Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-08-23 | CVE-2005-2633 | Remote File Include vulnerability in PHPTB Topic Board Multiple PHP file inclusion vulnerabilities in (1) admin_o.php, (2) board_o.php, (3) dev_o.php, (4) file_o.php or (5) tech_o.php in PHPTB Topic Board 2.0 and earlier allow remote attackers to execute arbitrary PHP code via the absolutepath parameter. | 7.5 |
2005-08-23 | CVE-2005-2632 | SQL Injection vulnerability in Mediabox404 Login_Admin_Mediabox404.PHP SQL injection vulnerability in login_admin_mediabox404.php in mediabox404 1.2 and earlier allows remote attackers to execute arbitrary SQL commands via the User field. | 7.5 |
2005-08-23 | CVE-2005-2631 | Unspecified vulnerability in Cisco Network Admission Control Manager and Server System Software Cisco Clean Access (CCA) 3.3.0 to 3.3.9, 3.4.0 to 3.4.5, and 3.5.0 to 3.5.3 does not properly authenticate users when invoking API methods, which could allow remote attackers to bypass security checks, change the assigned role of a user, or disconnect users. | 7.5 |
2005-08-23 | CVE-2005-2499 | Local Database Corruption vulnerability in SLocate slocate before 2.7 does not properly process very long paths, which allows local users to cause a denial of service (updatedb exit and incomplete slocate database) via a certain crafted directory structure. | 2.1 |
2005-08-23 | CVE-2005-2459 | Null Pointer Dereference vulnerability in multiple products The huft_build function in inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 returns the wrong value, which allows remote attackers to cause a denial of service (kernel crash) via a certain compressed file that leads to a null pointer dereference, a different vulnerability than CVE-2005-2458. | 5.0 |
2005-08-23 | CVE-2005-2458 | Local Denial of Service vulnerability in Linux Kernel ZLib Invalid Memory Access inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 allows remote attackers to cause a denial of service (kernel crash) via a compressed file with "improper tables". | 5.0 |
2005-08-23 | CVE-2005-2457 | Denial Of Service vulnerability in Linux Kernel ISO File System The driver for compressed ISO file systems (zisofs) in the Linux kernel before 2.6.12.5 allows local users and remote attackers to cause a denial of service (kernel crash) via a crafted compressed ISO file system. | 5.0 |
2005-08-23 | CVE-2005-2099 | Resource Management Errors vulnerability in Linux Kernel The Linux kernel before 2.6.12.5 does not properly destroy a keyring that is not instantiated properly, which allows local users or remote attackers to cause a denial of service (kernel oops) via a keyring with a payload that is not empty, which causes the creation to fail, leading to a null dereference in the keyring destructor. | 5.0 |
2005-08-23 | CVE-2005-2098 | Local Denial of Service vulnerability in Linux Kernel Session Keyring Allocation The KEYCTL_JOIN_SESSION_KEYRING operation in the Linux kernel before 2.6.12.5 contains an error path that does not properly release the session management semaphore, which allows local users or remote attackers to cause a denial of service (semaphore hang) via a new session keyring (1) with an empty name string, (2) with a long name string, (3) with the key quota reached, or (4) ENOMEM. | 5.0 |
2005-08-23 | CVE-2005-0359 | Multiple vulnerability in EMC Legato Networker The Legato PortMapper in EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 does not restrict access to the pmap_set and pmap_unset commands, which allows remote attackers to (1) cause a denial of service by using pmap_unset to un-register a NetWorker service, or (2) obtain sensitive information from NetWorker services by using pmap_set to register a new service. | 6.4 |