Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-05-12 | CVE-2003-0174 | Origin Validation Error vulnerability in SGI Irix The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could allow attackers to log in without a password. | 9.8 |
| 2003-04-22 | CVE-2002-1484 | Server-Side Request Forgery (SSRF) vulnerability in Siemens Db4Web 3.4/3.6 DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web as a proxy and attempt TCP connections to other systems (port scan) via a request for a URL that specifies the target IP address and port, which produces a connection status in the resulting error message. | 9.8 |
| 2003-01-07 | CVE-2002-0628 | Improper Restriction of Excessive Authentication Attempts vulnerability in Polycom products The Telnet service for Polycom ViewStation before 7.2.4 does not restrict the number of failed login attempts, which makes it easier for remote attackers to guess usernames and passwords via a brute force attack. | 7.5 |
| 2002-12-31 | CVE-2002-2323 | Improper Preservation of Permissions vulnerability in SUN Solaris PC Netlink 1.0/1.1/1.2 Sun PC NetLink 1.0 through 1.2 does not properly set the access control list (ACL) for files and directories that use symbolic links and have been restored from backup, which could allow local or remote attackers to bypass intended access restrictions. | 7.5 |
| 2002-12-31 | CVE-2002-2119 | Improper Handling of Case Sensitivity vulnerability in Novell Edirectory 8.6.2/8.7 Novell eDirectory 8.6.2 and 8.7 use case insensitive passwords, which makes it easier for remote attackers to conduct brute force password guessing. | 9.8 |
| 2002-12-31 | CVE-2002-2070 | Incomplete Cleanup vulnerability in Accessdata Secureclean 3 SecureClean 3 build 2.0 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | 7.5 |
| 2002-12-31 | CVE-2002-2069 | Incomplete Cleanup vulnerability in PGP Personal Privacy PGP 6.x and 7.x does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | 7.5 |
| 2002-12-31 | CVE-2002-2068 | Incomplete Cleanup vulnerability in Tolvanen Eraser 5.3 Eraser 5.3 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | 7.5 |
| 2002-12-31 | CVE-2002-2067 | Incomplete Cleanup vulnerability in East-Tec Eraser 2002 East-Tec Eraser 2002 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | 7.5 |
| 2002-12-31 | CVE-2002-2066 | Incomplete Cleanup vulnerability in Jetico Bcwipe 1.0.7/2.0/2.35.1 BestCrypt BCWipe 1.0.7 and 2.0 through 2.35.1 does not clear Windows alternate data streams that are attached to files on NTFS file systems, which allows attackers to recover sensitive information that was supposed to be deleted. | 7.5 |