Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-07-05 | CVE-2005-0393 | Unspecified vulnerability in Crip 3.5 The helper scripts for crip 3.5 do not properly use temporary files, which allows local users to have an unknown impact with unknown attack vectors. | 7.2 |
| 2005-07-05 | CVE-2005-0360 | Remote Security vulnerability in Log Sink Class Activex Control The Microsoft Log Sink Class ActiveX control in pkmcore.dll is marked as "safe for scripting" for Internet Explorer, which allows remote attackers to create or append to arbitrary files. | 5.0 |
| 2005-06-30 | CVE-2005-2069 | Cleartext Transmission of Sensitive Information vulnerability in Padl NSS Ldap and PAM Ldap pam_ldap and nss_ldap, when used with OpenLDAP and connecting to a slave using TLS, does not use TLS for the subsequent connection if the client is referred to a master, which may cause a password to be sent in cleartext and allows remote attackers to sniff the password. | 5.0 |
| 2005-06-29 | CVE-2005-2080 | Remote Agent for Windows Servers Privilege Escalation vulnerability in Veritas Backup Exec Unknown vulnerability in Remote Agent for Windows Servers (RAWS) in VERITAS Backup Exec 9.0 through 10.0 for Windows, and 9.0.4019 through 9.1.307 for NetWare, allows remote attackers to gain privileges by copying the handle for the server. | 7.5 |
| 2005-06-29 | CVE-2005-2078 | Remote Denial Of Service vulnerability in Sofotex Bisonftp V4R1 BisonFTP Server V4R1 allows remote authenticated users to cause a denial of service via an invalid command with a long argument. | 2.1 |
| 2005-06-29 | CVE-2005-2077 | Cross-Site Scripting vulnerability in Hosting Controller Error.ASP Cross-site scripting (XSS) vulnerability in error.asp for Hosting Controller allows remote attackers to inject arbitrary web script or HTML via the error parameter. network hosting-controller | 4.3 |
| 2005-06-29 | CVE-2005-2076 | Unspecified vulnerability in HP Version Control Repository Manager HP Version Control Repository Manager (VCRM) before 2.1.1.730 does not properly handle the "@" character in a proxy password, which could allow attackers with physical access to obtain portions of the password when it is displayed to the screen. | 2.1 |
| 2005-06-29 | CVE-2005-2073 | Local Security vulnerability in DB2 Universal Database Unknown vulnerability in IBM DB2 8.1.4 through 8.1.9 and 8.2.0 through 8.2.2 allows local users with SELECT privileges to conduct unauthorized activities and insert, update or delete table contents. | 2.1 |
| 2005-06-29 | CVE-2005-2072 | Permissions, Privileges, and Access Controls vulnerability in SUN Solaris and Sunos The runtime linker (ld.so) in Solaris 8, 9, and 10 trusts the LD_AUDIT environment variable in setuid or setgid programs, which allows local users to gain privileges by (1) modifying LD_AUDIT to reference malicious code and possibly (2) using a long value for LD_AUDIT. | 7.2 |
| 2005-06-29 | CVE-2005-2071 | Permissions, Privileges, and Access Controls vulnerability in SUN Solaris 10.0 traceroute in Sun Solaris 10 on x86 systems allows local users to execute arbitrary code with PRIV_NET_RAWACCESS privileges via (1) a large number of -g arguments or (2) a malformed -s argument with a trailing . | 4.6 |