Vulnerabilities > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-05-16 | CVE-2002-0202 | Unspecified vulnerability in Paintbbs 1.2 PaintBBS 1.2 installs certain files and directories with insecure permissions, which allows local users to (1) obtain the encrypted server password via the world-readable oekakibbs.conf file, or (2) modify the server configuration via the world-writeable /oekaki/ folder. | 3.6 |
| 2002-05-16 | CVE-2002-0172 | Unspecified vulnerability in SGI Irix /dev/ipfilter on SGI IRIX 6.5 is installed by /dev/MAKEDEV with insecure default permissions (644), which could allow a local user to cause a denial of service (traffic disruption). | 2.1 |
| 2002-03-28 | CVE-2002-0040 | Denial of Service vulnerability in SGI IRIX HOSTALIASES Core Dump Vulnerability in SGI IRIX 6.5.11 through 6.5.15f allows local users to cause privileged applications to dump core via the HOSTALIASES environment variable, which might allow the users to gain privileges. | 2.1 |
| 2002-03-25 | CVE-2002-0141 | Symbolic Link vulnerability in Maelstrom GPL 3.0.1 Maelstrom GPL 3.0.1 allows local users to overwrite arbitrary files of other Maelstrom users via a symlink attack on the /tmp/f file. | 1.2 |
| 2002-03-25 | CVE-2002-0138 | Local Security vulnerability in Cdrdao 1.1.4/1.1.5 CDRDAO 1.1.4 and 1.1.5 allows local users to read arbitrary files via the show-data command. | 2.1 |
| 2002-03-25 | CVE-2002-0129 | Unspecified vulnerability in Efax 0.8A/0.9/0.9A efax 0.9 and earlier, when installed setuid root, allows local users to read arbitrary files via the -d option, which prints the contents of the file in a warning message. | 2.1 |
| 2002-03-25 | CVE-2002-0121 | Local Information Disclosure vulnerability in PHP4 Session Files PHP 4.0 through 4.1.1 stores session IDs in temporary files whose name contains the session ID, which allows local users to hijack web connections. | 2.1 |
| 2002-03-25 | CVE-2002-0120 | Unspecified vulnerability in Palm Desktop 4.0B76/4.0B77 Apple Palm Desktop 4.0b76 and 4.0b77 creates world-readable backup files and folders when a hotsync is performed, which could allow a local user to obtain sensitive information. | 2.1 |
| 2002-03-25 | CVE-2002-0110 | Unspecified vulnerability in Nevrona Designs Miramail Nevrona Designs MiraMail 1.04 and earlier stores authentication information such as POP usernames and passwords in plaintext in a .ini file, which allows an attacker to gain privileges by reading the passwords from the file. | 2.1 |
| 2002-03-15 | CVE-2002-0087 | Symbolic Link Attack vulnerability in Lotus Domino 5.0.7 bindsock in Lotus Domino 5.07 on Solaris allows local users to create arbitrary files via a symlink attack on temporary files. | 2.1 |