Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2005-03-08 | CVE-2005-0626 | Information Disclosure vulnerability in Squid 2.5.Stable5/2.5.Stable6/2.5.Stable7 Race condition in Squid 2.5.STABLE7 to 2.5.STABLE9, when using the Netscape Set-Cookie recommendations for handling cookies in caches, may cause Set-Cookie headers to be sent to other users, which allows attackers to steal the related cookies. | 2.6 |
| 2005-03-08 | CVE-2005-0099 | Unspecified vulnerability in Abuse Abuse-Sdl The SDL port of abuse (abuse-SDL) before 2.00 does not properly drop privileges before creating certain files, which allows local users to create or overwrite arbitrary files. | 2.1 |
| 2005-03-07 | CVE-2005-0690 | Remote Default Install Code Execution vulnerability in Gene6 FTP Server Gene6 FTP Server does not properly restrict access to the control console, which allows local users to modify the server configuration and gain privileges, as demonstrated by defining a SITE command. | 2.1 |
| 2005-03-07 | CVE-2005-0180 | Integer Overflow vulnerability in Linux Kernel SCSI IOCTL Multiple integer signedness errors in the sg_scsi_ioctl function in scsi_ioctl.c for Linux 2.6.x allow local users to read or modify kernel memory via negative integers in arguments to the scsi ioctl, which bypass a maximum length check before calling the copy_from_user and copy_to_user functions. | 3.6 |
| 2005-03-07 | CVE-2005-0179 | Unspecified vulnerability in Linux Kernel Linux kernel 2.4.x and 2.6.x allows local users to cause a denial of service (CPU and memory consumption) and bypass RLIM_MEMLOCK limits via the mlockall call. | 2.1 |
| 2005-03-04 | CVE-2005-0593 | Remote vulnerability in Mozilla Suite Firefox before 1.0.1 and Mozilla before 1.7.6 allows remote attackers to spoof the SSL "secure site" lock icon via (1) a web site that does not finish loading, which shows the lock of the previous site, (2) a non-HTTP server that uses SSL, which causes the lock to be displayed when the SSL handshake is completed, or (3) a URL that generates an HTTP 204 error, which updates the icon and location information but does not change the display of the original site. | 2.6 |
| 2005-03-02 | CVE-2005-0620 | Local Security vulnerability in Einstein Einstein 1.0 stores credit card information in plaintext in the world-readable wallets.dat file, which allows local users to steal the information. | 2.1 |
| 2005-03-01 | CVE-2005-0631 | Unspecified vulnerability in Pblang delpm.php in PBLang 4.63 allows remote authenticated users to delete arbitrary PM files by modifying the "id" and "a" parameters. | 2.1 |
| 2005-03-01 | CVE-2005-0630 | Directory Traversal vulnerability in PBLang Bulletin Board System sendpm.php in PBLang 4.63 allows remote authenticated users to read arbitrary files via a full pathname in the orig parameter. | 2.1 |
| 2005-03-01 | CVE-2004-1033 | Local vulnerability in Fcron FCronTab/FCronSighUp Fcron 2.0.1, 2.9.4, and possibly earlier versions leak file descriptors of open files, which allows local users to bypass access restrictions and read fcron.allow and fcron.deny via the EDITOR environment variable. | 2.1 |