Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2005-01-27 | CVE-2004-0882 | Buffer overflow in the QFILEPATHINFO request handler in Samba 3.0.x through 3.0.7 may allow remote attackers to execute arbitrary code via a TRANSACT2_QFILEPATHINFO request with a small "maximum data bytes" value. | 10.0 |
2005-01-27 | CVE-2004-0881 | getmail 4.x before 4.2.0, and other versions before 3.2.5, when run as root, allows local users to write files in arbitrary directories via a symlink attack on subdirectories in the maildir. | 2.1 |
2005-01-27 | CVE-2004-0880 | getmail 4.x before 4.2.0, when run as root, allows local users to overwrite arbitrary files via a symlink attack on an mbox file. | 1.2 |
2005-01-26 | CVE-2005-0162 | Remote Buffer Overflow vulnerability in Xelerance Corporation Openswan XAUTH/PAM Stack-based buffer overflow in the get_internal_addresses function in the pluto application for Openswan 1.x before 1.0.9, and Openswan 2.x before 2.3.0, when compiled with XAUTH and PAM enabled, allows remote authenticated attackers to execute arbitrary code. | 7.2 |
2005-01-26 | CVE-2004-1340 | Unspecified vulnerability in Debian Linux 3.0 Debian GNU/Linux 3.0 installs the libpam-radius-auth package with the pam_radius_auth.conf set to be world-readable, which allows local users to obtain sensitive information. | 2.1 |
2005-01-26 | CVE-2003-1021 | Local Command Line Buffer Overflow vulnerability in SCO scosession The scosession program in OpenServer 5.0.6 and 5.0.7 allows local users to gain privileges via crafted strings on the commandline. | 7.2 |
2005-01-25 | CVE-2005-0309 | Cross-Site Scripting vulnerability in Exponent 0.95 Multiple cross-site scripting (XSS) vulnerabilities in (1) index.php or (2) mod.php in Exponent 0.95 allow remote attackers to inject arbitrary web script or HTML via the module parameter. network exponent | 4.3 |
2005-01-25 | CVE-2005-0307 | Input Validation vulnerability in Mercuryboard 1.1/1.1.1 Multiple cross-site scripting (XSS) vulnerabilities in index.php in MercuryBoard 1.1.1 allow remote attackers to inject arbitrary web script or HTML via the (1) s, (2) l, (3) a, (4) t, (5) to, or (6) re parameters. network mercuryboard | 4.3 |
2005-01-25 | CVE-2005-0306 | Input Validation vulnerability in Mercuryboard 1.1/1.1.1 MercuryBoard 1.1.1 allows remote attackers to gain sensitive information via an HTTP request with the n parameter set to 0, which causes a divide-by-zero error and reveals the path in the resulting error message. | 5.0 |
2005-01-25 | CVE-2005-0096 | Remote Denial Of Service vulnerability in Squid Proxy NTLM Fakeauth_Auth Memory Leak Memory leak in the NTLM fakeauth_auth helper for Squid 2.5.STABLE7 and earlier allows remote attackers to cause a denial of service (memory consumption). | 5.0 |