Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-01-22 | CVE-2006-0355 | Remote Denial Of Service vulnerability in Helmsman Research Homeftp 1.1 Helmsman Research (aka CoolUtils) HomeFtp 1.1 allows remote attackers to cause an unspecified denial of service via a long USER command combined with a long PASS command and an NLST command. | 5.0 |
| 2006-01-22 | CVE-2006-0354 | Resource Management Errors vulnerability in Cisco products Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) allows remote authenticated users to cause a denial of service (termination of packet passing or termination of client connections) by sending the management interface a large number of spoofed ARP packets, which creates a large ARP table that exhausts memory, aka Bug ID CSCsc16644. | 5.5 |
| 2006-01-22 | CVE-2006-0353 | Information Exposure vulnerability in GNU LSH 2.0.1 unix_random.c in lshd for lsh 2.0.1 leaks file descriptors related to the randomness generator, which allows local users to cause a denial of service by truncating the seed file, which prevents the server from starting, or obtain sensitive seed information that could be used to crack keys. | 3.6 |
| 2006-01-21 | CVE-2006-0352 | Information Disclosure vulnerability in Fluffington Flog 1.01/1.1.2 The default configuration of Fluffington FLog 1.01 installs users.0.dat under the web document root with insufficient access control, which might allow remote attackers to obtain sensitive information (login credentials) via a direct request. | 5.0 |
| 2006-01-21 | CVE-2006-0351 | Denial Of Service vulnerability in MyDNS DNS Query Unspecified "critical denial-of-service vulnerability" in MyDNS before 1.1.0 has unknown impact and attack vectors. | 5.0 |
| 2006-01-21 | CVE-2006-0350 | Input Validation vulnerability in Epic Designs Eggblog 2.0 Cross-site scripting (XSS) vulnerability in eggblog 2.0 allow remote attackers to inject arbitrary web script or HTML via the message field to topic.php. network epic-designs | 4.3 |
| 2006-01-21 | CVE-2006-0349 | Input Validation vulnerability in Epic Designs Eggblog 2.0 SQL injection vulnerability in eggblog 2.0 allows remote attackers to execute arbitrary SQL commands via the id parameter to blog.php. | 7.5 |
| 2006-01-21 | CVE-2006-0348 | Remote Input Validation vulnerability in ELOG Web Logbook Format string vulnerability in the write_logfile function in ELOG before 2.6.1 allows remote attackers to cause a denial of service (server crash) via unknown attack vectors. | 5.0 |
| 2006-01-21 | CVE-2006-0347 | Remote Input Validation vulnerability in ELOG Web Logbook Directory traversal vulnerability in ELOG before 2.6.1 allows remote attackers to access arbitrary files outside of the elog directory via "../" (dot dot) sequences in the URL. | 5.0 |
| 2006-01-21 | CVE-2006-0346 | Input Validation vulnerability in Saral Kaushik Saralblog 1.0 Cross-site scripting (XSS) vulnerability in SaralBlog 1.0 allows remote attackers to inject arbitrary web script or HTML via a website field in a new comment to view.php, which is not properly handled in the comment function in functions.php. network saral-kaushik | 4.3 |