Lista CVE - 2002 / Febbraio
Visualizzazione 101 - 117 di 117 CVE per Febbraio 2002 (Pagina 2 di 2)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-2001-1064 | 2002-02-02 | Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denial of service via multiple connections to the router on the (1) HTTP or (2)... |
| CVE-2001-1065 | 2002-02-02 | Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router... |
| CVE-2001-1068 | 2002-02-02 | qpopper 4.01 with PAM based authentication on Red Hat systems generates different error messages when an invalid username is provided instead of a valid name, which allows remote attackers to... |
| CVE-2001-1070 | 2002-02-02 | Sage Software MAS 200 allows remote attackers to cause a denial of service by connecting to port 10000 and entering a series of control characters. |
| CVE-2001-1073 | 2002-02-02 | Webridge PX Application Suite allows remote attackers to obtain sensitive information via a malformed request that generates a server error message, which includes full pathname or internal IP address information... |
| CVE-2001-1076 | 2002-02-02 | Buffer overflow in whodo in Solaris SunOS 5.5.1 through 5.8 allows local users to execute arbitrary code via a long (1) SOR or (2) CFIME environment variable. |
| CVE-2001-1077 | 2002-02-02 | Buffer overflow in tt_printf function of rxvt 2.6.2 allows local users to gain privileges via a long (1) -T or (2) -name argument. |
| CVE-2001-1078 | 2002-02-02 | Format string vulnerability in flog function of eXtremail 1.1.9 and earlier allows remote attackers to gain root privileges via format specifiers in the SMTP commands (1) HELO, (2) EHLO, (3)... |
| CVE-2001-1082 | 2002-02-02 | Directory traversal vulnerability in Livingston/Lucent RADIUS before 2.1.va.1 may allow attackers to read arbitrary files via a .. (dot dot) attack. |
| CVE-2001-0542 | 2002-02-18 | Buffer overflows in Microsoft SQL Server 7.0 and 2000 allow attackers with access to SQL Server to execute arbitrary code through the functions (1) raiserror, (2) formatmessage, or (3) xp_sprintf.... |
| CVE-2001-0551 | 2002-02-18 | Buffer overflow in CDE Print Viewer (dtprintinfo) allows local users to execute arbitrary code by copying text from the clipboard into the Help window. |
| CVE-2002-0012 | 2002-02-18 | Vulnerabilities in a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via SNMPv1 trap handling, as demonstrated by the PROTOS c06-SNMPv1... |
| CVE-2002-0013 | 2002-02-18 | Vulnerabilities in the SNMPv1 request handling of a large number of SNMP implementations allow remote attackers to cause a denial of service or gain privileges via (1) GetRequest, (2) GetNextRequest,... |
| CVE-2002-0048 | 2002-02-18 | Multiple signedness errors (mixed signed and unsigned numbers) in the I/O functions of rsync 2.4.6, 2.3.2, and other versions allow remote attackers to cause a denial of service and execute... |
| CVE-2002-0053 | 2002-02-18 | Buffer overflow in SNMP agent service in Windows 95/98/98SE, Windows NT 4.0, Windows 2000, and Windows XP allows remote attackers to cause a denial of service or execute arbitrary code... |
| CVE-2002-0056 | 2002-02-21 | Buffer overflow in SQL Server 7.0 and 2000 allows remote attackers to execute arbitrary code via a long OLE DB provider name to (1) OpenDataSource or (2) OpenRowset in an... |
| CVE-2002-0058 | 2002-03-07 | Vulnerability in Java Runtime Environment (JRE) allows remote malicious web sites to hijack or sniff a web client's sessions, when an HTTP proxy is being used, via a Java applet... |
| CVE-2002-0084 | 2002-03-07 | Buffer overflow in the fscache_setup function of cachefsd in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long mount argument. |
| CVE-2002-0085 | 2002-03-07 | cachefsd in Solaris 2.6, 7, and 8 allows remote attackers to cause a denial of service (crash) via an invalid procedure call in an RPC request. |
| CVE-2002-0086 | 2002-03-07 | Buffer overflow in bindsock in Lotus Domino 5.0.4 and 5.0.7 on Linux allows local users to gain root privileges via a long (1) Notes_ExecDirectory or (2) PATH environment variable. |
| CVE-2002-0087 | 2002-03-07 | bindsock in Lotus Domino 5.07 on Solaris allows local users to create arbitrary files via a symlink attack on temporary files. |
| CVE-2002-0088 | 2002-03-07 | Buffer overflow in admintool in Solaris 2.6, 7, and 8 allows local users to gain root privileges via a long media installation path. |
| CVE-2002-0089 | 2002-03-07 | Buffer overflow in admintool in Solaris 2.5 through 8 allows local users to gain root privileges via long arguments to (1) the -d command line option, or (2) the PRODVERS... |
| CVE-2002-0091 | 2002-03-07 | Multiple CGI scripts in CIDER SHADOW 1.5 and 1.6 allows remote attackers to execute arbitrary commands via certain form fields. |
| CVE-1999-0380 | 2002-03-09 | SLMail 3.1 and 3.2 allows local users to access any file in the NTFS file system when the Remote Administration Service (RAS) is enabled by setting a user's Finger File... |
| CVE-1999-0801 | 2002-03-09 | BMC Patrol allows remote attackers to gain access to an agent by spoofing frames. |
| CVE-1999-0815 | 2002-03-09 | Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote attackers to conduct a denial of service (memory exhaustion) via a large number of queries. |
| CVE-1999-0921 | 2002-03-09 | BMC Patrol allows any remote attacker to flood its UDP port, causing a denial of service. |
| CVE-1999-0930 | 2002-03-09 | wwwboard allows a remote attacker to delete message board articles via a malformed argument. |
| CVE-1999-0968 | 2002-03-09 | Buffer overflow in BNC IRC proxy allows remote attackers to gain privileges. |
| CVE-1999-1014 | 2002-03-09 | Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument. |
| CVE-1999-1019 | 2002-03-09 | SpectroSERVER in Cabletron Spectrum Enterprise Manager 5.0 installs a directory tree with insecure permissions, which allows local users to replace a privileged executable (processd) with a Trojan horse, facilitating a... |
| CVE-1999-1021 | 2002-03-09 | NFS on SunOS 4.1 through 4.1.2 ignores the high order 16 bits in a 32 bit UID, which allows a local user to gain root access if the lower 16... |
| CVE-1999-1027 | 2002-03-09 | Solaris 2.6 HW3/98 installs admintool with world-writable permissions, which allows local users to gain privileges by replacing it with a Trojan horse program. |
| CVE-1999-1028 | 2002-03-09 | Symantec pcAnywhere 8.0 allows remote attackers to cause a denial of service (CPU utilization) via a large amount of data to port 5631. |
| CVE-1999-1032 | 2002-03-09 | Vulnerability in LAT/Telnet Gateway (lattelnet) on Ultrix 4.1 and 4.2 allows attackers to gain root privileges. |
| CVE-1999-1034 | 2002-03-09 | Vulnerability in login in AT&T System V Release 4 allows local users to gain privileges. |
| CVE-1999-1035 | 2002-03-09 | IIS 3.0 and 4.0 on x86 and Alpha allows remote attackers to cause a denial of service (hang) via a malformed GET request, aka the IIS "GET" vulnerability. |
| CVE-1999-1037 | 2002-03-09 | rex.satan in SATAN 1.1.1 allows local users to overwrite arbitrary files via a symlink attack on the /tmp/rex.$$ file. |
| CVE-1999-1044 | 2002-03-09 | Vulnerability in Advanced File System Utility (advfs) in Digital UNIX 4.0 through 4.0d allows local users to gain privileges. |
| CVE-1999-1045 | 2002-03-09 | pnserver in RealServer 5.0 and earlier allows remote attackers to cause a denial of service by sending a short, malformed request. |
| CVE-1999-1047 | 2002-03-09 | When BSDI patches for Gauntlet 5.0 BSDI are installed in a particular order, Gauntlet allows remote attackers to bypass firewall access restrictions, and does not log the activities. |
| CVE-1999-1048 | 2002-03-09 | Buffer overflow in bash 2.0.0, 1.4.17, and other versions allows local attackers to gain privileges by creating an extremely large directory name, which is inserted into the password prompt via... |
| CVE-1999-1055 | 2002-03-09 | Microsoft Excel 97 does not warn the user before executing worksheet functions, which could allow attackers to execute arbitrary commands by using the CALL function to execute a malicious DLL,... |
| CVE-1999-1057 | 2002-03-09 | VMS 4.0 through 5.3 allows local users to gain privileges via the ANALYZE/PROCESS_DUMP dcl command. |
| CVE-1999-1059 | 2002-03-09 | Vulnerability in rexec daemon (rexecd) in AT&T TCP/IP 4.0 for various SVR4 systems allows remote attackers to execute arbitrary commands. |
| CVE-1999-1074 | 2002-03-09 | Webmin before 0.5 does not restrict the number of invalid passwords that are entered for a valid username, which could allow remote attackers to gain privileges via brute force password... |
| CVE-1999-1085 | 2002-03-09 | SSH 1.2.25, 1.2.23, and other versions, when used in in CBC (Cipher Block Chaining) or CFB (Cipher Feedback 64 bits) modes, allows remote attackers to insert arbitrary data into an... |
| CVE-1999-1087 | 2002-03-09 | Internet Explorer 4 treats a 32-bit number ("dotless IP address") in the a URL as the hostname instead of an IP address, which causes IE to apply Local Intranet Zone... |
| CVE-1999-1090 | 2002-03-09 | The default configuration of NCSA Telnet package for Macintosh and PC enables FTP, even though it does not include an "ftp=yes" line, which allows remote attackers to read and modify... |
| CVE-1999-1093 | 2002-03-09 | Buffer overflow in the Window.External function in the JScript Scripting Engine in Internet Explorer 4.01 SP1 and earlier allows remote attackers to execute arbitrary commands via a malicious web page. |
| CVE-1999-1094 | 2002-03-09 | Buffer overflow in Internet Explorer 4.01 and earlier allows remote attackers to execute arbitrary commands via a long URL with the "mk:" protocol, aka the "MK Overrun security issue." |
| CVE-1999-1098 | 2002-03-09 | Vulnerability in BSD Telnet client with encryption and Kerberos 4 authentication allows remote attackers to decrypt the session via sniffing. |
| CVE-1999-1099 | 2002-03-09 | Kerberos 4 allows remote attackers to obtain sensitive information via a malformed UDP packet that generates an error string that inadvertently includes the realm name and the last user. |
| CVE-1999-1100 | 2002-03-09 | Cisco PIX Private Link 4.1.6 and earlier does not properly process certain commands in the configuration file, which reduces the effective key length of the DES key to 48 bits... |
| CVE-1999-1102 | 2002-03-09 | lpr on SunOS 4.1.1, BSD 4.3, A/UX 2.0.1, and other BSD-based operating systems allows local users to create or overwrite arbitrary files via a symlink attack that is triggered after... |
| CVE-1999-1103 | 2002-03-09 | dxconsole in DEC OSF/1 3.2C and earlier allows local users to read arbitrary files by specifying the file with the -file parameter. |
| CVE-1999-1104 | 2002-03-09 | Windows 95 uses weak encryption for the password list (.pwl) file used when password caching is enabled, which allows local users to gain privileges by decrypting the passwords. |
| CVE-1999-1105 | 2002-03-09 | Windows 95, when Remote Administration and File Sharing for NetWare Networks is enabled, creates a share (C$) when an administrator logs in remotely, which allows remote attackers to read arbitrary... |
| CVE-1999-1109 | 2002-03-09 | Sendmail before 8.10.0 allows remote attackers to cause a denial of service by sending a series of ETRN commands then disconnecting from the server, while Sendmail continues to process the... |
| CVE-1999-1111 | 2002-03-09 | Vulnerability in StackGuard before 1.21 allows remote attackers to bypass the Random and Terminator Canary security mechanisms by using a non-linear attack which directly modifies a pointer to a return... |
| CVE-1999-1114 | 2002-03-09 | Buffer overflow in Korn Shell (ksh) suid_exec program on IRIX 6.x and earlier, and possibly other operating systems, allows local users to gain root privileges. |
| CVE-1999-1115 | 2002-03-09 | Vulnerability in the /etc/suid_exec program in HP Apollo Domain/OS sr10.2 and sr10.3 beta, related to the Korn Shell (ksh). |
| CVE-1999-1116 | 2002-03-09 | Vulnerability in runpriv in Indigo Magic System Administration subsystem of SGI IRIX 6.3 and 6.4 allows local users to gain root privileges. |
| CVE-1999-1117 | 2002-03-09 | lquerypv in AIX 4.1 and 4.2 allows local users to read arbitrary files by specifying the file in the -h command line parameter. |
| CVE-1999-1118 | 2002-03-09 | ndd in Solaris 2.6 allows local users to cause a denial of service by modifying certain TCP/IP parameters. |
| CVE-1999-1119 | 2002-03-09 | FTP installation script anon.ftp in AIX insecurely configures anonymous FTP, which allows remote attackers to execute arbitrary commands. |
| CVE-1999-1120 | 2002-03-09 | netprint in SGI IRIX 6.4 and earlier trusts the PATH environmental variable for finding and executing the disable program, which allows local users to gain privileges. |
| CVE-1999-1121 | 2002-03-09 | The default configuration for UUCP in AIX before 3.2 allows local users to gain root privileges. |
| CVE-1999-1122 | 2002-03-09 | Vulnerability in restore in SunOS 4.0.3 and earlier allows local users to gain privileges. |
| CVE-1999-1127 | 2002-03-09 | Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections... |
| CVE-1999-1131 | 2002-03-09 | Buffer overflow in OSF Distributed Computing Environment (DCE) security demon (secd) in IRIX 6.4 and earlier allows attackers to cause a denial of service via a long principal, group, or... |
| CVE-1999-1132 | 2002-03-09 | Windows NT 4.0 allows remote attackers to cause a denial of service (crash) via extra source routing data such as (1) a Routing Information Field (RIF) field with a hop... |
| CVE-1999-1136 | 2002-03-09 | Vulnerability in Predictive on HP-UX 11.0 and earlier, and MPE/iX 5.5 and earlier, allows attackers to compromise data transfer for Predictive messages (using e-mail or modem) between customer and Response... |
| CVE-1999-1137 | 2002-03-09 | The permissions for the /dev/audio device on Solaris 2.2 and earlier, and SunOS 4.1.x, allow any local user to read from the device, which could be used by an attacker... |
| CVE-1999-1138 | 2002-03-09 | SCO UNIX System V/386 Release 3.2, and other SCO products, installs the home directories (1) /tmp for the dos user, and (2) /usr/tmp for the asg user, which allows other... |
| CVE-1999-1139 | 2002-03-09 | Character-Terminal User Environment (CUE) in HP-UX 11.0 and earlier allows local users to overwrite arbitrary files and gain root privileges via a symlink attack on the IOERROR.mytty file. |
| CVE-1999-1140 | 2002-03-09 | Buffer overflow in CrackLib 2.5 may allow local users to gain root privileges via a long GECOS field. |
| CVE-1999-1142 | 2002-03-09 | SunOS 4.1.2 and earlier allows local users to gain privileges via "LD_*" environmental variables to certain dynamically linked setuid or setgid programs such as (1) login, (2) su, or (3)... |
| CVE-1999-1143 | 2002-03-09 | Vulnerability in runtime linker program rld in SGI IRIX 6.x and earlier allows local users to gain privileges via setuid and setgid programs. |
| CVE-1999-1144 | 2002-03-09 | Certain files in MPower in HP-UX 10.x are installed with insecure permissions, which allows local users to gain privileges. |
| CVE-1999-1145 | 2002-03-09 | Vulnerability in Glance programs in GlancePlus for HP-UX 10.20 and earlier allows local users to access arbitrary files and gain privileges. |
| CVE-1999-1146 | 2002-03-09 | Vulnerability in Glance and gpm programs in GlancePlus for HP-UX 9.x and earlier allows local users to access arbitrary files and gain privileges. |
| CVE-1999-1147 | 2002-03-09 | Buffer overflow in Platinum Policy Compliance Manager (PCM) 7.0 allows remote attackers to execute arbitrary commands via a long string to the Agent port (1827), which is handled by smaxagent.exe. |
| CVE-1999-1148 | 2002-03-09 | FTP service in IIS 4.0 and earlier allows remote attackers to cause a denial of service (resource exhaustion) via many passive (PASV) connections at the same time. |
| CVE-1999-1156 | 2002-03-09 | BisonWare FTP Server 4.1 and earlier allows remote attackers to cause a denial of service via a malformed PORT command that contains a non-numeric character and a large number of... |
| CVE-1999-1157 | 2002-03-09 | Tcpip.sys in Windows NT 4.0 before SP4 allows remote attackers to cause a denial of service via an ICMP Subnet Mask Address Request packet, when certain multiple IP addresses are... |
| CVE-1999-1159 | 2002-03-09 | SSH 2.0.11 and earlier allows local users to request remote forwarding from privileged ports without being root. |
| CVE-1999-1160 | 2002-03-09 | Vulnerability in ftpd/kftpd in HP-UX 10.x and 9.x allows local and possibly remote users to gain root privileges. |
| CVE-1999-1161 | 2002-03-09 | Vulnerability in ppl in HP-UX 10.x and earlier allows local users to gain root privileges by forcing ppl to core dump. |
| CVE-1999-1162 | 2002-03-09 | Vulnerability in passwd in SCO UNIX 4.0 and earlier allows attackers to cause a denial of service by preventing users from being able to log into the system. |
| CVE-1999-1163 | 2002-03-09 | Vulnerability in HP Series 800 S/X/V Class servers allows remote attackers to gain access to the S/X/V Class console via the Service Support Processor (SSP) Teststation. |
| CVE-1999-1167 | 2002-03-09 | Cross-site scripting vulnerability in Third Voice Web annotation utility allows remote users to read sensitive data and generate fake web pages for other Third Voice users by injecting malicious Javascript... |
| CVE-1999-1175 | 2002-03-09 | Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts... |
| CVE-1999-1177 | 2002-03-09 | Directory traversal vulnerability in nph-publish before 1.2 allows remote attackers to overwrite arbitrary files via a .. (dot dot) in the pathname for an upload operation. |
| CVE-1999-1181 | 2002-03-09 | Vulnerability in On-Line Customer Registration software for IRIX 6.2 through 6.4 allows local users to gain root privileges. |
| CVE-1999-1188 | 2002-03-09 | mysqld in MySQL 3.21 creates log files with world-readable permissions, which allows local users to obtain passwords for users who are added to the user database. |
| CVE-1999-1191 | 2002-03-09 | Buffer overflow in chkey in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument. |
| CVE-1999-1192 | 2002-03-09 | Buffer overflow in eeprom in Solaris 2.5.1 and earlier allows local users to gain root privileges via a long command line argument. |
| CVE-1999-1193 | 2002-03-09 | The "me" user in NeXT NeXTstep 2.1 and earlier has wheel group privileges, which could allow the me user to use the su command to become root. |