Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-05-02 | CVE-2005-0439 | Remote vulnerability in ELOG Web Logbook Buffer overflow in the decode_post function in ELOG before 2.5.7 allows remote attackers to execute arbitrary code via attachments with long file names. | 7.5 |
2005-05-02 | CVE-2005-0438 | Information Disclosure vulnerability in Awstats 6.3/6.4 awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to obtain sensitive information by setting the debug parameter. | 5.0 |
2005-05-02 | CVE-2005-0437 | Directory Traversal vulnerability in Awstats 6.3/6.4 Directory traversal vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to include arbitrary Perl modules via .. | 7.5 |
2005-05-02 | CVE-2005-0436 | Remote Security vulnerability in Awstats 6.3/6.4 Direct code injection vulnerability in awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to execute portions of Perl code via the PluginMode parameter. | 7.5 |
2005-05-02 | CVE-2005-0435 | Remote Security vulnerability in Awstats 6.3/6.4 awstats.pl in AWStats 6.3 and 6.4 allows remote attackers to read server web logs by setting the loadplugin and pluginmode parameters to rawlog. | 5.0 |
2005-05-02 | CVE-2005-0432 | Remote Security vulnerability in BEA Weblogic Server 7.0/8.1 BEA WebLogic Server 7.0 Service Pack 5 and earlier, and 8.1 Service Pack 3 and earlier, generates different login exceptions that suggest why an authentication attempt fails, which makes it easier for remote attackers to guess passwords via brute force attacks. | 5.0 |
2005-05-02 | CVE-2005-0431 | Remote Security vulnerability in Barracuda Networks Barracuda Spam Firewall 3.1.10 Barracuda Spam Firewall 3.1.10 and earlier does not restrict the domains that white-listed domains can send mail to, which allows members of white-listed domains to use Barracuda as an open mail relay for spam. | 7.5 |
2005-05-02 | CVE-2005-0429 | Remote Command Execution vulnerability in VBulletin Forumdisplay.PHP Direct code injection vulnerability in forumdisplay.php in vBulletin 3.0 through 3.0.4, when showforumusers is enabled, allows remote attackers to execute inject arbitrary PHP commands via the comma parameter. | 5.0 |
2005-05-02 | CVE-2005-0428 | Remote Denial of Service vulnerability in Powerdns 2.0Rc1/2.8/2.9.15 The DNSPacket::expand method in dnspacket.cc in PowerDNS before 2.9.17 allows remote attackers to cause a denial of service by sending a random stream of bytes. | 5.0 |
2005-05-02 | CVE-2005-0427 | Remote Security vulnerability in webmin-1.140.ebuild The ebuild of Webmin before 1.170-r3 on Gentoo Linux includes the encrypted root password in the miniserv.users file when building a tbz2 of the webmin package, which allows remote attackers to obtain and possibly crack the encrypted password. | 5.0 |