Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-08-23 | CVE-2005-2643 | Unspecified vulnerability in TOR Tor 0.1.0.13 and earlier, and experimental versions 0.1.1.4-alpha and earlier, does not reject certain weak keys when using ephemeral Diffie-Hellman (DH) handshakes, which allows malicious Tor servers to obtain the keys that a client uses for other systems in the circuit. | 5.0 |
| 2005-08-23 | CVE-2005-2642 | Buffer Overflow vulnerability in Mutt 1.5.10 Buffer overflow in the mutt_decode_xbit function in Handler.c for Mutt 1.5.10 allows remote attackers to execute arbitrary code, possibly due to interactions with libiconv or gettext. | 7.5 |
| 2005-08-23 | CVE-2005-2641 | Authentication Bypass vulnerability in PADL Software PAM_LDAP Unknown vulnerability in pam_ldap before 180 does not properly handle a new password policy control, which could allow attackers to gain privileges. | 7.5 |
| 2005-08-23 | CVE-2005-2640 | Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates a response if the username is valid but does not respond when the username is invalid. | 5.0 |
| 2005-08-23 | CVE-2005-2639 | Buffer Overflow vulnerability in Valusoft Chris Moneymakers World Poker Championship 1.0 Buffer overflow in Chris Moneymaker's World Poker Championship 1.0 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long nickname. | 7.5 |
| 2005-08-23 | CVE-2005-2638 | Cross-Site Scripting vulnerability in PHPfreenews 1.40 Multiple cross-site scripting (XSS) vulnerabilities in PHPFreeNews 1.40 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) NewsMode parameter to NewsCategoryForm.php, or the (2) Match or (3) NewsMode parameter to SearchResults.php. network phpfreenews | 4.3 |
| 2005-08-23 | CVE-2005-2637 | SQL Injection vulnerability in PHPFreeNews SearchResults.PHP Multiple SQL injection vulnerabilities in PHPFreeNews 1.40 and earlier allow remote attackers to execute arbitrary SQL commands via the (1) Match or (2) CatID parameter to SearchResults.php, or (3) the password to AccessControl.php. | 7.5 |
| 2005-08-23 | CVE-2005-2636 | SQL Injection vulnerability in phpPgAds Lib-View-Direct.INC.PHP SQL injection vulnerability in lib-view-direct.inc.php in phpAdsNew and phpPgAds before 2.0.6 allows remote attackers to execute arbitrary SQL commands via the clientid parameter. | 7.5 |
| 2005-08-23 | CVE-2005-2635 | Local File Include vulnerability in phpPgAds Multiple directory traversal vulnerabilities in phpAdsNew and phpPgAds before 2.0.6 allow remote attackers to include arbitrary files via a .. | 5.0 |
| 2005-08-23 | CVE-2005-2634 | Buffer Overflow vulnerability in Winftp Server Winftp Server 1.6.8 Buffer overflow in the Log-SCR function in the "Log to Screen" feature in WinFtp Server 1.6.8 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a long request. | 7.5 |