Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2002-06-18 CVE-2002-0575 Buffer Overflow vulnerability in OpenSSH Kerberos 4 TGT/AFS Token
Buffer overflow in OpenSSH before 2.9.9, and 3.x before 3.2.1, with Kerberos/AFS support and KerberosTgtPassing or AFSTokenPassing enabled, allows remote and local authenticated users to gain privileges.
network
low complexity
openbsd
7.5
2002-06-18 CVE-2002-0401 NULL Pointer Dereference vulnerability in multiple products
SMB dissector in Ethereal 0.9.3 and earlier allows remote attackers to cause a denial of service (crash) or execute arbitrary code via malformed packets that cause Ethereal to dereference a NULL pointer.
network
low complexity
ethereal debian CWE-476
7.5
2002-06-18 CVE-2002-0388 HTML Injection vulnerability in GNU Mailman Pipermail Index Summary
Cross-site scripting vulnerabilities in Mailman before 2.0.11 allow remote attackers to execute script via (1) the admin login page, or (2) the Pipermail index summaries.
network
low complexity
gnu
7.5
2002-06-18 CVE-2002-0380 Buffer Overflow vulnerability in LBL TCPDump
Buffer overflow in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via an NFS packet.
network
low complexity
lbl
7.5
2002-06-18 CVE-2002-0357 Buffer Overflow vulnerability in SGI IRIX rpc.passwd
Unknown vulnerability in rpc.passwd in the nfs.sw.nis subsystem of SGI IRIX 6.5.15 and earlier allows local users to gain root privileges.
local
low complexity
sgi
7.2
2002-05-31 CVE-2002-0310 Unspecified vulnerability in Netwin Webnews
Netwin WebNews 1.1k CGI program includes several default usernames and cleartext passwords that cannot be deleted by the administrator, which allows remote attackers to gain privileges via the username/password combinations (1) testweb/newstest, (2) alwn3845/imaptest, (3) alwi3845/wtest3452, or (4) testweb2/wtest4879.
network
low complexity
netwin
7.5
2002-05-31 CVE-2002-0307 Directory Traversal vulnerability in Avengers News System Avengers News System 2.01/2.11
Directory traversal vulnerability in ans.pl in Avenger's News System (ANS) 2.11 and earlier allows remote attackers to determine the existence of arbitrary files or execute any Perl program on the system via a ..
network
low complexity
avengers-news-system
7.5
2002-05-31 CVE-2002-0306 Remote Command Execution vulnerability in Avengers News System Avengers News System 2.01/2.11
ans.pl in Avenger's News System (ANS) 2.11 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the p (plugin) parameter.
network
low complexity
avengers-news-system
7.5
2002-05-31 CVE-2002-0299 Remote Arbitrary Code Execution vulnerability in CNet CatchUp
CNet CatchUp before 1.3.1 allows attackers to execute arbitrary code via a .RVP file that creates a file with an arbitrary extension (such as .BAT), which is executed during a scan.
network
high complexity
cnet
7.6
2002-05-31 CVE-2002-0290 Remote Buffer Overflow vulnerability in Netwin Webnews 1.1H/1.1I/1.1J
Buffer overflow in Netwin WebNews CGI program 1.1, Webnews.exe, allows remote attackers to execute arbitrary code via a long group argument.
network
low complexity
netwin
7.5