Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-05-02 | CVE-2005-1284 | Unspecified vulnerability in Argosoft Mail Server 1.8.7.6 The addnew script in Argosoft Mail Server Pro 1.8.7.6 allows remote attackers to create arbitrary accounts, even if "Allow Creation of Accounts From the Web Interface" is disabled, via a direct HTTP POST request. | 7.5 |
| 2005-05-02 | CVE-2005-1282 | HTML Injection vulnerability in Argosoft Mail Server 1.8.7.6 Multiple cross-site scripting (XSS) vulnerabilities in Argosoft Mail Server Pro 1.8.7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the src parameter in an IMG tag, (2) User settings, or (3) Address book input boxes in the webmail interface. network argosoft | 4.3 |
| 2005-05-02 | CVE-2005-1280 | Denial Of Service vulnerability in tcpdump RSVP Decoding Routines The rsvp_print function in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4. | 5.0 |
| 2005-05-02 | CVE-2005-1279 | Denial Of Service vulnerability in tcpdump LDP Decoding Routines tcpdump 3.8.3 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted (1) BGP packet, which is not properly handled by RT_ROUTING_INFO, or (2) LDP packet, which is not properly handled by the ldp_print function. | 5.0 |
| 2005-05-02 | CVE-2005-1278 | Denial Of Service vulnerability in tcpdump ISIS Decoding Routines The isis_print function, as called by isoclns_print, in tcpdump 3.9.1 and earlier allows remote attackers to cause a denial of service (infinite loop) via a zero length, as demonstrated using a GRE packet. | 5.0 |
| 2005-05-02 | CVE-2005-1245 | HTML Tidy Cross-Site Scripting vulnerability in MediaWiki Cross-site scripting (XSS) vulnerability in MediaWiki before 1.4.2, when using HTML Tidy ($wgUseTidy), allows remote attackers to inject arbitrary web script or HTML via unknown vectors. network mediawiki | 4.3 |
| 2005-05-02 | CVE-2005-1243 | Directory Traversal vulnerability in Axcessit Directory traversal vulnerability in the third party tool from SafeStone, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request. | 5.0 |
| 2005-05-02 | CVE-2005-1242 | Directory Traversal vulnerability in Global Security Directory traversal vulnerability in the third party tool from Bsafe, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request. | 5.0 |
| 2005-05-02 | CVE-2005-1239 | Unspecified vulnerability in Raz-Lee Security+++ Directory traversal vulnerability in the third party tool from Raz-Lee, as used to secure the iSeries AS/400 FTP server, allows remote attackers to access arbitrary files, including those from qsys.lib, via ".." sequences in a GET request. | 5.0 |
| 2005-05-02 | CVE-2005-1238 | Remote Security vulnerability in Iseries As 400 By design, the built-in FTP server for iSeries AS/400 systems does not support a restricted document root, which allows attackers to read or write arbitrary files, including sensitive QSYS databases, via a full pathname in a GET or PUT request. | 7.5 |