Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2003-08-27 CVE-2003-0625 Off-by-one Error vulnerability in Hadrons Xfstt
Off-by-one error in certain versions of xfstt allows remote attackers to read potentially sensitive memory via a malformed client request in the connection handshake, which leaks the memory in the server's response.
network
low complexity
hadrons CWE-193
7.5
2003-08-27 CVE-2003-0466 Off-by-one Error vulnerability in multiple products
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger a buffer overflow, including (1) STOR, (2) RETR, (3) APPE, (4) DELE, (5) MKD, (6) RMD, (7) STOU, or (8) RNTO.
network
low complexity
wuftpd redhat apple sun freebsd netbsd openbsd CWE-193
critical
9.8
2003-08-18 CVE-2003-0578 Link Following vulnerability in IBM U2 Universe 10.0.0.9
cci_dir in IBM U2 UniVerse 10.0.0.9 and earlier creates hard links and unlinks files as root, which allows local users to gain privileges by deleting and overwriting arbitrary files.
local
low complexity
ibm CWE-59
7.8
2003-08-18 CVE-2003-0517 Link Following vulnerability in Mgetty Project Mgetty 1.1.28
faxrunqd.in in mgetty 1.1.28 and earlier allows local users to overwrite files via a symlink attack on JOB files.
local
low complexity
mgetty-project CWE-59
5.5
2003-08-18 CVE-2003-0252 Off-by-one Error vulnerability in Linux-Nfs Nfs-Utils
Off-by-one error in the xlog function of mountd in the Linux NFS utils package (nfs-utils) before 1.0.4 allows remote attackers to cause a denial of service and possibly execute arbitrary code via certain RPC requests to mountd that do not contain newlines.
network
low complexity
linux-nfs CWE-193
critical
9.8
2003-06-30 CVE-2003-0411 Improper Handling of Case Sensitivity vulnerability in Oracle SUN ONE Application Server 7.0
Sun ONE Application Server 7.0 for Windows 2000/XP allows remote attackers to obtain JSP source code via a request that uses the uppercase ".JSP" extension instead of the lowercase .jsp extension.
network
low complexity
oracle CWE-178
7.5
2003-06-09 CVE-2003-0356 Off-by-one Error vulnerability in Ethereal 0.8.13/0.9.11/0.9.3
Multiple off-by-one vulnerabilities in Ethereal 0.9.11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via the (1) AIM, (2) GIOP Gryphon, (3) OSPF, (4) PPTP, (5) Quake, (6) Quake2, (7) Quake3, (8) Rsync, (9) SMB, (10) SMPP, and (11) TSP dissectors, which do not properly use the tvb_get_nstringz and tvb_get_nstringz0 functions.
network
low complexity
ethereal CWE-193
critical
9.8
2003-05-12 CVE-2003-0174 Origin Validation Error vulnerability in SGI Irix
The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could allow attackers to log in without a password.
network
low complexity
sgi CWE-346
critical
9.8
2003-04-22 CVE-2002-1484 Server-Side Request Forgery (SSRF) vulnerability in Siemens Db4Web 3.4/3.6
DB4Web server, when configured to use verbose debug messages, allows remote attackers to use DB4Web as a proxy and attempt TCP connections to other systems (port scan) via a request for a URL that specifies the target IP address and port, which produces a connection status in the resulting error message.
network
low complexity
siemens CWE-918
critical
9.8
2003-01-07 CVE-2002-0628 Improper Restriction of Excessive Authentication Attempts vulnerability in Polycom products
The Telnet service for Polycom ViewStation before 7.2.4 does not restrict the number of failed login attempts, which makes it easier for remote attackers to guess usernames and passwords via a brute force attack.
network
low complexity
polycom CWE-307
7.5