Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-09-06 | CVE-2005-2494 | Local Privilege Escalation vulnerability in KDE kcheckpass kcheckpass in KDE 3.2.0 up to 3.4.2 allows local users to gain root access via a symlink attack on lock files. | 7.2 |
| 2005-09-06 | CVE-2005-2806 | Improper Input Validation vulnerability in Trevor Hogan Bnbt 7.5Betarelease2/7.5Betarelease3/7.720041027R3 client.cpp in BNBT EasyTracker 7.7r3.2004.10.27 and earlier allows remote attackers to cause a denial of service (application hang) via an HTTP header containing only a ":" (colon), possibly leading to an integer signedness error due to a missing field name or value. | 5.0 |
| 2005-09-06 | CVE-2005-2805 | Unspecified vulnerability in E107 0.603/0.616/0.617 forum_post.php in e107 0.6 allows remote attackers to post to non-existent forums by modifying the forum number. | 5.0 |
| 2005-09-06 | CVE-2005-2803 | Cross-Site Scripting vulnerability in Hiki 0.8.0/0.8.1/0.8.2 Cross-site scripting (XSS) vulnerability in Hiki 0.8.1 to 0.8.2 allows remote attackers to inject arbitrary web script or HTML via a page name in a Login link, a different vulnerability than CVE-2005-2336. network hiki | 4.3 |
| 2005-09-06 | CVE-2005-2336 | Cross-Site Scripting vulnerability in Hiki 0.8.0/0.8.1/0.8.2 Cross-site scripting (XSS) vulnerability in Hiki 0.8.0 to 0.8.2 allows remote attackers to inject arbitrary web script or HTML via "missing pages" in which the page name is not properly escaped, a different vulnerability than CVE-2005-2803. network hiki | 4.3 |
| 2005-09-06 | CVE-2005-2801 | Incorrect Comparison vulnerability in Linux Kernel 2.6.0 xattr.c in the ext2 and ext3 file system code for Linux kernel 2.6 does not properly compare the name_index fields when sharing xattr blocks, which could prevent default ACLs from being applied. | 7.5 |
| 2005-09-06 | CVE-2005-2798 | Unspecified vulnerability in Openbsd Openssh sshd in OpenSSH before 4.2, when GSSAPIDelegateCredentials is enabled, allows GSSAPI credentials to be delegated to clients who log in using non-GSSAPI methods, which could cause those credentials to be exposed to untrusted users or hosts. | 5.0 |
| 2005-09-06 | CVE-2005-2797 | Unspecified vulnerability in Openbsd Openssh 4.0 OpenSSH 4.0, and other versions before 4.2, does not properly handle dynamic port forwarding ("-D" option) when a listen address is not provided, which may cause OpenSSH to enable the GatewayPorts functionality. | 5.0 |
| 2005-09-02 | CVE-2005-2793 | Command Injection vulnerability in PHPldapadmin Project PHPldapadmin 0.9.6/0.9.7 PHP remote file inclusion vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to execute arbitrary PHP code via the custom_welcome_page parameter. | 7.5 |
| 2005-09-02 | CVE-2005-2792 | Path Traversal vulnerability in PHPldapadmin Project PHPldapadmin 0.9.6/0.9.7 Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows remote attackers to read arbitrary files via a .. | 5.0 |