Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-12-15 | CVE-2003-0968 | Remote Security vulnerability in FreeRADIUS Stack-based buffer overflow in SMB_Logon_Server of the rlm_smb experimental module for FreeRADIUS 0.9.3 and earlier allows remote attackers to execute arbitrary code via a long User-Password attribute. | 10.0 |
| 2003-12-15 | CVE-2003-0967 | Unspecified vulnerability in Freeradius rad_decode in FreeRADIUS 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a short RADIUS string attribute with a tag, which causes memcpy to be called with a -1 length argument, as demonstrated using the Tunnel-Password attribute. | 5.0 |
| 2003-12-15 | CVE-2003-0962 | Remote Heap Overflow vulnerability in RSync Daemon Mode Undisclosed Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail. | 7.5 |
| 2003-12-15 | CVE-2003-0961 | Unspecified vulnerability in Linux Kernel Integer overflow in the do_brk function for the brk system call in Linux kernel 2.4.22 and earlier allows local users to gain root privileges. | 7.2 |
| 2003-12-15 | CVE-2003-0960 | Unspecified vulnerability in Openca OpenCA before 0.9.1.4 does not use the correct certificate in a chain to check the serial, which could cause OpenCA to accept revoked or expired certificates. | 7.5 |
| 2003-12-15 | CVE-2003-0955 | Local Malformed Binary Execution Denial of Service vulnerability in Openbsd 3.3/3.4 OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled by (1) ibcs2_exec.c in the iBCS2 emulation (compat_ibcs2) or (2) exec_elf.c, which leads to a stack-based buffer overflow. | 4.6 |
| 2003-12-15 | CVE-2003-0951 | Remote Security vulnerability in HP Hp-Ux 11.23 Partition Manager (parmgr) in HP-UX B.11.23 does not properly validate certificates that are provided by the cimserver, which allows attackers to obtain sensitive data or gain privileges. | 7.5 |
| 2003-12-15 | CVE-2003-0950 | Unspecified vulnerability in Peoplesoft Peopletools PeopleSoft PeopleTools 8.1x, 8.2x, and 8.4x allows remote attackers to execute arbitrary commands by uploading a file to the IClient Servlet, guessing the insufficiently random (system time) name of the directory used to store the file, and directly requesting that file. | 7.5 |
| 2003-12-15 | CVE-2003-0948 | Local ARGV Command Line Buffer Overflow vulnerability in IWConfig Buffer overflow in iwconfig allows local users to execute arbitrary code via a long HOME environment variable. | 7.2 |
| 2003-12-15 | CVE-2003-0947 | Classic Buffer Overflow vulnerability in Wireless Tools Project Wireless Tools Buffer overflow in iwconfig, when installed setuid, allows local users to execute arbitrary code via a long OUT environment variable. | 7.2 |