Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2005-04-14	CVE-2004-1090	Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service via "a corrupt section header." network low complexity midnight-commander debian gentoo redhat suse turbolinux	5.0
2005-04-14	CVE-2004-1009	Midnight commander (mc) 4.5.55 and earlier allows remote attackers to cause a denial of service (infinite loop) via unknown attack vectors. network low complexity midnight-commander debian gentoo redhat suse turbolinux	5.0
2005-01-10	CVE-2004-1014	Remote Denial Of Service vulnerability in Linux NFS RPC.STATD statd in nfs-utils 1.257 and earlier does not ignore the SIGPIPE signal, which allows remote attackers to cause a denial of service (server process crash) via a TCP connection that is prematurely terminated. network low complexity nfs debian mandrakesoft redhat	5.0
2005-01-10	CVE-2004-0915	Multiple unknown vulnerabilities in viewcvs before 0.9.2, when exporting a repository as a tar archive, does not properly implement the hide_cvsroot and forbidden settings, which could allow remote attackers to gain sensitive information. network low complexity viewcvs debian	5.0
2004-12-15	CVE-2004-1145	Multiple vulnerabilities in Konqueror in KDE 3.3.1 and earlier (1) allow access to restricted Java classes via JavaScript and (2) do not properly restrict access to certain Java classes from the Java applet, which allows remote attackers to bypass sandbox restrictions and read or write arbitrary files. network low complexity ethereal-group sgi conectiva altlinux debian redhat suse	5.0
2004-12-06	CVE-2002-1581	Directory traversal vulnerability in nph-mr.cgi in Mailreader.com 2.3.20 through 2.3.31 allows remote attackers to view arbitrary files via .. network low complexity mailreader-com debian	5.0
2004-09-28	CVE-2004-0643	Double Free vulnerability in multiple products Double free vulnerability in the krb5_rd_cred function for MIT Kerberos 5 (krb5) 1.3.1 and earlier may allow local users to execute arbitrary code. local low complexity mit debian redhat CWE-415	4.6
2004-08-06	CVE-2004-0583	Multiple Unspecified vulnerability in Webmin The account lockout functionality in (1) Webmin 1.140 and (2) Usermin 1.070 does not parse certain character strings, which allows remote attackers to conduct a brute force attack to guess user IDs and passwords. network low complexity usermin webmin debian	5.0
2004-02-16	CVE-2004-1180	Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash). network low complexity sun debian mandrakesoft	5.0
2003-08-27	CVE-2003-0615	Cross-Site Scripting vulnerability in CGI.pm Start_Form Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote attackers to insert web script via a URL that is fed into the form's action parameter. network cgi-pm openpkg debian	4.3