Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-12-29 | CVE-2003-1215 | SQL Injection vulnerability in phpBB GroupCP.PHP SQL injection vulnerability in groupcp.php for phpBB 2.0.6 and earlier allows group moderators to perform unauthorized activities via the sql_in parameter. | 4.6 |
| 2003-12-29 | CVE-2003-1200 | Buffer Overflow vulnerability in Alt-N MDaemon/WorldClient Form2Raw Raw Message Handler Stack-based buffer overflow in FORM2RAW.exe in Alt-N MDaemon 6.5.2 through 6.8.5 allows remote attackers to execute arbitrary code via a long From parameter to Form2Raw.cgi. | 7.5 |
| 2003-12-26 | CVE-2003-1198 | Remote Content Length Denial Of Service vulnerability in Cherokee HTTP Post connection.c in Cherokee web server before 0.4.6 allows remote attackers to cause a denial of service via an HTTP POST request without a Content-Length header field. | 5.0 |
| 2003-12-15 | CVE-2003-0976 | Remote Security vulnerability in Novell Netware 6.5 NFS Server (XNFS.NLM) for Novell NetWare 6.5 does not properly enforce sys:\etc\exports when hostname aliases from sys:etc\hosts file are used, which could allow users to mount file systems when XNFS should deny the host. | 7.5 |
| 2003-12-15 | CVE-2003-0975 | Unspecified vulnerability in Apple mac OS X, mac OS X Server and Safari Apple Safari 1.0 through 1.1 on Mac OS X 10.3.1 and Mac OS X 10.2.8 allows remote attackers to steal user cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain. | 5.0 |
| 2003-12-15 | CVE-2003-0974 | Authentication Bypass vulnerability in Applied Watch Technologies Applied Watch Command Center 1.0 Applied Watch Command Center allows remote attackers to conduct unauthorized activities without authentication, such as (1) add new users to a console, as demonstrated using appliedsnatch.c, or (2) add spurious IDS rules to sensors, as demonstrated using addrule.c. | 7.5 |
| 2003-12-15 | CVE-2003-0973 | Unspecified vulnerability in Apache MOD Python Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string. | 5.0 |
| 2003-12-15 | CVE-2003-0972 | Unspecified vulnerability in GNU Screen Integer signedness error in ansi.c for GNU screen 4.0.1 and earlier, and 3.9.15 and earlier, allows local users to execute arbitrary code via a large number of ";" (semicolon) characters in escape sequences, which leads to a buffer overflow. | 10.0 |
| 2003-12-15 | CVE-2003-0971 | Unspecified vulnerability in GNU Privacy Guard GnuPG (GPG) 1.0.2, and other versions up to 1.2.3, creates ElGamal type 20 (sign+encrypt) keys using the same key component for encryption as for signing, which allows attackers to determine the private key from a signature. | 5.0 |
| 2003-12-15 | CVE-2003-0970 | Denial-Of-Service vulnerability in SUN Fire B1600 The Network Management Port on Sun Fire B1600 systems allows remote attackers to cause a denial of service (packet loss) via ARP packets, which cause all ports to become temporarily disabled. | 5.0 |