Latest CVE Feed
-
5.0
MEDIUMCVE-2003-1198
connection.c in Cherokee web server before 0.4.6 allows remote attackers to cause a denial of service via an HTTP POST request without a Content-Length header field.... Read more
Affected Products : cherokee_httpd- EPSS Score: %0.80
- Published: Dec. 26, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0962
Heap-based buffer overflow in rsync before 2.5.7, when running in server mode, allows remote attackers to execute arbitrary code and possibly escape the chroot jail.... Read more
- EPSS Score: %41.86
- Published: Dec. 15, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0812
Stack-based buffer overflow in a logging function for Windows Workstation Service (WKSSVC.DLL) allows remote attackers to execute arbitrary code via RPC calls that cause long entries to be written to a debug log file ("NetSetup.LOG"), as demonstrated usin... Read more
- EPSS Score: %81.92
- Published: Dec. 15, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0795
The vty layer in Quagga before 0.96.4, and Zebra 0.93b and earlier, does not verify that sub-negotiation is taking place when processing the SE marker, which allows remote attackers to cause a denial of service (crash) via a malformed telnet command to th... Read more
- EPSS Score: %8.01
- Published: Dec. 15, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0975
Apple Safari 1.0 through 1.1 on Mac OS X 10.3.1 and Mac OS X 10.2.8 allows remote attackers to steal user cookies from another domain via a link with a hex-encoded null character (%00) followed by the target domain.... Read more
- EPSS Score: %0.58
- Published: Dec. 15, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0942
Buffer overflow in Web Agent Administration service in web-tools for SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a long Name parameter to waadmin.wa.... Read more
Affected Products : sap_db- EPSS Score: %3.22
- Published: Dec. 15, 2003
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2003-0629
Cross-site scripting (XSS) vulnerability in PeopleSoft IScript environment for PeopleTools 8.43 and earlier allows remote attackers to insert arbitrary web script via a certain HTTP request to IScript.... Read more
Affected Products : peopletools- EPSS Score: %0.31
- Published: Dec. 15, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0946
Format string vulnerability in clamav-milter for Clam AntiVirus 0.60 through 0.60p, and other versions before 0.65, allows remote attackers to cause a denial of service and possibly execute arbitrary code via format string specifiers in the email address ... Read more
Affected Products : clamav- EPSS Score: %1.96
- Published: Dec. 15, 2003
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2003-0948
Buffer overflow in iwconfig allows local users to execute arbitrary code via a long HOME environment variable.... Read more
Affected Products : wireless_tools- EPSS Score: %0.12
- Published: Dec. 15, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0943
web-tools in SAP DB before 7.4.03.30 installs several services that are enabled by default, which could allow remote attackers to obtain potentially sensitive information or redirect attacks against internal databases via (1) waecho, (2) Web SQL Interface... Read more
Affected Products : sap_db- EPSS Score: %0.90
- Published: Dec. 15, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0628
PeopleSoft Gateway Administration servlet (gateway.administration) in PeopleTools 8.43 and earlier allows remote attackers to obtain the full pathnames for server-side include (SSI) files via an HTTP request with an invalid value.... Read more
Affected Products : peopletools- EPSS Score: %0.50
- Published: Dec. 15, 2003
- Modified: Apr. 03, 2025
-
4.9
MEDIUMCVE-2003-0856
iproute 2.4.7 and earlier allows local users to cause a denial of service via spoofed messages as other users to the kernel netlink interface.... Read more
- EPSS Score: %0.05
- Published: Dec. 15, 2003
- Modified: Apr. 03, 2025
-
4.3
MEDIUMCVE-2003-0914
ISC BIND 8.3.x before 8.3.7, and 8.4.x before 8.4.3, allows remote attackers to poison the cache via a malicious name server that returns negative responses with a large TTL (time-to-live) value.... Read more
- EPSS Score: %26.75
- Published: Dec. 15, 2003
- Modified: Apr. 03, 2025
-
4.9
MEDIUMCVE-2003-0859
The getifaddrs function in GNU libc (glibc) 2.2.4 and earlier allows local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.... Read more
Affected Products : enterprise_linux glibc linux_advanced_workstation propack zebra quagga_routing_software_suite ia64- EPSS Score: %0.05
- Published: Dec. 15, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0973
Unknown vulnerability in mod_python 3.0.x before 3.0.4, and 2.7.x before 2.7.9, allows remote attackers to cause a denial of service (httpd crash) via a certain query string.... Read more
Affected Products : mod_python- EPSS Score: %5.87
- Published: Dec. 15, 2003
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2003-0967
rad_decode in FreeRADIUS 0.9.2 and earlier allows remote attackers to cause a denial of service (crash) via a short RADIUS string attribute with a tag, which causes memcpy to be called with a -1 length argument, as demonstrated using the Tunnel-Password a... Read more
Affected Products : freeradius- EPSS Score: %4.40
- Published: Dec. 15, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0976
NFS Server (XNFS.NLM) for Novell NetWare 6.5 does not properly enforce sys:\etc\exports when hostname aliases from sys:etc\hosts file are used, which could allow users to mount file systems when XNFS should deny the host.... Read more
Affected Products : netware- EPSS Score: %0.26
- Published: Dec. 15, 2003
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2003-0955
OpenBSD kernel 3.3 and 3.4 allows local users to cause a denial of service (kernel panic) and possibly execute arbitrary code in 3.4 via a program with an invalid header that is not properly handled by (1) ibcs2_exec.c in the iBCS2 emulation (compat_ibcs2... Read more
Affected Products : openbsd- EPSS Score: %0.44
- Published: Dec. 15, 2003
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2003-0944
Buffer overflow in the WAECHO default service in web-tools in SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a URL with a long requestURI.... Read more
Affected Products : sap_db- EPSS Score: %3.22
- Published: Dec. 15, 2003
- Modified: Apr. 03, 2025
-
4.6
MEDIUMCVE-2003-0937
SCO UnixWare 7.1.1, 7.1.3, and Open UNIX 8.0.0 allows local users to bypass protections for the "as" address space file for a process ID (PID) by obtaining a procfs file descriptor for the file and calling execve() on a setuid or setgid program, which lea... Read more
- EPSS Score: %0.09
- Published: Dec. 15, 2003
- Modified: Apr. 03, 2025