Vulnerabilities > Medium

DATE CVE VULNERABILITY TITLE RISK
2002-12-31 CVE-2002-1836 Unspecified vulnerability in Xerox Docutech 6110 and Docutech 6115
The default configuration of Xerox DocuTech 6110 and DocuTech 6115 exports certain NFS shares to the world with world writable permissions, which may allow remote attackers to modify sensitive files.
network
low complexity
xerox
5.0
2002-12-31 CVE-2002-1834 Unspecified vulnerability in Xerox Docutech 6110 and Docutech 6115
The default configuration of Xerox DocuTech 6110 and DocuTech 6115 allows remote attackers to connect to the web server and (1) submit print jobs directly into the "print now" queue or (2) read the scanner job history.
network
low complexity
xerox
6.4
2002-12-31 CVE-2002-1832 Denial Of Service vulnerability in Scaramanga Firestorm IDS 0.4.0/0.4.1/0.4.2
Unknown vulnerability in the "ipopts decode" functionality in Firestorm IDS 0.4.0 through 0.4.2 allows remote attackers to cause a denial of service (crash) via certain IP options.
network
low complexity
scaramanga
5.0
2002-12-31 CVE-2002-1831 Unspecified vulnerability in Microsoft MSN Messenger
Microsoft MSN Messenger Service 1.0 through 4.6 allows remote attackers to cause a denial of service (crash) via an invite request that contains hex-encoded spaces (%20) in the Invitation-Cookie field.
network
low complexity
microsoft
5.0
2002-12-31 CVE-2002-1830 Unspecified vulnerability in Openbb 1.0.0Rc1/1.0.0Rc2/1.0.0Rc3
Open Bulletin Board (OpenBB) 1.0.0 RC3 allows remote attackers to bypass authentication and access modifier options via a direct request to moderator.php with the action and ismod parameters.
network
low complexity
openbb
5.0
2002-12-31 CVE-2002-1829 HTML Injection vulnerability in Openbb 1.0.0Rc3
Cross-site scripting (XSS) vulnerability in codeparse.php in Open Bulletin Board (OpenBB) 1.0.0 RC3 allows remote attackers to inject arbitrary web script or HTML via (1) myhome.php, (2) an onerror attribute in an IMG tag (a variant of CVE-2002-0330), or (3) a glow tag.
network
openbb
4.3
2002-12-31 CVE-2002-1828 Denial Of Service vulnerability in Savant Webserver 3.1
Savant Webserver 3.1 allows remote attackers to cause a denial of service (crash) via an HTTP GET request with a negative Content-Length value.
network
low complexity
savant
5.0
2002-12-31 CVE-2002-1826 Unspecified vulnerability in Grsecurity Kernel Patch 1.9.4
grsecurity 1.9.4 for Linux kernel 2.4.18 allows local users to bypass read-only permissions by using mmap to directly map /dev/mem or /dev/kmem to kernel memory.
local
low complexity
grsecurity
4.6
2002-12-31 CVE-2002-1825 Unspecified vulnerability in Wasd Http Server
Format string vulnerability in PerlRTE_example1.pl in WASD 7.1, 7.2.0 through 7.2.3, and 8.0.0 allows remote attackers to execute arbitrary commands or crash the server via format strings in the $name variable.
network
low complexity
wasd
6.4
2002-12-31 CVE-2002-1824 Unspecified vulnerability in Microsoft IE and Internet Explorer
Microsoft Internet Explorer 6.0, when handling an expired CA-CERT in a webserver's certificate chain during a SSL/TLS handshake, does not prompt the user before searching for and finding a newer certificate, which may allow attackers to perform a man-in-the-middle attack.
network
low complexity
microsoft
5.0