Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2003-10-06 | CVE-2003-0697 | Denial-Of-Service vulnerability in IBM AIX 4.3/5.1/5.2 Format string vulnerability in lpd in the bos.rte.printers fileset for AIX 4.3 through 5.2, with debug enabled, allows local users to cause a denial of service (crash) or gain root privileges. | 7.2 |
2003-10-06 | CVE-2003-0695 | Unspecified vulnerability in Openbsd Openssh Multiple "buffer management errors" in OpenSSH before 3.7.1 may allow attackers to cause a denial of service or execute arbitrary code using (1) buffer_init in buffer.c, (2) buffer_free in buffer.c, or (3) a separate function in channels.c, a different vulnerability than CVE-2003-0693. | 7.5 |
2003-10-06 | CVE-2003-0692 | Unspecified vulnerability in KDE KDM in KDE 3.1.3 and earlier uses a weak session cookie generation algorithm that does not provide 128 bits of entropy, which allows attackers to guess session cookies via brute force methods and gain access to the user session. | 7.5 |
2003-10-06 | CVE-2003-0682 | Remote Security vulnerability in OpenSSH "Memory bugs" in OpenSSH 3.7.1 and earlier, with unknown impact, a different set of vulnerabilities than CVE-2003-0693 and CVE-2003-0695. | 7.5 |
2003-10-06 | CVE-2003-0681 | Buffer Overflow vulnerability in Sendmail Ruleset Parsing A "potential buffer overflow in ruleset parsing" for Sendmail 8.12.9, when using the nonstandard rulesets (1) recipient (2), final, or (3) mailer-specific envelope recipients, has unknown consequences. | 7.5 |
2003-10-06 | CVE-2003-0680 | Unspecified vulnerability in SGI Irix 6.5.21/6.5.21F/6.5.21M Unknown vulnerability in NFS for SGI IRIX 6.5.21 and earlier may allow an NFS client to bypass read-only restrictions. | 7.5 |
2003-09-22 | CVE-2003-0779 | Unspecified vulnerability in Digium Asterisk SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a CallerID string. | 7.5 |
2003-09-22 | CVE-2003-0776 | Remote vulnerability in Multiple Sane Package saned in sane-backends 1.0.7 and earlier does not properly "check the validity of the RPC numbers it gets before getting the parameters," with unknown consequences. | 7.5 |
2003-09-22 | CVE-2003-0774 | Remote vulnerability in Multiple Sane Package saned in sane-backends 1.0.7 and earlier does not quickly handle connection drops, which allows remote attackers to cause a denial of service (segmentation fault) when invalid memory is accessed. | 7.5 |
2003-09-22 | CVE-2003-0773 | Remote vulnerability in Multiple Sane Package saned in sane-backends 1.0.7 and earlier does not check the IP address of the connecting host during the SANE_NET_INIT RPC call, which allows remote attackers to use that call even if they are restricted in saned.conf. | 7.5 |