Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-04-18 | CVE-2007-1869 | Remote Denial of Service vulnerability in Lighttpd 1.4.12/1.4.13 lighttpd 1.4.12 and 1.4.13 allows remote attackers to cause a denial of service (cpu and resource consumption) by disconnecting while lighttpd is parsing CRLF sequences, which triggers an infinite loop and file descriptor consumption. | 5.0 |
2007-04-16 | CVE-2007-2051 | Remote Security vulnerability in Bftpd 1.6/1.7 Buffer overflow in the parsecmd function in bftpd before 1.8 has unknown impact and attack vectors related to the confstr variable. | 5.0 |
2007-04-16 | CVE-2007-2050 | Local File Include vulnerability in Ricargbook 1.2.1 Multiple directory traversal vulnerabilities in header.php in RicarGBooK 1.2.1 allow remote attackers to include and execute arbitrary local files via a .. | 5.0 |
2007-04-16 | CVE-2007-2049 | Remote File Include vulnerability in Mambo Calendar 1.5.5 Multiple PHP remote file inclusion vulnerabilities in the Calendar Module (com_calendar) 1.5.5 for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the absolute_path parameter to (1) com_calendar.php or (2) mod_calendar.php. network mambo | 6.8 |
2007-04-16 | CVE-2007-2048 | Directory Traversal vulnerability in webMethods Glue Console Directory traversal vulnerability in /console in the Management Console in webMethods Glue 6.5.1 and earlier allows remote attackers to read arbitrary system files via a .. | 5.0 |
2007-04-16 | CVE-2007-2045 | Remote Denial of Service vulnerability in SUN Sunos 5.8/5.9 Unspecified vulnerability in the IP implementation in Sun Solaris 8 and 9 allows remote attackers to cause a denial of service (CPU consumption) via crafted IP packets, probably related to fragmented packets with duplicate or missing fragments. | 5.0 |
2007-04-16 | CVE-2007-2042 | Remote Security vulnerability in Avant-Garde Solutions Mosmedia 1.0.6 Multiple PHP remote file inclusion vulnerabilities in the Avant-Garde Solutions MOSMedia Lite 1.0.6 and earlier module for Mambo allow remote attackers to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter to (1) support.html.php or (2) info.html.php. network avant-garde-solutions | 6.8 |
2007-04-16 | CVE-2007-2041 | Remote vulnerability in Cisco products Cisco Wireless LAN Controller (WLC) before 4.0.206.0 saves the WLAN ACL configuration with an invalid checksum, which prevents WLAN ACLs from being loaded at boot time, and might allow remote attackers to bypass intended access restrictions, aka Bug ID CSCse58195. | 4.0 |
2007-04-16 | CVE-2007-2040 | Remote vulnerability in Cisco Wireless Lan Controller Cisco Aironet 1000 Series and 1500 Series Lightweight Access Points before 3.2.185.0, and 4.0.x before 4.0.206.0, have a hard-coded password, which allows attackers with physical access to perform arbitrary actions on the device, aka Bug ID CSCsg15192. | 6.2 |
2007-04-16 | CVE-2007-2039 | Resource Management Errors vulnerability in Cisco Wireless LAN Controller Software The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.171.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service (loss of packet forwarding) via (1) crafted SNAP packets, (2) malformed 802.11 traffic, or (3) packets with certain header length values, aka Bug IDs CSCsg15901 and CSCsh10841. | 6.1 |