Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-03-01 | CVE-2004-0983 | Denial Of Service vulnerability in Yukihiro Matsumoto Ruby CGI Module The CGI module in Ruby 1.6 before 1.6.8, and 1.8 before 1.8.2, allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via a certain HTTP request. | 5.0 |
| 2005-02-28 | CVE-2005-0625 | Information Disclosure vulnerability in Debian Reportbug 2.60/2.61/3.2 reportbug 3.2 includes settings from .reportbugrc in bug reports, which exposes sensitive information such as smtpuser and smtppasswd. | 2.1 |
| 2005-02-28 | CVE-2005-0624 | Local Security vulnerability in Debian Reportbug 2.60/2.61 reportbug before 2.62 creates the .reportbugrc configuration file with world-readable permissions, which allows local users to obtain email smarthost passwords. | 2.1 |
| 2005-02-28 | CVE-2005-0619 | Information Disclosure vulnerability in Einstein Einstein 1.0.1 stores sensitive information such as usernames and passwords in plaintext in the registry, which allows local users to gain privileges. | 2.1 |
| 2005-02-28 | CVE-2005-0616 | Cross-Site Scripting vulnerability in Download module for PostNuke Multiple cross-site scripting (XSS) vulnerabilities in the Download module for PostNuke 0.750 and 0.760-RC2 allow remote attackers to inject arbitrary web script or HTML via the (1) Program name, (2) File link, (3) Author name (4) Author e-mail address, (5) File size, (6) Version, or (7) Home page variables. network postnuke-software-foundation | 4.3 |
| 2005-02-28 | CVE-2005-0613 | Unspecified vulnerability in Fckeditor 2.0Rc2 Unknown vulnerability in FCKeditor 2.0 RC2, when used with PHP-Nuke, allows remote attackers to upload arbitrary files. | 5.0 |
| 2005-02-28 | CVE-2005-0608 | Denial-Of-Service vulnerability in Webmod 0.47 Heap-based buffer overflow in server.cpp for WebMod 0.47 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a POST request with a Content-Length that is less than the amount of data that is actually sent. | 7.5 |
| 2005-02-28 | CVE-2004-0945 | Denial-Of-Service vulnerability in Mitel 3300 Integrated Communication Platform The web management interface for Mitel 3300 Integrated Communications Platform (ICP) before 4.2.2.11 allows remote authenticated users to cause a denial of service (resource exhaustion) via a large number of active sessions, which exceeds ICP's maximum. | 5.0 |
| 2005-02-25 | CVE-2005-0580 | Local Security vulnerability in Cmd5Checkpw 0.20/0.21/0.22 cmd5checkpw, when running setuid, does not properly drop privileges before calling the execvp function, which allows local users to read the poppasswd file. | 2.1 |
| 2005-02-25 | CVE-2005-0579 | Local Security vulnerability in FreeNX nxagent in FreeNX before 0.2.8 does not properly handle when the XAUTHORITY environment variable is not set, which allows local users to access the X server without X authentication. | 4.6 |