Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-12-31 | CVE-2003-1374 | Buffer Errors vulnerability in HP Hp-Ux 11 Buffer overflow in disable of HP-UX 11.0 may allow local users to execute arbitrary code via a long argument to the (1) -r or (2)-c options. | 4.6 |
| 2003-12-31 | CVE-2003-1373 | Path Traversal vulnerability in PHPbb Group PHPbb Directory traversal vulnerability in auth.php for PhpBB 1.4.0 through 1.4.4 allows remote attackers to read and include arbitrary files via .. | 6.8 |
| 2003-12-31 | CVE-2003-1372 | Cross-Site Scripting vulnerability in Myphpnuke 1.8.8 Cross-site scripting (XSS) vulnerability in links.php script in myPHPNuke 1.8.8, and possibly earlier versions, allows remote attackers to inject arbitrary HTML and web script via the (1) ratenum or (2) query parameters. | 4.3 |
| 2003-12-31 | CVE-2003-1371 | Cross-Site Scripting vulnerability in Nuked-Klan 1.3Beta Nuked-Klan 1.3b, and possibly earlier versions, allows remote attackers to obtain sensitive server information via an op parameter set to phpinfo for the (1) Team, (2) News, or (3) Liens modules. | 4.3 |
| 2003-12-31 | CVE-2003-1370 | Cross-Site Scripting vulnerability in Nuked-Klan 1.2Beta Multiple cross-site scripting (XSS) vulnerabilities in Nuked-Klan 1.2b allow remote attackers to inject arbitrary HTML or web script via (1) the Author field in the Guestbook module, (2) the Titre or Pseudo fields in the Forum module, or (3) "La Tribune Libre" in the Shoutbox module. | 4.3 |
| 2003-12-31 | CVE-2003-1369 | Buffer Errors vulnerability in Save IT Software PTY Bytecatcherftp 1.04B Buffer overflow in ByteCatcher FTP client 1.04b allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner. | 6.8 |
| 2003-12-31 | CVE-2003-1368 | Buffer Errors vulnerability in Electrasoft FTP Client 9.49.01 Buffer overflow in the 32bit FTP client 9.49.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP server banner. | 6.4 |
| 2003-12-31 | CVE-2003-1367 | Configuration vulnerability in Great Circle Associates Majordomo 1.94.4/1.94.5 The which_access variable for Majordomo 2.0 through 1.94.4, and possibly earlier versions, is set to "open" by default, which allows remote attackers to identify the email addresses of members of mailing lists via a "which" command. | 7.8 |
| 2003-12-31 | CVE-2003-1366 | Information Exposure vulnerability in Openbsd chpass in OpenBSD 2.0 through 3.2 allows local users to read portions of arbitrary files via a hard link attack on a temporary file used to store user database information. | 3.3 |
| 2003-12-31 | CVE-2003-1365 | Improper Input Validation vulnerability in Perl CGI Lite 2.0 The escape_dangerous_chars function in CGI::Lite 2.0 and earlier does not correctly remove special characters including (1) "\" (backslash), (2) "?", (3) "~" (tilde), (4) "^" (carat), (5) newline, or (6) carriage return, which could allow remote attackers to read or write arbitrary files, or execute arbitrary commands, in shell scripts that rely on CGI::Lite to filter such dangerous inputs. | 5.0 |