Weekly Vulnerabilities Reports > August 26 to September 1, 2002

Overview

7 new vulnerabilities reported during this period, including 0 critical vulnerabilities and 0 high severity vulnerabilities. This weekly summary report vulnerabilities in 3 products from 2 vendors including HP, and Intranet Server. Vulnerabilities are notably categorized as .

  • 1 reported vulnerabilities are remotely exploitables.
  • 7 reported vulnerabilities are exploitable by an anonymous user.
  • HP has the most reported vulnerabilities, with 6 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

0 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS

0 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS

6 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2002-08-29 CVE-2002-1353 Intranet Server Remote Security vulnerability in Intranet-Server Localweb2000 2.1.0

LocalWEB2000 HTTP server 2.1.0 stores passwords in plain text under the web document root in users.lst, which allows remote attackers to obtain the passwords via a direct request to users.lst.

5.0
2002-08-31 CVE-2002-1608 HP Local Security vulnerability in HP-UX

Buffer overflow in traceroute in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.

4.6
2002-08-31 CVE-2002-1607 HP Unspecified vulnerability in HP Hp-Ux and Tru64

Buffer overflow in ypmatch in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.

4.6
2002-08-30 CVE-2002-1611 HP Unspecified vulnerability in HP Hp-Ux and Tru64

Buffer overflow in quot in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.

4.6
2002-08-30 CVE-2002-1609 HP Unspecified vulnerability in HP Hp-Ux and Tru64

Buffer overflow in binmail in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.

4.6
2002-08-30 CVE-2002-1606 HP Unspecified vulnerability in HP Hp-Ux and Tru64

Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain privileges via (1) lpc, (2) lpd, (3) lpq, (4) lpr, or (5) lprm.

4.6

1 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2002-08-30 CVE-2002-1610 HP Local and Remote Buffer Overflow vulnerability in HP Tru64 UNIX

Unknown vulnerability in ping in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to cause a denial of service.

2.1