Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2003-01-17 | CVE-2002-1391 | Buffer Overrun vulnerability in MGetty Caller ID Excessive Name Length Buffer overflow in cnd-program for mgetty before 1.1.29 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a Caller ID string with a long CallerName argument. | 7.5 |
2003-01-07 | CVE-2002-0628 | Improper Restriction of Excessive Authentication Attempts vulnerability in Polycom products The Telnet service for Polycom ViewStation before 7.2.4 does not restrict the number of failed login attempts, which makes it easier for remote attackers to guess usernames and passwords via a brute force attack. | 7.5 |
2003-01-02 | CVE-2002-1384 | Integer Overflow vulnerability in Xpdf/CUPS pdftops Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf. | 7.2 |
2003-01-02 | CVE-2002-1379 | Unspecified vulnerability in Openldap 2.0 OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allows remote or local attackers to execute arbitrary code when libldap reads the .ldaprc file within applications that are running with extra privileges. | 7.5 |
2003-01-02 | CVE-2002-1378 | Buffer Overflow vulnerability in Openldap 2.0 Multiple buffer overflows in OpenLDAP2 (OpenLDAP 2) 2.2.0 and earlier allow remote attackers to execute arbitrary code via (1) long -t or -r parameters to slurpd, (2) a malicious ldapfilter.conf file that is not properly handled by getfilter functions, (3) a malicious ldaptemplates.conf that causes an overflow in libldap, (4) a certain access control list that causes an overflow in slapd, or (5) a long generated filename for logging rejected replication requests. | 7.5 |
2002-12-31 | CVE-2002-2421 | Improper Input Validation vulnerability in Andrey Cherezov Acweb 1.14 acWEB 1.14 allows remote attackers to cause a denial of service (crash) via an HTTP request for a MS-DOS device name such as COM2. | 7.8 |
2002-12-31 | CVE-2002-2420 | Improper Input Validation vulnerability in Independent Solution Simple Site Searcher and Super Site Searcher site_searcher.cgi in Super Site Searcher allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter. | 7.5 |
2002-12-31 | CVE-2002-2419 | Numeric Errors vulnerability in Dctc Project Dctc 0.83.3 Direct connect text client (DCTC) client 0.83.3 allows remote attackers to cause a denial of service (crash) via a string ending with a NULL byte character. | 7.8 |
2002-12-31 | CVE-2002-2408 | Unspecified vulnerability in Gordano Ntmail 8.0 Gordano Messaging Server (GMS) Mail 8 (a.k.a. | 7.5 |
2002-12-31 | CVE-2002-2396 | Buffer Errors vulnerability in Remi Lefebvre Advanced Tftp 0.5/0.6 Buffer overflow in Advanced TFTP (atftp) 0.5 and 0.6, if installed setuid or setgid, may allow local users to execute arbitrary code via a long argument to the -g option. | 7.2 |