cpe:/o:hp:hp-ux:10.20 CVE-2003-0061 2002-01-11T00:00:00.000-05:00 2008-09-05T16:33:21.787-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-05-25T11:27:00.000-04:00 ALLOWS_ADMIN_ACCESS IDEFENSE 20030203 HP UX passwd Binary Buffer Overflow Vulnerability Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable. cpe:/o:sun:solaris:7.0 cpe:/o:sun:solaris:8.0 cpe:/o:sun:solaris:2.5.1::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:2.6::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:2.5.1 cpe:/o:sun:solaris:2.6 CVE-2003-1071 2003-01-03T00:00:00.000-05:00 2008-09-10T15:21:39.397-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2005-05-24T11:59:00.000-04:00 CERT-VN VU#944241 XF solaris-wall-message-spoofing(11608) SUNALERT 51980 BUGTRAQ 20030103 Solaris 2.x /usr/sbin/wall Advisory SECUNIA 7825 SECTRACK 1006682 SECTRACK 1005882 BID 6509 rpc.walld (wall daemon) for Solaris 2.6 through 9 allows local users to send messages to logged on users that appear to come from arbitrary user IDs by closing stderr before executing wall, then supplying a spoofed from header. cpe:/a:bmv:bmv:1.2 CVE-2003-0014 2003-01-11T00:00:00.000-05:00 2008-09-05T16:33:13.773-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-25T12:12:00.000-04:00 XF bmv-symlink(18823) BID 12229 DEBIAN DSA-633 CONFIRM http://packages.debian.org/changelogs/pool/main/b/bmv/bmv_1.2-14.2/changelog SECTRACK 1012847 SECUNIA 13796 SECUNIA 13793 gsinterf.c in bmv 1.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files. cpe:/a:mcrypt:libmcrypt:2.5_.0 cpe:/a:mcrypt:libmcrypt:2.5.1_r4 cpe:/a:mcrypt:libmcrypt:2.5.2 cpe:/a:mcrypt:libmcrypt:2.5.3 CVE-2003-0032 2003-01-17T00:00:00.000-05:00 2008-09-10T20:05:24.807-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 DEBIAN DSA-228 BUGTRAQ 20030103 Multiple libmcrypt vulnerabilities XF libmcrypt-libtool-memory-leak(10988) BID 6512 BUGTRAQ 20030105 GLSA: libmcrypt CONECTIVA CLA-2003:567 Memory leak in libmcrypt before 2.5.5 allows attackers to cause a denial of service (memory exhaustion) via a large number of requests to the application, which causes libmcrypt to dynamically load algorithms via libtool. cpe:/a:mcrypt:libmcrypt:2.5_.0 cpe:/a:mcrypt:libmcrypt:2.5.1_r4 cpe:/a:mcrypt:libmcrypt:2.5.2 cpe:/a:mcrypt:libmcrypt:2.5.3 CVE-2003-0031 2003-01-17T00:00:00.000-05:00 2008-09-10T20:05:24.727-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS DEBIAN DSA-228 BUGTRAQ 20030103 Multiple libmcrypt vulnerabilities SECTRACK 1006181 BID 6510 BUGTRAQ 20030105 GLSA: libmcrypt CONECTIVA CLA-2003:567 Multiple buffer overflows in libmcrypt before 2.5.5 allow attackers to cause a denial of service (crash). cpe:/a:mozilla:bugzilla:2.14.4 cpe:/a:mozilla:bugzilla:2.14.3 cpe:/a:mozilla:bugzilla:2.17.1 cpe:/a:mozilla:bugzilla:2.16.1 cpe:/a:mozilla:bugzilla:2.16 cpe:/a:mozilla:bugzilla:2.17 cpe:/a:mozilla:bugzilla:2.14.2 cpe:/a:mozilla:bugzilla:2.14.1 cpe:/a:mozilla:bugzilla:2.14 CVE-2003-0013 2003-01-17T00:00:00.000-05:00 2008-09-10T20:05:22.697-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS DEBIAN DSA-230 BUGTRAQ 20030102 [BUGZILLA] Security Advisory - remote database password disclosure BID 6501 OSVDB 6351 XF bugzilla-htaccess-database-password(10970) The default .htaccess scripts for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 do not include filenames for backup copies of the localconfig file that are made from editors such as vi and Emacs, which could allow remote attackers to obtain a database password by directly accessing the backup file. cpe:/a:mozilla:bugzilla:2.14.4 cpe:/a:mozilla:bugzilla:2.14.3 cpe:/a:mozilla:bugzilla:2.17.1 cpe:/a:mozilla:bugzilla:2.16.1 cpe:/a:mozilla:bugzilla:2.16 cpe:/a:mozilla:bugzilla:2.17 cpe:/a:mozilla:bugzilla:2.14.2 cpe:/a:mozilla:bugzilla:2.14.1 cpe:/a:mozilla:bugzilla:2.14 CVE-2003-0012 2003-01-17T00:00:00.000-05:00 2008-09-10T20:05:22.617-04:00 2.1 LOCAL LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 BUGTRAQ 20030102 [BUGZILLA] Security Advisory - remote database password disclosure XF bugzilla-mining-world-writable(10971) BID 6502 REDHAT RHSA-2003:012 DEBIAN DSA-230 The data collection script for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 sets world-writable permissions for the data/mining directory when it runs, which allows local users to modify or delete the data. cpe:/a:isc:dhcpd:3.0.1:rc1 cpe:/a:isc:dhcpd:3.0 cpe:/a:isc:dhcpd:3.0.1:rc2 cpe:/a:isc:dhcpd:3.0.1:rc8 cpe:/a:isc:dhcpd:3.0.1:rc7 cpe:/a:isc:dhcpd:3.0.1:rc4 cpe:/a:isc:dhcpd:3.0.1:rc3 cpe:/a:isc:dhcpd:3.0.1:rc6 cpe:/a:isc:dhcpd:3.0.1:rc5 CVE-2003-0026 2003-01-17T00:00:00.000-05:00 2008-09-10T15:17:25.460-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_USER_ACCESS CERT-VN VU#284857 CERT CA-2003-01 REDHAT RHSA-2003:011 DEBIAN DSA-231 XF dhcpd-minires-multiple-bo(11073) SUSE SuSE-SA:2003:006 SECTRACK 1005924 BID 6627 OPENPKG OpenPKG-SA-2003.002 MANDRAKE MDKSA-2003:007 CIAC N-031 CONECTIVA CLA-2003:562 BUGTRAQ 20030122 [securityslackware.com: [slackware-security] New DHCP packages available] Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname. cpe:/a:horde:imp:2.2.8 cpe:/a:horde:imp:2.2.6 cpe:/a:horde:imp:2.2.7 cpe:/a:horde:imp:2.2.4 cpe:/a:horde:imp:2.2.5 cpe:/a:horde:imp:2.2.2 cpe:/a:horde:imp:2.2.3 cpe:/a:horde:imp:2.2.1 cpe:/a:horde:imp:2.2 CVE-2003-0025 2003-01-17T00:00:00.000-05:00 2008-09-10T20:05:24.023-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS DEBIAN DSA-229 BUGTRAQ 20030108 IMP 2.x SQL injection vulnerabilities SECTRACK 1005904 BID 6559 BUGTRAQ 20030108 Re: IMP 2.x SQL injection vulnerabilities SECUNIA 8177 SECUNIA 8087 Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3. cpe:/o:microsoft:windows_2000:::datacenter_server cpe:/o:microsoft:windows_2000::sp2:server cpe:/o:microsoft:windows_2000:::server cpe:/o:linux:linux_kernel:2.4.19 cpe:/o:microsoft:windows_2000_terminal_services cpe:/o:linux:linux_kernel:2.4.17 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel:2.4.15 cpe:/o:linux:linux_kernel:2.4.16 cpe:/o:linux:linux_kernel:2.4.13 cpe:/o:microsoft:windows_2000::sp1:server cpe:/o:linux:linux_kernel:2.4.14 cpe:/o:linux:linux_kernel:2.4.11 cpe:/o:linux:linux_kernel:2.4.12 cpe:/o:microsoft:windows_2000:::advanced_server cpe:/o:linux:linux_kernel:2.4.10 cpe:/o:microsoft:windows_2000::sp2:advanced_server cpe:/o:freebsd:freebsd:4.2 cpe:/o:freebsd:freebsd:4.3 cpe:/o:linux:linux_kernel:2.4.1 cpe:/o:freebsd:freebsd:4.7 cpe:/o:linux:linux_kernel:2.4.3 cpe:/o:freebsd:freebsd:4.6 cpe:/o:linux:linux_kernel:2.4.2 cpe:/o:freebsd:freebsd:4.5 cpe:/o:linux:linux_kernel:2.4.5 cpe:/o:microsoft:windows_2000::sp1:professional cpe:/o:freebsd:freebsd:4.4 cpe:/o:linux:linux_kernel:2.4.4 cpe:/o:microsoft:windows_2000:::professional cpe:/o:microsoft:windows_2000::sp2:datacenter_server cpe:/o:microsoft:windows_2000_terminal_services::sp1 cpe:/o:microsoft:windows_2000::sp2:professional cpe:/o:microsoft:windows_2000_terminal_services::sp2 cpe:/o:netbsd:netbsd:1.5.2 cpe:/o:netbsd:netbsd:1.5 cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.4.6 cpe:/o:netbsd:netbsd:1.6 cpe:/o:netbsd:netbsd:1.5.3 cpe:/o:microsoft:windows_2000::sp1:advanced_server cpe:/o:linux:linux_kernel:2.4.7 cpe:/o:linux:linux_kernel:2.4.8 cpe:/o:linux:linux_kernel:2.4.9 cpe:/o:microsoft:windows_2000::sp1:datacenter_server cpe:/o:netbsd:netbsd:1.5.1 CVE-2003-0001 2003-01-17T00:00:00.000-05:00 2008-09-10T15:17:21.290-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CERT-VN VU#412115 REDHAT RHSA-2003:025 MISC http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf ATSTAKE A010603-1 BUGTRAQ 20030110 More information regarding Etherleak VULNWATCH 20030110 More information regarding Etherleak BUGTRAQ 20030117 Re: More information regarding Etherleak BUGTRAQ 20030106 Etherleak: Ethernet frame padding information leakage (A010603-1) REDHAT RHSA-2003:088 OSVDB 9962 SECUNIA 7996 Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak. cpe:/o:sun:solaris:7.0 cpe:/o:sun:solaris:9.0::x86 cpe:/o:sun:solaris:8.0 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:2.6::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:2.6 CVE-2003-1075 2003-01-27T00:00:00.000-05:00 2008-09-10T15:21:42.103-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-05-24T11:43:00.000-04:00 SUNALERT 50240 SECUNIA 7968 XF solaris-ftpd-dos(11186) SECTRACK 1005996 BID 6709 Unknown vulnerability in the FTP server (in.ftpd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (temporary FTP server hang), which affects other active mode FTP clients. cpe:/a:celestial_software:absolutetelnet:2.0 cpe:/a:celestial_software:absolutetelnet:2.11 CVE-2003-1090 2003-02-06T00:00:00.000-05:00 2008-09-05T16:36:00.967-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2005-05-24T10:49:00.000-04:00 ALLOWS_ADMIN_ACCESS CERT-VN VU#666073 XF absolutetelnet-title-bar-bo(11265) BID 6785 BUGTRAQ 20030206 AbsoluteTelnet 2.00 buffer overflow. OSVDB 16024 Buffer overflow in AbsoluteTelnet before 2.12 RC10 allows remote attackers to execute arbitrary code via a long window title. cpe:/o:sun:solaris:7.0 cpe:/o:sun:solaris:8.0 cpe:/o:sun:solaris:2.5.1::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:9.0:x86_update_2 cpe:/o:sun:solaris:2.6::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:2.5.1 cpe:/o:sun:solaris:2.6 CVE-2003-0027 2003-02-07T00:00:00.000-05:00 2008-09-10T20:05:24.493-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CERT-VN VU#850785 MISC http://www.entercept.com/news/uspr/01-22-03.asp XF solaris-kcms-directory-traversal(11129) BID 6665 SUNALERT 50104 BUGTRAQ 20030122 Entercept Ricochet Advisory: Sun Solaris KCMS Library Service Daemon Arbitrary File Retrieval Vulner Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure. cpe:/a:apache:http_server:2.0.38 cpe:/a:apache:http_server:2.0.37 cpe:/a:apache:http_server:2.0.39 cpe:/a:apache:http_server:2.0.42 cpe:/a:apache:http_server:2.0.43 cpe:/a:apache:http_server:2.0.40 cpe:/a:apache:http_server:2.0.36 cpe:/a:apache:http_server:2.0.41 CVE-2003-0017 2003-02-07T00:00:00.000-05:00 2008-09-10T15:17:23.493-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CONFIRM http://marc.theaimsgroup.com/?l=apache-httpd-announce&m=104313442901017&w=2 Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes a different filename to be processed and served. cpe:/a:apache:http_server:2.0.38 cpe:/a:apache:http_server:2.0.37 cpe:/a:apache:http_server:2.0.39 cpe:/a:apache:http_server:2.0.42 cpe:/a:apache:http_server:2.0.43 cpe:/a:apache:http_server:2.0.40 cpe:/a:apache:http_server:2.0.36 cpe:/a:apache:http_server:2.0.41 CVE-2003-0016 2003-02-07T00:00:00.000-05:00 2008-09-10T20:05:23.040-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS CERT-VN VU#979793 CERT-VN VU#825177 MLIST [apache-httpd-announce] 20030120 [ANNOUNCE] Apache 2.0.44 Released CONFIRM http://www.apacheweek.com/issues/03-01-24#security XF apache-device-code-execution(11125) XF apache-device-name-dos(11124) BID 6659 Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names. cpe:/o:freebsd:freebsd:4.7 cpe:/o:freebsd:freebsd:4.6 cpe:/o:freebsd:freebsd:4.5 cpe:/o:freebsd:freebsd:4.4 cpe:/a:cvs:cvs:1.11.1 cpe:/a:cvs:cvs:1.11.1p1 cpe:/a:cvs:cvs:1.11.2 cpe:/a:cvs:cvs:1.10.7 cpe:/a:cvs:cvs:1.10.8 cpe:/o:freebsd:freebsd:5.0 cpe:/a:cvs:cvs:1.11.3 cpe:/a:cvs:cvs:1.11 cpe:/a:cvs:cvs:1.11.4 CVE-2003-0015 2003-02-07T00:00:00.000-05:00 2008-09-10T20:05:22.960-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS CERT-VN VU#650937 CERT CA-2003-02 MISC http://security.e-matters.de/advisories/012003.html REDHAT RHSA-2003:013 XF cvs-doublefree-memory-corruption(11108) BID 6650 REDHAT RHSA-2003:012 MANDRAKE MDKSA-2003:009 DEBIAN DSA-233 CIAC N-032 FREEBSD FreeBSD-SA-03:01 BUGTRAQ 20030202 Exploit for CVS double free() for Linux pserver BUGTRAQ 20030124 Test program for CVS double-free. BUGTRAQ 20030122 [security@slackware.com: [slackware-security] New CVS packages available] CONFIRM http://ccvs.cvshome.org/servlets/NewsItemView?newsID=51&JServSessionIdservlets=5of2iuhr14 VULNWATCH 20030120 Advisory 01/2003: CVS remote vulnerability Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands. cpe:/o:microsoft:windows_nt:4.0::terminal_server cpe:/o:microsoft:windows_nt:4.0:sp1:server cpe:/o:microsoft:windows_nt:4.0::workstation cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_nt:4.0:sp6a:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp2:terminal_server cpe:/o:microsoft:windows_2000::sp3:advanced_server cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_2000_terminal_services cpe:/o:microsoft:windows_nt:4.0:sp5:terminal_server cpe:/o:microsoft:windows_2000::sp1:server cpe:/o:microsoft:windows_nt:4.0:sp1:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp5:server cpe:/o:microsoft:windows_2000:::server:jp cpe:/o:microsoft:windows_nt:4.0:sp2:workstation cpe:/o:microsoft:windows_2000::sp3:professional cpe:/o:microsoft:windows_nt:4.0:sp2:server cpe:/o:microsoft:windows_nt:4.0:sp6:enterprise_server cpe:/o:microsoft:windows_2000::sp1:professional cpe:/o:microsoft:windows_2000:::professional cpe:/o:microsoft:windows_nt:4.0:sp3:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6a:server cpe:/o:microsoft:windows_2000_terminal_services::sp1 cpe:/o:microsoft:windows_2000_terminal_services::sp2 cpe:/o:microsoft:windows_nt:4.0:sp5:workstation cpe:/o:microsoft:windows_nt:4.0:sp6:terminal_server cpe:/o:microsoft:windows_2000_terminal_services::sp3 cpe:/o:microsoft:windows_2000::sp1:datacenter_server cpe:/o:microsoft:windows_nt:4.0:sp1:workstation cpe:/o:microsoft:windows_nt:4.0:sp6:server cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_nt:4.0:sp3:enterprise_server cpe:/o:microsoft:windows_2000:::datacenter_server cpe:/o:microsoft:windows_xp::sp1:home cpe:/o:microsoft:windows_nt:4.0::enterprise_server cpe:/o:microsoft:windows_2000::sp2:server cpe:/o:microsoft:windows_nt:4.0:sp4:terminal_server cpe:/o:microsoft:windows_nt:4.0::server cpe:/o:microsoft:windows_2000::sp3:datacenter_server cpe:/o:microsoft:windows_2000:::server cpe:/o:microsoft:windows_nt:4.0:sp4:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp4:workstation cpe:/o:microsoft:windows_2000:::advanced_server cpe:/o:microsoft:windows_nt:4.0:sp3:server cpe:/o:microsoft:windows_2000::sp2:advanced_server cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_nt:4.0:sp6:workstation cpe:/o:microsoft:windows_2000::sp2:datacenter_server cpe:/o:microsoft:windows_2000::sp3:server cpe:/o:microsoft:windows_2000::sp2:professional cpe:/o:microsoft:windows_nt:4.0:sp4:server cpe:/o:microsoft:windows_nt:4.0:sp1:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6a:workstation cpe:/o:microsoft:windows_2000::sp1:advanced_server cpe:/o:microsoft:windows_nt:4.0:sp2:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp3:workstation cpe:/o:microsoft:windows_nt:4.0:sp5:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6a:enterprise_server CVE-2003-0003 2003-02-07T00:00:00.000-05:00 2008-09-10T20:05:22.163-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS CERT-VN VU#610986 CERT CA-2003-03 MS MS03-001 XF win-locator-bo(11132) BID 6666 NTBUGTRAQ 20030130 Microsoft RPC Locator Buffer Overflow Vulnerability (#NISR29012003) BUGTRAQ 20030130 Microsoft RPC Locator Buffer Overflow Vulnerability (#NISR29012003) Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code via an RPC call to the service containing certain parameter information. cpe:/a:microsoft:content_management_server:2001:sp1 cpe:/a:microsoft:content_management_server:2001 CVE-2003-0002 2003-02-07T00:00:00.000-05:00 2008-09-10T20:05:22.087-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS MS MS03-002 XF mcms-manuallogin-reasontxt-xss (10318) BUGTRAQ 20021007 CSS on Microsoft Content Management Server BID 5922 Cross-site scripting vulnerability (XSS) in ManualLogin.asp script for Microsoft Content Management Server (MCMS) 2001 allows remote attackers to execute arbitrary script via the REASONTXT parameter. cpe:/a:microsoft:outlook:2002:sp2 cpe:/a:microsoft:outlook:2002:sp1 cpe:/a:microsoft:outlook:2002 CVE-2003-0007 2003-02-07T00:00:00.000-05:00 2008-09-10T20:05:22.320-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 MS MS03-003 XF outlook-v1-certificate-plaintext(11133) BID 6667 Microsoft Outlook 2002 does not properly handle requests to encrypt email messages with V1 Exchange Server Security certificates, which causes Outlook to send the email in plaintext, aka "Flaw in how Outlook 2002 handles V1 Exchange Server Security Certificates could lead to Information Disclosure." cpe:/a:isc:dhcpd:3.0.1:rc1 cpe:/a:isc:dhcpd:3.0.1:rc2 cpe:/a:isc:dhcpd:3.0.1:rc10 cpe:/a:isc:dhcpd:3.0.1:rc8 cpe:/a:isc:dhcpd:3.0.1:rc7 cpe:/a:isc:dhcpd:3.0.1:rc9 cpe:/a:isc:dhcpd:3.0.1:rc4 cpe:/a:isc:dhcpd:3.0.1:rc3 cpe:/a:isc:dhcpd:3.0.1:rc6 cpe:/a:isc:dhcpd:3.0.1:rc5 CVE-2003-0039 2003-02-07T00:00:00.000-05:00 2008-09-05T16:33:18.257-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CERT-VN VU#149953 DEBIAN DSA-245 BUGTRAQ 20030115 DoS against DHCP infrastructure with isc dhcrelay XF dhcp-dhcrelay-dos(11187) BID 6628 REDHAT RHSA-2003:034 BUGTRAQ 20030219 [OpenPKG-SA-2003.012] OpenPKG Security Advisory (dhcpd) CONECTIVA CLSA-2003:616 TURBO TLSA-2003-26 ISC dhcrelay (dhcp-relay) 3.0rc9 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (packet storm) via a certain BOOTP packet that is forwarded to a broadcast MAC address, causing an infinite loop that is not restricted by a hop count. cpe:/a:gnu:mailman:2.1 CVE-2003-0038 2003-02-07T00:00:00.000-05:00 2008-09-05T16:33:18.117-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 DEBIAN DSA-436 CONFIRM http://telia.dl.sourceforge.net/sourceforge/mailman/xss-2.1.0-patch.txt BUGTRAQ 20030124 Mailman: cross-site scripting bug XF mailman-email-variable-xss(11152) SECTRACK 1005987 BID 6677 OSVDB 9205 Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 allows remote attackers to inject script or HTML into web pages via the (1) email or (2) language parameters. cpe:/a:noffle:noffle:1.0.1 CVE-2003-0037 2003-02-07T00:00:00.000-05:00 2008-09-10T20:05:25.163-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_USER_ACCESS DEBIAN DSA-244 XF noffle-multiple-bo(11181) BID 6695 SECUNIA 7955 Buffer overflows in noffle news server 1.0.1 and earlier allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code. cpe:/a:rildo_pragana:ml85p CVE-2003-0036 2003-02-07T00:00:00.000-05:00 2008-09-10T15:17:26.397-04:00 6.2 LOCAL HIGH NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS MISC http://www.idefense.com/advisory/01.21.03.txt VULNWATCH 20030121 iDEFENSE Security Advisory 01.21.03: Buffer Overflows in Mandrake Linux printer-drivers Package SECTRACK 1005959 BUGTRAQ 20030121 iDEFENSE Security Advisory 01.21.03: Buffer Overflows in Mandrake Linux printer-drivers Package MANDRAKE MDKSA-2003:010 ml85p, as included in the printer-drivers package for Mandrake Linux, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable filenames of the form "mlg85p%d". cpe:/a:robert_krawitz:escputil:1.15.2.2 CVE-2003-0035 2003-02-07T00:00:00.000-05:00 2008-09-10T20:05:25.023-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS MISC http://www.idefense.com/advisory/01.21.03.txt VULNWATCH 20030121 iDEFENSE Security Advisory 01.21.03: Buffer Overflows in Mandrake Linux printer-drivers Package SECTRACK 1005959 BID 6658 BUGTRAQ 20030121 iDEFENSE Security Advisory 01.21.03: Buffer Overflows in Mandrake Linux printer-drivers Package MANDRAKE MDKSA-2003:010 Buffer overflow in escputil, as included in the printer-drivers package in Mandrake Linux, allows local users to execute arbitrary code via a long printer-name command line argument. cpe:/a:jean-jacques_sarton:mtink:0.9.32 cpe:/a:jean-jacques_sarton:mtink:0.9.33 cpe:/a:jean-jacques_sarton:mtink:0.9.52 CVE-2003-0034 2003-02-07T00:00:00.000-05:00 2008-09-10T20:05:24.947-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS MISC http://www.idefense.com/advisory/01.21.03.txt VULNWATCH 20030121 iDEFENSE Security Advisory 01.21.03: Buffer Overflows in Mandrake Linux printer-drivers Package SECTRACK 1005959 BID 6656 MANDRAKE MDKSA-2003:010 Buffer overflow in the mtink status monitor, as included in the printer-drivers package in Mandrake Linux, allows local users to execute arbitrary code via a long HOME environment variable. cpe:/a:apache:tomcat:3.3 cpe:/a:apache:tomcat:3.3.1 cpe:/a:apache:tomcat:3.2.3 cpe:/a:apache:tomcat:3.2.4 cpe:/a:apache:tomcat:3.1.1 cpe:/a:apache:tomcat:3.0 cpe:/a:apache:tomcat:3.2.1 cpe:/a:apache:tomcat:3.1 cpe:/a:apache:tomcat:3.2 CVE-2003-0045 2003-02-07T00:00:00.000-05:00 2008-09-05T16:33:19.257-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 XF jakarta-tomcat-msdos-dos(12102) CONFIRM http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp. cpe:/a:apache:tomcat:3.3 cpe:/a:apache:tomcat:3.3.1a cpe:/a:apache:tomcat:3.3.1 cpe:/a:apache:tomcat:3.2.3 cpe:/a:apache:tomcat:3.2.4 cpe:/a:apache:tomcat:3.1.1 cpe:/a:apache:tomcat:3.0 cpe:/a:apache:tomcat:3.2.1 cpe:/a:apache:tomcat:3.1 cpe:/a:apache:tomcat:3.2 CVE-2003-0044 2003-02-07T00:00:00.000-05:00 2008-09-10T20:05:26.087-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_USER_ACCESS DEBIAN DSA-246 HP HPSBUX0303-249 CONFIRM http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt CONFIRM http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/ XF tomcat-web-app-xss(11196) BID 6720 OSVDB 9204 OSVDB 9203 CIAC N-060 SECUNIA 7972 Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML. cpe:/a:apache:tomcat:3.3 cpe:/a:apache:tomcat:3.3.1 cpe:/a:apache:tomcat:3.2.3 cpe:/a:apache:tomcat:3.2.4 cpe:/a:apache:tomcat:3.1.1 cpe:/a:apache:tomcat:3.0 cpe:/a:apache:tomcat:3.2.1 cpe:/a:apache:tomcat:3.1 cpe:/a:apache:tomcat:3.2 CVE-2003-0043 2003-02-07T00:00:00.000-05:00 2008-09-10T20:05:26.023-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 XF tomcat-webxml-read-files(11195) CONFIRM http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt CONFIRM http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/ BID 6722 HP HPSBUX0303-249 DEBIAN DSA-246 CIAC N-060 Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file. cpe:/a:apache:tomcat:3.3 cpe:/a:apache:tomcat:3.3.1 cpe:/a:apache:tomcat:3.2.3 cpe:/a:apache:tomcat:3.2.4 cpe:/a:apache:tomcat:3.1.1 cpe:/a:apache:tomcat:3.0 cpe:/a:apache:tomcat:3.2.1 cpe:/a:apache:tomcat:3.1 cpe:/a:apache:tomcat:3.2 CVE-2003-0042 2003-02-07T00:00:00.000-05:00 2008-09-10T20:05:25.947-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 DEBIAN DSA-246 BUGTRAQ 20030130 Apache Jakarta Tomcat 3 URL parsing vulnerability CONFIRM http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt CONFIRM http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/ XF tomcat-null-directory-listing(11194) BID 6721 HP HPSBUX0303-249 CIAC N-060 SECUNIA 7977 SECUNIA 7972 Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character. CVE-2003-1080 2003-02-11T00:00:00.000-05:00 2008-09-10T15:21:42.867-04:00 1.2 LOCAL HIGH NONE PARTIAL NONE NONE http://nvd.nist.gov 2005-05-24T11:21:00.000-04:00 XF solaris-mail-unauthorized-access(11303) SUNALERT 50751 SECUNIA 8058 SECTRACK 1006084 BID 6838 Unknown vulnerability in mail for Solaris 2.6 through 9 allows local users to read the email of other users. cpe:/o:sun:solaris:7.0 cpe:/o:sun:solaris:8.0 cpe:/o:sun:solaris:2.5.1::x86 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:2.6::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:2.5.1 cpe:/o:sun:solaris:2.6 CVE-2003-1079 2003-02-18T00:00:00.000-05:00 2008-09-10T15:21:42.727-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-05-24T11:27:00.000-04:00 XF solaris-udp-rpc-dos(11368) SUNALERT 50626 SECUNIA 8092 SECTRACK 1006131 BID 6883 Unknown vulnerability in UDP RPC for Solaris 2.5.1 through 9 for SPARC, and 2.5.1 through 8 for x86, allows remote attackers to cause a denial of service (memory consumption) via certain arguments in RPC calls that cause large amounts of memory to be allocated. cpe:/a:putty:putty:0.53b cpe:/a:putty:putty:0.53 cpe:/a:putty:putty:0.49 cpe:/a:putty:putty:0.48 CVE-2003-0048 2003-02-19T00:00:00.000-05:00 2008-09-10T20:05:26.570-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS MISC http://www.idefense.com/advisory/01.28.03.txt SECTRACK 1006014 BID 6724 BUGTRAQ 20030129 iDEFENSE Security Advisory 01.28.03: SSH2 Clients Insecurely Store Passwords PuTTY 0.53b and earlier does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials. cpe:/a:van_dyke_technologies:securefx:2.0.4 cpe:/a:van_dyke_technologies:securefx:2.1.2 cpe:/a:van_dyke_technologies:securecrt:4.0.2 cpe:/a:van_dyke_technologies:entunnel:1.0.2 cpe:/a:van_dyke_technologies:securecrt:3.4.7 CVE-2003-0047 2003-02-19T00:00:00.000-05:00 2008-09-10T20:05:26.493-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS MISC http://www.idefense.com/advisory/01.28.03.txt BUGTRAQ 20030129 iDEFENSE Security Advisory 01.28.03: SSH2 Clients Insecurely Store Passwords SECTRACK 1006012 SECTRACK 1006011 SECTRACK 1006010 BID 6728 BID 6727 BID 6726 SSH2 clients for VanDyke (1) SecureCRT 4.0.2 and 3.4.7, (2) SecureFX 2.1.2 and 2.0.4, and (3) Entunnel 1.0.2 and earlier, do not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials. cpe:/a:celestial_software:absolutetelnet:2.11 CVE-2003-0046 2003-02-19T00:00:00.000-05:00 2008-09-10T20:05:26.413-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS MISC http://www.idefense.com/advisory/01.28.03.txt CONFIRM http://www.celestialsoftware.net/telnet/beta_software.html BUGTRAQ 20030129 iDEFENSE Security Advisory 01.28.03: SSH2 Clients Insecurely Store Passwords SECTRACK 1006013 BID 6725 OSVDB 7686 AbsoluteTelnet SSH2 client does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials. cpe:/o:redhat:linux:8.0::i386 CVE-2003-0019 2003-02-19T00:00:00.000-05:00 2008-09-10T20:05:23.557-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS CERT-VN VU#134025 REDHAT RHSA-2003:056 XF linux-umlnet-gain-privileges(11276) BID 6801 CIAC N-044 uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode. cpe:/o:linux:linux_kernel:2.4.19 cpe:/o:linux:linux_kernel:2.4.17 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel:2.4.15 cpe:/o:linux:linux_kernel:2.4.16 cpe:/o:linux:linux_kernel:2.4.13 cpe:/o:linux:linux_kernel:2.4.14 cpe:/o:linux:linux_kernel:2.4.11 cpe:/o:linux:linux_kernel:2.4.12 cpe:/o:linux:linux_kernel:2.4.10 CVE-2003-0018 2003-02-19T00:00:00.000-05:00 2008-09-10T20:05:23.477-04:00 3.6 LOCAL LOW NONE PARTIAL NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 REDHAT RHSA-2003:025 DEBIAN DSA-423 XF linux-odirect-information-leak(11249) BID 6763 MANDRAKE MDKSA-2003:014 DEBIAN DSA-358 CONFIRM http://linux.bkbits.net:8080/linux-2.4/cset@3e2f193drGJDBg9SG6JwaDQwCBnAMQ Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle the O_DIRECT feature, which allows local attackers with write privileges to read portions of previously deleted files, or cause file system corruption. cpe:/o:redhat:linux:7.3::i386 cpe:/o:redhat:linux:7.0::i386 cpe:/o:redhat:linux:8.0::i386 cpe:/o:redhat:linux:7.2::i386 cpe:/o:redhat:linux:7.1::i386 cpe:/o:redhat:linux:6.2::i386 cpe:/o:redhat:linux:7.2::ia64 cpe:/a:mit:kerberos_ftp_client CVE-2003-0041 2003-02-19T00:00:00.000-05:00 2008-09-10T15:17:27.977-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS REDHAT RHSA-2003:020 VULNWATCH 20030128 MIT Kerberos FTP client remote shell commands execution MANDRAKE MDKSA-2003:021 SECUNIA 8114 SECUNIA 7979 Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client. cpe:/a:inter7:courier-imap:1.6 cpe:/a:double_precision_incorporated:courier_mta:0.37.3 CVE-2003-0040 2003-02-19T00:00:00.000-05:00 2008-09-05T16:33:18.427-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_USER_ACCESS BID 6738 DEBIAN DSA-247 XF courierimap-authmysqllib-sql-injection(11213) SQL injection vulnerability in the PostgreSQL auth module for courier 0.40 and earlier allows remote attackers to execute SQL code via the user name. cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_xp::sp1:home cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_xp:::home CVE-2003-0004 2003-02-19T00:00:00.000-05:00 2008-09-10T20:05:22.243-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS MS MS03-005 BID 6778 XF winxp-windows-redirector-bo(11260) BUGTRAQ 20030327 NSFOCUS SA2003-01: Microsoft Windows XP Redirector Local Buffer Overflow Vulnerability VULNWATCH 20030327 NSFOCUS SA2003-01: Microsoft Windows XP Redirector Local Buffer Overflow Vulnerability Buffer overflow in the Windows Redirector function in Microsoft Windows XP allows local users to execute arbitrary code via a long parameter. cpe:/a:slocate:slocate:2.5 cpe:/a:slocate:slocate:2.6 CVE-2003-0056 2003-02-19T00:00:00.000-05:00 2008-09-10T15:17:45.587-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS DEBIAN DSA-252 BUGTRAQ 20030202 GLSA: slocate MISC http://www.usg.org.uk/advisories/2003.001.txt CONECTIVA CLA-2003:643 MANDRAKE MDKSA-2003:015 SECUNIA 8749 SECUNIA 8236 SECUNIA 8118 SECUNIA 8007 SECUNIA 7982 SECUNIA 7947 SECUNIA 10720 REDHAT RHSA-2004:041 BUGTRAQ 20030125 Re: [USG- SA- 2003.001] USG Security Advisory (slocate) BUGTRAQ 20030124 [USG- SA- 2003.001] USG Security Advisory (slocate) SGI 20040202-01-U CALDERA CSSA-2003-009.0 Buffer overflow in secure locate (slocate) before 2.7 allows local users to execute arbitrary code via a long (1) -c or (2) -r command line argument. cpe:/a:hypermail:hypermail:2.1_.0 cpe:/a:hypermail:hypermail:2.1.5 cpe:/a:hypermail:hypermail:2.0b25 cpe:/a:hypermail:hypermail:2.1.1 cpe:/a:hypermail:hypermail:2.1.2 cpe:/a:hypermail:hypermail:2.1.3 cpe:/a:hypermail:hypermail:2.1.4 CVE-2003-0057 2003-02-19T00:00:00.000-05:00 2008-09-10T20:05:41.993-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20030127 Hypermail buffer overflows XF hypermail-long-hostname-bo(11158) XF hypermail-mail-attachment-bo(11157) BID 6690 BID 6689 DEBIAN DSA-248 SECUNIA 8030 VULNWATCH 20030126 Hypermail buffer overflows Multiple buffer overflows in Hypermail 2 before 2.1.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code (1) via a long attachment filename that is not properly handled by the hypermail executable, or (2) by connecting to the mail CGI program from an IP address that reverse-resolves to a long hostname. cpe:/o:sun:solaris:8.0 cpe:/a:mit:kerberos:5-1.2.4 cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:8.0::x86 cpe:/a:mit:kerberos:5-1.2.1 cpe:/a:mit:kerberos:5-1.2.2 cpe:/a:sun:enterprise_authentication_mechanism:1.0 cpe:/a:mit:kerberos:5-1.2.3 CVE-2003-0058 2003-02-19T00:00:00.000-05:00 2008-09-05T16:33:21.317-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CERT-VN VU#661243 BID 6683 CONFIRM http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt XF kerberos-kdc-null-pointer-dos(10099) REDHAT RHSA-2003:168 REDHAT RHSA-2003:052 REDHAT RHSA-2003:051 MANDRAKE MDKSA-2003:043 SUNALERT 50142 CONECTIVA CLSA-2003:639 MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference. cpe:/a:mit:kerberos:5-1.2.1 cpe:/a:mit:kerberos:5-1.2.2 CVE-2003-0059 2003-02-19T00:00:00.000-05:00 2008-09-05T16:33:21.490-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS CERT-VN VU#684563 BID 6714 CONFIRM http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt XF kerberos-kdc-user-spoofing(11188) REDHAT RHSA-2003:168 REDHAT RHSA-2003:052 REDHAT RHSA-2003:051 MANDRAKE MDKSA-2003:043 CONECTIVA CLSA-2003:639 Unknown vulnerability in the chk_trans.c of the libkrb5 library for MIT Kerberos V5 before 1.2.5 allows users from one realm to impersonate users in other realms that have the same inter-realm keys. cpe:/a:mit:kerberos:5-1.2.4 cpe:/a:mit:kerberos:5-1.2.1 cpe:/a:mit:kerberos:5-1.2.2 cpe:/a:mit:kerberos:5-1.2.3 CVE-2003-0060 2003-02-19T00:00:00.000-05:00 2008-09-05T16:33:21.630-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS CERT-VN VU#787523 BID 6712 CONFIRM http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt XF kerberos-kdc-format-string(11189) OSVDB 4879 CONECTIVA CLSA-2003:639 Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in Kerberos principal names. cpe:/a:eset_software:nod32_antivirus:1.0.11 cpe:/a:eset_software:nod32_antivirus:1.0.12 CVE-2003-0062 2003-02-19T00:00:00.000-05:00 2008-09-10T20:05:42.383-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS MISC http://www.idefense.com/advisory/02.10.03.txt BID 6803 XF nod32-pathname-bo(11282) BUGTRAQ 20030210 iDEFENSE Security Advisory 02.10.03: Buffer Overflow In NOD32 Antivirus Software for Unix Buffer overflow in Eset Software NOD32 for UNIX before 1.013 allows local users to execute arbitrary code via a long path name. cpe:/a:mysql:mysql:3.23.47 cpe:/a:mysql:mysql:3.23.31 cpe:/a:mysql:mysql:3.23.54a cpe:/a:mysql:mysql:3.23.52 cpe:/a:mysql:mysql:3.23.53 cpe:/a:mysql:mysql:3.23.54 cpe:/a:mysql:mysql:3.23.41 cpe:/a:mysql:mysql:3.23.36 CVE-2003-0073 2003-02-19T00:00:00.000-05:00 2008-09-10T20:05:44.320-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 DEBIAN DSA-303 BUGTRAQ 20030129 [OpenPKG-SA-2003.008] OpenPKG Security Advisory (mysql) CONFIRM http://www.mysql.com/doc/en/News-3.23.55.html BID 6718 REDHAT RHSA-2003:166 REDHAT RHSA-2003:094 REDHAT RHSA-2003:093 MANDRAKE MDKSA-2003:013 ENGARDE ESA-20030220-004 XF mysql-mysqlchangeuser-doublefree-dos(11199) CONECTIVA CLA-2003:743 Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers with MySQL access to cause a denial of service (crash) via mysql_change_user. cpe:/a:plptools:plptools:0.6 CVE-2003-0074 2003-02-19T00:00:00.000-05:00 2008-09-05T16:33:24.083-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS BID 6715 XF plptools-plpnsfd-format-string(11193) BUGTRAQ 20030129 Re: Local root vuln in SuSE 8.0 plptools package BUGTRAQ 20030129 Local root vuln in SuSE 8.0 plptools package Format string vulnerability in mpmain.c for plpnfsd of the plptools package allows remote attackers to execute arbitrary code via the functions (1) debuglog, (2) errorlog, and (3) infolog. cpe:/a:bladeenc:bladeenc:0.93.10 cpe:/a:bladeenc:bladeenc:0.94.0 cpe:/a:bladeenc:bladeenc:0.94.2 cpe:/a:bladeenc:bladeenc:0.94.1 cpe:/a:bladeenc:bladeenc:0.92.7 CVE-2003-0075 2003-02-19T00:00:00.000-05:00 2008-09-05T16:33:24.240-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_USER_ACCESS BID 6745 MISC http://www.pivx.com/luigi/adv/blade942-adv.txt GENTOO GLSA-200302-04 XF bladeenc-myfseek-code-execution(11227) BUGTRAQ 20030202 Bladeenc 0.94.2 code execution Integer signedness error in the myFseek function of samplein.c for Blade encoder (BladeEnc) 0.94.2 and earlier allows remote attackers to execute arbitrary code via a negative offset value following a "fmt" wave chunk. cpe:/a:dcgui:dcgui:0.2 cpe:/a:qt-dcgui:qt-dcgui:0.2.1 cpe:/a:dcgui:dcgui:0.2.1 cpe:/a:qt-dcgui:qt-dcgui:0.2 CVE-2003-0076 2003-02-19T00:00:00.000-05:00 2008-09-05T16:33:24.443-04:00 6.4 NETWORK LOW NONE PARTIAL PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 BUGTRAQ 20030204 GLSA: qt-dcgui XF qtdcgui-directory-download-files(11246) CONFIRM http://dc.ketelhot.de/pipermail/dc/2003-January/000094.html Unknown vulnerability in the directory parser for Direct Connect 4 Linux (dcgui) before 0.2.2 allows remote attackers to read files outside the sharelist. cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.5:sp1 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:6.0:sp1 cpe:/a:microsoft:ie:5.0.1 CVE-2003-1326 2003-02-19T00:00:00.000-05:00 2008-09-10T15:23:32.257-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS MS MS03-004 XF ie-dialog-zone-bypass(11258) BID 6779 CIAC N-038 Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model to run malicious script or arbitrary programs via dialog boxes, aka "Improper Cross Domain Security Validation with dialog box." cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.5:sp1 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6.0 cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:6.0:sp1 cpe:/a:microsoft:ie:5.0.1 CVE-2003-1326 2003-02-19T00:00:00.000-05:00 2008-09-10T15:23:32.257-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS MS MS03-004 XF ie-dialog-zone-bypass(11258) BID 6779 CIAC N-038 Microsoft Internet Explorer 5.5 and 6.0 allows remote attackers to bypass the cross-domain security model to run malicious script or arbitrary programs via dialog boxes, aka "Improper Cross Domain Security Validation with dialog box." cpe:/o:sun:solaris:7.0 cpe:/o:sun:solaris:8.0 cpe:/o:sun:solaris:2.6::x86 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:2.6 CVE-2003-1078 2003-02-28T00:00:00.000-05:00 2008-09-10T15:21:42.587-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-05-24T11:31:00.000-04:00 ALLOWS_OTHER_ACCESS XF solaris-ftp-plaintext-password(11436) SUNALERT 51081 SECUNIA 8186 SECTRACK 1006195 BID 6989 The FTP client for Solaris 2.6, 7, and 8 with the debug (-d) flag enabled displays the user password on the screen during login. cpe:/a:michael_jennings:eterm:0.8.10 cpe:/a:michael_jennings:eterm:0.9.1 CVE-2003-0021 2003-03-03T00:00:00.000-05:00 2008-09-10T20:05:23.727-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 XF terminal-emulator-screen-dump(11413) VULNWATCH 20030224 Terminal Emulator Security Issues BID 6936 MANDRAKE MDKSA-2003:040 BUGTRAQ 20030224 Terminal Emulator Security Issues The "screen dump" feature in Eterm 0.9.1 and earlier allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence. cpe:/a:rxvt:rxvt:2.7.5 cpe:/a:rxvt:rxvt:2.6.2 cpe:/a:rxvt:rxvt:2.7.6 cpe:/a:rxvt:rxvt:2.6.3 cpe:/a:rxvt:rxvt:2.7.7 cpe:/a:rxvt:rxvt:2.6.4 cpe:/a:rxvt:rxvt:2.7.8 cpe:/a:rxvt:rxvt:2.6.1 CVE-2003-0022 2003-03-03T00:00:00.000-05:00 2008-09-10T20:05:23.807-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 XF terminal-emulator-screen-dump(11413) VULNWATCH 20030224 Terminal Emulator Security Issues BID 6938 REDHAT RHSA-2003:055 REDHAT RHSA-2003:054 MANDRAKE MDKSA-2003:034 BUGTRAQ 20030224 Terminal Emulator Security Issues The "screen dump" feature in rxvt 2.7.8 allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence. cpe:/a:rxvt:rxvt:2.7.5 cpe:/a:rxvt:rxvt:2.6.2 cpe:/a:rxvt:rxvt:2.7.6 cpe:/a:rxvt:rxvt:2.6.3 cpe:/a:rxvt:rxvt:2.7.7 cpe:/a:rxvt:rxvt:2.6.4 cpe:/a:rxvt:rxvt:2.7.8 cpe:/a:rxvt:rxvt:2.6.1 CVE-2003-0023 2003-03-03T00:00:00.000-05:00 2008-09-10T20:05:23.867-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 XF terminal-emulator-menu-modification(11416) VULNWATCH 20030224 Terminal Emulator Security Issues BID 6947 REDHAT RHSA-2003:055 REDHAT RHSA-2003:054 MANDRAKE MDKSA-2003:034 BUGTRAQ 20030224 Terminal Emulator Security Issues The menuBar feature in rxvt 2.7.8 allows attackers to modify menu options and execute arbitrary commands via a certain character escape sequence that inserts the commands into the menu. cpe:/a:aterm:aterm:0.42 CVE-2003-0024 2003-03-03T00:00:00.000-05:00 2008-09-10T20:05:23.947-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS XF terminal-emulator-menu-modification(11416) VULNWATCH 20030224 Terminal Emulator Security Issues BID 6949 BUGTRAQ 20030224 Terminal Emulator Security Issues The menuBar feature in aterm 0.42 allows attackers to modify menu options and execute arbitrary commands via a certain character escape sequence that inserts the commands into the menu. cpe:/a:michael_jennings:eterm:0.8.10 cpe:/a:michael_jennings:eterm:0.9.1 CVE-2003-0068 2003-03-03T00:00:00.000-05:00 2008-09-10T15:17:47.647-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS XF terminal-emulator-window-title(11414) VULNWATCH 20030224 Terminal Emulator Security Issues BID 10237 MANDRAKE MDKSA-2003:040 DEBIAN DSA-496 BUGTRAQ 20030224 Terminal Emulator Security Issues The Eterm terminal emulator 0.9.1 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. cpe:/a:gnome:gnome-terminal:2.1 cpe:/a:gnome:gnome-terminal:2.2 cpe:/a:gnome:gnome-terminal:2.2.1 cpe:/a:gnome:gnome-terminal:2.1.1 cpe:/a:gnome:gnome-terminal:2.1.2 cpe:/a:gnome:gnome-terminal:2.1.3 cpe:/a:gnome:gnome-terminal:2.1.4 CVE-2003-0070 2003-03-03T00:00:00.000-05:00 2008-09-10T15:17:47.913-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS XF terminal-emulator-window-title(11414) VULNWATCH 20030224 Terminal Emulator Security Issues REDHAT RHSA-2003:053 GENTOO GLSA-200303-2 BUGTRAQ 20030224 Terminal Emulator Security Issues VTE, as used by default in gnome-terminal terminal emulator 2.2 and as an option in gnome-terminal 2.0, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. cpe:/a:xfree86_project:x11r6:4.0.1 cpe:/a:xfree86_project:x11r6:4.2.0 cpe:/a:xfree86_project:x11r6:4.2.1 cpe:/a:xfree86_project:x11r6:4.0 cpe:/a:xfree86_project:x11r6:4.0.3 cpe:/a:xfree86_project:x11r6:4.1.0 CVE-2003-0071 2003-03-03T00:00:00.000-05:00 2008-09-10T20:05:44.180-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 XF terminal-emulator-dec-udk(11415) VULNWATCH 20030224 Terminal Emulator Security Issues BID 6950 REDHAT RHSA-2003:067 REDHAT RHSA-2003:066 REDHAT RHSA-2003:065 REDHAT RHSA-2003:064 DEBIAN DSA-380 BUGTRAQ 20030224 Terminal Emulator Security Issues The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop. cpe:/a:openssl:openssl:0.9.3 cpe:/a:openssl:openssl:0.9.4 cpe:/a:openssl:openssl:0.9.7 cpe:/a:openssl:openssl:0.9.5 cpe:/a:openssl:openssl:0.9.6 cpe:/a:openssl:openssl:0.9.6a cpe:/a:openssl:openssl:0.9.6b cpe:/a:openssl:openssl:0.9.6c cpe:/a:openssl:openssl:0.9.1c cpe:/a:openssl:openssl:0.9.6d cpe:/a:openssl:openssl:0.9.6e cpe:/a:openssl:openssl:0.9.6g cpe:/a:openssl:openssl:0.9.6h cpe:/o:freebsd:freebsd:5.0 cpe:/o:freebsd:freebsd:4.2 cpe:/o:freebsd:freebsd:4.3 cpe:/o:freebsd:freebsd:4.7 cpe:/o:freebsd:freebsd:4.6 cpe:/o:freebsd:freebsd:4.5 cpe:/o:freebsd:freebsd:4.4 cpe:/a:openssl:openssl:0.9.2b cpe:/a:openssl:openssl:0.9.5a cpe:/a:openssl:openssl:0.9.7:beta2 cpe:/a:openssl:openssl:0.9.7:beta3 cpe:/o:freebsd:freebsd:4.8:pre-release cpe:/o:openbsd:openbsd:3.2 cpe:/o:openbsd:openbsd:3.1 cpe:/a:openssl:openssl:0.9.7:beta1 CVE-2003-0078 2003-03-03T00:00:00.000-05:00 2008-09-10T20:05:47.117-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CONFIRM http://www.openssl.org/news/secadv_20030219.txt BUGTRAQ 20030219 [OpenPKG-SA-2003.013] OpenPKG Security Advisory (openssl) XF ssl-cbc-information-leak(11369) DEBIAN DSA-253 TRUSTIX 2003-0005 BID 6884 REDHAT RHSA-2003:205 REDHAT RHSA-2003:104 REDHAT RHSA-2003:082 REDHAT RHSA-2003:063 REDHAT RHSA-2003:062 OSVDB 3945 MANDRAKE MDKSA-2003:020 ENGARDE ESA-20030220-005 CIAC N-051 GENTOO GLSA-200302-10 BUGTRAQ 20030219 OpenSSL 0.9.7a and 0.9.6i released CONECTIVA CLSA-2003:570 SGI 20030501-01-I NETBSD NetBSD-SA2003-001 ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack." cpe:/a:hanterm:hanterm-xf:2.0 CVE-2003-0079 2003-03-03T00:00:00.000-05:00 2008-09-10T20:05:47.197-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 XF terminal-emulator-dec-udk(11415) VULNWATCH 20030224 Terminal Emulator Security Issues BID 6944 REDHAT RHSA-2003:071 REDHAT RHSA-2003:070 OSVDB 4918 BUGTRAQ 20030224 Terminal Emulator Security Issues The DEC UDK processing feature in the hanterm (hanterm-xf) terminal emulator before 2.0.5 allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop. cpe:/a:xfree86_project:x11r6:4.0.1 cpe:/a:xfree86_project:x11r6:4.2.0 cpe:/a:xfree86_project:x11r6:4.2.1 cpe:/a:xfree86_project:x11r6:4.0 cpe:/a:xfree86_project:x11r6:4.0.3 cpe:/a:xfree86_project:x11r6:4.1.0 CVE-2003-0063 2003-03-03T00:00:00.000-05:00 2008-09-10T20:05:42.460-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS XF terminal-emulator-window-title(11414) VULNWATCH 20030224 Terminal Emulator Security Issues BID 6940 REDHAT RHSA-2003:067 REDHAT RHSA-2003:066 REDHAT RHSA-2003:065 REDHAT RHSA-2003:064 DEBIAN DSA-380 BUGTRAQ 20030224 Terminal Emulator Security Issues The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. cpe:/o:sun:solaris:9.0::sparc cpe:/o:sgi:irix:6.5.14f cpe:/o:sgi:irix:6.5.10f cpe:/o:sgi:irix:6.5.5f cpe:/o:hp:hp-ux:11.11 cpe:/o:sgi:irix:6.5.18f cpe:/o:sgi:irix:6.5.9m cpe:/o:sgi:irix:6.5.10m cpe:/o:sgi:irix:6.5.4m cpe:/o:sgi:irix:6.5.18m cpe:/o:sgi:irix:6.5.2 cpe:/o:sgi:irix:6.5.3 cpe:/o:sgi:irix:6.5.9f cpe:/o:sgi:irix:6.5.1 cpe:/o:sgi:irix:6.5.6 cpe:/o:sgi:irix:6.5.7 cpe:/o:sgi:irix:6.5.14m cpe:/o:sgi:irix:6.5.4 cpe:/o:sgi:irix:6.5.5 cpe:/o:sgi:irix:6.5.9 cpe:/o:sgi:irix:6.5.8 cpe:/o:sun:solaris:2.5.1::x86 cpe:/o:sgi:irix:6.5.15f cpe:/o:sgi:irix:6.5.11f cpe:/o:sgi:irix:5.1 cpe:/o:sgi:irix:6.4 cpe:/o:sgi:irix:5.0 cpe:/o:sgi:irix:6.0.1 cpe:/o:sgi:irix:6.3 cpe:/o:sgi:irix:6.5.4f cpe:/o:sgi:irix:5.3 cpe:/o:hp:hp-ux:11.04 cpe:/o:hp:hp-ux:10.20 cpe:/o:sgi:irix:5.2 cpe:/o:sgi:irix:6.5 cpe:/o:sgi:irix:6.0 cpe:/o:sgi:irix:6.5.17 cpe:/o:sun:solaris:2.6 cpe:/o:hp:hp-ux:11.22 cpe:/o:hp:hp-ux:10.26 cpe:/o:sgi:irix:6.5.18 cpe:/o:sgi:irix:6.2 cpe:/o:hp:hp-ux:11.20 cpe:/o:hp:hp-ux:11.00 cpe:/o:hp:hp-ux:10.24 cpe:/o:sgi:irix:6.5.7m cpe:/o:sgi:irix:6.1 cpe:/o:sgi:irix:6.5.14 cpe:/o:sgi:irix:6.5.3m cpe:/o:sgi:irix:6.5.8m cpe:/o:sgi:irix:6.5.13 cpe:/o:sgi:irix:6.5.11m cpe:/o:sgi:irix:6.5.16 cpe:/o:sgi:irix:6.5.15 cpe:/o:sgi:irix:6.5.10 cpe:/o:ibm:aix:4.3.3 cpe:/o:ibm:aix:4.3.2 cpe:/o:sgi:irix:6.5.8f cpe:/o:sgi:irix:6.5.12 cpe:/o:ibm:aix:4.3.1 cpe:/o:sgi:irix:6.5.11 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sgi:irix:6.5.15m cpe:/o:sgi:irix:6.5.16m cpe:/o:sgi:irix:6.5.12f cpe:/o:hp:hp-ux:10.34 cpe:/o:sgi:irix:6.5.6m cpe:/o:hp:hp-ux:10.30 cpe:/o:sgi:irix:6.5.3f cpe:/o:sun:solaris:9.0::x86 cpe:/o:sgi:irix:6.5.7f cpe:/o:sun:solaris:8.0 cpe:/o:sgi:irix:6.5.2m cpe:/o:sun:solaris:2.5.1 cpe:/o:sgi:irix:6.5.16f cpe:/o:sgi:irix:6.5.12m cpe:/o:sun:solaris:7.0 cpe:/o:sgi:irix:5.0.1 cpe:/o:ibm:aix:5.1 cpe:/o:sun:solaris:2.6::x86 cpe:/o:ibm:aix:5.2 cpe:/o:sgi:irix:6.5.13f cpe:/o:sgi:irix:6.5.5m cpe:/o:sgi:irix:5.1.1 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sgi:irix:6.5.2f cpe:/o:ibm:aix:4.3 cpe:/o:sgi:irix:6.5.6f cpe:/o:sgi:irix:6.5.17f cpe:/o:sgi:irix:6.5.13m cpe:/o:sgi:irix:6.5.17m CVE-2003-0064 2003-03-03T00:00:00.000-05:00 2008-09-10T20:05:42.523-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS XF terminal-emulator-window-title(11414) VULNWATCH 20030224 Terminal Emulator Security Issues BID 6942 HP HPSBUX0401-309 BUGTRAQ 20030224 Terminal Emulator Security Issues The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. cpe:/a:national_university_of_singapore:uxterm:2.3 cpe:/a:national_university_of_singapore:uxterm:2.4.1 CVE-2003-0065 2003-03-03T00:00:00.000-05:00 2008-09-10T20:05:42.603-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS XF terminal-emulator-window-title(11414) VULNWATCH 20030224 Terminal Emulator Security Issues BID 6945 BUGTRAQ 20030224 Terminal Emulator Security Issues The uxterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. cpe:/a:rxvt:rxvt:2.7.5 cpe:/a:rxvt:rxvt:2.6.2 cpe:/a:rxvt:rxvt:2.7.6 cpe:/a:rxvt:rxvt:2.6.3 cpe:/a:rxvt:rxvt:2.7.7 cpe:/a:rxvt:rxvt:2.6.4 cpe:/a:rxvt:rxvt:2.7.8 cpe:/a:rxvt:rxvt:2.6.1 CVE-2003-0066 2003-03-03T00:00:00.000-05:00 2008-09-10T20:05:42.680-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS XF terminal-emulator-window-title(11414) VULNWATCH 20030224 Terminal Emulator Security Issues BID 6953 GENTOO 200303-16 REDHAT RHSA-2003:055 REDHAT RHSA-2003:054 MANDRAKE MDKSA-2003:003 BUGTRAQ 20030224 Terminal Emulator Security Issues The rxvt terminal emulator 2.7.8 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. cpe:/o:apple:mac_os_x:10.2 cpe:/o:apple:mac_os_x_server:10.2 cpe:/o:apple:mac_os_x_server:10.2.3 cpe:/o:apple:mac_os_x_server:10.2.2 cpe:/o:apple:mac_os_x:10.2.1 cpe:/o:apple:mac_os_x_server:10.2.1 cpe:/o:apple:mac_os_x:10.2.2 cpe:/o:apple:mac_os_x:10.2.3 CVE-2003-0049 2003-03-03T00:00:00.000-05:00 2008-09-10T20:05:26.757-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_USER_ACCESS CONFIRM http://docs.info.apple.com/article.html?artnum=61798 XF macos-afp-unauthorized-access(11333) CONFIRM http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt BID 6860 SECTRACK 1006107 Apple File Protocol (AFP) in Mac OS X before 10.2.4 allows administrators to log in as other users by using the administrator password. cpe:/a:lbl:tcpdump:3.6.2 cpe:/a:lbl:tcpdump:3.4a6 cpe:/a:lbl:tcpdump:3.5.2 cpe:/a:lbl:tcpdump:3.4 cpe:/a:lbl:tcpdump:3.5 CVE-2003-0093 2003-03-03T00:00:00.000-05:00 2008-09-10T15:17:54.197-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 MISC https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=81585 XF tcpdump-radius-decoder-dos(11324) REDHAT RHSA-2003:214 REDHAT RHSA-2003:033 REDHAT RHSA-2003:032 MANDRAKE MDKSA-2003:027 DEBIAN DSA-261 The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service (crash) via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to generate data within an infinite loop. cpe:/a:andries_brouwer:util-linux:2.11u cpe:/a:andries_brouwer:util-linux:2.11n CVE-2003-0094 2003-03-03T00:00:00.000-05:00 2008-09-10T20:05:48.727-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 XF utillinux-mcookie-cookie-predictable(11318) BID 6855 MANDRAKE MDKSA-2003:016 A patch for mcookie in the util-linux package for Mandrake Linux 8.2 and 9.0 uses /dev/urandom instead of /dev/random, which causes mcookie to use an entropy source that is more predictable than expected, which may make it easier for certain types of attacks to succeed. cpe:/a:oracle:oracle9i:9.0.2 cpe:/a:oracle:oracle9i:9.0 cpe:/a:oracle:oracle9i:9.0.1 cpe:/a:oracle:database_server:9.2.1 cpe:/a:oracle:database_server:9.2.2 cpe:/a:oracle:oracle8i:8.1.7 cpe:/a:oracle:database_server:8.0.6 cpe:/a:oracle:oracle9i:9.0.1.3 cpe:/a:oracle:oracle8i:8.1.7.1 cpe:/a:oracle:oracle9i:9.0.1.2 CVE-2003-0095 2003-03-03T00:00:00.000-05:00 2008-09-10T00:00:00.000-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS CERT-VN VU#953746 CERT CA-2003-05 CONFIRM http://otn.oracle.com/deploy/security/pdf/2003alert51.pdf BID 6849 OSVDB 6319 XF oracle-username-bo(11328) CIAC N-046 BUGTRAQ 20030217 Oracle unauthenticated remote system compromise (#NISR16022003a) Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote attackers to execute arbitrary code via a long username that is provided during login, as exploitable through client applications that perform their own authentication, as demonstrated using LOADPSP. cpe:/a:oracle:oracle9i:9.0.2 cpe:/a:oracle:oracle9i:9.0 cpe:/a:oracle:oracle9i:9.0.1 cpe:/a:oracle:database_server:9.2.1 cpe:/a:oracle:database_server:9.2.2 cpe:/a:oracle:oracle8i:8.1.7 cpe:/a:oracle:database_server:8.0.6 cpe:/a:oracle:oracle9i:9.0.1.3 cpe:/a:oracle:oracle8i:8.1.7.1 cpe:/a:oracle:oracle9i:9.0.1.2 CVE-2003-0096 2003-03-03T00:00:00.000-05:00 2008-09-10T00:00:00.000-04:00 9.0 NETWORK LOW SINGLE_INSTANCE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS CERT-VN VU#840666 CERT-VN VU#743954 CERT-VN VU#663786 CERT CA-2003-05 BID 6850 BID 6848 BID 6847 MISC http://www.nextgenss.com/advisories/ora-tzofstbo.txt MISC http://www.nextgenss.com/advisories/ora-tmstmpbo.txt MISC http://www.nextgenss.com/advisories/ora-bfilebo.txt XF oracle-totimestamptz-bo(11327) XF oracle-tzoffset-bo(11326) XF oracle-bfilename-directory-bo(11325) CIAC N-046 CONFIRM http://otn.oracle.com/deploy/security/pdf/2003alert50.pdf CONFIRM http://otn.oracle.com/deploy/security/pdf/2003alert49.pdf CONFIRM http://otn.oracle.com/deploy/security/pdf/2003alert48.pdf BUGTRAQ 20030217 Oracle bfilename function buffer overflow vulnerability (#NISR16022003e) BUGTRAQ 20030217 Oracle TZ_OFFSET Remote System Buffer Overrun (#NISR16022003c) BUGTRAQ 20030217 Oracle TO_TIMESTAMP_TZ Remote System Buffer Overrun (#NISR16022003b) VULNWATCH 20030217 Oracle bfilename function buffer overflow vulnerability (#NISR16022003e) VULNWATCH 20030217 Oracle TZ_OFFSET Remote System Buffer Overrun (#NISR16022003c) VULNWATCH 20030217 Oracle unauthenticated remote system compromise (#NISR16022003a) Multiple buffer overflows in Oracle 9i Database release 2, Release 1, 8i, 8.1.7, and 8.0.6 allow remote attackers to execute arbitrary code via (1) a long conversion string argument to the TO_TIMESTAMP_TZ function, (2) a long time zone argument to the TZ_OFFSET function, or (3) a long DIRECTORY parameter to the BFILENAME function. cpe:/a:php:php:4.3 CVE-2003-0097 2003-03-03T00:00:00.000-05:00 2008-09-10T20:05:49.057-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_USER_ACCESS GENTOO GLSA-200302-09 BUGTRAQ 20030217 PHP Security Advisory: CGI vulnerability in PHP version 4.3.0 CONFIRM http://www.slackware.com/changelog/current.php?cpu=i386 XF php-cgi-sapi-access(11343) BID 6875 GENTOO GLSA-200302-09.1 Unknown vulnerability in CGI module for PHP 4.3.0 allows attackers to access arbitrary files as the PHP user, and possibly execute PHP code, by bypassing the CGI force redirect settings (cgi.force_redirect or --enable-force-cgi-redirect). cpe:/a:apc:apcupsd:3.10.4 cpe:/a:apc:apcupsd:3.8.5 CVE-2003-0098 2003-03-03T00:00:00.000-05:00 2008-09-10T15:17:55.897-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS DEBIAN DSA-277 BID 7200 SUSE SuSE-SA:2003:022 XF apcupsd-logevent-format-string(11334) CONFIRM http://sourceforge.net/project/shownotes.php?release_id=137900 SECTRACK 1006108 MISC http://hsj.shadowpenguin.org/misc/apcupsd_exp.txt CONFIRM http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/apcupsd/apcupsd/src/apcnisd.c.diff?r1=1.5&r2=1.6 CALDERA CSSA-2003-015.0 BID 6828 MANDRAKE MDKSA-2003:018 Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server. cpe:/a:apc:apcupsd:3.8.5 CVE-2003-0099 2003-03-03T00:00:00.000-05:00 2008-09-10T15:17:55.960-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS DEBIAN DSA-277 BID 7200 XF apcupsd-vsprintf-multiple-bo(11491) CONFIRM http://sourceforge.net/project/shownotes.php?release_id=137900 CONFIRM http://sourceforge.net/project/shownotes.php?release_id=137892 SUSE SuSE-SA:2003:022 MANDRAKE MDKSA-2003:018 SECTRACK 1006108 CALDERA CSSA-2003-015.0 Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before 3.10.5, may allow attackers to cause a denial of service or execute arbitrary code, related to usage of the vsprintf function. cpe:/o:cisco:ios:12.0%2818%29s5 cpe:/o:cisco:ios:12.0%287%29t cpe:/o:cisco:ios:12.0%2816%29w5%2821%29 cpe:/o:cisco:ios:11.1%2816%29ia cpe:/o:cisco:ios:12.0%2814%29w5%2820%29 cpe:/o:cisco:ios:11.3%287%29db1 cpe:/o:cisco:ios:12.0%283d%29 cpe:/o:cisco:ios:11.3da cpe:/o:cisco:ios:11.3db cpe:/o:cisco:ios:11.2%2823a%29bc1 cpe:/o:cisco:ios:12.0%285%29wc cpe:/o:cisco:ios:12.0%288%29 cpe:/o:cisco:ios:12.0%285%29xk cpe:/o:cisco:ios:12.0%287%29db2 cpe:/o:cisco:ios:12.0%285%29wc2b cpe:/o:cisco:ios:12.0%285%29xn cpe:/o:cisco:ios:12.0%285%29xs cpe:/o:cisco:ios:12.0%2810a%29 cpe:/o:cisco:ios:12.0%2810%29w5%2818f%29 cpe:/o:cisco:ios:12.0%286b%29 cpe:/o:cisco:ios:12.0%285%29xu cpe:/o:cisco:ios:12.0%285%29wx cpe:/o:cisco:ios:12.0%284%29xm1 cpe:/o:cisco:ios:12.0%289%29 cpe:/o:cisco:ios:12.0%2817%29 cpe:/o:cisco:ios:12.0%287a%29 cpe:/o:cisco:ios:12.0%285%29xe cpe:/o:cisco:ios:12.0%285%29wc3b cpe:/o:cisco:ios:11.2f cpe:/o:cisco:ios:12.0 cpe:/o:cisco:ios:11.3wa4 cpe:/o:cisco:ios:11.1ia cpe:/o:cisco:ios:12.0%2816%29sc3 cpe:/o:cisco:ios:11.2p cpe:/o:cisco:ios:12.0%282b%29 cpe:/o:cisco:ios:12.0%2814a%29 cpe:/o:cisco:ios:11.3%2811%29b cpe:/o:cisco:ios:11.1%2813%29ia cpe:/o:cisco:ios:12.0%282%29xf cpe:/o:cisco:ios:12.0%282%29xg cpe:/o:cisco:ios:11.1%2836%29ca2 cpe:/o:cisco:ios:11.2%284%29f1 cpe:/o:cisco:ios:12.0%2816%29st1 cpe:/o:cisco:ios:12.0%282%29xc cpe:/o:cisco:ios:12.0%282%29xe cpe:/o:cisco:ios:11.3aa cpe:/o:cisco:ios:12.0%282%29xd cpe:/o:cisco:ios:11.2wa4 cpe:/o:cisco:ios:11.3t cpe:/o:cisco:ios:12.0%2818%29s cpe:/o:cisco:ios:11.2wa3 cpe:/o:cisco:ios:11.3xa cpe:/o:cisco:ios:11.2gs cpe:/o:cisco:ios:11.1%287%29ca cpe:/o:cisco:ios:12.0wt cpe:/o:cisco:ios:11.1%2820%29aa4 cpe:/o:cisco:ios:11.1%2815%29ca cpe:/o:cisco:ios:12.0%283%29 cpe:/o:cisco:ios:12.0wx cpe:/o:cisco:ios:11.3%281%29ed cpe:/o:cisco:ios:12.0xa cpe:/o:cisco:ios:12.0xb cpe:/o:cisco:ios:11.3ha cpe:/o:cisco:ios:12.0xc cpe:/o:cisco:ios:12.0xd cpe:/o:cisco:ios:12.0xe cpe:/o:cisco:ios:12.0xf cpe:/o:cisco:ios:12.0xg cpe:/o:cisco:ios:12.0xh cpe:/o:cisco:ios:12.0xi cpe:/o:cisco:ios:12.0xj cpe:/o:cisco:ios:12.0xk cpe:/o:cisco:ios:12.0xl cpe:/o:cisco:ios:12.0%2811%29st4 cpe:/o:cisco:ios:12.0xm cpe:/o:cisco:ios:12.0xn cpe:/o:cisco:ios:12.0xr cpe:/o:cisco:ios:12.0xq cpe:/o:cisco:ios:12.0xp cpe:/o:cisco:ios:12.0%2813%29w5%2819c%29 cpe:/o:cisco:ios:12.0%281%29xa3 cpe:/o:cisco:ios:12.0xv cpe:/o:cisco:ios:12.0xu cpe:/o:cisco:ios:11.2xa cpe:/o:cisco:ios:12.0%285.1%29xp cpe:/o:cisco:ios:12.0xs cpe:/o:cisco:ios:12.0xw cpe:/o:cisco:ios:12.0%285.2%29xu cpe:/o:cisco:ios:11.1%2828a%29ia cpe:/o:cisco:ios:12.0%2812%29s3 cpe:/o:cisco:ios:12.0%2817%29st5 cpe:/o:cisco:ios:12.0%2817%29st1 cpe:/o:cisco:ios:11.2%289%29p cpe:/o:cisco:ios:12.0%287%29xe2 cpe:/o:cisco:ios:11.3%2811c%29 cpe:/o:cisco:ios:11.1%2813%29 cpe:/o:cisco:ios:12.0%281%29 cpe:/o:cisco:ios:11.2%288.9%29sa6 cpe:/o:cisco:ios:11.1%2815%29aa cpe:/o:cisco:ios:11.2%288%29sa1 cpe:/o:cisco:ios:11.2%288%29sa3 cpe:/o:cisco:ios:11.2%289%29xa cpe:/o:cisco:ios:11.2%288%29sa5 cpe:/o:cisco:ios:12.0%285.4%29wc1 cpe:/o:cisco:ios:12.0%285.3%29wc1 cpe:/o:cisco:ios:12.0%287%29xf1 cpe:/o:cisco:ios:12.0%281%29xe cpe:/o:cisco:ios:12.0%287.4%29s cpe:/o:cisco:ios:12.0%282%29 cpe:/o:cisco:ios:11.1%289%29ia cpe:/o:cisco:ios:12.0%281%29xb cpe:/o:cisco:ios:11.3%2811b%29 cpe:/o:cisco:ios:12.0%288.3%29sc cpe:/o:cisco:ios:11.3%2811b%29t2 cpe:/o:cisco:ios:12.0%2817%29s cpe:/o:cisco:ios:11.1ca cpe:/o:cisco:ios:12.0%284%29xm cpe:/o:cisco:ios:12.0%289a%29 cpe:/o:cisco:ios:12.0%288a%29 cpe:/o:cisco:ios:11.3%282%29xa cpe:/o:cisco:ios:11.1cc cpe:/o:cisco:ios:12.0st cpe:/o:cisco:ios:11.3ma cpe:/o:cisco:ios:12.0sx cpe:/o:cisco:ios:12.0dc cpe:/o:cisco:ios:12.0sl cpe:/o:cisco:ios:12.0da cpe:/o:cisco:ios:12.0db cpe:/o:cisco:ios:12.0sp cpe:/o:cisco:ios:12.0%284%29xe cpe:/o:cisco:ios:11.1ct cpe:/o:cisco:ios:12.0%285%29wc2 cpe:/o:cisco:ios:12.0%2814%29st3 cpe:/o:cisco:ios:12.0%285%29wc3 cpe:/o:cisco:ios:11.2%284%29xaf cpe:/o:cisco:ios:12.0%2814%29st cpe:/o:cisco:ios:12.0%289%29s cpe:/o:cisco:ios:11.1%2828a%29ct cpe:/o:cisco:ios:12.0%289%29s8 cpe:/o:cisco:ios:12.0%2813%29s6 cpe:/o:cisco:ios:12.0%281%29w cpe:/o:cisco:ios:11.1aa cpe:/o:cisco:ios:11.2%284%29xa cpe:/o:cisco:ios:12.0%284%29s cpe:/o:cisco:ios:12.0%2817%29s4 cpe:/o:cisco:ios:12.0%2812a%29 cpe:/o:cisco:ios:12.0w5 cpe:/o:cisco:ios:12.0%288%29s1 cpe:/o:cisco:ios:12.0%2810%29w5 cpe:/o:cisco:ios:12.0%285%29yb4 cpe:/o:cisco:ios:12.0%287%29xv cpe:/o:cisco:ios:12.0wc cpe:/o:cisco:ios:12.0%2816a%29 cpe:/o:cisco:ios:12.0%2818%29st1 cpe:/o:cisco:ios:12.0%2814%29s7 cpe:/o:cisco:ios:12.0%287%29xk cpe:/o:cisco:ios:11.1%2813%29aa cpe:/o:cisco:ios:11.2%2817%29 cpe:/o:cisco:ios:12.0%284%29t cpe:/o:cisco:ios:12.0%287%29xf cpe:/o:cisco:ios:12.0%287%29xe cpe:/o:cisco:ios:11.1%287%29aa cpe:/o:cisco:ios:12.0%2816.06%29s cpe:/o:cisco:ios:12.0%285%29t cpe:/o:cisco:ios:11.2%2826%29p2 cpe:/o:cisco:ios:11.2%2826a%29 cpe:/o:cisco:ios:11.3%281%29t cpe:/o:cisco:ios:11.1%2817%29ct cpe:/o:cisco:ios:12.0%285%29t1 cpe:/o:cisco:ios:12.0%287%29wx5%2815a%29 cpe:/o:cisco:ios:12.0%287%29s1 cpe:/o:cisco:ios:11.2%2819a%29gs6 cpe:/o:cisco:ios:12.0%287%29xk3 cpe:/o:cisco:ios:11.2%284%29f cpe:/o:cisco:ios:11.1%2836%29cc4 cpe:/o:cisco:ios:11.1%2824a%29 cpe:/o:cisco:ios:11.1%2817%29cc cpe:/o:cisco:ios:11.1%2836%29cc2 cpe:/o:cisco:ios:12.0%285%29xn1 cpe:/o:cisco:ios:12.0%2818b%29 cpe:/o:cisco:ios:12.0%2815%29s3 cpe:/o:cisco:ios:12.0%287%29t2 cpe:/o:cisco:ios:12.0%2815%29s6 cpe:/o:cisco:ios:11.1%2813%29ca cpe:/o:cisco:ios:11.1%2824b%29 cpe:/o:cisco:ios:11.2%2810%29bc cpe:/o:cisco:ios:11.2%288%29p cpe:/o:cisco:ios:12.0%283%29t2 cpe:/o:cisco:ios:12.0%2810%29w5%2818g%29 cpe:/o:cisco:ios:11.1%2815%29ia cpe:/o:cisco:ios:11.1%2816%29aa cpe:/o:cisco:ios:12.0%2813a%29 cpe:/o:cisco:ios:12.0%284%29xe1 cpe:/o:cisco:ios:11.1 cpe:/o:cisco:ios:12.0%2810%29s7 cpe:/o:cisco:ios:11.2 cpe:/o:cisco:ios:11.3 cpe:/o:cisco:ios:11.2%284%29 cpe:/o:cisco:ios:12.0%2816%29s8 cpe:/o:cisco:ios:12.0%2811a%29 cpe:/o:cisco:ios:12.0%2811%29s6 cpe:/o:cisco:ios:12.0s cpe:/o:cisco:ios:12.0t cpe:/o:cisco:ios:11.2sa cpe:/o:cisco:ios:12.0%287%29sc cpe:/o:cisco:ios:12.0%287%29dc1 cpe:/o:cisco:ios:11.3%288%29db2 cpe:/o:cisco:ios:12.0%288.0.2%29s cpe:/o:cisco:ios:12.0%2815a%29 cpe:/o:cisco:ios:12.0%2813%29wt6%281%29 cpe:/o:cisco:ios:11.2%2826b%29 cpe:/o:cisco:ios:11.2%2819%29gs0.2 cpe:/o:cisco:ios:11.2bc cpe:/o:cisco:ios:12.0sc cpe:/o:cisco:ios:12.0%2818%29w5%2822b%29 cpe:/o:cisco:ios:12.0%2817%29sl6 cpe:/o:cisco:ios:12.0%2817a%29 cpe:/o:cisco:ios:12.0%2817%29sl2 cpe:/o:cisco:ios:11.3na cpe:/o:cisco:ios:11.2%2811b%29t2 cpe:/o:cisco:ios:12.0%285%29xk2 CVE-2003-0100 2003-03-03T00:00:00.000-05:00 2008-09-10T20:05:49.507-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20030221 Re: Cisco IOS OSPF exploit XF cisco-ios-ospf-bo(11373) BUGTRAQ 20030220 Cisco IOS OSPF exploit BID 6895 Buffer overflow in Cisco IOS 11.2.x to 12.0.x allows remote attackers to cause a denial of service and possibly execute commands via a large number of OSPF neighbor announcements. cpe:/a:usermin:usermin:0.4 cpe:/a:usermin:usermin:0.5 cpe:/a:webmin:webmin:1.0.60 cpe:/a:webmin:webmin:1.0.50 cpe:/a:usermin:usermin:0.8 cpe:/a:usermin:usermin:0.9 cpe:/a:usermin:usermin:0.6 cpe:/a:usermin:usermin:0.7 cpe:/a:usermin:usermin:0.91 cpe:/a:usermin:usermin:0.92 cpe:/a:usermin:usermin:0.97 cpe:/a:engardelinux:guardian_digital_webtool:1.2 cpe:/a:usermin:usermin:0.98 cpe:/a:usermin:usermin:0.99 cpe:/a:usermin:usermin:0.93 cpe:/a:usermin:usermin:0.94 cpe:/a:usermin:usermin:0.95 cpe:/a:usermin:usermin:0.96 CVE-2003-0101 2003-03-03T00:00:00.000-05:00 2008-09-10T20:05:49.570-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS CONFIRM http://marc.theaimsgroup.com/?l=webmin-announce&m=104587858408101&w=2 BUGTRAQ 20030224 [SNS Advisory No.62] Webmin/Usermin Session ID Spoofing Vulnerability "Episode 2" BID 6915 MISC http://www.lac.co.jp/security/english/snsadv_e/62_e.html XF webmin-usermin-root-access(11390) DEBIAN DSA-319 CIAC N-058 BUGTRAQ 20030224 GLSA: usermin (200302-14) BUGTRAQ 20030224 Webmin 1.050 - 1.060 remote exploit ENGARDE ESA-20030225-006 HP HPSBUX0303-250 SGI 20030602-01-I SECTRACK 1006160 MANDRAKE MDKSA-2003:025 CONFIRM http://www.linuxsecurity.com/advisories/gentoo_advisory-2886.html SECUNIA 8163 SECUNIA 8115 miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 does not properly handle metacharacters such as line feeds and carriage returns (CRLF) in Base-64 encoded strings during Basic authentication, which allows remote attackers to spoof a session ID and gain root privileges. cpe:/a:national_language_support:libim CVE-2003-0087 2003-03-03T00:00:00.000-05:00 2008-09-10T20:05:47.993-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS MISC http://www.idefense.com/advisory/02.12.03.txt XF aix-aixterm-libim-bo(11309) BID 6840 OSVDB 7996 AIXAPAR IY40320 AIXAPAR IY40317 AIXAPAR IY40307 BUGTRAQ 20030212 libIM.a buffer overflow vulnerability BUGTRAQ 20030212 iDEFENSE Security Advisory 02.12.03: Buffer Overflow in AIX libIM.a VULNWATCH 20030212 iDEFENSE Security Advisory 02.12.03: Buffer Overflow in AIX libIM.a Buffer overflow in libIM library (libIM.a) for National Language Support (NLS) on AIX 4.3 through 5.2 allows local users to gain privileges via several possible attack vectors, including a long -im argument to aixterm. cpe:/o:apple:mac_os_x:10.2 cpe:/o:apple:mac_os_x:10.2.1 cpe:/o:apple:mac_os_x:10.2.2 cpe:/o:apple:mac_os_x:10.2.3 CVE-2003-0088 2003-03-03T00:00:00.000-05:00 2008-09-10T20:05:48.070-04:00 7.2 LOCAL LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS ATSTAKE A021403-1 XF macos-trublueenvironment-gain-privileges(11332) CONFIRM http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt CONFIRM http://docs.info.apple.com/article.html?artnum=61798 BID 6859 TruBlueEnvironment for MacOS 10.2.3 and earlier allows local users to overwrite or create arbitrary files and gain root privileges by setting a certain environment variable that is used to write debugging information. cpe:/o:sun:solaris:9.0::sparc CVE-2003-1077 2003-03-05T00:00:00.000-05:00 2008-09-10T15:21:42.430-04:00 2.1 LOCAL LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2005-05-24T11:34:00.000-04:00 SUNALERT 51300 SECUNIA 8234 XF solaris-ufs-logging-dos(11481) SECTRACK 1006233 BID 7032 Unknown vulnerability in UFS for Solaris 9 for SPARC, with logging enabled, allows local users to cause a denial of service (UFS file system hang). cpe:/h:nokia:6210_handset:5.27 CVE-2003-0103 2003-03-07T00:00:00.000-05:00 2008-09-05T16:33:29.380-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 BID 6952 XF nokia-6210-vcard-dos(11421) Format string vulnerability in Nokia 6210 handset allows remote attackers to cause a denial of service (crash, lockup, or restart) via a Multi-Part vCard with fields containing a large number of format string specifiers. cpe:/a:gnu:zlib:1.1.4 CVE-2003-0107 2003-03-07T00:00:00.000-05:00 2008-09-10T20:05:50.163-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS CERT-VN VU#142121 XF zlib-gzprintf-bo(11381) BUGTRAQ 20030222 buffer overrun in zlib 1.1.4 BUGTRAQ 20030223 poc zlib sploit just for fun :) CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00038.html BID 6913 REDHAT RHSA-2003:081 REDHAT RHSA-2003:079 OSVDB 6599 MANDRAKE MDKSA-2003:033 SUNALERT 57405 GENTOO GLSA-200303-25 BUGTRAQ 20030225 [sorcerer-spells] ZLIB-SORCERER2003-02-25 BUGTRAQ 20030224 Re: buffer overrun in zlib 1.1.4 CONECTIVA CLSA-2003:619 NETBSD NetBSD-SA2003-004 CALDERA CSSA-2003-011.0 Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are truncated using vsnprintf, allows attackers to cause a denial of service or possibly execute arbitrary code. cpe:/a:lbl:tcpdump:3.6.2 cpe:/a:lbl:tcpdump:3.7 cpe:/a:lbl:tcpdump:3.7.1 cpe:/a:lbl:tcpdump:3.5.2 CVE-2003-0108 2003-03-07T00:00:00.000-05:00 2008-09-05T16:33:30.117-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 BID 6974 MISC http://www.idefense.com/advisory/02.27.03.txt DEBIAN DSA-255 XF tcpdump-isakmp-dos(11434) REDHAT RHSA-2003:214 REDHAT RHSA-2003:085 REDHAT RHSA-2003:032 SUSE SuSE-SA:2003:0015 MANDRAKE MDKSA-2003:027 BUGTRAQ 20030304 [OpenPKG-SA-2003.014] OpenPKG Security Advisory (tcpdump) BUGTRAQ 20030227 iDEFENSE Security Advisory 02.27.03: TCPDUMP Denial of Service Vulnerability in ISAKMP Packet Parsin CONECTIVA CLA-2003:629 isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to UDP port 500, which causes tcpdump to enter an infinite loop. cpe:/a:mhc-utils:mhc-utils:0.25_snap2001-06-25 CVE-2003-0120 2003-03-07T00:00:00.000-05:00 2008-09-05T16:33:32.130-04:00 1.2 LOCAL HIGH NONE NONE PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 DEBIAN DSA-256 BID 6978 XF mhc-adb2mhc-insecure-tmp(11439) adb2mhc in the mhc-utils package before 0.25+20010625-7.1 allows local users to overwrite arbitrary files via a symlink attack on a default temporary directory with a predictable name. cpe:/a:apple:quicktime_streaming_server:4.1.1 cpe:/a:apple:darwin_streaming_server:4.1.2 CVE-2003-0050 2003-03-07T00:00:00.000-05:00 2008-09-10T20:05:26.820-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20030224 QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities XF quicktime-darwin-command-execution(11401) CONFIRM http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt BID 6954 parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via shell metacharacters. cpe:/a:apple:quicktime_streaming_server:4.1.1 cpe:/a:apple:darwin_streaming_server:4.1.2 CVE-2003-0051 2003-03-07T00:00:00.000-05:00 2008-09-10T20:05:26.897-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 BUGTRAQ 20030224 QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities XF quicktime-darwin-path-disclosure(11402) CONFIRM http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt BID 6956 parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to obtain the physical path of the server's installation path via a NULL file parameter. cpe:/a:apple:quicktime_streaming_server:4.1.1 cpe:/a:apple:darwin_streaming_server:4.1.2 CVE-2003-0052 2003-03-07T00:00:00.000-05:00 2008-09-10T20:05:26.977-04:00 5.0 NETWORK LOW NONE PARTIAL NONE NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 BUGTRAQ 20030224 QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities XF quicktime-darwin-directory-disclosure(11403) CONFIRM http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt BID 6955 parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to list arbitrary directories. cpe:/a:apple:quicktime_streaming_server:4.1.1 cpe:/a:apple:darwin_streaming_server:4.1.2 CVE-2003-0053 2003-03-07T00:00:00.000-05:00 2008-09-10T20:05:27.040-04:00 4.3 NETWORK MEDIUM NONE NONE PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 BUGTRAQ 20030224 QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities XF quicktime-darwin-parsexml-xss(11404) CONFIRM http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt BID 6958 Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to insert arbitrary script via the filename parameter, which is inserted into an error message. cpe:/a:apple:quicktime_streaming_server:4.1.1 cpe:/a:apple:darwin_streaming_server:4.1.2 CVE-2003-0054 2003-03-07T00:00:00.000-05:00 2008-09-10T20:05:27.117-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS BUGTRAQ 20030224 QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities XF quicktime-darwin-describe-xss(11405) CONFIRM http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt BID 6960 Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute certain code via a request to port 7070 with the script in an argument to the rtsp DESCRIBE method, which is inserted into a log file and executed when the log is viewed using a browser. cpe:/a:apple:quicktime_darwin_mp3_broadcaster CVE-2003-0055 2003-03-07T00:00:00.000-05:00 2008-09-10T20:05:27.197-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_USER_ACCESS BUGTRAQ 20030224 QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities XF quicktime-darwin-mp3-bo(11406) CONFIRM http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt BID 6957 Buffer overflow in the MP3 broadcasting module of Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via a long filename. cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_me cpe:/o:microsoft:windows_xp:::home CVE-2003-0009 2003-03-07T00:00:00.000-05:00 2008-09-05T16:33:12.833-04:00 6.8 NETWORK MEDIUM NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS CERT-VN VU#489721 BID 6966 MS MS03-006 BUGTRAQ 20030227 MS-Windows ME IE/Outlook/HelpCenter critical vulnerability XF winme-hsc-hcp-bo(11425) OSVDB 6074 CIAC N-047 Cross-site scripting (XSS) vulnerability in Help and Support Center for Microsoft Windows Me allows remote attackers to execute arbitrary script in the Local Computer security context via an hcp:// URL with the malicious script in the topic parameter. cpe:/a:snort:snort:1.8.4 cpe:/a:snort:snort:1.8.3 cpe:/a:snort:snort:1.8.2 cpe:/a:snort:snort:1.8.1 cpe:/a:snort:snort:1.9.0 cpe:/a:snort:snort:1.8.7 cpe:/a:snort:snort:1.8.6 cpe:/a:snort:snort:1.8.5 cpe:/a:snort:snort:1.8.0 CVE-2003-0033 2003-03-07T00:00:00.000-05:00 2008-09-05T16:33:17.333-04:00 10.0 NETWORK LOW NONE COMPLETE COMPLETE COMPLETE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_ADMIN_ACCESS CERT-VN VU#916785 CERT CA-2003-13 BID 6963 XF snort-rpc-fragment-bo(10956) ISS 20030303 Snort RPC Preprocessing Vulnerability OSVDB 4418 MANDRAKE MDKSA-2003:029 ENGARDE ESA-20030307-007 DEBIAN DSA-297 GENTOO GLSA-200304-06 GENTOO GLSA-200303-6.1 BUGTRAQ 20030303 Snort RPC Vulnerability (fwd) Buffer overflow in the RPC preprocessor for Snort 1.8 and 1.9.x before 1.9.1 allows remote attackers to execute arbitrary code via fragmented RPC packets. cpe:/a:apache:http_server CVE-2003-0020 2003-03-18T00:00:00.000-05:00 2008-09-05T16:33:14.803-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 BID 9930 XF apache-esc-seq-injection(11412) BUGTRAQ 20030224 Terminal Emulator Security Issues TRUSTIX 2004-0027 TRUSTIX 2004-0017 SLACKWARE SSA:2004-133 REDHAT RHSA-2003:244 REDHAT RHSA-2003:243 REDHAT RHSA-2003:139 REDHAT RHSA-2003:104 REDHAT RHSA-2003:083 REDHAT RHSA-2003:082 MANDRAKE MDKSA-2003:050 SUNALERT 57628 SUNALERT 101555 GENTOO GLSA-200405-22 HP SSRT4717 BUGTRAQ 20040512 [OpenPKG-SA-2004.021] OpenPKG Security Advisory (apache) APPLE APPLE-SA-2004-05-03 MANDRAKE MDKSA-2004:046 VULNWATCH 20030224 Terminal Emulator Security Issues Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences. cpe:/a:aterm:aterm:0.42 CVE-2003-0067 2003-03-18T00:00:00.000-05:00 2008-09-05T16:33:22.943-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS XF terminal-emulator-window-title(11414) VULNWATCH 20030224 Terminal Emulator Security Issues BUGTRAQ 20030224 Terminal Emulator Security Issues The aterm terminal emulator 0.42 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. cpe:/a:ethereal_group:ethereal:0.9.9 cpe:/a:ethereal_group:ethereal:0.8.18 cpe:/a:ethereal_group:ethereal:0.9.0 cpe:/a:ethereal_group:ethereal:0.9.1 cpe:/a:ethereal_group:ethereal:0.9.2 cpe:/a:ethereal_group:ethereal:0.9.3 cpe:/a:ethereal_group:ethereal:0.9.4 cpe:/a:ethereal_group:ethereal:0.9.5 cpe:/a:ethereal_group:ethereal:0.9.6 cpe:/a:ethereal_group:ethereal:0.9.7 cpe:/a:ethereal_group:ethereal:0.9.8 CVE-2003-0081 2003-03-18T00:00:00.000-05:00 2008-09-05T16:33:25.287-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS BID 7049 MISC http://www.guninski.com/etherre.html CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00008.html DEBIAN DSA-258 XF ethereal-socks-format-string(11497) REDHAT RHSA-2003:077 REDHAT RHSA-2003:076 SUSE SuSE-SA:2003:019 GENTOO GLSA-200303-10 FULLDISC 20030308 Ethereal format string bug, yet still ethereal much better than windows MANDRAKE MDKSA-2003:051 CONECTIVA CLSA-2003:627 Format string vulnerability in packet-socks.c of the SOCKS dissector for Ethereal 0.8.7 through 0.9.9 allows remote attackers to execute arbitrary code via SOCKS packets containing format string specifiers. cpe:/a:putty:putty:0.53 CVE-2003-0069 2003-03-18T00:00:00.000-05:00 2008-09-05T16:33:23.240-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS XF terminal-emulator-window-title(11414) VULNWATCH 20030224 Terminal Emulator Security Issues OSVDB 8347 BUGTRAQ 20030224 Terminal Emulator Security Issues The PuTTY terminal emulator 0.53 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. cpe:/a:hanterm:hanterm-xf:2.0.5 CVE-2003-0077 2003-03-18T00:00:00.000-05:00 2008-09-05T16:33:24.600-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS XF terminal-emulator-window-title(11414) VULNWATCH 20030224 Terminal Emulator Security Issues REDHAT RHSA-2003:071 REDHAT RHSA-2003:070 OSVDB 4917 BUGTRAQ 20030224 Terminal Emulator Security Issues The hanterm (hanterm-xf) terminal emulator 2.0.5 and earlier, and possibly later versions, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. cpe:/a:clearswift:mailsweeper:4.3 cpe:/a:clearswift:mailsweeper:4.2 cpe:/a:clearswift:mailsweeper:4.1 cpe:/a:clearswift:mailsweeper:4.0 CVE-2003-0121 2003-03-18T00:00:00.000-05:00 2008-09-05T16:33:32.257-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS BID 7044 BUGTRAQ 20030307 Corsaire Security Advisory - Clearswift MAILsweeper MIME attachment evasion issue BUGTRAQ 20030326 RE: Corsaire Security Advisory - Clearswift MAILsweeper MIME attachment evasion issue Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment that does not specify a MIME-Version header field, which is processed by some mail clients. cpe:/a:ibm:lotus_domino:5.0.8 cpe:/a:ibm:lotus_notes_client:5.0.10 cpe:/a:ibm:lotus_notes_client:5.0.11 cpe:/a:ibm:lotus_domino:5.0.5 cpe:/a:ibm:lotus_domino:5.0.11 cpe:/a:ibm:lotus_domino:5.0.10 cpe:/a:ibm:lotus_domino:5.0.6 cpe:/a:ibm:lotus_notes_client:5.0.9a cpe:/a:ibm:lotus_domino:5.0 cpe:/a:ibm:lotus_domino:5.0.9 cpe:/a:ibm:lotus_domino:5.0.3 cpe:/a:ibm:lotus_domino:5.0.1 cpe:/a:ibm:lotus_domino:5.0.2 cpe:/a:ibm:lotus_domino:5.0.6a cpe:/a:ibm:lotus_notes_client:5.0 cpe:/a:ibm:lotus_domino:5.0.4a cpe:/a:ibm:lotus_domino:5.0.8a cpe:/a:ibm:lotus_domino:5.0.8:::french cpe:/a:ibm:lotus_domino:5.0.7::solaris cpe:/a:ibm:lotus_notes_client:5.0.3 cpe:/a:ibm:lotus_notes_client:5.0.2 cpe:/a:ibm:lotus_notes_client:5.0.1 cpe:/a:ibm:lotus_domino:4.6.4 cpe:/a:ibm:lotus_domino:4.6.3 cpe:/a:ibm:lotus_notes_client:5.0.5 cpe:/a:ibm:lotus_domino:4.6.1 cpe:/a:ibm:lotus_notes_client:5.0.4 cpe:/a:ibm:lotus_domino:5.0.5:::french cpe:/a:ibm:lotus_domino:5.0.4::solaris cpe:/a:ibm:lotus_domino:5.0.7a cpe:/a:ibm:lotus_notes_client:r5 cpe:/a:ibm:lotus_domino:5.0.9a CVE-2003-0122 2003-03-18T00:00:00.000-05:00 2008-09-05T16:33:32.410-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CERT-VN VU#433489 CERT CA-2003-11 BID 7037 CONFIRM http://www-1.ibm.com/support/docview.wss?rs=482&q=Domino&uid=swg21105101 BUGTRAQ 20030313 R7-0010: Buffer Overflow in Lotus Notes Protocol Authentication MISC http://www.rapid7.com/advisories/R7-0010.html XF lotus-nrpc-bo(11526) CIAC N-065 VULNWATCH 20030313 R7-0010: Buffer Overflow in Lotus Notes Protocol Authentication Buffer overflow in Notes server before Lotus Notes R4, R5 before 5.0.11, and early R6 allows remote attackers to execute arbitrary code via a long distinguished name (DN) during NotesRPC authentication and an outer field length that is less than that of the DN field. cpe:/a:ibm:lotus_domino:5.0.8 cpe:/a:ibm:lotus_notes_client:5.0.10 cpe:/a:ibm:lotus_notes_client:5.0.11 cpe:/a:ibm:lotus_domino:5.0.5 cpe:/a:ibm:lotus_domino:5.0.11 cpe:/a:ibm:lotus_domino:5.0.10 cpe:/a:ibm:lotus_domino:5.0.6 cpe:/a:ibm:lotus_notes_client:5.0.9a cpe:/a:ibm:lotus_domino:5.0 cpe:/a:ibm:lotus_domino:5.0.9 cpe:/a:ibm:lotus_domino:5.0.3 cpe:/a:ibm:lotus_domino:5.0.1 cpe:/a:ibm:lotus_domino:5.0.2 cpe:/a:ibm:lotus_domino:5.0.6a cpe:/a:ibm:lotus_notes_client:5.0 cpe:/a:ibm:lotus_domino:5.0.4a cpe:/a:ibm:lotus_domino:5.0.8a cpe:/a:ibm:lotus_domino:5.0.8:::french cpe:/a:ibm:lotus_domino:5.0.7::solaris cpe:/a:ibm:lotus_notes_client:5.0.3 cpe:/a:ibm:lotus_notes_client:5.0.2 cpe:/a:ibm:lotus_notes_client:5.0.1 cpe:/a:ibm:lotus_domino:4.6.4 cpe:/a:ibm:lotus_domino:4.6.3 cpe:/a:ibm:lotus_notes_client:5.0.5 cpe:/a:ibm:lotus_domino:4.6.1 cpe:/a:ibm:lotus_notes_client:5.0.4 cpe:/a:ibm:lotus_domino:5.0.5:::french cpe:/a:ibm:lotus_domino:5.0.4::solaris cpe:/a:ibm:lotus_domino:5.0.7a cpe:/a:ibm:lotus_notes_client:r5 cpe:/a:ibm:lotus_domino:5.0.9a CVE-2003-0123 2003-03-18T00:00:00.000-05:00 2008-09-05T16:33:32.600-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 CERT-VN VU#411489 CERT CA-2003-11 BID 7038 CONFIRM http://www-1.ibm.com/support/docview.wss?rs=482&q=Domino&uid=swg21105060 BUGTRAQ 20030313 R7-0011: Lotus Notes/Domino Web Retriever HTTP Status Buffer Overflow MISC http://www.rapid7.com/advisories/R7-0011.html XF lotus-web-retriever-bo(11525) CIAC N-065 Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 through R6 allows remote malicious web servers to cause a denial of service (crash) via a long HTTP status line. cpe:/a:andries_brouwer:man:1.5i2 cpe:/a:andries_brouwer:man:1.5h1 cpe:/a:andries_brouwer:man:1.5i cpe:/a:andries_brouwer:man:1.5j cpe:/a:andries_brouwer:man:1.5k CVE-2003-0124 2003-03-18T00:00:00.000-05:00 2008-09-05T16:33:32.803-04:00 4.6 LOCAL LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_USER_ACCESS BID 7066 BUGTRAQ 20030311 Vulnerability in man < 1.5l XF man-myxsprintf-code-execution(11512) REDHAT RHSA-2003:134 REDHAT RHSA-2003:133 GENTOO GLSA-200303-13 CONECTIVA CLSA-2003:620 man before 1.5l allows attackers to execute arbitrary code via a malformed man file with improper quotes, which causes the my_xsprintf function to return a string with the value "unsafe," which is then executed as a program via a system call if it is in the search path of the user who runs man. cpe:/h:multitech:routefinder_550_vpn:4.63 CVE-2003-0125 2003-03-18T00:00:00.000-05:00 2008-09-05T16:33:32.957-04:00 5.0 NETWORK LOW NONE NONE NONE PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 MISC http://www.krusesecurity.dk/advisories/routefind550bof.txt CONFIRM ftp://ftp.multitech.com/Routers/RF550VPN.TXT XF routefinder-vpn-options-bo(11514) BID 7067 Buffer overflow in the web interface for SOHO Routefinder 550 before firmware 4.63 allows remote attackers to cause a denial of service (reboot) and execute arbitrary code via a long GET /OPTIONS value. cpe:/h:multitech:routefinder_550_vpn:4.63 cpe:/h:multitech:routefinder_550_vpn:4.64_beta CVE-2003-0126 2003-03-18T00:00:00.000-05:00 2008-09-05T16:33:33.083-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 ALLOWS_OTHER_ACCESS MISC http://www.krusesecurity.dk/advisories/routefind550bof.txt The web interface for SOHO Routefinder 550 firmware 4.63 and earlier, and possibly later versions, has a default "admin" account with a blank password, which could allow attackers on the LAN side to conduct unauthorized activities. cpe:/a:peoplesoft:peopletools:8.10 cpe:/a:peoplesoft:peopletools:8.11 cpe:/a:peoplesoft:peopletools:8.12 cpe:/a:peoplesoft:peopletools:8.13 cpe:/a:peoplesoft:peopletools:8.14 cpe:/a:peoplesoft:peopletools:8.15 cpe:/a:peoplesoft:peopletools:8.16 cpe:/a:peoplesoft:peopletools:8.17 cpe:/a:peoplesoft:peopletools:8.40 cpe:/a:peoplesoft:peopletools:8.18 cpe:/a:peoplesoft:peopletools:8.41 CVE-2003-0104 2003-03-18T00:00:00.000-05:00 2008-09-05T16:33:29.537-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2004-01-01T00:00:00.000-05:00 BID 7053 XF peoplesoft-schedulertransfer-create-files(10962) ISS 20030310 PeopleSoft PeopleTools Remote Command Execution Vulnerability Directory