Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-04-27 | CVE-2004-1487 | Remote vulnerability in GNU WGet wget 1.8.x and 1.9.x allows a remote malicious web server to overwrite certain files via a redirection URL containing a ".." that resolves to the IP address of the malicious server, which bypasses wget's filtering for ".." sequences. | 5.0 |
2005-04-27 | CVE-2004-1342 | Unspecified vulnerability in CVS CVS 1.12 and earlier on Debian GNU/Linux, when using the repouid patch, allows remote attackers to bypass authentication via the pserver access method. | 7.5 |
2005-04-26 | CVE-2005-1281 | Denial Of Service vulnerability in Ethereal RSVP Decoding Routines Ethereal 0.10.10 and earlier allows remote attackers to cause a denial of service (infinite loop) via a crafted RSVP packet of length 4. | 5.0 |
2005-04-26 | CVE-2005-1274 | Remote Security vulnerability in MaxDB Stack-based buffer overflow in the getIfHeader function in the WebDAV functionality in MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via an HTTP unlock request and a long "If" parameter. | 10.0 |
2005-04-26 | CVE-2005-1270 | Local Insecure Temporary File Creation vulnerability in Rootkit Hunter The (1) check_update.sh and (2) rkhunter script in Rootkit Hunter before 1.2.3-r1 create temporary files with predictable file names, which allows local users to overwrite arbitrary files via a symlink attack. | 2.1 |
2005-04-25 | CVE-2005-1317 | Cross-Site Scripting vulnerability in Chora 1.2/1.2.2 Cross-site scripting (XSS) vulnerability in Horde Chora module before 1.2.3 allows remote attackers to inject arbitrary web script or HTML via the parent's frame page title. network horde | 6.8 |
2005-04-25 | CVE-2005-1300 | Cross-Site Scripting vulnerability in Inserter.Cgi Cross-site scripting (XSS) vulnerability in the inserter.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument. network inserter-cgi | 6.8 |
2005-04-25 | CVE-2005-1299 | The inserter.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument. | 10.0 |
2005-04-25 | CVE-2005-1298 | Remote Security vulnerability in Inserter.Cgi The inserter.cgi script allows remote attackers to read arbitrary files via a full pathname in the argument. | 7.5 |
2005-04-25 | CVE-2005-1297 | Cross-Site Scripting vulnerability in Include.Cgi Cross-site scripting (XSS) vulnerability in the include.cgi script allows remote attackers to inject arbitrary web script or HTML via the argument. network include-cgi | 6.8 |