Vulnerabilities > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2002-08-12 | CVE-2002-0523 | Information Disclosure vulnerability in ASP-Nuke Forged Cookie ASP-Nuke RC2 and earlier allows remote attackers to list all logged-in users by submitting an invalid "pseudo" cookie. | 5.0 |
| 2002-08-12 | CVE-2002-0521 | Cross-Site Scripting vulnerability in ASP-Nuke Cross-site scripting vulnerabilities in ASP-Nuke RC2 and earlier allow remote attackers to execute script or gain privileges as other ASP-Nuke users via script in (1) the name parameter in downloads.asp, (2) the message parameter in Post.asp, or (3) a web site URL in profile.asp. | 5.1 |
| 2002-08-12 | CVE-2002-0518 | Denial Of Service vulnerability in Freebsd 4.5 The SYN cache (syncache) and SYN cookie (syncookie) mechanism in FreeBSD 4.5 and earlier allows remote attackers to cause a denial of service (crash) (1) via a SYN packet that is accepted using syncookies that causes a null pointer to be referenced for the socket's TCP options, or (2) by killing and restarting a process that listens on the same socket, which does not properly clear the old inpcb pointer on restart. | 5.0 |
| 2002-08-12 | CVE-2002-0512 | Unspecified vulnerability in Caldera Openlinux Server and Openlinux Workstation startkde in KDE for Caldera OpenLinux 2.3 through 3.1.1 sets the LD_LIBRARY_PATH environment variable to include the current working directory, which could allow local users to gain privileges of other users running startkde via Trojan horse libraries. | 4.6 |
| 2002-08-12 | CVE-2002-0510 | Unspecified vulnerability in Linux Kernel The UDP implementation in Linux 2.4.x kernels keeps the IP Identification field at 0 for all non-fragmented packets, which could allow remote attackers to determine that a target system is running Linux. | 5.0 |
| 2002-08-12 | CVE-2002-0509 | Denial of Service vulnerability in Oracle 9i TNS Transparent Network Substrate (TNS) Listener in Oracle 9i 9.0.1.1 allows remote attackers to cause a denial of service (CPU consumption) via a single malformed TCP packet to port 1521. | 5.0 |
| 2002-08-12 | CVE-2002-0505 | Denial of Service vulnerability in Cisco CallManager CTI Memory Leak Memory leak in the Call Telephony Integration (CTI) Framework authentication for Cisco CallManager 3.0 and 3.1 before 3.1(3) allows remote attackers to cause a denial of service (crash and reload) via a series of authentication failures, e.g. | 5.0 |
| 2002-08-12 | CVE-2002-0503 | Unspecified vulnerability in Citrix Nfuse 1.5 Directory traversal vulnerability in boilerplate.asp for Citrix NFuse 1.5 allows remote authenticated users to read arbitrary files via a .. | 5.0 |
| 2002-08-12 | CVE-2002-0502 | Unspecified vulnerability in Citrix Nfuse 1.6 Citrix NFuse 1.6 may allow remote attackers to list applications without authentication by accessing the applist.asp page. | 5.0 |
| 2002-08-12 | CVE-2002-0500 | Unspecified vulnerability in Microsoft Internet Explorer Internet Explorer 5.0 through 6.0 allows remote attackers to determine the existence of files on the client via an IMG tag with a dynsrc property that references the target file, which sets certain elements of the image object such as file size. | 5.0 |