Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-19 | CVE-2005-1455 | Buffer Overflow vulnerability in Freeradius 1.0.2 Buffer overflow in the sql_escape_func function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote attackers to cause a denial of service (crash). | 7.5 |
| 2005-05-19 | CVE-2005-1454 | SQL Injection vulnerability in Freeradius 1.0.2 SQL injection vulnerability in the radius_xlat function in the SQL module for FreeRADIUS 1.0.2 and earlier allows remote authenticated users to execute arbitrary SQL commands via (1) group_membership_query, (2) simul_count_query, or (3) simul_verify_query configuration entries. | 7.5 |
| 2005-05-19 | CVE-2005-1260 | Resource Exhaustion vulnerability in multiple products bzip2 allows remote attackers to cause a denial of service (hard drive consumption) via a crafted bzip2 file that causes an infinite loop (a.k.a "decompression bomb"). | 5.0 |
| 2005-05-19 | CVE-2005-0392 | Local Privilege Escalation vulnerability in PPXP ppxp does not drop root privileges before opening log files, which allows local users to execute arbitrary commands. | 7.2 |
| 2005-05-19 | CVE-2005-0040 | HTML Injection vulnerability in DotNetNuke User Registration Information Multiple cross-site scripting (XSS) vulnerabilities in DotNetNuke before 3.0.12 allow remote attackers to inject arbitrary web script or HTML via the (1) register a new user page, (2) User-Agent, or (3) Username, which is not properly quoted before sending to the error log. network dotnetnuke | 4.3 |
| 2005-05-18 | CVE-2005-1667 | Remote Denial of Service vulnerability in Datatrac Activity Console 1.1 DataTrac Activity Console 1.1 allows remote attackers to cause a denial of service via a long HTTP GET request. | 5.0 |
| 2005-05-18 | CVE-2005-1666 | Remote Buffer Overflow vulnerability in Orenosv HTTP/FTP Server FTP Commands Multiple buffer overflows in Orenosv HTTP/FTP Server 0.8.1 allow remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via long arguments to FTP commands such as MKD, RMD, or DELE, which are processed by the (1) ftp_xlate_path, (2) ftp_is_canonical, or (3) os_fn_nativize functions, or (4) a long SSI command that is processed by the parse_cmd function in cgissi.exe. | 7.5 |
| 2005-05-18 | CVE-2005-1665 | Denial-Of-Service vulnerability in ASP.Net 1.0/1.1 The __VIEWSTATE functionality in Microsoft ASP.NET 1.x, when not cryptographically signed, allows remote attackers to cause a denial of service (CPU consumption) via deeply nested markup. | 5.0 |
| 2005-05-18 | CVE-2005-1664 | Unspecified vulnerability in Microsoft Asp.Net 1.0/1.1 The __VIEWSTATE functionality in Microsoft ASP.NET 1.x allows remote attackers to conduct replay attacks to (1) apply a ViewState generated from one view to a different view, (2) reuse ViewState information after the application's state has changed, or (3) use the ViewState to conduct attacks or expose content to third parties. | 6.4 |
| 2005-05-18 | CVE-2005-1663 | Directory Traversal And Denial Of Service vulnerability in Jeuce Personal web Server 2.13 Jeuce Personal Web Server 2.13 allows remote attackers to cause a denial of service (server crash) via a GET request beginning with "://". | 5.0 |