Vulnerabilities > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2004-02-17 | CVE-2004-0057 | Remote Buffer Overflow vulnerability in TCPDump ISAKMP Decoding Routines The rawprint function in the ISAKMP decoding routines (print-isakmp.c) for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via malformed ISAKMP packets that cause invalid "len" or "loc" values to be used in a loop, a different vulnerability than CVE-2003-0989. | 5.0 |
2004-02-17 | CVE-2004-0055 | Denial Of Service vulnerability in TCPDump Malformed RADIUS Packet The print_attr_string function in print-radius.c for tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (segmentation fault) via a RADIUS attribute with a large length value. | 5.0 |
2004-02-17 | CVE-2004-0049 | Unspecified vulnerability in Realnetworks products Helix Universal Server/Proxy 9 and Mobile Server 10 allow remote attackers to cause a denial of service via certain HTTP POST messages to the Administration System port. | 6.8 |
2004-02-17 | CVE-2003-1032 | Buffer Overflow vulnerability in PI3 Pi3Web 2.0.2Beta1 Pi3Web web server 2.0.2 Beta 1, when the Directory Index is configured to use the "Name" column and sort using the column title as a hyperlink, allows remote attackers to cause a denial of service (crash) via a malformed URL to the web server, possibly involving a buffer overflow. | 5.0 |
2004-02-17 | CVE-2003-1031 | Cross-Site Scripting vulnerability in vBulletin Cross-site scripting (XSS) vulnerability in register.php for vBulletin 3.0 Beta 2 allows remote attackers to inject arbitrary HTML or web script via optional fields such as (1) "Interests-Hobbies", (2) "Biography", or (3) "Occupation." network jelsoft | 4.3 |
2004-02-17 | CVE-2003-1029 | Unspecified vulnerability in LBL Tcpdump The L2TP protocol parser in tcpdump 3.8.1 and earlier allows remote attackers to cause a denial of service (infinite loop and memory consumption) via a packet with invalid data to UDP port 1701, which causes l2tp_avp_print to use a bad length value when calling print_octets. | 5.0 |
2004-02-17 | CVE-2003-0992 | Unspecified vulnerability in GNU Mailman Cross-site scripting (XSS) vulnerability in the create CGI script for Mailman before 2.1.3 allows remote attackers to steal cookies of other users. network gnu | 4.3 |
2004-02-17 | CVE-2003-0965 | Cross-Site Scripting vulnerability in GNU Mailman Admin Page Cross-site scripting (XSS) vulnerability in the admin CGI script for Mailman before 2.1.4 allows remote attackers to steal session cookies and conduct unauthorized activities. network gnu | 6.8 |
2004-02-16 | CVE-2004-1180 | Unknown vulnerability in the rwho daemon (rwhod) before 0.17, on little endian architectures, allows remote attackers to cause a denial of service (application crash). | 5.0 |
2004-02-13 | CVE-2004-2082 | Denial Of Service vulnerability in Karjasoft Sami FTP Server 1.1.3 The samiftp.dll library in Sami FTP Server 1.1.3 allows remote authenticated users to cause a denial of service (pmsystem.exe crash) via a GET request wit a large number of leading "/" (slash) characters. | 5.0 |