Vulnerabilities > Configuration
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2003-12-31 | CVE-2003-1452 | Configuration vulnerability in Qualcomm Qpopper Untrusted search path vulnerability in Qualcomm qpopper 4.0 through 4.05 allows local users to execute arbitrary code by modifying the PATH environment variable to reference a malicious smbpasswd program. | 3.6 |
| 2003-12-31 | CVE-2003-1449 | Configuration vulnerability in Aladdin Knowledge Systems Esafe Gateway 3.5.126.0 Aladdin Knowlege Systems eSafe Gateway 3.5.126.0 does not check the entire stream of Content Vectoring Protocol (CVP) data, which allows remote attackers to bypass virus protection. | 7.5 |
| 2003-12-31 | CVE-2003-1426 | Configuration vulnerability in Cpanel 5.0 Openwebmail in cPanel 5.0, when run using suid Perl, adds the directory in the SCRIPT_FILENAME environment variable to Perl's @INC include array, which allows local users to execute arbitrary code by modifying SCRIPT_FILENAME to reference a directory containing a malicious openwebmail-shared.pl executable. | 3.3 |
| 2003-12-31 | CVE-2003-1367 | Configuration vulnerability in Great Circle Associates Majordomo 1.94.4/1.94.5 The which_access variable for Majordomo 2.0 through 1.94.4, and possibly earlier versions, is set to "open" by default, which allows remote attackers to identify the email addresses of members of mailing lists via a "which" command. | 7.8 |
| 2003-12-31 | CVE-2003-1362 | Configuration vulnerability in HP Bastille B.02.00.05 Bastille B.02.00.00 of HP-UX 11.00 and 11.11 does not properly configure the (1) NOVRFY and (2) NOEXPN options in the sendmail.cf file, which could allow remote attackers to verify the existence of system users and expand defined sendmail aliases. | 7.8 |
| 2003-12-31 | CVE-2003-1357 | Configuration vulnerability in Replicom Proxyview ProxyView has a default administrator password of Administrator for Embedded Windows NT, which allows remote attackers to gain access. | 10.0 |
| 2003-12-31 | CVE-2003-1352 | Configuration vulnerability in Gabber 0.8.7 Gabber 0.8.7 sends an email to a specific address during user login and logout, which allows remote attackers to obtain user session activity and Gabber version number by sniffing. | 5.0 |
| 2003-12-31 | CVE-2003-1341 | Configuration vulnerability in Trend Micro Officescan and Virus Buster The default installation of Trend Micro OfficeScan 3.0 through 3.54 and 5.x allows remote attackers to bypass authentication from cgiChkMasterPasswd.exe and gain access to the web management console via a direct request to cgiMasterPwd.exe. | 7.5 |
| 2002-12-31 | CVE-2002-2373 | Configuration vulnerability in Apple TCP IP Configuration Utility 12640 The default configuration of the TCP/IP printer configuration utility in Apple LaserWriter 12/640 PS printer contains a blank Telnet password, which allows remote attackers to gain access. | 7.5 |
| 2002-12-31 | CVE-2002-2336 | Configuration vulnerability in Symantec Norton Personal Firewall 2002 Norton Personal Firewall 2002 4.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. | 4.3 |