Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2002-05-31 CVE-2002-0286 Unspecified vulnerability in Sitenews
The GetPassword function in function.php of SiteNews 0.10 and 0.11 allows remote attackers to gain privileges and add users by providing a non-existent user name and the MD5 checksum for an empty password to add_user.php, which causes GetPassword to produce and compare a blank password for the non-existent user.
network
low complexity
sitenews
7.5
2002-05-31 CVE-2002-0285 Unspecified vulnerability in Microsoft Outlook Express 5.5/6.0
Outlook Express 5.5 and 6.0 on Windows treats a carriage return ("CR") in a message header as if it were a valid carriage return/line feed combination (CR/LF), which could allow remote attackers to bypass virus protection and or other filtering mechanisms via a mail message with headers that only contain the CR, which causes Outlook to create separate headers.
network
low complexity
microsoft
7.5
2002-05-31 CVE-2002-0280 Remote Security vulnerability in Codeblue
Buffer overflow in CodeBlue 4 and earlier, and possibly other versions, allows remote attackers to execute arbitrary code via a long string in an SMTP reply.
network
low complexity
codeblue
7.5
2002-05-31 CVE-2002-0278 Directory Traversal vulnerability in Mailman Free
Directory traversal vulnerability in Add2it Mailman Free 1.73 and earlier allows remote attackers to modify arbitrary files via a ..
network
low complexity
add2it
7.5
2002-05-31 CVE-2002-0277 Remote Arbitrary Command Execution vulnerability in Add2it Mailman Free
Add2it Mailman Free 1.73 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the list parameter.
network
low complexity
add2it
7.5
2002-05-31 CVE-2002-0276 Buffer Overflow vulnerability in Ettercap 0.6.3.1
Buffer overflow in various decoders in Ettercap 0.6.3.1 and earlier, when running on networks with an MTU greater than 2000, allows remote attackers to execute arbitrary code via large packets.
network
low complexity
ettercap
7.5
2002-05-29 CVE-2002-0374 Unspecified vulnerability in Padl Software PAM Ldap
Format string vulnerability in the logging function for the pam_ldap PAM LDAP module before version 144 allows attackers to execute arbitrary code via format strings in the configuration file name.
network
low complexity
padl-software
7.5
2002-05-29 CVE-2002-0363 Unspecified vulnerability in Aladdin Enterprises Ghostscript
ghostscript before 6.53 allows attackers to execute arbitrary commands by using .locksafe or .setsafe to reset the current pagedevice.
network
low complexity
aladdin-enterprises
7.5
2002-05-29 CVE-2002-0362 Remote Buffer Overflow vulnerability in AOL Instant Messenger 4.2
Buffer overflow in AOL Instant Messenger (AIM) 4.2 and later allows remote attackers to execute arbitrary code via a long AddExternalApp request and a TLV type greater than 0x2711.
network
low complexity
aol
7.5
2002-05-29 CVE-2002-0356 Unspecified vulnerability in SGI Irix
Vulnerability in XFS filesystem reorganizer (fsr_xfs) in SGI IRIX 6.5.10 and earlier allows local users to gain root privileges by overwriting critical system files.
local
low complexity
sgi
7.2