Weekly Vulnerabilities Reports > September 30 to October 6, 2002

Overview

229 new vulnerabilities reported during this period, including 5 critical vulnerabilities and 110 high severity vulnerabilities. This weekly summary report vulnerabilities in 181 products from 118 vendors including Cisco, Cgiscript NET, Mantis, HP, and SUN. Vulnerabilities are notably categorized as "Resource Management Errors", and "Permissions, Privileges, and Access Controls".

  • 205 reported vulnerabilities are remotely exploitables.
  • 229 reported vulnerabilities are exploitable by an anonymous user.
  • Cisco has the most reported vulnerabilities, with 26 reported vulnerabilities.
  • Amanda has the most reported critical vulnerabilities, with 1 reported vulnerabilities.

TOTAL
VULNERABILITIES
CRITICAL RISK
VULNERABILITIES
HIGH RISK
VULNERABILITIES
MEDIUM RISK
VULNERABILITIES
LOW RISK
VULNERABILITIES
REMOTELY
EXPLOITABLE
LOCALLY
EXPLOITABLE
EXPLOIT
AVAILABLE
EXPLOITABLE
ANONYMOUSLY
AFFECTING
WEB APPLICATION

Vulnerability Details

The following table list reported vulnerabilities for the period covered by this report:

Expand/Hide

5 Critical Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2002-10-04 CVE-2002-1110 Mantis SQL Injection vulnerability in Mantis Account Update

Multiple SQL injection vulnerabilities in Mantis 0.17.2 and earlier, when running without magic_quotes_gpc enabled, allows remote attackers to gain privileges or perform unauthorized database operations via modified form fields, e.g.

10.0
2002-10-04 CVE-2002-1058 Cobalt Authentication Bypass vulnerability in Cobalt Qube 3.0

Directory traversal vulnerability in splashAdmin.php for Cobalt Qube 3.0 allows local users and remote attackers, to gain privileges as the Qube Admin via ..

10.0
2002-10-04 CVE-2002-1034 SUN Unspecified vulnerability in SUN I-Runbook 2.5.2

none.php for SunPS iRunbook 2.5.2 allows remote attackers to read arbitrary files via an absolute pathname in the argument.

10.0
2002-10-04 CVE-2002-0951 Ruslan Communications SQL Injection vulnerability in Ruslan Communications Builder

SQL injection vulnerability in Ruslan <Body>Builder allows remote attackers to gain administrative privileges via a "'--" sequence in the username and password.

10.0
2002-10-04 CVE-2002-0901 Amanda Remote Buffer Overflow vulnerability in Amanda 2.3.0.4

Multiple buffer overflows in Advanced Maryland Automatic Network Disk Archiver (AMANDA) 2.3.0.4 allow (1) remote attackers to execute arbitrary code via long commands to the amindexd daemon, or certain local users to execute arbitrary code via long command line arguments to the programs (2) amcheck, (3) amgetidx, (4) amtrmidx, (5) createindex-dump, or (6) createindex-gnutar.

10.0

110 High Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2002-10-04 CVE-2002-1135 Phpwebsite Unspecified vulnerability in PHPwebsite 0.8.2

modsecurity.php 1.10 and earlier, in phpWebSite 0.8.2 and earlier, allows remote attackers to execute arbitrary PHP source code via an inc_prefix parameter that points to the malicious code.

7.5
2002-10-04 CVE-2002-1131 Squirrelmail Cross-Site Scripting Vulnerablities in SquirrelMail

Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and earlier allows remote attackers to execute script as other web users via (1) addressbook.php, (2) options.php, (3) search.php, or (4) help.php.

7.5
2002-10-04 CVE-2002-1116 Mantis Unspecified vulnerability in Mantis

The "View Bugs" page (view_all_bug_page.php) in Mantis 0.17.4a and earlier includes summaries of private bugs for users that do not have access to any projects.

7.5
2002-10-04 CVE-2002-1114 Mantis Remote File Include Command Execution vulnerability in Mantis Configuration

config_inc2.php in Mantis before 0.17.4 allows remote attackers to execute arbitrary code or read arbitrary files via the parameters (1) g_bottom_include_page, (2) g_top_include_page, (3) g_css_include_file, (4) g_meta_include_file, or (5) a cookie.

7.5
2002-10-04 CVE-2002-1113 Mantis Remote File Include Command Execution vulnerability in Mantis JPGraph

summary_graph_functions.php in Mantis 0.17.3 and earlier allows remote attackers to execute arbitrary PHP code by modifying the g_jpgraph_path parameter to reference the location of the PHP code.

7.5
2002-10-04 CVE-2002-1107 Cisco Unspecified vulnerability in Cisco VPN Client

Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.2B, does not generate sufficiently random numbers, which may make it vulnerable to certain attacks such as spoofing.

7.5
2002-10-04 CVE-2002-1106 Cisco Unspecified vulnerability in Cisco VPN Client

Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.1C, does not properly verify that certificate DN fields match those of the certificate from the VPN Concentrator, which allows remote attackers to conduct man-in-the-middle attacks.

7.5
2002-10-04 CVE-2002-1098 Cisco Unspecified vulnerability in Cisco products

Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, adds an "HTTPS on Public Inbound (XML-Auto)(forward/in)" rule but sets the protocol to "ANY" when the XML filter configuration is enabled, which ultimately allows arbitrary traffic to pass through the concentrator.

7.5
2002-10-04 CVE-2002-1097 Cisco Unspecified vulnerability in Cisco products

Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.2, allows restricted administrators to obtain certificate passwords that are stored in plaintext in the HTML source code for Certificate Management pages.

7.5
2002-10-04 CVE-2002-1096 Cisco Unspecified vulnerability in Cisco products

Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.1, allows restricted administrators to obtain user passwords that are stored in plaintext in HTML source code.

7.5
2002-10-04 CVE-2002-1092 Cisco Authentication External Access vulnerability in Cisco Internal Group

Cisco VPN 3000 Concentrator 3.6(Rel) and earlier, and 2.x.x, when configured to use internal authentication with group accounts and without any user accounts, allows remote VPN clients to log in using PPTP or IPSEC user authentication.

7.5
2002-10-04 CVE-2002-1091 Mozilla
Netscape
Opera Software
Netscape 6.2.3 and earlier, and Mozilla 1.0.1, allow remote attackers to corrupt heap memory and execute arbitrary code via a GIF image with a zero width.
7.5
2002-10-04 CVE-2002-1090 Libesmtp Unspecified vulnerability in Libesmtp

Buffer overflow in read_smtp_response of protocol.c in libesmtp before 0.8.11 allows a remote SMTP server to (1) execute arbitrary code via a certain response or (2) cause a denial of service via long server responses.

7.5
2002-10-04 CVE-2002-1088 Novell Buffer Overflow vulnerability in Novell Groupwise 6.0/6.0.1

Buffer overflow in Novell GroupWise 6.0.1 Support Pack 1 allows remote attackers to execute arbitrary code via a long RCPT TO command.

7.5
2002-10-04 CVE-2002-1086 Visualshapers SQL-Injection vulnerability in ezContents

Multiple SQL injection vulnerabilities in ezContents 1.41 and earlier allow remote attackers to conduct unauthorized activities.

7.5
2002-10-04 CVE-2002-1085 Visualshapers Cross-Site Scripting vulnerability in ezContents

Multiple cross-site scripting vulnerabilities in ezContents 1.41 and earlier allow remote attackers to execute script and steal cookies via the diary and other capabilities.

7.5
2002-10-04 CVE-2002-1080 Aprelium Technologies Unspecified vulnerability in Aprelium Technologies Abyss web Server 1.0/1.0.3

The Administration console for Abyss Web Server 1.0.3 before Patch 2 allows remote attackers to gain privileges and modify server configuration via direct requests to CHL files such as (1) srvstatus.chl, (2) consport.chl, (3) general.chl, (4) srvparam.chl, and (5) advanced.chl.

7.5
2002-10-04 CVE-2002-1076 Ipswitch Buffer Overflow vulnerability in IPSwitch IMail Web Messaging HTTP Get

Buffer overflow in the Web Messaging daemon for Ipswitch IMail before 7.12 allows remote attackers to execute arbitrary code via a long HTTP GET request for HTTP/1.0.

7.5
2002-10-04 CVE-2002-1075 David Harris Buffer Overflow vulnerability in Pegasus Mail Message Header

Buffer overflow in Pegasus mail client 4.01 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long (1) To or (2) From headers.

7.5
2002-10-04 CVE-2002-1073 Atrium Software Buffer Overflow vulnerability in MERCUR Mailserver Control-Service

Buffer overflow in the control service for MERCUR Mailserver 4.2 allows remote attackers to execute arbitrary code via a long password.

7.5
2002-10-04 CVE-2002-1070 PHP Wiki Cross-Site Scripting vulnerability in PHP-Wiki

Cross-site scripting vulnerability in PHPWiki Postnuke wiki module allows remote attackers to execute script as other PHPWiki users via the pagename parameter.

7.5
2002-10-04 CVE-2002-1066 T Hauck Denial Of Service vulnerability in T. Hauck Jana Server POP3 Invalid Message Index

Thomas Hauck Jana Server 1.4.6 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large message index value in a (1) RETR or (2) DELE command to the POP3 server, which exceeds the array limits and allows a buffer overflow attack.

7.5
2002-10-04 CVE-2002-1065 T Hauck Remote Security vulnerability in Jana Web Server

Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, does not restrict the number of unsuccessful login attempts, which makes it easier for remote attackers to gain privileges via brute force username and password guessing.

7.5
2002-10-04 CVE-2002-1062 T Hauck Buffer Overflow vulnerability in T. Hauck Jana web Server

Signedness error in Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allows remote attackers to execute arbitrary code via long (1) Username, (2) Password, or (3) Hostname entries.

7.5
2002-10-04 CVE-2002-1061 T Hauck Buffer Overflow vulnerability in T. Hauck Jana web Server

Multiple buffer overflows in Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allow remote attackers to cause a denial of service and possibly execute arbitrary code via (1) an HTTP GET request with a long major version number, (2) an HTTP GET request to the HTTP proxy on port 3128 with a long major version number, (3) a long OK reply from a POP3 server, and (4) a long SMTP server response.

7.5
2002-10-04 CVE-2002-1059 VAN Dyke Technologies Buffer Overflow vulnerability in SecureCRT SSH1 Identifier String

Buffer overflow in Van Dyke SecureCRT SSH client before 3.4.6, and 4.x before 4.0 beta 3, allows an SSH server to execute arbitrary code via a long SSH1 protocol version string.

7.5
2002-10-04 CVE-2002-1057 Smartmax Software Buffer Overflow vulnerability in Smartmax Software Mailmax 4.8

Buffer overflow in SmartMax MailMax POP3 daemon (popmax) 4.8 allows remote attackers to execute arbitrary code via a long USER command.

7.5
2002-10-04 CVE-2002-1050 Hylafax Remote Buffer Overflow vulnerability in Hylafax Oversized Scan Line

Buffer overflow in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long line of image data.

7.5
2002-10-04 CVE-2002-1048 HP Unspecified vulnerability in HP Jetdirect

HP JetDirect printers allow remote attackers to obtain the administrative password for the (1) web and (2) telnet services via an SNMP request to the variable (.iso.3.6.1.4.1.11.2.3.9.4.2.1.3.9.1.1.0.

7.5
2002-10-04 CVE-2002-1047 Watchguard Remote Security vulnerability in Watchguard Soho Firewall 5.0.35A

The FTP service in Watchguard Soho Firewall 5.0.35a allows remote attackers to gain privileges with a correct password but an incorrect user name.

7.5
2002-10-04 CVE-2002-1044 Ultrafunk Denial of Service vulnerability in Ultrafunk Popcorn 1.20

Buffer overflow in Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long Subject field.

7.5
2002-10-04 CVE-2002-1036 Zoltan Milosevic Cross-Site Scripting vulnerability in Fluid Dynamics Search Engine

Cross-site scripting vulnerability in search.pl for Fluid Dynamics Search Engine (FDSE) before 2.0.0.0055 allows remote attackers to execute web script via the (1) Rank or (2) Match parameters.

7.5
2002-10-04 CVE-2002-1032 KEY Focus Denial-Of-Service vulnerability in KF Web Server

Buffer overflow in KeyFocus (KF) web server 1.0.5 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed HTTP header.

7.5
2002-10-04 CVE-2002-1027 Macromedia Cross-Site Scripting vulnerability in Macromedia Sitespring 1.2.0

Cross-site scripting vulnerability in the default HTTP 500 error script (500error.jsp) for Macromedia Sitespring 1.2.0 (277.1) allows remote attackers to execute arbitrary web script via a link to 500error.jsp with the script in 1the et parameter.

7.5
2002-10-04 CVE-2002-1022 Working Resources INC Unspecified vulnerability in Working Resources Inc. Badblue 1.7.3Enterprise/1.7.3Personal

BadBlue server stores passwords in plaintext in the ext.ini file, which could allow local and possibly remote attackers to gain privileges.

7.5
2002-10-04 CVE-2002-1015 Realnetworks Unspecified vulnerability in Realnetworks Realjukebox 2, Realjukebox 2 Plus and Realone Player

RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary script in the Local computer zone by inserting the script into the skin.ini file of an RJS archive, then referencing skin.ini from a web page after it has been extracted, which is parsed as HTML by Internet Explorer or other Microsoft-based web readers.

7.5
2002-10-04 CVE-2002-1014 Realnetworks Unspecified vulnerability in Realnetworks Realjukebox 2, Realjukebox 2 Plus and Realone Player

Buffer overflow in RealJukebox 2 1.0.2.340 and 1.0.2.379, and RealOne Player Gold 6.0.10.505, allows remote attackers to execute arbitrary code via an RFS skin file whose skin.ini contains a long value in a CONTROLnImage argument, such as CONTROL1Image.

7.5
2002-10-04 CVE-2002-1012 IBM Buffer Overrun vulnerability in IBM Tivoli Management Framework ManagedNode

Buffer overflow in web server for Tivoli Management Framework (TMF) ManagedNode 3.6.x through 3.7.1 allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request.

7.5
2002-10-04 CVE-2002-1011 IBM Buffer Overflow vulnerability in IBM Tivoli Management Framework Endpoint

Buffer overflow in web server for Tivoli Management Framework (TMF) Endpoint 3.6.x through 3.7.1, before Fixpack 2, allows remote attackers to cause a denial of service or execute arbitrary code via a long HTTP GET request.

7.5
2002-10-04 CVE-2002-1010 Lotus Security Bypass vulnerability in Domino R4

Lotus Domino R4 allows remote attackers to bypass access restrictions for files in the web root via an HTTP request appended with a "?" character, which is treated as a wildcard character and bypasses the web handlers.

7.5
2002-10-04 CVE-2002-1009 Summit Computer Networks Cross-Site Scripting vulnerability in Summit Computer Networks LIL Http Server 2.1/2.2

Cross-site scripting vulnerability in PowerBASIC pbcgi.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via the (1) "Name" or (2) "E-mail" parameters.

7.5
2002-10-04 CVE-2002-1008 Summit Computer Networks HTML Injection vulnerability in Summit Computer Networks LIL Http Server 2.1/2.2

Cross-site scripting vulnerability in PowerBASIC urlcount.cgi, as included in Lil' HTTP web server, allows remote attackers to execute arbitrary web script in other web browsers via a request to urlcount.cgi that contains the script, which is not filtered when the REPORT capability prints the original request.

7.5
2002-10-04 CVE-2002-1007 Blackboard Cross-Site Scripting vulnerability in Blackboard 5.0

Cross-site scripting vulnerabilities in Blackboard 5 allow remote attackers to execute arbitrary web script via (1) the course_id parameter in a link to login.pl, (2) the CTID parameter in ProcessInfo.cgi, or (3) the Message parameter in index.cgi.

7.5
2002-10-04 CVE-2002-1003 Mywebserver Buffer Overflow vulnerability in MyWebServer GET Request

Buffer overflow in MyWebServer 1.02 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request.

7.5
2002-10-04 CVE-2002-1001 Analogx Buffer Overflow vulnerability in AnalogX Proxy Socks4A

Buffer overflows in AnalogX Proxy before 4.12 allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long HTTP request to TCP port 6588 or (2) a SOCKS 4A request to TCP port 1080 with a long DNS hostname.

7.5
2002-10-04 CVE-2002-1000 Analogx Buffer Overflow vulnerability in Analogx Simpleserver Shout 1.0

Buffer overflow in AnalogX SimpleServer:Shout 1.0 allows remote attackers to cause a denial of service and execute arbitrary code via a long request to TCP port 8001.

7.5
2002-10-04 CVE-2002-0996 Novell Buffer Overflow vulnerability in Novell Netmail and Netmail XE

Multiple buffer overflows in Novell NetMail (NIMS) 3.0.3 before 3.0.3C allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) WebAdmin or (2) ModWeb.

7.5
2002-10-04 CVE-2002-0995 Gianluca Baldo Unspecified vulnerability in Gianluca Baldo PHPauction

login.php for PHPAuction allows remote attackers to gain privileges via a direct call to login.php with the action parameter set to "insert," which adds the provided username to the adminUsers table.

7.5
2002-10-04 CVE-2002-0994 SUN Unspecified vulnerability in SUN PCI II Driver 2.3

SunPCi II VNC uses a weak authentication scheme, which allows remote attackers to obtain the VNC password by sniffing the random byte challenge, which is used as the key for encrypted communications.

7.5
2002-10-04 CVE-2002-0968 Analogx Buffer Overflow vulnerability in AnalogX SimpleServer:WWW Web Server

Buffer overflow in AnalogX SimpleServer:WWW 1.16 and earlier allows remote attackers to cause a denial of service (crash) and execute code via a long HTTP request method name.

7.5
2002-10-04 CVE-2002-0967 Edonkey2000 Buffer Overflow vulnerability in EDonkey 2000 URI Handler

Buffer overflow in eDonkey 2000 35.16.60 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long "ed2k:" URL.

7.5
2002-10-04 CVE-2002-0966 ACI Buffer Overflow vulnerability in ACI 4D Webserver 6.7.3

Buffer overflow in 4D web server 6.7.3 allow remote attackers to cause a denial of service and possibly execute arbitrary code via a long HTTP request.

7.5
2002-10-04 CVE-2002-0965 Oracle Remote Buffer Overflow vulnerability in Oracle TNSListener SERVICE_NAME

Buffer overflow in TNS Listener for Oracle 9i Database Server on Windows systems, and Oracle 8 on VM, allows local users to execute arbitrary code via a long SERVICE_NAME parameter, which is not properly handled when writing an error message to a log file.

7.5
2002-10-04 CVE-2002-0962 Geeklog Cross-Site Scripting vulnerability in Geeklog 1.3/1.3.0/1.3.5

Cross-site scripting vulnerabilities in GeekLog 1.3.5 and earlier allow remote attackers to execute arbitrary script via (1) the url variable in the Link field of a calendar event, (2) the topic parameter in index.php, or (3) the title parameter in comment.php.

7.5
2002-10-04 CVE-2002-0961 Voxel Code Injection vulnerability in Voxel Dot Net CBMS

Vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allow remote attackers to conduct unauthorized operations as other users, e.g.

7.5
2002-10-04 CVE-2002-0960 Voxel Code Injection vulnerability in Voxel Dot Net CBMS

Multiple cross-site scripting vulnerabilities in Voxel Dot Net CBMS 0.7 and earlier allows remote attackers to execute arbitrary script as other CBMS users.

7.5
2002-10-04 CVE-2002-0959 Splatt Unspecified vulnerability in Splatt Forum 3.0

Cross-site scripting vulnerability in Splatt Forum 3.0 allows remote attackers to execute arbitrary script as other users via an [img] tag with a closing quote followed by the script.

7.5
2002-10-04 CVE-2002-0958 Ekilat LLC Cross-Site Scripting vulnerability in Ekilat LLC PHP(Reactor) 1.2.7

Cross-site scripting vulnerability in browse.php for PHP(Reactor) 1.2.7 allows remote attackers to execute script as other users via the go parameter in the comments section.

7.5
2002-10-04 CVE-2002-0956 ISS Unspecified vulnerability in ISS Blackice Agent 3.1Eal

BlackICE Agent 3.1.eal does not always reactivate after a system standby, which could allow remote attackers and local users to bypass intended firewall restrictions.

7.5
2002-10-04 CVE-2002-0955 Yabb Cross-Site Scripting vulnerability in Yabb 1Goldsp1

Cross-site scripting vulnerability in YaBB.cgi for Yet Another Bulletin Board (YaBB) 1 Gold SP1 and earlier allows remote attackers to execute arbitrary script as other web site visitors via script in the num parameter, which is not filtered in the resulting error message.

7.5
2002-10-04 CVE-2002-0954 Cisco Remote Security vulnerability in PIX Firewall

The encryption algorithms for enable and passwd commands on Cisco PIX Firewall can be executed quickly due to a limited number of rounds, which make it easier for an attacker to decrypt the passwords using brute force techniques.

7.5
2002-10-04 CVE-2002-0953 PHP Address Remote File Include vulnerability in PHP Address PHP Address 0.2E

globals.php in PHP Address before 0.2f, with the PHP allow_url_fopen and register_globals variables enabled, allows remote attackers to execute arbitrary PHP code via a URL to the code in the LangCookie parameter.

7.5
2002-10-04 CVE-2002-0950 Transware HTML Injection vulnerability in TransWare Active Mail 1.422/2.0

Cross-site scripting vulnerability in TransWARE Active! mail 1.422 and 2.0 allows remote attackers to execute arbitrary code via a certain e-mail header, which is not properly filtered.

7.5
2002-10-04 CVE-2002-0949 Telindus Unspecified vulnerability in Telindus Adsl Router 1110/1120

Telindus 1100 series ADSL router allows remote attackers to gain privileges to the device via a certain packet to UDP port 9833, which generates a reply that includes the router's password and other sensitive information in cleartext.

7.5
2002-10-04 CVE-2002-0948 Scripts FOR Educators Unspecified vulnerability in Scripts for Educators Makebook 2.2

Scripts For Educators MakeBook 2.2 CGI program allows remote attackers to execute script as other visitors, or execute server-side includes (SSI) as the web server, via the (1) Name or (2) Email parameters, which are not properly filtered.

7.5
2002-10-04 CVE-2002-0947 Oracle Remote Buffer Overflow vulnerability in Oracle Application Server and Reports

Buffer overflow in rwcgi60 CGI program for Oracle Reports Server 6.0.8.18.0 and earlier, as used in Oracle9iAS and other products, allows remote attackers to execute arbitrary code via a long database name parameter.

7.5
2002-10-04 CVE-2002-0945 Seanox Buffer Overflow vulnerability in Seanox Devwex 20020520

Buffer overflow in SeaNox Devwex allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP GET request.

7.5
2002-10-04 CVE-2002-0944 Deepmetrix Unspecified vulnerability in Deepmetrix Livestats 6.2

Cross-site scripting vulnerability in DeepMetrix LiveStats 5.03 through 6.2.1 allows remote attackers to execute arbitrary script as the LiveStats user via the (1) user-agent or (2) referrer, which are not filtered by the stats program.

7.5
2002-10-04 CVE-2002-0942 Lumigent Buffer Overflow vulnerability in Lumigent Log Explorer XP_LogAttach_StartProf

Buffer overflows in Lugiment Log Explorer before 3.02 allow attackers with database permissions to execute arbitrary code via long arguments to the extended stored procedures (1) xp_logattach_StartProf, (2) xp_logattach_setport, or (3) xp_logattach.

7.5
2002-10-04 CVE-2002-0938 Cisco Cross-Site Scripting vulnerability in Cisco Secure ACS

Cross-site scripting vulnerability in CiscoSecure ACS 3.0 allows remote attackers to execute arbitrary script or HTML as other web users via the action argument in a link to setup.exe.

7.5
2002-10-04 CVE-2002-0933 Datalex Authentication Credentials vulnerability in Datalex Bookit! Consumer Plaintext

Datalex PLC BookIt! Consumer before 2.2 stores usernames and passwords in plaintext in a cookie, which could allow remote attackers to gain privileges via Cross-site scripting or sniffing attacks.

7.5
2002-10-04 CVE-2002-0931 Luis Bernardo HTML Injection vulnerability in MyHelpDesk

Cross-site scripting vulnerabilities in MyHelpDesk 20020509, and possibly other versions, allows remote attackers to execute script as other users via a (1) Title or (2) Description when a new ticket is created by a support assistant, via the "id" parameter to the index.php script with the (3) tickettime, (4) ticketfiles, or (5) updateticketlog operations, or (6) via the update section when a ticket is edited.

7.5
2002-10-04 CVE-2002-0928 Pirch Buffer Overrun vulnerability in Pirch IRC 98

Buffer overflow in the Pirch 98 IRC client allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long hyperlink in a channel or private message.

7.5
2002-10-04 CVE-2002-0925 Matthew Mondor Unspecified vulnerability in Matthew Mondor Mmftpd and Mmmail

Format string vulnerability in mmsyslog function allows remote attackers to execute arbitrary code via (1) the USER command to mmpop3d for mmmail 0.0.13 and earlier, (2) the HELO command to mmsmtpd for mmmail 0.0.13 and earlier, or (3) the USER command to mmftpd 0.0.7 and earlier.

7.5
2002-10-04 CVE-2002-0924 Cgiscript NET Remote Command Execution vulnerability in CSNews

CGIScript.net csNews.cgi allows remote authenticated users to execute arbitrary Perl code via terminating quotes and metacharacters in text fields of the "Advanced Settings" capability.

7.5
2002-10-04 CVE-2002-0923 Cgiscript NET Unspecified vulnerability in Cgiscript.Net Csnews 1.0/1.0Professional

CGIScript.net csNews.cgi allows remote authenticated users to read arbitrary files, and possibly gain privileges, via the (1) pheader or (2) pfooter parameters in the "Advanced Settings" capability.

7.5
2002-10-04 CVE-2002-0919 Cgiscript NET Unspecified vulnerability in Cgiscript.Net Cspassword 1.0

CGIScript.net csPassword.cgi allows remote authenticated users to modify the .htaccess file and gain privileges via newlines in the title field of the edit page.

7.5
2002-10-04 CVE-2002-0917 Cgiscript NET Unspecified vulnerability in Cgiscript.Net Cspassword 1.0

CGIScript.net csPassword.cgi stores .htpasswd files under the web document root, which could allow remote authenticated users to download the file and crack the passwords of other users.

7.5
2002-10-04 CVE-2002-0916 Stellar X Software Unspecified vulnerability in Stellar-X Software Msntauth

Format string vulnerability in the allowuser code for the Stellar-X msntauth authentication module, as distributed in Squid 2.4.STABLE6 and earlier, allows remote attackers to execute arbitrary code via format strings in the user name, which are not properly handled in a syslog call.

7.5
2002-10-04 CVE-2002-0913 Stephen Hebditch Remote Format String vulnerability in Stephen Hebditch Slurp 1.1.0

Format string vulnerability in log_doit function of Slurp NNTP client 1.1.0 allows a malicious news server to execute arbitrary code on the client via format strings in a server response.

7.5
2002-10-04 CVE-2002-0910 Debian Buffer Overflow vulnerability in Debian Netstd 3.07

Buffer overflows in netstd 3.07-17 package allows remote DNS servers to execute arbitrary code via a long FQDN reply, as observed in the utilities (1) linux-ftpd, (2) pcnfsd, (3) tftp, (4) traceroute, or (5) from/to.

7.5
2002-10-04 CVE-2002-0909 Matsushita Research Buffer Overflow vulnerability in MNews

Multiple buffer overflows in mnews 1.22 and earlier allow (1) a remote NNTP server to execute arbitrary code via long responses, or local users can gain privileges via long command line arguments (2) -f, (3) -n, (4) -D, (5) -M, or (6) -P, or via long environment variables (7) JNAMES or (8) MAILSERVER.

7.5
2002-10-04 CVE-2002-0907 Nullsoft Remote Buffer Overflow vulnerability in Nullsoft Shoutcast Server 1.8.9

Buffer overflow in SHOUTcast 1.8.9 and other versions before 1.8.12 allows a remote authenticated DJ to execute arbitrary code on the server via a long value in a header whose name begins with "icy-".

7.5
2002-10-04 CVE-2002-0906 Sendmail Buffer Overflow vulnerability in Sendmail DNS Map TXT Record

Buffer overflow in Sendmail before 8.12.5, when configured to use a custom DNS map to query TXT records, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malicious DNS server.

7.5
2002-10-04 CVE-2002-0904 Kismet Remote Command Execution vulnerability in Kismet ESSID

SayText function in Kismet 2.2.1 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters (backtick or pipe) in the essid argument.

7.5
2002-10-04 CVE-2002-0903 Woltlab Unspecified vulnerability in Woltlab Burning Board 1.1.1

register.php for WoltLab Burning Board (wbboard) 1.1.1 uses a small number of random values for the "code" parameter that is provided to action.php to approve a new registration, along with predictable new user ID's, which allows remote attackers to hijack new user accounts via a brute force attack on the new user ID and the code value.

7.5
2002-10-04 CVE-2002-0902 Phpbb Group HTML Injection vulnerability in PHPBB2 Image Tag

Cross-site scripting vulnerability in phpBB 2.0.0 (phpBB2) allows remote attackers to execute Javascript as other phpBB users by including a http:// and a double-quote (") in the [IMG] tag, which bypasses phpBB's security check, terminates the src parameter of the resulting HTML IMG tag, and injects the script.

7.5
2002-10-04 CVE-2002-0900 MIT Remote Buffer Overflow vulnerability in MIT PGP Public Key Server Search String

Buffer overflow in pks PGP public key web server before 0.9.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long search argument to the lookup capability.

7.5
2002-10-04 CVE-2002-0899 Blueface Unspecified vulnerability in Blueface Falcon web Server 2.0.0.1021/2.0.0.1021Ssl

Falcon web server 2.0.0.1021 and earlier allows remote attackers to bypass access restrictions for protected files via a URL whose directory portion ends in a .

7.5
2002-10-04 CVE-2002-0897 Intranet Server Unspecified vulnerability in Intranet-Server Localweb2000 2.1.0Standardversion

LocalWEB2000 2.1.0 web server allows remote attackers to bypass access restrictions for restricted files via a URL that contains the "/./" directory.

7.5
2002-10-04 CVE-2002-0895 Matu Buffer Overflow vulnerability in Matu FTP 1.13

Buffer overflow in MatuFtpServer 1.1.3.0 (1.1.3) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long PASS (password) command.

7.5
2002-10-04 CVE-2002-0888 3Com Unspecified vulnerability in 3Com 3Cp4144 1.1.7/1.1.9

3Com OfficeConnect Remote 812 ADSL Router, firmware 1.1.9 and 1.1.7, allows remote attackers to bypass port access restrictions by connecting to an approved port and quickly connecting to the desired port, which is allowed by the router.

7.5
2002-10-04 CVE-2002-0885 Caldera
SUN
Multiple vulnerability in Multiple Vendor In.Rarpd

Multiple buffer overflows in in.rarpd (ARP server) on Solaris, and possibly other operating systems including Caldera UnixWare and Open UNIX, allow remote attackers to execute arbitrary code, possibly via the functions (1) syserr and (2) error.

7.5
2002-10-04 CVE-2002-0884 Caldera
SUN
Multiple vulnerability in Multiple Vendor In.Rarpd

Multiple format string vulnerabilities in in.rarpd (ARP server) on Solaris, Caldera UnixWare and Open UNIX, and possibly other operating systems, allows remote attackers to execute arbitrary code via format strings that are not properly handled in the functions (1) syserr and (2) error.

7.5
2002-10-04 CVE-2002-0878 Logisense SQL Injection vulnerability in LogiSense Hawk-i Login

SQL injection vulnerability in the login form for LogiSense software including (1) Hawk-i Billing, (2) Hawk-i ASP and (3) DNS Manager allows remote attackers to bypass authentication via SQL code in the password field.

7.5
2002-10-04 CVE-2002-0850 PGP Buffer Overflow vulnerability in PGP Corporate Desktop 7.1.1

Buffer overflow in PGP Corporate Desktop 7.1.1 allows remote attackers to execute arbitrary code via an encrypted document that has a long filename when it is decrypted.

7.5
2002-10-04 CVE-2002-0837 Wordtrans Remote Command Execution vulnerability in Wordtrans-web

wordtrans 1.1pre8 and earlier in the wordtrans-web package allows remote attackers to (1) execute arbitrary code or (2) conduct cross-site scripting attacks via certain parameters (possibly "dict") to the wordtrans.php script.

7.5
2002-10-04 CVE-2002-0696 Microsoft Unspecified vulnerability in Microsoft Visual Foxpro 6.0

Microsoft Visual FoxPro 6.0 does not register its associated files with Internet Explorer, which allows remote attackers to execute Visual FoxPro applications without warning via HTML that references specially-crafted filenames.

7.5
2002-10-04 CVE-2002-0664 Granite Software Unspecified vulnerability in Granite Software Zmerge 4.0/5.0

The default Access Control Lists (ACLs) of the administration database for ZMerge 4.x and 5.x provides arbitrary users (including anonymous users) with Manager level access, which allows the users to read or modify import/export scripts.

7.5
2002-10-04 CVE-2002-0384 ROB Flynn Buffer Overflow vulnerability in Gaim Jabber Plug-In

Buffer overflow in Jabber plug-in for Gaim client before 0.58 allows remote attackers to execute arbitrary code.

7.5
2002-10-04 CVE-2002-1129 Compaq
Digital
Buffer Overflow vulnerability in HP Tru64/OSF1 DXTerm

Buffer overflow in dxterm allows local users to execute arbitrary code via a long -xrm argument.

7.2
2002-10-04 CVE-2002-1128 Digital Local Buffer Overflow vulnerability in Digital OSF 1 and Ultrix

Buffer overflow in inc mail utility for Compaq Tru64/OSF1 3.x allows local users to execute arbitrary code via a long MH environment variable.

7.2
2002-10-04 CVE-2002-1127 Digital Local Buffer Overflow vulnerability in HP Tru64 UUCP

Buffer overflow in uucp in Compaq Tru64/OSF1 3.x allows local users to execute arbitrary code via a long source (-s) command line parameter.

7.2
2002-10-04 CVE-2002-1013 Inktomi Buffer Overflow vulnerability in Inktomi Media-Ixt, Traffic Edge and Traffic Server

Buffer overflow in traffic_manager for Inktomi Traffic Server 4.0.18 through 5.2.2, Traffic Edge 1.1.2 and 1.5.0, and Media-IXT 3.0.4 allows local users to gain root privileges via a long -path argument.

7.2
2002-10-04 CVE-2002-0991 HP Buffer Overflow vulnerability in HP Cifs-9000 Server A.01.05/A.01.06

Buffer overflows in the cifslogin command for HP CIFS/9000 Client A.01.06 and earlier, based on the Sharity package, allows local users to gain root privileges via long (1) -U, (2) -D, (3) -P, (4) -S, (5) -N, or (6) -u parameters.

7.2
2002-10-04 CVE-2002-0911 Caldera Unspecified vulnerability in Caldera Volution Manager 1.1

Caldera Volution Manager 1.1 stores the Directory Administrator password in cleartext in the slapd.conf file, which could allow local users to gain privileges.

7.2
2002-10-04 CVE-2002-0905 IBM Buffer Overflow vulnerability in IBM Informix 7.25.Uc1Se/7.25.Uc2Se/7.25.Uc3Se

Buffer overflow in sqlexec for Informix SE-7.25 allows local users to gain root privileges via a long INFORMIXDIR environment variable.

7.2
2002-10-04 CVE-2002-0883 Compaq Unspecified vulnerability in Compaq Proliant BL E-Class Integrated Administrator Firmware 1.0/1.10

Vulnerability in Compaq ProLiant BL e-Class Integrated Administrator 1.0 and 1.10, allows authenticated users with Telnet, SSH, or console access to conduct unauthorized activities.

7.2
2002-10-03 CVE-2002-1642 Postgresql Unspecified vulnerability in Postgresql 7.2/7.2.1/7.2.2

PostgreSQL 7.2.1 and 7.2.2 allows local users to delete transaction log (pg_clog) data and cause a denial of service (data loss) via the VACUUM command.

7.2
2002-10-04 CVE-2002-1024 Cisco Resource Management Errors vulnerability in Cisco products

Cisco IOS 12.0 through 12.2, when supporting SSH, allows remote attackers to cause a denial of service (CPU consumption) via a large packet that was designed to exploit the SSH CRC32 attack detection overflow (CVE-2001-0144).

7.1

106 Medium Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2002-10-04 CVE-2002-1053 W3C Cross-Site Scripting vulnerability in W3C Jigsaw 2.2

Cross-site scripting (XSS) vulnerability in W3C Jigsaw Proxy Server before 2.2.1 allows remote attackers to execute arbitrary script via a URL that contains a reference to a nonexistent host followed by the script, which is included in the resulting error message.

6.8
2002-10-04 CVE-2002-1006 BBC Education Cross-Site Scripting vulnerability in Betsie Parserl.PL

Cross-site scripting (XSS) vulnerability in BBC Education Text to Speech Internet Enhancer (Betsie) 1.5.11 and earlier allows remote attackers to execute arbitrary web script via parserl.pl.

6.8
2002-10-04 CVE-2002-1084 Visualshapers Remote Security vulnerability in ezContents

The VerifyLogin function in ezContents 1.41 and earlier does not properly halt program execution if a user fails to log in properly, which allows remote attackers to modify and view restricted information via HTTP POST requests.

6.4
2002-10-04 CVE-2002-1054 Pablo Software Solutions Unspecified vulnerability in Pablo Software Solutions Pablo FTP Server 1.0Build9

Directory traversal vulnerability in Pablo FTP server 1.0 build 9 and earlier allows remote authenticated users to list arbitrary directories via "..\" (dot-dot backslash) sequences in a LIST command.

6.4
2002-10-04 CVE-2002-0943 Metalinks Information Disclosure vulnerability in Metacart2.Sql

MetaCart2.sql stores the user database under the web document root without access controls, which allows remote attackers to obtain sensitive information such as passwords and credit card numbers via a direct request for metacart.mdb.

6.4
2002-10-04 CVE-2002-0934 JON Hedley Directory Traversal vulnerability in JON Hedley Alienform2 1.5

Directory traversal vulnerability in Jon Hedley AlienForm2 (typically installed as af.cgi or alienform.cgi) allows remote attackers to read or modify arbitrary files via an illegal character in the middle of a ..

6.4
2002-10-04 CVE-2002-0932 Luis Bernardo SQL Injection vulnerability in MyHelpDesk

SQL injection vulnerability in index.php for MyHelpDesk 20020509, and possibly other versions, allows remote attackers to conduct unauthorized activities via SQL code in the "id" parameter for the operations (1) detailticket, (2) editticket, or (3) updateticketlog.

6.4
2002-10-04 CVE-2002-0882 Cisco Denial Of Service vulnerability in Cisco products

The web server for Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allows remote attackers to cause a denial of service (reset) and possibly read sensitive memory via a large integer value in (1) the stream ID of the StreamingStatistics script, or (2) the port ID of the PortInformation script.

6.4
2002-10-04 CVE-2002-0920 Cgiscript NET Unspecified vulnerability in Cgiscript.Net Cspassword 1.0

CGIScript.net csPassword.cgi stores usernames and unencrypted passwords in the password.cgi.tmp temporary file while modifying data, which could allow local users (and possibly remote attackers) to gain privileges by stealing the file before it has been processed.

5.1
2002-10-04 CVE-2002-1134 HP Unspecified vulnerability in HP Webes Service Tools 2.0/3.1/4.0

Unknown vulnerability in Compaq WEBES Service Tools 2.0 through WEBES 4.0 (Service Pack 5) allows local users to read privileged files.

5.0
2002-10-04 CVE-2002-1133 Funsoft Unspecified vulnerability in Funsoft Dinos Webserver 1.2

Encoded directory traversal vulnerability in Dino's web server 2.1 allows remote attackers to read arbitrary files via ".." (dot dot) sequences with URL-encoded (1) "/" (%2f") or (2) "\" (%5c) characters.

5.0
2002-10-04 CVE-2002-1132 Squirrelmail Path Disclosure vulnerability in SquirrelMail Options.PHP Web Root

SquirrelMail 1.2.7 and earlier allows remote attackers to determine the absolute pathname of the options.php script via a malformed optpage file argument, which generates an error message when the file cannot be included in the script.

5.0
2002-10-04 CVE-2002-1117 Symantec Veritas Denial-Of-Service vulnerability in Backup Exec

Veritas Backup Exec 8.5 and earlier requires that the "RestrictAnonymous" registry key for Microsoft Exchange 2000 must be set to 0, which enables anonymous listing of the SAM database and shares.

5.0
2002-10-04 CVE-2002-1115 Mantis Unspecified vulnerability in Mantis

Mantis 0.17.4a and earlier allows remote attackers to view private bugs by modifying the f_id bug ID parameter to (1) bug_update_advanced_page.php, (2) bug_update_page.php, (3) view_bug_advanced_page.php, or (4) view_bug_page.php.

5.0
2002-10-04 CVE-2002-1112 Mantis Unspecified vulnerability in Mantis

Mantis before 0.17.4 allows remote attackers to list project bugs without authentication by modifying the cookie that is used by the "View Bugs" page.

5.0
2002-10-04 CVE-2002-1111 Mantis Permissions, Privileges, and Access Controls vulnerability in Mantis

print_all_bug_page.php in Mantis 0.17.3 and earlier does not verify the limit_reporters option, which allows remote attackers to view bug summaries for bugs that would otherwise be restricted.

5.0
2002-10-04 CVE-2002-1108 Cisco Unspecified vulnerability in Cisco VPN Client

Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.6(Rel), when configured with all tunnel mode, can be forced into acknowledging a TCP packet from outside the tunnel.

5.0
2002-10-04 CVE-2002-1104 Cisco Denial Of Service vulnerability in Cisco VPN Client 2.0/3.0

Cisco Virtual Private Network (VPN) Client software 2.x.x and 3.x before 3.0.5 allows remote attackers to cause a denial of service (crash) via TCP packets with source and destination ports of 137 (NETBIOS).

5.0
2002-10-04 CVE-2002-1103 Cisco Denial-Of-Service vulnerability in Cisco products

Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via (1) malformed or (2) large ISAKMP packets.

5.0
2002-10-04 CVE-2002-1102 Cisco Denial of Service vulnerability in Cisco products

The LAN-to-LAN IPSEC capability for Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.4, allows remote attackers to cause a denial of service via an incoming LAN-to-LAN connection with an existing security association with another device on the remote network, which causes the concentrator to remove the previous connection.

5.0
2002-10-04 CVE-2002-1101 Cisco Denial-Of-Service vulnerability in Cisco products

Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via a long user name.

5.0
2002-10-04 CVE-2002-1100 Cisco Denial Of Service vulnerability in Cisco products

Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to cause a denial of service (crash) via a long (1) username or (2) password to the HTML login interface.

5.0
2002-10-04 CVE-2002-1099 Cisco Information Disclosure vulnerability in Cisco products

Cisco VPN 3000 Concentrator 2.2.x, and 3.x before 3.5.3, allows remote attackers to obtain potentially sensitive information without authentication by directly accessing certain HTML pages.

5.0
2002-10-04 CVE-2002-1095 Cisco Remote Denial Of Service vulnerability in Cisco products

Cisco VPN 3000 Concentrator before 2.5.2(F), with encryption enabled, allows remote attackers to cause a denial of service (reload) via a Windows-based PPTP client with the "No Encryption" option set.

5.0
2002-10-04 CVE-2002-1094 Cisco Unspecified vulnerability in Cisco products

Information leaks in Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.5.4 allow remote attackers to obtain potentially sensitive information via the (1) SSH banner, (2) FTP banner, or (3) an incorrect HTTP request.

5.0
2002-10-04 CVE-2002-1093 Cisco Denial Of Service vulnerability in Cisco HTTP Interface Long Request

HTML interface for Cisco VPN 3000 Concentrator 2.x.x and 3.x.x before 3.0.3(B) allows remote attackers to cause a denial of service (CPU consumption) via a long URL request.

5.0
2002-10-04 CVE-2002-1089 Oracle Information Disclosure vulnerability in Oracle Application Server and Reports

rwcgi60 CGI program in Oracle Reports Server, by design, provides sensitive information such as the full pathname, which could enable remote attackers to use the information in additional attacks.

5.0
2002-10-04 CVE-2002-1087 Visualshapers Remote Security vulnerability in ezContents

The scripts (1) createdir.php, (2) removedir.php and (3) uploadfile.php for ezContents 1.41 and earlier do not check credentials, which allows remote attackers to create or delete directories and upload files via a direct HTTP POST request.

5.0
2002-10-04 CVE-2002-1083 Visualshapers Directory Traversal vulnerability in ezContents

Directory traversal vulnerabilities in ezContents 1.41 and earlier allow remote attackers to cause ezContents to (1) create directories using the Maintain Images:Add New:Create Subdirectory item, or (2) list directories using the Maintain Images file listing, via ..

5.0
2002-10-04 CVE-2002-1082 Visualshapers Remote Security vulnerability in ezContents

The Image Upload capability for ezContents 1.40 and earlier allows remote attackers to cause ezContents to perform operations on local files as if they were uploaded.

5.0
2002-10-04 CVE-2002-1081 Aprelium Technologies Information Disclosure vulnerability in Abyss Web Server Malicious HTTP Request

The Administration console for Abyss Web Server 1.0.3 allows remote attackers to read files without providing login credentials via an HTTP request to a target file that ends in a "+" character.

5.0
2002-10-04 CVE-2002-1079 Aprelium Technologies Directory Traversal vulnerability in Aprelium Technologies Abyss web Server 1.0.3P2

Directory traversal vulnerability in Abyss Web Server 1.0.3 allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in an HTTP GET request.

5.0
2002-10-04 CVE-2002-1078 Aprelium Technologies Unspecified vulnerability in Aprelium Technologies Abyss web Server 1.0.3

Abyss Web Server 1.0.3 allows remote attackers to list directory contents via an HTTP GET request that ends in a large number of / (slash) characters.

5.0
2002-10-04 CVE-2002-1077 Ipswitch Denial Of Service vulnerability in IPSwitch IMail Web Calendaring Incomplete Post

IPSwitch IMail Web Calendaring service (iwebcal) allows remote attackers to cause a denial of service (crash) via an HTTP POST request without a Content-Length field.

5.0
2002-10-04 CVE-2002-1072 Zyxel Denial Of Service vulnerability in Zyxel Prestige 642R Router Malformed IP Packet

ZyXEL Prestige 642R 2.50(FA.1) and Prestige 310 V3.25(M.01), allows remote attackers to cause a denial of service via an oversized, fragmented "jolt" style ICMP packet.

5.0
2002-10-04 CVE-2002-1071 Zyxel Denial Of Service vulnerability in Zyxel Prestige 642R Malformed Packet

ZyXEL Prestige 642R allows remote attackers to cause a denial of service in the Telnet, FTP, and DHCP services (crash) via a TCP packet with both the SYN and ACK flags set.

5.0
2002-10-04 CVE-2002-1069 D Link Remote Administration Arbitrary DHCP Address Release vulnerability in D-Link Di-804 4.68

The remote administration capability for the D-Link DI-804 router 4.68 allows remote attackers to bypass authentication and release DHCP addresses or obtain sensitive information via a direct web request to the pages (1) release.htm, (2) Device Status, or (3) Device Information.

5.0
2002-10-04 CVE-2002-1068 D Link Denial Of Service vulnerability in D-Link Print Server Long Post Request

The web server for D-Link DP-300 print server allows remote attackers to cause a denial of service (hang) via a large HTTP POST request.

5.0
2002-10-04 CVE-2002-1067 SEH Denial Of Service vulnerability in SEH IC9 Pocket Print Server Firmware 7.1.30/7.1.36

Administrative web interface for IC9 Pocket Print Server Firmware 7.1.30 and 7.1.36f allows remote attackers to cause a denial of service (reboot and reset) via a long password, possibly due to a buffer overflow.

5.0
2002-10-04 CVE-2002-1064 T Hauck Unspecified vulnerability in T. Hauck Jana web Server

Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, generates different responses for valid and invalid usernames, which allows remote attackers to identify valid users on the server.

5.0
2002-10-04 CVE-2002-1063 T Hauck Denial Of Service vulnerability in T. Hauck Jana Server FTP Server PASV Mode Port Exhaustion

Thomas Hauck Jana Server 2.x through 2.2.1, and 1.4.6 and earlier, allows remote attackers to cause a denial of service (resource exhaustion) via a large number of FTP PASV requests, which consumes all available FTP ports.

5.0
2002-10-04 CVE-2002-1055 Brother Denial Of Service vulnerability in Brother NC-3100H

Buffer overflow in administrative web server for Brother NC-3100h printer allows remote attackers to cause a denial of service via a long password.

5.0
2002-10-04 CVE-2002-1052 W3C Path Disclosure vulnerability in W3C Jigsaw 2.2.1

Jigsaw 2.2.1 on Windows systems allows remote attackers to use MS-DOS device names in HTTP requests to (1) cause a denial of service using the "con" device, or (2) obtain the physical path of the server using two requests to the "aux" device.

5.0
2002-10-04 CVE-2002-1049 Hylafax Denial Of Service vulnerability in Hylafax Incoming TSI Format String

Format string vulnerability in HylaFAX faxgetty before 4.1.3 allows remote attackers to cause a denial of service (crash) via the TSI data element.

5.0
2002-10-04 CVE-2002-1046 Watchguard Denial Of Service vulnerability in WatchGuard Firebox Dynamic VPN Configuration Protocol

Dynamic VPN Configuration Protocol service (DVCP) in Watchguard Firebox firmware 5.x.x allows remote attackers to cause a denial of service (crash) via a malformed packet containing tab characters to TCP port 4110.

5.0
2002-10-04 CVE-2002-1045 Ultrafunk Denial of Service vulnerability in Ultrafunk Popcorn 1.20

Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service (crash) via a malformed Date field that is converted into a year greater than 2037.

5.0
2002-10-04 CVE-2002-1043 Ultrafunk Denial of Service vulnerability in Ultrafunk Popcorn 1.20

Ultrafunk Popcorn 1.20 allows remote attackers to cause a denial of service (crash) via a malformed Subject ("\t\t").

5.0
2002-10-04 CVE-2002-1042 Netscape
SUN
Directory traversal vulnerability in search engine for iPlanet web server 6.0 SP2 and 4.1 SP9, and Netscape Enterprise Server 3.6, when running on Windows platforms, allows remote attackers to read arbitrary files via ..\ (dot-dot backslash) sequences in the NS-query-pat parameter.
5.0
2002-10-04 CVE-2002-1041 IBM Remote Security vulnerability in IBM AIX DCE

Unknown vulnerability in DCE (1) SMIT panels and (2) configuration commands, possibly related to relative pathnames.

5.0
2002-10-04 CVE-2002-1040 IBM Remote Security vulnerability in IBM AIX Websecure

Unknown vulnerability in the WebSecure (DFSWeb) configuration utilities in AIX 4.x, possibly related to relative pathnames.

5.0
2002-10-04 CVE-2002-1039 Michael Dean Directory Traversal vulnerability in Michael Dean Double Choco Latte 20020120/20020215

Directory traversal vulnerability in Double Choco Latte (DCL) before 20020706 allows remote attackers to read arbitrary files via ..

5.0
2002-10-04 CVE-2002-1038 Michael Dean Remote Security vulnerability in Michael Dean Double Choco Latte 20020120/20020215

Double Choco Latte (DCL) before 20020706 does not properly verify if a file was uploaded, which allows remote attackers to conduct certain operations on arbitrary files via the (1) Projects: Upload File Attachment or (2) Work Orders: Import features.

5.0
2002-10-04 CVE-2002-1037 Michael Dean HTML Injection vulnerability in Michael Dean Double Choco Latte 20020120/20020215

Cross-site scripting vulnerability in Double Choco Latte (DCL) before 20020706 allows remote attackers to inject arbitrary HTML, including script, into web pages via the (1) Ticket# Find, (2) Priorities, (3) Severities, (4) Projects, (5) WO# Find, (6) Departments and (7) Users features.

5.0
2002-10-04 CVE-2002-1035 Omnicron Buffer Overflow vulnerability in Omnicron Omnihttpd 2.09

Omnicron OmniHTTPd 2.09 allows remote attackers to cause a denial of service (crash) via an HTTP request with a long, malformed HTTP 1version number.

5.0
2002-10-04 CVE-2002-1033 SUN Unspecified vulnerability in SUN I-Runbook 2.5.2

Directory traversal vulnerability in none.php for SunPS iRunbook 2.5.2 allows remote attackers to read arbitrary files via a "..:" sequence (dot-dot variant) in the argument.

5.0
2002-10-04 CVE-2002-1031 KEY Focus Unspecified vulnerability in KEY Focus KF web Server 1.0.2

KeyFocus (KF) web server 1.0.2 allows remote attackers to list directories and read restricted files via an HTTP request containing a %00 (null) character.

5.0
2002-10-04 CVE-2002-1029 Worldspan Denial Of Service vulnerability in Worldspan RES Manager 4.1

Res Manager in Worldspan for Windows Gateway 4.1 allows remote attackers to cause a denial of service (crash) via a malformed request to TCP port 17990.

5.0
2002-10-04 CVE-2002-1028 Oddsock Denial Of Service vulnerability in Oddsock Song Requester 2.1

Multiple buffer overflows in the CGI programs for Oddsock Song Requester WinAmp plugin 2.1 allow remote attackers to cause a denial of service (crash) via long arguments.

5.0
2002-10-04 CVE-2002-1026 Macromedia Denial Of Service vulnerability in Macromedia Sitespring 1.2.0

Macromedia Sitespring 1.2.0 (277.1) using Sybase runtime engine 7.0.2.1480 allows remote attackers to cause a denial of service (crash) via a long malformed request to TCP port 2500, possibly triggering a buffer overflow.

5.0
2002-10-04 CVE-2002-1025 Macromedia Unspecified vulnerability in Macromedia Jrun 3.0/3.1/4.0

JRun 3.0 through 4.0 allows remote attackers to read JSP source code via an encoded null byte in an HTTP GET request, which causes the server to send the .JSP file unparsed.

5.0
2002-10-04 CVE-2002-1023 Working Resources INC Denial Of Service vulnerability in Working Resources Inc. Badblue 1.7.3Enterprise/1.7.3Personal

BadBlue server allows remote attackers to cause a denial of service (crash) via an HTTP GET request without a URI.

5.0
2002-10-04 CVE-2002-1021 Working Resources INC Unspecified vulnerability in Working Resources Inc. Badblue 1.7.3Enterprise/1.7.3Personal

BadBlue server allows remote attackers to read restricted files, such as EXT.INI, via an HTTP request that contains a hex-encoded null byte.

5.0
2002-10-04 CVE-2002-1020 Adobe Remote Security vulnerability in Adobe Content Server 3.0

The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook even when the maximum number of loans is exceeded by accessing the "Add to bookbag" feature when the server reports that no more copies are available.

5.0
2002-10-04 CVE-2002-1019 Adobe Remote Security vulnerability in Adobe Content Server 3.0

The library feature for Adobe Content Server 3.0 allows a remote attacker to check out an eBook for an arbitrary length of time via a modified loanMin parameter to download.asp.

5.0
2002-10-04 CVE-2002-1018 Adobe Denial-Of-Service vulnerability in Adobe Content Server 3.0

The library feature for Adobe Content Server 3.0 does not verify if a customer has already checked out an eBook, which allows remote attackers to cause a denial of service (resource exhaustion) by checking out the same book multiple times.

5.0
2002-10-04 CVE-2002-1005 Argosoft Denial of Service vulnerability in Argosoft Mail Server 1.8.1.5/1.8.1.6/1.8.1.7

ArGoSoft Mail Server 1.8.1.7 and earlier allows a webmail user to cause a denial of service (CPU consumption) by forwarding the email to the user while autoresponse is enabled, which creates an infinite loop.

5.0
2002-10-04 CVE-2002-1004 Argosoft Directory Traversal vulnerability in Argosoft Mail Server 1.8.1.5

Directory traversal vulnerability in webmail feature of ArGoSoft Mail Server Plus or Pro 1.8.1.5 and earlier allows remote attackers to read arbitrary files via ..

5.0
2002-10-04 CVE-2002-1002 Novell Denial of Service vulnerability in Novell Emframe 1.2.1

Buffer overflow in Novell iManager (eMFrame 1.2.1) allows remote attackers to cause a denial of service (crash) via a long user name.

5.0
2002-10-04 CVE-2002-0997 Novell Denial Of Service vulnerability in Novell Netmail and Netmail XE

Buffer overflows in IMAP Agent (imapd) for Novell NetMail (NIMS) 3.0.3 before 3.0.3A allows remote attackers to cause a denial of service.

5.0
2002-10-04 CVE-2002-0964 Valve Software Denial Of Service vulnerability in Valve Software Half-Life and Half-Life Dedicated Server

Half-Life Server 1.1.1.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via multiple responses to the initial challenge with different cd_key values, which reaches the player limit and prevents other players from connecting until the original responses have timed out.

5.0
2002-10-04 CVE-2002-0963 Geeklog SQL Injection vulnerability in Geeklog 1.3/1.3.0/1.3.5

SQL injection vulnerability in comment.php for GeekLog 1.3.5 and earlier allows remote attackers to obtain sensitive user information via the pid parameter.

5.0
2002-10-04 CVE-2002-0957 ISS Denial-Of-Service vulnerability in ISS Blackice Agent 3.1Eal/3.1Ebh

The default configuration of BlackICE Agent 3.1.eal and 3.1.ebh has a high tcp.maxconnections setting, which could allow remote attackers to cause a denial of service (memory consumption) via a large number of connections to the BlackICE system that consumes more resources than intended by the user.

5.0
2002-10-04 CVE-2002-0952 Cisco Denial Of Service vulnerability in Cisco Optical Networking Systems Software 3.1.0/3.2.0

Cisco ONS15454 optical transport platform running ONS 3.1.0 to 3.2.0 allows remote attackers to cause a denial of service (reset) by sending IP packets with non-zero Type of Service (TOS) bits to the Timing Control Card (TCC) LAN interface.

5.0
2002-10-04 CVE-2002-0946 Seanox Unspecified vulnerability in Seanox Devwex 20020520

Directory traversal vulnerability in SeaNox Devwex before 1.2002.0601 allows remote attackers to read arbitrary files via ..\ (dot dot) sequences in an HTTP request.

5.0
2002-10-04 CVE-2002-0937 Macromedia Denial Of Service vulnerability in Macromedia Jrun 3.0/3.1/4.0

The Java Server Pages (JSP) engine in JRun allows web page owners to cause a denial of service (engine crash) on the web server via a JSP page that calls WPrinterJob().pageSetup(null,null).

5.0
2002-10-04 CVE-2002-0930 Novell Unspecified vulnerability in Novell Netware 6.0

Format string vulnerability in the FTP server for Novell Netware 6.0 SP1 (NWFTPD) allows remote attackers to cause a denial of service (ABEND) via format strings in the USER command.

5.0
2002-10-04 CVE-2002-0929 Novell Unspecified vulnerability in Novell Netware 6.0

Buffer overflows in the DHCP server for NetWare 6.0 SP1 allow remote attackers to cause a denial of service (reboot) via long DHCP requests.

5.0
2002-10-04 CVE-2002-0926 Wolfram Research Unspecified vulnerability in Wolfram Research Webmathematica 4.0Amateur/4.0Professional

Directory traversal vulnerability in Wolfram Research webMathematica 1.0.0 and 1.0.0.1 allows remote attackers to read arbitrary files via a ..

5.0
2002-10-04 CVE-2002-0922 Cgiscript NET Unspecified vulnerability in Cgiscript.Net Csnews 1.0/1.0Professional

CGIScript.net csNews.cgi allows remote attackers to obtain database files via a direct URL-encoded request to (1) default%2edb or (2) default%2edb.style, or remote authenticated users to perform administrative actions via (3) a database parameter set to default%2edb.

5.0
2002-10-04 CVE-2002-0921 Cgiscript NET Information Disclosure vulnerability in csNews

CGIScript.net csNews.cgi allows remote attackers to obtain potentially sensitive information, such as the full server pathname and other configuration settings, via the viewnews command with an invalid database, which leaks the information in error messages.

5.0
2002-10-04 CVE-2002-0918 Cgiscript NET Information Disclosure vulnerability in Cgiscript.Net Cspassword 1.0

CGIScript.net csPassword.cgi leaks sensitive information such as the pathname of the server in debug messages that are presented when the script fails, which allows remote attackers to obtain the information via a "remove" option in the command parameter, which generates an error.

5.0
2002-10-04 CVE-2002-0914 Double Precision Incorporated Remote Resource Consumption vulnerability in Double Precision Incorporated Courier MTA 0.38.1

Double Precision Courier e-mail MTA allows remote attackers to cause a denial of service (CPU consumption) via a message with an extremely large or negative value for the year, which causes a tight loop.

5.0
2002-10-04 CVE-2002-0912 Debian Remote Buffer Overflow vulnerability in Debian Linux 2.2

in.uucpd UUCP server in Debian GNU/Linux 2.2, and possibly other operating systems, does not properly terminate long strings, which allows remote attackers to cause a denial of service, possibly due to a buffer overflow.

5.0
2002-10-04 CVE-2002-0908 Cisco Unspecified vulnerability in Cisco IDS Device Manager 3.1.1

Directory traversal vulnerability in the web server for Cisco IDS Device Manager before 3.1.2 allows remote attackers to read arbitrary files via a ..

5.0
2002-10-04 CVE-2002-0898 Opera Software Unspecified vulnerability in Opera Software Opera web Browser 6.0.1/6.0.2

Opera 6.0.1 and 6.0.2 allows a remote web site to upload arbitrary files from the client system, without prompting the client, via an input type=file tag whose value contains a newline.

5.0
2002-10-04 CVE-2002-0896 Swatch Unspecified vulnerability in Swatch 3.0.3/3.0.4

The throttle capability in Swatch may fail to report certain events if (1) the same type of event occurs after the throttle period, or (2) when multiple events matching the same "watchfor" expression do not occur after the throttle period, which could allow attackers to avoid detection.

5.0
2002-10-04 CVE-2002-0894 NEW Atlanta Communications Denial Of Service vulnerability in NEW Atlanta Communications Servletexec Isapi 4.1

NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to cause a denial of service (crash) via (1) a request for a long .jsp file, or (2) a long URL sent directly to com.newatlanta.servletexec.JSP10Servlet.

5.0
2002-10-04 CVE-2002-0893 NEW Atlanta Communications Unspecified vulnerability in NEW Atlanta Communications Servletexec Isapi 4.1

Directory traversal vulnerability in NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to read arbitrary files via a URL-encoded request to com.newatlanta.servletexec.JSP10Servlet containing "..%5c" (modified dot-dot) sequences.

5.0
2002-10-04 CVE-2002-0892 NEW Atlanta Communications Path Disclosure vulnerability in NEW Atlanta Communications Servletexec Isapi 4.1

The default configuration of NewAtlanta ServletExec ISAPI 4.1 allows remote attackers to determine the path of the web root via a direct request to com.newatlanta.servletexec.JSP10Servlet without a filename, which leaks the pathname in an error message.

5.0
2002-10-04 CVE-2002-0891 Juniper Remote Reboot vulnerability in NetScreen ScreenOS

The web interface (WebUI) of NetScreen ScreenOS before 2.6.1r8, and certain 2.8.x and 3.0.x versions before 3.0.3r1, allows remote attackers to cause a denial of service (crash) via a long user name.

5.0
2002-10-04 CVE-2002-0886 Cisco Denial Of Service vulnerability in Cisco CBOS Oversized Packet DHCP

Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory.

5.0
2002-10-04 CVE-2002-0880 Cisco Denial-Of-Service vulnerability in Cisco products

Cisco IP Phone (VoIP) models 7910, 7940, and 7960 allow remote attackers to cause a denial of service (crash) via malformed packets as demonstrated by (1) "jolt", (2) "jolt2", (3) "raped", (4) "hping2", (5) "bloop", (6) "bubonic", (7) "mutant", (8) "trash", and (9) "trash2."

5.0
2002-10-04 CVE-2002-0879 Gafware Unspecified vulnerability in Gafware Cfximage 1.6.4/1.6.6

showtemp.cfm for Gafware CFXImage 1.6.6 allows remote attackers to read arbitrary files via (1) a ..

5.0
2002-10-04 CVE-2002-0877 Evolvable Corporation Directory Traversal vulnerability in Evolvable Corporation Shambala Server 4.5

Directory traversal vulnerability in the FTP server for Shambala 4.5 allows remote attackers to read arbitrary files via a ..

5.0
2002-10-04 CVE-2002-0876 Evolvable Corporation Denial Of Service vulnerability in Evolvable Corporation Shambala Server 4.5

Web server for Shambala 4.5 allows remote attackers to cause a denial of service (crash) via a malformed HTTP request.

5.0
2002-10-04 CVE-2002-0835 Caldera
Redhat
HP
Denial Of Service vulnerability in PXE Server DHCP Packet

Preboot eXecution Environment (PXE) server allows remote attackers to cause a denial of service (crash) via certain DHCP packets from Voice-Over-IP (VOIP) phones.

5.0
2002-10-04 CVE-2002-0699 Microsoft Unspecified vulnerability in Microsoft products

Unknown vulnerability in the Certificate Enrollment ActiveX Control in Microsoft Windows 98, Windows 98 Second Edition, Windows Millennium, Windows NT 4.0, Windows 2000, and Windows XP allow remote attackers to delete digital certificates on a user's system via HTML.

5.0
2002-10-04 CVE-2002-1105 Cisco Unspecified vulnerability in Cisco VPN Client

Cisco Virtual Private Network (VPN) Client software 2.x.x, and 3.x before 3.5.1C, allows local users to use a utility program to obtain the group password.

4.6
2002-10-04 CVE-2002-1051 Ehud Gavron Unspecified vulnerability in Ehud Gavron Tracesroute 6.0/6.1/6.1.1

Format string vulnerability in TrACESroute 6.0 GOLD (aka NANOG traceroute) allows local users to execute arbitrary code via the -T (terminator) command line argument.

4.6
2002-10-04 CVE-2002-1016 Adobe Privilege Escalation vulnerability in Adobe Digital Editions 2.2

Adobe eBook Reader allows a user to bypass restrictions for copy, print, lend, and give operations by backing up key data files, performing the operations, and restoring the original data files.

4.6
2002-10-04 CVE-2002-0993 HP Unspecified vulnerability in HP Instant Support

Unknown vulnerability in HP Instant Support Enterprise Edition (ISEE) product U2512A for HP-UX 11.00 and 11.11 may allow authenticated users to access restricted files.

4.6
2002-10-04 CVE-2002-0941 Ncipher Unspecified vulnerability in Ncipher Nforce and Nshield

The ConsoleCallBack class for nCipher running under JRE 1.4.0 and 1.4.0_01, as used by the TrustedCodeTool and possibly other applications, may leak a passphrase when the user aborts an application that is prompting for the passphrase, which could allow attackers to gain privileges.

4.6
2002-10-04 CVE-2002-0940 Ncipher Unspecified vulnerability in Ncipher Mscapi CSP 5.50/5.54

domesticinstall.exe for nCipher MSCAPI CSP 5.50 and 5.54 does not use Operator Card Set protected keys when the user requests them but does not generate the Operator Card Set, which results in a lower protection level than specified by the user (module protection only).

4.6
2002-10-04 CVE-2002-0939 Ncipher Unspecified vulnerability in Ncipher Mscapi CSP 5.50/5.54

The Install Wizard for nCipher MSCAPI CSP 5.50 does not use Operator Card Set protected keys when the user requests them but does not generate the Operator Card Set, which results in a lower protection level than specified by the user (module protection only).

4.6
2002-10-04 CVE-2002-0889 Qualcomm Buffer Overflow vulnerability in Qualcomm QPopper Bulletin Name

Buffer overflow in Qpopper (popper) 4.0.4 and earlier allows local users to cause a denial of service and possibly execute arbitrary code via a long bulldir argument in the user's .qpopper-options configuration file.

4.6
2002-10-04 CVE-2002-1060 Bluecoat Cross-Site Scripting vulnerability in CacheFlow CacheOS Unresolved Domain

Cross-site scripting (XSS) vulnerability in Blue Coat Systems (formerly CacheFlow) CacheOS on Client Accelerator 4.1.06, Security Gateway 2.1.02, and Server Accelerator 4.1.06 allows remote attackers to inject arbitrary web script or HTML via a URL to a nonexistent hostname that includes the HTML, which is inserted into the resulting error page.

4.3

8 Low Vulnerabilities

DATE CVE VENDOR VULNERABILITY CVSS
2002-10-04 CVE-2002-1030 BEA Denial of Service vulnerability in BEA Systems WebLogic Server and Express Race Condition

Race condition in Performance Pack in BEA WebLogic Server and Express 5.1.x, 6.0.x, 6.1.x and 7.0 allows remote attackers to cause a denial of service (crash) via a flood of data and connections.

2.6
2002-10-04 CVE-2002-1109 Amavis Denial-Of-Service vulnerability in Virus Scanner

securetar, as used in AMaViS shell script 0.2.1 and earlier, allows users to cause a denial of service (CPU consumption) via a malformed TAR file, possibly via an incorrect file size parameter.

2.1
2002-10-04 CVE-2002-1017 Adobe Unspecified vulnerability in Adobe Digital Editions

Adobe eBook Reader 2.1 and 2.2 allows a user to copy eBooks to other systems by using the backup feature, capturing the encryption Challenge, and using the appropriate hash function to generate the activation code.

2.1
2002-10-04 CVE-2002-0992 HP Denial of Service vulnerability in HP Hp-Ux 11.11

Unknown vulnerability in IPV6 functionality for DCE daemons (1) dced or (2) rpcd on HP-UX 11.11 allows attackers to cause a denial of service (crash) via an attack that modifies internal data.

2.1
2002-10-04 CVE-2002-0915 Harald Hoyer Unspecified vulnerability in Harald Hoyer Autorun and Xandros Desktop OS

autorun in Xandros based Linux distributions allows local users to read the first line of arbitrary files via the -c parameter, which causes autorun to print the first line of the file.

2.1
2002-10-04 CVE-2002-0887 Caldera Symbolic Link vulnerability in Caldera OpenServer SCOAdmin

scoadmin for Caldera/SCO OpenServer 5.0.5 and 5.0.6 allows local users to overwrite arbitrary files via a symlink attack on temporary files, as demonstrated using log files.

2.1
2002-10-04 CVE-2002-0881 Cisco Unspecified vulnerability in Cisco products

Cisco IP Phone (VoIP) models 7910, 7940, and 7960 use a default administrative password, which allows attackers with physical access to the phone to modify the configuration settings.

2.1
2002-10-04 CVE-2002-0662 DAN Mueth Symbolic Link vulnerability in Dan Mueth ScrollKeeper Tempfile

scrollkeeper-get-cl in ScrollKeeper 0.3 to 0.3.11 allows local users to create and overwrite files via a symlink attack on the scrollkeeper-tempfile.x temporary files.

2.1