Vulnerabilities
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-12-31 | CVE-2004-2422 | Buffer Overflow Denial Of Service vulnerability in Ipswitch IMail Server Multiple features in Ipswitch IMail Server before 8.13 allow remote attackers to cause a denial of service (crash) via (1) a long sender field to the Queue Manager or (2) a long To field to the Web Messaging component. | 5.0 |
2004-12-31 | CVE-2004-2421 | Remote vulnerability in Hitachi JP1 P-1B41-9461, JP1 P-1B41-9471 and JP1 P-1J41-9471 Unknown vulnerability in Hitachi Job Management Partner (JP1) JP1/File Transmission Server/FTP 6 and 7, when running on HP-UX in trusted mode, allows attackers to bypass authentication and gain administrator rights. | 10.0 |
2004-12-31 | CVE-2004-2420 | Remote vulnerability in Hitachi JP1 P-1B41-9461, JP1 P-1B41-9471 and JP1 P-1J41-9471 Hitachi Job Management Partner (JP1) JP1/File Transmission Server/FTP 6 and 7 allows remote attackers to cause a denial of service (daemon halt) via a port scan involving reset packets. | 5.0 |
2004-12-31 | CVE-2004-2419 | Directory Traversal and Authentication Bypass vulnerability in Keene Digital Media Server Keene Digital Media Server 1.0.2 allows local users to obtain usernames and passwords by reading the dmscore.db file on the local system. | 2.1 |
2004-12-31 | CVE-2004-2417 | Remote Format String vulnerability in Smtp.Proxy 1.1.3 Format string vulnerability in smtp.c for smtp.proxy 1.1.3 and earlier allows remote attackers to execute arbitrary code via format string specifiers in the (1) client hostname or (2) message-id, which are injected into a syslog message. | 7.5 |
2004-12-31 | CVE-2004-2416 | Remote Buffer Overflow vulnerability in Youngzsoft Ccproxy 6.0 Buffer overflow in the logging component of CCProxy allows remote attackers to execute arbitrary code via a long HTTP GET request. | 7.5 |
2004-12-31 | CVE-2004-2415 | Denial Of Service vulnerability in Davenport XML Expansion Davenport before 0.9.10 allows attackers to cause a denial of service (resource consumption) via (1) a very large XML file or (2) entity expansion attacks. | 5.0 |
2004-12-31 | CVE-2004-2414 | Unspecified vulnerability in Novell Netware 6.5 Novell NetWare 6.5 SP 1.1, when installing or upgrading using the Overlay CDs and performing a custom installation with OpenSSH, includes sensitive password information in the (1) NIOUTPUT.TXT and (2) NI.LOG log files, which might allow local users to obtain the passwords. | 2.1 |
2004-12-31 | CVE-2004-2413 | SQL Injection vulnerability in Virtual Programming VP-ASP Shopproductselect Script SQL injection vulnerability in VP-ASP Shopping Cart 4.0 through 5.0 allows remote attackers to execute arbitrary SQL commands via the (1) Processed0 and (2) Processed1 parameters in a POST request to shopproductselect.asp. | 7.5 |
2004-12-31 | CVE-2004-2412 | SQL Injection vulnerability in Virtual Programming VP-ASP Shopping Cart CatalogID Multiple SQL injection vulnerabilities in VP-ASP Shopping Cart 4.0 through 5.0 allow remote attackers to execute arbitrary SQL commands via the catalogid parameter in (1) shopreviewlist.asp and (2) shopreviewadd.asp. | 7.5 |