Vulnerabilities > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-10-04 | CVE-2002-0923 | Unspecified vulnerability in Cgiscript.Net Csnews 1.0/1.0Professional CGIScript.net csNews.cgi allows remote authenticated users to read arbitrary files, and possibly gain privileges, via the (1) pheader or (2) pfooter parameters in the "Advanced Settings" capability. | 7.5 |
| 2002-10-04 | CVE-2002-0919 | Unspecified vulnerability in Cgiscript.Net Cspassword 1.0 CGIScript.net csPassword.cgi allows remote authenticated users to modify the .htaccess file and gain privileges via newlines in the title field of the edit page. | 7.5 |
| 2002-10-04 | CVE-2002-0917 | Unspecified vulnerability in Cgiscript.Net Cspassword 1.0 CGIScript.net csPassword.cgi stores .htpasswd files under the web document root, which could allow remote authenticated users to download the file and crack the passwords of other users. | 7.5 |
| 2002-10-04 | CVE-2002-0916 | Unspecified vulnerability in Stellar-X Software Msntauth Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and earlier, allows remote attackers to execute arbitrary code via format strings in the user name, which are not properly handled in a syslog call. | 7.5 |
| 2002-10-04 | CVE-2002-0913 | Remote Format String vulnerability in Stephen Hebditch Slurp 1.1.0 Format string vulnerability in log_doit function of Slurp NNTP client 1.1.0 allows a malicious news server to execute arbitrary code on the client via format strings in a server response. | 7.5 |
| 2002-10-04 | CVE-2002-0911 | Unspecified vulnerability in Caldera Volution Manager 1.1 Caldera Volution Manager 1.1 stores the Directory Administrator password in cleartext in the slapd.conf file, which could allow local users to gain privileges. | 7.2 |
| 2002-10-04 | CVE-2002-0910 | Buffer Overflow vulnerability in Debian Netstd 3.07 Buffer overflows in netstd 3.07-17 package allows remote DNS servers to execute arbitrary code via a long FQDN reply, as observed in the utilities (1) linux-ftpd, (2) pcnfsd, (3) tftp, (4) traceroute, or (5) from/to. | 7.5 |
| 2002-10-04 | CVE-2002-0909 | Buffer Overflow vulnerability in MNews Multiple buffer overflows in mnews 1.22 and earlier allow (1) a remote NNTP server to execute arbitrary code via long responses, or local users can gain privileges via long command line arguments (2) -f, (3) -n, (4) -D, (5) -M, or (6) -P, or via long environment variables (7) JNAMES or (8) MAILSERVER. | 7.5 |
| 2002-10-04 | CVE-2002-0907 | Remote Buffer Overflow vulnerability in Nullsoft Shoutcast Server 1.8.9 Buffer overflow in SHOUTcast 1.8.9 and other versions before 1.8.12 allows a remote authenticated DJ to execute arbitrary code on the server via a long value in a header whose name begins with "icy-". | 7.5 |
| 2002-10-04 | CVE-2002-0906 | Buffer Overflow vulnerability in Sendmail DNS Map TXT Record Buffer overflow in Sendmail before 8.12.5, when configured to use a custom DNS map to query TXT records, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malicious DNS server. | 7.5 |