Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-08-12 | CVE-2002-0452 | Unspecified vulnerability in Foundrynet Serveriron Foundry Networks ServerIron switches do not decode URIs when applying "url-map" rules, which could make it easier for attackers to cause the switch to forward traffic to a different server than intended and exploit vulnerabilities that would otherwise be inaccessible. | 7.5 |
2002-08-12 | CVE-2002-0451 | Remote File Include vulnerability in PHPprojekt 3.1/3.1A filemanager_forms.php in PHProjekt 3.1 and 3.1a allows remote attackers to execute arbitrary PHP code by specifying the URL to the code in the lib_path parameter. | 7.5 |
2002-08-12 | CVE-2002-0428 | Unspecified vulnerability in Checkpoint Check Point Vpn, Firewall-1 and Next Generation Check Point FireWall-1 SecuRemote/SecuClient 4.0 and 4.1 allows clients to bypass the "authentication timeout" by modifying the to_expire or expire values in the client's users.C configuration file. | 7.5 |
2002-08-12 | CVE-2002-0426 | Unspecified vulnerability in Linksys Befvp41 1.01.04/1.39.64/1.40.1 VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys. | 7.5 |
2002-08-12 | CVE-2002-0420 | Unspecified vulnerability in Claymore Systems INC Puretls 0.9B1 Vulnerability in PureTLS before 0.9b2 related to injection attacks, which could possibly allow remote attackers to corrupt or hijack user sessions. | 7.5 |
2002-08-12 | CVE-2002-0414 | KAME-derived implementations of IPsec on NetBSD 1.5.2, FreeBSD 4.5, and other operating systems, does not properly consult the Security Policy Database (SPD), which could cause a Security Gateway (SG) that does not use Encapsulating Security Payload (ESP) to forward forged IPv4 packets. | 7.5 |
2002-08-12 | CVE-2002-0413 | Unspecified vulnerability in Rebb 1.0 Cross-site scripting vulnerability in ReBB allows remote attackers to execute arbitrary Javascript and steal cookies via an IMG tag whose URL includes the malicious script. | 7.5 |
2002-08-12 | CVE-2002-0412 | Remote Format String vulnerability in Luca Deri Ntop 2.0 Format string vulnerability in TraceEvent function for ntop before 2.1 allows remote attackers to execute arbitrary code by causing format strings to be injected into calls to the syslog function, via (1) an HTTP GET request, (2) a user name in HTTP authentication, or (3) a password in HTTP authentication. | 7.5 |
2002-08-12 | CVE-2002-0411 | Unspecified vulnerability in Aeromail Cross-site scripting vulnerability in message.php for AeroMail before 1.45 allows remote attackers to execute Javascript as an AeroMail user via an email message with the script in the Subject line. | 7.5 |
2002-08-12 | CVE-2000-1208 | Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call. | 7.2 |