Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-08-16 | CVE-2005-2583 | Remote Security vulnerability in Mentor Adslfr4Ii 2.00.0111 Mentor ADSL-FR4II router running firmware 2.00.0111 has an undocumented web server running on TCP port 5678, which allows local users to gain access. | 7.5 |
| 2005-08-16 | CVE-2005-2582 | Local Security vulnerability in Kaspersky LAB Kaspersky Anti-Virus 5.0.5 Kaspersky Anti-Virus for Unix/Linux File Servers 5.0-5 uses world-writable permissions for the (1) log and (2) license directory, which allows local users to delete log files, append to arbitrary files via a symlink attack on kavmonitor.log, or delete license keys and prevent keepup2date from properly executing. | 3.6 |
| 2005-08-16 | CVE-2005-2581 | Unspecified vulnerability in Grandstream Budgetone 101 and Budgetone 102 Grandstream BudgeTone 101 and 102 running firmware 1.0.6.7 and possibly earlier versions, allows remote attackers to cause a denial of service (device hang or reboot) via a large UDP packet to port 5060. | 5.0 |
| 2005-08-16 | CVE-2005-2580 | SQL Injection vulnerability in Mybulletinboard 1.00Rc4Securitypatch Multiple SQL injection vulnerabilities in MyBulletinBoard (MyBB) 1.00 RC4 with Security Patch allow remote attackers to execute arbitrary SQL commands via the Username field in (1) index.php or (2) member.php, action parameter to (3) search.php or (4) member.php, or (5) polloptions parameter to polls.php. | 7.5 |
| 2005-08-16 | CVE-2005-2579 | Local Security vulnerability in Nortel Contivity V0501.030 Nortel Contivity VPN Client V05_01.030, when configuring a certificate to be used as authentication, does not properly drop system privileges, which allows local users to gain privileges by opening a program with the File Open dialog box. | 7.2 |
| 2005-08-16 | CVE-2005-2577 | Remote Denial of Service vulnerability in Wyse Winterm 1125Se Wyse Winterm 1125SE running firmware 4.2.09f or 4.4.061f allows remote attackers to cause a denial of service (device crash) via a packet with a zero in the IP option length field. | 5.0 |
| 2005-08-16 | CVE-2005-2576 | Information Disclosure vulnerability in Calogic 1.22 CaLogic 1.22, and possibly earlier versions, allows remote attackers to obtain sensitive information via a direct request to (1) doclsqlres.php, (2) clmcpreload.php, (3) viewhistlog.php, (4) mcconfig.php, (5) doclsqlbak.php, (6) defcalsel.php, or (7) cl_minical.php, which reveals the path in an error message. | 5.0 |
| 2005-08-16 | CVE-2005-2575 | Unspecified vulnerability in XMB Forum XMB 1.9.1 SQL injection vulnerability in u2u.inc.php in XMB Forum 1.9.1 allows remote attackers to execute arbitrary SQL commands via certain values that are inserted into the $in variable. | 7.5 |
| 2005-08-16 | CVE-2005-2574 | Unspecified vulnerability in XMB Forum XMB 1.9.1 xmb.php in XMB Forum 1.9.1 extracts and defines all provided variables, which allows remote attackers to modify arbitrary server variables such as _SERVER[REMOTE_ADDR]. | 5.0 |
| 2005-08-16 | CVE-2005-2572 | Remote Code Execution vulnerability in Oracle Mysql 5.0.33 MySQL, when running on Windows, allows remote authenticated users with insert privileges on the mysql.func table to cause a denial of service (server hang) and possibly execute arbitrary code via (1) a request for a non-library file, which causes the Windows LoadLibraryEx function to block, or (2) a request for a function in a library that has the XXX_deinit or XXX_init functions defined but is not tailored for mySQL, such as jpeg1x32.dll and jpeg2x32.dll. network oracle | 8.5 |