Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-01-05 | CVE-2003-1002 | Denial-Of-Service vulnerability in Catalyst 7600 Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set. | 5.0 |
2004-01-05 | CVE-2003-1001 | Denial-Of-Service vulnerability in Catalyst 7600 Buffer overflow in the Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via HTTP auth requests for (1) TACACS+ or (2) RADIUS authentication. | 5.0 |
2004-01-05 | CVE-2003-0998 | Unknown "potential system security vulnerability" in Computer Associates (CA) Unicenter Remote Control 5.0 through 5.2, and ControlIT 5.0 and 5.1, may allow attackers to gain privileges to the local system account. | 4.6 |
2004-01-05 | CVE-2003-0997 | Unspecified vulnerability in Broadcom Unicenter Remote Control Host 6.0 Unknown "Denial of Service Attack" vulnerability in Computer Associates (CA) Unicenter Remote Control (URC) 6.0 allows attackers to cause a denial of service (CPU consumption in URC host service). | 5.0 |
2004-01-05 | CVE-2003-0996 | Unspecified vulnerability in Broadcom Unicenter Remote Control Host 6.0 Unknown "System Security Vulnerability" in Computer Associates (CA) Unicenter Remote Control (URC) 6.0 allows attackers to gain privileges via the help interface. | 4.6 |
2004-01-05 | CVE-2003-0984 | Unspecified vulnerability in Linux Kernel Real time clock (RTC) routines in Linux kernel 2.4.23 and earlier do not properly initialize their structures, which could leak kernel data to user space. | 4.6 |
2004-01-05 | CVE-2003-0981 | Origin Validation Error vulnerability in Freescripts Visitorbook LE FreeScripts VisitorBook LE (visitorbook.pl) logs the reverse DNS name of a visiting host, which allows remote attackers to spoof the origin of their incoming requests and facilitate cross-site scripting (XSS) attacks. | 6.1 |
2004-01-05 | CVE-2003-0980 | Cross-Site Scripting vulnerability in Freescripts Visitorbook LE Cross-site scripting (XSS) vulnerability in FreeScripts VisitorBook LE (visitorbook.pl) allows remote attackers to inject arbitrary HTML or web script via (1) the "do" parameter, (2) via the "user" parameter from a host with a malicious reverse DNS name, (3) via quote marks or ampersands in other parameters. network freescripts | 4.3 |
2004-01-05 | CVE-2003-0979 | Remote Security vulnerability in Freescripts Visitorbook LE FreeScripts VisitorBook LE (visitorbook.pl) does not properly escape line breaks in input, which allows remote attackers to (1) use VisitorBook as an open mail relay, when $mailuser is 1, via extra headers in the email field, or (2) cause the guestbook database to be deleted via a large number of line breaks that exceeds the $max_posts variable. | 5.0 |
2004-01-04 | CVE-2004-1786 | Remote User Database Access vulnerability in ASPApp PortalAPP PortalApp places user credentials under the web root with insufficient access control, which allows remote attackers to gain access to sensitive information via a direct request to 8275.mdb. | 5.0 |