Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-08-23 | CVE-2005-0358 | Multiple vulnerability in EMC Legato Networker EMC Legato NetWorker, Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 6.0 through 7.2 do not properly verify authentication tokens, which allows remote attackers to gain privileges by modifying an authentication token. | 7.5 |
2005-08-23 | CVE-2005-0357 | Multiple vulnerability in EMC Legato Networker EMC Legato NetWorker, Sun Solstice Backup 6.0 and 6.1, and StorEdge Enterprise Backup 7.0 through 7.2 rely on AUTH_UNIX authentication, which relies on user ID for authentication and allows remote attackers to bypass authentication and gain privileges by spoofing a username or UID. | 7.5 |
2005-08-19 | CVE-2005-2627 | Remote vulnerability in Kismet Multiple integer underflows in Kismet before 2005-08-R1 allow remote attackers to execute arbitrary code via (1) kernel headers in a pcap file or (2) data frame dissection, which leads to heap-based buffer overflows. | 7.5 |
2005-08-19 | CVE-2005-2626 | Remote vulnerability in Kismet Unspecified vulnerability in Kismet before 2005-08-R1 allows remote attackers to have an unknown impact via unprintable characters in the SSID. | 10.0 |
2005-08-19 | CVE-2005-2625 | Remote Security vulnerability in CPAINT Incomplete blacklist vulnerability in the checkBlacklist function in CPAINT allows remote attackers to execute arbitrary commands via the (1) ExecuteGlobal function or (2) GetRef statement, which is not included in the blacklist. | 7.5 |
2005-08-19 | CVE-2005-2624 | Remote Security vulnerability in Cpaint 1.3Sp Eval injection vulnerability in CPAINT 1.3-SP allows remote attackers to execute arbitrary ASP code via the cpaint_argument[] parameter to (1) calculator.asp or (2) cpaintfile.asp, which is directly fed into an eval statement. | 5.0 |
2005-08-19 | CVE-2005-2623 | Remote Security vulnerability in Ecw-Shop 6.0.2 ECW-Shop 6.0.2 allows remote attackers to reduce the total cost of their shopping cart by specifying a negative quantity for an item, which causes the price of the item to be subtracted from the total cost. | 5.0 |
2005-08-19 | CVE-2005-2622 | Cross-Site Scripting vulnerability in Ecw-Shop 6.0.2 Cross-site scripting (XSS) vulnerability in index.php in ECW-Shop 6.0.2 allows remote attackers to inject arbitrary web script or HTML via the (1) max or (2) ctg parameter. network ecw-shop | 4.3 |
2005-08-19 | CVE-2005-2621 | SQL-Injection vulnerability in Ecw-Shop 6.0.2 index.php in ECW-Shop 6.0.2 allows remote attackers to obtain sensitive information via the (1) min or (2) max parameter with a "'" (single quote), which reveals the path in an error message, possibly due to a SQL injection vulnerability. | 5.0 |
2005-08-19 | CVE-2005-2526 | CUPS in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to cause a denial of service (CPU consumption) by sending a partial IPP request and closing the connection. | 5.0 |