Latest CVE Feed
-
5.0
MEDIUMCVE-2002-0794
The accept_filter mechanism in FreeBSD 4 through 4.5 does not properly remove entries from the incomplete listen queue when adding a syncache, which allows remote attackers to cause a denial of service (network service availability) via a large number of ... Read more
Affected Products : freebsd- EPSS Score: %0.90
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0785
AOL Instant Messenger (AIM) allows remote attackers to cause a denial of service (crash) via an "AddBuddy" link with the ScreenName parameter set to a large number of comma-separated values, possibly triggering a buffer overflow.... Read more
Affected Products : instant_messenger- EPSS Score: %2.24
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0764
Phorum 3.3.2a allows remote attackers to execute arbitrary commands via an HTTP request to (1) plugin.php, (2) admin.php, or (3) del.php that modifies the PHORUM[settings_dir] variable to point to a directory that contains a PHP file with the commands.... Read more
Affected Products : phorum- EPSS Score: %20.92
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0758
ifup-dhcp script in the sysconfig package for SuSE 8.0 allows remote attackers to execute arbitrary commands via spoofed DHCP responses, which are stored and executed in a file.... Read more
Affected Products : suse_linux- EPSS Score: %1.09
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2002-0697
Microsoft Metadirectory Services (MMS) 2.2 allows remote attackers to bypass authentication and modify sensitive data by using an LDAP client to directly connect to MMS and bypass the checks for MMS credentials.... Read more
- EPSS Score: %17.12
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0825
Buffer overflow in the DNS SRV code for nss_ldap before nss_ldap-198 allows remote attackers to cause a denial of service and possibly execute arbitrary code.... Read more
Affected Products : nss_ldap- EPSS Score: %1.58
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0660
Buffer overflow in libpng 1.0.12-3.woody.2 and libpng3 1.2.1-1.1.woody.2 on Debian GNU/Linux 3.0, and other operating systems, may allow attackers to cause a denial of service and possibly execute arbitrary code, a different vulnerability than CVE-2002-07... Read more
- EPSS Score: %0.96
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025
-
7.1
HIGHCVE-2002-0813
Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename.... Read more
Affected Products : ios- EPSS Score: %10.05
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2002-0427
Buffer overflows in fpexec in mod_frontpage before 1.6.1 may allow attackers to gain root privileges.... Read more
Affected Products : improved_mod_frontpage- EPSS Score: %0.47
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0765
sshd in OpenSSH 3.2.2, when using YP with netgroups and under certain conditions, may allow users to successfully authenticate and log in with another user's password.... Read more
- EPSS Score: %0.60
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0738
MHonArc 2.5.2 and earlier does not properly filter Javascript from archived e-mail messages, which could allow remote attackers to execute script in web clients by (1) splitting the SCRIPT tag into smaller pieces, (2) including the script in a SRC argumen... Read more
Affected Products : mhonarc- EPSS Score: %1.14
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0822
Ethereal 0.9.4 and earlier allows remote attackers to cause a denial of service and possibly excecute arbitrary code via the (1) SOCKS, (2) RSVP, (3) AFS, or (4) LMP dissectors, which can be caused to core dump.... Read more
- EPSS Score: %0.64
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0749
CGIscript.net csMailto.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the form-attachment field.... Read more
Affected Products : csmailto- EPSS Score: %6.61
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2002-0495
csSearch.cgi in csSearch 2.3 and earlier allows remote attackers to execute arbitrary Perl code via the savesetup command and the setup parameter, which overwrites the setup.cgi configuration file that is loaded by csSearch.cgi.... Read more
Affected Products : cssearch_professional- EPSS Score: %15.15
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025
-
5.0
MEDIUMCVE-2002-0466
Hosting Controller 1.4.1 and earlier allows remote attackers to browse arbitrary directories via a full C: style pathname in the filepath arguments to (1) Statsbrowse.asp, (2) servubrowse.asp, (3) browsedisk.asp, (4) browsewebalizerexe.asp, or (5) sqlbrow... Read more
Affected Products : hosting_controller- EPSS Score: %0.77
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0695
Buffer overflow in the Transact-SQL (T-SQL) OpenRowSet component of Microsoft Data Access Components (MDAC) 2.5 through 2.7 for SQL Server 7.0 or 2000 allows remote attackers to execute arbitrary code via a query that calls the OpenRowSet command.... Read more
- EPSS Score: %13.25
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025
-
6.2
MEDIUMCVE-2002-0638
setpwnam.c in the util-linux package, as included in Red Hat Linux 7.3 and earlier, and other operating systems, does not properly lock a temporary file when modifying /etc/passwd, which may allow local users to gain privileges via a complex race conditio... Read more
Affected Products : linux mandrake_linux mandrake_linux_corporate_server mandrake_single_network_firewall secure_os- EPSS Score: %0.08
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025
-
7.2
HIGHCVE-2000-1208
Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call.... Read more
- EPSS Score: %0.05
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025
-
7.5
HIGHCVE-2002-0657
Buffer overflow in OpenSSL 0.9.7 before 0.9.7-beta3, with Kerberos enabled, allows attackers to execute arbitrary code via a long master key.... Read more
Affected Products : openssl- EPSS Score: %5.41
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025
-
10.0
HIGHCVE-2002-0467
Buffer overflows in Ecartis (formerly Listar) 1.0.0 before snapshot 20020125 allows remote attackers to execute arbitrary code via (1) address_match() of mystring.c or (2) other functions in tolist.c.... Read more
- EPSS Score: %21.83
- Published: Aug. 12, 2002
- Modified: Apr. 03, 2025