Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-08-12 | CVE-2002-0422 | Information Exposure vulnerability in Microsoft Internet Information Services 5.0 IIS 5 and 5.1 supporting WebDAV methods allows remote attackers to determine the internal IP address of the system (which may be obscured by NAT) via (1) a PROPFIND HTTP request with a blank Host header, which leaks the address in an HREF property in a 207 Multi-Status response, or (2) via the WRITE or MKCOL method, which leaks the IP in the Location server header. | 2.6 |
| 2002-08-12 | CVE-2002-0415 | Directory Traversal vulnerability in Realnetworks Realplayer 6.0 Directory traversal vulnerability in the web server used in RealPlayer 6.0.7, and possibly other versions, may allow local users to read files that are accessible to RealPlayer via a .. | 1.7 |
| 2002-07-26 | CVE-2002-0435 | Unspecified vulnerability in GNU Fileutils 4.0/4.1/4.1.6 Race condition in the recursive (1) directory deletion and (2) directory move in GNU File Utilities (fileutils) 4.1 and earlier allows local users to delete directories as the user running fileutils by moving a low-level directory to a higher level as it is being deleted, which causes fileutils to chdir to a ".." directory that is higher than expected, possibly up to the root file system. | 1.2 |
| 2002-07-23 | CVE-2002-0701 | ktrace in BSD-based operating systems allows the owner of a process with special privileges to trace the process after its privileges have been lowered, which may allow the owner to obtain sensitive information that the process obtained while it was running with the extra privileges. | 2.1 |
| 2002-07-03 | CVE-2002-0570 | Unspecified vulnerability in Linux Kernel The encrypted loop device in Linux kernel 2.4.10 and earlier does not authenticate the entity that is encrypting data, which allows local users to modify encrypted data without knowing the key. | 2.1 |
| 2002-07-03 | CVE-2002-0568 | Information Disclosure vulnerability in Oracle Application Server, Oracle8I and Oracle9I Oracle 9i Application Server stores XSQL and SOAP configuration files insecurely, which allows local users to obtain sensitive information including usernames and passwords by requesting (1) XSQLConfig.xml or (2) soapConfig.xml through a virtual directory. | 2.1 |
| 2002-06-25 | CVE-2002-0334 | Unspecified vulnerability in Xtell 1.91.1/2.6.1 xtell (xtelld) 1.91.1 and earlier, and 2.x before 2.7, allows local users to modify files via a symlink attack on the .xtell-log file. | 2.1 |
| 2002-06-18 | CVE-2002-0577 | File Corruption vulnerability in HP Hp-Ux 11.0.4/11.00/11.11 Vulnerability in passwd for HP-UX 11.00 and 11.11 allows local users to corrupt the password file and cause a denial of service. | 2.1 |
| 2002-06-18 | CVE-2002-0389 | Unspecified vulnerability in GNU Mailman Pipermail in Mailman stores private mail messages with predictable filenames in a world-executable directory, which allows local users to read private mailing list archives. | 2.1 |
| 2002-06-18 | CVE-2002-0042 | Unspecified vulnerability in SGI Irix Vulnerability in the XFS file system for SGI IRIX before 6.5.12 allows local users to cause a denial of service (hang) by creating a file that is not properly processed by XFS. | 2.1 |