Vulnerabilities > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-08-01 | CVE-2002-1616 | Local Privilege Escalation vulnerability in Tru64 CHSH Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain root privileges via (1) su, (2) chsh, (3) passwd, (4) chfn, (5) dxchpwd, and (6) libc. | 7.2 |
2002-07-31 | CVE-2002-1449 | Unspecified vulnerability in Frederic Tyndiuk Eupload 1.0 eUpload 1.0 stores the password.txt password file in plaintext under the web document root, which allows remote attackers to overwrite arbitrary files by reading password.txt. | 7.5 |
2002-07-26 | CVE-2002-0717 | Denial-Of-Service vulnerability in PHP 4.2.0/4.2.1 PHP 4.2.0 and 4.2.1 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an HTTP POST request with certain arguments in a multipart/form-data form, which generates an error condition that is not properly handled and causes improper memory to be freed. | 7.5 |
2002-07-26 | CVE-2002-0716 | Unspecified vulnerability in SCO Openserver 5.0.5/5.0.6 Format string vulnerability in crontab for SCO OpenServer 5.0.5 and 5.0.6 allows local users to gain privileges via format string specifiers in the file name argument. | 7.2 |
2002-07-26 | CVE-2002-0714 | Unspecified vulnerability in Squid FTP proxy in Squid before 2.4.STABLE6 does not compare the IP addresses of control and data connections with the FTP server, which allows remote attackers to bypass firewall rules or spoof FTP server responses. | 7.5 |
2002-07-26 | CVE-2002-0713 | Buffer Overflow vulnerability in Squid MSNT Auth Helper Buffer overflows in Squid before 2.4.STABLE6 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code (1) via the MSNT auth helper (msnt_auth) when using denyusers or allowusers files, (2) via the gopher client, or (3) via the FTP server directory listing parser when HTML output is generated. | 7.5 |
2002-07-26 | CVE-2002-0704 | Improper Cross-boundary Removal of Sensitive Data vulnerability in Linux Kernel The Network Address Translation (NAT) capability for Netfilter ("iptables") 1.2.6a and earlier leaks translated IP addresses in ICMP error messages. | 7.5 |
2002-07-26 | CVE-2002-0703 | Unspecified vulnerability in Gisle AAS Digest-Md5 An interaction between the Perl MD5 module (perl-Digest-MD5) and Perl could produce incorrect MD5 checksums for UTF-8 data, which could prevent a system from properly verifying the integrity of the data. | 7.5 |
2002-07-26 | CVE-2002-0663 | Buffer Overflow vulnerability in Symantec Norton Personal Firewall/Internet Security 2001 Buffer overflow in HTTP Proxy for Symantec Norton Personal Internet Firewall 3.0.4.91 and Norton Internet Security 2001 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large outgoing HTTP request. | 7.5 |
2002-07-26 | CVE-2002-0444 | Unspecified vulnerability in Microsoft Windows 2000 Terminal Services Microsoft Windows 2000 running the Terminal Server 90-day trial version, and possibly other versions, does not apply group policies to incoming users when the number of connections to the SYSVOL share exceeds the maximum, e.g. | 7.5 |