Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-09-07 | CVE-2005-2816 | Cross-Site Scripting vulnerability in Greymatter Cross-site scripting (XSS) vulnerability in Greymatter allows remote attackers to inject arbitrary web script or HTML via a post comment, which is recorded in a log file but not properly handled when the administrator uses "View Control Panel Log" to read the log file. network greymatter | 4.3 |
| 2005-09-07 | CVE-2005-2815 | Denial-Of-Service vulnerability in Flatnuke 2.5.6 print.php in FlatNuke 2.5.6 allows remote attackers to obtain sensitive information (path disclosure on error) or cause a denial of service (resource consumption) via an MS-DOS device name in the news parameter to print.php, such as (1) AUX, (2) CON, (3) PRN, (4) COM1, or (5) LPT1. | 6.4 |
| 2005-09-07 | CVE-2005-2814 | Cross-Site Scripting vulnerability in Flatnuke 2.5.6 Cross-site scripting (XSS) vulnerability in FlatNuke 2.5.6 allows remote attackers to inject arbitrary web script or HTML via the usr parameter in a vis_reg operation to index.php. network flatnuke | 4.3 |
| 2005-09-07 | CVE-2005-2813 | Directory Traversal vulnerability in Flatnuke 2.5.6 Directory traversal vulnerability in FlatNuke 2.5.6 and possibly earlier allows remote attackers to read arbitrary files via ".." sequences and "%00" (trailing null byte) characters in the id parameter to the read mod in index.php. | 5.0 |
| 2005-09-07 | CVE-2005-2812 | Scripts Command Execution vulnerability in Man2Web 0.87/0.88 man2web allows remote attackers to execute arbitrary commands via -P arguments. | 7.5 |
| 2005-09-07 | CVE-2005-2811 | Local Security vulnerability in Net-SNMP Untrusted search path vulnerability in Net-SNMP 5.2.1.2 and earlier, on Gentoo Linux, installs certain Perl modules with an insecure DT_RPATH, which could allow local users to gain privileges. | 4.6 |
| 2005-09-07 | CVE-2005-2810 | Local Security vulnerability in Urban Multiple stack-based buffer overflows in urban before 1.5.3 allow local users to gain privileges via a long HOME environment variable to (1) config.cc, (2) game.cc, (3) highscor.cc, or (4) meny.cc. | 7.2 |
| 2005-09-07 | CVE-2005-2809 | Unspecified vulnerability in Silc Secure Internet Live Conferencing silc daemon (silcd.c) in Secure Internet Live Conferencing (SILC) 1.0 and earlier allows local users to overwrite arbitrary files via a symlink attack on the silcd.[PID].stats temporary file. | 2.1 |
| 2005-09-07 | CVE-2005-2808 | Security Bypass vulnerability in Frox 0.7.16/0.7.17 frox 0.7.16 and 0.7.17 does not properly parse certain Deny ACLs, which might allow attackers to bypass intended restrictions and access blocked hosts. | 7.5 |
| 2005-09-07 | CVE-2005-2807 | Unspecified vulnerability in Frox 0.7.18 frox 0.7.18, when running setuid root, does not properly drop privileges when reading a configuration file, which allows local users to read portions of arbitrary files via the -f command line option. | 7.2 |