Vulnerabilities > Sambar
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2002-03-25 | CVE-2002-0128 | Denial Of Service vulnerability in Sambar Server 5.1 cgitest.exe in Sambar Server 5.1 before Beta 4 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long argument. | 7.5 |
2001-08-13 | CVE-2001-1292 | Unspecified vulnerability in Sambar Server 5.0/5.1/5.2 Sambar Telnet Proxy/Server allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long password. | 7.5 |
2001-07-25 | CVE-2001-1106 | Unspecified vulnerability in Sambar Server The default configuration of Sambar Server 5 and earlier uses a symmetric key that is compiled into the binary program for encrypting passwords, which could allow local users to break all user passwords by cracking the key or modifying a copy of the sambar program to call the decryption procedure. | 7.5 |
2001-07-22 | CVE-2001-1010 | Unspecified vulnerability in Sambar Server 4.4/5.0 Directory traversal vulnerability in pagecount CGI script in Sambar Server before 5.0 beta 5 allows remote attackers to overwrite arbitrary files via a .. | 5.0 |
2000-11-14 | CVE-2000-0835 | Unspecified vulnerability in Sambar Server 4.3/4.4 search.dll Sambar ISAPI Search utility in Sambar Server 4.4 Beta 3 allows remote attackers to read arbitrary directories by specifying the directory in the query parameter. | 5.0 |
2000-06-01 | CVE-2000-0509 | Buffer Overflow vulnerability in Sambar Server 4.3 Buffer overflows in the finger and whois demonstration scripts in Sambar Server 4.3 allow remote attackers to execute arbitrary commands via a long hostname. | 10.0 |
1999-10-04 | CVE-1999-1523 | Unspecified vulnerability in Sambar Server 4.2.1 Buffer overflow in Sambar Web Server 4.2.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP GET request. | 7.5 |
1998-06-10 | CVE-1999-1178 | Unspecified vulnerability in Sambar Server 4.1 Sambar Server 4.1 beta allows remote attackers to obtain sensitive information about the server via an HTTP request for the dumpenv.pl script. | 5.0 |