Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-09-08 | CVE-2005-2849 | Remote Security vulnerability in Barracuda Networks Barracuda Spam Firewall 3.1.16/3.1.17 Argument injection vulnerability in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to (1) read portions of source code via the -f option to Dig (dig_device.cgi), (2) determine file existence via the -r argument to Tcpdump (tcpdump_device.cgi) or (3) modify files in the cgi-bin directory via the -w argument to Tcpdump. | 6.4 |
| 2005-09-08 | CVE-2005-2848 | Remote Directory Traversal vulnerability in Barracuda Networks Barracuda Spam Firewall 3.1.16/3.1.17 Directory traversal vulnerability in img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to read arbitrary files via a .. | 5.0 |
| 2005-09-08 | CVE-2005-2847 | Remote Command Execution vulnerability in Barracuda Networks Barracuda Spam Firewall 3.1.16/3.1.17 img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to execute arbitrary commands via shell metacharacters in the f parameter. | 7.5 |
| 2005-09-08 | CVE-2005-2845 | Information Disclosure vulnerability in Ariba Spend Management Solutions Ariba Spend Management System sends the username and password to the server in plaintext in a POST request, which allows remote attackers to obtain sensitive information. | 5.0 |
| 2005-09-08 | CVE-2005-2844 | Remote Buffer Overflow vulnerability in Indiatimes Messenger Indiatimes Messenger 6.0 Buffer overflow in MMClient.exe in Indiatimes Messenger 6.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long group name argument to the RenameGroup function in the MMClient.MunduMessenger.1 ActiveX object. | 7.5 |
| 2005-09-08 | CVE-2005-2843 | Authentication Bypass vulnerability in Helpdesk Software Hesk 0.92 Helpdesk software Hesk 0.92 does not properly verify usernames and passwords, which allows remote attackers to bypass authentication via a direct request to admin_main.php. | 7.5 |
| 2005-09-08 | CVE-2005-2842 | Buffer Overflow vulnerability in DameWare Mini Remote Control Buffer overflow in dwrcs.exe in DameWare Mini Remote Control before 4.9.0 allows remote attackers to execute arbitrary code via the username. | 7.5 |
| 2005-09-08 | CVE-2005-2841 | Denial-Of-Service vulnerability in IOS Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet Sessions for Cisco IOS 12.2ZH and 12.2ZL, 12.3 and 12.3T, and 12.4 and 12.4T allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted user authentication credentials. | 7.5 |
| 2005-09-08 | CVE-2005-2020 | Unspecified vulnerability in 3Com 3C15100D 5.0.2 Directory traversal vulnerability in the web server for 3Com Network Supervisor 5.0.2 allows remote attackers to read arbitrary files via ".." sequences in the URL to TCP port 21700. | 5.0 |
| 2005-09-07 | CVE-2005-2839 | Cross-Site Scripting vulnerability in Maxdev Md-Pro 1.0.72 Multiple cross-site scripting (XSS) vulnerabilities in MAXdev MD-Pro 1.0.72 allow remote attackers to inject arbitrary web script or HTML via (1) dl-search.php or (2) wl-search.php. network maxdev | 4.3 |