cpe:/a:mozilla:bugzilla:2.14.1 cpe:/a:mozilla:bugzilla:2.14.2 cpe:/a:mozilla:bugzilla:2.14.3 cpe:/a:mozilla:bugzilla:2.14.4 cpe:/a:mozilla:bugzilla:2.14.5 cpe:/a:mozilla:bugzilla:2.16 cpe:/a:mozilla:bugzilla:2.16.1 cpe:/a:mozilla:bugzilla:2.16.2 cpe:/a:mozilla:bugzilla:2.16.3 cpe:/a:mozilla:bugzilla:2.17.1 cpe:/a:mozilla:bugzilla:2.17.3 cpe:/a:mozilla:bugzilla:2.17.4 CVE-2003-1042 2004-08-18T00:00:00.000-04:00 2017-07-10T21:29:41.290-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CONFIRM http://bugzilla.mozilla.org/show_bug.cgi?id=214290 CONECTIVA CLA-2003:774 BUGTRAQ 20031103 [BUGZILLA] Security Advisory - SQL injection, information leak BID 8953 XF bugzilla-productname-sql-injection(13594) SQL injection vulnerability in collectstats.pl for Bugzilla 2.16.3 and earlier allows remote authenticated users with editproducts privileges to execute arbitrary SQL via the product name. cpe:/a:mozilla:bugzilla:2.4 cpe:/a:mozilla:bugzilla:2.6 cpe:/a:mozilla:bugzilla:2.8 cpe:/a:mozilla:bugzilla:2.10 cpe:/a:mozilla:bugzilla:2.12 cpe:/a:mozilla:bugzilla:2.14 cpe:/a:mozilla:bugzilla:2.14.1 cpe:/a:mozilla:bugzilla:2.14.2 cpe:/a:mozilla:bugzilla:2.14.3 cpe:/a:mozilla:bugzilla:2.14.4 cpe:/a:mozilla:bugzilla:2.14.5 cpe:/a:mozilla:bugzilla:2.16 cpe:/a:mozilla:bugzilla:2.16.1 cpe:/a:mozilla:bugzilla:2.16.2 cpe:/a:mozilla:bugzilla:2.16.3 cpe:/a:mozilla:bugzilla:2.17.1 cpe:/a:mozilla:bugzilla:2.17.3 cpe:/a:mozilla:bugzilla:2.17.4 CVE-2003-1043 2004-08-18T00:00:00.000-04:00 2017-07-10T21:29:41.383-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CONFIRM http://bugzilla.mozilla.org/show_bug.cgi?id=219044 CONECTIVA CLA-2003:774 BUGTRAQ 20031103 [BUGZILLA] Security Advisory - SQL injection, information leak BID 8953 XF bugzilla-url-sql-injection(13596) SQL injection vulnerability in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote authenticated users with editkeywords privileges to execute arbitrary SQL via the id parameter to editkeywords.cgi. cpe:/a:mozilla:bugzilla:2.4 cpe:/a:mozilla:bugzilla:2.6 cpe:/a:mozilla:bugzilla:2.8 cpe:/a:mozilla:bugzilla:2.10 cpe:/a:mozilla:bugzilla:2.12 cpe:/a:mozilla:bugzilla:2.14 cpe:/a:mozilla:bugzilla:2.14.1 cpe:/a:mozilla:bugzilla:2.14.2 cpe:/a:mozilla:bugzilla:2.14.3 cpe:/a:mozilla:bugzilla:2.14.4 cpe:/a:mozilla:bugzilla:2.14.5 cpe:/a:mozilla:bugzilla:2.16 cpe:/a:mozilla:bugzilla:2.16.1 cpe:/a:mozilla:bugzilla:2.16.2 cpe:/a:mozilla:bugzilla:2.16.3 cpe:/a:mozilla:bugzilla:2.17.1 cpe:/a:mozilla:bugzilla:2.17.3 cpe:/a:mozilla:bugzilla:2.17.4 CVE-2003-1044 2004-08-18T00:00:00.000-04:00 2017-07-10T21:29:41.447-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS CONFIRM http://bugzilla.mozilla.org/show_bug.cgi?id=219690 CONECTIVA CLA-2003:774 BUGTRAQ 20031103 [BUGZILLA] Security Advisory - SQL injection, information leak BID 8953 XF bugzilla-groupid-gain-privileges(13597) editproducts.cgi in Bugzilla 2.16.3 and earlier, when usebuggroups is enabled, does not properly remove group add privileges from a group that is being deleted, which allows users with those privileges to perform unauthorized additions to the next group that is assigned with the original group ID. cpe:/a:mozilla:bugzilla:2.4 cpe:/a:mozilla:bugzilla:2.6 cpe:/a:mozilla:bugzilla:2.8 cpe:/a:mozilla:bugzilla:2.10 cpe:/a:mozilla:bugzilla:2.12 cpe:/a:mozilla:bugzilla:2.14 cpe:/a:mozilla:bugzilla:2.14.1 cpe:/a:mozilla:bugzilla:2.14.2 cpe:/a:mozilla:bugzilla:2.14.3 cpe:/a:mozilla:bugzilla:2.14.4 cpe:/a:mozilla:bugzilla:2.14.5 cpe:/a:mozilla:bugzilla:2.16 cpe:/a:mozilla:bugzilla:2.16.1 cpe:/a:mozilla:bugzilla:2.16.2 cpe:/a:mozilla:bugzilla:2.16.3 cpe:/a:mozilla:bugzilla:2.17.1 cpe:/a:mozilla:bugzilla:2.17.3 cpe:/a:mozilla:bugzilla:2.17.4 CVE-2003-1045 2004-08-18T00:00:00.000-04:00 2017-07-10T21:29:41.510-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov CONFIRM http://bugzilla.mozilla.org/show_bug.cgi?id=209376 CONECTIVA CLA-2003:774 BUGTRAQ 20031103 [BUGZILLA] Security Advisory - SQL injection, information leak BID 8953 XF bugzilla-obtain-information(13600) votes.cgi in Bugzilla 2.16.3 and earlier, and 2.17.1 through 2.17.4, allows remote attackers to read a user's voting page when that user has voted on a restricted bug, which allows remote attackers to read potentially sensitive voting information by modifying the who parameter. cpe:/a:mozilla:bugzilla:2.4 cpe:/a:mozilla:bugzilla:2.6 cpe:/a:mozilla:bugzilla:2.8 cpe:/a:mozilla:bugzilla:2.10 cpe:/a:mozilla:bugzilla:2.12 cpe:/a:mozilla:bugzilla:2.14 cpe:/a:mozilla:bugzilla:2.14.1 cpe:/a:mozilla:bugzilla:2.14.2 cpe:/a:mozilla:bugzilla:2.14.3 cpe:/a:mozilla:bugzilla:2.14.4 cpe:/a:mozilla:bugzilla:2.14.5 cpe:/a:mozilla:bugzilla:2.16 cpe:/a:mozilla:bugzilla:2.16.1 cpe:/a:mozilla:bugzilla:2.16.2 cpe:/a:mozilla:bugzilla:2.16.3 cpe:/a:mozilla:bugzilla:2.17.1 cpe:/a:mozilla:bugzilla:2.17.3 cpe:/a:mozilla:bugzilla:2.17.4 CVE-2003-1046 2004-08-18T00:00:00.000-04:00 2017-07-10T21:29:41.620-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONFIRM http://bugzilla.mozilla.org/show_bug.cgi?id=209742 BUGTRAQ 20031103 [BUGZILLA] Security Advisory - SQL injection, information leak BID 8953 XF bugzilla-describecomponents-obtain-info(13602) describecomponents.cgi in Bugzilla 2.17.3 and 2.17.4 does not properly verify group membership when bug entry groups are used, which allows remote attackers to list component descriptions for otherwise restricted products. CVE-2003-1047 2004-08-06T00:00:00.000-04:00 2008-09-10T15:21:37.147-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2004-0540. Reason: This candidate is a duplicate of CVE-2004-0540. Notes: All CVE users should reference CVE-2004-0540 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.5:sp1 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:6.0:sp1 cpe:/a:microsoft:outlook:2000 cpe:/a:microsoft:outlook:2000:sp2 cpe:/a:microsoft:outlook:2000:sp3 cpe:/a:microsoft:outlook:2000:sr1 cpe:/a:microsoft:outlook:2002 cpe:/a:microsoft:outlook:2002:sp1 cpe:/a:microsoft:outlook:2002:sp2 CVE-2003-1048 2004-07-27T00:00:00.000-04:00 2018-10-12T17:33:49.400-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS FULLDISC 20030902 New Microsoft Internet Explorer mshtml.dll Denial of Service? FULLDISC 20040902 AW: [Full-Disclosure] New Microsoft Internet Explorer mshtml.dll FULLDISC 20040903 Re: [Full-Disclosure] New Microsoft Internet Explorer mshtml.dll Denial of Service? CIAC O-191 CERT-VN VU#685364 BID 8530 CERT TA04-212A MS MS04-025 XF ie-mshtml-gif-bo(16804) Double free vulnerability in mshtml.dll for certain versions of Internet Explorer 6.x allows remote attackers to cause a denial of service (application crash) via a malformed GIF image. cpe:/a:ibm:db2_universal_database:7.0::linux cpe:/a:ibm:db2_universal_database:8.0::linux CVE-2003-1049 2004-09-28T00:00:00.000-04:00 2017-07-10T21:29:41.727-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BID 9243 AIXAPAR IY44841 AIXAPAR IY44842 XF db2-dms-insecure-permissions(14030) IBM DB2 Universal Database 7 before FixPak 12 creates certain DMS directories with insecure permissions (777), which allows local users to modify or delete certain DB2 files. CVE-2003-1050 2004-09-28T00:00:00.000-04:00 2017-07-10T21:29:41.790-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS MISC http://www.secnetops.com/research/advisories/SRT2003-11-06-0710.txt BUGTRAQ 20031108 SRT2003-11-06-0710 - IBM DB2 Multiple local security issues BID 8990 XF db2-multiple-binaries-bo(13633) Multiple buffer overflows in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via long command line arguments to (1) db2start, (2) db2stop, or (3) db2govd. cpe:/a:ibm:db2:9.0 CVE-2003-1051 2004-09-28T00:00:00.000-04:00 2017-07-10T21:29:41.837-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS MISC http://www.secnetops.com/research/advisories/SRT2003-11-06-0710.txt BUGTRAQ 20031108 SRT2003-11-06-0710 - IBM DB2 Multiple local security issues BID 8989 XF db2-multiple-binaries-bo(13633) Multiple format string vulnerabilities in IBM DB2 Universal Database 8.1 may allow local users to execute arbitrary code via certain command line arguments to (1) db2start, (2) db2stop, or (3) db2govd. cpe:/a:ibm:db2:9.0 cpe:/a:ibm:db2_universal_database:6.0 cpe:/a:ibm:db2_universal_database:7.0::linux cpe:/a:ibm:db2_universal_database:7.1::linux cpe:/a:ibm:db2_universal_database:7.2::linux cpe:/a:ibm:db2_universal_database:8.0::linux cpe:/a:ibm:db2_universal_database:8.1::aix cpe:/a:ibm:db2_universal_database:8.2::windows CVE-2003-1052 2004-09-28T00:00:00.000-04:00 2017-07-10T21:29:41.883-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030805 Slight privilege elevation from bin to root in IBM DB2 7.1 - 8.1 all binaries BID 8346 XF ibm-db2-gain-privileges(12826) IBM DB2 7.1 and 8.1 allow the bin user to gain root privileges by modifying the shared libraries that are used in setuid root programs. cpe:/a:xshisen:xshisen:1.5.1 CVE-2003-1053 2003-10-03T00:00:00.000-04:00 2017-07-10T21:29:41.947-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=213957 BID 8770 BID 8776 CONFIRM http://www.vuxml.org/freebsd/56971fa6-641c-11d9-a097-000854d03344.html XF xshisen-kconv-bo(13358) XF xshisen-xshisenlib-bo(13359) Multiple buffer overflows in XShisen allow attackers to execute arbitrary code via a long (1) -KCONV command line option or (2) XSHISENLIB environment variable. cpe:/a:mod_access_referer:mod_access_referer:1.0.2 CVE-2003-1054 2003-04-16T00:00:00.000-04:00 2008-09-05T16:35:55.200-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-05-24T13:59:00.000-04:00 FULLDISC 20030416 [VulnWatch] Apache mod_access_referer denial of service issue MISC http://sourceforge.net/project/shownotes.php?release_id=151905 BID 7375 CONFIRM http://www.vuxml.org/freebsd/af747389-42ba-11d9-bd37-00065be4b5b6.html mod_access_referer 1.0.2 allows remote attackers to cause a denial of service (crash) via a malformed Referer header that is missing a hostname, as parsed by the ap_parse_uri_components function in Apache, which triggers a null dereference. cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0::x86 cpe:/o:sun:sunos:5.8 CVE-2003-1055 2003-07-03T00:00:00.000-04:00 2018-10-30T12:25:37.090-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SUNALERT 52222 AUSCERT ESB-2003.0461 CIAC N-113 BID 7064 SECTRACK 1006401 XF solaris-nssldapso1-bo(11641) Buffer overflow in the nss_ldap.so.1 library for Sun Solaris 8 and 9 may allow local users to gain root access via a long hostname in an LDAP lookup. cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:sunos:- cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-1056 2003-12-11T00:00:00.000-05:00 2018-10-30T12:26:22.763-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SUNALERT 57443 AUSCERT ESB-2003.0851 BID 9199 XF solaris-ed1-tmpfile-insecure(13952) The ed editor for Sun Solaris 2.6, 7, and 8 allows local users to create or overwrite arbitrary files via a symlink attack on temporary files. cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0::x86 cpe:/o:sun:sunos:- cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-1057 2003-12-08T00:00:00.000-05:00 2018-10-30T12:26:22.763-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SUNALERT 57441 AUSCERT ESB-2003.0844 CIAC O-035 BID 9170 XF cde-dtprintinfo-gain-privileges(13914) Unknown vulnerability in CDE Print Viewer (dtprintinfo) for Sun Solaris 2.6 through 9 may allow local users to execute arbitrary code. cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0::x86 cpe:/o:sun:sunos:- cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-1058 2003-12-03T00:00:00.000-05:00 2018-10-30T12:26:22.763-04:00 3.7 LOCAL HIGH NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS SUNALERT 57419 CIAC O-033 BID 9147 XF solaris-xsun-gain-privileges(13890) The Xsun server for Sun Solaris 2.6 through 9, when running in Direct Graphics Access (DGA) mode, allows local users to cause a denial of service (Xsun crash) or to create or overwrite arbitrary files on the system, probably via a symlink attack on temporary server files. cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:sunos:5.5.1 cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-1059 2003-11-20T00:00:00.000-05:00 2018-10-30T12:26:22.763-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SUNALERT 57360 CIAC O-029 BID 9076 XF solaris-pgx32-gain-privileges(13792) Unknown vulnerability in the libraries for the PGX32 frame buffer in Solaris 2.5.1 and 2.6 through 9 allows local users to gain root access. cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0::x86 cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-1060 2003-10-27T00:00:00.000-05:00 2018-10-30T12:26:22.763-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SUNALERT 57406 BID 8929 XF solaris-nfs-ufs-dos(13547) The NFS Server for Solaris 7, 8, and 9 allows remote attackers to cause a denial of service (UFS panic) via certain invalid UFS requests, which triggers a null dereference. cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0::x86 cpe:/o:sun:sunos:- cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-1061 2003-10-14T00:00:00.000-04:00 2018-10-30T12:26:22.763-04:00 1.2 LOCAL HIGH NONE NONE NONE PARTIAL http://nvd.nist.gov SUNALERT 57080 BID 8836 XF solaris-race-dos(13434) Race condition in Solaris 2.6 through 9 allows local users to cause a denial of service (kernel panic), as demonstrated via the namefs function, pipe, and certain STREAMS routines. CVE-2003-1062 2003-10-15T00:00:00.000-04:00 2018-10-30T12:26:22.763-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov SUNALERT 57340 BID 8831 XF solaris-sysinfo-read-memory(13435) Unknown vulnerability in the sysinfo system call for Solaris for SPARC 2.6 through 9, and Solaris for x86 2.6, 7, and 8, allows local users to read kernel memory. cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:sunos:- cpe:/o:sun:sunos:5.7 CVE-2003-1063 2003-08-20T00:00:00.000-04:00 2018-10-30T12:26:22.763-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov SUNALERT 56300 CIAC N-134 BID 8461 XF solaris-cachefs-inetdconf-overwrite(12942) The patches (1) 105693-13, (2) 108800-02, (3) 105694-13, and (4) 108801-02 for cachefs on Solaris 2.6 and 7 overwrite the inetd.conf file, which may silently reenable services and allow remote attackers to bypass the intended security policy. CVE-2003-1064 2003-07-23T00:00:00.000-04:00 2018-10-30T12:25:37.090-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SUNALERT 55301 CERT-VN VU#370060 BID 8250 XF solaris-ipv6-packet-dos(12680) Solaris 8 with IPv6 enabled allows remote attackers to cause a denial of service (kernel panic) via a crafted IPv6 packet. cpe:/o:sun:sunos:5.8 CVE-2003-1065 2003-07-23T00:00:00.000-04:00 2018-10-30T12:25:37.090-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SUNALERT 55340 BID 8253 XF automountd-dos(19437) XF openssh-ldap-dos(19441) Unknown vulnerability in patches 108993-14 through 108993-19 and 108994-14 through 108994-19 for Solaris 8 may allow local users to cause a denial of service (automountd crash). cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0::x86 cpe:/o:sun:sunos:- cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-1066 2003-12-31T00:00:00.000-05:00 2018-10-30T12:26:22.763-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SUNALERT 55440 BUGTRAQ 20030604 Solaris syslogd overflow BID 7820 XF sun-syslogd-bo(12194) Buffer overflow in the syslog daemon for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (syslogd crash) and possibly execute arbitrary code via long syslog UDP packets. cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0::x86 cpe:/o:sun:sunos:- cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-1067 2003-06-19T00:00:00.000-04:00 2018-10-30T12:26:22.763-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SUNALERT 55420 CIAC N-108 CONFIRM http://www.oracle.com/technetwork/topics/security/cpujan2014-1972949.html BID 64758 BID 7991 XF sun-database-functions-bo(12379) Multiple buffer overflows in the (1) dbm_open function, as used in ndbm and dbm, and the (2) dbminit function in Solaris 2.6 through 9 allow local users to gain root privileges via long arguments to Xsun or other programs that use these functions. cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0::x86 cpe:/o:sun:sunos:- cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-1068 2003-06-06T00:00:00.000-04:00 2018-10-30T12:26:22.763-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SUNALERT 55260 CIAC N-105 BID 7835 XF solaris-utmp-update-bo(11083) Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4659277, a different vulnerability than CVE-2003-1082. cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0::x86 cpe:/o:sun:sunos:- cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-1069 2003-06-03T00:00:00.000-04:00 2018-10-30T12:26:22.763-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SUNALERT 54181 BID 7794 XF sun-intelnetd-dos(12140) The Telnet daemon (in.telnetd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (CPU consumption by infinite loop). cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0::x86 cpe:/o:sun:sunos:- cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-1070 2003-04-28T00:00:00.000-04:00 2018-10-30T12:26:22.763-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SUNALERT 50922 BID 7455 XF sun-rpcbind-dos(11906) Unknown vulnerability in rpcbind for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (rpcbind crash). cpe:/o:sun:solaris:2.5.1::x86 cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:sunos:- cpe:/o:sun:sunos:5.5.1 cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-1071 2003-01-03T00:00:00.000-05:00 2018-10-30T12:26:22.763-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov SUNALERT 51980 CERT-VN VU#944241 BUGTRAQ 20030103 Solaris 2.x /usr/sbin/wall Advisory BID 6509 SECTRACK 1005882 SECTRACK 1006682 XF solaris-wall-message-spoofing(11608) rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header. cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:sunos:5.8 CVE-2003-1072 2003-04-28T00:00:00.000-04:00 2018-10-30T12:25:37.090-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SUNALERT 54100 BID 7454 XF sun-lofiadm-dos(11895) Memory leak in lofiadm in Solaris 8 allows local users to cause a denial of service (kernel memory consumption). cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0::x86 cpe:/o:sun:sunos:- cpe:/o:sun:sunos:5.5 cpe:/o:sun:sunos:5.5.1 cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-1073 2003-12-31T00:00:00.000-05:00 2018-10-30T12:26:22.763-04:00 1.2 LOCAL HIGH NONE NONE PARTIAL NONE http://nvd.nist.gov VULNWATCH 20030127 Sun Microsystems Solaris at -r job name handling and race condition vulnerabilities MISC http://isec.pl/vulnerabilities/isec-0008-sun-at.txt SUNALERT 50161 CIAC N-070 BUGTRAQ 20030127 Sun Microsystems Solaris at -r job name handling and race condition vulnerabilities BID 6692 BID 6693 SECTRACK 1005994 XF solaris-at-directory-traversal(11179) XF solaris-at-race-condition(11180) A race condition in the at command for Solaris 2.6 through 9 allows local users to delete arbitrary files via the -r argument with .. (dot dot) sequences in the job name, then modifying the directory structure after at checks permissions to delete the file and before the deletion actually takes place. cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0::x86 CVE-2003-1074 2003-03-28T00:00:00.000-05:00 2017-07-10T21:29:43.103-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SUNALERT 52111 BID 7252 SECTRACK 1006411 XF solaris-newtask-root-access(11657) Unknown vulnerability in newtask for Solaris 9 allows local users to gain root privileges. cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0::x86 cpe:/o:sun:sunos:- cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-1075 2003-01-27T00:00:00.000-05:00 2018-10-30T12:26:22.763-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SUNALERT 50240 BID 6709 SECTRACK 1005996 XF solaris-ftpd-dos(11186) Unknown vulnerability in the FTP server (in.ftpd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (temporary FTP server hang), which affects other active mode FTP clients. cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0::x86 cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-1076 2003-12-31T00:00:00.000-05:00 2018-10-30T12:26:22.763-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SUNALERT 50904 CIAC N-050 BID 7033 SECTRACK 1006234 XF solaris-sendmail-forward-privileges(11496) Unknown vulnerability in sendmail for Solaris 7, 8, and 9 allows local users to cause a denial of service (unknown impact) and possibly gain privileges via certain constructs in a .forward file. cpe:/o:sun:solaris:9.0::sparc CVE-2003-1077 2003-03-05T00:00:00.000-05:00 2017-07-10T21:29:43.290-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SUNALERT 51300 BID 7032 SECTRACK 1006233 XF solaris-ufs-logging-dos(11481) Unknown vulnerability in UFS for Solaris 9 for SPARC, with logging enabled, allows local users to cause a denial of service (UFS file system hang). cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:sunos:- cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-1078 2003-02-28T00:00:00.000-05:00 2018-10-30T12:26:22.763-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS SUNALERT 51081 BID 6989 SECTRACK 1006195 XF solaris-ftp-plaintext-password(11436) The FTP client for Solaris 2.6, 7, and 8 with the debug (-d) flag enabled displays the user password on the screen during login. cpe:/o:sun:solaris:2.5.1::x86 cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:sunos:- cpe:/o:sun:sunos:5.5.1 cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-1079 2003-02-18T00:00:00.000-05:00 2018-10-30T12:26:22.763-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SUNALERT 50626 BID 6883 SECTRACK 1006131 XF solaris-udp-rpc-dos(11368) Unknown vulnerability in UDP RPC for Solaris 2.5.1 through 9 for SPARC, and 2.5.1 through 8 for x86, allows remote attackers to cause a denial of service (memory consumption) via certain arguments in RPC calls that cause large amounts of memory to be allocated. CVE-2003-1080 2003-02-11T00:00:00.000-05:00 2018-10-30T12:26:22.763-04:00 1.2 LOCAL HIGH NONE PARTIAL NONE NONE http://nvd.nist.gov SUNALERT 50751 BID 6838 SECTRACK 1006084 XF solaris-mail-unauthorized-access(11303) Unknown vulnerability in mail for Solaris 2.6 through 9 allows local users to read the email of other users. cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:sunos:5.8 CVE-2003-1081 2003-09-09T00:00:00.000-04:00 2018-10-30T12:25:37.090-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SUNALERT 46903 AUSCERT ESB-2003.0621 CIAC O-001 CERT-VN VU#464817 BID 5698 XF solaris-aspppls-tmpfile-symlink(10105) Aspppls for Solaris 8 allows local users to overwrite arbitrary files via a symlink attack on the .asppp.fifo temporary file. cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:sunos:- cpe:/o:sun:sunos:5.7 cpe:/o:sun:sunos:5.8 CVE-2003-1082 2003-12-31T00:00:00.000-05:00 2018-10-30T12:26:22.763-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SUNALERT 50008 CIAC N-105 CERT-VN VU#596748 BID 6639 SECTRACK 1005935 XF solaris-utmp-update-bo(11083) Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4705891, a different vulnerability than CVE-2003-1068. cpe:/a:tildeslash:monit:1.4 cpe:/a:tildeslash:monit:1.4.1 cpe:/a:tildeslash:monit:2.0 cpe:/a:tildeslash:monit:2.1 cpe:/a:tildeslash:monit:2.1.1 cpe:/a:tildeslash:monit:2.2 cpe:/a:tildeslash:monit:2.2.1 cpe:/a:tildeslash:monit:2.3 cpe:/a:tildeslash:monit:2.4 cpe:/a:tildeslash:monit:2.4.1 cpe:/a:tildeslash:monit:2.4.2 cpe:/a:tildeslash:monit:2.4.3 cpe:/a:tildeslash:monit:3.0 cpe:/a:tildeslash:monit:3.1 cpe:/a:tildeslash:monit:3.2 cpe:/a:tildeslash:monit:4.0 cpe:/a:tildeslash:monit:4.1 CVE-2003-1083 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:43.620-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS GENTOO GLSA-200403-14 CERT-VN VU#623854 BUGTRAQ 20031124 Monit 4.1 HTTP interface multiple security vulnerabilities BID 9099 CONFIRM http://www.tildeslash.com/monit/dist/CHANGES.txt XF monit-http-bo(13817) Stack-based buffer overflow in Monit 1.4 to 4.1 allows remote attackers to execute arbitrary code via a long HTTP request. cpe:/a:tildeslash:monit:1.4 cpe:/a:tildeslash:monit:1.4.1 cpe:/a:tildeslash:monit:2.0 cpe:/a:tildeslash:monit:2.1 cpe:/a:tildeslash:monit:2.1.1 cpe:/a:tildeslash:monit:2.2 cpe:/a:tildeslash:monit:2.2.1 cpe:/a:tildeslash:monit:2.3 cpe:/a:tildeslash:monit:2.4 cpe:/a:tildeslash:monit:2.4.1 cpe:/a:tildeslash:monit:2.4.2 cpe:/a:tildeslash:monit:2.4.3 cpe:/a:tildeslash:monit:3.0 cpe:/a:tildeslash:monit:3.1 cpe:/a:tildeslash:monit:3.2 cpe:/a:tildeslash:monit:4.0 cpe:/a:tildeslash:monit:4.1 CVE-2003-1084 2003-11-24T00:00:00.000-05:00 2017-07-10T21:29:43.680-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov GENTOO GLSA-200403-14 CERT-VN VU#206382 BUGTRAQ 20031124 Monit 4.1 HTTP interface multiple security vulnerabilities BID 9098 CONFIRM http://www.tildeslash.com/monit/dist/CHANGES.txt XF monit-negative-content-dos(13818) Monit 1.4 to 4.1 allows remote attackers to cause a denial of service (daemon crash) via an HTTP POST request with a negative Content-Length field. CVE-2003-1085 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:43.760-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov FULLDISC 20031123 Thomnson TCM315 Denial of service FULLDISC 20031124 Thomnson TCM315 Denial of service BUGTRAQ 20050219 Re: [Full-Disclosure] Thomson TCW690 Denial Of Service Vulnerability FULLDISC 20050219 Thomson TCW690 Denial Of Service Vulnerability BUGTRAQ 20031123 Thomnson TCM315 Denial of service BID 9091 MISC http://www.shellsec.net/leer_advisory.php?id=2 XF thomson-http-get-dos(13815) The HTTP server in the Thomson TWC305, TWC315, and TCW690 cable modem ST42.03.0a allows remote attackers to cause a denial of service (unstable service) via a long GET request, possibly caused by a buffer overflow. cpe:/a:pmachine:pmachine_free cpe:/a:pmachine:pmachine_pro:2.2 cpe:/a:pmachine:pmachine_pro:2.2.1 CVE-2003-1086 2003-06-17T00:00:00.000-04:00 2016-10-17T22:39:16.527-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030623 pMachine (PHP) : Include() Security Hole CONFIRM http://www.pmachine.com/forum/threads.php?id=7274_0_13_0_C PHP remote file inclusion vulnerability in pm/lib.inc.php in pMachine Free and pMachine Pro 2.2 and 2.2.1 allows remote attackers to execute arbitrary PHP code by modifying the pm_path parameter to reference a URL on a remote web server that contains the code. cpe:/o:hp:hp-ux:11.00 cpe:/o:hp:hp-ux:11.04 cpe:/o:hp:hp-ux:11.11 cpe:/o:hp:hp-ux:11.22 CVE-2003-1087 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:43.807-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov HP SSRT3460 BID 7827 XF hp-diagmond-dos(12199) Unknown vulnerability in diagmond and possibly other applications in HP9000 Series 700/800 running HP-UX B.11.00, B.11.04, B.11.11, and B.11.22 allows remote attackers to cause a denial of service (program failure) via certain network traffic. cpe:/a:phpoutsourcing:zorum:3.0 cpe:/a:phpoutsourcing:zorum:3.1 cpe:/a:phpoutsourcing:zorum:3.2 cpe:/a:phpoutsourcing:zorum:3.3 cpe:/a:phpoutsourcing:zorum:3.4 cpe:/a:phpoutsourcing:zorum:3.5 CVE-2003-1088 2003-08-11T00:00:00.000-04:00 2017-07-10T21:29:43.870-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030811 ZH2003-22SA (security advisory): Zorum XSS Vulnerability and Path Disclosure SECTRACK 1013365 BID 8388 XF zorum-index-xss(12867) Cross-site scripting (XSS) vulnerability in index.php for Zorum 3.4 and 3.5 allows remote attackers to inject arbitrary web script or HTML via the method parameter. cpe:/a:phpoutsourcing:zorum:3.4 CVE-2003-1089 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:43.917-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030811 ZH2003-22SA (security advisory): Zorum XSS Vulnerability and Path Disclosure SECTRACK 1013365 BID 8396 XF zorum-index-path-disclosure(12868) index.php for Zorum 3.4 allows remote attackers to determine the full path of the web root via invalid parameter names, which reveals the path in a PHP error message. cpe:/a:celestial_software:absolutetelnet:2.0 cpe:/a:celestial_software:absolutetelnet:2.11 CVE-2003-1090 2003-02-06T00:00:00.000-05:00 2017-07-10T21:29:43.963-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030206 AbsoluteTelnet 2.00 buffer overflow. CERT-VN VU#666073 BID 6785 XF absolutetelnet-title-bar-bo(11265) Buffer overflow in AbsoluteTelnet before 2.12 RC10 allows remote attackers to execute arbitrary code via a long window title. CVE-2003-1091 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:44.010-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030522 QuickTime/Darwin Streaming Server security issues SECTRACK 1006822 CERT-VN VU#148564 BID 7660 XF darwin-mp3broadcaster-code-execution(12054) Integer overflow in MP3Broadcaster for Apple QuickTime/Darwin Streaming Server 4.1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed ID3 tags in MP3 files. cpe:/a:christos_zoulas:file_1:3.28 cpe:/a:christos_zoulas:file_1:3.30 cpe:/a:christos_zoulas:file_1:3.32 cpe:/a:christos_zoulas:file_1:3.33 cpe:/a:christos_zoulas:file_1:3.34 cpe:/a:christos_zoulas:file_1:3.35 cpe:/a:christos_zoulas:file_1:3.36 cpe:/a:christos_zoulas:file_1:3.37 cpe:/a:christos_zoulas:file_1:3.39 cpe:/a:christos_zoulas:file_1:3.40 CVE-2003-1092 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:44.073-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov CERT-VN VU#100937 OPENPKG OpenPKG-SA-2003.017 BID 7009 XF file-afctr-memory-allocation(11488) Unknown vulnerability in the "Automatic File Content Type Recognition (AFCTR) Tool version of the file package before 3.41, related to "a memory allocation problem," has unknown impact. cpe:/a:bea:weblogic_server:6.1 cpe:/a:bea:weblogic_server:6.1:sp1 cpe:/a:bea:weblogic_server:6.1:sp2 cpe:/a:bea:weblogic_server:6.1:sp3 cpe:/a:bea:weblogic_server:7.0 cpe:/a:bea:weblogic_server:7.0:sp1 cpe:/a:bea:weblogic_server:7.0.0.1 CVE-2003-1093 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:44.133-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONFIRM http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-24.jsp CERT-VN VU#331937 BID 6586 XF weblogic-error-password-disclosure(11057) BEA WebLogic Server 6.1, 7.0 and 7.0.0.1, when routing messages to a JMS target domain that is inaccessible, may leak the user's password when it throws a ResourceAllocationException. cpe:/a:bea:weblogic_server:7.0:sp3 cpe:/a:bea:weblogic_server:7.0:sp3:express cpe:/a:bea:weblogic_server:7.0:sp3:win32 CVE-2003-1094 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:44.180-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CONFIRM http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-35.jsp CERT-VN VU#999788 BID 8320 XF weblogic-gain-privileges(12799) BEA WebLogic Server and Express version 7.0 SP3 may follow certain code execution paths that result in an incorrect current user, such as in the frequent use of JNDI initial contexts, which could allow remote authenticated users to gain privileges. cpe:/a:bea:weblogic_server:7.0 cpe:/a:bea:weblogic_server:7.0::win32 cpe:/a:bea:weblogic_server:7.0:sp1 cpe:/a:bea:weblogic_server:7.0:sp1:win32 cpe:/a:bea:weblogic_server:7.0.0.1 cpe:/a:bea:weblogic_server:7.0.0.1::win32 cpe:/a:bea:weblogic_server:7.0.0.1:sp1 cpe:/a:bea:weblogic_server:7.0.0.1:sp1:win32 CVE-2003-1095 2003-03-18T00:00:00.000-05:00 2017-07-10T21:29:44.243-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CERT-VN VU#691153 BID 7130 XF weblogic-app-reauthentication-bypass(11555) BEA WebLogic Server and Express 7.0 and 7.0.0.1, when using "memory" session persistence for web applications, does not clear authentication information when a web application is redeployed, which could allow users of that application to gain access without having to re-authenticate. cpe:/a:cisco:leap CVE-2003-1096 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:44.290-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20040407 Release of Cisco Attack tool Asleap CISCO 20030803 Dictionary Attack on Cisco LEAP Vulnerability CERT-VN VU#473108 BUGTRAQ 20031003 Dictionary attack against Cisco's LEAP, Wireless LANs vulnerable BUGTRAQ 20031006 Weaknesses in LEAP Challenge/Response BID 8755 XF cisco-leap-dictionary(12804) The Cisco LEAP challenge/response authentication mechanism uses passwords in a way that is susceptible to dictionary attacks, which makes it easier for remote attackers to gain privileges via brute force password guessing attacks. cpe:/o:hp:hp-ux:10.10 cpe:/o:hp:hp-ux:10.16 cpe:/o:hp:hp-ux:10.20 cpe:/o:hp:hp-ux:10.24 cpe:/o:hp:hp-ux:10.26 cpe:/o:hp:hp-ux:10.30 cpe:/o:hp:hp-ux:10.34 cpe:/o:hp:hp-ux:11.00 cpe:/o:hp:hp-ux:11.04 cpe:/o:hp:hp-ux:11.11 cpe:/o:hp:hp-ux:11.20 cpe:/o:hp:hp-ux:11.22 CVE-2003-1097 2003-12-31T00:00:00.000-05:00 2017-10-10T21:29:18.653-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030429 HPUX rexec buffer overflow vulnerability CIAC N-088 CERT-VN VU#322540 HP HPSBUX0304-257 BID 7459 XF hp-rexec-command-bo(11890) Buffer overflow in rexec on HP-UX B.10.20, B.11.00, and B.11.04, when setuid root, may allow local users to gain privileges via a long -l option. cpe:/o:hp:hp-ux:11.22 CVE-2003-1098 2003-12-31T00:00:00.000-05:00 2017-10-10T21:29:18.717-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CERT-VN VU#862401 HP HPSBUX0301-238 BID 6638 SECTRACK 1005936 XF hp-xserver-gain-privileges(11094) The Xserver for HP-UX 11.22 was not properly built, which introduced a vulnerability that allows local users to gain privileges. CVE-2003-1099 2003-12-31T00:00:00.000-05:00 2017-10-10T21:29:18.763-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CIAC O-032 CERT-VN VU#509454 HP HPSBUX0312-304 BID 9141 XF hp-shar-tmpfile-symlink(13882) shar on HP-UX B.11.00, B.11.04, and B.11.11 creates temporary files with predictable names in /tmp, which allows local users to cause a denial of service and possibly execute arbitrary code via a symlink attack. cpe:/a:hummingbird:cyberdocs:3.5.1 cpe:/a:hummingbird:cyberdocs:3.9 cpe:/a:hummingbird:cyberdocs:4.0 CVE-2003-1100 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:44.510-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov CERT-VN VU#488684 MISC http://www.procheckup.com/security_info/vuln_pr0305.html BID 8815 XF hummingbird-docsfusionserver-multiple-xss(13399) Multiple cross-site scripting (XSS) vulnerabilities in Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allow remote attackers to inject arbitrary web script or HTML via certain vectors. cpe:/a:hummingbird:cyberdocs:3.5.1 cpe:/a:hummingbird:cyberdocs:3.9 cpe:/a:hummingbird:cyberdocs:4.0 CVE-2003-1101 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:44.557-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov CERT-VN VU#715548 MISC http://www.procheckup.com/security_info/vuln_pr0303.html BID 8816 XF Hummingbird-docsfusionserver-disclose-path(13398) Hummingbird CyberDOCS 3.5.1, 3.9, and 4.0 allows remote attackers to obtain the full path of the DM Web Server via invalid login credentials, which reveals the path in an error message. CVE-2003-1102 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:44.620-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov CERT-VN VU#989580 MISC http://www.procheckup.com/security_info/vuln_pr0302.html XF Hummingbird-docsfusionserver-file-access(13397) Hummingbird CyberDOCS 3.5, 3.9, and 4.0, when running on IIS, uses insecure permissions for script source code files, which allows remote attackers to read the source code. cpe:/a:hummingbird:cyberdocs:3.1 cpe:/a:hummingbird:cyberdocs:3.5.1 CVE-2003-1103 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:44.667-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CERT-VN VU#368300 MISC http://www.procheckup.com/security_info/vuln_pr0304.html BID 8800 XF hummingbird-docsfusionserver-sql-injection(13401) SQL injection vulnerability in loginact.asp for Hummingbird CyberDOCS before 3.9 allows remote attackers to execute arbitrary SQL commands. cpe:/a:ibm:tivoli_firewall_toolbox:1.2 CVE-2003-1104 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:44.727-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030320 IBM Tivoli Firewall Security Toolbox buffer overflow vulnerability CERT-VN VU#210937 BID 7154 XF tivoli-tfst-relay-bo(11584) Buffer overflow in IBM Tivoli Firewall Toolbox (TFST) 1.2 allows remote attackers to execute arbitrary code via unknown vectors. cpe:/a:microsoft:ie:5.01:sp3 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:6.0:sp1 CVE-2003-1105 2003-12-31T00:00:00.000-05:00 2018-10-12T17:33:51.557-04:00 2.6 NETWORK HIGH NONE NONE NONE PARTIAL http://nvd.nist.gov CERT-VN VU#813208 MS MS03-032 XF ie-input-type-dos(13029) Unknown vulnerability in Internet Explorer 5.01 SP3 through 6.0 SP1 allows remote attackers to cause a denial of service (browser or Outlook Express crash) via HTML with certain input tags that are not properly rendered. CVE-2003-1106 2003-12-31T00:00:00.000-05:00 2019-04-30T10:27:13.710-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-05-24T09:30:00.000-04:00 MSKB 330716 CERT-VN VU#155252 BID 8195 The SMTP service in Microsoft Windows 2000 before SP4 allows remote attackers to cause a denial of service (crash or hang) via an e-mail message with a malformed time stamp in the FILETIME attribute. cpe:/a:microsoft:windows_media_player:6.4 cpe:/a:microsoft:windows_media_player:7 cpe:/a:microsoft:windows_media_player:7.1 cpe:/a:microsoft:windows_media_player:9 CVE-2003-1107 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:44.837-04:00 5.1 NETWORK HIGH NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov MSKB 828026 CERT-VN VU#222044 XF mediaplayer-dhtml-code-execution(13375) The DHTML capability in Microsoft Windows Media Player (WMP) 6.4, 7.0, 7.1, and 9 may run certain URL commands from a security zone that is less trusted than the current zone, which allows attackers to bypass intended access restrictions. cpe:/a:alcatel-lucent:omnipcx:5.0::linux CVE-2003-1108 2003-12-31T00:00:00.000-05:00 2017-10-10T21:29:18.823-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CERT CA-2003-06 MISC http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/ CERT-VN VU#528719 BID 6904 XF sip-invite(11379) The Session Initiation Protocol (SIP) implementation in Alcatel OmniPCX Enterprise 5.0 Lx allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. cpe:/h:cisco:ip_phone_7940 cpe:/h:cisco:ip_phone_7960 cpe:/o:cisco:ios:12.2%281%29xa cpe:/o:cisco:ios:12.2%281%29xd cpe:/o:cisco:ios:12.2%281%29xd1 cpe:/o:cisco:ios:12.2%281%29xd3 cpe:/o:cisco:ios:12.2%281%29xd4 cpe:/o:cisco:ios:12.2%281%29xe cpe:/o:cisco:ios:12.2%281%29xe2 cpe:/o:cisco:ios:12.2%281%29xe3 cpe:/o:cisco:ios:12.2%281%29xh cpe:/o:cisco:ios:12.2%281%29xq cpe:/o:cisco:ios:12.2%281%29xs cpe:/o:cisco:ios:12.2%281%29xs1 cpe:/o:cisco:ios:12.2%282%29t4 cpe:/o:cisco:ios:12.2%282%29xa cpe:/o:cisco:ios:12.2%282%29xa1 cpe:/o:cisco:ios:12.2%282%29xa5 cpe:/o:cisco:ios:12.2%282%29xb cpe:/o:cisco:ios:12.2%282%29xb3 cpe:/o:cisco:ios:12.2%282%29xb4 cpe:/o:cisco:ios:12.2%282%29xf cpe:/o:cisco:ios:12.2%282%29xg cpe:/o:cisco:ios:12.2%282%29xh cpe:/o:cisco:ios:12.2%282%29xh2 cpe:/o:cisco:ios:12.2%282%29xh3 cpe:/o:cisco:ios:12.2%282%29xi cpe:/o:cisco:ios:12.2%282%29xi1 cpe:/o:cisco:ios:12.2%282%29xi2 cpe:/o:cisco:ios:12.2%282%29xj cpe:/o:cisco:ios:12.2%282%29xj1 cpe:/o:cisco:ios:12.2%282%29xk cpe:/o:cisco:ios:12.2%282%29xk2 cpe:/o:cisco:ios:12.2%282%29xn cpe:/o:cisco:ios:12.2%282%29xt cpe:/o:cisco:ios:12.2%282%29xt3 cpe:/o:cisco:ios:12.2%282%29xu cpe:/o:cisco:ios:12.2%282%29xu2 cpe:/o:cisco:ios:12.2%2811%29t cpe:/o:cisco:ios:12.2t cpe:/o:cisco:ios:12.2xa cpe:/o:cisco:ios:12.2xb cpe:/o:cisco:ios:12.2xc cpe:/o:cisco:ios:12.2xd cpe:/o:cisco:ios:12.2xe cpe:/o:cisco:ios:12.2xf cpe:/o:cisco:ios:12.2xg cpe:/o:cisco:ios:12.2xh cpe:/o:cisco:ios:12.2xi cpe:/o:cisco:ios:12.2xj cpe:/o:cisco:ios:12.2xk cpe:/o:cisco:ios:12.2xl cpe:/o:cisco:ios:12.2xm cpe:/o:cisco:ios:12.2xn cpe:/o:cisco:ios:12.2xq cpe:/o:cisco:ios:12.2xr cpe:/o:cisco:ios:12.2xs cpe:/o:cisco:ios:12.2xt cpe:/o:cisco:ios:12.2xw cpe:/o:cisco:pix_firewall_software:5.2%281%29 cpe:/o:cisco:pix_firewall_software:5.2%282%29 cpe:/o:cisco:pix_firewall_software:5.2%283.210%29 cpe:/o:cisco:pix_firewall_software:5.2%285%29 cpe:/o:cisco:pix_firewall_software:5.2%286%29 cpe:/o:cisco:pix_firewall_software:5.2%287%29 cpe:/o:cisco:pix_firewall_software:5.3 cpe:/o:cisco:pix_firewall_software:5.3%281%29 cpe:/o:cisco:pix_firewall_software:5.3%281.200%29 cpe:/o:cisco:pix_firewall_software:5.3%282%29 cpe:/o:cisco:pix_firewall_software:5.3%283%29 cpe:/o:cisco:pix_firewall_software:6.0 cpe:/o:cisco:pix_firewall_software:6.0%281%29 cpe:/o:cisco:pix_firewall_software:6.0%282%29 cpe:/o:cisco:pix_firewall_software:6.1%282%29 cpe:/o:cisco:pix_firewall_software:6.2%281%29 CVE-2003-1109 2003-12-31T00:00:00.000-05:00 2018-10-30T12:26:18.060-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS CERT CA-2003-06 CISCO 20030221 Multiple Product Vulnerabilities Found by PROTOS SIP Test Suite MISC http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/ CERT-VN VU#528719 BID 6904 SECTRACK 1006143 SECTRACK 1006144 SECTRACK 1006145 XF sip-invite(11379) The Session Initiation Protocol (SIP) implementation in multiple Cisco products including IP Phone models 7940 and 7960, IOS versions in the 12.2 train, and Secure PIX 5.2.9 to 6.2.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. cpe:/a:columbia_university:sipc:1.74 CVE-2003-1110 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:45.040-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS SECTRACK 1006167 CERT CA-2003-06 CONFIRM http://www.cs.columbia.edu/~xiaotaow/sipc/ouspg.html MISC http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/ CERT-VN VU#528719 BID 6904 XF sip-invite(11379) The Session Initiation Protocol (SIP) implementation in Columbia SIP User Agent (sipc) 1.74 and other versions before sipc 2.0 build 2003-02-21 allows remote attackers to cause a denial of service or execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. cpe:/a:dynamicsoft:appengine CVE-2003-1111 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:45.087-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS CERT CA-2003-06 CONFIRM http://www.dynamicsoft.com/support/advisory/ca-2003-06.php MISC http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/ CERT-VN VU#528719 BID 6904 XF sip-invite(11379) The Session Initiation Protocol (SIP) implementation in multiple dynamicsoft products including y and certain demo products for AppEngine allows remote attackers to cause a denial of service or execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. cpe:/h:ingate:ingate_firewall cpe:/h:ingate:ingate_siparator CVE-2003-1112 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:45.150-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS CERT CA-2003-06 MISC http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/ CERT-VN VU#528719 BID 6904 XF sip-invite(11379) The Session Initiation Protocol (SIP) implementation in Ingate Firewall and Ingate SIParator before 3.1.3 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. cpe:/h:iptel:sip_express_router:0.8.8 cpe:/h:iptel:sip_express_router:0.8.9 CVE-2003-1113 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:45.213-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS CERT CA-2003-06 MISC http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/ CONFIRM http://www.iptel.org/ser/security/ CERT-VN VU#528719 BID 6904 XF sip-invite(11379) The Session Initiation Protocol (SIP) implementation in IPTel SIP Express Router 0.8.9 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. cpe:/h:mediatrix_telecom:voip_access_devices_and_gateways:sipv2.3 cpe:/h:mediatrix_telecom:voip_access_devices_and_gateways:sipv2.4 CVE-2003-1114 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:45.260-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov CERT CA-2003-06 MISC http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/ CERT-VN VU#528719 BID 6904 XF sip-invite(11379) The Session Initiation Protocol (SIP) implementation in Mediatrix Telecom VoIP Access Devices and Gateways running SIPv2.4 and SIPv4.3 firmware allows remote attackers to cause a denial of service or execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. cpe:/h:nortel:succession_communication_server_2000 cpe:/h:nortel:succession_communication_server_2000:::compact CVE-2003-1115 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:45.307-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov CERT CA-2003-06 MISC http://www.ee.oulu.fi/research/ouspg/protos/testing/c07/sip/ CERT-VN VU#528719 BID 6904 XF sip-invite(11379) The Session Initiation Protocol (SIP) implementation in Nortel Networks Succession Communication Server 2000, when using SIP-T, allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted INVITE messages, as demonstrated by the OUSPG PROTOS c07-sip test suite. cpe:/a:oracle:e-business_suite:10.7 cpe:/a:oracle:e-business_suite:11.0 cpe:/a:oracle:e-business_suite:11.1 cpe:/a:oracle:e-business_suite:11.2 cpe:/a:oracle:e-business_suite:11.3 cpe:/a:oracle:e-business_suite:11.4 cpe:/a:oracle:e-business_suite:11.5 cpe:/a:oracle:e-business_suite:11.6 cpe:/a:oracle:e-business_suite:11.7 cpe:/a:oracle:e-business_suite:11.8 CVE-2003-1116 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:45.370-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030411 Integrigy Security Advisory - Oracle Applications FNDFS Vulnerability CONFIRM http://otn.oracle.com/deploy/security/pdf/2003alert53.pdf SECTRACK 1006550 MISC http://www.integrigy.com/alerts/FNDFS_Vulnerability.htm CERT-VN VU#168873 BID 7325 XF oracle-rra-authentication-bypass(11768) The communications protocol for the Report Review Agent (RRA), aka FND File Server (FNDFS) program, in Oracle E-Business Suite 10.7, 11.0, and 11.5.1 to 11.5.8 allows remote attackers to bypass authentication and obtain sensitive information from the Oracle Applications Concurrent Manager by spoofing requests to the TNS Listener. cpe:/a:realnetworks:realsystem_proxy:8 cpe:/a:realnetworks:realsystem_server:6 cpe:/a:realnetworks:realsystem_server:7 cpe:/a:realnetworks:realsystem_server:8 CVE-2003-1117 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:45.447-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS SECTRACK 1003604 CONFIRM http://service.real.com/help/faq/security/bufferoverflow.html CERT-VN VU#143627 CERT-VN VU#912219 XF realsystem-malformed-url-bo(11362) Buffer overflow in RealSystem Server 6.x, 7.x and 8.x, and RealSystem Proxy 8.x, related to URL error handling, allows remote attackers to cause a denial of service and possibly execute arbitrary code. cpe:/a:university_of_california:seti_at_home:3.3 cpe:/a:university_of_california:seti_at_home:3.4 cpe:/a:university_of_california:seti_at_home:3.5 cpe:/a:university_of_california:seti_at_home:3.6 cpe:/a:university_of_california:seti_at_home:3.7 CVE-2003-1118 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:45.493-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS FULLDISC 20030406 Seti@home information leakage and remote compromise CERT-VN VU#146785 BID 7292 XF seti@home-newline-bo(11731) Buffer overflow in the SETI@home client 3.03 and other versions allows remote attackers to cause a denial of service (client crash) and execute arbitrary code via a spoofed server response containing a long string followed by a \n (newline) character. cpe:/a:ssh:secure_shell:3.1 cpe:/a:ssh:secure_shell:3.2 CVE-2003-1119 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:05.653-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-05-23T14:14:00.000-04:00 CERT-VN VU#333980 CONFIRM http://www.ssh.com/company/newsroom/article/476/ SSH Secure Shell before 3.2.9 allows remote attackers to cause a denial of service via malformed BER/DER packets. cpe:/a:ssh:tectia_server:4.0.3 cpe:/a:ssh:tectia_server:4.0.4 CVE-2003-1120 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:45.557-04:00 3.7 LOCAL HIGH NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov SECTRACK 1009532 CERT-VN VU#814198 BID 9956 CONFIRM http://www.ssh.com/company/newsroom/article/520/ XF sshtectiaserver-passwdplugin-race-condition(15585) Race condition in SSH Tectia Server 4.0.3 and 4.0.4 for Unix, when the password change plugin (ssh-passwd-plugin) is enabled, allows local users to obtain the server's private key. CVE-2003-1121 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:45.633-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CERT-VN VU#231705 CERT-VN VU#609137 CONFIRM http://www.kb.cert.org/vuls/id/CRDY-5EXQRP CONFIRM http://www.kb.cert.org/vuls/id/CRDY-5EXQSV BID 7475 BID 7477 XF scriptlogic-rpc-modify-registry(11920) XF scriptlogic-runadmin-admin-access(11921) Services in ScriptLogic 4.01, and possibly other versions before 4.14, process client requests at raised privileges, which allows remote attackers to (1) modify arbitrary registry entries via the ScriptLogic RPC service (SLRPC) or (2) modify arbitrary configuration via the RunAdmin services (SLRAserver.exe and SLRAclient.exe). cpe:/a:scriptlogic:scriptlogic:4.01 CVE-2003-1122 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:45.680-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov CERT-VN VU#813737 MISC http://www.kb.cert.org/vuls/id/CRDY-5EXQT9 BID 7476 XF scriptlogic-logs$-insecure-permissions(11922) ScriptLogic 4.01, and possibly other versions before 4.14, uses insecure permissions for the LOGS$ share, which allows users to modify log records and possibly execute arbitrary code. cpe:/a:sun:jdk:1.2.2::solaris cpe:/a:sun:jdk:1.2.2_10::linux cpe:/a:sun:jdk:1.2.2_10::solaris cpe:/a:sun:jdk:1.2.2_10::windows cpe:/a:sun:jdk:1.2.2_11::linux cpe:/a:sun:jdk:1.2.2_11::solaris cpe:/a:sun:jdk:1.2.2_11::windows cpe:/a:sun:jdk:1.2.2_12::windows cpe:/a:sun:jdk:1.3::solaris cpe:/a:sun:jdk:1.3.0_02::linux cpe:/a:sun:jdk:1.3.0_02::solaris cpe:/a:sun:jdk:1.3.0_02::windows cpe:/a:sun:jdk:1.3.0_05::linux cpe:/a:sun:jdk:1.3.0_05::solaris cpe:/a:sun:jdk:1.3.0_05::windows cpe:/a:sun:jdk:1.3.1_01::linux cpe:/a:sun:jdk:1.3.1_01::solaris cpe:/a:sun:jdk:1.3.1_01a::windows cpe:/a:sun:jdk:1.3.1_03::linux cpe:/a:sun:jdk:1.3.1_03::solaris cpe:/a:sun:jdk:1.3.1_03::windows cpe:/a:sun:jdk:1.3.1_04::windows cpe:/a:sun:jdk:1.4::linux cpe:/a:sun:jdk:1.4::solaris cpe:/a:sun:jdk:1.4::windows cpe:/a:sun:jdk:1.4.0_01::windows cpe:/a:sun:jre:1.2.2::solaris cpe:/a:sun:jre:1.2.2::windows cpe:/a:sun:jre:1.2.2:update10:linux cpe:/a:sun:jre:1.2.2:update10:solaris cpe:/a:sun:jre:1.2.2:update10:windows cpe:/a:sun:jre:1.2.2_003::linux cpe:/a:sun:jre:1.2.2_011::linux cpe:/a:sun:jre:1.2.2_011::solaris cpe:/a:sun:jre:1.2.2_011::windows cpe:/a:sun:jre:1.2.2_012::solaris cpe:/a:sun:jre:1.3.0::linux cpe:/a:sun:jre:1.3.0::solaris cpe:/a:sun:jre:1.3.0::windows cpe:/a:sun:jre:1.3.0:update2:linux cpe:/a:sun:jre:1.3.0:update2:solaris cpe:/a:sun:jre:1.3.0:update2:windows cpe:/a:sun:jre:1.3.0:update4:windows cpe:/a:sun:jre:1.3.0:update5:linux cpe:/a:sun:jre:1.3.0:update5:solaris cpe:/a:sun:jre:1.3.0:update5:windows cpe:/a:sun:jre:1.3.1::linux cpe:/a:sun:jre:1.3.1:update1:linux cpe:/a:sun:jre:1.3.1:update1:solaris cpe:/a:sun:jre:1.3.1:update1:windows cpe:/a:sun:jre:1.3.1:update4:solaris cpe:/a:sun:jre:1.3.1:update4:windows cpe:/a:sun:jre:1.3.1_03::linux cpe:/a:sun:jre:1.3.1_03::solaris cpe:/a:sun:jre:1.3.1_03::windows cpe:/a:sun:jre:1.4::linux cpe:/a:sun:jre:1.4::solaris cpe:/a:sun:jre:1.4::windows cpe:/a:sun:jre:1.4.0_01::solaris cpe:/a:sun:jre:1.4.0_01::windows CVE-2003-1123 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:45.760-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS SECTRACK 1006935 SUNALERT 55100 CERT-VN VU#393292 BID 7824 XF sun-applet-access-information(12189) Sun Java Runtime Environment (JRE) and SDK 1.4.0_01 and earlier allows untrusted applets to access certain information within trusted applets, which allows attackers to bypass the restrictions of the Java security model. cpe:/a:sun:management%2bcenter:2.1.1 cpe:/a:sun:management%2bcenter:3.0 cpe:/a:sun:management%2bcenter:3.0_revenue_release CVE-2003-1124 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:45.823-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov SUNALERT 55141 CERT-VN VU#758932 BID 7960 XF sunmc-files-writable-permissions(12343) Unknown vulnerability in Sun Management Center (SunMC) 2.1.1, 3.0, and 3.0 Revenue Release (RR), when installed and run by root, allows local users to create or modify arbitrary files. cpe:/a:sun:one_directory_server:4.16 cpe:/a:sun:one_directory_server:5.0 cpe:/a:sun:one_directory_server:5.1 CVE-2003-1125 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:06.700-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-05-23T13:14:00.000-04:00 SUNALERT 52102 CERT-VN VU#195644 Unknown vulnerability in ns-ldapd for Sun ONE Directory Server 4.16, 5.0, and 5.1 allows LDAP clients to cause a denial of service (service halt). cpe:/a:sun:one_web_server:6.0:sp3 cpe:/a:sun:one_web_server:6.0:sp4 cpe:/a:sun:one_web_server:6.0:sp5 CVE-2003-1126 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:06.857-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-05-23T13:04:00.000-04:00 SUNALERT 56180 CERT-VN VU#636964 Unknown vulnerability in SunOne/iPlanet Web Server SP3 through SP5 on Windows platforms allows remote attackers to cause a denial of service. cpe:/a:whale_communications:e-gap:2.5 CVE-2003-1127 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:45.870-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov CERT-VN VU#371470 MISC http://www.procheckup.com/security_info/vuln_pr0307.html BID 9431 XF egap-url-information-disclosure(14869) Whale Communications e-Gap 2.5 on Windows 2000 allows remote attackers to obtain the source code for the login page via the HTTP TRACE method, which bypasses the preprocessor. cpe:/a:x2_studios:xmms_remote:0.1 CVE-2003-1128 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:45.917-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS CERT-VN VU#583020 BID 7534 CONFIRM http://www.x2studios.com/index.php?page=kb&id=16 XF xmms-remote-command-execution(12139) XMMS.pm in X2 XMMS Remote, as obtained from the vendor server between 4 AM 11 AM PST on May 7, 2003, allows remote attackers to execute arbitrary commands via shell metacharacters in a request to TCP port 8086. cpe:/a:yahoo:audio_conferencing_activex_control:1.0.0.43 CVE-2003-1129 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:45.977-04:00 2.6 NETWORK HIGH NONE NONE NONE PARTIAL http://nvd.nist.gov CONFIRM http://help.yahoo.com/help/us/mesg/use/use-45.html CERT-VN VU#272644 BUGTRAQ 20030530 Yahoo! Security Advisory: Yahoo! Voice Chat BID 7561 XF yahoo-audio-bo(12130) Buffer overflow in the Yahoo! Audio Conferencing (aka Voice Chat) ActiveX control before 1,0,0,45 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a URL with a long hostname to Yahoo! Messenger or Yahoo! Chat. CVE-2003-1130 2003-12-31T00:00:00.000-05:00 2008-09-10T15:21:53.977-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-1071. Reason: This candidate is a duplicate of CVE-2003-1071. Notes: All CVE users should reference CVE-2003-1071 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. cpe:/a:activecampaign:knowledgebuilder:2.0.1 cpe:/a:activecampaign:knowledgebuilder:2.1.0 cpe:/a:activecampaign:knowledgebuilder:2.1.4 cpe:/a:activecampaign:knowledgebuilder:3.0.1 CVE-2003-1131 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:46.027-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20050312 KnowledgeBase BUGTRAQ 20031224 Remote Code Execution in Knowledge Builder. BID 9292 XF knowledgebuilder-indexphp-file-include(14078) PHP remote file inclusion vulnerability in index.php in KnowledgeBuilder, referred to as KnowledgeBase, allows remote attackers to execute arbitrary PHP code by modifying the page parameter to reference a URL on a remote web server that contains the code. cpe:/h:cisco:content_services_switch_11000 cpe:/h:cisco:content_services_switch_11500 CVE-2003-1132 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:07.747-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-05-23T12:35:00.000-04:00 CISCO 20041008 Cisco Content Service Switch 11000 Series DNS Negative Cache of Information Denial-of-Service Vulnerability CERT-VN VU#714121 The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or "Name Error") instead of response code 0 ("No Error"), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server. cpe:/a:ritlabs:the_bat:1.1 cpe:/a:ritlabs:the_bat:1.5 cpe:/a:ritlabs:the_bat:1.011 cpe:/a:ritlabs:the_bat:1.14 cpe:/a:ritlabs:the_bat:1.015 cpe:/a:ritlabs:the_bat:1.17 cpe:/a:ritlabs:the_bat:1.18 cpe:/a:ritlabs:the_bat:1.19 cpe:/a:ritlabs:the_bat:1.21 cpe:/a:ritlabs:the_bat:1.22 cpe:/a:ritlabs:the_bat:1.028 cpe:/a:ritlabs:the_bat:1.029 cpe:/a:ritlabs:the_bat:1.031 cpe:/a:ritlabs:the_bat:1.032 cpe:/a:ritlabs:the_bat:1.33 cpe:/a:ritlabs:the_bat:1.34 cpe:/a:ritlabs:the_bat:1.035 cpe:/a:ritlabs:the_bat:1.036 cpe:/a:ritlabs:the_bat:1.037 cpe:/a:ritlabs:the_bat:1.039 cpe:/a:ritlabs:the_bat:1.041 cpe:/a:ritlabs:the_bat:1.42 cpe:/a:ritlabs:the_bat:1.42f cpe:/a:ritlabs:the_bat:1.043 cpe:/a:ritlabs:the_bat:1.44 cpe:/a:ritlabs:the_bat:1.45 cpe:/a:ritlabs:the_bat:1.46 cpe:/a:ritlabs:the_bat:1.47 cpe:/a:ritlabs:the_bat:1.48 cpe:/a:ritlabs:the_bat:1.49 cpe:/a:ritlabs:the_bat:1.51 cpe:/a:ritlabs:the_bat:1.52 cpe:/a:ritlabs:the_bat:1.53d cpe:/a:ritlabs:the_bat:1.101 cpe:/a:ritlabs:the_bat:2.0 cpe:/a:ritlabs:the_bat:2.0.1 CVE-2003-1133 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:46.087-04:00 2.1 LOCAL LOW NONE PARTIAL NONE NONE http://nvd.nist.gov SECTRACK 1008004 BUGTRAQ 20031025 Some serious security holes in 'The Bat!' BID 8891 XF thebat-access-email(13527) Rit Research Labs The Bat! 1.0.11 through 2.0 creates new accounts with insecure ACLs, which allows local users to read other users' email messages. cpe:/a:sun:java:1.3.1 cpe:/a:sun:java:1.4.1 cpe:/a:sun:java:1.4.2 CVE-2003-1134 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:08.137-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-05-23T12:20:00.000-04:00 FULLDISC 20031026 Java 1.4.2_02 InsecurityManager JVM crash BID 8892 Sun Java 1.3.1, 1.4.1, and 1.4.2 allows local users to cause a denial of service (JVM crash), possibly by calling the ClassDepth function with a null parameter, which causes a crash instead of generating a null pointer exception. cpe:/a:yahoo:messenger:5.6 CVE-2003-1135 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:08.293-04:00 2.6 NETWORK HIGH NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-05-23T12:16:00.000-04:00 BUGTRAQ 20031026 Buffer Overflow in Yahoo messenger Client BID 8894 Buffer overflow in Yahoo! Messenger 5.6 allows remote attackers to cause a denial of service (crash) via a file send request (sendfile) with a large number of "%" (percent) characters after the Yahoo ID. cpe:/a:chi_kien_uong:chi_kien_uong_guestbook:1.51 CVE-2003-1136 2003-10-23T00:00:00.000-04:00 2017-07-10T21:29:46.150-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov SECTRACK 1008006 BUGTRAQ 20031026 New Vulnerability BID 8895 BID 8896 XF guestbook-html-xss(13522) XF guestbook-doublequotation-xss(13523) Cross-site scripting (XSS) vulnerability in Chi Kien Uong Guestbook 1.51 allows remote attackers to inject arbitrary web script or HTML via (1) HTML in a posted message or (2) Javascript in an onmouseover attribute in an e-mail address or URL. cpe:/a:charles_steinkuehler:sh-httpd:0.3 cpe:/a:charles_steinkuehler:sh-httpd:0.4 CVE-2003-1137 2003-10-27T00:00:00.000-05:00 2017-07-10T21:29:46.197-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20031027 sh-httpd `wildcard character' vulnerability BUGTRAQ 20031028 Re: sh-httpd `wildcard character' vulnerability BID 8897 XF shtttpd-get-information-disclosure(13519) Charles Steinkuehler sh-httpd 0.3 and 0.4 allows remote attackers to read files or execute arbitrary CGI scripts via a GET request that contains an asterisk (*) wildcard character. cpe:/a:redhat:interchange:2.0.40_21.5::i386 CVE-2003-1138 2003-10-27T00:00:00.000-05:00 2008-09-05T16:36:08.747-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2005-05-23T11:33:00.000-04:00 BUGTRAQ 20031027 Root Directory Listing on RH default apache BID 8898 The default configuration of Apache 2.0.40, as shipped with Red Hat Linux 9.0, allows remote attackers to list directory contents, even if auto indexing is turned off and there is a default web page configured, via a GET request containing a double slash (//). cpe:/a:musicqueue:musicqueue:1.2 CVE-2003-1139 2003-10-27T00:00:00.000-05:00 2017-07-10T21:29:46.243-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov SECTRACK 1008014 BUGTRAQ 20031027 Musicqueue multiple local vulnerabilities BID 8899 XF musicqueue-tmpfile-symlink(13520) Musicqueue 1.2.0 allows local users to overwrite arbitrary files by triggering a segmentation fault and using a symlink attack on the resulting musicqueue.crash file. cpe:/a:musicqueue:musicqueue:0.9 cpe:/a:musicqueue:musicqueue:0.9.1 cpe:/a:musicqueue:musicqueue:0.9.2 cpe:/a:musicqueue:musicqueue:1.0 cpe:/a:musicqueue:musicqueue:1.1 cpe:/a:musicqueue:musicqueue:1.1.1 CVE-2003-1140 2003-10-27T00:00:00.000-05:00 2017-07-10T21:29:46.307-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20031027 Musicqueue multiple local vulnerabilities SECTRACK 1008014 BUGTRAQ 20031027 Musicqueue multiple local vulnerabilities BID 8903 XF musicqueue-getconf-bo(13521) Buffer overflow in Musicqueue 1.2.0 allows local users to execute arbitrary code via a long language variable in the configuration file. cpe:/h:network_instruments:niprint_lpd-lpr_print_server:4.10 CVE-2003-1141 2003-11-04T00:00:00.000-05:00 2017-07-10T21:29:46.353-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20031104 SRT2003-11-02-0115 - NIPrint LPD-LPR Remote overflow BUGTRAQ 20031104 NIPrint remote exploit BID 8968 XF niprint-bo(13591) Buffer overflow in NIPrint 4.10 allows remote attackers to execute arbitrary code via a long string to TCP port 515. CVE-2003-1142 2003-11-03T00:00:00.000-05:00 2017-07-10T21:29:46.417-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20031104 SRT2003-11-02-0218 - NIPrint LPD-LPR Local Help API SYSTEM exploit BID 8969 XF niprint-helpapi-gain-privileges(13592) Help in NIPrint LPD-LPR Print Server 4.10 and earlier executes Windows Explorer with SYSTEM privileges, which allows local users to gain privileges. cpe:/a:croteam:serioussam:test_2_2.1_a cpe:/a:croteam:serioussam:the_first_encounter_1.0.5 cpe:/a:croteam:serioussam:the_second_encounter_1.0.5 cpe:/a:croteam:serioussam:the_second_encounter_demo CVE-2003-1143 2003-10-30T00:00:00.000-05:00 2017-07-10T21:29:46.493-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20031030 Serious Sam is not so serious BID 8936 XF serioussam-games-packet-dos(13618) Croteam Serious Sam demo test 2 2.1a, Serious Sam: the First Encounter 1.05, and Serious Sam: the Second Encounter 1.05 allow remote attackers to cause a denial of service (crash or freeze) via a TCP packet with an invalid first parameter. cpe:/a:perception:liteserve:1.25 cpe:/a:perception:liteserve:1.28 cpe:/a:perception:liteserve:2.0 cpe:/a:perception:liteserve:2.0.1 cpe:/a:perception:liteserve:2.0.2 cpe:/a:perception:liteserve:2.2 CVE-2003-1144 2003-11-04T00:00:00.000-05:00 2017-07-10T21:29:46.557-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov SECTRACK 1008093 BUGTRAQ 20031104 Liteserve Buffer Overflow in Handling Server's Log. BID 8971 XF liteserve-log-entry-bo(13599) Buffer overflow in the log viewing interface in Perception LiteServe 1.25 through 2.2 allows remote attackers to execute arbitrary code via a GET request with a long file name. CVE-2003-1145 2003-11-03T00:00:00.000-05:00 2017-07-10T21:29:46.620-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20031107 OpenAutoClassifieds XSS attack BID 8972 XF openautoclassifieds-friendmail-xss(13604) Cross-site scripting (XSS) vulnerability in friendmail.php in OpenAutoClassifieds 1.0 allows remote attackers to inject arbitrary web script or HTML via the listing parameter. cpe:/a:john_beatty:easy_php_photo_album:1.0 CVE-2003-1146 2003-05-11T00:00:00.000-04:00 2008-09-05T16:36:09.997-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-23T10:43:00.000-04:00 MISC http://security.nnov.ru/docs5347.html BID 8977 Cross-site scripting (XSS) vulnerability in John Beatty Easy PHP Photo Album 1.0 allows remote attackers to inject arbitrary web script or HTML via the dir parameter. CVE-2003-1147 2003-12-31T00:00:00.000-05:00 2008-09-10T15:21:55.337-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0955. Reason: This candidate is a duplicate of CVE-2003-0955. Notes: All CVE users should reference CVE-2003-0955 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. cpe:/a:les_visiteurs:les_visiteurs:2.0.1 CVE-2003-1148 2003-10-25T00:00:00.000-04:00 2017-07-10T21:29:46.697-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20031026 Les Visiteurs v2.0.1 code injection vulnerability SECTRACK 1008011 SECTRACK 1017065 BID 8902 XF les-visiteurs-file-include(13529) Multiple PHP remote file inclusion vulnerabilities in J-Pierre DEZELUS Les Visiteurs 2.0.1, as used in phpMyConferences (phpMyConference) 8.0.2 and possibly other products, allow remote attackers to execute arbitrary PHP code via a URL in the lvc_include_dir parameter to (1) config.inc.php or (2) new-visitor.inc.php in common/visiteurs/include/. cpe:/a:symantec:norton_internet_security:2003_6.0.4.34 CVE-2003-1149 2003-10-27T00:00:00.000-05:00 2017-07-10T21:29:46.743-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov CONFIRM http://securityresponse.symantec.com/avcenter/security/Content/2003.10.27.html BUGTRAQ 20031027 Norton Internet Security 2003 XSS BID 8904 XF norton-is-blocked-xss(13528) Cross-site scripting (XSS) vulnerability in Symantec Norton Internet Security 2003 6.0.4.34 allows remote attackers to inject arbitrary web script or HTML via a URL to a blocked site, which is displayed on the blocked sites error page. cpe:/a:novell:zenworks_desktops:3.2:sp2 cpe:/a:novell:zenworks_desktops:4.0 cpe:/a:novell:zenworks_desktops:4.0.1 cpe:/o:novell:netware:6.0:sp3 CVE-2003-1150 2003-10-27T00:00:00.000-05:00 2017-07-10T21:29:46.807-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BID 8907 XF novell-portmapper-bo(13564) Buffer overflow in the portmapper service (PMAP.NLM) in Novell NetWare 6 SP3 and ZenWorks for Desktops 3.2 SP2 through 4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via unknown attack vectors. CVE-2003-1151 2003-10-28T00:00:00.000-05:00 2017-07-10T21:29:46.887-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov SECTRACK 1008020 BUGTRAQ 20031028 Fastream NetFile FTP/WebServer 6.0 CSS Vulnerability BID 8908 XF fastream-nonexistent-url-xss(13535) Cross-site scripting (XSS) vulnerability in Fastream NETFile Server 6.0.3.588 allows remote attackers to inject arbitrary web script or HTML via the URL, which is displayed on a "404 Not Found" error page. cpe:/a:infrontech:webtide:7.0.4 CVE-2003-1152 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:46.947-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov FULLDISC 20031028 STG Security Advisory: [SSA-20031025-05] InfronTech WebTide 7.04 Directory and File Disclosure Vulnerability SECTRACK 1008016 BID 8909 XF webtide-file-disclosure(13533) WebTide 7.04 allows remote attackers to list arbitrary directories via an HTTP request for %3f.jsp (encoded "?"). cpe:/a:bytehoard:bytehoard:0.7 cpe:/a:bytehoard:bytehoard:0.71 CVE-2003-1153 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:47.010-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov FULLDISC 20031027 Bytehoard File Disclosure VUlnerability Sequel BID 8910 XF bytehoard-view-file(13531) byteHoard 0.7 and 0.71 allows remote attackers to list arbitrary files and directories via a direct request to files.inc.php. cpe:/a:clearswift:mailsweeper:4.0 cpe:/a:clearswift:mailsweeper:4.1 cpe:/a:clearswift:mailsweeper:4.2 cpe:/a:clearswift:mailsweeper:4.3 cpe:/a:clearswift:mailsweeper:4.3.3 cpe:/a:clearswift:mailsweeper:4.3.4 cpe:/a:clearswift:mailsweeper:4.3.5 cpe:/a:clearswift:mailsweeper:4.3.6 cpe:/a:clearswift:mailsweeper:4.3.6_sp1 cpe:/a:clearswift:mailsweeper:4.3.7 cpe:/a:clearswift:mailsweeper:4.3.8 cpe:/a:clearswift:mailsweeper:4.3.10 CVE-2003-1154 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:47.073-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov MISC http://www.computerworld.co.nz/cw.nsf/0/BF9E8E6E2D313E5FCC256DD70016473F?OpenDocument&More= BID 8982 XF mailsweeper-zip-virus-bypass(13611) MAILsweeper for SMTP 4.3 allows remote attackers to bypass virus protection via a mail message with a malformed zip attachment, as exploited by certain MIMAIL virus variants. cpe:/a:x-cd-roast:x-cd-roast:0.98_alpha10 cpe:/a:x-cd-roast:x-cd-roast:0.98_alpha11 cpe:/a:x-cd-roast:x-cd-roast:0.98_alpha12 cpe:/a:x-cd-roast:x-cd-roast:0.98_alpha13 cpe:/a:x-cd-roast:x-cd-roast:0.98_alpha14 CVE-2003-1155 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:47.150-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov SECTRACK 1008094 BID 8983 CONFIRM http://www.xcdroast.org/xcdr098/changelog-a15.html XF xcdroast-symlink(13612) X-CD-Roast 0.98 alpha10 through alpha14 allows local users to overwrite arbitrary files via a symlink attack on an unknown file. cpe:/a:sun:jdk:1.4.2::linux cpe:/a:sun:jdk:1.4.2_02::linux cpe:/a:sun:jre:1.4.2::linux cpe:/a:sun:jre:1.4.2:update2:linux CVE-2003-1156 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:47.213-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20031031 Advisory: Sun's jre/jdk 1.4.2 multiple vulernabilities in linuxinstallers BID 8937 XF sun-jre-java-symlink(13570) Java Runtime Environment (JRE) and Software Development Kit (SDK) 1.4.2 through 1.4.2_02 allows local users to overwrite arbitrary files via a symlink attack on (1) unpack.log, as created by the unpack program, or (2) .mailcap1 and .mime.types1, as created by the RPM program. cpe:/a:citrix:metaframe:1.0::xp CVE-2003-1157 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:47.260-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20031031 IRM 008: Citrix Metaframe XP is vulnerable to Cross Site Scripting BID 27948 BID 8939 XF metaframe-error-message-xss(13569) XF citrix-webmanager-login-xss(40782) Cross-site scripting (XSS) vulnerability in login.asp in Citrix MetaFrame XP Server 1.0 allows remote attackers to inject arbitrary web script or HTML via the NFuse_Message parameter. cpe:/a:plug_and_play_software:plug_and_play_web_server:1.0.002c CVE-2003-1158 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:47.307-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030917 Denial Of Service in Plug & Play Web (FTP) Server BID 8667 XF plugandplaywebserver-multiple-commands-dos(13219) Multiple buffer overflows in the FTP service in Plug and Play Web Server 1.0002c allow remote attackers to cause a denial of service (crash) via long (1) dir, (2) ls, (3) delete, (4) mkdir, (5) DELE, (6) RMD, or (7) MKD commands. cpe:/a:plug_and_play:plug_and_play_web_server_proxy:1.0002c CVE-2003-1159 2003-10-31T00:00:00.000-05:00 2017-07-10T21:29:47.370-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20031031 DoS in Plug and Play Web Server Proxy Server BID 8941 XF plugandplaywebserver-get-dos(13572) Plug and Play Web Server Proxy 1.0002c allows remote attackers to cause a denial of service (server crash) via an invalid URI in an HTTP GET request to TCP port 8080. cpe:/a:seyeon:flexwatch_network_video_server:2.2 cpe:/a:seyeon:flexwatch_network_video_server:model_132 CVE-2003-1160 2003-10-30T00:00:00.000-05:00 2017-07-10T21:29:47.417-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS MISC http://packetstormsecurity.nl/0310-exploits/FlexWATCH.txt SECTRACK 1008049 BID 8942 XF flexwatch-slash-admin-access(13567) FlexWATCH Network video server 132 allows remote attackers to bypass authentication and gain administrative privileges via an HTTP request to aindex.htm that contains double leading slashes (//). cpe:/o:linux:linux_kernel:2.6_test9_cvs CVE-2003-1161 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:12.230-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-05-23T09:29:00.000-04:00 ALLOWS_ADMIN_ACCESS BID 8987 MLIST [linux-kernel] 20031105 BK2CVS problem MLIST [linux-kernel] 20031105 Re: BK2CVS problem MLIST [linux-kernel] 20031105 Re: BK2CVS problem exit.c in Linux kernel 2.6-test9-CVS, as stored on kernel.bkbits.net, was modified to contain a backdoor, which could allow local users to elevate their privileges by passing __WCLONE|__WALL to the sys_wait4 function. cpe:/a:tritanium_scripts:tritanium_bulletin_board:0.993_beta cpe:/a:tritanium_scripts:tritanium_bulletin_board:0.994_beta cpe:/a:tritanium_scripts:tritanium_bulletin_board:0.999_beta cpe:/a:tritanium_scripts:tritanium_bulletin_board:1.0_beta cpe:/a:tritanium_scripts:tritanium_bulletin_board:1.1_final cpe:/a:tritanium_scripts:tritanium_bulletin_board:1.2 cpe:/a:tritanium_scripts:tritanium_bulletin_board:1.2.1 cpe:/a:tritanium_scripts:tritanium_bulletin_board:1.2.2 cpe:/a:tritanium_scripts:tritanium_bulletin_board:1.2.3 CVE-2003-1162 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:47.463-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20031031 Virginity Security Advisory 2003-002 : Tritanium Bulletin Board - Read and write from/to internal (protected) Threads BID 8944 XF tritanium-threadid-view-messages(13587) index.php in Tritanium Bulletin Board 1.2.3 allows remote attackers to read and reply to arbitrary messages by modifying the thread_id, forum_id, and sid parameters. cpe:/a:ganglia:gmond:2.5.0 cpe:/a:ganglia:gmond:2.5.1 cpe:/a:ganglia:gmond:2.5.2 cpe:/a:ganglia:gmond:2.5.3 cpe:/a:ganglia:gmond:2.5.4 CVE-2003-1163 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:47.510-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONFIRM http://ganglia.sourceforge.net/ BUGTRAQ 20031106 DoS for Ganglia BID 8988 XF ganglia-gmond-dos(13631) hash.c in Ganglia gmond 2.5.3 allows remote attackers to cause a denial of service (segmentation fault) via a UDP packet that contains a single-byte name string, which is used as an out-of-bounds array index. cpe:/a:mldonkey:mldonkey:2.5.4 CVE-2003-1164 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:47.573-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov FULLDISC 20031031 XSS In mldonkey - But.... BID 8946 XF mldonkey-xss(13615) Cross-site scripting (XSS) vulnerability in Mldonkey 2.5-4 allows remote attackers to inject arbitrary web script or HTML via the URI, which is injected into the HTML error page. cpe:/a:brs:webweaver:0.49_beta cpe:/a:brs:webweaver:0.50_beta cpe:/a:brs:webweaver:0.51_beta cpe:/a:brs:webweaver:0.52_beta cpe:/a:brs:webweaver:0.60_beta cpe:/a:brs:webweaver:0.61_beta cpe:/a:brs:webweaver:0.62_beta cpe:/a:brs:webweaver:0.63_beta cpe:/a:brs:webweaver:1.0.1 cpe:/a:brs:webweaver:1.0.2 cpe:/a:brs:webweaver:1.0.3 cpe:/a:brs:webweaver:1.0.4 cpe:/a:brs:webweaver:1.0.5 cpe:/a:brs:webweaver:1.0.6 CVE-2003-1165 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:47.637-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20031101 BRS WebWeaver 1.06 remote DoS vulnerability BID 8947 XF brswebweaver-useragent-bo(13571) Buffer overflow in BRS WebWeaver 1.06 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via an HTTP request with a long User-Agent header. cpe:/a:http_commander:http_commander:4.0 CVE-2003-1166 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:47.680-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov CONFIRM http://www.http-com.com/Default.asp?section=Features BID 8948 XF http-commander-directory-traversal(13622) Directory traversal vulnerability in (1) Openfile.aspx and (2) Html.aspx in HTTP Commander 4.0 allows remote attackers to view arbitrary files via a .. (dot dot) in the file parameter. cpe:/a:gernot_stocker:kpopup:0.9.1 cpe:/a:gernot_stocker:kpopup:0.9.5_pre2 CVE-2003-1167 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:47.760-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20031028 Local root vuln in kpopup BID 8915 XF kpopup-systemcall-execute-code(13540) misc.cpp in KPopup 0.9.1 trusts the PATH variable when executing killall, which allows local users to elevate their privileges by modifying the PATH variable to reference a malicious killall program. CVE-2003-1168 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:13.357-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2005-05-22T23:19:00.000-04:00 BID 8949 HTTP Commander 4.0 allows remote attackers to obtain sensitive information via an HTTP request that contains a . (dot) in the file parameter, which reveals the installation path in an error message. cpe:/a:datev:nutzungskontrolle:2.1 cpe:/a:datev:nutzungskontrolle:2.2 CVE-2003-1169 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:47.823-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov FULLDISC 20031101 DATEV Nutzungskontrolle Bypassing (REG) BID 8950 XF nutzungskontrolle-registry-security-bypass(13589) DATEV Nutzungskontrolle 2.1 and 2.2 has insecure write permissions for critical registry keys, which allows local users to bypass access restrictions by importing NukoInfo values in certain DATEV keys, which disables Nutzungskontrolle. cpe:/a:gernot_stocker:kpopup:0.9.1 cpe:/a:gernot_stocker:kpopup:0.9.5_pre2 CVE-2003-1170 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:13.653-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-05-22T23:05:00.000-04:00 ALLOWS_ADMIN_ACCESS BUGTRAQ 20031028 Local root vuln in kpopup BID 8918 Format string vulnerability in main.cpp in kpopup 0.9.1 and 0.9.5pre2 allows local users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via format string specifiers in command line arguments. cpe:/a:mod_security:mod_security:1.7 cpe:/a:mod_security:mod_security:1.7.1 CVE-2003-1171 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:47.900-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS MISC http://adsystems.com.pl/adg-mod_security171.txt SECTRACK 1008025 CONFIRM http://www.modsecurity.org/download/CHANGES BUGTRAQ 20031028 mod_security 1.7RC1 to 1.7.1 vulnerability BID 8919 XF mod-security-secfilterout-bo(13543) Heap-based buffer overflow in the sec_filter_out function in mod_security 1.7RC1 through 1.7.1 in Apache 2 allows remote attackers to execute arbitrary code via a server side script that sends a large amount of data. cpe:/a:apache:cocoon:2.1 cpe:/a:apache:cocoon:2.1.2 cpe:/a:apache:cocoon:2.2 CVE-2003-1172 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:47.963-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov CONFIRM http://issues.apache.org/bugzilla/show_bug.cgi?id=23949 SECTRACK 1007993 MISC http://www.securiteam.com/securitynews/6W00L0U8KC.html BID 8883 XF apachecocoon-directory-traversal-bootini(13499) Directory traversal vulnerability in the view-source sample file in Apache Software Foundation Cocoon 2.1 and 2.2 allows remote attackers to access arbitrary files via a .. (dot dot) in the filename parameter. CVE-2003-1173 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:48.027-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20031028 FirstClass 7.1 HTTP Server: Remote Directory Listing BUGTRAQ 20031030 Re: FirstClass 7.1 HTTP Server: Remote Directory Listing BID 8920 XF firstclass-view-unauthorized-files(13546) Centrinity FirstClass 7.1 allows remote attackers to access sensitive information by appending search to the end of the URL and checking all of the search option checkboxes and leaving the text field blank, which will return all files in the searched directory. cpe:/a:nullsoft:shoutcast_server:1.9.2 CVE-2003-1174 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:48.073-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SECTRACK 1008080 BUGTRAQ 20031102 ShoutCast server 1.9.2/win32 BID 8954 XF shoutcast-long-icy-dos(13586) Buffer overflow in NullSoft Shoutcast Server 1.9.2 allows local users to cause a denial of service via (1) icy-name followed by a long server name or (2) icy-url followed by a long URL. cpe:/a:synthetic_reality:sympoll:1.5 CVE-2003-1175 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:48.137-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov CONFIRM http://sourceforge.net/tracker/index.php?func=detail&aid=834374&group_id=64442&atid=507493 BID 8956 XF sympoll-indexphp-xss(13630) Cross-site scripting (XSS) vulnerability in index.php in Sympoll 1.5 allows remote attackers to inject arbitrary web script or HTML via the vo parameter. cpe:/a:bdc_enterprises:web_wiz_forums:6.34 cpe:/a:bdc_enterprises:web_wiz_forums:7.01 cpe:/a:bdc_enterprises:web_wiz_forums:7.5 CVE-2003-1176 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:48.197-04:00 6.4 NETWORK LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov SECTRACK 1008100 BUGTRAQ 20031102 Unauthorized access in Web Wiz Forum BUGTRAQ 20031104 Re: Unauthorized access in Web Wiz Forum BID 8957 XF webwizforums-quotemode-message-access(13581) post_message_form.asp in Web Wiz Forums 6.34 through 7.5, when quote mode is used, allows remote attackers to read or write to private forums by modifying the FID (forum ID) parameter. cpe:/a:atrium_software:mercur_mailserver:3.3 cpe:/a:atrium_software:mercur_mailserver:3.3_sp1 cpe:/a:atrium_software:mercur_mailserver:3.3_sp2 cpe:/a:atrium_software:mercur_mailserver:4.1 cpe:/a:atrium_software:mercur_mailserver:4.1_sp1 cpe:/a:atrium_software:mercur_mailserver:4.2 cpe:/a:atrium_software:mercur_mailserver:4.2_sp1 cpe:/a:atrium_software:mercur_mailserver:4.2_sp2 CVE-2003-1177 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:48.260-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov FULLDISC 20031024 Vulnerability in MERCUR Mail Server v4.2 SP3 and below CONFIRM http://www.atrium-software.com/mail%20server/pub/mcr42sp3a.html MISC http://www.securiteam.com/windowsntfocus/6U00N1P8KC.html BID 8861 BID 8889 XF mercur-auth-command-dos(13468) Buffer overflow in the base64 decoder in MERCUR Mailserver 4.2 before SP3a allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long (1) AUTH command to the POP3 server or (2) AUTHENTICATE command to the IMAP server. cpe:/a:advanced_poll:advanced_poll:2.0.0 cpe:/a:advanced_poll:advanced_poll:2.0.1 cpe:/a:advanced_poll:advanced_poll:2.0.2 CVE-2003-1178 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:45.560-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov VIM Advanced Poll v2.02 :) <= Remote File Inclusion BUGTRAQ 20031025 Advanced Poll : PHP Code Injection, File Include, Phpinfo BUGTRAQ 20061008 Advanced Poll v2.02 :) <= Remote File Inclusion BID 8890 XF advancedpoll-php-injection(13513) XF advanced-poll-comments-file-include(29396) Eval injection vulnerability in comments.php in Advanced Poll 2.0.2 allows remote attackers to execute arbitrary PHP code via the (1) id, (2) template_set, or (3) action parameter. cpe:/a:advanced_poll:advanced_poll:2.0.0 cpe:/a:advanced_poll:advanced_poll:2.0.1 cpe:/a:advanced_poll:advanced_poll:2.0.2 CVE-2003-1179 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:46.217-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS MISC http://www.phpsecure.info/v2/tutos/frog/AdvancedPoll2.0.2.txt BUGTRAQ 20031025 Advanced Poll : PHP Code Injection, File Include, Phpinfo BUGTRAQ 20060721 SolpotCrew Advisory #2 - Advanced Poll ver 2.02 (base_path) Remote File Inclusion BID 19105 BID 8890 MISC http://www.solpotcrew.org/adv/solpot-adv-02.txt XF advancedpoll-php-file-include(13514) Multiple PHP remote file inclusion vulnerabilities in Advanced Poll 2.0.2 allow remote attackers to execute arbitrary PHP code via the include_path parameter in (1) booth.php, (2) png.php, (3) poll_ssi.php, or (4) popup.php, the (5) base_path parameter to common.inc.php. cpe:/a:advanced_poll:advanced_poll:2.0.0 cpe:/a:advanced_poll:advanced_poll:2.0.1 cpe:/a:advanced_poll:advanced_poll:2.0.2 CVE-2003-1180 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:48.430-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20031025 Advanced Poll : PHP Code Injection, File Include, Phpinfo BID 8890 XF advancedpoll-php-file-include(13514) Directory traversal vulnerability in Advanced Poll 2.0.2 allows remote attackers to read arbitrary files or inject arbitrary local PHP files via .. sequences in the base_path or pollvars[lang] parameters to the admin files (1) index.php, (2) admin_tpl_new.php, (3) admin_tpl_misc_new.php, (4) admin_templates_misc.php, (5) admin_templates.php, (6) admin_stats.php, (7) admin_settings.php, (8) admin_preview.php, (9) admin_password.php, (10) admin_logout.php, (11) admin_license.php, (12) admin_help.php, (13) admin_embed.php, (14) admin_edit.php, or (15) admin_comment.php. cpe:/a:advanced_poll:advanced_poll:2.0.2 CVE-2003-1181 2003-10-25T00:00:00.000-04:00 2017-07-10T21:29:48.477-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20031025 Advanced Poll : PHP Code Injection, File Include, Phpinfo BID 8890 XF advancedpoll-phpinfo-obtain-information(13515) Advanced Poll 2.0.2 allows remote attackers to obtain sensitive information via an HTTP request to info.php, which invokes the phpinfo() function. cpe:/a:mpm:mpm_guestbook:1.2 CVE-2003-1182 2003-11-03T00:00:00.000-05:00 2017-07-10T21:29:48.540-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BID 8958 XF mpmguestbook-ing-xss(13575) Cross-site scripting (XSS) vulnerability in MPM Guestbook 1.2 allows remote attackers to inject arbitrary web script or HTML via the lng parameter. cpe:/a:oracle:oracle_files:9.0.3.1.0 cpe:/a:oracle:oracle_files:9.0.3.2.0 cpe:/a:oracle:oracle_files:9.0.3.3.0 CVE-2003-1183 2003-10-28T00:00:00.000-05:00 2017-07-10T21:29:48.603-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONFIRM http://www.oracle.com/technology/deploy/security/pdf/2003alert60.pdf BID 8923 XF oraclecollaborationsuite-file-access(13545) The WebCache component in Oracle Files 9.0.3.1.0, 9.0.3.2.0, and 9.0.3.3.0 of Oracle Collaboration Suite Release 1 caches files despite the cacheability rules imposed by Oracle Files, which allows local users to gain access. CVE-2003-1184 2003-11-03T00:00:00.000-05:00 2017-07-10T21:29:48.667-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov CONFIRM http://sourceforge.net/project/shownotes.php?release_id=195009 BID 8959 XF thwboard-multiple-fields-xss(13582) Multiple cross-site scripting (XSS) vulnerabilities in ThWboard Beta 2.8 and 2.81 allow remote attackers to inject arbitrary web script or HTML via (1) time in board.php, (2) the profile Homepage-Feld, (3) pictures, and (4) other "Diverse XSS Bugs." cpe:/a:thwboard:thwboard:2.8_beta cpe:/a:thwboard:thwboard:2.81_beta CVE-2003-1185 2003-11-03T00:00:00.000-05:00 2017-07-10T21:29:48.727-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS CONFIRM http://sourceforge.net/project/shownotes.php?release_id=195009 BID 8961 XF thwboard-multiple-sql-injection(13583) Multiple SQL injection vulnerabilities in ThWboard before Beta 2.8.2 allow remote attackers to inject arbitrary SQL commands via various vectors including (1) Admin-Center, (2) Announcements, (3) admin/calendar.php, and (4) showevent.php. cpe:/a:telcondex:simplewebserver:2.12.30210_build3285 CVE-2003-1186 2003-10-29T00:00:00.000-05:00 2017-07-10T21:29:48.777-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20031029 TelCondex SimpleWebserver Buffer Overflow BID 8925 XF simplewebserver-referer-bo(13549) Buffer overflow in TelCondex SimpleWebServer 2.12.30210 Build3285 allows remote attackers to execute arbitrary code via a long HTTP Referer header. cpe:/a:phpkit:phpkit:1.6.02 cpe:/a:phpkit:phpkit:1.6.03 CVE-2003-1187 2003-11-02T00:00:00.000-05:00 2017-07-10T21:29:48.837-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS MISC http://badwebmasters.net/advisory/017/ FULLDISC 20031102 [bWM#017] Cross-Site-Scripting @ PHPKIT BID 8960 XF phpkit-include-xss(13590) Cross-site scripting (XSS) vulnerability in include.php in PHPKIT 1.6.02 and 1.6.03 allows remote attackers to inject arbitrary web script or HTML via the contact_email parameter. cpe:/a:unichat:unichat:2.0 CVE-2003-1188 2003-11-02T00:00:00.000-05:00 2017-07-10T21:29:48.887-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20031102 Unichat Vulnerabilities BID 8962 XF unichat-nonalphanumeric-character-dos(13610) Unichat allows remote attackers to cause a denial of service (crash) by adding extra chat characters (avatars) and logging in to a chat room, as demonstrated using duplicate ACTOR entries in u2res000.rit. cpe:/o:nokia:ipso:3.7 CVE-2003-1189 2003-10-29T00:00:00.000-05:00 2017-07-10T21:29:48.947-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SECTRACK 1007992 BID 8928 XF nokia-ipso-ipcluster-dos(13539) Unknown vulnerability in Nokia IPSO 3.7, configured as IP Clusters, allows remote attackers to cause a denial of service via unknown attack vectors. cpe:/a:phprecipebook:phprecipebook:1.24 cpe:/a:phprecipebook:phprecipebook:1.25 cpe:/a:phprecipebook:phprecipebook:1.26 cpe:/a:phprecipebook:phprecipebook:1.26a cpe:/a:phprecipebook:phprecipebook:1.27 cpe:/a:phprecipebook:phprecipebook:1.27a cpe:/a:phprecipebook:phprecipebook:1.30 cpe:/a:phprecipebook:phprecipebook:1.30a cpe:/a:phprecipebook:phprecipebook:1.31 cpe:/a:phprecipebook:phprecipebook:2.04 cpe:/a:phprecipebook:phprecipebook:2.05 cpe:/a:phprecipebook:phprecipebook:2.06 cpe:/a:phprecipebook:phprecipebook:2.10 cpe:/a:phprecipebook:phprecipebook:2.11 cpe:/a:phprecipebook:phprecipebook:2.12 cpe:/a:phprecipebook:phprecipebook:2.13 cpe:/a:phprecipebook:phprecipebook:2.14 cpe:/a:phprecipebook:phprecipebook:2.15 cpe:/a:phprecipebook:phprecipebook:2.16 cpe:/a:phprecipebook:phprecipebook:2.17 CVE-2003-1190 2003-11-03T00:00:00.000-05:00 2017-07-10T21:29:49.010-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov CONFIRM http://sourceforge.net/project/shownotes.php?release_id=193940 BID 8963 XF phprecipebook-recipe-xss(13574) Cross-site scripting (XSS) vulnerability in PHPRecipeBook 1.24 through 2.17 allows remote attackers to inject arbitrary web script or HTML via a recipe. cpe:/a:e107:e107:0.545 cpe:/a:e107:e107:0.603 CVE-2003-1191 2003-10-29T00:00:00.000-05:00 2017-07-10T21:29:49.073-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20031029 E107 DoS vulnerability BID 8930 XF e107chatboxdos(13553) chatbox.php in e107 0.554 and 0.603 allows remote attackers to cause a denial of service (pages fail to load) via HTML in the Name field, which prevents the main.php form from being loaded. cpe:/a:truenorth_software:ia_webmail_server:3.0 cpe:/a:truenorth_software:ia_webmail_server:3.1 CVE-2003-1192 2003-11-03T00:00:00.000-05:00 2017-07-10T21:29:49.137-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SECTRACK 1008075 VULNWATCH 20031103 IA WebMail Server 3.x Buffer Overflow Vulnerability MISC http://www.securiteam.com/windowsntfocus/6B002158UQ.html BID 8965 XF iawebmailserver-get-bo(13580) Stack-based buffer overflow in IA WebMail Server 3.1.0 allows remote attackers to execute arbitrary code via a long GET request. cpe:/a:oracle:application_server_portal:3.0.9.8.5 cpe:/a:oracle:application_server_portal:9.0.2.3 cpe:/a:oracle:application_server_portal:9.0.2.3a cpe:/a:oracle:application_server_portal:9.0.2.3b cpe:/a:oracle:oracle9i:9.0.2 cpe:/a:oracle:oracle9i:9.0.2.0.0 cpe:/a:oracle:oracle9i:9.0.2.0.1 cpe:/a:oracle:oracle9i:9.0.2.1 cpe:/a:oracle:oracle9i:9.0.2.2 cpe:/a:oracle:oracle9i:9.0.2.3 CVE-2003-1193 2003-11-03T00:00:00.000-05:00 2017-07-10T21:29:49.197-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONFIRM http://otn.oracle.com/deploy/security/pdf/2003alert61.pdf BUGTRAQ 20031105 Multiple SQL Injection Vulnerabilities in Oracle Application Server 9i and RDBMS (#NISR05112003) BID 8966 XF oracle-portal-sql-injection(13593) Multiple SQL injection vulnerabilities in the Portal DB (1) List of Values (LOVs), (2) Forms, (3) Hierarchy, and (4) XML components packages in Oracle Oracle9i Application Server 9.0.2.00 through 3.0.9.8.5 allow remote attackers to execute arbitrary SQL commands via the URL. cpe:/a:booby:booby:0.1 cpe:/a:booby:booby:0.1.1 cpe:/a:booby:booby:0.1.2 cpe:/a:booby:booby:0.1.3 cpe:/a:booby:booby:0.2 cpe:/a:booby:booby:0.2.1 cpe:/a:booby:booby:0.2.2 cpe:/a:booby:booby:0.2.3 cpe:/a:booby:booby:0.3 CVE-2003-1194 2003-10-30T00:00:00.000-05:00 2017-07-10T21:29:49.260-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS SECTRACK 1008056 CONFIRM http://sourceforge.net/project/shownotes.php?release_id=193878 BID 8932 XF booby-error-message-xss(13557) Cross-site scripting (XSS) vulnerability in Booby .1 through 0.2.3 allows remote attackers to inject arbitrary web script or HTML via the error message. CVE-2003-1195 2003-11-23T00:00:00.000-05:00 2017-07-10T21:29:49.323-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS FULLDISC 20031123 VieNuke VieBoard SQL Injection Vulnerability... again XF vieboard-getmember-sql-injection(13819) SQL injection vulnerability in getmember.asp in VieBoard 2.6 Beta 1 allows remote attackers to execute arbitrary SQL commands via the msn variable. cpe:/a:vienuke:vieboard:2.6 cpe:/a:vienuke:vieboard:2.6_beta_1 CVE-2003-1196 2003-11-03T00:00:00.000-05:00 2017-07-10T21:29:49.387-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BID 8967 XF vieboard-viewtopic-sql-injection(13629) SQL injection vulnerability in viewtopic.asp in VieBoard 2.6 allows remote attackers to execute arbitrary SQL commands via the forumid parameter. CVE-2003-1197 2003-10-30T00:00:00.000-05:00 2017-07-10T21:29:49.447-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20031030 Multiple Vulnerabilities in Led-Forums BID 8934 XF ledforums-indexphp-xss(13562) XF ledforums-topicfield-redirect(13563) Cross-site scripting (XSS) vulnerability in index.php for Ledscripts.com LedForums Beta 1 allows remote attackers to inject arbitrary web script or HTML via the (1) top_message parameter or (2) topic field of a new thread. cpe:/a:cherokee:cherokee_httpd:0.1 cpe:/a:cherokee:cherokee_httpd:0.1.5 cpe:/a:cherokee:cherokee_httpd:0.1.6 cpe:/a:cherokee:cherokee_httpd:0.2 cpe:/a:cherokee:cherokee_httpd:0.2.5 cpe:/a:cherokee:cherokee_httpd:0.2.6 cpe:/a:cherokee:cherokee_httpd:0.2.7 cpe:/a:cherokee:cherokee_httpd:0.4.6 CVE-2003-1198 2003-12-26T00:00:00.000-05:00 2017-07-10T21:29:49.493-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONFIRM http://freshmeat.net/redir/cherokee/20646/url_changelog/ChangeLog BID 9345 XF cherokee-post-request-dos(14119) connection.c in Cherokee web server before 0.4.6 allows remote attackers to cause a denial of service via an HTTP POST request without a Content-Length header field. cpe:/a:myproxy:myproxy:2003-06-29 CVE-2003-1199 2004-03-11T00:00:00.000-05:00 2017-07-10T21:29:49.540-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030311 XSS in MyProxy 20030629 BID 9846 XF myproxy-xss(15438) Cross-site scripting (XSS) vulnerability in MyProxy 20030629 allows remote attackers to inject arbitrary web script or HTML via the URL. cpe:/a:alt-n:mdaemon:6.5.2 cpe:/a:alt-n:mdaemon:6.7.5 cpe:/a:alt-n:mdaemon:6.7.9 cpe:/a:alt-n:mdaemon:6.8.0 cpe:/a:alt-n:mdaemon:6.8.1 cpe:/a:alt-n:mdaemon:6.8.2 cpe:/a:alt-n:mdaemon:6.8.3 cpe:/a:alt-n:mdaemon:6.8.4 cpe:/a:alt-n:mdaemon:6.8.5 CVE-2003-1200 2003-12-29T00:00:00.000-05:00 2017-07-10T21:29:49.603-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20040314 Rosiello Security's exploit for MDaemon BUGTRAQ 20031229 [Hat-Squad] Remote buffer overflow in Mdaemon Raw message Handler BID 9317 XF mdaemon-form2raw-from-bo(14097) Stack-based buffer overflow in FORM2RAW.exe in Alt-N MDaemon 6.5.2 through 6.8.5 allows remote attackers to execute arbitrary code via a long From parameter to Form2Raw.cgi. cpe:/a:openldap:openldap:2.0 cpe:/a:openldap:openldap:2.0.1 cpe:/a:openldap:openldap:2.0.2 cpe:/a:openldap:openldap:2.0.3 cpe:/a:openldap:openldap:2.0.4 cpe:/a:openldap:openldap:2.0.5 cpe:/a:openldap:openldap:2.0.6 cpe:/a:openldap:openldap:2.0.7 cpe:/a:openldap:openldap:2.0.8 cpe:/a:openldap:openldap:2.0.9 cpe:/a:openldap:openldap:2.0.10 cpe:/a:openldap:openldap:2.0.11 cpe:/a:openldap:openldap:2.0.11_9 cpe:/a:openldap:openldap:2.0.11_11 cpe:/a:openldap:openldap:2.0.11_11s cpe:/a:openldap:openldap:2.0.12 cpe:/a:openldap:openldap:2.0.13 cpe:/a:openldap:openldap:2.0.14 cpe:/a:openldap:openldap:2.0.15 cpe:/a:openldap:openldap:2.0.16 cpe:/a:openldap:openldap:2.0.17 cpe:/a:openldap:openldap:2.0.18 cpe:/a:openldap:openldap:2.0.19 cpe:/a:openldap:openldap:2.0.20 cpe:/a:openldap:openldap:2.0.21 cpe:/a:openldap:openldap:2.0.22 cpe:/a:openldap:openldap:2.0.23 cpe:/a:openldap:openldap:2.0.25 cpe:/a:openldap:openldap:2.0.27 cpe:/a:openldap:openldap:2.1.4 cpe:/a:openldap:openldap:2.1.10 cpe:/a:openldap:openldap:2.1.11 cpe:/a:openldap:openldap:2.1.12 cpe:/a:openldap:openldap:2.1.13 cpe:/a:openldap:openldap:2.1.14 cpe:/a:openldap:openldap:2.1.15 cpe:/a:openldap:openldap:2.1.16 CVE-2003-1201 2003-03-20T00:00:00.000-05:00 2017-07-10T21:29:49.667-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONECTIVA CLSA-2003:685 GENTOO GLSA-200403-12 CONFIRM http://www.openldap.org/its/index.cgi?findid=2390 BID 7656 XF openldap-back-ldbm-dos(12520) ldbm_back_exop_passwd in the back-ldbm backend in passwd.c for OpenLDAP 2.1.12 and earlier, when the slap_passwd_parse function does not return LDAP_SUCCESS, attempts to free an uninitialized pointer, which allows remote attackers to cause a denial of service (segmentation fault). cpe:/a:omail:omail_webmail:0.97.3 cpe:/a:omail:omail_webmail:0.98.4 CVE-2003-1202 2003-08-19T00:00:00.000-04:00 2017-07-10T21:29:49.727-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030821 Remote Execution of Commands in Omail Webmail 0.98.4 and earlier BUGTRAQ 20030821 Re: Remote Execution of Commands in Omail Webmail 0.98.4 and earlier BID 8451 XF omailwebmail-checklogin-code-execution(12948) The checklogin function in omail.pl for omail webmail 0.98.4 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in a (1) password, (2) domainname, or (3) username. cpe:/a:mambo:mambo_site_server:4.0.10 CVE-2003-1203 2003-03-18T00:00:00.000-05:00 2017-07-10T21:29:49.777-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030318 Some XSS vulns BID 7135 XF mambo-option-index-xss(11601) Cross-site scripting (XSS) vulnerability in index.php for Mambo Site Server 4.0.10 allows remote attackers to execute script on other clients via the ?option parameter. CVE-2003-1204 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:49.837-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030110 Mambo Site Server Remote Code Execution BID 6571 XF mambo-multiple-scripts-xss(11050) Multiple cross-site scripting (XSS) vulnerabilities in Mambo Site Server 4.0.12 BETA and earlier allow remote attackers to execute script on other clients via (1) the link parameter in sectionswindow.php, the directory parameter in (2) gallery.php, (3) navigation.php, or (4) uploadimage.php, the path parameter in (5) view.php, (6) the choice parameter in upload.php, (7) the sitename parameter in mambosimple.php, (8) the type parameter in upload.php, or the id parameter in (9) emailarticle.php, (10) emailfaq.php, or (11) emailnews.php. cpe:/a:crob:crob_ftp_server:2.60.1 CVE-2003-1205 2003-08-06T00:00:00.000-04:00 2017-07-10T21:29:49.917-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030806 DoS Vulnerabilities in Crob FTP Server 2.60.1 MISC http://www.crob.net/studio/ftpserver/ XF crob-rename-file-dos(12838) Crob FTP Server 2.60.1 allows remote authenticated users to cause a denial of service (crash) by renaming a file to the "con" MS-DOS device name. cpe:/a:crob:crob_ftp_server:2.60.1 CVE-2003-1206 2003-06-03T00:00:00.000-04:00 2017-07-10T21:29:49.963-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030806 DoS Vulnerabilities in Crob FTP Server 2.60.1 MISC http://www.crob.net/studio/ftpserver/ BUGTRAQ 20030807 Re: DoS Vulnerabilities in Crob FTP Server 2.60.1 XF crob-login-dos(12834) Format string vulnerability in Crob FTP Server 2.60.1 allows remote attackers to cause a denial of service (crash) via "%s" or "%n" sequences in (1) the username during login, or other FTP commands such as (2) dir. cpe:/a:crob:crob_ftp_server:3.5.1 CVE-2003-1207 2004-02-01T00:00:00.000-05:00 2017-07-10T21:29:50.027-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SECTRACK 1008908 BUGTRAQ 20040201 Vulnerabilities in Crob FTP Server V3.5.1 BID 9549 XF crob-dir-dos(15105) Crob FTP Server 3.5.1 allows remote authenticated users to cause a denial of service (crash) via a dir command with a large number of "." characters followed by a "/*" string. cpe:/a:oracle:oracle9i:enterprise_9.0.1 cpe:/a:oracle:oracle9i:enterprise_9.2.0 cpe:/a:oracle:oracle9i:enterprise_9.2.0.1 cpe:/a:oracle:oracle9i:enterprise_9.2.0.2 cpe:/a:oracle:oracle9i:personal_9.0.1 cpe:/a:oracle:oracle9i:personal_9.2 cpe:/a:oracle:oracle9i:personal_9.2.0.1 cpe:/a:oracle:oracle9i:personal_9.2.0.2 cpe:/a:oracle:oracle9i:standard_9.0 cpe:/a:oracle:oracle9i:standard_9.0.1 cpe:/a:oracle:oracle9i:standard_9.0.1.2 cpe:/a:oracle:oracle9i:standard_9.0.1.3 cpe:/a:oracle:oracle9i:standard_9.0.1.4 cpe:/a:oracle:oracle9i:standard_9.0.2 cpe:/a:oracle:oracle9i:standard_9.2 cpe:/a:oracle:oracle9i:standard_9.2.0.1 cpe:/a:oracle:oracle9i:standard_9.2.0.2 CVE-2003-1208 2004-12-03T00:00:00.000-05:00 2017-07-10T21:29:50.087-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20040205 Oracle Database 9ir2 Interval Conversion Functions Buffer Overflow CIAC O-093 CERT-VN VU#240174 CERT-VN VU#399806 CERT-VN VU#819126 CERT-VN VU#846582 MISC http://www.nextgenss.com/advisories/ora_from_tz.txt MISC http://www.nextgenss.com/advisories/ora_numtodsinterval.txt MISC http://www.nextgenss.com/advisories/ora_numtoyminterval.txt MISC http://www.nextgenss.com/advisories/ora_time_zone.txt BID 9587 XF oracle-multiple-function-bo(15060) Multiple buffer overflows in Oracle 9i 9 before 9.2.0.3 allow local users to execute arbitrary code by (1) setting the TIME_ZONE session parameter to a long value, or providing long parameters to the (2) NUMTOYMINTERVAL, (3) NUMTODSINTERVAL or (4) FROM_TZ functions. cpe:/a:monkey-project:monkey_http_daemon:0.1.1 cpe:/a:monkey-project:monkey_http_daemon:0.5.2 cpe:/a:monkey-project:monkey_http_daemon:0.6.0 cpe:/a:monkey-project:monkey_http_daemon:0.6.1 CVE-2003-1209 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:50.137-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONFIRM http://monkeyd.sourceforge.net/Changelog.txt BID 7201 XF monkey-content-type-dos(11650) The Post_Method function in Monkey HTTP Daemon before 0.6.2 allows remote attackers to cause a denial of service (crash) via a POST request without a Content-Type header. cpe:/a:francisco_burzi:php-nuke:6.5 cpe:/a:francisco_burzi:php-nuke:6.5_beta1 cpe:/a:francisco_burzi:php-nuke:6.5_final cpe:/a:francisco_burzi:php-nuke:6.5_rc1 cpe:/a:francisco_burzi:php-nuke:6.5_rc2 cpe:/a:francisco_burzi:php-nuke:6.5_rc3 CVE-2003-1210 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:50.197-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030513 More and More SQL injection on PHP-Nuke 6.5. BID 7588 XF phpnuke-multiple-sql-injection(11984) Multiple SQL injection vulnerabilities in the Downloads module for PHP-Nuke 5.x through 6.5 allow remote attackers to execute arbitrary SQL commands via the (1) lid parameter to the getit function or the (2) min parameter to the search function. CVE-2003-1211 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:50.243-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030606 Critical Vulnerabilities In Max Web Portal BID 7837 XF maxwebportal-search-xss(12277) Cross-site scripting (XSS) vulnerability in search.asp for MaxWebPortal 1.30 and possibly earlier versions allows remote attackers to inject arbitrary web script or HTML via the Search parameter. CVE-2003-1212 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:50.323-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030606 Critical Vulnerabilities In Max Web Portal BID 7837 XF maxwebportal-form-field-modify(12278) MaxWebPortal 1.30 allows remote attackers to perform unauthorized actions by modifying hidden form fields, such as the (1) news, (2) lock, or (3) allmem fields in the 'start new topic' HTML page. cpe:/a:maxwebportal:maxwebportal:1.30 CVE-2003-1213 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:50.370-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030606 Critical Vulnerabilities In Max Web Portal BID 7837 XF maxwebportal-database-access(12279) The default installation of MaxWebPortal 1.30 stores the portal database under the web document root with insecure access control, which allows remote attackers to obtain sensitive information via a direct request to database/db2000.mdb. cpe:/a:visualshapers:ezcontents:1.40 cpe:/a:visualshapers:ezcontents:1.41 cpe:/a:visualshapers:ezcontents:1.42 cpe:/a:visualshapers:ezcontents:1.43 cpe:/a:visualshapers:ezcontents:1.44 cpe:/a:visualshapers:ezcontents:1.45 cpe:/a:visualshapers:ezcontents:1.45b cpe:/a:visualshapers:ezcontents:2.0.1 cpe:/a:visualshapers:ezcontents:2.0.2 cpe:/a:visualshapers:ezcontents:2.0_rc1 cpe:/a:visualshapers:ezcontents:2.0_rc2 cpe:/a:visualshapers:ezcontents:2.0_rc3 CVE-2003-1214 2004-02-11T00:00:00.000-05:00 2017-07-10T21:29:50.417-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CONFIRM http://www.ezcontents.org/forum/viewtopic.php?t=361 XF ezcontents-login-bypass(15136) Unknown vulnerability in the server login for VisualShapers ezContents 2.02 and earlier allows remote attackers to bypass access restrictions and gain access to restricted functions. cpe:/a:phpbb_group:phpbb:1.0.0 cpe:/a:phpbb_group:phpbb:1.2.0 cpe:/a:phpbb_group:phpbb:1.2.1 cpe:/a:phpbb_group:phpbb:1.4.0 cpe:/a:phpbb_group:phpbb:1.4.1 cpe:/a:phpbb_group:phpbb:1.4.2 cpe:/a:phpbb_group:phpbb:1.4.4 cpe:/a:phpbb_group:phpbb:2.0.0 cpe:/a:phpbb_group:phpbb:2.0.1 cpe:/a:phpbb_group:phpbb:2.0.2 cpe:/a:phpbb_group:phpbb:2.0.3 cpe:/a:phpbb_group:phpbb:2.0.4 cpe:/a:phpbb_group:phpbb:2.0.5 cpe:/a:phpbb_group:phpbb:2.0.6 cpe:/a:phpbb_group:phpbb:2.0_beta1 cpe:/a:phpbb_group:phpbb:2.0_rc1 cpe:/a:phpbb_group:phpbb:2.0_rc2 cpe:/a:phpbb_group:phpbb:2.0_rc3 cpe:/a:phpbb_group:phpbb:2.0_rc4 CVE-2003-1215 2003-12-29T00:00:00.000-05:00 2017-07-10T21:29:50.477-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20031229 SQL Injection in phpBB's groupcp.php CONFIRM http://www.phpbb.com/phpBB/viewtopic.php?f=14&t=161943 BID 9314 XF phpbb-groupcp-sql-injection(14096) SQL injection vulnerability in groupcp.php for phpBB 2.0.6 and earlier allows group moderators to perform unauthorized activities via the sql_in parameter. cpe:/a:phpbb_group:phpbb:1.0.0 cpe:/a:phpbb_group:phpbb:1.2.0 cpe:/a:phpbb_group:phpbb:1.2.1 cpe:/a:phpbb_group:phpbb:1.4.0 cpe:/a:phpbb_group:phpbb:1.4.1 cpe:/a:phpbb_group:phpbb:1.4.2 cpe:/a:phpbb_group:phpbb:1.4.4 cpe:/a:phpbb_group:phpbb:2.0.0 cpe:/a:phpbb_group:phpbb:2.0.1 cpe:/a:phpbb_group:phpbb:2.0.2 cpe:/a:phpbb_group:phpbb:2.0.3 cpe:/a:phpbb_group:phpbb:2.0.4 cpe:/a:phpbb_group:phpbb:2.0.5 cpe:/a:phpbb_group:phpbb:2.0.6 cpe:/a:phpbb_group:phpbb:2.0_beta1 cpe:/a:phpbb_group:phpbb:2.0_rc1 cpe:/a:phpbb_group:phpbb:2.0_rc2 cpe:/a:phpbb_group:phpbb:2.0_rc3 cpe:/a:phpbb_group:phpbb:2.0_rc4 CVE-2003-1216 2003-11-27T00:00:00.000-05:00 2017-07-10T21:29:50.540-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20031127 phpBB 2.06 search.php SQL injection BUGTRAQ 20031128 [Hat-Squad] phpBB search_id injection exploit BUGTRAQ 20031220 phpBB v2.06 search_id sql injection exploit CONFIRM http://www.phpbb.com/phpBB/viewtopic.php?t=153818 BID 9122 XF phpbb-searchphp-sql-injection(13867) SQL injection vulnerability in search.php for phpBB 2.0.6 and earlier allows remote attackers to execute arbitrary SQL and gain privileges via the search_id parameter. CVE-2003-1217 2017-05-11T10:29:01.387-04:00 2017-05-11T10:29:01.387-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. CVE-2003-1218 2017-05-11T10:29:01.400-04:00 2017-05-11T10:29:01.400-04:00 ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2003. Notes: none. cpe:/a:oscommerce:oscommerce:2.2_ms2 CVE-2003-1219 2003-12-31T00:00:00.000-05:00 2012-12-12T21:24:28.620-05:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov MLIST [tep-commits] 20031217 [TEP-COMMIT] CVS: catalog/catalog/includes/functions html_output.php,1.58,1.59 CONFIRM http://www.oscommerce.com/community/bugs,1546 BUGTRAQ 20031217 osCommerce Malformed Session ID XSS Vuln BID 9238 Cross-site scripting (XSS) vulnerability in the tep_href_link function in html_output.php for osCommerce before 2.2-MS3 allows remote attackers to inject arbitrary web script or HTML via the osCsid parameter. cpe:/a:bea:weblogic_server:6.1 cpe:/a:bea:weblogic_server:6.1::express cpe:/a:bea:weblogic_server:6.1::win32 cpe:/a:bea:weblogic_server:6.1:sp1 cpe:/a:bea:weblogic_server:6.1:sp1:express cpe:/a:bea:weblogic_server:6.1:sp1:win32 cpe:/a:bea:weblogic_server:6.1:sp2 cpe:/a:bea:weblogic_server:6.1:sp2:express cpe:/a:bea:weblogic_server:6.1:sp2:win32 cpe:/a:bea:weblogic_server:6.1:sp3 cpe:/a:bea:weblogic_server:6.1:sp3:express cpe:/a:bea:weblogic_server:6.1:sp4 cpe:/a:bea:weblogic_server:6.1:sp4:express cpe:/a:bea:weblogic_server:6.1:sp4:win32 cpe:/a:bea:weblogic_server:6.1:sp5 cpe:/a:bea:weblogic_server:6.1:sp5:express cpe:/a:bea:weblogic_server:6.1:sp5:win32 cpe:/a:bea:weblogic_server:7.0 cpe:/a:bea:weblogic_server:7.0::express cpe:/a:bea:weblogic_server:7.0::win32 cpe:/a:bea:weblogic_server:7.0:sp1 cpe:/a:bea:weblogic_server:7.0:sp1:express cpe:/a:bea:weblogic_server:7.0:sp1:win32 cpe:/a:bea:weblogic_server:7.0:sp2 cpe:/a:bea:weblogic_server:7.0:sp2:express cpe:/a:bea:weblogic_server:7.0:sp3 cpe:/a:bea:weblogic_server:7.0:sp3:express cpe:/a:bea:weblogic_server:7.0:sp3:win32 cpe:/a:bea:weblogic_server:7.0:sp4:win32 cpe:/a:bea:weblogic_server:7.0.0.1 cpe:/a:bea:weblogic_server:7.0.0.1::express cpe:/a:bea:weblogic_server:7.0.0.1::win32 cpe:/a:bea:weblogic_server:7.0.0.1:sp1 cpe:/a:bea:weblogic_server:7.0.0.1:sp1:express cpe:/a:bea:weblogic_server:7.0.0.1:sp1:win32 cpe:/a:bea:weblogic_server:7.0.0.1:sp2 cpe:/a:bea:weblogic_server:7.0.0.1:sp2:express cpe:/a:bea:weblogic_server:7.0.0.1:sp2:win32 cpe:/a:bea:weblogic_server:8.1 cpe:/a:bea:weblogic_server:8.1::express cpe:/a:bea:weblogic_server:8.1:sp1 cpe:/a:bea:weblogic_server:8.1:sp1:express CVE-2003-1220 2003-12-31T00:00:00.000-05:00 2008-09-10T15:22:38.913-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-09-01T17:00:00.000-04:00 BEA BEA03-39.00 BID 9034 BEA WebLogic Server proxy plugin for BEA Weblogic Express and Server 6.1 through 8.1 SP 1 allows remote attackers to cause a denial of service (proxy plugin crash) via a malformed URL. cpe:/a:bea:weblogic_server:7.0 cpe:/a:bea:weblogic_server:7.0::express cpe:/a:bea:weblogic_server:7.0::win32 cpe:/a:bea:weblogic_server:7.0:sp1 cpe:/a:bea:weblogic_server:7.0:sp1:express cpe:/a:bea:weblogic_server:7.0:sp1:win32 cpe:/a:bea:weblogic_server:7.0:sp2 cpe:/a:bea:weblogic_server:7.0:sp2:express cpe:/a:bea:weblogic_server:7.0:sp2:win32 cpe:/a:bea:weblogic_server:7.0:sp3 cpe:/a:bea:weblogic_server:7.0:sp3:express cpe:/a:bea:weblogic_server:7.0:sp3:win32 cpe:/a:bea:weblogic_server:7.0:sp4:win32 cpe:/a:bea:weblogic_server:7.0.0.1 cpe:/a:bea:weblogic_server:7.0.0.1::express cpe:/a:bea:weblogic_server:7.0.0.1::win32 cpe:/a:bea:weblogic_server:7.0.0.1:sp1 cpe:/a:bea:weblogic_server:7.0.0.1:sp1:express cpe:/a:bea:weblogic_server:7.0.0.1:sp1:win32 cpe:/a:bea:weblogic_server:7.0.0.1:sp2 cpe:/a:bea:weblogic_server:7.0.0.1:sp2:express cpe:/a:bea:weblogic_server:7.0.0.1:sp2:win32 cpe:/a:bea:weblogic_server:8.1 cpe:/a:bea:weblogic_server:8.1::express cpe:/a:bea:weblogic_server:8.1:sp1 cpe:/a:bea:weblogic_server:8.1:sp1:express CVE-2003-1221 2003-12-31T00:00:00.000-05:00 2008-09-10T15:22:38.993-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-09-02T09:45:00.000-04:00 BEA BEA03-40.00 BID 9034 BEA WebLogic Express and Server 7.0 through 8.1 SP 1, under certain circumstances when a request to use T3 over SSL (t3s) is made to the insecure T3 port, may use a non-SSL connection for the communication, which could allow attackers to sniff sessions. cpe:/a:bea:weblogic_server:8.1 cpe:/a:bea:weblogic_server:8.1::express cpe:/a:bea:weblogic_server:8.1:sp1 cpe:/a:bea:weblogic_server:8.1:sp1:express CVE-2003-1222 2003-12-31T00:00:00.000-05:00 2008-09-10T15:22:39.290-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2005-09-02T09:45:00.000-04:00 BEA BEA03-41.00 BID 9034 BEA Weblogic Express and Server 8.0 through 8.1 SP 1, when using a foreign Java Message Service (JMS) provider, echoes the password for the foreign provider to the console and stores it in cleartext in config.xml, which could allow attackers to obtain the password. cpe:/a:bea:weblogic_server:6.1 cpe:/a:bea:weblogic_server:6.1::express cpe:/a:bea:weblogic_server:6.1::win32 cpe:/a:bea:weblogic_server:6.1:sp1 cpe:/a:bea:weblogic_server:6.1:sp1:express cpe:/a:bea:weblogic_server:6.1:sp1:win32 cpe:/a:bea:weblogic_server:6.1:sp2 cpe:/a:bea:weblogic_server:6.1:sp2:express cpe:/a:bea:weblogic_server:6.1:sp2:win32 cpe:/a:bea:weblogic_server:6.1:sp3 cpe:/a:bea:weblogic_server:6.1:sp3:express cpe:/a:bea:weblogic_server:6.1:sp3:win32 cpe:/a:bea:weblogic_server:6.1:sp4 cpe:/a:bea:weblogic_server:6.1:sp4:express cpe:/a:bea:weblogic_server:6.1:sp4:win32 cpe:/a:bea:weblogic_server:6.1:sp5 cpe:/a:bea:weblogic_server:6.1:sp5:express cpe:/a:bea:weblogic_server:6.1:sp5:win32 cpe:/a:bea:weblogic_server:7.0 cpe:/a:bea:weblogic_server:7.0::express cpe:/a:bea:weblogic_server:7.0::win32 cpe:/a:bea:weblogic_server:7.0:sp1 cpe:/a:bea:weblogic_server:7.0:sp1:express cpe:/a:bea:weblogic_server:7.0:sp1:win32 cpe:/a:bea:weblogic_server:7.0:sp2 cpe:/a:bea:weblogic_server:7.0:sp2:express cpe:/a:bea:weblogic_server:7.0:sp2:win32 cpe:/a:bea:weblogic_server:7.0:sp3 cpe:/a:bea:weblogic_server:7.0:sp3:express cpe:/a:bea:weblogic_server:7.0:sp3:win32 cpe:/a:bea:weblogic_server:7.0:sp4:win32 cpe:/a:bea:weblogic_server:7.0.0.1 cpe:/a:bea:weblogic_server:7.0.0.1::express cpe:/a:bea:weblogic_server:7.0.0.1::win32 cpe:/a:bea:weblogic_server:7.0.0.1:sp1 cpe:/a:bea:weblogic_server:7.0.0.1:sp1:express cpe:/a:bea:weblogic_server:7.0.0.1:sp1:win32 cpe:/a:bea:weblogic_server:7.0.0.1:sp2 cpe:/a:bea:weblogic_server:7.0.0.1:sp2:express cpe:/a:bea:weblogic_server:7.0.0.1:sp2:win32 cpe:/a:bea:weblogic_server:8.1 cpe:/a:bea:weblogic_server:8.1::express cpe:/a:bea:weblogic_server:8.1:sp1 cpe:/a:bea:weblogic_server:8.1:sp1:express CVE-2003-1223 2003-12-31T00:00:00.000-05:00 2008-09-10T15:22:43.447-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-09-02T09:47:00.000-04:00 BEA BEA03-42.00 BID 9034 The Node Manager for BEA WebLogic Express and Server 6.1 through 8.1 SP 1 allows remote attackers to cause a denial of service (Node Manager crash) via malformed data to the Node Manager's port, as demonstrated by nmap. cpe:/a:bea:weblogic_server:7.0 cpe:/a:bea:weblogic_server:7.0::express cpe:/a:bea:weblogic_server:7.0::win32 cpe:/a:bea:weblogic_server:7.0:sp1 cpe:/a:bea:weblogic_server:7.0:sp1:express cpe:/a:bea:weblogic_server:7.0:sp1:win32 cpe:/a:bea:weblogic_server:7.0:sp2 cpe:/a:bea:weblogic_server:7.0:sp2:express cpe:/a:bea:weblogic_server:7.0:sp2:win32 cpe:/a:bea:weblogic_server:7.0:sp3 cpe:/a:bea:weblogic_server:7.0:sp3:express cpe:/a:bea:weblogic_server:7.0:sp3:win32 cpe:/a:bea:weblogic_server:7.0:sp4:win32 cpe:/a:bea:weblogic_server:7.0.0.1 cpe:/a:bea:weblogic_server:7.0.0.1::express cpe:/a:bea:weblogic_server:7.0.0.1::win32 cpe:/a:bea:weblogic_server:7.0.0.1:sp1 cpe:/a:bea:weblogic_server:7.0.0.1:sp1:express cpe:/a:bea:weblogic_server:7.0.0.1:sp1:win32 cpe:/a:bea:weblogic_server:7.0.0.1:sp2 cpe:/a:bea:weblogic_server:7.0.0.1:sp2:express cpe:/a:bea:weblogic_server:7.0.0.1:sp2:win32 CVE-2003-1224 2003-12-31T00:00:00.000-05:00 2008-09-10T15:22:43.557-04:00 2.1 LOCAL LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2005-09-02T09:59:00.000-04:00 BEA BEA03-30.00 BID 7563 Weblogic.admin for BEA WebLogic Server and Express 7.0 and 7.0.0.1 displays the JDBCConnectionPoolRuntimeMBean password to the screen in cleartext, which allows attackers to read a user's password by physically observing ("shoulder surfing") the screen. cpe:/a:bea:weblogic_server:7.0 cpe:/a:bea:weblogic_server:7.0::express cpe:/a:bea:weblogic_server:7.0::win32 cpe:/a:bea:weblogic_server:7.0:sp1 cpe:/a:bea:weblogic_server:7.0:sp1:express cpe:/a:bea:weblogic_server:7.0:sp1:win32 cpe:/a:bea:weblogic_server:7.0:sp2 cpe:/a:bea:weblogic_server:7.0:sp2:express cpe:/a:bea:weblogic_server:7.0:sp2:win32 cpe:/a:bea:weblogic_server:7.0:sp4:win32 cpe:/a:bea:weblogic_server:7.0.0.1 cpe:/a:bea:weblogic_server:7.0.0.1::express cpe:/a:bea:weblogic_server:7.0.0.1::win32 cpe:/a:bea:weblogic_server:7.0.0.1:sp1 cpe:/a:bea:weblogic_server:7.0.0.1:sp1:express cpe:/a:bea:weblogic_server:7.0.0.1:sp1:win32 cpe:/a:bea:weblogic_server:7.0.0.1:sp2 cpe:/a:bea:weblogic_server:7.0.0.1:sp2:express cpe:/a:bea:weblogic_server:7.0.0.1:sp2:win32 CVE-2003-1225 2003-12-31T00:00:00.000-05:00 2008-09-10T15:22:43.663-04:00 2.1 LOCAL LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2005-09-06T13:59:00.000-04:00 BEA BEA03-30.00 BID 7563 The default CredentialMapper for BEA WebLogic Server and Express 7.0 and 7.0.0.1 stores passwords in cleartext on disk, which allows local users to extract passwords. cpe:/a:bea:weblogic_server:7.0 cpe:/a:bea:weblogic_server:7.0::express cpe:/a:bea:weblogic_server:7.0::win32 cpe:/a:bea:weblogic_server:7.0:sp1 cpe:/a:bea:weblogic_server:7.0:sp1:express cpe:/a:bea:weblogic_server:7.0:sp1:win32 cpe:/a:bea:weblogic_server:7.0:sp2 cpe:/a:bea:weblogic_server:7.0:sp2:express cpe:/a:bea:weblogic_server:7.0:sp4:win32 cpe:/a:bea:weblogic_server:7.0.0.1 cpe:/a:bea:weblogic_server:7.0.0.1::express cpe:/a:bea:weblogic_server:7.0.0.1::win32 cpe:/a:bea:weblogic_server:7.0.0.1:sp1 cpe:/a:bea:weblogic_server:7.0.0.1:sp1:express cpe:/a:bea:weblogic_server:7.0.0.1:sp1:win32 cpe:/a:bea:weblogic_server:7.0.0.1:sp2 cpe:/a:bea:weblogic_server:7.0.0.1:sp2:express cpe:/a:bea:weblogic_server:7.0.0.1:sp2:win32 CVE-2003-1226 2003-12-31T00:00:00.000-05:00 2008-09-10T15:22:43.757-04:00 2.1 LOCAL LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2005-09-02T13:28:00.000-04:00 BEA BEA03-30.00 BID 7563 BID 7587 BEA WebLogic Server and Express 7.0 and 7.0.0.1 stores certain secrets concerning password encryption insecurely in config.xml, filerealm.properties, and weblogic-rar.xml, which allows local users to learn those secrets and decrypt passwords. cpe:/a:gallery_project:gallery:1.4 cpe:/a:gallery_project:gallery:1.4_pl1 CVE-2003-1227 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:50.587-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20031011 Gallery 1.4 including file vulnerability BUGTRAQ 20031011 RE: Gallery 1.4 including file vulnerability BUGTRAQ 20031012 Re: Gallery 1.4 including file vulnerability BID 8814 XF gallery-indexphp-file-include(13419) PHP remote file include vulnerability in index.php for Gallery 1.4 and 1.4-pl1, when running on Windows or in Configuration mode on Unix, allows remote attackers to inject arbitrary PHP code via a URL in the GALLERY_BASEDIR parameter, a different vulnerability than CVE-2002-1412. NOTE: this issue might be exploitable only during installation, or if the administrator has not run a security script after installation. cpe:/a:mathopd:mathopd:1.2 cpe:/a:mathopd:mathopd:1.3 cpe:/a:mathopd:mathopd:1.3_p4 cpe:/a:mathopd:mathopd:1.3_p5 cpe:/a:mathopd:mathopd:1.3_p6 cpe:/a:mathopd:mathopd:1.3_p7 cpe:/a:mathopd:mathopd:1.3_p8 cpe:/a:mathopd:mathopd:1.3_p17 cpe:/a:mathopd:mathopd:1.3_p18 cpe:/a:mathopd:mathopd:1.4 cpe:/a:mathopd:mathopd:1.4_p1 cpe:/a:mathopd:mathopd:1.5_b13 CVE-2003-1228 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:50.667-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20031205 [Fwd: Security Alert; possible buffer overflow in all Mathopd versions] BUGTRAQ 20031208 Re: [Fwd: Security Alert; possible buffer overflow in all Mathopd MISC http://www.securiteam.com/unixfocus/5FP0C1FCAW.html BID 9871 XF mathopd-preparereply-bo(15474) Buffer overflow in the prepare_reply function in request.c for Mathopd 1.2 through 1.5b13, and possibly earlier versions, allows remote attackers to cause a denial of service (server crash) and possibly execute arbitrary code via an HTTP request with a long path. CVE-2003-1229 2003-12-31T00:00:00.000-05:00 2017-10-10T21:29:18.903-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030128 Incorrect Certificate Validation in Java Secure Socket Extension CONFIRM http://java.sun.com/products/jsse/CHANGES.txt SECTRACK 1006007 SECTRACK 1007483 SUNALERT 50081 BID 6682 SECTRACK 1006001 HP HPSBUX0301-239 XF sun-java-improper-validation(11182) X509TrustManager in (1) Java Secure Socket Extension (JSSE) in SDK and JRE 1.4.0 through 1.4.0_01, (2) JSSE before 1.0.3, (3) Java Plug-in SDK and JRE 1.3.0 through 1.4.1, and (4) Java Web Start 1.0 through 1.2 incorrectly calls the isClientTrusted method when determining server trust, which results in improper validation of digital certificate and allows remote attackers to (1) falsely authenticate peers for SSL or (2) incorrectly validate signed JAR files. CVE-2003-1230 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:50.807-04:00 6.4 NETWORK LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov FREEBSD FreeBSD-SA-03:03 BID 6920 XF freebsd-syncookie-brute-force(11397) The implementation of SYN cookies (syncookies) in FreeBSD 4.5 through 5.0-RELEASE-p3 uses only 32-bit internal keys when generating syncookies, which makes it easier for remote attackers to conduct brute force ISN guessing attacks and spoof legitimate traffic. cpe:/a:ecw-shop:ecw-shop:5.01 cpe:/a:ecw-shop:ecw-shop:5.5 CVE-2003-1231 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:50.870-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov SECTRACK 1008522 MISC http://www.securiteam.com/unixfocus/6D00F2A95C.html BID 9244 XF ecwshop-cat-xss(14032) Cross-site scripting (XSS) vulnerability in index.php in ECW-Shop 5.5 allows remote attackers to inject arbitrary web script or HTML via the cat parameter. cpe:/a:gnu:emacs:21.2.1 CVE-2003-1232 2003-12-31T00:00:00.000-05:00 2011-03-07T21:13:42.047-05:00 5.1 NETWORK HIGH NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-09-26T16:08:00.000-04:00 ALLOWS_USER_ACCESS CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=286183 MISC http://groups.google.com/group/gnu.emacs.bug/browse_frm/thread/9424ec1b2fdae321/c691a2da8904db0f?hl=en&lr=&ie=UTF-8&oe=UTF-8&rnum=1&prev=/groups%3Fq%3Dguninski%2Bemacs%26hl%3Den%26lr%3D%26ie%3DUTF-8%26oe%3DUTF-8%26selm%3Dmailman.763.1041357806.19936.bug-gnu-emacs%2540gnu.org%26rnum%3D1#c691a2da8904db0f MISC http://lists.grok.org.uk/pipermail/full-disclosure/2003-May/005089.html MANDRIVA MDKSA-2005:208 BID 15375 Emacs 21.2.1 does not prompt or warn the user before executing Lisp code in the local variables section of a text file, which allows user-assisted attackers to execute arbitrary commands, as demonstrated using the mode-name variable. cpe:/a:pedestal_software:integrity_protection_driver:1.2 cpe:/a:pedestal_software:integrity_protection_driver:1.3 CVE-2003-1233 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:50.933-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030103 Pedestal Software Security Notice BUGTRAQ 20030103 Another way to bypass Integrity Protection Driver ('subst' vuln) MISC http://www.phrack.org/show.php?p=59&a=16 BID 6511 XF ipd-ntcreatesymboliclinkobject-subs-symlink(10979) Pedestal Software Integrity Protection Driver (IPD) 1.3 and earlier allows privileged attackers, such as rootkits, to bypass file access restrictions to the Windows kernel by using the NtCreateSymbolicLinkObject function to create a symbolic link to (1) \Device\PhysicalMemory or (2) to a drive letter using the subst command. cpe:/o:freebsd:freebsd:1.1.5.1 cpe:/o:freebsd:freebsd:2.1.0 cpe:/o:freebsd:freebsd:2.1.5 cpe:/o:freebsd:freebsd:2.1.6 cpe:/o:freebsd:freebsd:2.1.6.1 cpe:/o:freebsd:freebsd:2.1.7 cpe:/o:freebsd:freebsd:2.1.7.1 cpe:/o:freebsd:freebsd:2.2 cpe:/o:freebsd:freebsd:2.2:current cpe:/o:freebsd:freebsd:2.2.1 cpe:/o:freebsd:freebsd:2.2.2 cpe:/o:freebsd:freebsd:2.2.3 cpe:/o:freebsd:freebsd:2.2.4 cpe:/o:freebsd:freebsd:2.2.5 cpe:/o:freebsd:freebsd:2.2.6 cpe:/o:freebsd:freebsd:2.2.7 cpe:/o:freebsd:freebsd:2.2.8 cpe:/o:freebsd:freebsd:3.1 cpe:/o:freebsd:freebsd:3.2 cpe:/o:freebsd:freebsd:3.3 cpe:/o:freebsd:freebsd:3.4 cpe:/o:freebsd:freebsd:3.5 cpe:/o:freebsd:freebsd:3.5.1:release cpe:/o:freebsd:freebsd:4.2 cpe:/o:freebsd:freebsd:4.3 cpe:/o:freebsd:freebsd:4.3:release cpe:/o:freebsd:freebsd:4.4 cpe:/o:freebsd:freebsd:4.5 cpe:/o:freebsd:freebsd:4.5:release cpe:/o:freebsd:freebsd:4.6 cpe:/o:freebsd:freebsd:4.6:release cpe:/o:freebsd:freebsd:4.7 cpe:/o:freebsd:freebsd:4.7:release cpe:/o:freebsd:freebsd:4.9:releng cpe:/o:freebsd:freebsd:4.10 cpe:/o:freebsd:freebsd:4.10:release cpe:/o:freebsd:freebsd:4.10:release_p8 cpe:/o:freebsd:freebsd:4.10:releng cpe:/o:freebsd:freebsd:4.11 cpe:/o:freebsd:freebsd:4.11:release_p3 cpe:/o:freebsd:freebsd:4.11:releng cpe:/o:freebsd:freebsd:4.11:stable cpe:/o:freebsd:freebsd:5.0 CVE-2003-1234 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:46.950-04:00 3.6 LOCAL LOW NONE NONE PARTIAL PARTIAL http://nvd.nist.gov FREEBSD FreeBSD-SA-02:44 BUGTRAQ 20030107 FreeBSD Security Advisory FreeBSD-SA-02:44.filedesc VULNWATCH 20030106 PDS: Integer overflow in FreeBSD kernel XF freebsd-kernel-integer-overflow(10993) MISC http://www.pine.nl/press/pine-cert-20030101.txt BUGTRAQ 20030106 PDS: Integer overflow in FreeBSD kernel BID 6524 SECTRACK 1005898 Integer overflow in the f_count counter in FreeBSD before 4.2 through 5.0 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via multiple calls to (1) fpathconf and (2) lseek, which do not properly decrement f_count through a call to fdrop. CVE-2003-1235 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:24.293-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2006-01-03T10:33:00.000-05:00 BUGTRAQ 20030331 BRS WebWeaver: full disclosure XF webweaver-testcgi-info-disclosure(11686) BID 7283 BRW WebWeaver 1.03 allows remote attackers to obtain sensitive server environment information via a URL request for testcgi.exe, which lists the values of environment variables and the current working directory. cpe:/a:tanne:tanne:0.6.17 CVE-2003-1236 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:24.447-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2006-01-03T10:40:00.000-05:00 ALLOWS_ADMIN_ACCESS VULNWATCH 20030107 [INetCop Security Advisory] Remote format string vulnerability in Tanne. CONFIRM http://tanne.fluxnetz.de/download/tanne-0.7.1.tar.bz2 XF tanne-logger-format-string(11006) BUGTRAQ 20030107 [INetCop Security Advisory] Remote format string vulnerability in Tanne. BUGTRAQ 20030108 Tanne Remote format string exploit (Proof of Concept) BID 6553 SECTRACK 1005900 Multiple format string vulnerabilities in the logger function in netzio.c for Tanne 0.6.17 allows remote attackers to execute arbitrary code via format string specifiers in syslog. CVE-2003-1237 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:24.590-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2006-01-03T10:44:00.000-05:00 BUGTRAQ 20030222 [SCSA-007] Cross Site Scripting Vulnerabilities in WWWBoard XF wwwboard-message-xss(11383) BID 6918 Cross-site scripting vulnerability (XSS) in WWWBoard 2.0A2.1 and earlier allows remote attackers to inject arbitrary HTML or web script via a message post. cpe:/a:nuked-klan:nuked-klan:1.2 cpe:/a:nuked-klan:nuked-klan:1.2_beta cpe:/a:nuked-klan:nuked-klan:1.3 cpe:/a:nuked-klan:nuked-klan:1.3_beta CVE-2003-1238 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:24.747-04:00 5.8 NETWORK MEDIUM NONE PARTIAL PARTIAL NONE http://nvd.nist.gov 2006-01-03T10:47:00.000-05:00 BUGTRAQ 20030221 [SCSA-006] XSS & Function Execution Vulnerabilities in Nuked-Klan BUGTRAQ 20030318 Some XSS vulns XF nuked-klan-team-xss(11420) BID 6916 Cross-site scripting vulnerability (XSS) in Nuked-Klan 1.3 beta and earlier allows remote attackers to steal authentication information via cookies by injecting arbitrary HTML or script into op of the (1) Team, (2) News, and (3) Liens modules. cpe:/a:wihphoto:wihphoto:0.86 CVE-2003-1239 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:24.900-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2006-01-03T10:54:00.000-05:00 VULNWATCH 20030223 WihPhoto (PHP) XF wihphoto-sendphoto-file-disclosure(11429) BUGTRAQ 20030223 WihPhoto (PHP) BID 6929 Directory traversal vulnerability in sendphoto.php in WihPhoto 0.86 allows remote attackers to read arbitrary files via .. specifiers in the album parameter, and the target filename in the pic parameter. cpe:/a:cutephp:cutenews:0.88 CVE-2003-1240 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:25.043-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-01-03T11:00:00.000-05:00 BUGTRAQ 20030225 PHP code injection in CuteNews XF cutenews-php-file-include(11417) BID 6935 PHP remote file inclusion vulnerability in CuteNews 0.88 allows remote attackers to execute arbitrary PHP code via a URL in the cutepath parameter in (1) shownews.php, (2) search.php, or (3) comments.php. cpe:/a:levcgi.com:myguestbook:3.0 CVE-2003-1241 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:25.197-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2006-01-04T09:43:00.000-05:00 VULNWATCH 20030221 Myguestbook (PHP) BUGTRAQ 20030221 Myguestbook (PHP) BID 6906 Cross-site scripting vulnerability (XSS) in (1) admin_index.php, (2) admin_pass.php, (3) admin_modif.php, and (4) admin_suppr.php in MyGuestbook 3.0 allows remote attackers to execute arbitrary PHP code by modifying the location parameter to reference a URL on a remote web server that contains file.php via script injected into the pseudo, email, and message parameters. CVE-2003-1242 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:25.340-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2006-01-17T13:22:00.000-05:00 BUGTRAQ 20030219 XSS and Path Disclosure in Sage XF sage-module-path-disclosure(11372) BID 6893 Sage 1.0 b3 allows remote attackers to obtain the root web server path via a URL request for a non-existent module, which returns the path in an error message. CVE-2003-1243 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:50.993-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030219 XSS and Path Disclosure in Sage BID 6894 XF sage-mod-xss(11371) Cross-site scripting vulnerability (XSS) in Sage 1.0 b3 allows remote attackers to insert arbitrary HTML or web script via the mod parameter. cpe:/a:phpbb_group:phpbb:2.0.0 cpe:/a:phpbb_group:phpbb:2.0.1 cpe:/a:phpbb_group:phpbb:2.0.2 CVE-2003-1244 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:25.637-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-01-17T13:28:00.000-05:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20030220 phpBB Security Bugs XF phpbb-pageheader-sql-injection(11376) BID 6888 SQL injection vulnerability in page_header.php in phpBB 2.0, 2.0.1 and 2.0.2 allows remote attackers to brute force user passwords and possibly gain unauthorized access to forums via the forum_id parameter to index.php. CVE-2003-1245 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:51.040-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030224 Mambo SiteServer exploit gains administrative privileges BID 6926 XF mambo-sessionid-gain-privileges(11398) index2.php in Mambo 4.0.12 allows remote attackers to gain administrator access via a URL request where session_id is set to the MD5 hash of a session cookie. cpe:/a:pedestal_software:integrity_protection_driver:1.2 cpe:/a:pedestal_software:integrity_protection_driver:1.3 CVE-2003-1246 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:25.933-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2006-01-17T13:34:00.000-05:00 BUGTRAQ 20030103 Pedestal Software Security Notice BUGTRAQ 20030103 Another way to bypass Integrity Protection Driver ('subst' vuln) XF ipd-ntcreatesymboliclinkobject-subs-symlink(10979) BID 6511 NtCreateSymbolicLinkObject in ntdll.dll in Integrity Protection Driver (IPD) 1.2 and 1.3 allows local users to create and overwrite arbitrary files via a symlink attack on \winnt\system32\drivers using the subst command. cpe:/a:positive_software:h-sphere:2.3_rc3 CVE-2003-1247 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:26.090-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-01-17T13:37:00.000-05:00 ALLOWS_USER_ACCESS MISC http://psoft.net/misc/webshell_patch.html XF hsphere-webshell-readfile-bo(10999) XF hsphere-webshell-diskusage-bo(11002) XF hsphere-webshell-flist-bo(11003) BUGTRAQ 20030106 Remote root vuln in HSphere WebShell BID 6527 BID 6537 BID 6538 BID 6540 SECTRACK 1005893 Multiple buffer overflows in H-Sphere WebShell 2.3 allow remote attackers to execute arbitrary code via (1) a long URL content type in CGI::readFile, (2) a long path in diskusage, and (3) a long fname in flist. cpe:/a:positive_software:h-sphere:2.3_rc3 CVE-2003-1248 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:26.247-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-01-17T13:41:00.000-05:00 ALLOWS_USER_ACCESS MISC http://psoft.net/misc/webshell_patch.html XF hsphere-webshell-encodefilename-execution(11001) BUGTRAQ 20030106 Remote root vuln in HSphere WebShell BID 6537 BID 6539 SECTRACK 1005893 H-Sphere WebShell 2.3 allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) mode and (2) zipfile parameters in a URL request. cpe:/a:businessobjects:webintelligence:2.7.1 CVE-2003-1249 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:26.387-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-01-17T13:43:00.000-05:00 ALLOWS_USER_ACCESS VULNWATCH 20030109 WebIntelligence session hijacking vulnerability XF webintelligence-session-hijacking(11026) BUGTRAQ 20030109 WebIntelligence session hijacking vulnerability BID 6569 SECTRACK 1005906 WebIntelligence 2.7.1 uses guessable user session cookies, which allows remote attackers to hijack sessions. cpe:/h:efficient_networks:5861_dsl_router:5.3.80_firmware CVE-2003-1250 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:26.543-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2006-01-17T13:46:00.000-05:00 VULNWATCH 20030110 Efficient Networks 5861 DSL Router SECTRACK 1005980 XF efficient-dsl-portscan-dos(11032) BUGTRAQ 20030110 Efficient Networks 5861 DSL Router BUGTRAQ 20030123 5861 IP Filtering issues BID 6573 SECTRACK 1005910 Efficient Networks 5861 DSL router, when running firmware 5.3.80 configured to block incoming TCP SYN, packets allows remote attackers to cause a denial of service (crash) via a flood of TCP SYN packets to the WAN interface using a port scanner such as nmap. cpe:/a:nx:n_x_web_content_management_system_2002:prerelease1 CVE-2003-1251 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:26.683-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-01-17T13:48:00.000-05:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20030102 N/X (PHP) XF nx-file-include(10969) BID 6500 The (1) menu.inc.php, (2) datasets.php and (3) mass_operations.inc.php (mistakenly referred to as mass_opeations.inc.php) scripts in N/X 2002 allow remote attackers to execute arbitrary PHP code via a c_path that references a URL on a remote web server that contains the code. cpe:/a:kelli_shaver:s8forum:3.0 CVE-2003-1252 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:26.823-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-01-17T13:50:00.000-05:00 ALLOWS_OTHER_ACCESS VULNWATCH 20030105 A security vulnerability in S8Forum XF s8forum-register-command-execution(10974) BUGTRAQ 20030105 A security vulnerability in S8Forum BID 6547 SECTRACK 1005881 register.php in S8Forum 3.0 allows remote attackers to execute arbitrary PHP commands by creating a user whose name ends in a .php extension and entering the desired commands into the E-mail field, which creates a web-accessible .php file that can be called by the attacker, as demonstrated using a "system($cmd)" E-mail address with a "any_name.php" username. cpe:/a:sangwan_kim:bookmark4u:1.8.3 CVE-2003-1253 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:26.980-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-01-18T15:39:00.000-05:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20030106 Bookmar4U and Active PHP Bookmarks Vulnerabilities XF bookmark4u-file-include(11009) PHP remote file inclusion vulnerability in Bookmark4U 1.8.3 allows remote attackers to execute arbitrary PHP code viaa URL in the prefix parameter to (1) dbase.php, (2) config.php, or (3) common.load.php. CVE-2003-1254 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:27.120-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2006-01-18T15:44:00.000-05:00 BUGTRAQ 20030106 Bookmar4U and Active PHP Bookmarks Vulnerabilities XF apb-apbsettings-file-include(11010) BID 6545 Active PHP Bookmarks (APB) 1.1.01 allows remote attackers to execute arbitrary PHP code via (1) head.php, (2) apb_common.php, or (3) apb_view_class.php by modifying the APB_SETTINGS parameter to reference a URL on a remote web server that contains the code. cpe:/a:active_php_bookmarks:active_php_bookmarks:1.1.01 CVE-2003-1255 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:51.103-04:00 6.4 NETWORK LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030106 Bookmar4U and Active PHP Bookmarks Vulnerabilities BID 6546 XF apb-addbookmark-authentication-bypass(11011) add_bookmark.php in Active PHP Bookmarks (APB) 1.1.01 allows remote attackers to add arbitrary bookmarks as other users using a modified auth_user_id parameter. cpe:/a:e-theni:e-theni CVE-2003-1256 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:27.433-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-01-18T15:49:00.000-05:00 ALLOWS_OTHER_ACCESS VULNWATCH 20030106 E-theni (PHP) XF etheni-afflistelangue-file-include(11013) BUGTRAQ 20030106 E-theni (PHP) BID 6970 aff_liste_langue.php in E-theni allows remote attackers to execute arbitrary PHP code by modifying the rep_include parameter to reference a URL on a remote web server that contains para_langue.php. cpe:/a:e-theni:e-theni CVE-2003-1257 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:27.573-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2006-01-18T15:51:00.000-05:00 VULNWATCH 20030106 E-theni (PHP) XF etheni-findthenihome-information-disclosure(11012) BUGTRAQ 20030106 E-theni (PHP) find_theni_home.php in E-theni allows remote attackers to obtain sensitive system information via a URL request which executes phpinfo. cpe:/a:versatilebulletinboard:versatilebulletinboard:0.9.5 cpe:/a:versatilebulletinboard:versatilebulletinboard:0.9.6 CVE-2003-1258 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:27.730-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-01-18T15:53:00.000-05:00 ALLOWS_OTHER_ACCESS VULNWATCH 20030110 vulnerability in versatile BulletinBoard Allows Gaining Administrative Privileges. XF vbb-unauthorized-privileges(11044) activate.php in versatileBulletinBoard (vBB) 0.9.5 and 0.9.6 allows remote attackers to gain unauthorized administrative access via a URL request with the uid parameter set to the webmaster uid. CVE-2003-1259 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:27.887-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-01-19T09:42:00.000-05:00 ALLOWS_USER_ACCESS BUGTRAQ 20030104 CuteFTP: buffer overflow XF cuteftp-ftp-banner-bo(10984) BUGTRAQ 20030618 Re: CuteFTP 5.0 XP, Buffer Overflow BID 6518 Buffer overflow in CuteFTP 4.2 and 5.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner. cpe:/a:globalscape:cuteftp:5.0 CVE-2003-1260 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:28.073-04:00 7.6 NETWORK HIGH NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2006-01-19T09:42:00.000-05:00 ALLOWS_ADMIN_ACCESS BUGTRAQ 20030118 CuteFTP 5.0 XP, Buffer Overflow BUGTRAQ 20030205 Re: CuteFTP 5.0 XP, Buffer Overflow FULLDISC 20030107 CuteFTP 5.0 XP, Buffer Overflow XF cuteftp-list-command-bo(11093) BUGTRAQ 20030618 Re: CuteFTP 5.0 XP, Buffer Overflow BID 6642 Buffer overflow in CuteFTP 5.0 allows remote attackers to execute arbitrary code via a long response to a LIST command. cpe:/a:globalscape:cuteftp:5.0 cpe:/a:globalscape:cuteftp:5.0.1 CVE-2003-1261 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:28.213-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2006-01-19T09:45:00.000-05:00 BUGTRAQ 20030205 Re: CuteFTP 5.0 XP, Buffer Overflow XF cuteftp-url-clipboard-bo(11275) BUGTRAQ 20030206 Re: CuteFTP 5.0 XP, Buffer Overflow BUGTRAQ 20030618 Re: CuteFTP 5.0 XP, Buffer Overflow BID 6786 Buffer overflow in CuteFTP 5.0 and 5.0.1 allows local users to cause a denial of service (crash) by copying a long URL into a clipboard. cpe:/a:http_fetcher:http_fetcher_library:1.0.0 cpe:/a:http_fetcher:http_fetcher_library:1.0.1 CVE-2003-1262 2003-12-31T00:00:00.000-05:00 2016-10-17T22:39:36.967-04:00 6.4 NETWORK LOW NONE NONE PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030107 GLSA: http-fetcher XF http-fetcher-httpfetch-bo(11000) GENTOO GLSA-200301-6 BUGTRAQ 20030106 [INetCop Security Advisory] Buffer Overflow vulnerability in HTTP Fetcher Library. BID 6531 Buffer overflow in the http_fetch function of HTTP Fetcher 1.0.0 and 1.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL request via a long (1) host, (2) referer, or (3) userAgent value. cpe:/a:brown_bear_software:ical:3.7 CVE-2003-1263 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:28.527-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2006-01-19T09:49:00.000-05:00 BUGTRAQ 20030103 ical 3.7 remote dos XF ical-icalexe-port-dos(10973) BID 6505 BID 6506 ICAL.EXE in iCal 3.7 allows remote attackers to cause a denial of service (crash) via a malformed HTTP request, possibly due to an invalid method name. cpe:/h:d-link:di-614%2b:2.0 cpe:/h:longshine_technologie:longshine_wireless_ethernet_access_point:lcs-883r-ac-b CVE-2003-1264 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:28.683-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2006-01-19T09:52:00.000-05:00 XF longshine-ap-tftp-access(10997) BUGTRAQ 20030106 Longshine WLAN Access-Point LCS-883R VU#310201 BUGTRAQ 20030106 Re: Longshine WLAN Access-Point LCS-883R VU#310201 BID 6533 SECTRACK 1005897 TFTP server in Longshine Wireless Access Point (WAP) LCS-883R-AC-B, and in D-Link DI-614+ 2.0 which is based on it, allows remote attackers to obtain the WEP secret and gain administrator privileges by downloading the configuration file (config.img) and other files without authentication. cpe:/a:mozilla:mozilla:5.0 cpe:/a:netscape:navigator:7.0 CVE-2003-1265 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:28.823-04:00 2.1 LOCAL LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2006-01-19T09:53:00.000-05:00 BUGTRAQ 20030101 Potential disclosure of sensitive information in Netscape 7.0 email client XF netscape-email-deletion-failure(10963) BID 6499 SECTRACK 1005871 Netscape 7.0 and Mozilla 5.0 do not immediately delete messages in the trash folder when users select the 'Empty Trash' option, which could allow local users to access deleted messages. cpe:/a:etype:eserv:2.92 cpe:/a:etype:eserv:2.93 cpe:/a:etype:eserv:2.94 cpe:/a:etype:eserv:2.95 cpe:/a:etype:eserv:2.96 cpe:/a:etype:eserv:2.97 cpe:/a:etype:eserv:2.98 CVE-2003-1266 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:28.980-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2006-01-19T09:56:00.000-05:00 BUGTRAQ 20030104 EServ/2.97 remote DoS XF eserv-remote-data-dos(10975) BID 6519 BID 6520 BID 6521 BID 6522 The (1) FTP, (2) POP3, (3) SMTP, and (4) NNTP servers in EServer 2.92 through 2.97, and possibly 2.98, allow remote attackers to cause a denial of service (crash) via a large amount of data. cpe:/a:steve_poulsen:guildftpd:0.999 CVE-2003-1267 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:29.137-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2006-01-19T10:26:00.000-05:00 XF guildftpd-aux-port-dos(10964) MISC http://www.securiteam.com/windowsntfocus/5SP030A8UO.html SECTRACK 1005864 GuildFTPd 0.999 allows remote attackers to cause a denial of service (crash) via a GET request for MS-DOS device names such as lpt1. cpe:/a:urlogy:a.shop.kart:2.0.3 CVE-2003-1268 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:29.293-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-01-19T14:10:00.000-05:00 ALLOWS_OTHER_ACCESS MISC http://www.centaura.com.ar/infosec/adv/ashopkart.txt XF ashopkart-multiple-sql-injection(11029) BUGTRAQ 20030108 a.shopKart Shopping Cart remote vulnerabilities BID 6558 SECTRACK 1005903 Multiple SQL injection vulnerabilities in (1) addcustomer.asp, (2) addprod.asp, and (3) process.asp in a.shopKart 2.0.3 allow remote attackers to execute arbitrary SQL and obtain sensitive information via the zip, state, country, phone, and fax parameters. cpe:/a:an:an-http:1.41e CVE-2003-1269 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:29.447-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2006-01-19T14:40:00.000-05:00 XF an-http-path-disclosure(10976) BUGTRAQ 20030104 AN HTTPd v.1.41e: DoS, CSS, real patch attack BID 6528 AN HTTP 1.41e allows remote attackers to obtain the root web server path via an HTTP request with a long argument to a script, which leaks the path in an error message. cpe:/a:an:an-http:1.41e CVE-2003-1270 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:29.590-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2006-01-20T08:48:00.000-05:00 XF an-http-script-dos(10978) BUGTRAQ 20030104 AN HTTPd v.1.41e: DoS, CSS, real patch attack AN HTTP 1.41e allows remote attackers to cause a denial of service (borken pipe) via an HTTP request to aux.cgi with a long argument, possibly triggering a buffer overflow or MS-DOS device vulnerability. cpe:/a:an:an-http:1.41e CVE-2003-1271 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:29.747-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2006-01-20T09:10:00.000-05:00 XF an-http-script-xss(10977) BUGTRAQ 20030104 AN HTTPd v.1.41e: DoS, CSS, real patch attack BID 6529 Cross-site scripting vulnerability (XSS) in AN HTTP 1.41e allows remote attackers to execute arbitrary web script or HTML as other users via a URL containing the script. cpe:/a:nullsoft:winamp:3.0 CVE-2003-1272 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:51.167-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov BUGTRAQ 20030104 WinAmp v.3.0: buffer overflow XF winamp-b4s-playlistname-bo(10980) BID 6515 BID 6516 XF winamp-b4s-path-bo(10981) Multiple buffer overflows in Winamp 3.0 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a .b4s file containing (1) a long playlist name or (2) a long path in a file: argument to the Playstring parameter. cpe:/a:nullsoft:winamp:3.0 CVE-2003-1273 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:51.213-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030104 WinAmp v.3.0: buffer overflow BID 6517 XF winamp-b4s-playlistname-dos(10982) Winamp 3.0 allows remote attackers to cause a denial of service (crash) via a .b4s file with a playlist name that contains some non-English characters, e.g. Cyrillic characters. cpe:/a:nullsoft:winamp:3.0 CVE-2003-1274 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:51.260-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030104 WinAmp v.3.0: buffer overflow XF winamp-b4s-path-dos(10983) Winamp 3.0 allows remote attackers to cause a denial of service (crash) via .b4s file with a file: argument to the Playstring parameter that contains MS-DOS device names such as aux. cpe:/a:microsoft:pocket_ie:3.0 CVE-2003-1275 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:30.340-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2006-01-20T10:15:00.000-05:00 BUGTRAQ 20030103 JS Bug makes it possible to deliberately crash Pocket PC IE XF pie-javascript-objectinnerhtml-dos(11004) BID 6507 Pocket Internet Explorer (PIE) 3.0 allows remote attackers to cause a denial of service (crash) via a Javascript function that uses the object.innerHTML function to recursively call that function. cpe:/a:nettelephone:nettelephone:3.5.6 CVE-2003-1276 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:30.497-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-01-20T10:18:00.000-05:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20030103 Multiple Issues in Nettelephone Dialer XF nettelephone-insecure-account-information(11007) Netfone.exe of NetTelephone 3.5.6 uses weak encryption for user PIN's and stores user account numbers in plaintext in the HKEY_CURRENT_USER\Software\MediaRing.com\SDK\NetTelephone\settings registry key, which could allow local users to gain unauthorized access to NetTelephone accounts. cpe:/a:yabb:yabb:1.5.0 CVE-2003-1277 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:30.650-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2006-01-20T10:29:00.000-05:00 XF yabb-newstemplate-xss(10989) XF yabb-se-index-xss(10990) MISC http://www.securiteam.com/unixfocus/5BP051F8VE.html MISC http://www.securiteam.com/unixfocus/5BP061F8US.html Cross-site scripting (XSS) vulnerabilities in Yet Another Bulletin Board (YaBB) 1.5.0 allow remote attackers to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into (1) news_icon of news_template.php, and (2) threadid and subject of index.html cpe:/a:infopop:opentopic:2.3.1 CVE-2003-1278 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:30.793-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2006-01-20T10:50:00.000-05:00 XF opentopic-img-xss(10985) BUGTRAQ 20030104 OpenTopic security hole BID 6523 Cross-site scripting vulnerability (XSS) in OpenTopic 2.3.1 allows remote attackers to execute arbitrary script as other users and possibly steal authentication information via cookies by injecting arbitrary HTML or script into IMG tags. CVE-2003-1279 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:30.947-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-01-20T10:53:00.000-05:00 ALLOWS_USER_ACCESS XF splus-tmp-file-symlink(11005) BUGTRAQ 20030105 S-plus /tmp usage BID 6530 SECTRACK 1005896 S-PLUS 6.0 allows local users to overwrite arbitrary files and possibly elevate privileges via a symlink attack on (1) /tmp/__F8499 by Sqpe, (2) /tmp/PRINT.$$.out by PRINT, (3) /tmp/SUBST$PID.TXT and /tmp/ed.cmds$PID by mustfix.hlinks, (4) /tmp/file.1 and /tmp/file.2 by sas_get, (5) /tmp/file.1 by sas_vars, and (6) /tmp/sgml2html$$tmp /tmp/sgml2html$$tmp1 /tmp/sgml2html$$tmp2 by sglm2html. cpe:/a:eekim:cgihtml:1.69 CVE-2003-1280 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:31.090-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2006-01-20T10:54:00.000-05:00 XF cgihtml-dotdot-directory-traversal(11022) BUGTRAQ 20030107 Multiple cgihtml vulnerabilities BID 6550 Directory traversal vulnerability in cgihtml 1.69 allows remote attackers to overwrite and create arbitrary files via a .. (dot dot) in multipart/form-data uploads. cpe:/a:eekim:cgihtml:1.69 CVE-2003-1281 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:31.247-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2006-01-20T10:55:00.000-05:00 XF cgihtml-tmpfile-symlink(11023) BUGTRAQ 20030107 Multiple cgihtml vulnerabilities BID 6552 cgihtml 1.69 allows local users to overwrite arbitrary files via a symlink attack on certain temporary files. CVE-2003-1282 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:31.387-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2006-01-20T10:58:00.000-05:00 XF ibm-netdata-view-variables(11016) MISC http://www.securiteam.com/securitynews/5CP061F8VS.html SECTRACK 1005890 IBM Net.Data allows remote attackers to obtain sensitive information such as path names, server names and possibly user names and passwords by causing the (1) $(DTW_CURRENT_FILENAME), (2) $(DATABASE), (3) $(LOGIN), (4) $(PASSWORD), and possibly other predefined variables that can be echoed back to the user via a web form. cpe:/a:kazaa:kazaa_media_desktop:2.0 CVE-2003-1283 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:31.527-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-01-20T10:59:00.000-05:00 ALLOWS_USER_ACCESS BUGTRAQ 20030107 KaZaA - Bad Zone XF kazaa-ad-local-zone(11031) BID 6543 KaZaA Media Desktop (KMD) 2.0 launches advertisements in the Internet Explorer (IE) local security zone, which could allow remote attackers to view local files and possibly execute arbitrary code. CVE-2003-1284 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:51.323-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov SECTRACK 1007819 IDEFENSE 20030925 Sambar Server Multiple Vulnerabilities CONFIRM http://www.sambar.com/security.htm XF sambar-multiple-vulnerabilities(13305) Sambar Server before 6.0 beta 6 allows remote attackers to obtain sensitive information via direct requests to the default scripts (1) environ.pl and (2) testcgi.exe. cpe:/a:sambar:sambar_server:5.0 cpe:/a:sambar:sambar_server:5.0:beta1 cpe:/a:sambar:sambar_server:5.0:beta2 cpe:/a:sambar:sambar_server:5.0:beta3 cpe:/a:sambar:sambar_server:5.0:beta4 cpe:/a:sambar:sambar_server:5.0:beta5 cpe:/a:sambar:sambar_server:5.0:beta6 cpe:/a:sambar:sambar_server:5.1 cpe:/a:sambar:sambar_server:5.1:beta1 cpe:/a:sambar:sambar_server:5.1:beta2 cpe:/a:sambar:sambar_server:5.1:beta3 cpe:/a:sambar:sambar_server:5.1:beta4 cpe:/a:sambar:sambar_server:5.1:beta5 cpe:/a:sambar:sambar_server:5.2 cpe:/a:sambar:sambar_server:5.3 cpe:/a:sambar:sambar_server:6.0:beta1 cpe:/a:sambar:sambar_server:6.0:beta2 cpe:/a:sambar:sambar_server:6.0:beta3 cpe:/a:sambar:sambar_server:6.0:beta4 cpe:/a:sambar:sambar_server:6.0:beta5 CVE-2003-1285 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:51.387-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov SECTRACK 1007819 IDEFENSE 20030925 Sambar Server Multiple Vulnerabilities CONFIRM http://www.sambar.com/security.htm XF sambar-multiple-vulnerabilities(13305) XF sambar-multiple-xss(16056) Multiple cross-site scripting (XSS) vulnerabilities in Sambar Server before 6.0 beta 6 allow remote attackers to inject arbitrary web script or HTML via the query string to (1) isapi/testisa.dll, (2) testcgi.exe, (3) environ.pl, (4) the query parameter to samples/search.dll, (5) the price parameter to mortgage.pl, (6) the query string in dumpenv.pl, (7) the query string to dumpenv.pl, and (8) the E-Mail field of the guestbook script (book.pl). cpe:/a:sambar:sambar_server:5.0 cpe:/a:sambar:sambar_server:5.0:beta1 cpe:/a:sambar:sambar_server:5.0:beta2 cpe:/a:sambar:sambar_server:5.0:beta3 cpe:/a:sambar:sambar_server:5.0:beta4 cpe:/a:sambar:sambar_server:5.0:beta5 cpe:/a:sambar:sambar_server:5.0:beta6 cpe:/a:sambar:sambar_server:5.1 cpe:/a:sambar:sambar_server:5.1:beta1 cpe:/a:sambar:sambar_server:5.1:beta2 cpe:/a:sambar:sambar_server:5.1:beta3 cpe:/a:sambar:sambar_server:5.1:beta4 cpe:/a:sambar:sambar_server:5.1:beta5 cpe:/a:sambar:sambar_server:5.2 cpe:/a:sambar:sambar_server:5.3 cpe:/a:sambar:sambar_server:6.0:beta1 cpe:/a:sambar:sambar_server:6.0:beta2 cpe:/a:sambar:sambar_server:6.0:beta3 cpe:/a:sambar:sambar_server:6.0:beta4 cpe:/a:sambar:sambar_server:6.0:beta5 CVE-2003-1286 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:51.463-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20040430 SECURITY.NNOV: Sambar security quest SECTRACK 1007819 IDEFENSE 20030925 Sambar Server Multiple Vulnerabilities CONFIRM http://www.sambar.com/security.htm BID 10256 XF sambar-http-gain-access(16054) HTTP Proxy in Sambar Server before 6.0 beta 6, when security.ini lacks a 127.0.0.1 proxydeny entry, allows remote attackers to send proxy HTTP requests to the Sambar Server's administrative interface and external web servers, by making a "Connection: keep-alive" request before the proxy requests. cpe:/a:sambar:sambar_server:5.0 cpe:/a:sambar:sambar_server:5.0:beta1 cpe:/a:sambar:sambar_server:5.0:beta2 cpe:/a:sambar:sambar_server:5.0:beta3 cpe:/a:sambar:sambar_server:5.0:beta4 cpe:/a:sambar:sambar_server:5.0:beta5 cpe:/a:sambar:sambar_server:5.0:beta6 cpe:/a:sambar:sambar_server:5.1 cpe:/a:sambar:sambar_server:5.1:beta1 cpe:/a:sambar:sambar_server:5.1:beta2 cpe:/a:sambar:sambar_server:5.1:beta3 cpe:/a:sambar:sambar_server:5.1:beta4 cpe:/a:sambar:sambar_server:5.1:beta5 cpe:/a:sambar:sambar_server:5.2 cpe:/a:sambar:sambar_server:5.3 cpe:/a:sambar:sambar_server:6.0:beta1 cpe:/a:sambar:sambar_server:6.0:beta2 CVE-2003-1287 2003-12-31T00:00:00.000-05:00 2017-07-10T21:29:51.540-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20040430 SECURITY.NNOV: Sambar security quest SECTRACK 1007819 IDEFENSE 20030925 Sambar Server Multiple Vulnerabilities CONFIRM http://www.sambar.com/security.htm XF sambar-post-code-execution(16059) Sambar Server before 6.0 beta 3 allows attackers with physical access to execute arbitrary code via a request with an MS-DOS device name such as com1.pl, con.pl, or aux.pl, which causes Perl to read the code from the associated device. cpe:/a:vserver:linux-vserver:1.22 CVE-2003-1288 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:32.447-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2006-06-15T14:19:00.000-04:00 CONFIRM http://linux-vserver.org/ChangeLog MLIST [Vserver] 20031218 SMP oops 2.4.23 v1.22 MLIST [Vserver] 20031219 Re: SMP oops 2.4.23 v1.22 MLIST [Vserver] 20031220 Re: SMP oops 2.4.23 v1.22 Multiple race conditions in Linux-VServer 1.22 with Linux kernel 2.4.23 and SMP allow local users to cause a denial of service (kernel oops) via unknown attack vectors related to the (1) s_info and (2) ip_info data structures and the (a) forget_original_parent, (b) goodness, (c) schedule, (d) update_process_times, and (e) vc_new_s_context functions. CVE-2003-1289 2003-12-31T00:00:00.000-05:00 2017-07-19T21:29:01.237-04:00 2.1 LOCAL LOW NONE PARTIAL NONE NONE http://nvd.nist.gov FREEBSD FreeBSD-SA-03:10 SECTRACK 1007460 XF freebsd-ibcs2-kernel-memory(12892) The iBCS2 system call translator for statfs in NetBSD 1.5 through 1.5.3 and FreeBSD 4 up to 4.8-RELEASE-p2 and 5 up to 5.1-RELEASE-p1 allows local users to read portions of kernel memory (memory disclosure) via a large length parameter, which copies additional kernel memory into userland memory. cpe:/a:bea:weblogic_server:6.0::win32 cpe:/a:bea:weblogic_server:6.0:sp1:express cpe:/a:bea:weblogic_server:6.0:sp1:win32 cpe:/a:bea:weblogic_server:6.0:sp2:express cpe:/a:bea:weblogic_server:6.0:sp2:win32 cpe:/a:bea:weblogic_server:6.1::win32 cpe:/a:bea:weblogic_server:6.1:sp1:express cpe:/a:bea:weblogic_server:6.1:sp1:win32 cpe:/a:bea:weblogic_server:6.1:sp2:express cpe:/a:bea:weblogic_server:6.1:sp2:win32 cpe:/a:bea:weblogic_server:6.1:sp3:express cpe:/a:bea:weblogic_server:6.1:sp3:win32 cpe:/a:bea:weblogic_server:6.1:sp4 cpe:/a:bea:weblogic_server:6.1:sp4:express cpe:/a:bea:weblogic_server:6.1:sp4:win32 cpe:/a:bea:weblogic_server:6.1:sp5 cpe:/a:bea:weblogic_server:6.1:sp5:express cpe:/a:bea:weblogic_server:6.1:sp5:win32 cpe:/a:bea:weblogic_server:6.1:sp6 cpe:/a:bea:weblogic_server:6.1:sp6:win32 cpe:/a:bea:weblogic_server:7.0::win32 cpe:/a:bea:weblogic_server:7.0:sp1 cpe:/a:bea:weblogic_server:7.0:sp1:express cpe:/a:bea:weblogic_server:7.0:sp1:win32 cpe:/a:bea:weblogic_server:7.0:sp2:express cpe:/a:bea:weblogic_server:7.0:sp2:win32 cpe:/a:bea:weblogic_server:7.0:sp3 cpe:/a:bea:weblogic_server:7.0:sp3:express cpe:/a:bea:weblogic_server:7.0:sp3:win32 cpe:/a:bea:weblogic_server:7.0:sp4 cpe:/a:bea:weblogic_server:7.0:sp4:express cpe:/a:bea:weblogic_server:7.0:sp4:win32 cpe:/a:bea:weblogic_server:7.0:sp5 cpe:/a:bea:weblogic_server:7.0:sp5:express cpe:/a:bea:weblogic_server:7.0:sp5:win32 cpe:/a:bea:weblogic_server:7.0.0.1::win32 cpe:/a:bea:weblogic_server:7.0.0.1:sp1:express cpe:/a:bea:weblogic_server:7.0.0.1:sp1:win32 cpe:/a:bea:weblogic_server:7.0.0.1:sp2:express cpe:/a:bea:weblogic_server:7.0.0.1:sp2:win32 cpe:/a:bea:weblogic_server:7.0.0.1:sp3 cpe:/a:bea:weblogic_server:7.0.0.1:sp3:express cpe:/a:bea:weblogic_server:7.0.0.1:sp4 cpe:/a:bea:weblogic_server:7.0.0.1:sp4:express cpe:/a:bea:weblogic_server:8.1::express cpe:/a:bea:weblogic_server:8.1::win32 cpe:/a:bea:weblogic_server:8.1:sp1 cpe:/a:bea:weblogic_server:8.1:sp1:express cpe:/a:bea:weblogic_server:8.1:sp1:win32 cpe:/a:bea:weblogic_server:8.1:sp2 cpe:/a:bea:weblogic_server:8.1:sp2:express cpe:/a:bea:weblogic_server:8.1:sp2:win32 cpe:/a:bea:weblogic_server:8.1:sp3 cpe:/a:bea:weblogic_server:8.1:sp3:express cpe:/a:bea:weblogic_server:8.1:sp3:win32 cpe:/a:bea:weblogic_server:8.1:sp4 cpe:/a:bea:weblogic_server:8.1:sp4:express cpe:/a:bea:weblogic_server:8.1:sp4:win32 CVE-2003-1290 2003-12-31T00:00:00.000-05:00 2017-07-19T21:29:01.393-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BEA BEA03-43.00 BID 16215 BID 9034 XF weblogic-mbeanhome-obtain-information(13752) BEA WebLogic Server and WebLogic Express 6.1, 7.0, and 8.1, with RMI and anonymous admin lookup enabled, allows remote attackers to obtain configuration information by accessing MBeanHome via the Java Naming and Directory Interface (JNDI). cpe:/o:vmware:esx:1.5.2:patch1 cpe:/o:vmware:esx:1.5.2:patch2 cpe:/o:vmware:esx:1.5.2:patch3 CVE-2003-1291 2003-12-31T00:00:00.000-05:00 2018-10-30T12:26:23.230-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CONFIRM http://www.vmware.com/download/esx/esx152-patch4.html CONFIRM http://www.vmware.com/support/kb/enduser/std_adp.php?p_sid=dsxk*BWh&p_lva=&p_faqid=1108 VMware ESX Server 1.5.2 before Patch 4 allows local users to execute arbitrary programs as root via certain modified VMware ESX Server environment variables. cpe:/a:ashwebstudio:ashnews:0.83 CVE-2003-1292 2003-12-31T00:00:00.000-05:00 2017-10-10T21:29:18.997-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov FULLDISC 20060130 Re: ashnews Cross-Site Scripting Vulnerability FULLDISC 20060131 Re: ashnews Cross-Site Scripting Vulnerability FULLDISC 20060131 Re: ashnews Cross-Site Scripting Vulnerability CONFIRM http://forums.ashwebstudio.com/viewtopic.php?t=353&start=0 BUGTRAQ 20030720 sorry, wrong file BID 16436 BID 18248 EXPLOIT-DB 1864 PHP remote file include vulnerability in Derek Ashauer ashNews 0.83 allows remote attackers to include and execute arbitrary remote files via a URL in the pathtoashnews parameter to (1) ashnews.php and (2) ashheadlines.php. cpe:/a:nukedweb:guestbookhost CVE-2003-1293 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:33.370-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2006-02-07T12:26:00.000-05:00 BUGTRAQ 20030724 GuestBookHost : Cross Site Scripting BID 8025 Multiple cross-site scripting (XSS) vulnerabilities in NukedWeb GuestBookHost allow remote attackers to inject arbitrary web script or HTML via the (1) Name, (2) Email and (3) Message fields when signing the guestbook. cpe:/a:xscreensaver:xscreensaver:4.05_5cl cpe:/a:xscreensaver:xscreensaver:4.05_6 cpe:/a:xscreensaver:xscreensaver:4.05_6a cpe:/a:xscreensaver:xscreensaver:4.05_150 cpe:/a:xscreensaver:xscreensaver:4.07_2 cpe:/a:xscreensaver:xscreensaver:4.08_29135cl cpe:/a:xscreensaver:xscreensaver:4.09_0 cpe:/a:xscreensaver:xscreensaver:4.10_4 cpe:/a:xscreensaver:xscreensaver:4.10_6 cpe:/a:xscreensaver:xscreensaver:4.10_8 cpe:/a:xscreensaver:xscreensaver:4.10_15 cpe:/a:xscreensaver:xscreensaver:4.11_0 cpe:/a:xscreensaver:xscreensaver:4.12_58 cpe:/a:xscreensaver:xscreensaver:4.12_62 cpe:/a:xscreensaver:xscreensaver:4.14_0 cpe:/a:xscreensaver:xscreensaver:4.14_2 cpe:/a:xscreensaver:xscreensaver:4.14_4 cpe:/a:xscreensaver:xscreensaver:4.14_5 CVE-2003-1294 2003-12-31T00:00:00.000-05:00 2017-10-10T21:29:19.060-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov SGI 20060602-01-U MISC http://jwz.livejournal.com/310943.html CONFIRM http://support.avaya.com/elmodocs2/security/ASA-2006-107.htm CONFIRM http://www.novell.com/linux/download/updates/90_i386.html REDHAT RHSA-2006:0498 BID 9125 VUPEN ADV-2006-1948 CONFIRM https://bugzilla.redhat.com/bugzilla/attachment.cgi?id=124968 CONFIRM https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=182286 Xscreensaver before 4.15 creates temporary files insecurely in (1) driver/passwd-kerberos.c, (2) driver/xscreensaver-getimage-video, (3) driver/xscreensaver.kss.in, and the (4) vidwhacker and (5) webcollage screensavers, which allows local users to overwrite arbitrary files via a symlink attack. cpe:/o:redhat:enterprise_linux:3.0::advanced_servers cpe:/o:redhat:enterprise_linux:3.0::enterprise_server cpe:/o:redhat:enterprise_linux:3.0::workstation cpe:/o:suse:suse_linux:9.0 CVE-2003-1295 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:33.713-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2006-03-01T11:04:00.000-05:00 CONFIRM http://www.novell.com/linux/download/updates/90_i386.html BID 9125 Unspecified vulnerability in xscreensaver 4.12, and possibly other versions, allows attackers to cause xscreensaver to crash via unspecified vectors "while verifying the user-password." CVE-2003-1296 2003-12-31T00:00:00.000-05:00 2017-07-19T21:29:01.470-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20031004 Vulnerabilities in Easy File Sharing Web Server (1.2 NEW) XF easyfilesharing-title-dos(13360) Easy File Sharing (EFS) Web Server 1.2 allows remote authenticated users to cause a denial of service via (1) an "empty symbol" in the Title field or (2) certain data in the Your Message field, possibly a long argument. CVE-2003-1297 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:34.057-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2006-05-01T11:07:00.000-04:00 BUGTRAQ 20031004 Vulnerabilities in Easy File Sharing Web Server (1.2 NEW) Easy File Sharing (EFS) Web Server 1.2 stores the (1) option.ini (aka options.ini) file and (2) log directory under the web root with insufficient access control, which allows remote attackers to obtain sensitive information including an SMTP account username and password hash, the server configuration, and server log files. cpe:/a:anyportal_php:anyportal_php:0.1 CVE-2003-1298 2003-12-31T00:00:00.000-05:00 2017-07-19T21:29:01.533-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov MISC http://nger.org/anyportal/forum/read.php?f=1&i=152&t=152#reply_152 BID 17197 VUPEN ADV-2006-1053 XF anyportalphp-siteman-directory-traversal(25396) Multiple directory traversal vulnerabilities in siteman.php3 in AnyPortal(php) 12 MAY 00 allow remote attackers to (1) create, (2) delete, (3) save, and (4) upload files by navigating to the root directory and entering a filename beginning with "./.." (dot slash dot dot). cpe:/a:pablo_software_solutions:baby_ftp_server:1.2 CVE-2003-1299 2003-12-31T00:00:00.000-05:00 2016-11-28T14:06:24.817-05:00 4.0 NETWORK LOW SINGLE_INSTANCE PARTIAL NONE NONE http://nvd.nist.gov MISC http://packetstormsecurity.org/0305-exploits/baby.txt CONFIRM http://www.pablosoftwaresolutions.com/html/baby_ftp_server.html BID 7749 Directory traversal vulnerability in Baby FTP Server 1.2, and possibly other versions before May 31, 2003 allows remote authenticated users to list arbitrary directories and possibly read files via "..." (triple dot) manipulations to the CWD command. cpe:/a:pablo_software_solutions:baby_ftp_server:1.2 CVE-2003-1300 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:34.447-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2006-06-15T14:26:00.000-04:00 MISC http://packetstormsecurity.org/0305-exploits/baby.txt CONFIRM http://www.pablosoftwaresolutions.com/html/baby_ftp_server.html Baby FTP Server (BabyFTP) 1.2, and possibly other versions before May 31, 2003, allows remote attackers to cause a denial of service via a large number of connections from the same IP address, which triggers an access violation. cpe:/a:sun:jre:1.4.2 cpe:/a:sun:jre:1.4.2_1 cpe:/a:sun:jre:1.4.2_2 cpe:/a:sun:jre:1.4.2_3 cpe:/a:sun:jre:1.4.2_4 cpe:/a:sun:jre:1.4.2_5 cpe:/a:sun:jre:1.4.2_6 cpe:/a:sun:jre:1.4.2_7 cpe:/a:sun:jre:1.4.2_8 cpe:/a:sun:jre:1.4.2_9 cpe:/a:sun:jre:1.4.2_10 cpe:/a:sun:jre:1.5.0 cpe:/a:sun:jre:1.5.0:update1 cpe:/a:sun:jre:1.5.0:update2 cpe:/a:sun:jre:1.5.0:update3 cpe:/a:sun:jre:1.5.0:update4 cpe:/a:sun:jre:1.5.0:update5 CVE-2003-1301 2003-12-31T00:00:00.000-05:00 2018-10-30T12:26:21.640-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov MISC http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4396719 MISC http://bugs.sun.com/bugdatabase/view_bug.do?bug_id=4944300 MISC http://www.illegalaccess.org/exploit/ObjectStackOverflow.html BUGTRAQ 20060521 Generic Browser Crash with Java 1.4.2_11, Java 1.5.0_06 BID 18058 Sun Java Runtime Environment (JRE) 1.x before 1.4.2_11 and 1.5.x before 1.5.0_06, and as used in multiple web browsers, allows remote attackers to cause a denial of service (application crash) via deeply nested object arrays, which are not properly handled by the garbage collector and trigger invalid memory accesses. cpe:/a:php:php:4.2::dev cpe:/a:php:php:4.2.0 cpe:/a:php:php:4.2.1 cpe:/a:php:php:4.2.2 cpe:/a:php:php:4.2.3 cpe:/a:php:php:4.3.0 CVE-2003-1302 2003-12-31T00:00:00.000-05:00 2018-10-30T12:25:35.387-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2006-06-15T12:42:00.000-04:00 CONFIRM http://bugs.php.net/bug.php?id=22048 CONFIRM https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=175040 The IMAP functionality in PHP before 4.3.1 allows remote attackers to cause a denial of service via an e-mail message with a (1) To or (2) From header with an address that contains a large number of "\" (backslash) characters. cpe:/a:php:php:4.3.0 cpe:/a:php:php:4.3.1 cpe:/a:php:php:4.3.2 CVE-2003-1303 2003-12-31T00:00:00.000-05:00 2018-10-30T12:25:35.387-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONFIRM http://bugs.php.net/bug.php?id=24150 CONFIRM https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=175040 Buffer overflow in the imap_fetch_overview function in the IMAP functionality (php_imap.c) in PHP before 4.3.3 allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a long e-mail address in a (1) To or (2) From header. cpe:/a:early_impact:productcart:1.1 cpe:/a:early_impact:productcart:1.2 cpe:/a:early_impact:productcart:1.3 cpe:/a:early_impact:productcart:1.4 cpe:/a:early_impact:productcart:1.5 cpe:/a:early_impact:productcart:1.6_b cpe:/a:early_impact:productcart:1.6_b001 cpe:/a:early_impact:productcart:1.6_b002 cpe:/a:early_impact:productcart:1.6_b003 cpe:/a:early_impact:productcart:1.6_br cpe:/a:early_impact:productcart:1.6_br001 cpe:/a:early_impact:productcart:1.6_br003 cpe:/a:early_impact:productcart:1.6b cpe:/a:early_impact:productcart:1.6b001 cpe:/a:early_impact:productcart:1.6b002 cpe:/a:early_impact:productcart:1.6b003 cpe:/a:early_impact:productcart:1.6br cpe:/a:early_impact:productcart:1.6br001 cpe:/a:early_impact:productcart:1.6br003 cpe:/a:early_impact:productcart:1.5002 cpe:/a:early_impact:productcart:1.5003 cpe:/a:early_impact:productcart:1.5003r cpe:/a:early_impact:productcart:1.5004 cpe:/a:early_impact:productcart:1.6002 cpe:/a:early_impact:productcart:1.6003 cpe:/a:early_impact:productcart:2 cpe:/a:early_impact:productcart:2.0 CVE-2003-1304 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:48.017-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov FULLDISC 20030705 [Vulnerability] : ProductCart database file can be downloaded remotely MISC http://www.earlyimpact.com/pdf/ProductCart_Security_Tips.pdf BUGTRAQ 20060622 productcart soltan_defacer BID 8112 XF shopping-cart-database-access(9816) EarlyImpact ProductCart 1.0 through 2.0 stores database/EIPC.mdb under the web root with insufficient access control, which allows remote attackers to obtain sensitive database information via a direct request. CVE-2003-1305 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:35.337-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2006-09-01T17:18:00.000-04:00 BUGTRAQ 20030707 Internet Explorer Crash Microsoft Internet Explorer allows remote attackers to cause a denial of service (resource consumption) via a Javascript src attribute that recursively loads the current web page. CVE-2003-1306 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:35.480-04:00 2.6 NETWORK HIGH NONE PARTIAL NONE NONE http://nvd.nist.gov 2006-10-16T11:23:00.000-04:00 MLIST [WWW-Mobile-Code] 20030706 can - IIS Version Disclosure Microsoft URLScan 2.5, with the RemoveServerHeader option enabled, allows remote attackers to obtain sensitive information (server name and version) via an HTTP request that generates certain errors such as 400 "Bad Request," which leak the Server header in the response. cpe:/a:apache:http_server:2.0 cpe:/a:apache:http_server:2.0.9 cpe:/a:apache:http_server:2.0.28 cpe:/a:apache:http_server:2.0.28:beta cpe:/a:apache:http_server:2.0.28:beta:win32 cpe:/a:apache:http_server:2.0.32 cpe:/a:apache:http_server:2.0.32:beta:win32 cpe:/a:apache:http_server:2.0.34:beta:win32 cpe:/a:apache:http_server:2.0.35 cpe:/a:apache:http_server:2.0.36 cpe:/a:apache:http_server:2.0.37 cpe:/a:apache:http_server:2.0.38 cpe:/a:apache:http_server:2.0.39 cpe:/a:apache:http_server:2.0.40 cpe:/a:apache:http_server:2.0.41 cpe:/a:apache:http_server:2.0.42 cpe:/a:apache:http_server:2.0.43 cpe:/a:apache:http_server:2.0.44 cpe:/a:apache:http_server:2.0.45 cpe:/a:apache:http_server:2.0.46 cpe:/a:apache:http_server:2.0.46::win32 cpe:/a:apache:http_server:2.0.47 cpe:/a:apache:http_server:2.0.48 CVE-2003-1307 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:48.497-04:00 4.3 LOCAL LOW SINGLE_INSTANCE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS MISC http://bugs.php.net/38915 MISC http://hackerdom.ru/~dimmo/phpexpl.c BUGTRAQ 20031226 Hijacking Apache https by mod_php BUGTRAQ 20061019 PHP "exec", "system", "popen" problem BUGTRAQ 20061020 Re: PHP "exec", "system", "popen" (+small POC) BID 9302 ** DISPUTED ** The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: the PHP developer has disputed this vulnerability, saying "The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP." cpe:/a:fvwm:fvwm:2.4.17 cpe:/a:fvwm:fvwm:2.5.8 CVE-2003-1308 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:35.837-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-11-20T13:52:00.000-05:00 CONFIRM http://www.fvwm.org/news/ BID 9161 CRLF injection vulnerability in fvwm-menu-directory for fvwm 2.5.x before 2.5.10 and 2.4.x before 2.4.18 allows local users to execute arbitrary commands via carriage returns in a filename. cpe:/a:zonelabs:zonealarm:3.7.202 cpe:/a:zonelabs:zonealarm:3.7.211::plus cpe:/a:zonelabs:zonealarm:3.7.211::pro CVE-2003-1309 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:04.997-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20030805 Local ZoneAlarm Firewall (probably all versions - tested on v3.1) CONFIRM http://download.zonelabs.com/bin/free/information/znalm/zaReleaseHistory.html BID 8342 XF device-driver-gain-privileges(12824) The DeviceIoControl function in the TrueVector Device Driver (VSDATANT) in ZoneAlarm before 3.7.211, Pro before 4.0.146.029, and Plus before 4.0.146.029 allows local users to gain privileges via certain signals (aka "Device Driver Attack"). cpe:/a:symantec:norton_antivirus:2002 cpe:/a:symantec:norton_antivirus:2003 CVE-2003-1310 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:05.060-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BID 8329 XF device-driver-gain-privileges(12824) The DeviceIoControl function in the Norton Device Driver (NAVAP.sys) in Symantec Norton AntiVirus 2002 allows local users to gain privileges by overwriting memory locations via certain control codes (aka "Device Driver Attack"). CVE-2003-1311 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:36.290-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-12-18T17:43:00.000-05:00 ALLOWS_OTHER_ACCESS MLIST [curl-users] 20030529 Re: https, redirection and authentication using POST siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder does not ensure that the TARGET parameter names a valid redirection resource, which allows remote attackers to construct a URL that might trick users into visiting an arbitrary web site referenced by this parameter. CVE-2003-1312 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:36.463-04:00 4.3 NETWORK MEDIUM NONE PARTIAL NONE NONE http://nvd.nist.gov 2006-12-19T09:25:00.000-05:00 MLIST [curl-users] 20030529 Re: https, redirection and authentication using POST siteminderagent/SmMakeCookie.ccc in Netegrity SiteMinder places a session ID string in the value of the SMSESSION parameter in a URL, which might allow remote attackers to obtain the ID by sniffing, reading Referer logs, or other methods. cpe:/a:eternalmart:mailing_list_manager:1.32 CVE-2003-1313 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:36.620-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2006-12-28T16:18:00.000-05:00 ALLOWS_OTHER_ACCESS SECTRACK 1007884 VULNWATCH 20031004 EMML, EMGB : Include() hole BID 8767 Multiple PHP remote file inclusion vulnerabilities in EternalMart Mailing List Manager (EMLM) 1.32 allow remote attackers to execute arbitrary PHP code via a URL in (1) the emml_admin_path parameter to admin/auth.php or (2) the emml_path parameter to emml_email_func.php. cpe:/a:eternalmart:eternalmart_guestbook:1.1 CVE-2003-1314 2003-12-31T00:00:00.000-05:00 2017-10-18T21:29:01.470-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS SECTRACK 1007885 VULNWATCH 20031004 EMML, EMGB : Include() hole BID 21720 BID 8767 EXPLOIT-DB 2980 PHP remote file inclusion vulnerability in admin/auth.php in EternalMart Guestbook (EMGB) 1.1 allows remote attackers to execute arbitrary PHP code via a URL in the emgb_admin_path parameter. cpe:/a:neocrome:land_down_under:701 CVE-2003-1315 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:05.123-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS SECTRACK 1008416 MISC http://www.neocrome.net/index.php?m=single&id=76 MISC http://www.neocrome.net/page.php?id=1250 BID 9168 XF landdownunder-auth-sql-injection(13922) SQL injection vulnerability in auth.php in Land Down Under (LDU) v601 and earlier allows remote attackers to execute arbitrary SQL commands. CVE-2003-1316 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:05.187-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov SECTRACK 1007592 BID 8507 XF endonesia-mod-path-disclosure(13042) mod.php in eNdonesia 8.2 allows remote attackers to obtain sensitive information via a ' (quote) value in the lng parameter, which reveals the path in an error message. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. CVE-2003-1317 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:05.247-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS SECTRACK 1007592 BID 8506 XF endonesia-mod-xss(13041) Cross-site scripting (XSS) vulnerability in mod.php in eNdonesia 8.2 allows remote attackers to inject arbitrary web script or HTML via the mod parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third party information. CVE-2003-1318 2003-12-31T00:00:00.000-05:00 2016-10-17T22:39:38.437-04:00 7.8 NETWORK LOW NONE NONE NONE COMPLETE http://nvd.nist.gov BUGTRAQ 20030713 TA-2003-07 Denial of Service Attack against Twilight WebServer v1.3.3.0 BID 22090 MISC http://www.tripbit.org/advisories/twilight_advisory.txt Twilight Webserver 1.3.3.0 allows remote attackers to cause a denial of service (application crash) via a GET request for a long URI, a different vulnerability than CVE-2004-2376. cpe:/a:smartftp:smartftp:1.0.973 CVE-2003-1319 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:05.327-04:00 7.6 NETWORK HIGH NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030608 [SmartFTP] Two Buffer Overflow Vulnerabilities MISC http://security.nnov.ru/docs4679.html SECTRACK 1006956 BID 7858 BID 7861 XF smartftp-pwd-directory-bo(12228) XF smartftp-long-list-bo(12231) Multiple buffer overflows in SmartFTP 1.0.973, and other versions before 1.0.976, allow remote attackers to execute arbitrary code via (1) a long response to a PWD command, which triggers a stack-based overflow, and (2) a long line in a response to a file LIST command, which triggers a heap-based overflow. cpe:/h:sonicwall:firmware:6.4.0.1 CVE-2003-1320 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:37.667-04:00 5.1 NETWORK HIGH NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-02-28T11:44:00.000-05:00 ALLOWS_OTHER_ACCESS CERT-VN VU#287771 MISC http://www.kb.cert.org/vuls/id/AAMN-5L74VD SonicWALL firmware before 6.4.0.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted Internet Key Exchange (IKE) response packets, possibly including (1) a large Security Parameter Index (SPI) field, (2) a large number of payloads, or (3) a long payload. cpe:/a:avant_force:avant_browser:8.2 CVE-2003-1321 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:05.390-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030821 Buffer overflow in Avant Browser 8.02 BID 8471 XF avantbrowser-http-bo(12974) Buffer overflow in Avant Browser 8.02 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long URL in an HTTP request. cpe:/a:atrium_software:mercur_mailserver:4.2 CVE-2003-1322 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:37.963-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2007-04-10T11:32:00.000-04:00 ALLOWS_ADMIN_ACCESS XF mercur-multiple-bo(12203) BUGTRAQ 20030606 Multiple Buffer Overflow Vulnerabilities Found in MERCUR Mail server v.4.2 (SP2) - IMAP protocol BID 7842 Multiple stack-based buffer overflows in Atrium MERCUR IMAPD in MERCUR Mailserver before 4.2.15.0 allow remote attackers to execute arbitrary code via a long (1) EXAMINE, (2) DELETE, (3) SUBSCRIBE, (4) RENAME, (5) UNSUBSCRIBE, (6) LIST, (7) LSUB, (8) STATUS, (9) LOGIN, (10) CREATE, or (11) SELECT command. cpe:/a:elm_development_group:elm:2.4 CVE-2003-1323 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:38.150-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-04-10T11:38:00.000-04:00 ALLOWS_OTHER_ACCESS CONFIRM http://www.elmme-mailer.org/elm-2.4ME+PL109S.patch.gz Elm ME+ 2.4 before PL109S, when installed setgid mail and the operating system lacks POSIX saved ID support, allows local users to read and modify certain files with the privileges of the mail group via unspecified vectors. cpe:/a:elmme-mailer:elm_me%2b:2.4 CVE-2003-1324 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:38.323-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-04-10T13:29:00.000-04:00 ALLOWS_OTHER_ACCESS CONFIRM http://www.elmme-mailer.org/elm-2.4ME+PL109S.patch.gz Race condition in the can_open function in Elm ME+ 2.4, when installed setgid mail and the operating system lacks POSIX saved ID support, allows local users to read and modify certain files with the privileges of the mail group. cpe:/a:valve_software:half-life_cstrike_dedicated_server:1.1.1.0 CVE-2003-1325 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:38.463-04:00 5.2 ADJACENT_NETWORK MEDIUM SINGLE_INSTANCE NONE NONE COMPLETE http://nvd.nist.gov 2007-04-12T18:29:00.000-04:00 MISC http://aluigi.altervista.org/adv/csdos.txt MISC http://packetstormsecurity.org/0304-exploits/hl-headnut.c The SV_CheckForDuplicateNames function in Valve Software Half-Life CSTRIKE Dedicated Server 1.1.1.0 and earlier allows remote authenticated users to cause a denial of service (infinite loop and daemon hang) via a certain connection string to UDP port 27015 that represents "absence of player informations," a related issue to CVE-2006-0734. cpe:/a:microsoft:ie:5.0.1 cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.5:sp1 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:6.0:sp1 CVE-2003-1326 2003-02-19T00:00:00.000-05:00 2018-10-12T17:33:51.917-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS CIAC N-038 XF ie-dialog-zone-bypass(11258) BID 6779 MS MS03-004 Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model to run malicious script or arbitrary programs via dialog boxes, aka "Improper Cross Domain Security Validation with dialog box." cpe:/a:washington_university:wu-ftpd:2.6.2 CVE-2003-1327 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:05.450-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030922 Wu_ftpd all versions (not) vulnerability. SECTRACK 1007775 BID 8668 SLACKWARE SSA:2003-259-03 XF wuftp-mailadmin-sockprintf-bo(13269) Buffer overflow in the SockPrintf function in wu-ftpd 2.6.2 and earlier, when compiled with MAIL_ADMIN option enabled on a system that supports very long pathnames, might allow remote anonymous users to execute arbitrary code by uploading a file with a long pathname, which triggers the overflow when wu-ftpd constructs a notification message to the administrator. cpe:/a:microsoft:ie:5.0.1 cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.5:sp1 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:6.0:sp1 CVE-2003-1328 2003-02-19T00:00:00.000-05:00 2018-10-12T17:33:52.697-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030206 showHelp("file:") disables security in IE - Sandblad advisory #11 CIAC N-038 XF ie-showhelp-zone-bypass(11259) CERT-VN VU#400577 BID 6780 MS MS03-004 The showHelp() function in Microsoft Internet Explorer 5.01, 5.5, and 6.0 supports certain types of pluggable protocols that allow remote attackers to bypass the cross-domain security model and execute arbitrary code, aka "Improper Cross Domain Security Validation with ShowHelp functionality." cpe:/a:washington_university:wu-ftpd:2.6.2 CVE-2003-1329 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:39.120-04:00 7.8 NETWORK LOW NONE NONE NONE COMPLETE http://nvd.nist.gov 2007-05-23T17:00:00.000-04:00 CONFIRM ftp://ftp.wu-ftpd.org/pub/wu-ftpd/patches/apply_to_2.6.2/connect-dos.patch ftpd.c in wu-ftpd 2.6.2, when running on "operating systems that only allow one non-connected socket bound to the same local address," does not close failed connections, which allows remote attackers to cause a denial of service. cpe:/a:clearswift_limited:mailsweeper:4.3.6_sp1::smtp CVE-2003-1330 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:05.497-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov BID 7226 XF mailsweeper-onstrip-bypass-filter(11745) Clearswift MAILsweeper for SMTP 4.3.6 SP1 does not execute custom "on strip unsuccessful" hooks, which allows remote attackers to bypass e-mail attachment filtering policies via an attachment that MAILsweeper can detect but not remove. cpe:/a:oracle:mysql:4.0.9:gamma CVE-2003-1331 2003-12-31T00:00:00.000-05:00 2019-10-07T12:42:03.510-04:00 4.0 NETWORK HIGH NONE NONE PARTIAL PARTIAL http://nvd.nist.gov FULLDISC 20030612 libmysqlclient 4.x and below mysql_real_connect() buffer overflow. CONFIRM http://bugs.mysql.com/bug.php?id=564 BID 7887 XF mysql-mysqlrealconnect-bo(12337) Stack-based buffer overflow in the mysql_real_connect function in the MySql client library (libmysqlclient) 4.0.13 and earlier allows local users to execute arbitrary code via a long socket name, a different vulnerability than CVE-2001-1453. cpe:/a:samba:samba:2.2.7a CVE-2003-1332 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:05.607-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov REDHAT RHSA-2003:096 MISC http://www.securiteam.com/exploits/5TP0M2AAKS.html XF samba-reply-nttrans-bo(12749) Stack-based buffer overflow in the reply_nttrans function in Samba 2.2.7a and earlier allows remote attackers to execute arbitrary code via a crafted request, a different vulnerability than CVE-2003-0201. cpe:/a:intersystems:cache_database:4.0.3 cpe:/a:intersystems:cache_database:4.0.4 cpe:/a:intersystems:cache_database:4.1.15 cpe:/a:intersystems:cache_database:4.1.16 cpe:/a:intersystems:cache_database:5 cpe:/a:intersystems:cache_database:5.0.3 cpe:/a:intersystems:cache_database:5.0.5 cpe:/a:intersystems:cache_database:5.0.12 cpe:/a:intersystems:cache_database:5.0.17 cpe:/a:intersystems:cache_database:5.0.19 cpe:/a:intersystems:cache_database:5.0.21 CVE-2003-1333 2003-12-31T00:00:00.000-05:00 2010-06-23T00:00:00.000-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2007-08-21T14:53:00.000-04:00 ALLOWS_ADMIN_ACCESS CONFIRM http://groups.google.com/group/intersystems-public-cache/browse_thread/thread/8bdc0e496226edd1/60e9179edb4a4d43 Unspecified vulnerability in the Cache' Server Page (CSP) implementation in InterSystems Cache' 4.0.3 through 5.0.5 allows remote attackers to "gain complete control" of a server. cpe:/a:kai_blankenhorn_bitfolge:simple_and_nice_index_file:1.2.6 CVE-2003-1334 2003-12-31T00:00:00.000-05:00 2010-06-23T00:00:00.000-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2007-08-23T11:00:00.000-04:00 CONFIRM http://www.bitfolge.de/snif-en.html Cross-site scripting (XSS) vulnerability in Kai Blankenhorn Bitfolge simple and nice index file (aka snif) before 1.2.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. cpe:/a:kai_blankenhorn_bitfolge:simple_and_nice_index_file:1.2.4 CVE-2003-1335 2003-12-31T00:00:00.000-05:00 2010-06-23T00:00:00.000-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2007-08-23T11:04:00.000-04:00 CONFIRM http://www.bitfolge.de/snif-en.html Directory traversal vulnerability in Kai Blankenhorn Bitfolge simple and nice index file (aka snif) before 1.2.5 allows remote attackers to download files from locations above the snif directory. cpe:/a:mirc:mirc:6.1 CVE-2003-1336 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:05.670-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov NTBUGTRAQ 20031015 mIRC Buffer Overflow in irc protocol handler MISC http://www.securiteam.com/windowsntfocus/6M00B0U8KE.html BID 8819 XF mirc-ircprotocol-execute-code(13405) Buffer overflow in mIRC before 6.11 allows remote attackers to execute arbitrary code via a long irc:// URL. cpe:/a:aprelium_technologies:abyss_web_server:1.1.2 CVE-2003-1337 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:05.717-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS BUGTRAQ 20030629 Aprelium Abyss webserver X1 arbitrary code execution and header injection BID 8062 XF abyss-http-get-bo(12466) Heap-based buffer overflow in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. cpe:/a:aprelium_technologies:abyss_web_server:1.1.2 CVE-2003-1338 2003-12-31T00:00:00.000-05:00 2010-06-23T00:00:00.000-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2007-09-24T17:06:00.000-04:00 BUGTRAQ 20030629 Aprelium Abyss webserver X1 arbitrary code execution and header injection CRLF injection vulnerability in Aprelium Abyss Web Server 1.1.2 and earlier allows remote attackers to inject arbitrary HTTP headers and possibly conduct HTTP Response Splitting attacks via CRLF sequences in the Location header. cpe:/a:ezmeeting:ezmeeting:3.3 cpe:/a:ezmeeting:ezmeeting:3.4 cpe:/a:ezmeeting:ezmeeting:3.5 CVE-2003-1339 2003-12-31T00:00:00.000-05:00 2017-10-10T21:29:19.183-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov BUGTRAQ 20031207 eZ Multiple Packages Stack Overflow Vulnerability BUGTRAQ 20031211 eZ and eZphotoshare fixes SECTRACK 1008412 MISC http://www.governmentsecurity.org/archive/t5390.html EXPLOIT-DB 133 Stack-based buffer overflow in eZnet.exe, as used in eZ (a) eZphotoshare, (b) eZmeeting, (c) eZnetwork, and (d) eZshare allows remote attackers to cause a denial of service (crash) or execute arbitrary code, as demonstrated via (1) a long GET request and (2) a long operation or autologin parameter to SwEzModule.dll. cpe:/a:phpnuke:php-nuke:5.6 cpe:/a:phpnuke:php-nuke:6.5 CVE-2003-1340 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:48.983-04:00 6.5 NETWORK LOW SINGLE_INSTANCE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov SREASON 3185 BUGTRAQ 20030530 Php-Nuke:users and admins password hashes vulnerability BUGTRAQ 20070927 Re: [waraxe-2007-SA#056] - Another Sql Injection in NukeSentinel 2.5.11 Multiple SQL injection vulnerabilities in Francisco Burzi PHP-Nuke 5.6 and 6.5 allow remote authenticated users to execute arbitrary SQL commands via (1) a uid (user) cookie to modules.php; and allow remote attackers to execute arbitrary SQL commands via an aid (admin) cookie to the Web_Links module in a (2) viewlink, (3) MostPopular, or (4) NewLinksDate action, different vectors than CVE-2003-0279. cpe:/a:trend_micro:officescan:3.0::corporate cpe:/a:trend_micro:officescan:3.0::corporate_for_windows_nt_server cpe:/a:trend_micro:officescan:3.1.1::corporate_for_windows_nt_server cpe:/a:trend_micro:officescan:3.5::corporate cpe:/a:trend_micro:officescan:3.5::corporate_for_windows_nt_server cpe:/a:trend_micro:officescan:3.11::corporate cpe:/a:trend_micro:officescan:3.11::corporate_for_windows_nt_server cpe:/a:trend_micro:officescan:3.13::corporate cpe:/a:trend_micro:officescan:3.13::corporate_for_windows_nt_server cpe:/a:trend_micro:officescan:3.54::corporate cpe:/a:trend_micro:virus_buster:3.52::corporate cpe:/a:trend_micro:virus_buster:3.53::corporate cpe:/a:trend_micro:virus_buster:3.54::corporate CVE-2003-1341 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:05.950-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS VULNWATCH 20030114 Assorted Trend Vulns Rev 2.0 CONFIRM http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=13353 BID 6616 XF officescan-cgichkmasterpwd-auth-bypass(11059) The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe. cpe:/a:trend_micro:virus_control_system:1.8 CVE-2003-1342 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:06.263-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov VULNWATCH 20030114 Assorted Trend Vulns Rev 2.0 VULNWATCH 20030114 RE: [VulnWatch] Assorted Trend Vulns Rev 2.0 BID 6617 XF trend-vcs-activesupport-dos(11060) Trend Micro Virus Control System (TVCS) 1.8 running with IIS allows remote attackers to cause a denial of service (memory consumption) in IIS via multiple URL requests for ActiveSupport.exe. cpe:/a:trend_micro:scanmail:3.8::microsoft_exchange cpe:/a:trend_micro:scanmail:6.0::microsoft_exchange CVE-2003-1343 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:06.357-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov VULNWATCH 20030114 RE: [VulnWatch] Assorted Trend Vulns Rev 2.0 CONFIRM http://kb.trendmicro.com/solutions/solutionDetail.asp?solutionId=13352 BID 6619 XF scanmail-smgsmxcfg30-password-bypass(11061) Trend Micro ScanMail for Exchange (SMEX) before 3.81 and before 6.1 might install a back door account in smg_Smxcfg30.exe, which allows remote attackers to gain access to the web management interface via the vcc parameter, possibly "3560121183d3". cpe:/a:trend_micro:virus_control_system CVE-2003-1344 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:06.560-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov VULNWATCH 20030114 RE: [VulnWatch] Assorted Trend Vulns Rev 2.0 BID 6618 XF trend-vcs-weak-encryption(11063) Trend Micro Virus Control System (TVCS) Log Collector allows remote attackers to obtain usernames, encrypted passwords, and other sensitive information via a URL request for getservers.exe with the action parameter set to "selects1", which returns log files. cpe:/a:follett_software:webcollection_plus:5.00 CVE-2003-1345 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:06.623-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030114 Vulnerability in WebCollection Plus (TM) BID 6574 XF webcollection-plus-directory-traversal(11064) Directory traversal vulnerability in s.dll in WebCollection Plus 5.00 allows remote attackers to view arbitrary files in c:\ via a full pathname in the d parameter. cpe:/h:d-link:dwl-900ap%2b:2.2 cpe:/h:d-link:dwl-900ap%2b:2.3 cpe:/h:d-link:dwl-900ap%2b:2.5 CVE-2003-1346 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:06.670-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030114 D-Link DWL-900AP+ Security Hole BUGTRAQ 20030116 Re: D-Link DWL-900AP+ Security Hole BID 6609 SECTRACK 1005926 XF dlink-airplus-restore-default(11074) D-Link wireless access point DWL-900AP+ 2.2, 2.3 and possibly 2.5 allows remote attackers to set factory default settings by upgrading the firmware using AirPlus Access Point Manager. cpe:/a:geeklog:geeklog:1.3.7 CVE-2003-1347 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:06.733-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov SREASON 3226 CONFIRM http://www.geeklog.net/filemgmt/visit.php?lid=101 BUGTRAQ 20030114 Multiple XSS in Geeklog 1.3.7 BID 6601 BID 6602 BID 6603 BID 6604 XF geeklog-php-scripts-xss(11075) Multiple cross-site scripting (XSS) vulnerabilities in Geeklog 1.3.7 allow remote attackers to inject arbitrary web script or HTML via the (1) cid parameter to comment.php, (2) uid parameter to profiles.php, (3) uid to users.php, and (4) homepage field. cpe:/a:ftls:guestbook:1.1 CVE-2003-1348 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:06.780-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov SREASON 3227 BUGTRAQ 20030125 ftls.org Guestbook 1.1 Script Injection BID 6686 XF guestbook-multiple-field-xss(11155) Cross-site scripting (XSS) vulnerability in guestbook.cgi in ftls.org Guestbook 1.1 allows remote attackers to inject arbitrary web script or HTML via the (1) comment, (2) name, or (3) title field. cpe:/a:thomas_krebs:niteserver_ftpd:1.83 CVE-2003-1349 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:06.827-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov VULNWATCH 20030115 Directory traversal vulnerabilities found in NITE ftp-server version 1.83 BID 6648 SECTRACK 1005923 XF niteserver-dotdot-directory-traversal(11062) Directory traversal vulnerability in NITE ftp-server (NiteServer) 1.83 allows remote attackers to list arbitrary directories via a "\.." (backslash dot dot) in the CD (CWD) command. cpe:/a:list_site_pro:list_site_pro:2.0 CVE-2003-1350 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:06.873-04:00 4.3 NETWORK MEDIUM NONE PARTIAL NONE NONE http://nvd.nist.gov SREASON 3230 BUGTRAQ 20030124 List Site Pro v2 user account Hijacking vulnerablity BID 6685 XF listsitepro-account-hijacking(11156) List Site Pro 2.0 allows remote attackers to hijack user accounts by inserting a "|" (pipe), which is used as a field delimiter, into the bannerurl field. cpe:/a:greg_billock:edittag:1.1 CVE-2003-1351 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:06.937-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov SREASON 3231 BUGTRAQ 20030124 Vulnerability in edittag.pl BID 6675 XF edittag-dotdot-directory-traversal(11159) Directory traversal vulnerability in edittag.cgi in EditTag 1.1 allows remote attackers to read arbitrary files via a "%2F.." (encoded slash dot dot) in the file parameter. cpe:/a:gabber:gabber:0.8.7 CVE-2003-1352 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:06.983-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030115 Gabber 0.8.7 leaks presence information without user authorization BID 6624 XF gabber-information-leak(11115) Gabber 0.8.7 sends an email to a specific address during user login and logout, which allows remote attackers to obtain user session activity and Gabber version number by sniffing. cpe:/a:lanifex:outreach_project_tool:0.946b CVE-2003-1353 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:07.060-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030116 Outreach Project Tool BID 6631 XF opt-news-post-xss(11096) Multiple cross-site scripting (XSS) vulnerabilities in Outreach Project Tool (OPT) 0.946b allow remote attackers to inject arbitrary web script or HTML, as demonstrated using the news field. cpe:/a:gamespy3d:gamespy_3d:2.62 CVE-2003-1354 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:07.107-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030122 PivX Multi-Vendor Game Server dDoS Advisory MISC http://www.pivx.com/kristovich/adv/mk001/ MISC http://www.securiteam.com/securitynews/5EP0O0K8UO.html BID 6636 XF battlefield-udp-query-dos(11084) Multiple GameSpy 3D 2.62 compatible gaming servers generate very large UDP responses to small requests, which allows remote attackers to use the servers as an amplifier in DDoS attacks with spoofed UDP query packets, as demonstrated using Battlefield 1942. cpe:/a:electronic_arts:battlefield_1942:1.2 cpe:/a:electronic_arts:battlefield_1942:1.3 CVE-2003-1355 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:07.170-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030226 [VSA0307] Battlefield 1942 remote DoS BID 6967 XF battlefield-remoteconsole-username-dos(11426) Buffer overflow in the remote console (rcon) in Battlefield 1942 1.2 and 1.3 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long user name and password. cpe:/o:hp:hp-ux:10.01 cpe:/o:hp:hp-ux:10.10 cpe:/o:hp:hp-ux:10.20 cpe:/o:hp:hp-ux:11.00 cpe:/o:hp:hp-ux:11.04 cpe:/o:hp:hp-ux:11.11 CVE-2003-1356 2003-12-31T00:00:00.000-05:00 2017-10-10T21:29:19.263-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS HP SSRT3454 BID 6640 XF hpux-sort-file-handling(11107) The "file handling" in sort in HP-UX 10.01 through 10.20, and 11.00 through 11.11 is "incorrect," which allows attackers to gain access or cause a denial of service via unknown vectors. cpe:/a:replicom:proxyview CVE-2003-1357 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:07.327-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SREASON 3228 BUGTRAQ 20030128 ProxyView default undocumented password BID 6708 XF proxyview-administrator-default-password(11185) ProxyView has a default administrator password of Administrator for Embedded Windows NT, which allows remote attackers to gain access. cpe:/o:hp:hp-ux:10.00 cpe:/o:hp:hp-ux:10.01 cpe:/o:hp:hp-ux:10.08 cpe:/o:hp:hp-ux:10.09 cpe:/o:hp:hp-ux:10.10 cpe:/o:hp:hp-ux:10.16 cpe:/o:hp:hp-ux:10.20 cpe:/o:hp:hp-ux:10.24 cpe:/o:hp:hp-ux:10.26 cpe:/o:hp:hp-ux:10.30 cpe:/o:hp:hp-ux:10.34 cpe:/o:hp:hp-ux:11.00 cpe:/o:hp:hp-ux:11.0.4 cpe:/o:hp:hp-ux:11.04 cpe:/o:hp:hp-ux:11.11 cpe:/o:hp:hp-ux:11.20 cpe:/o:hp:hp-ux:11.22 CVE-2003-1358 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:07.373-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SREASON 3236 HP HPSBUX0302-240 BUGTRAQ 20030710 [LSD] HP-UX security vulnerabilities BID 6837 XF hp-rsf3000-daemon-access(11312) rs.F300 for HP-UX 10.0 through 11.22 uses the PATH environment variable to find and execute programs such as rm while operating at raised privileges, which allows local users to gain privileges by modifying the path to point to a malicious rm program. cpe:/a:avaya:predictive_dialer_system:9.0 cpe:/a:avaya:predictive_dialer_system:11 cpe:/a:avaya:predictive_dialer_system:12 cpe:/o:hp:hp-ux:10.00 cpe:/o:hp:hp-ux:10.01 cpe:/o:hp:hp-ux:10.08 cpe:/o:hp:hp-ux:10.09 cpe:/o:hp:hp-ux:10.10 cpe:/o:hp:hp-ux:10.16 cpe:/o:hp:hp-ux:10.20 cpe:/o:hp:hp-ux:10.24 cpe:/o:hp:hp-ux:10.26 cpe:/o:hp:hp-ux:10.30 cpe:/o:hp:hp-ux:10.34 cpe:/o:hp:hp-ux:11.00 cpe:/o:hp:hp-ux:11.0.4 cpe:/o:hp:hp-ux:11.04 cpe:/o:hp:hp-ux:11.11 cpe:/o:hp:hp-ux:11.20 cpe:/o:hp:hp-ux:11.22 CVE-2003-1359 2003-12-31T00:00:00.000-05:00 2017-10-10T21:29:19.323-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SREASON 3236 HP HPSBUX0302-241 BUGTRAQ 20030610 [LSD] HP-UX security vulnerabilities BID 6836 XF hp-stmkfont-bo(11313) Buffer overflow in stmkfont utility of HP-UX 10.0 through 11.22 allows local users to gain privileges via a long command line argument. cpe:/o:hp:hp-ux:10.00 cpe:/o:hp:hp-ux:10.01 cpe:/o:hp:hp-ux:10.08 cpe:/o:hp:hp-ux:10.09 cpe:/o:hp:hp-ux:10.10 cpe:/o:hp:hp-ux:10.16 cpe:/o:hp:hp-ux:10.20 cpe:/o:hp:hp-ux:10.24 cpe:/o:hp:hp-ux:10.26 cpe:/o:hp:hp-ux:10.30 cpe:/o:hp:hp-ux:10.34 CVE-2003-1360 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:07.483-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SREASON 3236 HP HPSBUX0302-243 BUGTRAQ 20030610 [LSD] HP-UX security vulnerabilities BID 6834 XF hp-landiag-lanadmin-bo(11314) Buffer overflow in the setupterm function of (1) lanadmin and (2) landiag programs of HP-UX 10.0 through 10.34 allows local users to execute arbitrary code via a long TERM environment variable. cpe:/a:veritas:bare_metal_restore CVE-2003-1361 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:07.547-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030225 VERITAS Software Technical Advisory (fwd) CONFIRM http://seer.support.veritas.com/docs/252933.htm CONFIRM http://seer.support.veritas.com/docs/254442.htm BID 6928 XF veritas-bmr-root-access(11418) Unknown vulnerability in VERITAS Bare Metal Restore (BMR) of Tivoli Storage Manager (TSM) 3.1.0 through 3.2.1 allows remote attackers to gain root privileges on the BMR Main Server. cpe:/a:hp:bastille:b.02.00.05::hp-ux CVE-2003-1362 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:07.593-04:00 7.8 NETWORK LOW NONE COMPLETE NONE NONE http://nvd.nist.gov HP HPSBUX0302-245 BID 6878 XF hp-bastille-info-disclosure(11366) Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly configure the (1) NOVRFY and (2) NOEXPN options in the sendmail.cf file, which could allow remote attackers to verify the existence of system users and expand defined sendmail aliases. cpe:/a:aprelium_technologies:abyss_web_server:1.1.2 CVE-2003-1363 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:44.477-04:00 6.4 NETWORK LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov 2007-11-29T12:11:00.000-05:00 BUGTRAQ 20030212 Abyss WebServer Brute Force Vulnerability XF abyss-web-admin-bruteforce(11310) BID 6842 The remote web management interface of Aprelium Technologies Abyss Web Server 1.1.2 and earlier does not log connection attempts to the web management port (9999), which allows remote attackers to mount brute force attacks on the administration console without detection. cpe:/a:aprelium_technologies:abyss_web_server:1.1.2 CVE-2003-1364 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:07.657-04:00 8.5 NETWORK LOW NONE NONE PARTIAL COMPLETE http://nvd.nist.gov BUGTRAQ 20030405 Abyss X1 1.1.2 remote crash BID 7287 XF abyss-http-get-dos(11718) Aprelium Technologies Abyss Web Server 1.1.2, and possibly other versions before 1.1.4, allows remote attackers to cause a denial of service (crash) via an HTTP GET message with empty (1) Connection or (2) Range fields. cpe:/a:perl:cgi_lite:2.0 CVE-2003-1365 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:07.700-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov VULNWATCH 20030211 Security bug in CGI::Lite::escape_dangerous_chars() function CONFIRM http://search.cpan.org/~smylers/CGI-Lite-2.02/Lite.pm SREASON 3237 MISC http://use.perl.org/~cbrooks/journal/10542 BUGTRAQ 20030211 Security bug in CGI::Lite::escape_dangerous_chars() function BID 6833 XF cgilite-shell-command-execution(11308) The escape_dangerous_chars function in CGI::Lite 2.0 and earlier does not correctly remove special characters including (1) "\" (backslash), (2) "?", (3) "~" (tilde), (4) "^" (carat), (5) newline, or (6) carriage return, which could allow remote attackers to read or write arbitrary files, or execute arbitrary commands, in shell scripts that rely on CGI::Lite to filter such dangerous inputs. cpe:/o:openbsd:openbsd:2.0 cpe:/o:openbsd:openbsd:2.1 cpe:/o:openbsd:openbsd:2.2 cpe:/o:openbsd:openbsd:2.3 cpe:/o:openbsd:openbsd:2.4 cpe:/o:openbsd:openbsd:2.5 cpe:/o:openbsd:openbsd:2.6 cpe:/o:openbsd:openbsd:2.7 cpe:/o:openbsd:openbsd:2.8 cpe:/o:openbsd:openbsd:2.9 cpe:/o:openbsd:openbsd:3.0 cpe:/o:openbsd:openbsd:3.1 cpe:/o:openbsd:openbsd:3.2 CVE-2003-1366 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:07.763-04:00 3.3 LOCAL MEDIUM NONE PARTIAL PARTIAL NONE http://nvd.nist.gov SREASON 3238 BUGTRAQ 20030203 ASA-0001: OpenBSD chpass/chfn/chsh file content leak BID 6748 SECTRACK 1006035 XF openbsd-chpass-information-disclosure(11233) chpass in OpenBSD 2.0 through 3.2 allows local users to read portions of arbitrary files via a hard link attack on a temporary file used to store user database information. cpe:/a:great_circle_associates:majordomo:1.94.4 cpe:/a:great_circle_associates:majordomo:1.94.5 cpe:/a:great_circle_associates:majordomo:2.0 CVE-2003-1367 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:07.827-04:00 7.8 NETWORK LOW NONE COMPLETE NONE NONE http://nvd.nist.gov SREASON 3235 BUGTRAQ 20030204 Majordomo info leakage, all versions BID 6761 XF majordomo-whichaccess-email-disclosure(11243) The which_access variable for Majordomo 2.0 through 1.94.4, and possibly earlier versions, is set to "open" by default, which allows remote attackers to identify the email addresses of members of mailing lists via a "which" command. cpe:/o:electrasoft:ftp_client:9.49.01::32bit CVE-2003-1368 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:07.873-04:00 6.4 NETWORK LOW NONE NONE PARTIAL PARTIAL http://nvd.nist.gov VULNWATCH 20030204 Banner Buffer Overflows found in Multible FTP Clients BID 6764 XF 32bit-ftp-banner-bo(11234) Buffer overflow in the 32bit FTP client 9.49.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner. cpe:/a:save_it_software_pty:bytecatcherftp:1.04b CVE-2003-1369 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:07.937-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov VULNWATCH 20030204 Banner Buffer Overflows found in Multible FTP Clients BID 6762 XF bytecatcher-ftp-banner-bo(11235) Buffer overflow in ByteCatcher FTP client 1.04b allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner. cpe:/a:nuked-klan:nuked-klan:1.2_beta CVE-2003-1370 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:07.983-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030127 [SCSA-003] Multiple Cross Site Scripting & Script Injection Vulnerabilities in Nuked-Klan BID 6697 BID 6699 BID 6700 XF nuked-klan-index-xss(11176) Multiple cross-site scripting (XSS) vulnerabilities in Nuked-Klan 1.2b allow remote attackers to inject arbitrary HTML or web script via (1) the Author field in the Guestbook module, (2) the Titre or Pseudo fields in the Forum module, or (3) "La Tribune Libre" in the Shoutbox module. cpe:/a:nuked-klan:nuked-klan:1.3_beta CVE-2003-1371 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:08.030-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030221 [SCSA-006] XSS & Function Execution Vulnerabilities in Nuked-Klan BID 6917 XF nukedklan-information-disclosure(11424) Nuked-Klan 1.3b, and possibly earlier versions, allows remote attackers to obtain sensitive server information via an op parameter set to phpinfo for the (1) Team, (2) News, or (3) Liens modules. cpe:/a:myphpnuke:myphpnuke:1.8.8 CVE-2003-1372 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:08.093-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030219 myphpnuke xss BID 6892 XF phpbb-index-sql-injection(11376) Cross-site scripting (XSS) vulnerability in links.php script in myPHPNuke 1.8.8, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the (1) ratenum or (2) query parameters. cpe:/a:phpbb_group:phpbb:1.4.0 cpe:/a:phpbb_group:phpbb:1.4.1 cpe:/a:phpbb_group:phpbb:1.4.2 cpe:/a:phpbb_group:phpbb:1.4.4 CVE-2003-1373 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:08.140-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030220 phpBB Security Bugs BID 6889 XF phpbb-auth-read-files(11407) Directory traversal vulnerability in auth.php for PhpBB 1.4.0 through 1.4.4 allows remote attackers to read and include arbitrary files via .. (dot dot) sequences followed by NULL (%00) characters in CGI parameters, as demonstrated using the lang parameter in prefs.php. cpe:/o:hp:hp-ux:11 CVE-2003-1374 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:08.187-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030213 HPUX disable buffer overflow vulnerability BID 6845 XF hp-lp-disable-bo(11316) Buffer overflow in disable of HP-UX 11.0 may allow local users to execute arbitrary code via a long argument to the (1) -r or (2)-c options. cpe:/o:hp:hp-ux:10.20 cpe:/o:hp:hp-ux:11.00 cpe:/o:hp:hp-ux:11.04 cpe:/o:hp:hp-ux:11.11 CVE-2003-1375 2003-12-31T00:00:00.000-05:00 2017-10-10T21:29:19.387-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov SREASON 3264 HP HPSBUX0305-258 BUGTRAQ 20030207 HPUX Wall Buffer Overflow BID 6800 XF hp-wall-bo(11272) Buffer overflow in wall for HP-UX 10.20 through 11.11 may allow local users to execute arbitrary code by calling wall with a large file as an argument. cpe:/a:winzip:winzip:8.0 CVE-2003-1376 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:08.297-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov SREASON 3265 BUGTRAQ 20030208 Yet another plaintext attack to ZIP encryption scheme. BID 6805 XF winzip-pkzip-weak-encryption(11296) WinZip 8.0 uses weak random number generation for password protected ZIP files, which allows local users to brute force the encryption keys and extract the data from the zip file by guessing the state of the stream coder. cpe:/a:sircd:sircd:0.4.0 cpe:/a:sircd:sircd:0.4.4 CVE-2003-1377 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:08.373-04:00 8.3 NETWORK MEDIUM NONE PARTIAL PARTIAL COMPLETE http://nvd.nist.gov BUGTRAQ 20030223 sircd proof-of-concept / advisory BID 6924 XF sircd-reverse-dns-bo(11409) Buffer overflow in the reverse DNS lookup of Smart IRC Daemon (SIRCD) 0.4.0 and 0.4.4 allows remote attackers to execute arbitrary code via a client with a long hostname. cpe:/a:microsoft:outlook:2000 cpe:/a:microsoft:outlook:2000:sp2 cpe:/a:microsoft:outlook:2000:sr1 cpe:/a:microsoft:outlook_express:6.0 CVE-2003-1378 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:08.420-04:00 8.8 NETWORK MEDIUM NONE COMPLETE COMPLETE NONE http://nvd.nist.gov BUGTRAQ 20030223 O UT LO OK E XPRE SS 6 .00 : broken BUGTRAQ 20030224 Re: O UT LO OK E XPRE SS 6 .00 : broken BID 6923 XF outlook-codebase-execute-programs(11411) Microsoft Outlook Express 6.0 and Outlook 2000, with the security zone set to Internet Zone, allows remote attackers to execute arbitrary programs via an HTML email with the CODEBASE parameter set to the program, a vulnerability similar to CAN-2002-0077. cpe:/h:point_clark_networks:clarkconnect:1.2::linux CVE-2003-1379 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:08.483-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030225 clarkconnect(d) information disclosure BID 6934 XF clarkconnect-clarkconnectd-info-disclosure(11419) clarkconnectd in ClarkConnect Linux 1.2 allows remote attackers to obtain sensitive information about the server via the characters (1) A, which reveals the date and time, (2) F, (3) M, which reveals 'ifconfig' information, (4) P, which lists the processes, (5) Y, which reveals the snort log files, or (6) b, which reveals /var/log/messages. cpe:/h:bisonftp:bisonftp_server_4:r2 CVE-2003-1380 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:08.530-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030217 [immune advisory] Mulitple vulnerabilities found in BisonFTP BID 6873 XF bisonftp-ls-view-files(11347) Directory traversal vulnerability in BisonFTP Server 4 release 2 allows remote attackers to (1) list directories above the root via an 'ls @../' command, or (2) list files above the root via a "mget @../FILE" command. cpe:/a:amxmod.net:amx_mod:0.9.2 CVE-2003-1381 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:08.623-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov SREASON 3258 BUGTRAQ 20030226 [VSA0308] Half-Life AMX-Mod remote (root) hole BID 6968 XF amx-amxsay-format-string(11427) Format string vulnerability in AMX 0.9.2 and earlier, a plugin for Valve Software's Half-Life Server, allows remote attackers to execute arbitrary commands via format string specifiers in the amx_say command. cpe:/a:instantservers_inc.:ismail:1.4.3 CVE-2003-1382 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:08.687-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov SREASON 3254 BUGTRAQ 20030227 ISMAIL (All Versions) Remote Buffer Overrun BID 6972 XF ismail-smtp-domain-bo(11432) Buffer overflow in ISMail 1.4.3 and earlier allow remote attackers to execute arbitrary code via long domain names in (1) MAIL FROM or (2) RCPT TO fields. cpe:/a:logicworks:web_erp:0.1.4 CVE-2003-1383 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:08.733-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov SREASON 3257 BUGTRAQ 20030301 web-erp 0.1.4 database access vulnerability BID 6996 XF weberp-logicworks-ini-access(11443) WEB-ERP 0.1.4 and earlier allows remote attackers to obtain sensitive information via an HTTP request for the logicworks.ini file, which contains the MySQL database username and password. cpe:/a:py_software:py-livredor:1.0 CVE-2003-1384 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:08.780-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov VULNWATCH 20030302 [SCSA-008] Cross Site Scripting & Script Injection Vulnerability in PY-Livredor BUGTRAQ 20030302 [SCSA-008] Cross Site Scripting & Script Injection Vulnerability in PY-Livredor FULLDISC 20030302 [SCSA-008] Cross Site Scripting & Script Injection Vulnerability in PY-Livredor BID 6997 XF pylivredor-guestbook-xss(11448) Cross-site scripting (XSS) vulnerability in index.php in PY-Livredor 1.0 allows remote attackers to insert arbitrary web script or HTML via the (1) titre, (2) Votre pseudo, (3) Votre e-mail, or (4) Votre message fields. cpe:/a:invision_power_services:invision_power_board:1.1.1 CVE-2003-1385 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:08.827-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS VULNWATCH 20030227 Invision Power Board (PHP) BID 6976 XF invision-ipchat-file-include(11435) ipchat.php in Invision Power Board 1.1.1 allows remote attackers to execute arbitrary PHP code, if register_globals is enabled, by modifying the root_path parameter to reference a URL on a remote web server that contains the code. cpe:/h:axis:2400_video_server:2.0 cpe:/h:axis:2400_video_server:2.20 cpe:/h:axis:2400_video_server:2.31 cpe:/h:axis:2400_video_server:2.32 cpe:/h:axis:2400_video_server:2.33 cpe:/h:axis:2401_video_server:2.20 cpe:/h:axis:2401_video_server:2.31 cpe:/h:axis:2401_video_server:2.32 cpe:/h:axis:2401_video_server:2.33 CVE-2003-1386 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:08.873-04:00 6.4 NETWORK LOW NONE PARTIAL NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030228 axis2400 webcams BUGTRAQ 20030325 Axis Video and Camera Servers - System log access and file access/overwrite via HTTP/CGI BID 6980 MISC http://www.websec.org/adv/axis2400.txt.html XF axis-messages-unauth-access(11440) AXIS 2400 Video Server 2.00 through 2.33 allows remote attackers to obtain sensitive information via an HTTP request to /support/messages, which displays the server's /var/log/messages file. cpe:/a:opera_software:opera_web_browser:6.0.5::win32 cpe:/a:opera_software:opera_web_browser:6.0.6::win32 cpe:/a:opera_software:opera_web_browser:7.0_beta1::win32 cpe:/a:opera_software:opera_web_browser:7.0_beta2::win32 CVE-2003-1387 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:08.937-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov SREASON 3253 BUGTRAQ 20030209 Opera Username Buffer Overflow Vulnerability BUGTRAQ 20030320 Opara 6.06 Released, Security-Hole Left BID 6811 XF opera-username-url-bo(11281) Buffer overflow in Opera 6.05 and 6.06, and possibly other versions, allows remote attackers to execute arbitrary code via a URL with a long username. cpe:/a:opera_software:opera:7.02_build_2668 CVE-2003-1388 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:08.997-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov BUGTRAQ 20030407 Unchecked Buffer in Opera 7.02 XF opera-long-url-bo(11740) Buffer overflow in Opera 7.02 Build 2668 allows remote attackers to crash Opera via a long HTTP request ending in a .ZIP extension. cpe:/a:research_triangle_software:cryptobuddy:1.0 cpe:/a:research_triangle_software:cryptobuddy:1.2 CVE-2003-1389 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:09.047-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030210 RTS CryptoBuddy Multiple Encryption Implementation Vulnerabilities BID 6815 XF cryptobuddy-truncate-weak-security(11294) RTS CryptoBuddy 1.2 and earlier truncates long passphrases without warning the user, which may make it easier to conduct certain brute force guessing attacks. cpe:/a:research_triangle_software:cryptobuddy:1.0 cpe:/a:research_triangle_software:cryptobuddy:1.2 CVE-2003-1390 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:09.093-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030210 RTS CryptoBuddy Multiple Encryption Implementation Vulnerabilities XF cryptobuddy-plaintext-password-bytes(11297) RTS CryptoBuddy 1.2 and earlier stores bytes 53 through 55 of a 55-byte passphrase in plaintext, which makes it easier for local users to guess the passphrase. cpe:/a:research_triangle_software:cryptobuddy:1.0 cpe:/a:research_triangle_software:cryptobuddy:1.2 CVE-2003-1391 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:09.157-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030210 RTS CryptoBuddy Multiple Encryption Implementation Vulnerabilities BID 6810 XF cryptobuddy-password-dictionary(11298) RTS CryptoBuddy 1.0 and 1.2 uses a weak encryption algorithm for the passphrase and generates predictable keys, which makes it easier for attackers to guess the passphrase. cpe:/a:research_triangle_software:cryptobuddy:1.0 cpe:/a:research_triangle_software:cryptobuddy:1.2 cpe:/o:microsoft:all_windows CVE-2003-1392 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:09.200-04:00 6.6 LOCAL LOW NONE COMPLETE COMPLETE NONE http://nvd.nist.gov BUGTRAQ 20030210 RTS CryptoBuddy Multiple Encryption Implementation Vulnerabilities BID 6812 XF cryptobuddy-password-information-disclosure(11317) CryptoBuddy 1.0 and 1.2 does not use the user-supplied passphrase to encrypt data, which could allow local users to use their own passphrase to decrypt the data. cpe:/a:gupta_technologies:sqlbase:8.1.0 CVE-2003-1393 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:09.263-04:00 8.5 NETWORK MEDIUM SINGLE_INSTANCE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov SREASON 3256 BUGTRAQ 20030210 Buffer OverFlow in SQLBase 8.1.0 - NII Advisory BUGTRAQ 20030308 NII Advisory - Buffer Overflow in SQLBase (Revised) BID 6808 XF sqlbase-execute-long-bo(11269) Buffer overflow in Gupta SQLBase 8.1.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long EXECUTE command. cpe:/a:coffeecup_software:coffeecup_password_wizard:4.0 CVE-2003-1394 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:09.407-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov SREASON 3259 BUGTRAQ 20030228 Easy obtaining User+Pass+More on CoffeeCup Password Wizard All Versions BID 6995 XF coffeecup-password-file-retrieval(11447) CoffeeCup Software Password Wizard 4.0 stores sensitive information such as usernames and passwords in a .apw file under the web document root with insufficient access control, which allows remote attackers to obtain that information via a direct request for the file. cpe:/a:kazaa:kazaa_media_desktop:2.0 cpe:/a:kazaa:kazaa_media_desktop:2.0.2 CVE-2003-1395 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:09.453-04:00 9.0 NETWORK LOW NONE PARTIAL PARTIAL COMPLETE http://nvd.nist.gov SREASON 3252 BUGTRAQ 20030202 Denial of service against Kazaa Media Desktop v2 BID 6747 XF kazaa-automated-ad-bo(11228) Buffer overflow in KaZaA Media Desktop 2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a response to the ad server. cpe:/a:opera_software:opera_web_browser:6.0::win32 cpe:/a:opera_software:opera_web_browser:6.0.1::win32 cpe:/a:opera_software:opera_web_browser:6.0.2::win32 cpe:/a:opera_software:opera_web_browser:6.0.3::win32 cpe:/a:opera_software:opera_web_browser:6.0.4::win32 cpe:/a:opera_software:opera_web_browser:6.0.5::win32 cpe:/a:opera_software:opera_web_browser:7.0::win32 cpe:/a:opera_software:opera_web_browser:7.0.1::win32 cpe:/a:opera_software:opera_web_browser:7.0.2::win32 cpe:/a:opera_software:opera_web_browser:7.0.3::win32 cpe:/a:opera_software:opera_web_browser:7.10 CVE-2003-1396 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:09.513-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030427 [Opera 7/6] Long File Extension Heap Buffer Overrun Vulnerability in Download. BID 7450 XF opera-file-extension-bo(11894) Heap-based buffer overflow in Opera 6.05 through 7.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a filename with a long extension. cpe:/a:opera_software:opera_web_browser:6.0.5::win32 cpe:/a:opera_software:opera_web_browser:7.0::win32 cpe:/a:opera_software:opera_web_browser:7.0.1::win32 cpe:/a:opera_software:opera_web_browser:7.0_beta1::win32 cpe:/a:opera_software:opera_web_browser:7.0_beta2::win32 CVE-2003-1397 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:09.560-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov SREASON 3255 BUGTRAQ 20030210 Java-Applet crashes Opera 6.05 and 7.01 BID 6814 XF opera-plugincontextshowdocument-bo(11280) The PluginContext object of Opera 6.05 and 7.0 allows remote attackers to cause a denial of service (crash) via an HTTP request containing a long string that gets passed to the ShowDocument method. cpe:/o:cisco:ios:12.0 cpe:/o:cisco:ios:12.0s cpe:/o:cisco:ios:12.0st cpe:/o:cisco:ios:12.0t cpe:/o:cisco:ios:12.1 cpe:/o:cisco:ios:12.1e cpe:/o:cisco:ios:12.1t cpe:/o:cisco:ios:12.2 cpe:/o:cisco:ios:12.2e cpe:/o:cisco:ios:12.2f cpe:/o:cisco:ios:12.2s cpe:/o:cisco:ios:12.2t CVE-2003-1398 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:09.623-04:00 9.3 NETWORK MEDIUM NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov BUGTRAQ 20030211 Field Notice - IOS Accepts ICMP Redirects in Non-default Configuration Settings SECTRACK 1006075 BID 6823 XF cisco-ios-icmp-redirect(11306) Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts false ICMP redirect messages, which allows remote attackers to cause a denial of service (network routing modification). cpe:/a:eject:eject:2.0.10 cpe:/a:eject:eject:2.0.11 cpe:/a:eject:eject:2.0.12 CVE-2003-1399 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:09.687-04:00 1.9 LOCAL MEDIUM NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030222 eject 2.0.10 vulnerability BID 6914 XF linux-eject-information-disclosure(11380) eject 2.0.10, when installed setuid on systems such as SuSE Linux 7.3, generates different error messages depending on whether a specified file exists or not, which allows local users to obtain sensitive information. cpe:/a:francisco_burzi:php-nuke:5.0 cpe:/a:francisco_burzi:php-nuke:5.0.1 cpe:/a:francisco_burzi:php-nuke:5.1 cpe:/a:francisco_burzi:php-nuke:5.2 cpe:/a:francisco_burzi:php-nuke:5.2a cpe:/a:francisco_burzi:php-nuke:5.3.1 cpe:/a:francisco_burzi:php-nuke:5.4 cpe:/a:francisco_burzi:php-nuke:5.5 cpe:/a:francisco_burzi:php-nuke:5.6 cpe:/a:francisco_burzi:php-nuke:6.0 CVE-2003-1400 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:09.747-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030203 PHP-Nuke Avatar Code injection vulnerability BUGTRAQ 20030204 Re: PHP-Nuke Avatar Code injection vulnerability BID 6750 XF phpnuke-avatar-code-execution(11229) Cross-site scripting (XSS) vulnerability in the Your_Account module for PHP-Nuke 5.0 through 6.0 allows remote attackers to inject arbitrary web script or HTML via the user_avatar parameter. cpe:/a:php_board:php_board:1.0 CVE-2003-1401 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:09.810-04:00 5.8 NETWORK MEDIUM NONE PARTIAL PARTIAL NONE http://nvd.nist.gov VULNWATCH 20030215 php-Board (php) BID 6862 XF phpboard-login-plaintext-passwords(11338) login.php in php-Board 1.0 stores plaintext passwords in $username.txt with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information via a direct request. cpe:/a:kietu:kietu:2.0 cpe:/a:kietu:kietu:2.3 CVE-2003-1402 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:09.873-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov VULNWATCH 20030215 Kietu ( PHP ) BID 6863 XF kietu-hit-file-include(11341) PHP remote file inclusion vulnerability in hit.php for Kietu 2.0 and 2.3 allows remote attackers to execute arbitrary PHP code via the url_hit parameter, a different vulnerability than CVE-2006-5015. cpe:/a:dotbr:botbr:0.1 CVE-2003-1403 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:09.937-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov VULNWATCH 20030215 DotBr (PHP) BID 6864 XF dotbr-foo-info-disclosure(11353) foo.php3 in DotBr 0.1 allows remote attackers to obtain sensitive information via a direct request, which calls the phpinfo function. cpe:/a:dotbr:botbr:0.1 CVE-2003-1404 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:09.997-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov VULNWATCH 20030215 DotBr (PHP) BID 6865 XF dotbr-config-info-disclosure(11354) DotBr 0.1 stores config.inc with insufficient access control under the web document root, which allows remote attackers to obtain sensitive information such as SQL usernames and passwords. cpe:/a:dotbr:botbr:0.1 CVE-2003-1405 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:10.047-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov VULNWATCH 20030215 DotBr (PHP) BID 6866 BID 6867 XF dotbr-exec-execute-commands(11355) DotBr 0.1 allows remote attackers to execute arbitrary shell commands via the cmd parameter to (1) exec.php3 or (2) system.php3. cpe:/a:adalis_infomatique:d_forum:1.0 cpe:/a:adalis_infomatique:d_forum:1.10 cpe:/a:adalis_infomatique:d_forum:1.11 CVE-2003-1406 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:10.107-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov VULNWATCH 20030216 D-Forum (PHP) BID 6879 XF dform-header-file-include(11342) PHP remote file inclusion vulnerability in D-Forum 1.00 through 1.11 allows remote attackers to execute arbitrary PHP code via a URL in the (1) my_header parameter to header.php3 or (2) my_footer parameter to footer.php3. cpe:/o:microsoft:windows_nt:4.0 CVE-2003-1407 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:10.157-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SREASON 3251 BUGTRAQ 20030211 SECURITY.NNOV: Windows NT 4.0/2000 cmd.exe long path buffer overflow/DoS BID 6829 XF win-cmd-cd-bo(11329) Buffer overflow in cmd.exe in Windows NT 4.0 may allow local users to execute arbitrary code via a long pathname argument to the cd command. cpe:/a:lotus:domino_server:5.0 cpe:/a:lotus:domino_server:6.0 CVE-2003-1408 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:10.200-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030212 Lotus Domino DOT Bug Allows for Source Code Viewing BUGTRAQ 20030213 Re: Lotus Domino DOT Bug Allows for Source Code Viewing BID 6841 XF lotus-domino-dot-file-download(11311) Lotus Domino Server 5.0 and 6.0 allows remote attackers to read the source code for files via an HTTP request with a filename with a trailing dot. cpe:/a:ej3:topo:1.43 CVE-2003-1409 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:10.247-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030204 TOPo 1.43 and prior - Path Disclosure (in.php, out.php) BID 6768 XF topo-path-disclosure(11248) TOPo 1.43 allows remote attackers to obtain sensitive information by sending an HTTP request with an invalid parameter to (1) in.php or (2) out.php, which reveals the path to the TOPo directory in the error message. cpe:/a:isoca:cedric_email_reader:0.2 cpe:/a:isoca:cedric_email_reader:0.3 CVE-2003-1410 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:10.310-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030209 Cedric Email Reader (PHP) BID 6818 XF cedric-email-file-include(11278) PHP remote file inclusion vulnerability in email.php (aka email.php3) in Cedric Email Reader 0.2 and 0.3 allows remote attackers to execute arbitrary PHP code via the cer_skin parameter. cpe:/a:isoca:cedric_email_reader:0.4 CVE-2003-1411 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:10.357-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030209 Cedric Email Reader (PHP) BID 6820 XF cedric-email-file-include(11278) PHP remote file inclusion vulnerability in emailreader_execute_on_each_page.inc.php in Cedric Email Reader 0.4 allows remote attackers to execute arbitrary PHP code via the emailreader_ini parameter. cpe:/a:gonicus:gonicus_system_administration:1.0 CVE-2003-1412 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:49.200-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov FULLDISC 20030223 GOnicus System Administrator php injection BUGTRAQ 20030224 GOnicus System Administrator php injection BID 6922 SECTRACK 1006162 XF gosa-plugin-file-include(11408) PHP remote file inclusion vulnerability in index.php for GONiCUS System Administrator (GOsa) 1.0 allows remote attackers to execute arbitrary PHP code via the plugin parameter to (1) 3fax/1blocklists/index.php; (2) 6departamentadmin/index.php, (3) 5terminals/index.php, (4) 4mailinglists/index.php, (5) 3departaments/index.php, and (6) 2groupd/index.php in 2administration/; or (7) the base parameter to include/help.php. cpe:/a:apple:darwin_streaming_server:4.1.2 cpe:/a:apple:quicktime_streaming_server:4.1.1 CVE-2003-1413 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:10.450-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov SREASON 3260 BUGTRAQ 20030228 Re: QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities BID 6992 XF darwin-dotdot-file-existence(11445) parse_xml.cgi in Apple Darwin Streaming Server 4.1.1 allows remote attackers to determine the existence of arbitrary files by using ".." sequences in the filename parameter and comparing the resulting error messages. cpe:/a:apple:darwin_streaming_server:4.1.2 cpe:/a:apple:quicktime_streaming_server:4.1.1 CVE-2003-1414 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:10.497-04:00 4.3 NETWORK MEDIUM NONE PARTIAL NONE NONE http://nvd.nist.gov SREASON 3260 BUGTRAQ 20030228 Re: QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities BID 6990 XF darwin-dotdotdot-directory-traversal(11446) Directory traversal vulnerability in parse_xml.cg Apple Darwin Streaming Server 4.1.2 and Apple Quicktime Streaming Server 4.1.1 allows remote attackers to read arbitrary files via a ... (triple dot) in the filename parameter. cpe:/a:visual_mining:netcharts_xbrl_server:4.0.0 CVE-2003-1415 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:10.547-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov SREASON 3261 BUGTRAQ 20030218 [SecurityOffice] Netcharts XBRL Server v4.0.0 Information Leakage Vulnerability BID 6877 XF netcharts-chunked-encoding-bo(11345) NetCharts XBRL Server 4.0.0 allows remote attackers to obtain sensitive information via an HTTP request with an invalid chunked transfer encoding specification. cpe:/h:bisonftp:bisonftp_server_4:r2 CVE-2003-1416 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:10.607-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030217 [immune advisory] Mulitple vulnerabilities found in BisonFTP BID 6869 XF bisonftp-ls-cwd-dos(11346) BisonFTP Server 4 release 2 allows remote attackers to cause a denial of service (CPU consumption) via a long (1) ls or (2) cwd command. cpe:/a:ncipher:support_software:6.00 CVE-2003-1417 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:10.657-04:00 4.4 LOCAL MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030225 nCipher Advisory #7: Unexpected copies of imported software keys BID 6927 XF ncipher-duplicate-keys(11422) nCipher Support Software 6.00, when using generatekey KeySafe to import keys, does not delete the temporary copies of the key, which may allow local users to gain access to the key by reading the (1) key.pem or (2) key.der files. cpe:/a:apache:http_server:1.3.22 cpe:/a:apache:http_server:1.3.23 cpe:/a:apache:http_server:1.3.24 cpe:/a:apache:http_server:1.3.25 cpe:/a:apache:http_server:1.3.26 cpe:/a:apache:http_server:1.3.27 CVE-2003-1418 2003-12-31T00:00:00.000-05:00 2017-10-19T21:29:00.253-04:00 4.3 NETWORK MEDIUM NONE PARTIAL NONE NONE http://nvd.nist.gov OPENBSD [3.2] 008: SECURITY FIX: February 25, 2003 CONFIRM http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html BID 6939 BID 6943 XF apache-mime-information-disclosure(11438) Apache HTTP Server 1.3.22 through 1.3.27 on OpenBSD allows remote attackers to obtain sensitive information via (1) the ETag header, which reveals the inode number, or (2) multipart MIME boundary, which reveals child process IDs (PID). cpe:/a:netscape:navigator:7.0 CVE-2003-1419 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:10.747-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030225 Re: Netscape 6/7 crashes by a simple stylesheet... BID 6959 XF netscape-javascript-reformatdate-dos(11444) Netscape 7.0 allows remote attackers to cause a denial of service (crash) via a web page with an invalid regular expression argument to the JavaScript reformatDate function. cpe:/a:opera_software:opera_web_browser:6.0 cpe:/a:opera_software:opera_web_browser:6.0::win32 cpe:/a:opera_software:opera_web_browser:6.0.1 cpe:/a:opera_software:opera_web_browser:6.0.1::linux cpe:/a:opera_software:opera_web_browser:6.0.1::win32 cpe:/a:opera_software:opera_web_browser:6.0.2::linux cpe:/a:opera_software:opera_web_browser:6.0.2::win32 cpe:/a:opera_software:opera_web_browser:6.0.3::linux cpe:/a:opera_software:opera_web_browser:6.0.3::win32 cpe:/a:opera_software:opera_web_browser:6.0.4::win32 cpe:/a:opera_software:opera_web_browser:6.0.5::win32 cpe:/a:opera_software:opera_web_browser:6.10::linux cpe:/a:opera_software:opera_web_browser:7.0::win32 cpe:/a:opera_software:opera_web_browser:7.0.1::win32 cpe:/a:opera_software:opera_web_browser:8.0 CVE-2003-1420 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:10.810-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030226 Secunia Research: Opera browser Cross Site Scripting BID 6962 XF opera-automatic-redirection-xss(11423) Cross-site scripting (XSS) vulnerability in Opera 6.0 through 7.0 with automatic redirection disabled allows remote attackers to inject arbitrary web script or HTML via the HTTP Location header. cpe:/a:suckbot:suckbot:0.006 CVE-2003-1421 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:10.857-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov BID 6854 XF suckbot-modmysqllogger-dos(11340) Unspecified vulnerability in mod_mysql_logger shared object in SuckBot 0.006 allows remote attackers to cause a denial of service (seg fault) via unknown attack vectors. cpe:/a:gentoo:syslinux:2.0.1 CVE-2003-1422 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:10.907-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CONFIRM http://syslinux.zytor.com/history.php BID 6876 XF syslinux-gain-privileges(11351) Multiple unspecified vulnerabilities in the installer for SYSLINUX 2.01, when running setuid root, allow local users to gain privileges via unknown vectors. cpe:/a:petitforum:petitforum CVE-2003-1423 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:10.953-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov SECTRACK 1006117 XF petitforum-liste-info-disclosure(11358) Petitforum stores the liste.txt data file under the web document root with insufficient access control, which allows remote attackers to obtain sensitive information such as e-mail addresses and encrypted passwords. cpe:/a:petitforum:petitforum CVE-2003-1424 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:10.997-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS SECTRACK 1006117 XF petitforum-message-auth-bypass(11359) message.php in Petitforum does not properly authenticate users, which allows remote attackers to impersonate forum users via a modified connect cookie. cpe:/a:cpanel:cpanel:5.0 CVE-2003-1425 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:11.047-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS VULNWATCH 20030218 Cpanel 5 and below remote command execution and local root vulnerabilities BID 6882 XF cpanel-guestbook-command-execution(11356) guestbook.cgi in cPanel 5.0 allows remote attackers to execute arbitrary commands via the template parameter. cpe:/a:cpanel:cpanel:5.0 CVE-2003-1426 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:11.093-04:00 3.3 LOCAL MEDIUM NONE PARTIAL PARTIAL NONE http://nvd.nist.gov VULNWATCH 20030218 Cpanel 5 and below remote command execution and local root vulnerabilities BID 6885 XF cpanel-scriptfilename-gain-privileges(11357) Openwebmail in cPanel 5.0, when run using suid Perl, adds the directory in the SCRIPT_FILENAME environment variable to Perl's @INC include array, which allows local users to execute arbitrary code by modifying SCRIPT_FILENAME to reference a directory containing a malicious openwebmail-shared.pl executable. cpe:/h:netgear:fm114p:1.4_beta_release_17 CVE-2003-1427 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:11.157-04:00 6.4 NETWORK LOW NONE PARTIAL NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030209 Bug in Netgear FM114P Wireless Router firmware BID 6807 XF netgear-fm114p-directory-traversal(11279) Directory traversal vulnerability in the web configuration interface in Netgear FM114P 1.4 allows remote attackers to read arbitrary files, such as the netgear.cfg configuration file, via a hex-encoded (%2e%2e%2f) ../ (dot dot slash) in the port parameter. cpe:/a:bharat_mediratta:gallery:1.3.3 CVE-2003-1428 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:11.203-04:00 4.8 ADJACENT_NETWORK LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030210 Gallery 1.3.3 BID 6809 XF gallery-album-insecure-directory(11284) Gallery 1.3.3 creates directories with insecure permissions, which allows local users to read, modify, or delete photos. cpe:/a:proxomitron:proxomitron_naoko:4.4 CVE-2003-1429 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:11.247-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov VULNWATCH 20030219 [SCSA-005] Proxomitron Naoko Long Path Buffer Overflow/DoS XF proxomitron-parameter-length-bo(11364) Buffer overflow in Proxomitron Naoko 4.4 allows remote attackers to execute arbitrary code via a long request. cpe:/a:epic_games:unreal_engine:226f cpe:/a:epic_games:unreal_engine:433 cpe:/a:epic_games:unreal_engine:436 CVE-2003-1430 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:11.297-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030205 Unreal engine: results of my research BUGTRAQ 20030211 Re: Epic Games threatens to sue security researchers BID 6775 XF ut-file-directory-traversal(11299) Directory traversal vulnerability in Unreal Tournament Server 436 and earlier allows remote attackers to access known files via a ".." (dot dot) in an unreal:// URL. cpe:/a:epic_games:unreal_engine:226f cpe:/a:epic_games:unreal_engine:433 cpe:/a:epic_games:unreal_engine:436 CVE-2003-1431 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:11.343-04:00 7.1 NETWORK MEDIUM NONE NONE NONE COMPLETE http://nvd.nist.gov BUGTRAQ 20030205 Unreal engine: results of my research BUGTRAQ 20030211 Re: Epic Games threatens to sue security researchers BID 6774 XF ut-url-memory-corruption(11301) Buffer overflow in Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (crash) via a long host string in the Unreal URL. cpe:/a:epic_games:unreal_engine:226f cpe:/a:epic_games:unreal_engine:433 cpe:/a:epic_games:unreal_engine:436 cpe:/a:epic_games:unreal_tournament_2003:2199_linux cpe:/a:epic_games:unreal_tournament_2003:2199_win32 cpe:/a:epic_games:unreal_tournament_2003:demo_version_2206_linux cpe:/a:epic_games:unreal_tournament_2003:demo_version_2206_win32 CVE-2003-1432 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:11.407-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov BUGTRAQ 20030205 Unreal engine: results of my research BUGTRAQ 20030211 Re: Epic Games threatens to sue security researchers BUGTRAQ 20030513 UT2003 client passive DoS exploit BID 6770 BID 6772 XF ut-packet-dos(11302) XF ut-negative-memory-corruption(11305) XF ut-negative-udp-dos(12012) Epic Games Unreal Engine 226f through 436 allows remote attackers to cause a denial of service (CPU consumption or crash) and possibly execute arbitrary code via (1) a packet with a negative size value, which is treated as a large positive number during memory allocation, or (2) a negative size value in a package file. cpe:/a:epic_games:unreal_engine:226f cpe:/a:epic_games:unreal_engine:433 cpe:/a:epic_games:unreal_engine:436 CVE-2003-1433 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:11.453-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030205 Unreal engine: results of my research BUGTRAQ 20030211 Re: Epic Games threatens to sue security researchers BID 6771 XF ut-join-request-dos(11304) Epic Games Unreal Engine 226f through 436 does not validate the challenge key, which allows remote attackers to exhaust the player limit by joining the game multiple times. cpe:/a:pete_werner:login_ldap:3.1 cpe:/a:pete_werner:login_ldap:3.2 CVE-2003-1434 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:11.497-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030220 login_ldap security announcement BID 6903 XF loginldap-password-bypass(11374) login_ldap 3.1 and 3.2 allows remote attackers to initiate unauthenticated bind requests if (1) bind_anon_dn is on, which allows a bind with no password provided, (2) bind_anon_cred is on, which allows a bind with no DN, or (3) bind_anon is on, which allows a bind with no DN or password. cpe:/a:francisco_burzi:php-nuke:5.6 cpe:/a:francisco_burzi:php-nuke:6.0 CVE-2003-1435 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:11.547-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030220 PHPNuke SQL Injection BID 6887 XF phpnuke-search-sql-injection(11375) SQL injection vulnerability in PHP-Nuke 5.6 and 6.0 allows remote attackers to execute arbitrary SQL commands via the days parameter to the search module. cpe:/a:crossnuke:nukebrowser:2.1 cpe:/a:crossnuke:nukebrowser:2.3 cpe:/a:crossnuke:nukebrowser:2.5 cpe:/a:crossnuke:nukebrowser:2.11 cpe:/a:crossnuke:nukebrowser:2.20 cpe:/a:crossnuke:nukebrowser:2.41 CVE-2003-1436 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:11.607-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS SECTRACK 1006031 BID 6731 XF nukebrowser-php-file-include(11217) PHP remote file inclusion vulnerability in nukebrowser.php in Nukebrowser 2.1 to 2.5 allows remote attackers to execute arbitrary PHP code via the filhead parameter. cpe:/a:bea:weblogic_server:7.0 cpe:/a:bea:weblogic_server:7.0::express cpe:/a:bea:weblogic_server:7.0:sp1 cpe:/a:bea:weblogic_server:7.0:sp1:express cpe:/a:bea:weblogic_server:7.0.0.1 cpe:/a:bea:weblogic_server:7.0.0.1::express cpe:/a:bea:weblogic_server:7.0.0.1:sp1 cpe:/a:bea:weblogic_server:7.0.0.1:sp1:express CVE-2003-1437 2003-12-31T00:00:00.000-05:00 2018-10-30T12:25:37.090-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov BEA BEA03-25.00 BID 6719 XF weblogic-keystore-plaintext-passwords(11220) BEA WebLogic Express and WebLogic Server 7.0 and 7.0.0.1, stores passwords in plaintext when a keystore is used to store a private key or trust certificate authorities, which allows local users to gain access. cpe:/a:bea:weblogic_server:5.1 cpe:/a:bea:weblogic_server:6.0 cpe:/a:bea:weblogic_server:6.1 cpe:/a:bea:weblogic_server:7.0 cpe:/a:bea:weblogic_server:7.0.0.1 CVE-2003-1438 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:11.717-04:00 4.3 NETWORK MEDIUM NONE PARTIAL NONE NONE http://nvd.nist.gov BEA BEA03-26.01 BID 6717 SECTRACK 1006018 XF weblogic-clustered-race-condition(11221) Race condition in BEA WebLogic Server and Express 5.1 through 7.0.0.1, when using in-memory session replication or replicated stateful session beans, causes the same buffer to be provided to two users, which could allow one user to see session data that was intended for another user. cpe:/a:silc:secure_internet_live_conferencing:0.9.11 cpe:/a:silc:secure_internet_live_conferencing:0.9.12 CVE-2003-1439 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:49.593-04:00 4.3 NETWORK MEDIUM NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030201 silc question - insecure memory BUGTRAQ 20030201 Re: silc question - insecure memory BID 6743 XF silc-plaintext-account-information(11244) Secure Internet Live Conferencing (SILC) 0.9.11 and 0.9.12 stores passwords and sessions in plaintext in memory, which could allow local users to obtain sensitive information. cpe:/a:burton_computer_corporation:spamprobe:0.8a CVE-2003-1440 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:11.810-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov CONFIRM http://sourceforge.net/project/shownotes.php?release_id=137128 BID 6739 SECTRACK 1006038 XF spamprobe-newlines-href-dos(11247) SpamProbe 0.8a allows remote attackers to cause a denial of service (crash) via HTML e-mail with newline characters within an href tag, which is not properly handled by certain regular expressions. cpe:/a:posadis:posadis:0.50.4 cpe:/a:posadis:posadis:0.50.5 cpe:/a:posadis:posadis:0.50.6 cpe:/a:posadis:posadis:0.50.7 cpe:/a:posadis:posadis:0.50.8 CVE-2003-1441 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:11.873-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov BID 6799 XF posadis-dns-packet-dos(11285) Posadis 0.50.4 through 0.50.8 allows remote attackers to cause a denial of service (crash) via a DNS message without a question section, which triggers null dereference. cpe:/h:ericsson:hm220dp_adsl_modem CVE-2003-1442 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:11.920-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030211 Ericsson HM220dp ADSL modem Insecure Web Administration Vulnerability BUGTRAQ 20030225 RE: Ericsson HM220dp ADSL modem Insecure Web Administration Vulne BID 6824 XF ericsson-hm220dp-auth-bypass(11290) The web administration page for the Ericsson HM220dp ADSL modem does not require authentication, which could allow remote attackers to gain access from the LAN side. cpe:/a:kaspersky_lab:kaspersky_anti-virus:4.0.9.0 CVE-2003-1443 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:11.967-04:00 4.4 LOCAL MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030211 SECURITY.NNOV: Kaspersky Antivirus DoS XF kav-device-name-bypass(11292) Kaspersky Antivirus (KAV) 4.0.9.0 does not detect viruses in files with MS-DOS device names in their filenames, which allows local users to bypass virus protection, as demonstrated using aux.vbs and aux.com. cpe:/a:kaspersky_lab:kaspersky_anti-virus:4.0.9.0 CVE-2003-1444 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:12.013-04:00 4.4 LOCAL MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030211 SECURITY.NNOV: Kaspersky Antivirus DoS XF kav-long-path-dos(11291) Kaspersky Antivirus (KAV) 4.0.9.0 allows local users to cause a denial of service (CPU consumption or crash) and prevent malicious code from being detected via a file with a long pathname. cpe:/a:rarlab:far_manager:1.65 cpe:/a:rarlab:far_manager:1.70_beta_1 cpe:/a:rarlab:far_manager:1.70_beta_4 CVE-2003-1445 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:12.060-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS SREASON 3281 BUGTRAQ 20030211 SECURITY.NNOV: Far buffer overflow BID 6822 XF far-long-path-bo(11293) Stack-based buffer overflow in Far Manager 1.70beta1 and earlier allows local users to cause a denial of service (crash) and possibly execute arbitrary code via a long pathname. cpe:/a:rogue:rogue:5.2-2 cpe:/a:rogue:rogue:985.0 CVE-2003-1446 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:12.107-04:00 4.9 LOCAL LOW NONE NONE COMPLETE NONE http://nvd.nist.gov BUGTRAQ 20030221 Rogue buffer overflow BID 6912 XF rogue-saveintofile-bo(11382) Buffer overflow in the save_into_file function in save.c for Rogue 5.2-2 allows local users to execute arbitrary code with games group privileges by setting a long HOME environment variable and invoking the save game function with a ~ (tilde). cpe:/a:ibm:websphere_application_server:4.0.4::advanced_server CVE-2003-1447 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:12.170-04:00 1.9 LOCAL MEDIUM NONE PARTIAL NONE NONE http://nvd.nist.gov SREASON 3277 BUGTRAQ 20030204 Weak password protection in WebSphere 4.0.4 XML configuration export BUGTRAQ 20030206 Re: Weak password protection in WebSphere 4.0.4 XML configuration export BID 6758 XF websphere-xml-weak-encryption(11245) IBM WebSphere Advanced Server Edition 4.0.4 uses a weak encryption algorithm (XOR and base64 encoding), which allows local users to decrypt passwords when the configuration file is exported to XML. cpe:/o:microsoft:windows_2000 cpe:/o:microsoft:windows_2000::sp1 cpe:/o:microsoft:windows_2000::sp2 cpe:/o:microsoft:windows_2000::sp3 CVE-2003-1448 2003-12-31T00:00:00.000-05:00 2019-04-30T10:27:13.710-04:00 7.8 NETWORK LOW NONE NONE NONE COMPLETE http://nvd.nist.gov MISC http://www.immunitysec.com/downloads/advantages_of_block_based_analysis.html BID 6766 XF win2k-netbios-continuation-dos(11274) Memory leak in the Windows 2000 kernel allows remote attackers to cause a denial of service (SMB request hang) via a NetBIOS continuation packet. cpe:/a:aladdin_knowledge_systems:esafe_gateway:3.5.126.0 CVE-2003-1449 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:12.263-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030206 FW-1 NG FP3 Bug - Data flow problem when transferring large files BID 6787 XF esafe-gateway-filter-bypass(11295) Aladdin Knowlege Systems eSafe Gateway 3.5.126.0 does not check the entire stream of Content Vectoring Protocol (CVP) data, which allows remote attackers to bypass virus protection. cpe:/a:bitchx:bitchx:1.0_c16 cpe:/a:bitchx:bitchx:1.0_c19 cpe:/a:bitchx:bitchx:1.0_c20cvs cpe:/a:bitchx:bitchx:75p3 CVE-2003-1450 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:12.357-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov FULLDISC 20030217 [argv] BitchX-353 Vulnerability SREASON 3279 GENTOO 200302-11 BUGTRAQ 20030217 [argv] BitchX-353 Vulnerability BID 6880 XF bitchx-irc-namreply-dos(11363) BitchX 75p3 and 1.0c16 through 1.0c20cvs allows remote attackers to cause a denial of service (segmentation fault) via a malformed RPL_NAMREPLY numeric 353 message. cpe:/a:symantec:norton_antivirus:2002 CVE-2003-1451 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:12.420-04:00 6.4 NETWORK LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov CONFIRM http://securityresponse.symantec.com/avcenter/security/Content/2003.02.28.html BUGTRAQ 20030219 [SNS Advisory No.61] Symantec Norton AntiVirus 2002 Buffer Overflow Vulnerability MISC http://www.lac.co.jp/security/english/snsadv_e/61_e.html BID 6886 XF nav-email-filename-bo(11365) Buffer overflow in Symantec Norton AntiVirus 2002 allows remote attackers to execute arbitrary code via an e-mail attachment with a compressed ZIP file that contains a file with a long filename. cpe:/a:qualcomm:qpopper:4.0 cpe:/a:qualcomm:qpopper:4.0.1 cpe:/a:qualcomm:qpopper:4.0.2 cpe:/a:qualcomm:qpopper:4.0.3 cpe:/a:qualcomm:qpopper:4.0.4 cpe:/a:qualcomm:qpopper:4.0.5 cpe:/a:qualcomm:qpopper:4.0.5_fc2 cpe:/a:qualcomm:qpopper:4.0_b14 CVE-2003-1452 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:12.467-04:00 3.6 LOCAL LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov VULNWATCH 20030429 [INetCop Security Advisory] Qpopper v4.0.x poppassd local root SREASON 3268 BUGTRAQ 20030428 Qpopper v4.0.x poppassd local root exploit BID 7447 XF qpopper-poppassd-root-access(11877) Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4.05 allows local users to execute arbitrary code by modifying the PATH environment variable to reference a malicious smbpasswd program. cpe:/a:xoops:xoops:1.3.5 cpe:/a:xoops:xoops:1.3.6 cpe:/a:xoops:xoops:1.3.7 cpe:/a:xoops:xoops:1.3.8 cpe:/a:xoops:xoops:1.3.9 cpe:/a:xoops:xoops:2.0 cpe:/a:xoops:xoops:2.0.1 CVE-2003-1453 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:12.530-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov SREASON 3269 BUGTRAQ 20030425 XOOPS MyTextSanitizer CSS 1.3x & 2.x BID 7434 XF xoops-mytextsanitizer-xss(11872) Cross-site scripting (XSS) vulnerability in the MytextSanitizer function in XOOPS 1.3.5 through 1.3.9 and XOOPS 2.0 through 2.0.1 allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in an IMG tag. cpe:/a:invision_power_services:invision_board:1.0 cpe:/a:invision_power_services:invision_board:1.0.1 cpe:/a:invision_power_services:invision_board:1.1.1 CVE-2003-1454 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:12.577-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov SREASON 3276 BUGTRAQ 20030425 Invision Power Board Plaintext Password Disclosure Vuln BID 7440 XF invision-admin-plaintext-password(11871) Invision Power Services Invision Board 1.0 through 1.1.1, when a forum is password protected, stores the administrator password in a cookie in plaintext, which could allow remote attackers to gain access. cpe:/a:poptop:pptp_server:1.1.4b1 cpe:/a:poptop:pptp_server:1.1.4b2 cpe:/a:poptop:pptp_server:1.1.4b3 CVE-2003-1455 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:12.640-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS CONFIRM http://sourceforge.net/project/shownotes.php?release_id=138437 BID 7582 BID 7590 XF poptop-launchbcrelay-pptpctrlc-bo(12101) Multiple buffer overflows in the launch_bcrelay function in pptpctrl.c in PoPToP 1.1.4-b1 through PoPToP 1.1.4-b3 allow local users to execute arbitrary code. cpe:/a:mike_bobbitt:album.pl:6.1 CVE-2003-1456 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:12.687-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov CONFIRM http://perl.bobbitt.ca/yabbse/index.php?board=2;action=display;threadid=720 SREASON 3270 BUGTRAQ 20030426 Album.pl Vulnerability - Remote Command Execution BID 7444 XF albumpl-command-execution(11878) Album.pl 6.1 allows remote attackers to execute arbitrary commands, when an alternative configuration file is used, via unknown attack vectors. cpe:/a:auerswald:comsuite_cti_controlcenter:3.1 CVE-2003-1457 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:12.733-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov SREASON 3282 BUGTRAQ 20030429 Auerswald COMsuite/ Back Door BID 7458 XF comsuite-runasositron-backdoor-account(11923) Auerswald COMsuite CTI ControlCenter 3.1 creates a default "runasositron" user account with an easily guessable password, which allows local users or remote attackers to gain access. cpe:/a:ttcms:ttcms:2.2 cpe:/a:ttcms:ttforum:1.1 CVE-2003-1458 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:12.797-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov SREASON 3278 BUGTRAQ 20030509 ttcms and ttforum exploits BID 7543 XF ttcms-profile-sql-injection(12273) SQL injection vulnerability in Profile.php in ttCMS 2.2 and ttForum allows remote attackers to execute arbitrary SQL commands via the member name. cpe:/a:ttcms:ttcms:2.2 cpe:/a:ttcms:ttforum:1.1 CVE-2003-1459 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:12.857-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov SREASON 3278 BUGTRAQ 20030509 ttcms and ttforum exploits BID 7542 XF ttcms-ttforum-file-include(12271) Multiple PHP remote file inclusion vulnerabilities in ttCMS 2.2 and ttForum allow remote attackers to execute arbitrary PHP code via the (1) template parameter in News.php or (2) installdir parameter in install.php. cpe:/a:ralf_hoffmann:worker_filemanager:1.0 cpe:/a:ralf_hoffmann:worker_filemanager:1.1 cpe:/a:ralf_hoffmann:worker_filemanager:1.2 cpe:/a:ralf_hoffmann:worker_filemanager:1.3 cpe:/a:ralf_hoffmann:worker_filemanager:1.3.1 cpe:/a:ralf_hoffmann:worker_filemanager:1.3.2 cpe:/a:ralf_hoffmann:worker_filemanager:1.3.3 cpe:/a:ralf_hoffmann:worker_filemanager:2.0 cpe:/a:ralf_hoffmann:worker_filemanager:2.0.1 cpe:/a:ralf_hoffmann:worker_filemanager:2.0.2 cpe:/a:ralf_hoffmann:worker_filemanager:2.1 cpe:/a:ralf_hoffmann:worker_filemanager:2.2 cpe:/a:ralf_hoffmann:worker_filemanager:2.2.1 cpe:/a:ralf_hoffmann:worker_filemanager:2.2.2 cpe:/a:ralf_hoffmann:worker_filemanager:2.3 cpe:/a:ralf_hoffmann:worker_filemanager:2.3.1 cpe:/a:ralf_hoffmann:worker_filemanager:2.4 cpe:/a:ralf_hoffmann:worker_filemanager:2.5 cpe:/a:ralf_hoffmann:worker_filemanager:2.6 cpe:/a:ralf_hoffmann:worker_filemanager:2.6.1 cpe:/a:ralf_hoffmann:worker_filemanager:2.7 CVE-2003-1460 2003-12-31T00:00:00.000-05:00 2008-09-05T16:36:59.650-04:00 3.6 LOCAL LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov 2007-12-11T11:05:00.000-05:00 CONFIRM http://www.boomerangsworld.de/worker/wchanges.php3?lang=en BID 7460 Worker Filemanager 1.0 through 2.7 sets the permissions on the destination directory to world-readable and executable while copying data, which could allow local users to obtain sensitive information. cpe:/o:hp:hp-ux:11.00 CVE-2003-1461 2003-12-31T00:00:00.000-05:00 2017-10-10T21:29:19.450-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SREASON 3283 BUGTRAQ 20030502 HP-UX 11.0 /usr/lbin/rwrite BUGTRAQ 20030503 rwrite buffer overflow in hp-ux BID 7489 XF hp-rwrite-bo(11919) Buffer overflow in rwrite for HP-UX 11.0 could allow local users to execute arbitrary code via a long argument. NOTE: the vendor was unable to reproduce the problem on a system that had been patched for an lp vulnerability (CVE-2002-1473). cpe:/a:mod_survey:mod_survey:3.0 cpe:/a:mod_survey:mod_survey:3.0.1 cpe:/a:mod_survey:mod_survey:3.0.2 cpe:/a:mod_survey:mod_survey:3.0.3 cpe:/a:mod_survey:mod_survey:3.0.4 cpe:/a:mod_survey:mod_survey:3.0.5 cpe:/a:mod_survey:mod_survey:3.0.6 cpe:/a:mod_survey:mod_survey:3.0.7 cpe:/a:mod_survey:mod_survey:3.0.8 cpe:/a:mod_survey:mod_survey:3.0.9 cpe:/a:mod_survey:mod_survey:3.0.10 cpe:/a:mod_survey:mod_survey:3.0.11 cpe:/a:mod_survey:mod_survey:3.0.12 cpe:/a:mod_survey:mod_survey:3.0.13 cpe:/a:mod_survey:mod_survey:3.0.14 cpe:/a:mod_survey:mod_survey:3.0.14d cpe:/a:mod_survey:mod_survey:3.0.14e cpe:/a:mod_survey:mod_survey:3.0.15pre1 cpe:/a:mod_survey:mod_survey:3.0.15pre2 cpe:/a:mod_survey:mod_survey:3.0.15pre3 cpe:/a:mod_survey:mod_survey:3.0.15pre4 cpe:/a:mod_survey:mod_survey:3.0.15pre5 cpe:/a:mod_survey:mod_survey:3.0.15pre6 CVE-2003-1462 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:12.997-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030504 Mod_Survey SYSBASE vulnerability CONFIRM http://gathering.itm.mh.se/modsurvey/SA20030504.txt BID 7498 XF modsurvey-nonexistent-survey-dos(11861) mod_survey 3.0.0 through 3.0.15-pre6 does not check whether a survey exists before creating a subdirectory for it, which allows remote attackers to cause a denial of service (disk consumption and possible crash). cpe:/a:alt-n:webadmin:2.0.0 cpe:/a:alt-n:webadmin:2.0.1 cpe:/a:alt-n:webadmin:2.0.2 CVE-2003-1463 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:13.060-04:00 3.5 NETWORK MEDIUM SINGLE_INSTANCE NONE PARTIAL NONE http://nvd.nist.gov SREASON 3286 BUGTRAQ 20030425 Path disclosure and file access on WebAdmin BID 7438 BID 7439 XF webadmin-webadmindll-path-disclosure(11874) XF webadmin-webadmindll-view-files(11875) Absolute path traversal vulnerability in Alt-N Technologies WebAdmin 2.0.0 through 2.0.2 allows remote attackers with administrator privileges to (1) determine the installation path by reading the contents of the Name parameter in a link, and (2) read arbitrary files via an absolute path in the Name parameter. cpe:/h:siemens:m45 cpe:/h:siemens:s45 CVE-2003-1464 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:13.107-04:00 7.8 NETWORK LOW NONE NONE NONE COMPLETE http://nvd.nist.gov SREASON 3287 BUGTRAQ 20030506 Siemens Mobile Phone - Buffer Overflow BID 7507 XF siemens-sms-image-bo(11950) Buffer overflow in Siemens 45 series mobile phones allows remote attackers to cause a denial of service (disconnect and unavailable inbox) via a Short Message Service (SMS) message with a long image name. cpe:/a:phorum:phorum:3.4 cpe:/a:phorum:phorum:3.4.1 cpe:/a:phorum:phorum:3.4.2 CVE-2003-1465 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:13.157-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov SREASON 3288 BUGTRAQ 20030513 Phorum Vulnerabilities BID 7569 XF phorum-download-directory-traversal(12482) Directory traversal vulnerability in download.php in Phorum 3.4 through 3.4.2 allows remote attackers to read arbitrary files. cpe:/a:phorum:phorum:3.4 cpe:/a:phorum:phorum:3.4.1 cpe:/a:phorum:phorum:3.4.2 CVE-2003-1466 2003-12-31T00:00:00.000-05:00 2008-09-05T16:37:00.633-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-12-11T12:01:00.000-05:00 SREASON 3288 BUGTRAQ 20030513 Phorum Vulnerabilities BID 7581 BID 7583 Unspecified vulnerability in Phorum 3.4 through 3.4.2 allows remote attackers to use Phorum as a connection proxy to other sites via (1) register.php or (2) login.php. cpe:/a:phorum:phorum:3.4 cpe:/a:phorum:phorum:3.4.1 cpe:/a:phorum:phorum:3.4.2 CVE-2003-1467 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:13.217-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov SREASON 3288 BUGTRAQ 20030513 Phorum Vulnerabilities BID 7572 BID 7573 BID 7576 BID 7577 BID 7584 XF phorum-multiple-xss(12487) XF phorum-register-html-injection(12502) Multiple cross-site scripting (XSS) vulnerabilities in (1) login.php, (2) register.php, (3) post.php, and (4) common.php in Phorum before 3.4.3 allow remote attackers to inject arbitrary web script or HTML via unknown attack vectors. cpe:/a:francisco_burzi:php-nuke:6.0 cpe:/a:francisco_burzi:php-nuke:6.5 cpe:/a:francisco_burzi:php-nuke:6.5_beta1 cpe:/a:francisco_burzi:php-nuke:6.5_final cpe:/a:francisco_burzi:php-nuke:6.5_rc1 cpe:/a:francisco_burzi:php-nuke:6.5_rc2 cpe:/a:francisco_burzi:php-nuke:6.5_rc3 CVE-2003-1468 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:13.263-04:00 4.3 NETWORK MEDIUM NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030512 Re: Lot of SQL injection on PHP-Nuke 6.5 (secure weblog!) BID 7589 XF phpnuke-weblinks-path-disclosure(12436) The Web_Links module in PHP-Nuke 6.0 through 6.5 final allows remote attackers to obtain the full web server path via an invalid cid parameter that is non-numeric or null, which leaks the pathname in an error message. cpe:/a:macromedia:coldfusion cpe:/a:macromedia:coldfusion:::developer cpe:/a:macromedia:coldfusion:6.0 cpe:/a:macromedia:coldfusion_professional CVE-2003-1469 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:13.327-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov SREASON 3307 MISC http://www.nii.co.in/vuln/pdmac.html BUGTRAQ 20030426 NII Advisory - Path Disclosure in Cold Fusion MX Server BID 7443 XF coldfusion-mx-path-disclosure(11879) The default configuration of ColdFusion MX has the "Enable Robust Exception Information" option selected, which allows remote attackers to obtain the full path of the web server via a direct request to CFIDE/probe.cfm, which leaks the path in an error message. cpe:/a:alt-n:mdaemon:6.7.5 CVE-2003-1470 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:13.373-04:00 9.0 NETWORK LOW SINGLE_INSTANCE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SREASON 3296 BUGTRAQ 20030427 MDaemon SMTP/POP/IMAP server =>v.6.7.5: IMAP buffer overflow BID 7446 XF mdaemon-imap-create-bo(11896) Buffer overflow in IMAP service in MDaemon 6.7.5 and earlier allows remote authenticated users to cause a denial of service (crash) and execute arbitrary code via a CREATE command with a long mailbox name. cpe:/a:alt-n:mdaemon:6.0.7 CVE-2003-1471 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:13.437-04:00 6.3 NETWORK MEDIUM SINGLE_INSTANCE NONE NONE COMPLETE http://nvd.nist.gov BUGTRAQ 20030428 MDaemon SMTP/POP/IMAP server: =>6.0.7: POP remote DoS BUGTRAQ 20030428 RE: MDaemon SMTP/POP/IMAP server: =>6.0.7: POP remote DoS XF mdaemon-pop3-negative-dos(11882) MDaemon POP server 6.0.7 and earlier allows remote authenticated users to cause a denial of service (crash) via a (1) DELE or (2) UIDL with a negative number. cpe:/a:3d-ftp:3d-ftp:4.0 CVE-2003-1472 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:13.483-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov SREASON 3297 BUGTRAQ 20030428 Buffer overflow in 3D-ftp BID 7451 XF 3dftp-ftp-banner-bo(11883) Buffer overflow in 3D-FTP client 4.0 allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long banner. cpe:/a:lgames:ltris:1.0.1 CVE-2003-1473 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:13.530-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov FULLDISC 20030509 ltris-and-slashem-tty possible trouble BUGTRAQ 20030508 ltris-and-slashem-tty possible trouble BID 7537 XF ltris-bo(11978) Buffer overflow in LTris 1.0.1 of FreeBSD Ports Collection 2003-02-25 and earlier allows local users to execute arbitrary code with gid "games" permission via a long HOME environment variable. cpe:/a:freebsd:slashem-tty:0.0.6e.4f.8 CVE-2003-1474 2003-12-31T00:00:00.000-05:00 2008-09-05T16:37:01.883-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2007-12-11T13:35:00.000-05:00 ALLOWS_ADMIN_ACCESS FULLDISC 20030509 ltris-and-slashem-tty possible trouble XF slashem-tty-insecure-permissions(11979) BUGTRAQ 20030508 ltris-and-slashem-tty possible trouble slashem-tty in the FreeBSD Ports Collection is installed with write permissions for the games group, which allows local users with group games privileges to modify slashem-tty and execute arbitrary code as other users, as demonstrated using a separate vulnerability in LTris. cpe:/a:netbus:netbus:1.5 cpe:/a:netbus:netbus:1.6 cpe:/a:netbus:netbus:1.7 CVE-2003-1475 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:13.577-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_OTHER_ACCESS SREASON 3289 BUGTRAQ 20030509 Netbus 1.x exploit BID 7538 XF netbus-password-authentication-bypass(11982) Netbus 1.5 through 1.7 allows more than one client to be connected at the same time, but only prompts the first connection for authentication, which allows remote attackers to gain access. cpe:/a:cerberus:ftp_server:2.1 CVE-2003-1476 2003-12-31T00:00:00.000-05:00 2008-09-05T16:37:02.197-04:00 2.1 LOCAL LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2007-12-11T15:04:00.000-05:00 CONFIRM http://www.cerberusftp.com/cerberus-releasenotes.htm#KnownIssues BID 7556 Cerberus FTP Server 2.1 stores usernames and passwords in plaintext, which could allow local users to gain access. cpe:/a:clearswift:mailsweeper_for_smtp:4.3.6 cpe:/a:clearswift:mailsweeper_for_smtp:4.3.7 CVE-2003-1477 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:13.640-04:00 7.8 NETWORK LOW NONE NONE NONE COMPLETE http://nvd.nist.gov BID 7562 XF mailsweeper-powerpoint-file-dos(12052) MAILsweeper for SMTP 4.3.6 and 4.3.7 allows remote attackers to cause a denial of service (CPU consumption) via a PowerPoint attachment that either (1) is corrupt or (2) contains "embedded objects." cpe:/a:kde:konqueror:3.0.3 CVE-2003-1478 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:13.687-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20030502 Re: April appeared to be a month of IE bugs. Here BID 7486 XF kde-konqueror-dos(11971) Konqueror in KDE 3.0.3 allows remote attackers to cause a denial of service (core dump) via a web page that begins with a "xFFxFE" byte sequence and a large number of CRLF sequences, as demonstrated using freeze.htm. cpe:/a:darkwet:webcam_xp:1.02.432 cpe:/a:darkwet:webcam_xp:1.02.535 CVE-2003-1479 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:13.733-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov SREASON 3304 MISC http://www.frame4.com/content/advisories/FSA-2003-002.txt BUGTRAQ 20030502 Code Injection Vulnerabilities in WebcamXP Chat Feature BID 7490 XF webcamxp-multiple-xss(11952) Cross-site scripting (XSS) vulnerability in webcamXP 1.02.432 and 1.02.535 allows remote attackers to inject arbitrary web script or HTML via the message field. cpe:/a:mysql:mysql:4.1.0:alpha cpe:/a:mysql:mysql:4.1.0.0 cpe:/a:oracle:mysql:3.20 cpe:/a:oracle:mysql:3.20.32a cpe:/a:oracle:mysql:3.21 cpe:/a:oracle:mysql:3.22 cpe:/a:oracle:mysql:3.22.26 cpe:/a:oracle:mysql:3.22.27 cpe:/a:oracle:mysql:3.22.28 cpe:/a:oracle:mysql:3.22.29 cpe:/a:oracle:mysql:3.22.30 cpe:/a:oracle:mysql:3.22.32 cpe:/a:oracle:mysql:3.23.2 cpe:/a:oracle:mysql:3.23.3 cpe:/a:oracle:mysql:3.23.4 cpe:/a:oracle:mysql:3.23.5 cpe:/a:oracle:mysql:3.23.8 cpe:/a:oracle:mysql:3.23.9 cpe:/a:oracle:mysql:3.23.10 cpe:/a:oracle:mysql:3.23.22 cpe:/a:oracle:mysql:3.23.23 cpe:/a:oracle:mysql:3.23.24 cpe:/a:oracle:mysql:3.23.25 cpe:/a:oracle:mysql:3.23.26 cpe:/a:oracle:mysql:3.23.27 cpe:/a:oracle:mysql:3.23.28 cpe:/a:oracle:mysql:3.23.28:gamma cpe:/a:oracle:mysql:3.23.29 cpe:/a:oracle:mysql:3.23.30 cpe:/a:oracle:mysql:3.23.31 cpe:/a:oracle:mysql:3.23.32 cpe:/a:oracle:mysql:3.23.33 cpe:/a:oracle:mysql:3.23.34 cpe:/a:oracle:mysql:3.23.35 cpe:/a:oracle:mysql:3.23.36 cpe:/a:oracle:mysql:3.23.37 cpe:/a:oracle:mysql:3.23.38 cpe:/a:oracle:mysql:3.23.39 cpe:/a:oracle:mysql:3.23.40 cpe:/a:oracle:mysql:3.23.41 cpe:/a:oracle:mysql:3.23.42 cpe:/a:oracle:mysql:3.23.43 cpe:/a:oracle:mysql:3.23.44 cpe:/a:oracle:mysql:3.23.45 cpe:/a:oracle:mysql:3.23.46 cpe:/a:oracle:mysql:3.23.47 cpe:/a:oracle:mysql:3.23.48 cpe:/a:oracle:mysql:3.23.49 cpe:/a:oracle:mysql:3.23.50 cpe:/a:oracle:mysql:3.23.51 cpe:/a:oracle:mysql:3.23.52 cpe:/a:oracle:mysql:3.23.53 cpe:/a:oracle:mysql:3.23.53a cpe:/a:oracle:mysql:3.23.54 cpe:/a:oracle:mysql:3.23.54a cpe:/a:oracle:mysql:3.23.55 cpe:/a:oracle:mysql:3.23.56 cpe:/a:oracle:mysql:4.0.0 cpe:/a:oracle:mysql:4.0.1 cpe:/a:oracle:mysql:4.0.2 cpe:/a:oracle:mysql:4.0.3 cpe:/a:oracle:mysql:4.0.5a cpe:/a:oracle:mysql:4.0.7:gamma cpe:/a:oracle:mysql:4.0.8:gamma cpe:/a:oracle:mysql:4.0.9:gamma cpe:/a:oracle:mysql:4.0.11:gamma CVE-2003-1480 2003-12-31T00:00:00.000-05:00 2019-10-07T12:42:10.637-04:00 4.3 NETWORK MEDIUM NONE PARTIAL NONE NONE http://nvd.nist.gov 2007-12-11T19:28:00.000-05:00 MISC http://www.securiteam.com/tools/5WP031FA0U.html BID 7500 MySQL 3.20 through 4.1.0 uses a weak algorithm for hashed passwords, which makes it easier for attackers to decrypt the password via brute force methods. cpe:/a:stalker:communigate_pro:3.1 cpe:/a:stalker:communigate_pro:3.2.4 cpe:/a:stalker:communigate_pro:3.2_b5 cpe:/a:stalker:communigate_pro:3.2_b7 cpe:/a:stalker:communigate_pro:3.3.2 cpe:/a:stalker:communigate_pro:3.3_b1 cpe:/a:stalker:communigate_pro:3.3_b2 cpe:/a:stalker:communigate_pro:3.4_b3 cpe:/a:stalker:communigate_pro:4.0.1 cpe:/a:stalker:communigate_pro:4.0.2 cpe:/a:stalker:communigate_pro:4.0.3 cpe:/a:stalker:communigate_pro:4.0.6 cpe:/a:stalker:communigate_pro:4.0_b2 cpe:/a:stalker:communigate_pro:4.0_b3 CVE-2003-1481 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:13.780-04:00 5.8 NETWORK MEDIUM NONE PARTIAL PARTIAL NONE http://nvd.nist.gov SREASON 3290 BUGTRAQ 20030504 CommuniGatePro 4.0.6 [EXPLOIT] BID 7501 XF communigate-pro-session-hijacking(11932) CommuniGate Pro 3.1 through 4.0.6 sends the session ID in the referer field for an HTTP request for an image, which allows remote attackers to hijack mail sessions via an e-mail with an IMG tag that references a malicious URL that captures the referer. cpe:/h:microsoft:mn-500_wireless_base_station CVE-2003-1482 2003-12-31T00:00:00.000-05:00 2008-09-05T16:37:03.260-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-12-12T13:01:00.000-05:00 SECTRACK 1006691 BID 7496 The backup configuration file for Microsoft MN-500 wireless base station stores administrative passwords in plaintext, which allows local users to gain access. cpe:/a:flashfxp:flashfxp:1.4 CVE-2003-1483 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:13.843-04:00 6.4 NETWORK LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov MISC http://downloads.securityfocus.com/vulnerabilities/exploits/flashfxp_decrypt.c SECTRACK 1006730 BID 7499 XF flashfxp-weak-password-encryption(12298) FlashFXP 1.4 uses a weak encryption algorithm for user passwords, which allows attackers to decrypt the passwords and gain access. cpe:/a:microsoft:ie:6.0:sp1 CVE-2003-1484 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:13.890-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov SREASON 3292 BUGTRAQ 20030505 Crash in Internet Explorer 6.0 Sp1 BID 7502 XF ie-anchorclick-dos(11946) Microsoft Internet Explorer 6.0 SP1 allows remote attackers to cause a denial of service (crash) by creating a DHTML link that uses the AnchorClick "A" object with a blank href attribute. cpe:/a:clearswift:mailsweeper:4.0 cpe:/a:clearswift:mailsweeper:4.1 cpe:/a:clearswift:mailsweeper:4.2 cpe:/a:clearswift:mailsweeper:4.3 cpe:/a:clearswift:mailsweeper:4.3.3 cpe:/a:clearswift:mailsweeper:4.3.4 cpe:/a:clearswift:mailsweeper:4.3.5 cpe:/a:clearswift:mailsweeper:4.3.6 cpe:/a:clearswift:mailsweeper:4.3.6_sp1 cpe:/a:clearswift:mailsweeper:4.3.7 CVE-2003-1485 2003-12-31T00:00:00.000-05:00 2008-09-05T16:37:03.697-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2007-12-12T13:35:00.000-05:00 BID 7568 Clearswift MAILsweeper 4.0 through 4.3.7 allows remote attackers to bypass filtering via a file attachment that contains "multiple extensions combined with large blocks of white space." cpe:/a:phorum:phorum:3.4 cpe:/a:phorum:phorum:3.4.1 cpe:/a:phorum:phorum:3.4.2 CVE-2003-1486 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:13.937-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov SREASON 3288 BUGTRAQ 20030513 Phorum Vulnerabilities BID 7571 XF phorum-multiple-path-disclosure(12499) Phorum 3.4 through 3.4.2 allows remote attackers to obtain the full path of the web server via an incorrect HTTP request to (1) smileys.php, (2) quick_listrss.php, (3) purge.php, (4) news.php, (5) memberlist.php, (6) forum_listrss.php, (7) forum_list_rdf.php, (8) forum_list.php, or (9) move.php, which leaks the information in an error message. cpe:/a:phorum:phorum:3.4 cpe:/a:phorum:phorum:3.4.1 cpe:/a:phorum:phorum:3.4.2 CVE-2003-1487 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:13.983-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SREASON 3288 BUGTRAQ 20030513 Phorum Vulnerabilities BID 7574 BID 7578 BID 7579 XF phorum-command-execution(12500) Multiple "command injection" vulnerabilities in Phorum 3.4 through 3.4.2 allow remote attackers to execute arbitrary commands and modify the Phorum configuration files via the (1) UserAdmin program, (2) Edit user profile, or (3) stats program. cpe:/a:truelogik:truegalerie:1.0 CVE-2003-1488 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:14.047-04:00 6.4 NETWORK LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov VULNWATCH 20030425 True Galerie 1.0 : Admin Access & File Copy BID 7427 XF truegalerie-verifadmin-admin-access(11886) The (1) verif_admin.php and (2) check_admin.php scripts in Truegalerie 1.0 allow remote attackers to gain administrator access via a request to admin.php without the connect parameter and with the loggedin parameter set to any value, such as 1. cpe:/a:truegalerie:truegalerie:1.0 CVE-2003-1489 2003-12-31T00:00:00.000-05:00 2016-10-17T22:39:45.560-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov VULNWATCH 20030425 True Galerie 1.0 : Admin Access & File Copy upload.php in Truegalerie 1.0 allows remote attackers to read arbitrary files by specifying the target filename in the file cookie in form.php, then downloading the file from the image gallery. cpe:/h:sonicwall:pro100:6.4.0.1 cpe:/h:sonicwall:pro200:6.4.0.1 cpe:/h:sonicwall:pro300:6.4.0.1 CVE-2003-1490 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:14.093-04:00 7.8 NETWORK LOW NONE NONE NONE COMPLETE http://nvd.nist.gov SREASON 3291 BUGTRAQ 20030424 SonicWall Pro DoS? BID 7435 XF sonicwallpro-http-post-dos(11876) SonicWall Pro running firmware 6.4.0.1 allows remote attackers to cause a denial of service (device reset) via a long HTTP POST to the internal interface, possibly due to a buffer overflow. cpe:/a:kerio:personal_firewall:2.1.4 CVE-2003-1491 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:14.140-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov FULLDISC 20030422 UDP bypassing in Kerio Firewall 2.1.4 MISC http://www.securiteam.com/securitynews/5FP0N1P9PI.html BID 7436 XF kerio-pf-firewall-bypass(11880) Kerio Personal Firewall (KPF) 2.1.4 has a default rule to accept incoming packets from DNS (UDP port 53), which allows remote attackers to bypass the firewall filters via packets with a source port of 53. cpe:/a:mozilla:firefox cpe:/a:netscape:navigator:7.0.2 CVE-2003-1492 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:14.187-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030429 "netscape navigator" is cracked. BID 7456 XF netscape-domain-obtain-info(11924) Netscape Navigator 7.0.2 and Mozilla allows remote attackers to access cookie information in a different domain via an HTTP request for a domain with an extra . (dot) at the end. cpe:/a:hp:openview_network_node_manager:5.0.1 cpe:/a:hp:openview_network_node_manager:6.0.1 cpe:/a:hp:openview_network_node_manager:6.1 cpe:/a:hp:openview_network_node_manager:6.1::hp_ux_10.x cpe:/a:hp:openview_network_node_manager:6.1::hp_ux_11.x cpe:/a:hp:openview_network_node_manager:6.1::solaris cpe:/a:hp:openview_network_node_manager:6.2 cpe:/a:hp:openview_network_node_manager:6.2::hp_ux_10.x cpe:/a:hp:openview_network_node_manager:6.2::hp_ux_11.x cpe:/a:hp:openview_network_node_manager:6.2::nt_4.x_windows_2000 cpe:/a:hp:openview_network_node_manager:6.2::solaris cpe:/a:hp:openview_network_node_manager:6.4 cpe:/a:hp:openview_network_node_manager:6.4::hp_ux_11.x cpe:/a:hp:openview_network_node_manager:6.4::nt_4.x_windows_2000 cpe:/a:hp:openview_network_node_manager:6.4::solaris cpe:/a:hp:openview_network_node_manager:6.10 cpe:/a:hp:openview_network_node_manager:6.31 cpe:/a:hp:openview_network_node_manager:6.41 CVE-2003-1493 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:14.247-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov HP HPSBUX0310-291 BID 8859 XF openview-nnm-packet-dos(13467) Memory leak in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 allows remote attackers to cause a denial of service (memory exhaustion) via crafted TCP packets. cpe:/a:hp:openview_network_node_manager:6.2 cpe:/a:hp:openview_network_node_manager:6.4 CVE-2003-1494 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:14.297-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov HP HPSBUX0310-291 BID 8859 XF openview-nnm-packet-dos(13467) Unspecified vulnerability in HP OpenView Network Node Manager (NNM) 6.2 and 6.4 allows remote attackers to cause a denial of service (CPU consumption) via a crafted TCP packet. cpe:/a:hp:insight_management_suite:3.5 cpe:/a:hp:insight_management_suite:4.0 cpe:/a:hp:insight_management_suite:5.0 cpe:/a:hp:insight_manager:1.0 cpe:/a:hp:insight_manager:1.6 cpe:/a:hp:remote_diagnostics_enabling_agent CVE-2003-1495 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:14.357-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BID 8878 XF hp-management-gain-privileges(13496) Unspecified vulnerability in the non-SSL web agent in various HP Management Agent products allows local users or remote attackers to gain privileges or cause a denial of service via unknown attack vectors. cpe:/o:hp:tru64:4.0f cpe:/o:hp:tru64:4.0f_pk6_bl17 cpe:/o:hp:tru64:4.0f_pk7_bl18 cpe:/o:hp:tru64:4.0f_pk8_bl22 cpe:/o:hp:tru64:4.0g cpe:/o:hp:tru64:4.0g_pk3_bl17 cpe:/o:hp:tru64:4.0g_pk4_bl22 cpe:/o:hp:tru64:5.1 cpe:/o:hp:tru64:5.1_pk3_bl17 cpe:/o:hp:tru64:5.1_pk4_bl18 cpe:/o:hp:tru64:5.1_pk5_bl19 cpe:/o:hp:tru64:5.1_pk6_bl20 cpe:/o:hp:tru64:5.1a cpe:/o:hp:tru64:5.1a_pk1_bl1 cpe:/o:hp:tru64:5.1a_pk2_bl2 cpe:/o:hp:tru64:5.1a_pk3_bl3 cpe:/o:hp:tru64:5.1a_pk4_bl21 cpe:/o:hp:tru64:5.1a_pk5_bl23 cpe:/o:hp:tru64:5.1b CVE-2003-1496 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:14.420-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS COMPAQ SSRT3589 BID 8813 XF tru64-dtmailpr-gain-privileges(13418) Unspecified vulnerability in CDE dtmailpr of HP Tru64 4.0F through 5.1B allows local users to gain privileges via unknown attack vectors. NOTE: due to lack of details in the vendor advisory, it is not clear whether this is the same issue as CVE-1999-0840. cpe:/h:linksys:befsx41:1.43.3 CVE-2003-1497 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:14.467-04:00 6.3 NETWORK MEDIUM SINGLE_INSTANCE NONE NONE COMPLETE http://nvd.nist.gov SREASON 3298 CONFIRM http://www.linksys.com/download/vertxt/befsx41_1453.txt BUGTRAQ 20031015 LinkSys EtherFast Router Denial of Service Attack BID 8834 XF linksys-etherfast-logpagenum-dos(13436) Buffer overflow in the system log viewer of Linksys BEFSX41 1.44.3 allows remote attackers to cause a denial of service via an HTTP request with a long Log_Page_Num variable. cpe:/a:wrensoft:zoom_search_engine:2.0_build_1018 CVE-2003-1498 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:14.530-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20031014 Cross-Site Scripting Vulnerability in Wrensoft Zoom Search Engine BID 8823 XF zoom-search-xss(13431) Cross-site scripting (XSS) vulnerability in search.php for WRENSOFT Zoom Search Engine 2.0 Build 1018 and earlier allows remote attackers to inject arbitrary web script or HTML via the zoom_query parameter. cpe:/a:bytehoard:bytehoard:0.7 CVE-2003-1499 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:14.577-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov BUGTRAQ 20031019 ByteHoard Directory Traversal Vulnerability FULLDISC 20031019 ByteHoard Directory Traversal Vulnerability MISC http://www.securiteam.com/unixfocus/6L00L008KE.html BID 8850 XF bytehoard-dotdot-directory-traversal(13456) Directory traversal vulnerability in index.php in Bytehoard 0.7 allows remote attackers to read arbitrary files via a .. (dot dot) in the infolder parameter. cpe:/a:cpcommerce:cpcommerce:0.5f CVE-2003-1500 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:14.717-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS CONFIRM http://cpcommerce.org/forums/index.php?board=2;action=display;threadid=864 SREASON 3301 MISC http://www.securiteam.com/unixfocus/6H00E2K8KG.html BUGTRAQ 20031019 ZH2003-31SA (security advisory): file inclusion vulnerability in cpCommerce BID 8851 XF cpCommerce-functionsphp-file-include(13457) PHP remote file inclusion vulnerability in _functions.php in cpCommerce 0.5f allows remote attackers to execute arbitrary code via the prefix parameter. cpe:/a:gast_arbeiter:gast_arbeiter:1.3 CVE-2003-1501 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:14.763-04:00 6.4 NETWORK LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20031020 Gast Arbeiter Privilege Escalation BID 8858 XF gast-arbeiter-file-upload(13469) Directory traversal vulnerability in the file upload CGI of Gast Arbeiter 1.3 allows remote attackers to write arbitrary files via a .. (dot dot) in the req_file parameter. cpe:/a:snert.com:mod_throttle:3.0 CVE-2003-1502 2003-12-31T00:00:00.000-05:00 2008-09-05T16:37:06.353-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-12-12T15:50:00.000-05:00 FULLDISC 20031015 Mod-Throttle [was: client attacks server - XSS] BID 8822 mod_throttle 3.0 allows local users with Apache privileges to access shared memory that points to a file that is writable by the apache user, which could allow local users to gain privileges. cpe:/a:aol:instant_messenger:5.2.3292 CVE-2003-1503 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:14.827-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov NTBUGTRAQ 20031015 Buffer Overflow in AOL Instant Messager BID 8825 XF aim-getfile-screenname-bo(13443) Buffer overflow in AOL Instant Messenger (AIM) 5.2.3292 allows remote attackers to execute arbitrary code via an aim:getfile URL with a long screen name. cpe:/a:goldscripts:goldlink:3.0 CVE-2003-1504 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:14.873-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov SREASON 3302 BUGTRAQ 20031018 Get admin level on Goldlink script v3.0 BID 8847 XF goldlink-variables-gain-access(13465) SQL injection vulnerability in variables.php in Goldlink 3.0 allows remote attackers to execute arbitrary SQL commands via the (1) vadmin_login or (2) vadmin_pass cookie in a request to goldlink.php. cpe:/a:microsoft:ie:6 CVE-2003-1505 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:14.920-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov SREASON 3295 BUGTRAQ 20031022 IE6 CSS-Crash BID 8874 XF ie-scrollbarbasecolor-dos(13809) Microsoft Internet Explorer 6.0 allows remote attackers to cause a denial of service (crash) by creating a web page or HTML e-mail with a textarea in a div element whose scrollbar-base-color is modified by a CSS style, which is then moved. cpe:/a:daniel_barron:dansguardian:3.0 cpe:/a:daniel_barron:dansguardian:3.1_r5 cpe:/a:daniel_barron:dansguardian:3.1_r6 cpe:/a:daniel_barron:dansguardian:3.2 CVE-2003-1506 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:14.983-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov SREASON 3299 BUGTRAQ 20031022 CensorNet: Cross Site Scripting Vulnerability BUGTRAQ 20031027 Re: CensorNet: Cross Site Scripting Vulnerability BUGTRAQ 20031027 Re: CensorNet: Cross Site Scripting Vulnerability BID 8876 XF censornet-cgi-xss(13507) Cross-site scripting (XSS) vulnerability in dansguardian.pl in Adelix CensorNet 3.0 through 3.2 allows remote attackers to execute arbitrary script as other users by injecting arbitrary HTML or script into the DENIEDURL parameter. cpe:/h:planet_technology_corp:wgsd-1020 cpe:/h:planet_technology_corp:wsw-2401 CVE-2003-1507 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:15.030-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SECTRACK 1007924 BUGTRAQ 20031015 Few issues previously unpublished in English BID 8837 XF wgsd-default-admin-account(13446) Planet Technology WGSD-1020 and WSW-2401 Ethernet switches use a default "superuser" account with the "planet" password, which allows remote attackers to gain administrative access. cpe:/a:mirc:mirc:6.12 CVE-2003-1508 2003-12-31T00:00:00.000-05:00 2008-09-05T16:37:07.243-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov 2007-12-14T13:27:00.000-05:00 SREASON 3303 CONFIRM http://www.irchelp.org/irchelp/mirc/exploit.html BUGTRAQ 20031023 (Fw) : mIRC 6.12 (latest) DCC Exploit BID 8880 Buffer overflow in mIRC 6.12, when the DCC get dialog window has been minimized and the user opens the minimized window, allows remote attackers to cause a denial of service (crash) via a long filename. cpe:/a:realnetworks:realone_enterprise_desktop:6.0.11.774 cpe:/a:realnetworks:realone_player:2.0 cpe:/a:realnetworks:realone_player:6.0.11.818 cpe:/a:realnetworks:realone_player:6.0.11.830 cpe:/a:realnetworks:realone_player:6.0.11.841 cpe:/a:realnetworks:realone_player:6.0.11.853 CVE-2003-1509 2003-12-31T00:00:00.000-05:00 2017-08-16T21:29:00.880-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov CONFIRM http://service.real.com/help/faq/security/securityupdate_october2003.html BID 8839 XF realoneplayer-temporary-script-execution(13445) Real Networks RealOne Enterprise Desktop 6.0.11.774, RealOne Player 2.0, and RealOne Player 6.0.11.818 through RealOne Player 6.0.11.853 allows remote attackers to execute arbitrary script in the local security zone by embedding script in a temp file before the temp file is executed by the default web browser. cpe:/a:rit_research_labs:tinyweb:1.9 CVE-2003-1510 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:15.123-04:00 7.8 NETWORK LOW NONE NONE NONE COMPLETE http://nvd.nist.gov MISC http://www.securiteam.com/windowsntfocus/6S0052K8LQ.html BID 8810 XF tinyweb-httpget-dos(13402) TinyWeb 1.9 allows remote attackers to cause a denial of service (CPU consumption) via a ".%00." in an HTTP GET request to the cgi-bin directory. cpe:/a:bajie:java_http_server:0.95 cpe:/a:bajie:java_http_server:0.95:d cpe:/a:bajie:java_http_server:0.95:zxc cpe:/a:bajie:java_http_server:0.95:zxe cpe:/a:bajie:java_http_server:0.95:zxe1 cpe:/a:bajie:java_http_server:0.95:zxv4 CVE-2003-1511 2003-12-31T00:00:00.000-05:00 2008-09-05T16:37:07.697-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2007-12-14T13:39:00.000-05:00 SREASON 3306 CONFIRM http://www.geocities.com/gzhangx/websrv/docs/security.html BUGTRAQ 20031016 CSS Vulnerability in Bajie HTTP JServer BID 8841 Cross-site scripting (XSS) vulnerability in Bajie Java HTTP Server 0.95 through 0.95zxv4 allows remote attackers to inject arbitrary web script or HTML via (1) the query string to test.txt, (2) the guestName parameter to the custMsg servlet, or (3) the cookiename parameter to the CookieExample servlet. cpe:/a:khaled_mardam-bey:mirc:6.1 cpe:/a:khaled_mardam-bey:mirc:6.11 CVE-2003-1512 2003-12-31T00:00:00.000-05:00 2008-09-05T16:37:07.867-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2007-12-14T13:42:00.000-05:00 BID 8818 Buffer overflow in mIRC 6.1 and 6.11 allows remote attackers to cause a denial of service (crash) via a long DCC SEND request. cpe:/a:caucho_technology:resin:2.0 cpe:/a:caucho_technology:resin:2.1.1 cpe:/a:caucho_technology:resin:2.1.2 cpe:/a:caucho_technology:resin:2.1.12 CVE-2003-1513 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:15.187-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov FULLDISC 20031019 Caucho Resin 2.x - Cross Site Scripting BID 8852 XF resin-name-comment-xss(13460) Multiple cross-site scripting (XSS) vulnerabilities in example scripts in Caucho Technology Resin 2.0 through 2.1.2 allow remote attackers to inject arbitrary web script or HTML via (1) env.jsp, (2) form.jsp, (3) session.jsp, (4) the move parameter to tictactoe.jsp, or the (5) name or (6) comment fields to guestbook.jsp. cpe:/a:emule:emule:0.29c CVE-2003-1514 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:15.233-04:00 7.8 NETWORK LOW NONE NONE NONE COMPLETE http://nvd.nist.gov SREASON 3294 BUGTRAQ 20031019 eMule 2.2 [0.29c] - Web Control Panel - DOS(Denial Of Service) BID 8854 XF emule-long-password-dos(13464) eMule 0.29c allows remote attackers to cause a denial of service (crash) via a long password, possibly due to a buffer overflow. cpe:/h:origo:asr-8100:adsl_router_3.21 cpe:/h:origo:asr-8400:adsl_router CVE-2003-1515 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:15.280-04:00 7.8 NETWORK LOW NONE NONE NONE COMPLETE http://nvd.nist.gov SREASON 3300 BUGTRAQ 20031012 Origo ASR-8100 ADSL router remote factory reset BID 8855 XF origo-default-settings-restore(13463) Origo ASR-8100 ADSL Router 3.21 has an administration service running on port 254 that does not require a password, which allows remote attackers to cause a denial of service by restoring the factory defaults. cpe:/a:sun:java_plug-in:1.4.2_01 CVE-2003-1516 2003-12-31T00:00:00.000-05:00 2008-09-05T16:37:08.460-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-12-14T15:14:00.000-05:00 BUGTRAQ 20031020 Cross Site Java applets BID 8857 The org.apache.xalan.processor.XSLProcessorVersion class in Java Plug-in 1.4.2_01 allows signed and unsigned applets to share variables, which violates the Java security model and could allow remote attackers to read or write data belonging to a signed applet. cpe:/a:dansie:shopping_cart CVE-2003-1517 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:15.327-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov MISC http://www.securiteam.com/securitynews/6T00T008KG.html BID 8860 XF dansie-cartpl-path-disclosure(13461) cart.pl in Dansie shopping cart allows remote attackers to obtain the installation path via an invalid db parameter, which leaks the path in an error message. cpe:/a:adiscon:winsyslog:4.21_sp1 cpe:/a:adiscon:winsyslog:5.0_beta CVE-2003-1518 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:15.373-04:00 7.8 NETWORK LOW NONE NONE NONE COMPLETE http://nvd.nist.gov CONFIRM http://www.adiscon.com/Common/en/advisory/2003-09-15.asp MISC http://www.securiteam.com/windowsntfocus/6L00F158KE.html BID 8821 XF winsyslog-long-syslog-dos(13428) Adiscon WinSyslog 4.21 SP1 allows remote attackers to cause a denial of service (CPU consumption) via a long syslog message. cpe:/a:vivisimo:clustering_engine:0 CVE-2003-1519 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:15.420-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov SECTRACK 1007955 BID 8862 XF vívísimo-clustering-engine-xss(13452) Cross-site scripting (XSS) vulnerability in Vivisimo clustering engine allows remote attackers to inject arbitrary web script or HTML via the query parameter to the search program. cpe:/a:fuzzymonkey:myclassifieds:2.11 CVE-2003-1520 2003-12-31T00:00:00.000-05:00 2008-09-05T16:37:09.087-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2007-12-14T16:09:00.000-05:00 SREASON 3293 BUGTRAQ 20031021 SQL Injection Vulnerability in FuzzyMonkey MyClassifieds SQL Version BID 8863 SQL injection vulnerability in FuzzyMonkey My Classifieds 2.11 allows remote attackers to execute arbitrary SQL commands via the email parameter. cpe:/a:sun:java_plug-in:1.4 cpe:/a:sun:java_plug-in:1.4.2 cpe:/a:sun:java_plug-in:1.4.2_01 cpe:/a:sun:java_plug-in:1.4.2_02 CVE-2003-1521 2003-12-31T00:00:00.000-05:00 2008-09-05T16:37:09.243-04:00 6.4 NETWORK LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov 2007-12-17T18:12:00.000-05:00 BUGTRAQ 20031021 IE6 & Java 1.4.2_02 applet: Hardware stress on floppy drive BID 8867 Sun Java Plug-In 1.4 through 1.4.2_02 allows remote attackers to repeatedly access the floppy drive via the createXmlDocument method in the org.apache.crimson.tree.XmlDocument class, which violates the Java security model. cpe:/a:pscs:vpop3_web_mail_server:2.0e cpe:/a:pscs:vpop3_web_mail_server:2.0f CVE-2003-1522 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:15.483-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov CONFIRM http://www.pscs.co.uk/products/vpop3/whatsnew.html MISC http://www.securiteam.com/windowsntfocus/6S00S008KW.html BID 8869 XF vpop3-login-xss(13459) Cross-site scripting (XSS) vulnerability in PSCS VPOP3 Web Mail server 2.0e and 2.0f allows remote attackers to inject arbitrary web script or HTML via the redirect parameter to the admin/index.html page. cpe:/a:dbmail:dbmail:1.0 cpe:/a:dbmail:dbmail:1.1 CVE-2003-1523 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:15.530-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BID 8829 XF dbmail-multiple-sql-injection(13416) SQL injection vulnerability in the IMAP daemon in dbmail 1.1 allows remote attackers to execute arbitrary SQL commands via the (1) login username, (2) mailbox name, and possibly other attack vectors. cpe:/a:pgpi:pgpdisk:6.0.2i CVE-2003-1524 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:15.577-04:00 6.3 LOCAL MEDIUM NONE COMPLETE COMPLETE NONE http://nvd.nist.gov MISC http://www.securiteam.com/windowsntfocus/6M00L0K8KI.html BID 8870 XF pgpdisk-obtain-information(13490) PGPi PGPDisk 6.0.2i does not unmount a PGP partition when the switch user function in Windows XP is used, which could allow local users to access data on another user's PGP partition. cpe:/a:my_photo_gallery:my_photo_gallery:3.5 CVE-2003-1525 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:15.623-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov BID 8872 XF myphotogallery-unknown-vulnerabilities(13498) Unspecified vulnerability in My Photo Gallery 3.5, and possibly earlier versions, has unknown impact and attack vectors. cpe:/a:francisco_burzi:php-nuke:7.0 CVE-2003-1526 2003-12-31T00:00:00.000-05:00 2008-09-05T16:37:10.007-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2007-12-18T11:39:00.000-05:00 BUGTRAQ 20031018 PHP-Nuke Path Disclosure Vulnerability BID 8848 PHP-Nuke 7.0 allows remote attackers to obtain the installation path via certain characters such as (1) ", (2) ', or (3) > in the search field, which reveals the path in an error message. cpe:/a:ibm:internet_security_systems_blackice_defender:2.9cap cpe:/a:iss:blackice_server_protection:3.5.cdf CVE-2003-1527 2003-12-31T00:00:00.000-05:00 2008-09-05T16:37:10.163-04:00 4.3 NETWORK MEDIUM NONE NONE NONE PARTIAL http://nvd.nist.gov 2007-12-18T12:40:00.000-05:00 BUGTRAQ 20021008 Multiple Vendor PC firewall remote denial of services Vulnerability XF firewall-autoblock-spoofing-dos(10314) BID 5917 BlackICE Defender 2.9.cap and Server Protection 3.5.cdf, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. cpe:/a:fujitsu:siemens_networker:6.0 CVE-2003-1528 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:49.920-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS SREASON 3353 BUGTRAQ 20040119 Networker 6.0 - possible symlink attack BID 9446 SECTRACK 1008801 nsr_shutdown in Fujitsu Siemens NetWorker 6.0 allows local users to overwrite arbitrary files via a symlink attack on the nsrsh[PID] temporary file. cpe:/a:seagull_software_systems:j_walk_application_server:3.2c9 CVE-2003-1529 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:15.670-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030325 IRM 005: JWalk Application Server Version 3.2c9 Directory Traversal Vulnerability BID 7160 SECTRACK 1006378 XF jwalk-dotdot-directory-traversal(11623) Directory traversal vulnerability in Seagull Software Systems J Walk application server 3.2C9, and other versions before 3.3c4, allows remote attackers to read arbitrary files via a ".%252e" (encoded dot dot) in the URL. cpe:/a:phpbb:phpbb:2.0.3 CVE-2003-1530 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:50.187-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov ALLOWS_USER_ACCESS BUGTRAQ 20030116 phpBB SQL Injection vulnerability BUGTRAQ 20030117 phpBB SQL Injection vulnerability BID 6634 SQL injection vulnerability in privmsg.php in phpBB 2.0.3 and earlier allows remote attackers to execute arbitrary SQL commands via the mark[] parameter. cpe:/a:lilikoi:ceilidh:2.70 CVE-2003-1531 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:15.733-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030327 [SCSA-013] Cross Site Scripting vulnerability in testcgi.exe BID 7214 SECTRACK 1006391 XF ceilidh-textcgi-xss(11638) Cross-site scripting (XSS) vulnerability in testcgi.exe in Lilikoi Software Ceilidh 2.70 and earlier allows remote attackers to inject arbitrary web script or HTML via the query string. cpe:/a:julien_desaunay:phpmyshop:1.00 CVE-2003-1532 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:50.483-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov SREASON 3348 BUGTRAQ 20030203 phpMyShop (php) BID 6746 SECTRACK 1006030 SQL injection vulnerability in compte.php in PhpMyShop 1.00 allows remote attackers to execute arbitrary SQL commands via the (1) identifiant and (2) password parameters. cpe:/a:phppass:phppass:2 CVE-2003-1533 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:50.780-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov SREASON 3349 BUGTRAQ 20030113 phpPass (PHP) BID 6594 SECTRACK 1005948 SQL injection vulnerability in accesscontrol.php in PhpPass 2 allows remote attackers to execute arbitrary SQL commands via the (1) uid and (2) pwd parameters. cpe:/a:justice_media:guestbook:1.3 CVE-2003-1534 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:51.030-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov SREASON 3347 BUGTRAQ 20030329 Justice Guestbook 1.3 vulnerabilities BID 7233 SECTRACK 1006412 Cross-site scripting (XSS) vulnerability in jgb.php3 in Justice Guestbook 1.3 allows remote attackers to inject arbitrary web script or HTML via the (1) name, (2) homepage, (3) aim, (4) yim, (5) location, and (6) comment variables. cpe:/a:justice_media:guestbook:1.3 CVE-2003-1535 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:51.327-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov SREASON 3347 BUGTRAQ 20030329 Justice Guestbook 1.3 vulnerabilities BID 7234 SECTRACK 1006412 Justice Guestbook 1.3 allows remote attackers to obtain the full installation path via a direct request to cfooter.php3, which leaks the path in an error message. cpe:/a:dcp-portal:dcp-portal:5.3.1 CVE-2003-1536 2003-12-31T00:00:00.000-05:00 2017-07-28T21:29:15.797-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030318 Some XSS vulns BID 7141 BID 7144 XF dcpportal-search-calendar-xss(11602) Multiple cross-site scripting (XSS) vulnerabilities in Codeworx Technologies DCP-Portal 5.3.1 allow remote attackers to inject arbitrary web script or HTML via (1) the q parameter to search.php and (2) the year parameter to calendar.php. cpe:/a:postnuke_software_foundation:postnuke:0.723 CVE-2003-1537 2003-12-31T00:00:00.000-05:00 2008-09-05T16:37:11.650-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2007-12-18T14:40:00.000-05:00 VULNWATCH 20030309 Postnuke v 0.723 SQL injection and directory traversing Directory traversal vulnerability in PostNuke 0.723 and earlier allows remote attackers to include arbitrary files named theme.php via the theme parameter to index.php. cpe:/a:suse:suse_linux_openexchange_server:4.0 cpe:/o:suse:office_server cpe:/o:suse:suse_linux:8::enterprise_server cpe:/o:suse:suse_linux:8.1 CVE-2003-1538 2003-12-31T00:00:00.000-05:00 2008-09-05T16:37:11.807-04:00 6.4 NETWORK LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov 2007-12-21T11:55:00.000-05:00 SUSE SUSE-SA:2003:005 SECTRACK 1005954 susehelp in SuSE Linux 8.1, Enterprise Server 8, Office Server, and Openexchange Server 4 does not properly filter shell metacharacters, which allows remote attackers to execute arbitrary commands via CGI queries. cpe:/a:onedotoh:simple_file_manager:0.19 CVE-2003-1539 2003-12-31T00:00:00.000-05:00 2008-09-05T16:37:11.960-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2008-01-10T13:23:00.000-05:00 CONFIRM http://sourceforge.net/project/shownotes.php?release_id=144274 CONFIRM http://sourceforge.net/tracker/index.php?func=detail&aid=695597&group_id=60333&atid=493842 BID 7035 Cross-site scripting (XSS) vulnerability in ONEdotOH Simple File Manager (SFM) before 0.21 allows remote attackers to inject arbitrary web script or HTML via (1) file names and (2) directory names. cpe:/a:wfchat:wfchat:1.0:beta CVE-2003-1540 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:51.640-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov SREASON 3645 SECTRACK 1006352 BUGTRAQ 20030319 WF-Chat BID 7147 XF wf-chat-plaintext-passwords(11571) WF-Chat 1.0 Beta stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain authentication information via a direct request to (1) !pwds.txt and (2) !nicks.txt. cpe:/a:planetmoon:guestbook:tr3.a.1 CVE-2003-1541 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:52.107-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov SREASON 3653 BUGTRAQ 20030321 Guestbook tr3.a BID 7167 SECTRACK 1006360 XF guestbooktr3a-plaintext-password-disclosure(11609) PlanetMoon Guestbook tr3.a stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain the admin script password, and other passwords, via a direct request to files/passwd.txt. cpe:/a:ondrej_jombik:phpwebfilemanager:0.4 CVE-2003-1542 2003-12-31T00:00:00.000-05:00 2008-09-05T16:37:12.400-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2008-02-14T14:25:00.000-05:00 CONFIRM http://platon.sk/projects/release_view_page.php?release_id=2 BID 6933 Directory traversal vulnerability in plugins/file.php in phpWebFileManager before 0.4.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the fm_path parameter. cpe:/a:bajie:java_http_server:0.95:zxc cpe:/a:bajie:java_http_server:0.95:zxe CVE-2003-1543 2003-12-31T00:00:00.000-05:00 2017-08-07T21:29:00.397-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov SECTRACK 1006428 MISC http://www.geocities.com/gzhangx/websrv/docs/security.html MISC http://www.lucaercoli.it/advs/bajie.txt MISC http://www.securiteam.com/securitynews/5LP10009FC.html BID 7344 XF bajie-error-message-xss(11687) Cross-site scripting (XSS) vulnerability in Bajie Http Web Server 0.95zxe, 0.95zxc, and possibly others, allows remote attackers to inject arbitrary web script or HTML via the query string, which is reflected in an error message. cpe:/o:microsoft:windows_2000::sp3:adv_srv cpe:/o:microsoft:windows_2000::sp3:srv CVE-2003-1544 2003-12-31T00:00:00.000-05:00 2017-08-07T21:29:00.460-04:00 6.8 NETWORK LOW SINGLE_INSTANCE NONE NONE COMPLETE http://nvd.nist.gov SREASON 3654 MSKB 815225 BUGTRAQ 20030123 DoS attack on Windows 2000 Terminal Server BUGTRAQ 20030124 RE: DoS attack on Windows 2000 Terminal Server BID 6672 SECTRACK 1005986 XF win2k-terminal-msgina-dos(11141) XF win2k-terminal-msgina-permissions(11816) Unrestricted critical resource lock in Terminal Services for Windows 2000 before SP4 and Windows XP allows remote authenticated users to cause a denial of service (reboot) by obtaining a read lock on msgina.dll, which prevents msgina.dll from being loaded. cpe:/a:nukestyles:viewpage cpe:/a:phpnuke:nukestyles_viewpage_module CVE-2003-1545 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:52.530-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030325 PHPNuke viewpage.php allows Remote File retrieving BUGTRAQ 20030325 Re: PHPNuke viewpage.php allows Remote File retrieving BUGTRAQ 20030325 Re: PHPNuke viewpage.php and another SQL injections BUGTRAQ 20030325 Re: PHPNuke viewpage.php allows Remote File retrieving BUGTRAQ 20030326 Re: PHPNuke viewpage.php allows Remote File retrieving BUGTRAQ 20030325 Re: PHPNuke viewpage.php allows Remote File retrieving BUGTRAQ 20030327 Re: PHPNuke viewpage.php allows Remote File retrieving BID 7191 SECTRACK 1006377 Absolute path traversal vulnerability in nukestyles.com viewpage.php addon for PHP-Nuke allows remote attackers to read arbitrary files via a full pathname in the file parameter. NOTE: This was originally reported as an issue in PHP-Nuke 6.5, but this is an independent addon. cpe:/a:filebased:guestbook:1.1.3 CVE-2003-1546 2003-12-31T00:00:00.000-05:00 2017-08-07T21:29:00.507-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov BUGTRAQ 20030314 Guestbook v1.1.3 CSS Vuln BID 7104 SECTRACK 1006289 XF filebased-guestbook-gbook-xss(11540) Cross-site scripting (XSS) vulnerability in gbook.php in Filebased guestbook 1.1.3 allows remote attackers to inject arbitrary web script or HTML via the comment section. cpe:/a:francisco_burzi:php-nuke:6.5 cpe:/a:francisco_burzi:php-nuke:6.5_beta1 cpe:/a:francisco_burzi:php-nuke:6.5_rc1 cpe:/a:francisco_burzi:php-nuke:6.5_rc2 cpe:/a:francisco_burzi:php-nuke:6.5_rc3 CVE-2003-1547 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:53.390-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov SREASON 3718 BUGTRAQ 20030331 PHP-Nuke block-Forums.php subject vulnerabilities BUGTRAQ 20030401 Re: PHP-Nuke block-Forums.php subject vulnerabilities BID 7248 XF phpnuke-blockforums-subject-xss(11675) Cross-site scripting (XSS) vulnerability in block-Forums.php in the Splatt Forum module for PHP-Nuke 6.x allows remote attackers to inject arbitrary web script or HTML via the subject parameter. cpe:/a:myabracadaweb:myabracadaweb:1.0.2 CVE-2003-1548 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:53.857-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov SREASON 3717 BUGTRAQ 20030317 [SCSA-010] Path Disclosure & Cross Site Scripting Vulnerability in MyABraCaDaWeb BID 7126 SECTRACK 1006308 XF myabracadaweb-index-path-disclosure(11556) MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to obtain sensitive information via an invalid IDAdmin or other parameter, which reveals the installation path in an error message. cpe:/a:myabracadaweb:myabracadaweb:1.0.2 CVE-2003-1549 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:54.233-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov SREASON 3717 BUGTRAQ 20030317 [SCSA-010] Path Disclosure & Cross Site Scripting Vulnerability in MyABraCaDaWeb BID 7127 SECTRACK 1006308 XF myabracadaweb-index-makw-xss(11557) Cross-site scripting (XSS) vulnerability in header.php in MyABraCaDaWeb 1.0.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the ma_kw parameter. cpe:/a:xoops:xoops:2.0 CVE-2003-1550 2003-12-31T00:00:00.000-05:00 2017-08-07T21:29:00.773-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov BUGTRAQ 20030320 [SCSA-011] Path Disclosure Vulnerability in XOOPS BUGTRAQ 20030328 Re: [SCSA-011] Path Disclosure Vulnerability in XOOPS BID 7149 XF xoops-xoopsoption-path-disclosure(11587) XOOPS 2.0, and possibly earlier versions, allows remote attackers to obtain sensitive information via an invalid xoopsOption parameter, which reveals the installation path in an error message. cpe:/a:novell:groupwise:6.0_sp3:revision_e CVE-2003-1551 2003-12-31T00:00:00.000-05:00 2017-08-07T21:29:00.820-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BID 6896 SECTRACK 1006171 XF groupwise-script-execution(11394) Unspecified vulnerability in Novell GroupWise 6 SP3 WebAccess before Revision F has unknown impact and attack vectors related to "malicious script." cpe:/a:graeme:uploader:1.1 CVE-2003-1552 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:54.657-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov BUGTRAQ 20030304 uploader.php vulnerability BUGTRAQ 20030304 uploader.php script XF uploader-uploads-file-upload(11467) Unrestricted file upload vulnerability in uploader.php in Uploader 1.1 allows remote attackers to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in uploads/. cpe:/a:sips:sips:0.2.2 CVE-2003-1553 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:54.920-04:00 4.3 NETWORK MEDIUM NONE PARTIAL NONE NONE http://nvd.nist.gov SREASON 3780 BUGTRAQ 20030318 SIPS (PHP) BID 7134 XF sips-user-obtain-information(11572) Haakon Nilsen Simple Internet Publishing System (SIPS) 0.2.2 stores sensitive information under the web root with insufficient access control, which allows remote attackers to obtain password and other user information via a direct request to a user-specific configuration directory. cpe:/a:scoznet:scozbook:1.1_beta CVE-2003-1554 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:55.233-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov SREASON 3781 BUGTRAQ 20030329 ScozBook BETA 1.1 vulnerabilities BID 7235 SECTRACK 1006413 XF scozbook-add-xss(11658) Cross-site scripting (XSS) vulnerability in scozbook/add.php in ScozNet ScozBook 1.1 BETA allows remote attackers to inject arbitrary web script or HTML via the (1) username, (2) useremail, (3) aim, (4) msn, (5) sitename and (6) siteaddy variables. cpe:/a:scoznet:scozbook:1.1_beta CVE-2003-1555 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:55.640-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov SREASON 3781 BUGTRAQ 20030329 ScozBook BETA 1.1 vulnerabilities BID 7236 SECTRACK 1006413 XF scozbook-view-path-disclosure(11659) ScozNet ScozBook 1.1 BETA allows remote attackers to obtain sensitive information via an invalid PG parameter in view.php, which reveals the installation path in an error message. cpe:/a:cgi_city:cc_guestbook CVE-2003-1556 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:56.047-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov SREASON 3796 BUGTRAQ 20030329 CGI-City's CCGuestBook Script Injection Vulns BID 7237 Cross-site scripting (XSS) vulnerability in cc_guestbook.pl in CGI City CC GuestBook allows remote attackers to inject arbitrary web script or HTML via the (1) name and (2) homepage_title (webpage title) parameters. cpe:/a:spamassassin:spamassassin:2.40 cpe:/a:spamassassin:spamassassin:2.41 cpe:/a:spamassassin:spamassassin:2.42 cpe:/a:spamassassin:spamassassin:2.43 CVE-2003-1557 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:56.233-04:00 7.6 NETWORK HIGH NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov ALLOWS_ADMIN_ACCESS BUGTRAQ 20030123 SpamAssassin / spamc+BSMTP remote buffer overflow GENTOO GLSA-200302-01 BUGTRAQ 20030204 Re: GLSA: Mail-SpamAssasin BID 6679 XF spamassassin-spamc-offbyone-bo(11154) Off-by-one buffer overflow in spamc of SpamAssassin 2.40 through 2.43, when using BSMTP mode ("-B"), allows remote attackers to execute arbitrary code via email containing headers with leading "." characters. cpe:/a:fefe:fnord:1.6 CVE-2003-1558 2003-12-31T00:00:00.000-05:00 2018-10-19T11:29:56.703-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov CONFIRM http://www.fefe.de/fnord/ BUGTRAQ 20030117 GLSA: fnord BID 6635 XF fnord-httpdc-cgi-bo(11121) Buffer overflow in httpd.c of fnord 1.6 allows remote attackers to create a denial of service (crash) and possibly execute arbitrary code via a long CGI request passed to the do_cgi function. cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.22 cpe:/a:microsoft:ie:6 cpe:/a:microsoft:ie:6:sp1 CVE-2003-1559 2003-12-31T00:00:00.000-05:00 2009-01-29T00:28:34.390-05:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov SREASON 3989 MISC http://www.gadgetopia.com/2003/12/23/OutlookWebAccessPrivacyHole.html BUGTRAQ 20031224 IE 5.22 on Mac Transmitting HTTP Referer from Secure Page BUGTRAQ 20031230 RE: IE 5.22 on Mac Transmitting HTTP Referer from Secure Page BID 9295 Microsoft Internet Explorer 5.22, and other 5 through 6 SP1 versions, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. cpe:/a:netscape:navigator:4 CVE-2003-1560 2003-12-31T00:00:00.000-05:00 2009-01-29T00:28:34.530-05:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov SREASON 4004 BUGTRAQ 20031230 RE: IE 5.22 on Mac Transmitting HTTP Referer from Secure Page Netscape 4 sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. cpe:/a:opera:opera CVE-2003-1561 2003-12-31T00:00:00.000-05:00 2009-01-29T00:28:34.717-05:00 4.3 NETWORK MEDIUM NONE PARTIAL NONE NONE http://nvd.nist.gov SREASON 4004 BUGTRAQ 20031230 RE: IE 5.22 on Mac Transmitting HTTP Referer from Secure Page Opera, probably before 7.50, sends Referer headers containing https:// URLs in requests for http:// URLs, which allows remote attackers to obtain potentially sensitive information by reading Referer log data. cpe:/a:openbsd:openssh:1.2 cpe:/a:openbsd:openssh:1.2.1 cpe:/a:openbsd:openssh:1.2.2 cpe:/a:openbsd:openssh:1.2.3 cpe:/a:openbsd:openssh:1.2.27 cpe:/a:openbsd:openssh:1.3 cpe:/a:openbsd:openssh:1.5 cpe:/a:openbsd:openssh:1.5.7 cpe:/a:openbsd:openssh:1.5.8 cpe:/a:openbsd:openssh:2 cpe:/a:openbsd:openssh:2.1 cpe:/a:openbsd:openssh:2.1.1 cpe:/a:openbsd:openssh:2.2 cpe:/a:openbsd:opens