Vulnerabilities
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-11-17 | CVE-2003-0853 | Integer Overflow vulnerability in Coreutils LS Width Argument An integer overflow in ls in the fileutils or coreutils packages may allow local users to cause a denial of service or execute arbitrary code via a large -w value, which could be remotely exploited via applications that use ls, such as wu-ftpd. | 5.0 |
| 2003-11-17 | CVE-2003-0852 | Format string vulnerability in send_message.c for Sylpheed-claws 0.9.4 through 0.9.6 allows remote SMTP servers to cause a denial of service (crash) in sylpheed via format strings in an error message. | 5.0 |
| 2003-11-17 | CVE-2003-0850 | The TCP reassembly functionality in libnids before 1.18 allows remote attackers to cause "memory corruption" and possibly execute arbitrary code via "overlarge TCP packets." | 7.5 |
| 2003-11-17 | CVE-2003-0849 | Remote Security vulnerability in Cfengine Buffer overflow in net.c for cfengine 2.x before 2.0.8 allows remote attackers to execute arbitrary code via certain packets with modified length values, which is trusted by the ReceiveTransaction function when using a buffer provided by the BusyWithConnection function. | 7.5 |
| 2003-11-17 | CVE-2003-0848 | Unspecified vulnerability in Slocate Heap-based buffer overflow in main.c of slocate 2.6, and possibly other versions, may allow local users to gain privileges via a modified slocate database that causes a negative "pathlen" value to be used. | 4.6 |
| 2003-11-17 | CVE-2003-0847 | Local Security vulnerability in Suse Linux 8.2 SuSEconfig.susewm in the susewm package on SuSE Linux 8.2Pro allows local users to overwrite arbitrary files via a symlink attack on the susewm.$$ temporary file. | 4.6 |
| 2003-11-17 | CVE-2003-0846 | Local Security vulnerability in Suse Linux 7.3 SuSEconfig.javarunt in the javarunt package on SuSE Linux 7.3Pro allows local users to overwrite arbitrary files via a symlink attack on the .java_wrapper temporary file. | 4.6 |
| 2003-11-17 | CVE-2003-0845 | SQL Injection vulnerability in Jboss 3.0.8/3.2.1 Unknown vulnerability in the HSQLDB component in JBoss 3.2.1 and 3.0.8 on Java 1.4.x platforms, when running in the default configuration, allows remote attackers to conduct unauthorized activities and possibly execute arbitrary code via certain SQL statements to (1) TCP port 1701 in JBoss 3.2.1, and (2) port 1476 in JBoss 3.0.8. | 7.5 |
| 2003-11-17 | CVE-2003-0844 | Link Following vulnerability in Schroepl MOD Gzip mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode without the Apache log, allows local users to overwrite arbitrary files via (1) a symlink attack on predictable temporary filenames on Unix systems, or (2) an NTFS hard link on Windows systems when the "Strengthen default permissions of internal system objects" policy is not enabled. | 7.1 |
| 2003-11-17 | CVE-2003-0843 | Remote Security vulnerability in Mod Gzip Format string vulnerability in mod_gzip_printf for mod_gzip 1.3.26.1a and earlier, and possibly later official versions, when running in debug mode and using the Apache log, allows remote attackers to execute arbitrary code via format string characters in an HTTP GET request with an "Accept-Encoding: gzip" header. | 7.5 |