Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2004-09-13 | CVE-2004-1684 | Information Disclosure vulnerability in Zyxel Prestige and Zynos Zyxel P681 running ZyNOS Vt020225a contains portions of memory in an ARP request, which allows remote attackers to obtain sensitive information by sniffing the network. | 5.0 |
| 2004-09-13 | CVE-2004-1680 | Remote Denial Of Service vulnerability in Pingtel Xpressa Handset application.cgi in the Pingtel Xpressa handset running firmware 2.1.11.24 allows remote authenticated users to cause a denial of service (VxWorks OS crash) via a long HTTP GET request, possibly triggering a buffer overflow. | 5.0 |
| 2004-09-13 | CVE-2004-1678 | Unspecified vulnerability in Logicnow Perldesk Directory traversal vulnerability in pdesk.cgi in PerlDesk allows remote attackers to read portions of arbitrary files and possibly execute arbitrary Perl modules via ".." sequences terminated by a %00 (null) character in the lang parameter, which can leak portions of the requested files if a compilation error message occurs. | 5.0 |
| 2004-09-13 | CVE-2004-0807 | Samba 3.0.6 and earlier allows remote attackers to cause a denial of service (infinite loop and memory exhaustion) via certain malformed requests that cause new processes to be spawned and enter an infinite loop. | 5.0 |
| 2004-09-12 | CVE-2004-1677 | Information Disclosure vulnerability in PerlDesk pdesk.cgi in PerlDesk allows remote attackers to gain sensitive information via an invalid lang parameter, which includes pathname information in an error message. | 5.0 |
| 2004-09-11 | CVE-2004-1675 | Improper Input Validation vulnerability in Solarwinds Serv-U File Server Serv-U FTP server 4.x and 5.x allows remote attackers to cause a denial of service (application crash) via a STORE UNIQUE (STOU) command with an MS-DOS device name argument such as (1) COM1, (2) LPT1, (3) PRN, or (4) AUX. | 5.0 |
| 2004-09-10 | CVE-2004-1669 | Remote Input Validation vulnerability in IceWarp Web Mail Cross-site scripting (XSS) vulnerability in MERAK Mail Server 7.4.5 with Icewarp Web Mail 5.2.7 and possibly other versions allows remote attackers to execute arbitrary web script or HTML via the (1) User name parameter to accountsettings.html or (2) Search string parameter to search.html. | 4.3 |
| 2004-09-09 | CVE-2004-1667 | Remote Denial Of Service vulnerability in Gearbox Software Halo Combat Evolved Game Server Off-by-one error in Halo Combat Evolved 1.04 and earlier allows remote attackers to cause a denial of service (server crash) via a long client response. | 5.0 |
| 2004-09-09 | CVE-2004-0830 | Remote Denial of Service vulnerability in F-Secure products The Content Scanner Server in F-Secure Anti-Virus for Microsoft Exchange 6.21 and earlier, F-Secure Anti-Virus for Microsoft Exchange 6.01 and earlier, and F-Secure Internet Gatekeeper 6.32 and earlier allow remote attackers to cause a denial of service (service crash due to unhandled exception) via a certain malformed packet. | 5.0 |
| 2004-09-06 | CVE-2004-1348 | Remote Denial of Service vulnerability in Sun Solaris in.named Unknown vulnerability in in.named on Solaris 8 allows remote attackers to cause a denial of service (process crash). | 5.0 |