Latest CVE Feed
-
2.1
LOWCVE-2003-0461
/proc/tty/driver/serial in Linux 2.4.x reveals the exact number of characters used in serial links, which could allow local users to obtain potentially sensitive information such as the length of passwords.... Read more
Affected Products : linux- EPSS Score: %0.09
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-0466
Off-by-one error in the fb_realpath() function, as derived from the realpath function in BSD, may allow attackers to execute arbitrary code, as demonstrated in wu-ftpd 2.5.0 through 2.6.2 via commands that cause pathnames of length MAXPATHLEN+1 to trigger... Read more
- EPSS Score: %90.82
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0550
The STP protocol, as enabled in Linux 2.4.x, does not provide sufficient security by design, which allows attackers to modify the bridge topology.... Read more
Affected Products : linux- EPSS Score: %0.71
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0551
The STP protocol implementation in Linux 2.4.x does not properly verify certain lengths, which could allow attackers to cause a denial of service.... Read more
Affected Products : linux- EPSS Score: %0.68
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0230
Microsoft SQL Server 7, 2000, and MSDE allows local users to gain privileges by hijacking a named pipe during the authentication of another user, aka the "Named Pipe Hijacking" vulnerability.... Read more
- EPSS Score: %1.40
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0636
Novell iChain 2.2 before Support Pack 1 does not properly verify that URL redirects match the DNS name of an accelerator, which allows attackers to redirect URLs to malicious web sites.... Read more
Affected Products : ichain- EPSS Score: %0.23
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0699
The C-Media PCI sound driver in Linux before 2.4.21 does not use the get_user function to access userspace, which crosses security boundaries and may facilitate the exploitation of vulnerabilities, a different vulnerability than CVE-2003-0700.... Read more
- EPSS Score: %0.43
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2003-0620
Multiple buffer overflows in man-db 2.4.1 and earlier, when installed setuid, allow local users to gain privileges via (1) MANDATORY_MANPATH, MANPATH_MAP, and MANDB_MAP arguments to add_to_dirlist in manp.c, (2) a long pathname to ult_src in ult_src.c, (3... Read more
Affected Products : man- EPSS Score: %0.17
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0631
VMware GSX Server 2.5.1 build 4968 and earlier, and Workstation 4.0 and earlier, allows local users to gain root privileges via certain enivronment variables that are used when launching a virtual machine session.... Read more
- EPSS Score: %0.04
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0609
Stack-based buffer overflow in the runtime linker, ld.so.1, on Solaris 2.6 through 9 allows local users to gain root privileges via a long LD_PRELOAD environment variable.... Read more
- EPSS Score: %0.73
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0677
Cisco CSS 11000 routers on the CS800 chassis allow remote attackers to cause a denial of service (CPU consumption or reboot) via a large number of TCP SYN packets to the circuit IP address, aka "ONDM Ping failure."... Read more
Affected Products : webns- EPSS Score: %0.74
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0639
Unknown vulnerability in Novell iChain 2.2 before Support Pack 1 allows users to access restricted or secure pages without authentication.... Read more
Affected Products : ichain- EPSS Score: %0.28
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0637
Novell iChain 2.2 before Support Pack 1 uses a shorter timeout for a non-existent user than a valid user, which makes it easier for remote attackers to guess usernames and conduct brute force password guessing.... Read more
Affected Products : ichain- EPSS Score: %0.95
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0635
Unknown vulnerability or vulnerabilities in Novell iChain 2.2 before Support Pack 1, with unknown impact, possibly related to unauthorized access to (1) NCPIP.NLM and (2) JSTCP.NLM.... Read more
Affected Products : ichain- EPSS Score: %0.27
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0576
Unknown vulnerability in the NFS daemon (nfsd) in SGI IRIX 6.5.19f and earlier allows remote attackers to cause a denial of service (kernel panic) via certain packets that cause XDR decoding errors, a different vulnerability than CVE-2003-0619.... Read more
Affected Products : irix- EPSS Score: %0.66
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0546
up2date 3.0.7 and 3.1.23 does not properly verify RPM GPG signatures, which could allow remote attackers to cause unsigned packages to be installed from the Red Hat Network, if that network is compromised.... Read more
- EPSS Score: %0.64
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0701
Buffer overflow in Internet Explorer 6 SP1 for certain languages that support double-byte encodings (e.g., Japanese) allows remote attackers to execute arbitrary code via the Type property of an Object tag, a variant of CVE-2003-0344.... Read more
- EPSS Score: %35.65
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0604
Windows Media Player (WMP) 7 and 8, as running on Internet Explorer and possibly other Microsoft products that process HTML, allows remote attackers to bypass zone restrictions and access or execute arbitrary files via an IFRAME tag pointing to an ASF fil... Read more
Affected Products : windows_media_player- EPSS Score: %8.39
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2003-0575
Heap-based buffer overflow in the name services daemon (nsd) in SGI IRIX 6.5.x through 6.5.21f, and possibly earlier versions, allows attackers to gain root privileges via the AUTH_UNIX gid list.... Read more
Affected Products : irix- EPSS Score: %3.45
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025
-
3.6
LOWCVE-2003-0596
FDclone 2.00a, and other versions before 2.02a, creates temporary directories with predictable names and uses them if they already exist, which allows local users to read or modify files of other fdclone users by creating the directory ahead of time.... Read more
Affected Products : fdclone- EPSS Score: %0.11
- Published: Aug. 27, 2003
- Modified: Apr. 03, 2025