cpe:/o:linux:linux_kernel:2.4.16 cpe:/o:linux:linux_kernel:2.4.1 cpe:/o:microsoft:windows_2000::sp1:datacenter_server cpe:/o:linux:linux_kernel:2.4.6 cpe:/o:netbsd:netbsd:1.5.3 cpe:/o:linux:linux_kernel:2.4.17 cpe:/o:linux:linux_kernel:2.4.14 cpe:/o:linux:linux_kernel:2.4.7 cpe:/o:netbsd:netbsd:1.5 cpe:/o:freebsd:freebsd:4.6 cpe:/o:linux:linux_kernel:2.4.10 cpe:/o:linux:linux_kernel:2.4.11 cpe:/o:microsoft:windows_2000::sp2:advanced_server cpe:/o:linux:linux_kernel:2.4.4 cpe:/o:netbsd:netbsd:1.5.2 cpe:/o:linux:linux_kernel:2.4.13 cpe:/o:microsoft:windows_2000::sp2:professional cpe:/o:microsoft:windows_2000:::advanced_server cpe:/o:microsoft:windows_2000_terminal_services::sp1 cpe:/o:linux:linux_kernel:2.4.19 cpe:/o:microsoft:windows_2000:::professional cpe:/o:netbsd:netbsd:1.5.1 cpe:/o:freebsd:freebsd:4.7 cpe:/o:linux:linux_kernel:2.4.9 cpe:/o:linux:linux_kernel:2.4.8 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:microsoft:windows_2000::sp1:professional cpe:/o:freebsd:freebsd:4.2 cpe:/o:microsoft:windows_2000:::datacenter_server cpe:/o:freebsd:freebsd:4.4 cpe:/o:linux:linux_kernel:2.4.5 cpe:/o:microsoft:windows_2000::sp1:server cpe:/o:netbsd:netbsd:1.6 cpe:/o:microsoft:windows_2000_terminal_services::sp2 cpe:/o:microsoft:windows_2000::sp2:datacenter_server cpe:/o:linux:linux_kernel:2.4.12 cpe:/o:microsoft:windows_2000:::server cpe:/o:microsoft:windows_2000::sp1:advanced_server cpe:/o:freebsd:freebsd:4.3 cpe:/o:microsoft:windows_2000::sp2:server cpe:/o:freebsd:freebsd:4.5 cpe:/o:linux:linux_kernel:2.4.15 cpe:/o:microsoft:windows_2000_terminal_services cpe:/o:linux:linux_kernel:2.4.2 cpe:/o:linux:linux_kernel:2.4.3

CVE-2003-0001

2003-01-17T00:00:00.000-05:00

2008-09-10T15:17:21.290-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

CERT-VN VU#412115 REDHAT RHSA-2003:025 MISC http://www.atstake.com/research/advisories/2003/atstake_etherleak_report.pdf ATSTAKE A010603-1 BUGTRAQ 20030110 More information regarding Etherleak VULNWATCH 20030110 More information regarding Etherleak BUGTRAQ 20030117 Re: More information regarding Etherleak BUGTRAQ 20030106 Etherleak: Ethernet frame padding information leakage (A010603-1) REDHAT RHSA-2003:088 OSVDB 9962 SECUNIA 7996 Multiple ethernet Network Interface Card (NIC) device drivers do not pad frames with null bytes, which allows remote attackers to obtain information from previous packets or kernel memory by using malformed packets, as demonstrated by Etherleak.

cpe:/a:microsoft:content_management_server:2001:sp1 cpe:/a:microsoft:content_management_server:2001

CVE-2003-0002

2003-02-07T00:00:00.000-05:00

2008-09-10T20:05:22.087-04:00

6.8

NETWORK

MEDIUM

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

MS MS03-002 XF mcms-manuallogin-reasontxt-xss (10318) BUGTRAQ 20021007 CSS on Microsoft Content Management Server BID 5922 Cross-site scripting vulnerability (XSS) in ManualLogin.asp script for Microsoft Content Management Server (MCMS) 2001 allows remote attackers to execute arbitrary script via the REASONTXT parameter.

cpe:/o:microsoft:windows_nt:4.0:sp1:server cpe:/o:microsoft:windows_2000_terminal_services::sp3 cpe:/o:microsoft:windows_nt:4.0::server cpe:/o:microsoft:windows_2000::sp1:datacenter_server cpe:/o:microsoft:windows_nt:4.0:sp5:workstation cpe:/o:microsoft:windows_nt:4.0:sp3:workstation cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_nt:4.0::enterprise_server cpe:/o:microsoft:windows_2000::sp2:advanced_server cpe:/o:microsoft:windows_2000::sp2:professional cpe:/o:microsoft:windows_nt:4.0:sp1:workstation cpe:/o:microsoft:windows_2000_terminal_services::sp1 cpe:/o:microsoft:windows_nt:4.0:sp4:workstation cpe:/o:microsoft:windows_2000:::professional cpe:/o:microsoft:windows_nt:4.0:sp5:enterprise_server cpe:/o:microsoft:windows_xp::sp1:home cpe:/o:microsoft:windows_nt:4.0:sp6a:server cpe:/o:microsoft:windows_2000::sp1:professional cpe:/o:microsoft:windows_nt:4.0:sp6:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp2:enterprise_server cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_nt:4.0:sp2:server cpe:/o:microsoft:windows_nt:4.0:sp3:server cpe:/o:microsoft:windows_nt:4.0:sp4:enterprise_server cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_nt:4.0:sp4:terminal_server cpe:/o:microsoft:windows_2000_terminal_services::sp2 cpe:/o:microsoft:windows_2000::sp2:datacenter_server cpe:/o:microsoft:windows_2000:::server cpe:/o:microsoft:windows_nt:4.0:sp6:server cpe:/o:microsoft:windows_nt:4.0:sp1:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp3:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp4:server cpe:/o:microsoft:windows_2000_terminal_services cpe:/o:microsoft:windows_nt:4.0::terminal_server cpe:/o:microsoft:windows_nt:4.0:sp1:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6a:enterprise_server cpe:/o:microsoft:windows_2000::sp3:datacenter_server cpe:/o:microsoft:windows_nt:4.0:sp6a:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6a:workstation cpe:/o:microsoft:windows_nt:4.0:sp6:enterprise_server cpe:/o:microsoft:windows_2000::sp3:server cpe:/o:microsoft:windows_2000:::advanced_server cpe:/o:microsoft:windows_nt:4.0:sp2:workstation cpe:/o:microsoft:windows_nt:4.0:sp3:enterprise_server cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_2000:::datacenter_server cpe:/o:microsoft:windows_2000::sp3:professional cpe:/o:microsoft:windows_2000::sp1:server cpe:/o:microsoft:windows_2000::sp3:advanced_server cpe:/o:microsoft:windows_2000::sp1:advanced_server cpe:/o:microsoft:windows_nt:4.0:sp5:server cpe:/o:microsoft:windows_nt:4.0::workstation cpe:/o:microsoft:windows_2000:::server:jp cpe:/o:microsoft:windows_nt:4.0:sp5:terminal_server cpe:/o:microsoft:windows_2000::sp2:server cpe:/o:microsoft:windows_nt:4.0:sp6:workstation cpe:/o:microsoft:windows_nt:4.0:sp2:terminal_server

CVE-2003-0003

2003-02-07T00:00:00.000-05:00

2008-09-10T20:05:22.163-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

CERT-VN VU#610986 CERT CA-2003-03 MS MS03-001 XF win-locator-bo(11132) BID 6666 NTBUGTRAQ 20030130 Microsoft RPC Locator Buffer Overflow Vulnerability (#NISR29012003) BUGTRAQ 20030130 Microsoft RPC Locator Buffer Overflow Vulnerability (#NISR29012003) Buffer overflow in the RPC Locator service for Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows local users to execute arbitrary code via an RPC call to the service containing certain parameter information.

cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_xp::sp1:home cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_xp::gold:professional

CVE-2003-0004

2003-02-19T00:00:00.000-05:00

2008-09-10T20:05:22.243-04:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

MS MS03-005 BID 6778 XF winxp-windows-redirector-bo(11260) BUGTRAQ 20030327 NSFOCUS SA2003-01: Microsoft Windows XP Redirector Local Buffer Overflow Vulnerability VULNWATCH 20030327 NSFOCUS SA2003-01: Microsoft Windows XP Redirector Local Buffer Overflow Vulnerability Buffer overflow in the Windows Redirector function in Microsoft Windows XP allows local users to execute arbitrary code via a long parameter.

cpe:/a:microsoft:outlook:2002:sp1 cpe:/a:microsoft:outlook:2002 cpe:/a:microsoft:outlook:2002:sp2

CVE-2003-0007

2003-02-07T00:00:00.000-05:00

2008-09-10T20:05:22.320-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

MS MS03-003 XF outlook-v1-certificate-plaintext(11133) BID 6667 Microsoft Outlook 2002 does not properly handle requests to encrypt email messages with V1 Exchange Server Security certificates, which causes Outlook to send the email in plaintext, aka "Flaw in how Outlook 2002 handles V1 Exchange Server Security Certificates could lead to Information Disclosure."

cpe:/o:microsoft:windows_me cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_xp::gold:professional

CVE-2003-0009

2003-03-07T00:00:00.000-05:00

2008-09-05T16:33:12.833-04:00

6.8

NETWORK

MEDIUM

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

CERT-VN VU#489721 BID 6966 MS MS03-006 BUGTRAQ 20030227 MS-Windows ME IE/Outlook/HelpCenter critical vulnerability XF winme-hsc-hcp-bo(11425) OSVDB 6074 CIAC N-047 Cross-site scripting (XSS) vulnerability in Help and Support Center for Microsoft Windows Me allows remote attackers to execute arbitrary script in the Local Computer security context via an hcp:// URL with the malicious script in the topic parameter.

cpe:/o:microsoft:windows_nt:4.0:sp1:server cpe:/o:microsoft:windows_2000_terminal_services::sp3 cpe:/o:microsoft:windows_me cpe:/o:microsoft:windows_98::gold cpe:/o:microsoft:windows_2000::sp1:datacenter_server cpe:/o:microsoft:windows_nt:4.0::server cpe:/o:microsoft:windows_nt:4.0:sp5:workstation cpe:/o:microsoft:windows_nt:4.0:sp3:workstation cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_nt:4.0::enterprise_server cpe:/o:microsoft:windows_2000::sp2:advanced_server cpe:/o:microsoft:windows_2000::sp2:professional cpe:/o:microsoft:windows_nt:4.0:sp1:workstation cpe:/o:microsoft:windows_2000_terminal_services::sp1 cpe:/o:microsoft:windows_nt:4.0:sp4:workstation cpe:/o:microsoft:windows_2000:::professional cpe:/o:microsoft:windows_nt:4.0:sp5:enterprise_server cpe:/o:microsoft:windows_xp::sp1:home cpe:/o:microsoft:windows_nt:4.0:sp6a:server cpe:/o:microsoft:windows_98se cpe:/o:microsoft:windows_2000::sp1:professional cpe:/o:microsoft:windows_nt:4.0:sp6:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp2:enterprise_server cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_nt:4.0:sp2:server cpe:/o:microsoft:windows_nt:4.0:sp3:server cpe:/o:microsoft:windows_nt:4.0:sp4:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp4:terminal_server cpe:/o:microsoft:windows_2000_terminal_services::sp2 cpe:/o:microsoft:windows_2000::sp2:datacenter_server cpe:/o:microsoft:windows_2000:::server cpe:/o:microsoft:windows_nt:4.0:sp6:server cpe:/o:microsoft:windows_nt:4.0:sp1:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp3:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp4:server cpe:/o:microsoft:windows_2000_terminal_services cpe:/o:microsoft:windows_nt:4.0::terminal_server cpe:/o:microsoft:windows_nt:4.0:sp1:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6a:enterprise_server cpe:/o:microsoft:windows_2000::sp3:datacenter_server cpe:/o:microsoft:windows_nt:4.0:sp6a:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6a:workstation cpe:/o:microsoft:windows_nt:4.0:sp6:enterprise_server cpe:/o:microsoft:windows_2000::sp3:server cpe:/o:microsoft:windows_2000:::advanced_server cpe:/o:microsoft:windows_nt:4.0:sp2:workstation cpe:/o:microsoft:windows_nt:4.0:sp3:enterprise_server cpe:/o:microsoft:windows_2000:::datacenter_server cpe:/o:microsoft:windows_2000::sp3:professional cpe:/o:microsoft:windows_2000::sp1:server cpe:/o:microsoft:windows_2000::sp3:advanced_server cpe:/o:microsoft:windows_2000::sp1:advanced_server cpe:/o:microsoft:windows_nt:4.0:sp5:server cpe:/o:microsoft:windows_nt:4.0::workstation cpe:/o:microsoft:windows_nt:4.0:sp5:terminal_server cpe:/o:microsoft:windows_2000::sp2:server cpe:/o:microsoft:windows_nt:4.0:sp6:workstation cpe:/o:microsoft:windows_nt:4.0:sp2:terminal_server

CVE-2003-0010

2003-03-24T00:00:00.000-05:00

2008-09-10T15:17:22.197-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

BID 7146 MS MS03-008 BUGTRAQ 20030319 iDEFENSE Security Advisory 03.19.03: Heap Overflow in Windows Script Engine VULNWATCH 20030319 Windows Scripting Engine issue IDEFENSE 20030319 Heap Overflow in Windows Script Engine Integer overflow in JsArrayFunctionHeapSort function used by Windows Script Engine for JScript (JScript.dll) on various Windows operating system allows remote attackers to execute arbitrary code via a malicious web page or HTML e-mail that uses a large array index value that enables a heap-based buffer overflow attack.

cpe:/a:microsoft:isa_server:2000 cpe:/a:microsoft:isa_server:2000:sp1

CVE-2003-0011

2003-03-24T00:00:00.000-05:00

2008-09-05T16:33:13.273-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

BID 7145 MS MS03-009 Unknown vulnerability in the DNS intrusion detection application filter for Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a denial of service (blocked traffic to DNS servers) via a certain type of incoming DNS request that is not properly handled.

cpe:/a:mozilla:bugzilla:2.16.1 cpe:/a:mozilla:bugzilla:2.14.2 cpe:/a:mozilla:bugzilla:2.17 cpe:/a:mozilla:bugzilla:2.14 cpe:/a:mozilla:bugzilla:2.14.4 cpe:/a:mozilla:bugzilla:2.17.1 cpe:/a:mozilla:bugzilla:2.16 cpe:/a:mozilla:bugzilla:2.14.3 cpe:/a:mozilla:bugzilla:2.14.1

CVE-2003-0012

2003-01-17T00:00:00.000-05:00

2008-09-10T20:05:22.617-04:00

2.1

LOCAL

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

BUGTRAQ 20030102 [BUGZILLA] Security Advisory - remote database password disclosure XF bugzilla-mining-world-writable(10971) BID 6502 REDHAT RHSA-2003:012 DEBIAN DSA-230 The data collection script for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 sets world-writable permissions for the data/mining directory when it runs, which allows local users to modify or delete the data.

CVE-2003-0013

2003-01-17T00:00:00.000-05:00

2008-09-10T20:05:22.697-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

DEBIAN DSA-230 BUGTRAQ 20030102 [BUGZILLA] Security Advisory - remote database password disclosure BID 6501 OSVDB 6351 XF bugzilla-htaccess-database-password(10970) The default .htaccess scripts for Bugzilla 2.14.x before 2.14.5, 2.16.x before 2.16.2, and 2.17.x before 2.17.3 do not include filenames for backup copies of the localconfig file that are made from editors such as vi and Emacs, which could allow remote attackers to obtain a database password by directly accessing the backup file.

cpe:/a:bmv:bmv:1.2

CVE-2003-0014

2003-01-11T00:00:00.000-05:00

2008-09-05T16:33:13.773-04:00

4.6

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2005-05-25T12:12:00.000-04:00

XF bmv-symlink(18823) BID 12229 DEBIAN DSA-633 CONFIRM http://packages.debian.org/changelogs/pool/main/b/bmv/bmv_1.2-14.2/changelog SECTRACK 1012847 SECUNIA 13796 SECUNIA 13793 gsinterf.c in bmv 1.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.

cpe:/o:freebsd:freebsd:4.4 cpe:/a:cvs:cvs:1.10.8 cpe:/o:freebsd:freebsd:4.5 cpe:/a:cvs:cvs:1.10.7 cpe:/a:cvs:cvs:1.11.1p1 cpe:/o:freebsd:freebsd:5.0 cpe:/o:freebsd:freebsd:4.7 cpe:/a:cvs:cvs:1.11 cpe:/a:cvs:cvs:1.11.2 cpe:/o:freebsd:freebsd:4.6 cpe:/a:cvs:cvs:1.11.1 cpe:/a:cvs:cvs:1.11.3 cpe:/a:cvs:cvs:1.11.4

CVE-2003-0015

2003-02-07T00:00:00.000-05:00

2008-09-10T20:05:22.960-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

CERT-VN VU#650937 CERT CA-2003-02 MISC http://security.e-matters.de/advisories/012003.html REDHAT RHSA-2003:013 XF cvs-doublefree-memory-corruption(11108) BID 6650 REDHAT RHSA-2003:012 MANDRAKE MDKSA-2003:009 DEBIAN DSA-233 CIAC N-032 FREEBSD FreeBSD-SA-03:01 BUGTRAQ 20030202 Exploit for CVS double free() for Linux pserver BUGTRAQ 20030124 Test program for CVS double-free. BUGTRAQ 20030122 [security@slackware.com: [slackware-security] New CVS packages available] CONFIRM http://ccvs.cvshome.org/servlets/NewsItemView?newsID=51&JServSessionIdservlets=5of2iuhr14 VULNWATCH 20030120 Advisory 01/2003: CVS remote vulnerability Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands.

cpe:/a:apache:http_server:2.0.43 cpe:/a:apache:http_server:2.0.39 cpe:/a:apache:http_server:2.0.41 cpe:/a:apache:http_server:2.0.36 cpe:/a:apache:http_server:2.0.40 cpe:/a:apache:http_server:2.0.42 cpe:/a:apache:http_server:2.0.37 cpe:/a:apache:http_server:2.0.38

CVE-2003-0016

2003-02-07T00:00:00.000-05:00

2008-09-10T20:05:23.040-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

CERT-VN VU#979793 CERT-VN VU#825177 MLIST [apache-httpd-announce] 20030120 [ANNOUNCE] Apache 2.0.44 Released CONFIRM http://www.apacheweek.com/issues/03-01-24#security XF apache-device-code-execution(11125) XF apache-device-name-dos(11124) BID 6659 Apache before 2.0.44, when running on unpatched Windows 9x and Me operating systems, allows remote attackers to cause a denial of service or execute arbitrary code via an HTTP request containing MS-DOS device names.

CVE-2003-0017

2003-02-07T00:00:00.000-05:00

2008-09-10T15:17:23.493-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

CONFIRM http://marc.theaimsgroup.com/?l=apache-httpd-announce&m=104313442901017&w=2 Apache 2.0 before 2.0.44 on Windows platforms allows remote attackers to obtain certain files via an HTTP request that ends in certain illegal characters such as ">", which causes a different filename to be processed and served.

cpe:/o:linux:linux_kernel:2.4.16 cpe:/o:linux:linux_kernel:2.4.13 cpe:/o:linux:linux_kernel:2.4.19 cpe:/o:linux:linux_kernel:2.4.17 cpe:/o:linux:linux_kernel:2.4.14 cpe:/o:linux:linux_kernel:2.4.15 cpe:/o:linux:linux_kernel:2.4.10 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel:2.4.11 cpe:/o:linux:linux_kernel:2.4.12

CVE-2003-0018

2003-02-19T00:00:00.000-05:00

2008-09-10T20:05:23.477-04:00

3.6

LOCAL

LOW

NONE

PARTIAL

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

REDHAT RHSA-2003:025 DEBIAN DSA-423 XF linux-odirect-information-leak(11249) BID 6763 MANDRAKE MDKSA-2003:014 DEBIAN DSA-358 CONFIRM http://linux.bkbits.net:8080/linux-2.4/cset@3e2f193drGJDBg9SG6JwaDQwCBnAMQ Linux kernel 2.4.10 through 2.4.21-pre4 does not properly handle the O_DIRECT feature, which allows local attackers with write privileges to read portions of previously deleted files, or cause file system corruption.

cpe:/o:redhat:linux:8.0::i386

CVE-2003-0019

2003-02-19T00:00:00.000-05:00

2008-09-10T20:05:23.557-04:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

CERT-VN VU#134025 REDHAT RHSA-2003:056 XF linux-umlnet-gain-privileges(11276) BID 6801 CIAC N-044 uml_net in the kernel-utils package for Red Hat Linux 8.0 has incorrect setuid root privileges, which allows local users to modify network interfaces, e.g. by modifying ARP entries or placing interfaces into promiscuous mode.

cpe:/a:apache:http_server

CVE-2003-0020

2003-03-18T00:00:00.000-05:00

2008-09-05T16:33:14.803-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

BID 9930 XF apache-esc-seq-injection(11412) BUGTRAQ 20030224 Terminal Emulator Security Issues TRUSTIX 2004-0027 TRUSTIX 2004-0017 SLACKWARE SSA:2004-133 REDHAT RHSA-2003:244 REDHAT RHSA-2003:243 REDHAT RHSA-2003:139 REDHAT RHSA-2003:104 REDHAT RHSA-2003:083 REDHAT RHSA-2003:082 MANDRAKE MDKSA-2003:050 SUNALERT 57628 SUNALERT 101555 GENTOO GLSA-200405-22 HP SSRT4717 BUGTRAQ 20040512 [OpenPKG-SA-2004.021] OpenPKG Security Advisory (apache) APPLE APPLE-SA-2004-05-03 MANDRAKE MDKSA-2004:046 VULNWATCH 20030224 Terminal Emulator Security Issues Apache does not filter terminal escape sequences from its error logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences.

cpe:/a:michael_jennings:eterm:0.8.10 cpe:/a:michael_jennings:eterm:0.9.1

CVE-2003-0021

2003-03-03T00:00:00.000-05:00

2008-09-10T20:05:23.727-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

XF terminal-emulator-screen-dump(11413) VULNWATCH 20030224 Terminal Emulator Security Issues BID 6936 MANDRAKE MDKSA-2003:040 BUGTRAQ 20030224 Terminal Emulator Security Issues The "screen dump" feature in Eterm 0.9.1 and earlier allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence.

cpe:/a:rxvt:rxvt:2.7.8 cpe:/a:rxvt:rxvt:2.7.5 cpe:/a:rxvt:rxvt:2.6.2 cpe:/a:rxvt:rxvt:2.7.6 cpe:/a:rxvt:rxvt:2.6.3 cpe:/a:rxvt:rxvt:2.6.1 cpe:/a:rxvt:rxvt:2.7.7 cpe:/a:rxvt:rxvt:2.6.4

CVE-2003-0022

2003-03-03T00:00:00.000-05:00

2008-09-10T20:05:23.807-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

XF terminal-emulator-screen-dump(11413) VULNWATCH 20030224 Terminal Emulator Security Issues BID 6938 REDHAT RHSA-2003:055 REDHAT RHSA-2003:054 MANDRAKE MDKSA-2003:034 BUGTRAQ 20030224 Terminal Emulator Security Issues The "screen dump" feature in rxvt 2.7.8 allows attackers to overwrite arbitrary files via a certain character escape sequence when it is echoed to a user's terminal, e.g. when the user views a file containing the malicious sequence.

cpe:/a:rxvt:rxvt:2.7.8 cpe:/a:rxvt:rxvt:2.7.5 cpe:/a:rxvt:rxvt:2.6.2 cpe:/a:rxvt:rxvt:2.7.6 cpe:/a:rxvt:rxvt:2.6.3 cpe:/a:rxvt:rxvt:2.6.1 cpe:/a:rxvt:rxvt:2.7.7 cpe:/a:rxvt:rxvt:2.6.4

CVE-2003-0023

2003-03-03T00:00:00.000-05:00

2008-09-10T20:05:23.867-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

XF terminal-emulator-menu-modification(11416) VULNWATCH 20030224 Terminal Emulator Security Issues BID 6947 REDHAT RHSA-2003:055 REDHAT RHSA-2003:054 MANDRAKE MDKSA-2003:034 BUGTRAQ 20030224 Terminal Emulator Security Issues The menuBar feature in rxvt 2.7.8 allows attackers to modify menu options and execute arbitrary commands via a certain character escape sequence that inserts the commands into the menu.

cpe:/a:aterm:aterm:0.42

CVE-2003-0024

2003-03-03T00:00:00.000-05:00

2008-09-10T20:05:23.947-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

XF terminal-emulator-menu-modification(11416) VULNWATCH 20030224 Terminal Emulator Security Issues BID 6949 BUGTRAQ 20030224 Terminal Emulator Security Issues The menuBar feature in aterm 0.42 allows attackers to modify menu options and execute arbitrary commands via a certain character escape sequence that inserts the commands into the menu.

cpe:/a:horde:imp:2.2.2 cpe:/a:horde:imp:2.2.3 cpe:/a:horde:imp:2.2.1 cpe:/a:horde:imp:2.2.8 cpe:/a:horde:imp:2.2.6 cpe:/a:horde:imp:2.2.7 cpe:/a:horde:imp:2.2 cpe:/a:horde:imp:2.2.5 cpe:/a:horde:imp:2.2.4

CVE-2003-0025

2003-01-17T00:00:00.000-05:00

2008-09-10T20:05:24.023-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

DEBIAN DSA-229 BUGTRAQ 20030108 IMP 2.x SQL injection vulnerabilities SECTRACK 1005904 BID 6559 BUGTRAQ 20030108 Re: IMP 2.x SQL injection vulnerabilities SECUNIA 8177 SECUNIA 8087 Multiple SQL injection vulnerabilities in IMP 2.2.8 and earlier allow remote attackers to perform unauthorized database activities and possibly gain privileges via certain database functions such as check_prefs() in db.pgsql, as demonstrated using mailbox.php3.

cpe:/a:isc:dhcpd:3.0.1:rc6 cpe:/a:isc:dhcpd:3.0.1:rc3 cpe:/a:isc:dhcpd:3.0.1:rc5 cpe:/a:isc:dhcpd:3.0.1:rc1 cpe:/a:isc:dhcpd:3.0.1:rc8 cpe:/a:isc:dhcpd:3.0.1:rc4 cpe:/a:isc:dhcpd:3.0.1:rc7 cpe:/a:isc:dhcpd:3.0 cpe:/a:isc:dhcpd:3.0.1:rc2

CVE-2003-0026

2003-01-17T00:00:00.000-05:00

2011-03-07T21:11:57.250-05:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

CERT-VN VU#284857 CERT CA-2003-01 REDHAT RHSA-2003:011 DEBIAN DSA-231 SUSE SuSE-SA:2003:0006 XF dhcpd-minires-multiple-bo(11073) SUSE SuSE-SA:2003:0006 SECTRACK 1005924 BID 6627 OPENPKG OpenPKG-SA-2003.002 MANDRAKE MDKSA-2003:007 CIAC N-031 CONECTIVA CLA-2003:562 BUGTRAQ 20030122 [securityslackware.com: [slackware-security] New DHCP packages available] Multiple stack-based buffer overflows in the error handling routines of the minires library, as used in the NSUPDATE capability for ISC DHCPD 3.0 through 3.0.1RC10, allow remote attackers to execute arbitrary code via a DHCP message containing a long hostname.

cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:8.0 cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:7.0 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:2.6::x86 cpe:/o:sun:solaris:9.0:x86_update_2 cpe:/o:sun:solaris:2.5.1::x86 cpe:/o:sun:solaris:2.5.1

CVE-2003-0027

2003-02-07T00:00:00.000-05:00

2008-09-10T20:05:24.493-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

CERT-VN VU#850785 MISC http://www.entercept.com/news/uspr/01-22-03.asp XF solaris-kcms-directory-traversal(11129) BID 6665 SUNALERT 50104 BUGTRAQ 20030122 Entercept Ricochet Advisory: Sun Solaris KCMS Library Service Daemon Arbitrary File Retrieval Vulner Directory traversal vulnerability in Sun Kodak Color Management System (KCMS) library service daemon (kcms_server) allows remote attackers to read arbitrary files via the KCS_OPEN_PROFILE procedure.

cpe:/a:openafs:openafs:1.1.1a cpe:/a:mit:kerberos:5-1.2.7 cpe:/o:hp:hp-ux:10.24 cpe:/o:sgi:irix:6.5.4m cpe:/o:openbsd:openbsd:3.0 cpe:/o:freebsd:freebsd:4.6.2 cpe:/o:freebsd:freebsd:5.0 cpe:/a:gnu:glibc:2.1.2 cpe:/o:freebsd:freebsd:4.6:stable cpe:/o:ibm:aix:5.1 cpe:/a:mit:kerberos:5-1.2.4 cpe:/a:gnu:glibc:2.2.5 cpe:/a:openafs:openafs:1.0.4a cpe:/o:openbsd:openbsd:2.9 cpe:/a:gnu:glibc:2.2.4 cpe:/o:openbsd:openbsd:2.6 cpe:/o:sgi:irix:6.5.16 cpe:/o:freebsd:freebsd:4.1.1:stable cpe:/o:hp:hp-ux:10.20 cpe:/o:sgi:irix:6.5.5f cpe:/o:sgi:irix:6.5.9f cpe:/o:sgi:irix:6.5.6f cpe:/o:openbsd:openbsd:3.1 cpe:/o:sgi:irix:6.5.3f cpe:/a:gnu:glibc:2.2 cpe:/o:sgi:irix:6.5.12f cpe:/a:openafs:openafs:1.1.1 cpe:/o:sgi:irix:6.5.5 cpe:/o:hp:hp-ux:11.22 cpe:/o:freebsd:freebsd:4.6:release cpe:/o:freebsd:freebsd:4.5:stable cpe:/a:gnu:glibc:2.3 cpe:/a:gnu:glibc:2.2.3 cpe:/o:freebsd:freebsd:4.5 cpe:/a:mit:kerberos:5-1.2 cpe:/a:openafs:openafs:1.0.1 cpe:/o:sgi:irix:6.5.8f cpe:/o:freebsd:freebsd:4.7:release cpe:/o:freebsd:freebsd:4.3:stable cpe:/o:sgi:irix:6.5.20 cpe:/o:freebsd:freebsd:4.2:stable cpe:/o:freebsd:freebsd:4.3:release cpe:/o:sgi:irix:6.5.17f cpe:/o:hp:hp-ux:11.00 cpe:/o:sgi:irix:6.5.15f cpe:/o:sun:solaris:2.6 cpe:/o:cray:unicos:9.0 cpe:/a:openafs:openafs:1.0.4 cpe:/a:openafs:openafs:1.2 cpe:/o:freebsd:freebsd:4.6 cpe:/o:sgi:irix:6.5.13 cpe:/o:sun:solaris:2.5.1 cpe:/a:openafs:openafs:1.3.2 cpe:/a:gnu:glibc:2.1.1 cpe:/o:sun:solaris:9.0::sparc cpe:/o:openbsd:openbsd:2.3 cpe:/o:openbsd:openbsd:2.5 cpe:/o:sgi:irix:6.5.11 cpe:/a:mit:kerberos:5-1.2.2 cpe:/o:sgi:irix:6.5.9 cpe:/a:gnu:glibc:2.2.1 cpe:/a:mit:kerberos:5-1.2.3 cpe:/a:mit:kerberos:5-1.2.6 cpe:/a:gnu:glibc:2.1.3 cpe:/o:sgi:irix:6.5.12 cpe:/a:openafs:openafs:1.2.2b cpe:/o:freebsd:freebsd:4.7:stable cpe:/a:openafs:openafs:1.1 cpe:/a:gnu:glibc:2.3.2 cpe:/o:sun:solaris:9.0::x86 cpe:/o:freebsd:freebsd:4.5:release cpe:/o:sgi:irix:6.5.7f cpe:/a:gnu:glibc:2.2.2 cpe:/o:sgi:irix:6.5.11f cpe:/o:sgi:irix:6.5.15m cpe:/o:sgi:irix:6.5.16f cpe:/o:freebsd:freebsd:4.3 cpe:/o:openbsd:openbsd:2.8 cpe:/o:openbsd:openbsd:3.2 cpe:/o:sgi:irix:6.5.1 cpe:/o:ibm:aix:5.2 cpe:/o:sgi:irix:6.5.2 cpe:/o:sun:solaris:8.0::x86 cpe:/o:cray:unicos:9.0.2.5 cpe:/o:sun:solaris:8.0 cpe:/o:sgi:irix:6.5.16m cpe:/o:sgi:irix:6.5.11m cpe:/o:sgi:irix:6.5.10f cpe:/a:openafs:openafs:1.2.5 cpe:/o:sgi:irix:6.5.15 cpe:/o:sgi:irix:6.5.17 cpe:/o:sgi:irix:6.5.14 cpe:/a:mit:kerberos:5-1.2.1 cpe:/a:openafs:openafs:1.2.4 cpe:/o:sgi:irix:6.5.17m cpe:/o:sgi:irix:6.5.3 cpe:/o:freebsd:freebsd:4.7 cpe:/o:cray:unicos:9.2 cpe:/a:openafs:openafs:1.2.1 cpe:/a:openafs:openafs:1.2.3 cpe:/o:openbsd:openbsd:2.4 cpe:/o:freebsd:freebsd:4.2 cpe:/o:freebsd:freebsd:4.1.1:release cpe:/o:sgi:irix:6.5.6m cpe:/o:sgi:irix:6.5.8 cpe:/o:hp:hp-ux:11.04 cpe:/o:freebsd:freebsd:4.4:stable cpe:/o:hp:hp-ux:11.20 cpe:/o:sgi:irix:6.5.9m cpe:/a:openafs:openafs:1.0 cpe:/o:sgi:irix:6.5.12m cpe:/o:hp:hp-ux_series_800:10.20 cpe:/o:cray:unicos:6.1 cpe:/o:openbsd:openbsd:2.1 cpe:/o:sgi:irix:6.5.4 cpe:/o:sgi:irix:6.5.10 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:7.0 cpe:/o:sgi:irix:6.5.2f cpe:/o:cray:unicos:6.0e cpe:/a:mit:kerberos:5-1.2.5 cpe:/o:freebsd:freebsd:4.0 cpe:/o:sgi:irix:6.5.10m cpe:/o:openbsd:openbsd:2.0 cpe:/o:sgi:irix:6.5.14f cpe:/o:sgi:irix:6.5.18f cpe:/a:openafs:openafs:1.3 cpe:/a:openafs:openafs:1.2.6 cpe:/o:sgi:irix:6.5.6 cpe:/o:sgi:irix:6.5.4f cpe:/o:sgi:irix:6.5.8m cpe:/o:sgi:irix:6.5.18m cpe:/o:cray:unicos:8.3 cpe:/a:gnu:glibc:2.1 cpe:/o:sgi:irix:6.5.18 cpe:/a:openafs:openafs:1.2.2a cpe:/o:sgi:irix:6.5.2m cpe:/o:openbsd:openbsd:2.7 cpe:/o:cray:unicos:8.0 cpe:/o:sun:solaris:2.6::x86 cpe:/o:sgi:irix:6.5.14m cpe:/o:cray:unicos:7.0 cpe:/a:gnu:glibc:2.3.1 cpe:/o:sgi:irix:6.5.13m cpe:/o:hp:hp-ux_series_700:10.20 cpe:/o:freebsd:freebsd:4.4 cpe:/a:openafs:openafs:1.0.3 cpe:/o:sgi:irix:6.5.19 cpe:/o:sgi:irix:6.5.3m cpe:/o:openbsd:openbsd:2.2 cpe:/a:openafs:openafs:1.2.2 cpe:/o:cray:unicos:6.0 cpe:/a:openafs:openafs:1.3.1 cpe:/o:sgi:irix:6.5.13f cpe:/o:hp:hp-ux:11.11 cpe:/o:sgi:irix:6.5 cpe:/o:sgi:irix:6.5.7 cpe:/o:freebsd:freebsd:4.1 cpe:/o:sgi:irix:6.5.7m cpe:/o:sgi:irix:6.5.5m cpe:/o:freebsd:freebsd:4.1.1 cpe:/a:openafs:openafs:1.0.2 cpe:/o:ibm:aix:4.3.3 cpe:/o:cray:unicos:9.2.4 cpe:/o:sun:solaris:2.5.1::x86

CVE-2003-0028

2003-03-25T00:00:00.000-05:00

2011-03-07T21:11:57.423-05:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

CERT CA-2003-10 CERT-VN VU#516825 BUGTRAQ 20030522 [slackware-security] glibc XDR overflow fix (SSA:2003-141-03) REDHAT RHSA-2003:091 REDHAT RHSA-2003:089 REDHAT RHSA-2003:052 REDHAT RHSA-2003:051 SUSE SuSE-SA:2003:027 ENGARDE ESA-20030321-010 EEYE AD20030318 DEBIAN DSA-282 DEBIAN DSA-272 DEBIAN DSA-266 TRUSTIX 2003-0014 BUGTRAQ 20030325 GLSA: glibc (200303-22) BUGTRAQ 20030319 MITKRB5-SA-2003-003: faulty length checks in xdrmem_getbytes BUGTRAQ 20030319 EEYE: XDR Integer Overflow VULNWATCH 20030319 EEYE: XDR Integer Overflow NETBSD NetBSD-SA2003-008 BUGTRAQ 20030331 GLSA: krb5 & mit-krb5 (200303-28) BUGTRAQ 20030331 GLSA: dietlibc (200303-29) BUGTRAQ 20030319 RE: EEYE: XDR Integer Overflow MANDRAKE MDKSA-2003:037 Integer overflow in the xdrmem_getbytes() function, and possibly other functions, of XDR (external data representation) libraries derived from SunRPC, including libnsl, libc, glibc, and dietlibc, allows remote attackers to execute arbitrary code via certain integer values in length fields, a different vulnerability than CVE-2002-0391.

cpe:/a:protegrity:secure.data:2.2.3.8 cpe:/a:protegrity:secure.data:2.2.3.7

CVE-2003-0030

2003-03-18T00:00:00.000-05:00

2008-09-05T16:33:16.867-04:00

10.0

NETWORK

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

CERT-VN VU#247545 BID 7085 BID 7084 BID 7083 BUGTRAQ 20030313 Protegrity buffer overflow SECUNIA 8294 Buffer overflows in protegrity.dll of Protegrity Secure.Data Extension Feature (SEF) before 2.2.3.9 allow attackers with SQL access to execute arbitrary code via the extended stored procedures (1) xp_pty_checkusers, (2) xp_pty_insert, or (3) xp_pty_select.

cpe:/a:mcrypt:libmcrypt:2.5.2 cpe:/a:mcrypt:libmcrypt:2.5_.0 cpe:/a:mcrypt:libmcrypt:2.5.3 cpe:/a:mcrypt:libmcrypt:2.5.1_r4

CVE-2003-0031

2003-01-17T00:00:00.000-05:00

2008-09-10T20:05:24.727-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

DEBIAN DSA-228 BUGTRAQ 20030103 Multiple libmcrypt vulnerabilities SECTRACK 1006181 BID 6510 BUGTRAQ 20030105 GLSA: libmcrypt CONECTIVA CLA-2003:567 Multiple buffer overflows in libmcrypt before 2.5.5 allow attackers to cause a denial of service (crash).

cpe:/a:mcrypt:libmcrypt:2.5.2 cpe:/a:mcrypt:libmcrypt:2.5_.0 cpe:/a:mcrypt:libmcrypt:2.5.3 cpe:/a:mcrypt:libmcrypt:2.5.1_r4

CVE-2003-0032

2003-01-17T00:00:00.000-05:00

2008-09-10T20:05:24.807-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

DEBIAN DSA-228 BUGTRAQ 20030103 Multiple libmcrypt vulnerabilities XF libmcrypt-libtool-memory-leak(10988) BID 6512 BUGTRAQ 20030105 GLSA: libmcrypt CONECTIVA CLA-2003:567 Memory leak in libmcrypt before 2.5.5 allows attackers to cause a denial of service (memory exhaustion) via a large number of requests to the application, which causes libmcrypt to dynamically load algorithms via libtool.

cpe:/a:snort:snort:1.8.3 cpe:/a:snort:snort:1.9.0 cpe:/a:snort:snort:1.8.6 cpe:/a:snort:snort:1.8.5 cpe:/a:snort:snort:1.8.1 cpe:/a:snort:snort:1.8.2 cpe:/a:snort:snort:1.8.4 cpe:/a:snort:snort:1.8.7 cpe:/a:snort:snort:1.8.0

CVE-2003-0033

2003-03-07T00:00:00.000-05:00

2008-09-05T16:33:17.333-04:00

10.0

NETWORK

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

CERT-VN VU#916785 CERT CA-2003-13 BID 6963 XF snort-rpc-fragment-bo(10956) ISS 20030303 Snort RPC Preprocessing Vulnerability OSVDB 4418 MANDRAKE MDKSA-2003:029 ENGARDE ESA-20030307-007 DEBIAN DSA-297 GENTOO GLSA-200304-06 GENTOO GLSA-200303-6.1 BUGTRAQ 20030303 Snort RPC Vulnerability (fwd) Buffer overflow in the RPC preprocessor for Snort 1.8 and 1.9.x before 1.9.1 allows remote attackers to execute arbitrary code via fragmented RPC packets.

cpe:/a:jean-jacques_sarton:mtink:0.9.52 cpe:/a:jean-jacques_sarton:mtink:0.9.33 cpe:/a:jean-jacques_sarton:mtink:0.9.32

CVE-2003-0034

2003-02-07T00:00:00.000-05:00

2008-09-10T20:05:24.947-04:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

MISC http://www.idefense.com/advisory/01.21.03.txt VULNWATCH 20030121 iDEFENSE Security Advisory 01.21.03: Buffer Overflows in Mandrake Linux printer-drivers Package SECTRACK 1005959 BID 6656 MANDRAKE MDKSA-2003:010 Buffer overflow in the mtink status monitor, as included in the printer-drivers package in Mandrake Linux, allows local users to execute arbitrary code via a long HOME environment variable.

cpe:/a:robert_krawitz:escputil:1.15.2.2

CVE-2003-0035

2003-02-07T00:00:00.000-05:00

2008-09-10T20:05:25.023-04:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

MISC http://www.idefense.com/advisory/01.21.03.txt VULNWATCH 20030121 iDEFENSE Security Advisory 01.21.03: Buffer Overflows in Mandrake Linux printer-drivers Package SECTRACK 1005959 BID 6658 BUGTRAQ 20030121 iDEFENSE Security Advisory 01.21.03: Buffer Overflows in Mandrake Linux printer-drivers Package MANDRAKE MDKSA-2003:010 Buffer overflow in escputil, as included in the printer-drivers package in Mandrake Linux, allows local users to execute arbitrary code via a long printer-name command line argument.

cpe:/a:rildo_pragana:ml85p

CVE-2003-0036

2003-02-07T00:00:00.000-05:00

2008-09-10T15:17:26.397-04:00

6.2

LOCAL

HIGH

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

MISC http://www.idefense.com/advisory/01.21.03.txt VULNWATCH 20030121 iDEFENSE Security Advisory 01.21.03: Buffer Overflows in Mandrake Linux printer-drivers Package SECTRACK 1005959 BUGTRAQ 20030121 iDEFENSE Security Advisory 01.21.03: Buffer Overflows in Mandrake Linux printer-drivers Package MANDRAKE MDKSA-2003:010 ml85p, as included in the printer-drivers package for Mandrake Linux, allows local users to overwrite arbitrary files via a symlink attack on temporary files with predictable filenames of the form "mlg85p%d".

cpe:/a:noffle:noffle:1.0.1

CVE-2003-0037

2003-02-07T00:00:00.000-05:00

2008-09-10T20:05:25.163-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

DEBIAN DSA-244 XF noffle-multiple-bo(11181) BID 6695 SECUNIA 7955 Buffer overflows in noffle news server 1.0.1 and earlier allow remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code.

cpe:/a:gnu:mailman:2.1

CVE-2003-0038

2003-02-07T00:00:00.000-05:00

2008-09-05T16:33:18.117-04:00

4.3

NETWORK

MEDIUM

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

DEBIAN DSA-436 CONFIRM http://telia.dl.sourceforge.net/sourceforge/mailman/xss-2.1.0-patch.txt BUGTRAQ 20030124 Mailman: cross-site scripting bug XF mailman-email-variable-xss(11152) SECTRACK 1005987 BID 6677 OSVDB 9205 Cross-site scripting (XSS) vulnerability in options.py for Mailman 2.1 allows remote attackers to inject script or HTML into web pages via the (1) email or (2) language parameters.

cpe:/a:isc:dhcpd:3.0.1:rc9 cpe:/a:isc:dhcpd:3.0.1:rc10 cpe:/a:isc:dhcpd:3.0.1:rc6 cpe:/a:isc:dhcpd:3.0.1:rc3 cpe:/a:isc:dhcpd:3.0.1:rc5 cpe:/a:isc:dhcpd:3.0.1:rc1 cpe:/a:isc:dhcpd:3.0.1:rc8 cpe:/a:isc:dhcpd:3.0.1:rc4 cpe:/a:isc:dhcpd:3.0.1:rc7 cpe:/a:isc:dhcpd:3.0.1:rc2

CVE-2003-0039

2003-02-07T00:00:00.000-05:00

2008-09-05T16:33:18.257-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

CERT-VN VU#149953 DEBIAN DSA-245 BUGTRAQ 20030115 DoS against DHCP infrastructure with isc dhcrelay XF dhcp-dhcrelay-dos(11187) BID 6628 REDHAT RHSA-2003:034 BUGTRAQ 20030219 [OpenPKG-SA-2003.012] OpenPKG Security Advisory (dhcpd) CONECTIVA CLSA-2003:616 TURBO TLSA-2003-26 ISC dhcrelay (dhcp-relay) 3.0rc9 and earlier, and possibly other versions, allows remote attackers to cause a denial of service (packet storm) via a certain BOOTP packet that is forwarded to a broadcast MAC address, causing an infinite loop that is not restricted by a hop count.

cpe:/a:double_precision_incorporated:courier_mta:0.37.3 cpe:/a:inter7:courier-imap:1.6

CVE-2003-0040

2003-02-19T00:00:00.000-05:00

2008-09-05T16:33:18.427-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

BID 6738 DEBIAN DSA-247 XF courierimap-authmysqllib-sql-injection(11213) SQL injection vulnerability in the PostgreSQL auth module for courier 0.40 and earlier allows remote attackers to execute SQL code via the user name.

cpe:/o:redhat:linux:8.0::i386 cpe:/o:redhat:linux:7.3::i386 cpe:/o:redhat:linux:7.2::i386 cpe:/o:redhat:linux:7.2::ia64 cpe:/o:redhat:linux:6.2::i386 cpe:/o:redhat:linux:7.0::i386 cpe:/a:mit:kerberos_ftp_client cpe:/o:redhat:linux:7.1::i386

CVE-2003-0041

2003-02-19T00:00:00.000-05:00

2008-09-10T15:17:27.977-04:00

10.0

NETWORK

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

REDHAT RHSA-2003:020 VULNWATCH 20030128 MIT Kerberos FTP client remote shell commands execution MANDRAKE MDKSA-2003:021 SECUNIA 8114 SECUNIA 7979 Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in a filename that is retrieved by the client.

cpe:/a:apache:tomcat:3.2.3 cpe:/a:apache:tomcat:3.2.1 cpe:/a:apache:tomcat:3.1 cpe:/a:apache:tomcat:3.3 cpe:/a:apache:tomcat:3.0 cpe:/a:apache:tomcat:3.2.4 cpe:/a:apache:tomcat:3.1.1 cpe:/a:apache:tomcat:3.2 cpe:/a:apache:tomcat:3.3.1

CVE-2003-0042

2003-02-07T00:00:00.000-05:00

2008-09-10T20:05:25.947-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

DEBIAN DSA-246 BUGTRAQ 20030130 Apache Jakarta Tomcat 3 URL parsing vulnerability CONFIRM http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt CONFIRM http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/ XF tomcat-null-directory-listing(11194) BID 6721 HP HPSBUX0303-249 CIAC N-060 SECUNIA 7977 SECUNIA 7972 Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, allows remote attackers to list directories even with an index.html or other file present, or obtain unprocessed source code for a JSP file, via a URL containing a null character.

CVE-2003-0043

2003-02-07T00:00:00.000-05:00

2008-09-10T20:05:26.023-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

XF tomcat-webxml-read-files(11195) CONFIRM http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt CONFIRM http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/ BID 6722 HP HPSBUX0303-249 DEBIAN DSA-246 CIAC N-060 Jakarta Tomcat before 3.3.1a, when used with JDK 1.3.1 or earlier, uses trusted privileges when processing the web.xml file, which could allow remote attackers to read portions of some files through the web.xml file.

CVE-2003-0044

2003-02-07T00:00:00.000-05:00

2008-09-10T20:05:26.087-04:00

6.8

NETWORK

MEDIUM

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

DEBIAN DSA-246 HP HPSBUX0303-249 CONFIRM http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt CONFIRM http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/ XF tomcat-web-app-xss(11196) BID 6720 OSVDB 9204 OSVDB 9203 CIAC N-060 SECUNIA 7972 Multiple cross-site scripting (XSS) vulnerabilities in the (1) examples and (2) ROOT web applications for Jakarta Tomcat 3.x through 3.3.1a allow remote attackers to insert arbitrary web script or HTML.

CVE-2003-0045

2003-02-07T00:00:00.000-05:00

2008-09-05T16:33:19.257-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

XF jakarta-tomcat-msdos-dos(12102) CONFIRM http://jakarta.apache.org/builds/jakarta-tomcat/release/v3.3.1a/RELEASE-NOTES-3.3.1a.txt Jakarta Tomcat before 3.3.1a on certain Windows systems may allow remote attackers to cause a denial of service (thread hang and resource consumption) via a request for a JSP page containing an MS-DOS device name, such as aux.jsp.

cpe:/a:celestial_software:absolutetelnet:2.11

CVE-2003-0046

2003-02-19T00:00:00.000-05:00

2008-09-10T20:05:26.413-04:00

4.6

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

MISC http://www.idefense.com/advisory/01.28.03.txt CONFIRM http://www.celestialsoftware.net/telnet/beta_software.html BUGTRAQ 20030129 iDEFENSE Security Advisory 01.28.03: SSH2 Clients Insecurely Store Passwords SECTRACK 1006013 BID 6725 OSVDB 7686 AbsoluteTelnet SSH2 client does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials.

cpe:/a:van_dyke_technologies:securecrt:3.4.7 cpe:/a:van_dyke_technologies:entunnel:1.0.2 cpe:/a:van_dyke_technologies:securecrt:4.0.2 cpe:/a:van_dyke_technologies:securefx:2.1.2 cpe:/a:van_dyke_technologies:securefx:2.0.4

CVE-2003-0047

2003-02-19T00:00:00.000-05:00

2008-09-10T20:05:26.493-04:00

4.6

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

MISC http://www.idefense.com/advisory/01.28.03.txt BUGTRAQ 20030129 iDEFENSE Security Advisory 01.28.03: SSH2 Clients Insecurely Store Passwords SECTRACK 1006012 SECTRACK 1006011 SECTRACK 1006010 BID 6728 BID 6727 BID 6726 SSH2 clients for VanDyke (1) SecureCRT 4.0.2 and 3.4.7, (2) SecureFX 2.1.2 and 2.0.4, and (3) Entunnel 1.0.2 and earlier, do not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials.

cpe:/a:putty:putty:0.49 cpe:/a:putty:putty:0.48 cpe:/a:putty:putty:0.53b cpe:/a:putty:putty:0.53

CVE-2003-0048

2003-02-19T00:00:00.000-05:00

2008-09-10T20:05:26.570-04:00

4.6

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

MISC http://www.idefense.com/advisory/01.28.03.txt SECTRACK 1006014 BID 6724 BUGTRAQ 20030129 iDEFENSE Security Advisory 01.28.03: SSH2 Clients Insecurely Store Passwords PuTTY 0.53b and earlier does not clear logon credentials from memory, including plaintext passwords, which could allow attackers with access to memory to steal the SSH credentials.

cpe:/o:apple:mac_os_x_server:10.2.1 cpe:/o:apple:mac_os_x:10.2.3 cpe:/o:apple:mac_os_x:10.2.2 cpe:/o:apple:mac_os_x:10.2 cpe:/o:apple:mac_os_x_server:10.2.3 cpe:/o:apple:mac_os_x_server:10.2.2 cpe:/o:apple:mac_os_x:10.2.1 cpe:/o:apple:mac_os_x_server:10.2

CVE-2003-0049

2003-03-03T00:00:00.000-05:00

2008-09-10T20:05:26.757-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

CONFIRM http://docs.info.apple.com/article.html?artnum=61798 XF macos-afp-unauthorized-access(11333) CONFIRM http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt BID 6860 SECTRACK 1006107 Apple File Protocol (AFP) in Mac OS X before 10.2.4 allows administrators to log in as other users by using the administrator password.

cpe:/a:apple:quicktime_streaming_server:4.1.1 cpe:/a:apple:darwin_streaming_server:4.1.2

CVE-2003-0050

2003-03-07T00:00:00.000-05:00

2008-09-10T20:05:26.820-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

BUGTRAQ 20030224 QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities XF quicktime-darwin-command-execution(11401) CONFIRM http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt BID 6954 parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via shell metacharacters.

cpe:/a:apple:quicktime_streaming_server:4.1.1 cpe:/a:apple:darwin_streaming_server:4.1.2

CVE-2003-0051

2003-03-07T00:00:00.000-05:00

2008-09-10T20:05:26.897-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

BUGTRAQ 20030224 QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities XF quicktime-darwin-path-disclosure(11402) CONFIRM http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt BID 6956 parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to obtain the physical path of the server's installation path via a NULL file parameter.

cpe:/a:apple:quicktime_streaming_server:4.1.1 cpe:/a:apple:darwin_streaming_server:4.1.2

CVE-2003-0052

2003-03-07T00:00:00.000-05:00

2008-09-10T20:05:26.977-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

BUGTRAQ 20030224 QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities XF quicktime-darwin-directory-disclosure(11403) CONFIRM http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt BID 6955 parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to list arbitrary directories.

cpe:/a:apple:quicktime_streaming_server:4.1.1 cpe:/a:apple:darwin_streaming_server:4.1.2

CVE-2003-0053

2003-03-07T00:00:00.000-05:00

2008-09-10T20:05:27.040-04:00

4.3

NETWORK

MEDIUM

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

BUGTRAQ 20030224 QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities XF quicktime-darwin-parsexml-xss(11404) CONFIRM http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt BID 6958 Cross-site scripting (XSS) vulnerability in parse_xml.cgi in Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to insert arbitrary script via the filename parameter, which is inserted into an error message.

cpe:/a:apple:quicktime_streaming_server:4.1.1 cpe:/a:apple:darwin_streaming_server:4.1.2

CVE-2003-0054

2003-03-07T00:00:00.000-05:00

2008-09-10T20:05:27.117-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

BUGTRAQ 20030224 QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities XF quicktime-darwin-describe-xss(11405) CONFIRM http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt BID 6960 Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute certain code via a request to port 7070 with the script in an argument to the rtsp DESCRIBE method, which is inserted into a log file and executed when the log is viewed using a browser.

cpe:/a:apple:quicktime_darwin_mp3_broadcaster

CVE-2003-0055

2003-03-07T00:00:00.000-05:00

2008-09-10T20:05:27.197-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

BUGTRAQ 20030224 QuickTime/Darwin Streaming Administration Server Multiple vulnerabilities XF quicktime-darwin-mp3-bo(11406) CONFIRM http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt BID 6957 Buffer overflow in the MP3 broadcasting module of Apple Darwin Streaming Administration Server 4.1.2 and QuickTime Streaming Server 4.1.1 allows remote attackers to execute arbitrary code via a long filename.

cpe:/a:slocate:slocate:2.5 cpe:/a:slocate:slocate:2.6

CVE-2003-0056

2003-02-19T00:00:00.000-05:00

2010-08-21T00:15:01.740-04:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

DEBIAN DSA-252 BUGTRAQ 20030202 GLSA: slocate MISC http://www.usg.org.uk/advisories/2003.001.txt CONECTIVA CLA-2003:643 MANDRAKE MDKSA-2003:015 SECUNIA 8749 SECUNIA 8236 SECUNIA 8118 SECUNIA 8007 SECUNIA 7982 SECUNIA 7947 SECUNIA 10720 REDHAT RHSA-2004:041 BUGTRAQ 20030125 Re: [USG- SA- 2003.001] USG Security Advisory (slocate) BUGTRAQ 20030124 [USG- SA- 2003.001] USG Security Advisory (slocate) SGI 20040202-01-U CALDERA CSSA-2003-009.0 Buffer overflow in secure locate (slocate) before 2.7 allows local users to execute arbitrary code via a long (1) -c or (2) -r command line argument.

cpe:/a:hypermail:hypermail:2.1.5 cpe:/a:hypermail:hypermail:2.1.2 cpe:/a:hypermail:hypermail:2.1.1 cpe:/a:hypermail:hypermail:2.1_.0 cpe:/a:hypermail:hypermail:2.1.3 cpe:/a:hypermail:hypermail:2.0b25 cpe:/a:hypermail:hypermail:2.1.4

CVE-2003-0057

2003-02-19T00:00:00.000-05:00

2008-09-10T20:05:41.993-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

BUGTRAQ 20030127 Hypermail buffer overflows XF hypermail-long-hostname-bo(11158) XF hypermail-mail-attachment-bo(11157) BID 6690 BID 6689 DEBIAN DSA-248 SECUNIA 8030 VULNWATCH 20030126 Hypermail buffer overflows Multiple buffer overflows in Hypermail 2 before 2.1.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code (1) via a long attachment filename that is not properly handled by the hypermail executable, or (2) by connecting to the mail CGI program from an IP address that reverse-resolves to a long hostname.

cpe:/o:sun:solaris:9.0::sparc cpe:/a:mit:kerberos:5-1.2.4 cpe:/a:mit:kerberos:5-1.2.1 cpe:/o:sun:solaris:8.0 cpe:/a:sun:enterprise_authentication_mechanism:1.0 cpe:/a:mit:kerberos:5-1.2.2 cpe:/o:sun:solaris:8.0::x86 cpe:/a:mit:kerberos:5-1.2.3

CVE-2003-0058

2003-02-19T00:00:00.000-05:00

2008-09-05T16:33:21.317-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

CERT-VN VU#661243 BID 6683 CONFIRM http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt XF kerberos-kdc-null-pointer-dos(10099) REDHAT RHSA-2003:168 REDHAT RHSA-2003:052 REDHAT RHSA-2003:051 MANDRAKE MDKSA-2003:043 SUNALERT 50142 CONECTIVA CLSA-2003:639 MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference.

cpe:/a:mit:kerberos:5-1.2.1 cpe:/a:mit:kerberos:5-1.2.2

CVE-2003-0059

2003-02-19T00:00:00.000-05:00

2008-09-05T16:33:21.490-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

CERT-VN VU#684563 BID 6714 CONFIRM http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt XF kerberos-kdc-user-spoofing(11188) REDHAT RHSA-2003:168 REDHAT RHSA-2003:052 REDHAT RHSA-2003:051 MANDRAKE MDKSA-2003:043 CONECTIVA CLSA-2003:639 Unknown vulnerability in the chk_trans.c of the libkrb5 library for MIT Kerberos V5 before 1.2.5 allows users from one realm to impersonate users in other realms that have the same inter-realm keys.

cpe:/a:mit:kerberos:5-1.2.4 cpe:/a:mit:kerberos:5-1.2.1 cpe:/a:mit:kerberos:5-1.2.2 cpe:/a:mit:kerberos:5-1.2.3

CVE-2003-0060

2003-02-19T00:00:00.000-05:00

2008-09-05T16:33:21.630-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

CERT-VN VU#787523 BID 6712 CONFIRM http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-001-multiple.txt XF kerberos-kdc-format-string(11189) OSVDB 4879 CONECTIVA CLSA-2003:639 Format string vulnerabilities in the logging routines for MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in Kerberos principal names.

cpe:/o:hp:hp-ux:10.20

CVE-2003-0061

2002-01-11T00:00:00.000-05:00

2008-09-05T16:33:21.787-04:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2005-05-25T11:27:00.000-04:00

ALLOWS_ADMIN_ACCESS

IDEFENSE 20030203 HP UX passwd Binary Buffer Overflow Vulnerability Buffer overflow in passwd for HP UX B.10.20 allows local users to execute arbitrary commands with root privileges via a long LANG environment variable.

cpe:/a:eset_software:nod32_antivirus:1.0.12 cpe:/a:eset_software:nod32_antivirus:1.0.11

CVE-2003-0062

2003-02-19T00:00:00.000-05:00

2008-09-10T20:05:42.383-04:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

MISC http://www.idefense.com/advisory/02.10.03.txt BID 6803 XF nod32-pathname-bo(11282) BUGTRAQ 20030210 iDEFENSE Security Advisory 02.10.03: Buffer Overflow In NOD32 Antivirus Software for Unix Buffer overflow in Eset Software NOD32 for UNIX before 1.013 allows local users to execute arbitrary code via a long path name.

cpe:/a:xfree86_project:x11r6:4.2.1 cpe:/a:xfree86_project:x11r6:4.0 cpe:/a:xfree86_project:x11r6:4.2.0 cpe:/a:xfree86_project:x11r6:4.0.1 cpe:/a:xfree86_project:x11r6:4.0.3 cpe:/a:xfree86_project:x11r6:4.1.0

CVE-2003-0063

2003-03-03T00:00:00.000-05:00

2008-09-10T20:05:42.460-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

XF terminal-emulator-window-title(11414) VULNWATCH 20030224 Terminal Emulator Security Issues BID 6940 REDHAT RHSA-2003:067 REDHAT RHSA-2003:066 REDHAT RHSA-2003:065 REDHAT RHSA-2003:064 DEBIAN DSA-380 BUGTRAQ 20030224 Terminal Emulator Security Issues The xterm terminal emulator in XFree86 4.2.0 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

cpe:/o:hp:hp-ux:10.24 cpe:/o:sgi:irix:6.5.4m cpe:/o:sun:solaris:8.0 cpe:/o:sgi:irix:6.5.16m cpe:/o:sgi:irix:6.5.11m cpe:/o:sgi:irix:6.5.10f cpe:/o:sgi:irix:6.5.15 cpe:/o:sgi:irix:6.5.17 cpe:/o:ibm:aix:4.3.2 cpe:/o:sgi:irix:6.5.14 cpe:/o:ibm:aix:5.1 cpe:/o:sgi:irix:5.2 cpe:/o:sgi:irix:6.0 cpe:/o:sgi:irix:6.5.17m cpe:/o:sgi:irix:6.5.3 cpe:/o:sgi:irix:6.5.16 cpe:/o:hp:hp-ux:10.20 cpe:/o:sgi:irix:6.5.5f cpe:/o:sgi:irix:6.5.9f cpe:/o:sgi:irix:6.5.8 cpe:/o:sgi:irix:6.5.6m cpe:/o:sgi:irix:6.0.1 cpe:/o:sgi:irix:6.5.6f cpe:/o:sgi:irix:6.3 cpe:/o:hp:hp-ux:11.04 cpe:/o:hp:hp-ux:11.20 cpe:/o:sgi:irix:6.5.3f cpe:/o:sgi:irix:6.5.9m cpe:/o:hp:hp-ux:10.34 cpe:/o:sgi:irix:6.5.12m cpe:/o:sgi:irix:6.5.12f cpe:/o:sgi:irix:5.0.1 cpe:/o:sgi:irix:6.2 cpe:/o:sgi:irix:6.5.5 cpe:/o:hp:hp-ux:11.22 cpe:/o:sgi:irix:6.5.4 cpe:/o:sgi:irix:6.5.10 cpe:/o:sgi:irix:5.1 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sgi:irix:6.5.8f cpe:/o:sun:solaris:7.0 cpe:/o:sgi:irix:6.5.2f cpe:/o:sgi:irix:6.5.10m cpe:/o:sgi:irix:6.1 cpe:/o:sgi:irix:6.5.17f cpe:/o:sgi:irix:6.5.14f cpe:/o:sgi:irix:6.5.18f cpe:/o:hp:hp-ux:10.26 cpe:/o:sgi:irix:5.0 cpe:/o:hp:hp-ux:11.00 cpe:/o:sgi:irix:6.5.6 cpe:/o:sgi:irix:6.5.15f cpe:/o:sun:solaris:2.6 cpe:/o:sgi:irix:6.5.4f cpe:/o:sgi:irix:6.4 cpe:/o:sgi:irix:6.5.8m cpe:/o:sgi:irix:6.5.13 cpe:/o:sgi:irix:6.5.18m cpe:/o:sun:solaris:2.5.1 cpe:/o:sun:solaris:9.0::sparc cpe:/o:hp:hp-ux:10.30 cpe:/o:ibm:aix:4.3 cpe:/o:ibm:aix:4.3.1 cpe:/o:sgi:irix:6.5.18 cpe:/o:sgi:irix:6.5.11 cpe:/o:sgi:irix:6.5.2m cpe:/o:sgi:irix:6.5.9 cpe:/o:sun:solaris:2.6::x86 cpe:/o:sgi:irix:6.5.14m cpe:/o:sgi:irix:6.5.12 cpe:/o:sgi:irix:6.5.13m cpe:/o:sgi:irix:6.5.3m cpe:/o:sun:solaris:9.0::x86 cpe:/o:sgi:irix:6.5.13f cpe:/o:hp:hp-ux:11.11 cpe:/o:sgi:irix:6.5 cpe:/o:sgi:irix:6.5.7f cpe:/o:sgi:irix:6.5.7 cpe:/o:sgi:irix:6.5.11f cpe:/o:sgi:irix:6.5.7m cpe:/o:sgi:irix:6.5.15m cpe:/o:sgi:irix:6.5.5m cpe:/o:sgi:irix:6.5.16f cpe:/o:sgi:irix:5.1.1 cpe:/o:sgi:irix:5.3 cpe:/o:sgi:irix:6.5.1 cpe:/o:ibm:aix:5.2 cpe:/o:ibm:aix:4.3.3 cpe:/o:sgi:irix:6.5.2 cpe:/o:sun:solaris:8.0::x86 cpe:/o:sun:solaris:2.5.1::x86

CVE-2003-0064

2003-03-03T00:00:00.000-05:00

2008-09-10T20:05:42.523-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

XF terminal-emulator-window-title(11414) VULNWATCH 20030224 Terminal Emulator Security Issues BID 6942 HP HPSBUX0401-309 BUGTRAQ 20030224 Terminal Emulator Security Issues The dtterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

cpe:/a:national_university_of_singapore:uxterm:2.4.1 cpe:/a:national_university_of_singapore:uxterm:2.3

CVE-2003-0065

2003-03-03T00:00:00.000-05:00

2008-09-10T20:05:42.603-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

XF terminal-emulator-window-title(11414) VULNWATCH 20030224 Terminal Emulator Security Issues BID 6945 BUGTRAQ 20030224 Terminal Emulator Security Issues The uxterm terminal emulator allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

cpe:/a:rxvt:rxvt:2.7.8 cpe:/a:rxvt:rxvt:2.7.5 cpe:/a:rxvt:rxvt:2.6.2 cpe:/a:rxvt:rxvt:2.7.6 cpe:/a:rxvt:rxvt:2.6.3 cpe:/a:rxvt:rxvt:2.6.1 cpe:/a:rxvt:rxvt:2.7.7 cpe:/a:rxvt:rxvt:2.6.4

CVE-2003-0066

2003-03-03T00:00:00.000-05:00

2008-09-10T20:05:42.680-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

XF terminal-emulator-window-title(11414) VULNWATCH 20030224 Terminal Emulator Security Issues BID 6953 GENTOO 200303-16 REDHAT RHSA-2003:055 REDHAT RHSA-2003:054 MANDRAKE MDKSA-2003:003 BUGTRAQ 20030224 Terminal Emulator Security Issues The rxvt terminal emulator 2.7.8 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

cpe:/a:aterm:aterm:0.42

CVE-2003-0067

2003-03-18T00:00:00.000-05:00

2008-09-05T16:33:22.943-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

XF terminal-emulator-window-title(11414) VULNWATCH 20030224 Terminal Emulator Security Issues BUGTRAQ 20030224 Terminal Emulator Security Issues The aterm terminal emulator 0.42 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

cpe:/a:michael_jennings:eterm:0.8.10 cpe:/a:michael_jennings:eterm:0.9.1

CVE-2003-0068

2003-03-03T00:00:00.000-05:00

2008-09-10T15:17:47.647-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

XF terminal-emulator-window-title(11414) VULNWATCH 20030224 Terminal Emulator Security Issues BID 10237 MANDRAKE MDKSA-2003:040 DEBIAN DSA-496 BUGTRAQ 20030224 Terminal Emulator Security Issues The Eterm terminal emulator 0.9.1 and earlier allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

cpe:/a:putty:putty:0.53

CVE-2003-0069

2003-03-18T00:00:00.000-05:00

2008-09-05T16:33:23.240-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

XF terminal-emulator-window-title(11414) VULNWATCH 20030224 Terminal Emulator Security Issues OSVDB 8347 BUGTRAQ 20030224 Terminal Emulator Security Issues The PuTTY terminal emulator 0.53 allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

cpe:/a:nalin_dahyabhai:vte:0.22.5 cpe:/a:gnome:gnome-terminal:2.2 cpe:/a:nalin_dahyabhai:vte:0.25.1 cpe:/a:nalin_dahyabhai:vte:0.15.0 cpe:/a:nalin_dahyabhai:vte:0.17.4 cpe:/a:nalin_dahyabhai:vte:0.11.21 cpe:/a:nalin_dahyabhai:vte:0.12.2 cpe:/a:nalin_dahyabhai:vte:0.16.14 cpe:/a:gnome:gnome-terminal:2.0 cpe:/a:nalin_dahyabhai:vte:0.24.3 cpe:/a:nalin_dahyabhai:vte:0.20.5 cpe:/a:nalin_dahyabhai:vte:0.14.2

CVE-2003-0070

2003-03-03T00:00:00.000-05:00

2010-08-06T00:00:00.000-04:00

6.8

NETWORK

MEDIUM

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

REDHAT RHSA-2003:053 XF terminal-emulator-window-title(11414) GENTOO GLSA-200303-2 BUGTRAQ 20030224 Terminal Emulator Security Issues VULNWATCH 20030224 Terminal Emulator Security Issues VTE, as used by default in gnome-terminal terminal emulator 2.2 and as an option in gnome-terminal 2.0, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

CVE-2003-0071

2003-03-03T00:00:00.000-05:00

2008-09-10T20:05:44.180-04:00

2.1

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

XF terminal-emulator-dec-udk(11415) VULNWATCH 20030224 Terminal Emulator Security Issues BID 6950 REDHAT RHSA-2003:067 REDHAT RHSA-2003:066 REDHAT RHSA-2003:065 REDHAT RHSA-2003:064 DEBIAN DSA-380 BUGTRAQ 20030224 Terminal Emulator Security Issues The DEC UDK processing feature in the xterm terminal emulator in XFree86 4.2.99.4 and earlier allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop.

cpe:/a:mit:kerberos:5-1.2.7 cpe:/a:mit:kerberos:1.0 cpe:/a:mit:kerberos:5-1.3:alpha1 cpe:/a:mit:kerberos:5-1.2.1 cpe:/a:mit:kerberos:5-1.2.4 cpe:/a:mit:kerberos:5_1.1.1 cpe:/a:mit:kerberos:5_1.1 cpe:/a:mit:kerberos:5-1.2 cpe:/a:mit:kerberos:5-1.2.2 cpe:/a:mit:kerberos:5-1.2.3 cpe:/a:mit:kerberos:5-1.2.6 cpe:/a:mit:kerberos:1.2.2.beta1 cpe:/a:mit:kerberos:5-1.2.5 cpe:/a:mit:kerberos:5_1.0.6

CVE-2003-0072

2003-04-02T00:00:00.000-05:00

2008-09-05T16:33:23.723-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

DEBIAN DSA-266 CONFIRM http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-buf.txt REDHAT RHSA-2003:052 REDHAT RHSA-2003:051 BID 7184 BUGTRAQ 20030331 GLSA: krb5 & mit-krb5 (200303-28) SUNALERT 54042 The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes an out-of-bounds read of an array (aka "array overrun").

cpe:/a:mysql:mysql:3.23.53 cpe:/a:mysql:mysql:3.23.36 cpe:/a:mysql:mysql:3.23.41 cpe:/a:mysql:mysql:3.23.52 cpe:/a:mysql:mysql:3.23.54 cpe:/a:mysql:mysql:3.23.54a cpe:/a:mysql:mysql:3.23.47 cpe:/a:mysql:mysql:3.23.31

CVE-2003-0073

2003-02-19T00:00:00.000-05:00

2008-09-10T20:05:44.320-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

DEBIAN DSA-303 BUGTRAQ 20030129 [OpenPKG-SA-2003.008] OpenPKG Security Advisory (mysql) CONFIRM http://www.mysql.com/doc/en/News-3.23.55.html BID 6718 REDHAT RHSA-2003:166 REDHAT RHSA-2003:094 REDHAT RHSA-2003:093 MANDRAKE MDKSA-2003:013 ENGARDE ESA-20030220-004 XF mysql-mysqlchangeuser-doublefree-dos(11199) CONECTIVA CLA-2003:743 Double-free vulnerability in mysqld for MySQL before 3.23.55 allows attackers with MySQL access to cause a denial of service (crash) via mysql_change_user.

cpe:/a:plptools:plptools:0.6

CVE-2003-0074

2003-02-19T00:00:00.000-05:00

2008-09-05T16:33:24.083-04:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

BID 6715 XF plptools-plpnsfd-format-string(11193) BUGTRAQ 20030129 Re: Local root vuln in SuSE 8.0 plptools package BUGTRAQ 20030129 Local root vuln in SuSE 8.0 plptools package Format string vulnerability in mpmain.c for plpnfsd of the plptools package allows remote attackers to execute arbitrary code via the functions (1) debuglog, (2) errorlog, and (3) infolog.

cpe:/a:bladeenc:bladeenc:0.92.7 cpe:/a:bladeenc:bladeenc:0.94.1 cpe:/a:bladeenc:bladeenc:0.93.10 cpe:/a:bladeenc:bladeenc:0.94.2 cpe:/a:bladeenc:bladeenc:0.94.0

CVE-2003-0075

2003-02-19T00:00:00.000-05:00

2008-09-05T16:33:24.240-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

BID 6745 MISC http://www.pivx.com/luigi/adv/blade942-adv.txt GENTOO GLSA-200302-04 XF bladeenc-myfseek-code-execution(11227) BUGTRAQ 20030202 Bladeenc 0.94.2 code execution Integer signedness error in the myFseek function of samplein.c for Blade encoder (BladeEnc) 0.94.2 and earlier allows remote attackers to execute arbitrary code via a negative offset value following a "fmt" wave chunk.

cpe:/a:qt-dcgui:qt-dcgui:0.2 cpe:/a:qt-dcgui:qt-dcgui:0.2.1 cpe:/a:dcgui:dcgui:0.2.1 cpe:/a:dcgui:dcgui:0.2

CVE-2003-0076

2003-02-19T00:00:00.000-05:00

2008-09-05T16:33:24.443-04:00

6.4

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

BUGTRAQ 20030204 GLSA: qt-dcgui XF qtdcgui-directory-download-files(11246) CONFIRM http://dc.ketelhot.de/pipermail/dc/2003-January/000094.html Unknown vulnerability in the directory parser for Direct Connect 4 Linux (dcgui) before 0.2.2 allows remote attackers to read files outside the sharelist.

cpe:/a:hanterm:hanterm-xf:2.0.5

CVE-2003-0077

2003-03-18T00:00:00.000-05:00

2008-09-05T16:33:24.600-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

XF terminal-emulator-window-title(11414) VULNWATCH 20030224 Terminal Emulator Security Issues REDHAT RHSA-2003:071 REDHAT RHSA-2003:070 OSVDB 4917 BUGTRAQ 20030224 Terminal Emulator Security Issues The hanterm (hanterm-xf) terminal emulator 2.0.5 and earlier, and possibly later versions, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands.

cpe:/a:openssl:openssl:0.9.4 cpe:/a:openssl:openssl:0.9.6a cpe:/a:openssl:openssl:0.9.5 cpe:/a:openssl:openssl:0.9.6 cpe:/a:openssl:openssl:0.9.7:beta3 cpe:/o:freebsd:freebsd:5.0 cpe:/a:openssl:openssl:0.9.7:beta1 cpe:/a:openssl:openssl:0.9.6h cpe:/o:freebsd:freebsd:4.6 cpe:/a:openssl:openssl:0.9.7 cpe:/a:openssl:openssl:0.9.2b cpe:/a:openssl:openssl:0.9.6g cpe:/o:freebsd:freebsd:4.7 cpe:/a:openssl:openssl:0.9.6b cpe:/a:openssl:openssl:0.9.6c cpe:/o:freebsd:freebsd:4.2 cpe:/o:openbsd:openbsd:3.1 cpe:/o:freebsd:freebsd:4.4 cpe:/a:openssl:openssl:0.9.5a cpe:/a:openssl:openssl:0.9.6e cpe:/o:freebsd:freebsd:4.8:pre-release cpe:/a:openssl:openssl:0.9.1c cpe:/o:freebsd:freebsd:4.3 cpe:/a:openssl:openssl:0.9.6d cpe:/o:freebsd:freebsd:4.5 cpe:/o:openbsd:openbsd:3.2 cpe:/a:openssl:openssl:0.9.3 cpe:/a:openssl:openssl:0.9.7:beta2

CVE-2003-0078

2003-03-03T00:00:00.000-05:00

2008-09-10T20:05:47.117-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

CONFIRM http://www.openssl.org/news/secadv_20030219.txt BUGTRAQ 20030219 [OpenPKG-SA-2003.013] OpenPKG Security Advisory (openssl) XF ssl-cbc-information-leak(11369) DEBIAN DSA-253 TRUSTIX 2003-0005 BID 6884 REDHAT RHSA-2003:205 REDHAT RHSA-2003:104 REDHAT RHSA-2003:082 REDHAT RHSA-2003:063 REDHAT RHSA-2003:062 OSVDB 3945 MANDRAKE MDKSA-2003:020 ENGARDE ESA-20030220-005 CIAC N-051 GENTOO GLSA-200302-10 BUGTRAQ 20030219 OpenSSL 0.9.7a and 0.9.6i released CONECTIVA CLSA-2003:570 SGI 20030501-01-I NETBSD NetBSD-SA2003-001 ssl3_get_record in s3_pkt.c for OpenSSL before 0.9.7a and 0.9.6 before 0.9.6i does not perform a MAC computation if an incorrect block cipher padding is used, which causes an information leak (timing discrepancy) that may make it easier to launch cryptographic attacks that rely on distinguishing between padding and MAC verification errors, possibly leading to extraction of the original plaintext, aka the "Vaudenay timing attack."

cpe:/a:hanterm:hanterm-xf:2.0

CVE-2003-0079

2003-03-03T00:00:00.000-05:00

2008-09-10T20:05:47.197-04:00

2.1

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

XF terminal-emulator-dec-udk(11415) VULNWATCH 20030224 Terminal Emulator Security Issues BID 6944 REDHAT RHSA-2003:071 REDHAT RHSA-2003:070 OSVDB 4918 BUGTRAQ 20030224 Terminal Emulator Security Issues The DEC UDK processing feature in the hanterm (hanterm-xf) terminal emulator before 2.0.5 allows attackers to cause a denial of service via a certain character escape sequence that causes the terminal to enter a tight loop.

cpe:/a:gnome:gnome-lokkit:0.50_21

CVE-2003-0080

2003-03-31T00:00:00.000-05:00

2008-09-05T16:33:25.130-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

BID 7128 REDHAT RHSA-2003:072 XF gnomelokkit-forward-bypass-firewall(11552) OSVDB 4400 The iptables ruleset in Gnome-lokkit in Red Hat Linux 8.0 does not include any rules in the FORWARD chain, which could allow attackers to bypass intended access restrictions if packet forwarding is enabled.

cpe:/a:ethereal_group:ethereal:0.9.8 cpe:/a:ethereal_group:ethereal:0.9.7 cpe:/a:ethereal_group:ethereal:0.9.0 cpe:/a:ethereal_group:ethereal:0.9.3 cpe:/a:ethereal_group:ethereal:0.9.1 cpe:/a:ethereal_group:ethereal:0.9.2 cpe:/a:ethereal_group:ethereal:0.9.9 cpe:/a:ethereal_group:ethereal:0.9.4 cpe:/a:ethereal_group:ethereal:0.9.5 cpe:/a:ethereal_group:ethereal:0.9.6 cpe:/a:ethereal_group:ethereal:0.8.18

CVE-2003-0081

2003-03-18T00:00:00.000-05:00

2008-09-05T16:33:25.287-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

BID 7049 MISC http://www.guninski.com/etherre.html CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00008.html DEBIAN DSA-258 XF ethereal-socks-format-string(11497) REDHAT RHSA-2003:077 REDHAT RHSA-2003:076 SUSE SuSE-SA:2003:019 GENTOO GLSA-200303-10 FULLDISC 20030308 Ethereal format string bug, yet still ethereal much better than windows MANDRAKE MDKSA-2003:051 CONECTIVA CLSA-2003:627 Format string vulnerability in packet-socks.c of the SOCKS dissector for Ethereal 0.8.7 through 0.9.9 allows remote attackers to execute arbitrary code via SOCKS packets containing format string specifiers.

CVE-2003-0082

2003-04-02T00:00:00.000-05:00

2008-09-10T15:17:52.257-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

DEBIAN DSA-266 CONFIRM http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-005-buf.txt REDHAT RHSA-2003:091 REDHAT RHSA-2003:052 REDHAT RHSA-2003:051 BID 7185 BUGTRAQ 20030331 GLSA: krb5 & mit-krb5 (200303-28) SUNALERT 54042 The Key Distribution Center (KDC) in Kerberos 5 (krb5) 1.2.7 and earlier allows remote, authenticated attackers to cause a denial of service (crash) on KDCs within the same realm using a certain protocol request that causes the KDC to corrupt its heap (aka "buffer underrun").

cpe:/a:apache:http_server:1.3 cpe:/a:apache:http_server:2.0

CVE-2003-0083

2003-04-02T00:00:00.000-05:00

2008-09-10T15:17:52.320-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

REDHAT RHSA-2003:139 BUGTRAQ 20040325 LNSA-#2004-0006: bug workaround for Apache 2.0.48 CONFIRM http://cvs.apache.org/viewcvs.cgi/httpd-2.0/modules/loggers/mod_log_config.c?only_with_tag=APACHE_2_0_BRANCH CONFIRM http://cvs.apache.org/viewcvs.cgi/apache-1.3/src/modules/standard/mod_log_config.c?only_with_tag=APACHE_1_3_25 SECUNIA 8146 BUGTRAQ 20040325 GLSA200403-04 Multiple security vulnerabilities in Apache 2 Apache 1.3 before 1.3.25 and Apache 2.0 before version 2.0.46 does not filter terminal escape sequences from its access logs, which could make it easier for attackers to insert those sequences into terminal emulators containing vulnerabilities related to escape sequences, a different vulnerability than CVE-2003-0020.

cpe:/a:mod_auth_any:mod_auth_any:1.2.2

CVE-2003-0084

2003-05-12T00:00:00.000-04:00

2008-09-05T16:33:25.787-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

BID 7448 REDHAT RHSA-2003:114 XF modauthany-command-execution(11893) REDHAT RHSA-2003:113 CONFIRM http://www.itlab.musc.edu/webNIS/mod_auth_any.html CIAC N-090 mod_auth_any package in Red Hat Enterprise Linux 2.1 and other operating systems does not properly escape arguments when calling other programs, which allows attackers to execute arbitrary commands via shell metacharacters.

cpe:/a:samba:samba:2.2.3a cpe:/a:samba:samba:2.2.3 cpe:/a:samba:samba:2.2.6 cpe:/a:samba:samba:2.2.7a cpe:/a:samba:samba:2.0.7 cpe:/a:samba:samba:2.0.8 cpe:/a:samba:samba:2.2.0a cpe:/a:hp:cifs-9000_server:a.01.09 cpe:/a:samba:samba:2.0.1 cpe:/a:hp:cifs-9000_server:a.01.06 cpe:/a:hp:cifs-9000_server:a.01.09.01 cpe:/a:samba:samba:2.2.5 cpe:/a:hp:cifs-9000_server:a.01.08.01 cpe:/a:samba:samba:2.2.1a cpe:/a:samba:samba:2.2.7 cpe:/a:hp:cifs-9000_server:a.01.05 cpe:/a:samba:samba:2.2.0 cpe:/a:samba:samba:2.2.4 cpe:/a:samba:samba:2.0.6 cpe:/a:samba:samba:2.0.3 cpe:/a:samba:samba:2.0.2 cpe:/a:hp:cifs-9000_server:a.01.08 cpe:/a:samba:samba:2.2.2 cpe:/a:samba:samba:2.0.5 cpe:/a:samba:samba:2.0.4 cpe:/a:samba:samba:2.0.10 cpe:/a:samba:samba:2.0.0 cpe:/a:samba:samba:2.0.9 cpe:/a:hp:cifs-9000_server:a.01.07

CVE-2003-0085

2003-03-31T00:00:00.000-05:00

2011-03-07T21:12:07.127-05:00

10.0

NETWORK

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

CERT-VN VU#298233 BID 7106 DEBIAN DSA-262 BUGTRAQ 20030317 Security Bugfix for Samba - Samba 2.2.8 Released BUGTRAQ 20030317 GLSA: samba (200303-11) IMMUNIX IMNX-2003-7+-003-01 BUGTRAQ 20030325 Fwd: APPLE-SA-2003-03-24 Samba, OpenSSL REDHAT RHSA-2003:095 SUSE SuSE-SA:2003:016 SGI 20030302-01-I IMMUNIX IMNX-2003-7+-003-01 BUGTRAQ 20030325 Fwd: APPLE-SA-2003-03-24 Samba, OpenSSL REDHAT RHSA-2003:096 MANDRAKE MDKSA-2003:032 GENTOO GLSA-200303-11 SECUNIA 8303 SECUNIA 8299 BUGTRAQ 20030318 [OpenPKG-SA-2003.021] OpenPKG Security Advisory (samba) Buffer overflow in the SMB/CIFS packet fragment re-assembly code for SMB daemon (smbd) in Samba before 2.2.8, and Samba-TNG before 0.3.1, allows remote attackers to execute arbitrary code.

cpe:/a:samba:samba:2.2.3a cpe:/a:samba:samba:2.2.0 cpe:/a:samba:samba:2.2.4 cpe:/a:samba:samba:2.2.3 cpe:/a:samba:samba:2.2.6 cpe:/a:samba:samba:2.2.7a cpe:/a:samba:samba:2.0.7 cpe:/a:samba:samba:2.2.0a cpe:/a:samba:samba:2.0.8 cpe:/a:samba:samba:2.0.1 cpe:/a:samba:samba:2.2.5 cpe:/a:samba:samba:2.0.6 cpe:/a:samba:samba:2.0.2 cpe:/a:samba:samba:2.0.3 cpe:/a:samba:samba:2.2.1a cpe:/a:samba:samba:2.2.2 cpe:/a:samba:samba:2.2.7 cpe:/a:samba:samba:2.0.0 cpe:/a:samba:samba:2.0.10 cpe:/a:samba:samba:2.0.4 cpe:/a:samba:samba:2.0.5 cpe:/a:samba:samba:2.0.9

CVE-2003-0086

2003-03-31T00:00:00.000-05:00

2011-03-07T21:12:07.220-05:00

1.2

LOCAL

HIGH

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

BID 7107 DEBIAN DSA-262 BUGTRAQ 20030317 GLSA: samba (200303-11) BUGTRAQ 20030325 Fwd: APPLE-SA-2003-03-24 Samba, OpenSSL REDHAT RHSA-2003:095 SUSE SuSE-SA:2003:016 SGI 20030302-01-I APPLE APPLE-SA-2003-03-24 REDHAT RHSA-2003:096 MANDRAKE MDKSA-2003:032 GENTOO GLSA-200303-11 SECUNIA 8303 SECUNIA 8299 BUGTRAQ 20030318 [OpenPKG-SA-2003.021] OpenPKG Security Advisory (samba) The code for writing reg files in Samba before 2.2.8 allows local users to overwrite arbitrary files via a race condition involving chown.

cpe:/a:national_language_support:libim

CVE-2003-0087

2003-03-03T00:00:00.000-05:00

2008-09-10T20:05:47.993-04:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

MISC http://www.idefense.com/advisory/02.12.03.txt XF aix-aixterm-libim-bo(11309) BID 6840 OSVDB 7996 AIXAPAR IY40320 AIXAPAR IY40317 AIXAPAR IY40307 BUGTRAQ 20030212 libIM.a buffer overflow vulnerability BUGTRAQ 20030212 iDEFENSE Security Advisory 02.12.03: Buffer Overflow in AIX libIM.a VULNWATCH 20030212 iDEFENSE Security Advisory 02.12.03: Buffer Overflow in AIX libIM.a Buffer overflow in libIM library (libIM.a) for National Language Support (NLS) on AIX 4.3 through 5.2 allows local users to gain privileges via several possible attack vectors, including a long -im argument to aixterm.

cpe:/o:apple:mac_os_x:10.2.3 cpe:/o:apple:mac_os_x:10.2.2 cpe:/o:apple:mac_os_x:10.2 cpe:/o:apple:mac_os_x:10.2.1

CVE-2003-0088

2003-03-03T00:00:00.000-05:00

2008-09-10T20:05:48.070-04:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

ATSTAKE A021403-1 XF macos-trublueenvironment-gain-privileges(11332) CONFIRM http://lists.apple.com/archives/security-announce/2003/Feb/25/applesa20030225macosx102.txt CONFIRM http://docs.info.apple.com/article.html?artnum=61798 BID 6859 TruBlueEnvironment for MacOS 10.2.3 and earlier allows local users to overwrite or create arbitrary files and gain root privileges by setting a certain environment variable that is used to write debugging information.

cpe:/o:hp:hp-ux:11.00 cpe:/o:hp:hp-ux:11.11

CVE-2003-0089

2003-12-15T00:00:00.000-05:00

2009-03-04T00:17:31.170-05:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

XF hp-sd-utilities-bo(13623) BID 8986 HP HPSBUX0311-293 BUGTRAQ 20031113 NSFOCUS SA2003-07: HP-UX Software Distributor Buffer Overflow Vulnerability VULNWATCH 20031113 NSFOCUS SA2003-07: HP-UX Software Distributor Buffer Overflow Vulnerability Buffer overflow in the Software Distributor utilities for HP-UX B.11.00 and B.11.11 allows local users to execute arbitrary code via a long LANG environment variable to setuid programs such as (1) swinstall and (2) swmodify.

CVE-2003-0090

2003-12-15T00:00:00.000-05:00

2008-09-10T15:17:53.633-04:00

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2000-0844. Reason: This candidate is a duplicate of CVE-2000-0844. Notes: All CVE users should reference CVE-2000-0844 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0 cpe:/o:sun:solaris:2.5.1

CVE-2003-0091

2003-04-02T00:00:00.000-05:00

2008-09-10T15:17:54.057-04:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

VULNWATCH 20030331 NSFOCUS SA2003-02: Solaris lpq Stack Buffer Overflow Vulnerability BUGTRAQ 20030331 NSFOCUS SA2003-02: Solaris lpq Stack Buffer Overflow Vulnerability OSVDB 8713 MISC http://www.nsfocus.com/english/homepage/sa2003-02.htm CIAC N-068 SUNALERT 52443 MISC http://packetstormsecurity.org/0304-advisories/sa2003-02.txt Stack-based buffer overflow in the bsd_queue() function for lpq on Solaris 2.6 and 7 allows local users to gain root privilege.

cpe:/o:sun:solaris:9.0::sparc cpe:/o:sun:solaris:8.0 cpe:/o:sun:solaris:2.6 cpe:/o:sun:solaris:7.0 cpe:/o:sun:solaris:2.5.1

CVE-2003-0092

2003-04-02T00:00:00.000-05:00

2008-09-10T15:17:54.133-04:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

VULNWATCH 20030331 NSFOCUS SA2003-03: Solaris dtsession Heap Buffer Overflow Vulnerability BID 7240 BUGTRAQ 20030331 NSFOCUS SA2003-03: Solaris dtsession Heap Buffer Overflow Vulnerability SUNALERT 52388 Heap-based buffer overflow in dtsession for Solaris 2.5.1 through Solaris 9 allows local users to gain root privileges via a long HOME environment variable.

cpe:/a:lbl:tcpdump:3.6.2 cpe:/a:lbl:tcpdump:3.5.2 cpe:/a:lbl:tcpdump:3.4a6 cpe:/a:lbl:tcpdump:3.5 cpe:/a:lbl:tcpdump:3.4

CVE-2003-0093

2003-03-03T00:00:00.000-05:00

2008-09-10T15:17:54.197-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

MISC https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=81585 XF tcpdump-radius-decoder-dos(11324) REDHAT RHSA-2003:214 REDHAT RHSA-2003:033 REDHAT RHSA-2003:032 MANDRAKE MDKSA-2003:027 DEBIAN DSA-261 The RADIUS decoder in tcpdump 3.6.2 and earlier allows remote attackers to cause a denial of service (crash) via an invalid RADIUS packet with a header length field of 0, which causes tcpdump to generate data within an infinite loop.

cpe:/a:andries_brouwer:util-linux:2.11n cpe:/a:andries_brouwer:util-linux:2.11u

CVE-2003-0094

2003-03-03T00:00:00.000-05:00

2008-09-10T20:05:48.727-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

XF utillinux-mcookie-cookie-predictable(11318) BID 6855 MANDRAKE MDKSA-2003:016 A patch for mcookie in the util-linux package for Mandrake Linux 8.2 and 9.0 uses /dev/urandom instead of /dev/random, which causes mcookie to use an entropy source that is more predictable than expected, which may make it easier for certain types of attacks to succeed.

cpe:/a:oracle:oracle8i:8.1.7 cpe:/a:oracle:oracle9i:9.0.1.3 cpe:/a:oracle:oracle9i:9.0 cpe:/a:oracle:oracle8i:8.1.7.1 cpe:/a:oracle:database_server:9.2.1 cpe:/a:oracle:oracle9i:9.0.1 cpe:/a:oracle:database_server:9.2.2 cpe:/a:oracle:oracle9i:9.0.1.2 cpe:/a:oracle:oracle9i:9.0.2 cpe:/a:oracle:database_server:8.0.6

CVE-2003-0095

2003-03-03T00:00:00.000-05:00

2008-09-10T00:00:00.000-04:00

10.0

NETWORK

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

CERT-VN VU#953746 CERT CA-2003-05 CONFIRM http://otn.oracle.com/deploy/security/pdf/2003alert51.pdf BID 6849 OSVDB 6319 XF oracle-username-bo(11328) CIAC N-046 BUGTRAQ 20030217 Oracle unauthenticated remote system compromise (#NISR16022003a) Buffer overflow in ORACLE.EXE for Oracle Database Server 9i, 8i, 8.1.7, and 8.0.6 allows remote attackers to execute arbitrary code via a long username that is provided during login, as exploitable through client applications that perform their own authentication, as demonstrated using LOADPSP.

CVE-2003-0096

2003-03-03T00:00:00.000-05:00

2008-09-10T00:00:00.000-04:00

9.0

NETWORK

LOW

SINGLE_INSTANCE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

CERT-VN VU#840666 CERT-VN VU#743954 CERT-VN VU#663786 CERT CA-2003-05 BID 6850 BID 6848 BID 6847 MISC http://www.nextgenss.com/advisories/ora-tzofstbo.txt MISC http://www.nextgenss.com/advisories/ora-tmstmpbo.txt MISC http://www.nextgenss.com/advisories/ora-bfilebo.txt XF oracle-totimestamptz-bo(11327) XF oracle-tzoffset-bo(11326) XF oracle-bfilename-directory-bo(11325) CIAC N-046 CONFIRM http://otn.oracle.com/deploy/security/pdf/2003alert50.pdf CONFIRM http://otn.oracle.com/deploy/security/pdf/2003alert49.pdf CONFIRM http://otn.oracle.com/deploy/security/pdf/2003alert48.pdf BUGTRAQ 20030217 Oracle bfilename function buffer overflow vulnerability (#NISR16022003e) BUGTRAQ 20030217 Oracle TZ_OFFSET Remote System Buffer Overrun (#NISR16022003c) BUGTRAQ 20030217 Oracle TO_TIMESTAMP_TZ Remote System Buffer Overrun (#NISR16022003b) VULNWATCH 20030217 Oracle bfilename function buffer overflow vulnerability (#NISR16022003e) VULNWATCH 20030217 Oracle TZ_OFFSET Remote System Buffer Overrun (#NISR16022003c) VULNWATCH 20030217 Oracle unauthenticated remote system compromise (#NISR16022003a) Multiple buffer overflows in Oracle 9i Database release 2, Release 1, 8i, 8.1.7, and 8.0.6 allow remote attackers to execute arbitrary code via (1) a long conversion string argument to the TO_TIMESTAMP_TZ function, (2) a long time zone argument to the TZ_OFFSET function, or (3) a long DIRECTORY parameter to the BFILENAME function.

cpe:/a:php:php:4.3

CVE-2003-0097

2003-03-03T00:00:00.000-05:00

2008-09-10T20:05:49.057-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

GENTOO GLSA-200302-09 BUGTRAQ 20030217 PHP Security Advisory: CGI vulnerability in PHP version 4.3.0 CONFIRM http://www.slackware.com/changelog/current.php?cpu=i386 XF php-cgi-sapi-access(11343) BID 6875 GENTOO GLSA-200302-09.1 Unknown vulnerability in CGI module for PHP 4.3.0 allows attackers to access arbitrary files as the PHP user, and possibly execute PHP code, by bypassing the CGI force redirect settings (cgi.force_redirect or --enable-force-cgi-redirect).

cpe:/a:apc:apcupsd:3.8.5 cpe:/a:apc:apcupsd:3.10.4

CVE-2003-0098

2003-03-03T00:00:00.000-05:00

2008-09-10T15:17:55.897-04:00

10.0

NETWORK

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

DEBIAN DSA-277 BID 7200 SUSE SuSE-SA:2003:022 XF apcupsd-logevent-format-string(11334) CONFIRM http://sourceforge.net/project/shownotes.php?release_id=137900 SECTRACK 1006108 MISC http://hsj.shadowpenguin.org/misc/apcupsd_exp.txt CONFIRM http://cvs.sourceforge.net/cgi-bin/viewcvs.cgi/apcupsd/apcupsd/src/apcnisd.c.diff?r1=1.5&r2=1.6 CALDERA CSSA-2003-015.0 BID 6828 MANDRAKE MDKSA-2003:018 Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server.

cpe:/a:apc:apcupsd:3.8.5

CVE-2003-0099

2003-03-03T00:00:00.000-05:00

2008-09-10T15:17:55.960-04:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

DEBIAN DSA-277 BID 7200 XF apcupsd-vsprintf-multiple-bo(11491) CONFIRM http://sourceforge.net/project/shownotes.php?release_id=137900 CONFIRM http://sourceforge.net/project/shownotes.php?release_id=137892 SUSE SuSE-SA:2003:022 MANDRAKE MDKSA-2003:018 SECTRACK 1006108 CALDERA CSSA-2003-015.0 Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before 3.10.5, may allow attackers to cause a denial of service or execute arbitrary code, related to usage of the vsprintf function.

cpe:/o:cisco:ios:11.1%2820%29aa4 cpe:/o:cisco:ios:11.2gs cpe:/o:cisco:ios:12.0s cpe:/o:cisco:ios:12.0%282%29xc cpe:/o:cisco:ios:11.2%2819%29gs0.2 cpe:/o:cisco:ios:11.3%281%29t cpe:/o:cisco:ios:12.0%281%29 cpe:/o:cisco:ios:11.3%281%29ed cpe:/o:cisco:ios:12.0%2810%29w5%2818f%29 cpe:/o:cisco:ios:11.2%2810%29bc cpe:/o:cisco:ios:12.0%2817%29s cpe:/o:cisco:ios:12.0%281%29xe cpe:/o:cisco:ios:11.2%284%29f cpe:/o:cisco:ios:12.0%285%29wc3 cpe:/o:cisco:ios:12.0%283%29 cpe:/o:cisco:ios:12.0%287%29t cpe:/o:cisco:ios:11.1%287%29aa cpe:/o:cisco:ios:11.1%2817%29ct cpe:/o:cisco:ios:12.0%2814%29w5%2820%29 cpe:/o:cisco:ios:12.0%287%29xe2 cpe:/o:cisco:ios:12.0sl cpe:/o:cisco:ios:12.0%287%29xf cpe:/o:cisco:ios:12.0xw cpe:/o:cisco:ios:11.3%2811c%29 cpe:/o:cisco:ios:11.2%2826b%29 cpe:/o:cisco:ios:12.0%2811%29s6 cpe:/o:cisco:ios:11.1%2828a%29ct cpe:/o:cisco:ios:12.0%289a%29 cpe:/o:cisco:ios:12.0db cpe:/o:cisco:ios:12.0%284%29xe cpe:/o:cisco:ios:12.0%288%29 cpe:/o:cisco:ios:11.3 cpe:/o:cisco:ios:11.2xa cpe:/o:cisco:ios:12.0%287%29t2 cpe:/o:cisco:ios:12.0%285%29wc2b cpe:/o:cisco:ios:11.2%289%29p cpe:/o:cisco:ios:12.0%285%29xk cpe:/o:cisco:ios:12.0dc cpe:/o:cisco:ios:12.0%287%29db2 cpe:/o:cisco:ios:12.0%285%29xe cpe:/o:cisco:ios:12.0xb cpe:/o:cisco:ios:11.2f cpe:/o:cisco:ios:12.0xe cpe:/o:cisco:ios:11.1%2813%29ia cpe:/o:cisco:ios:12.0%285%29wx cpe:/o:cisco:ios:11.1%2816%29ia cpe:/o:cisco:ios:12.0xa cpe:/o:cisco:ios:12.0%285%29xn1 cpe:/o:cisco:ios:11.1%2813%29 cpe:/o:cisco:ios:12.0%285%29t1 cpe:/o:cisco:ios:11.2%288%29sa5 cpe:/o:cisco:ios:11.1%2836%29cc2 cpe:/o:cisco:ios:12.0%2817%29st1 cpe:/o:cisco:ios:12.0%2817%29 cpe:/o:cisco:ios:11.1%2815%29aa cpe:/o:cisco:ios:12.0%287%29wx5%2815a%29 cpe:/o:cisco:ios:12.0%2813%29wt6%281%29 cpe:/o:cisco:ios:12.0xc cpe:/o:cisco:ios:12.0%288.3%29sc cpe:/o:cisco:ios:12.0%285.4%29wc1 cpe:/o:cisco:ios:12.0%285%29xu cpe:/o:cisco:ios:12.0%287%29xe cpe:/o:cisco:ios:12.0%2816%29w5%2821%29 cpe:/o:cisco:ios:12.0%2814%29st cpe:/o:cisco:ios:12.0%282%29xd cpe:/o:cisco:ios:12.0%287%29xk3 cpe:/o:cisco:ios:12.0 cpe:/o:cisco:ios:12.0%285.2%29xu cpe:/o:cisco:ios:11.3%2811%29b cpe:/o:cisco:ios:12.0%288%29s1 cpe:/o:cisco:ios:12.0%2813a%29 cpe:/o:cisco:ios:11.3%288%29db2 cpe:/o:cisco:ios:12.0%287a%29 cpe:/o:cisco:ios:11.1%2813%29aa cpe:/o:cisco:ios:11.2%288%29p cpe:/o:cisco:ios:11.1%2836%29ca2 cpe:/o:cisco:ios:12.0%285%29t cpe:/o:cisco:ios:12.0xs cpe:/o:cisco:ios:12.0%2814%29st3 cpe:/o:cisco:ios:12.0%2810a%29 cpe:/o:cisco:ios:12.0%2815%29s6 cpe:/o:cisco:ios:12.0%2816%29s8 cpe:/o:cisco:ios:12.0%2810%29s7 cpe:/o:cisco:ios:12.0%281%29xb cpe:/o:cisco:ios:12.0%287%29xk cpe:/o:cisco:ios:12.0%287%29sc cpe:/o:cisco:ios:11.3xa cpe:/o:cisco:ios:11.2sa cpe:/o:cisco:ios:11.1%2836%29cc4 cpe:/o:cisco:ios:11.1%2816%29aa cpe:/o:cisco:ios:12.0%284%29xm1 cpe:/o:cisco:ios:11.3na cpe:/o:cisco:ios:12.0%287%29s1 cpe:/o:cisco:ios:12.0xu cpe:/o:cisco:ios:11.3%2811b%29 cpe:/o:cisco:ios:12.0%2815a%29 cpe:/o:cisco:ios:12.0%2817%29s4 cpe:/o:cisco:ios:12.0%2812%29s3 cpe:/o:cisco:ios:11.3ha cpe:/o:cisco:ios:12.0%2811%29st4 cpe:/o:cisco:ios:12.0%285%29xs cpe:/o:cisco:ios:12.0%2816%29st1 cpe:/o:cisco:ios:11.1%2815%29ia cpe:/o:cisco:ios:12.0xq cpe:/o:cisco:ios:12.0%281%29w cpe:/o:cisco:ios:11.3wa4 cpe:/o:cisco:ios:11.2%2819a%29gs6 cpe:/o:cisco:ios:12.0%2814a%29 cpe:/o:cisco:ios:12.0%2814%29s7 cpe:/o:cisco:ios:12.0%289%29s8 cpe:/o:cisco:ios:12.0xk cpe:/o:cisco:ios:12.0da cpe:/o:cisco:ios:11.2%2826a%29 cpe:/o:cisco:ios:12.0%282b%29 cpe:/o:cisco:ios:12.0xh cpe:/o:cisco:ios:11.2%2826%29p2 cpe:/o:cisco:ios:12.0%2817a%29 cpe:/o:cisco:ios:12.0%285%29xk2 cpe:/o:cisco:ios:12.0xf cpe:/o:cisco:ios:11.2%2811b%29t2 cpe:/o:cisco:ios:12.0%2816a%29 cpe:/o:cisco:ios:11.1%2815%29ca cpe:/o:cisco:ios:12.0xn cpe:/o:cisco:ios:11.3t cpe:/o:cisco:ios:12.0sc cpe:/o:cisco:ios:12.0%2817%29sl2 cpe:/o:cisco:ios:12.0sx cpe:/o:cisco:ios:12.0%289%29 cpe:/o:cisco:ios:11.2%289%29xa cpe:/o:cisco:ios:12.0%283%29t2 cpe:/o:cisco:ios:12.0%282%29 cpe:/o:cisco:ios:12.0%284%29xm cpe:/o:cisco:ios:12.0%2818%29s5 cpe:/o:cisco:ios:11.1ia cpe:/o:cisco:ios:12.0%284%29s cpe:/o:cisco:ios:12.0%2817%29sl6 cpe:/o:cisco:ios:11.2%288%29sa1 cpe:/o:cisco:ios:12.0%285%29wc cpe:/o:cisco:ios:12.0xg cpe:/o:cisco:ios:12.0wt cpe:/o:cisco:ios:12.0%285%29wc2 cpe:/o:cisco:ios:11.1 cpe:/o:cisco:ios:11.1%2824a%29 cpe:/o:cisco:ios:11.3db cpe:/o:cisco:ios:12.0xm cpe:/o:cisco:ios:12.0w5 cpe:/o:cisco:ios:12.0%2812a%29 cpe:/o:cisco:ios:12.0%2817%29st5 cpe:/o:cisco:ios:12.0%2818%29w5%2822b%29 cpe:/o:cisco:ios:12.0xl cpe:/o:cisco:ios:11.2%284%29 cpe:/o:cisco:ios:11.3ma cpe:/o:cisco:ios:11.2%284%29f1 cpe:/o:cisco:ios:11.1%287%29ca cpe:/o:cisco:ios:11.2wa4 cpe:/o:cisco:ios:12.0%285.1%29xp cpe:/o:cisco:ios:11.1ca cpe:/o:cisco:ios:11.1ct cpe:/o:cisco:ios:11.2%284%29xa cpe:/o:cisco:ios:11.2p cpe:/o:cisco:ios:12.0%2816%29sc3 cpe:/o:cisco:ios:11.1cc cpe:/o:cisco:ios:11.3aa cpe:/o:cisco:ios:11.1%2817%29cc cpe:/o:cisco:ios:12.0%285%29yb4 cpe:/o:cisco:ios:12.0%286b%29 cpe:/o:cisco:ios:11.3da cpe:/o:cisco:ios:12.0%288a%29 cpe:/o:cisco:ios:11.2%2823a%29bc1 cpe:/o:cisco:ios:12.0t cpe:/o:cisco:ios:12.0%2818%29s cpe:/o:cisco:ios:11.2bc cpe:/o:cisco:ios:12.0%289%29s cpe:/o:cisco:ios:12.0%283d%29 cpe:/o:cisco:ios:12.0%285%29xn cpe:/o:cisco:ios:12.0%2810%29w5%2818g%29 cpe:/o:cisco:ios:12.0xi cpe:/o:cisco:ios:12.0%287%29dc1 cpe:/o:cisco:ios:12.0xr cpe:/o:cisco:ios:12.0%2811a%29 cpe:/o:cisco:ios:11.1aa cpe:/o:cisco:ios:12.0%282%29xf cpe:/o:cisco:ios:12.0%2818b%29 cpe:/o:cisco:ios:12.0xp cpe:/o:cisco:ios:11.3%287%29db1 cpe:/o:cisco:ios:11.1%2824b%29 cpe:/o:cisco:ios:12.0%287%29xv cpe:/o:cisco:ios:12.0%2813%29w5%2819c%29 cpe:/o:cisco:ios:11.2%2817%29 cpe:/o:cisco:ios:12.0%287.4%29s cpe:/o:cisco:ios:12.0wx cpe:/o:cisco:ios:11.1%2828a%29ia cpe:/o:cisco:ios:12.0%285%29wc3b cpe:/o:cisco:ios:12.0%282%29xe cpe:/o:cisco:ios:11.3%282%29xa cpe:/o:cisco:ios:12.0xj cpe:/o:cisco:ios:12.0st cpe:/o:cisco:ios:11.2%284%29xaf cpe:/o:cisco:ios:11.2%288%29sa3 cpe:/o:cisco:ios:12.0%2818%29st1 cpe:/o:cisco:ios:11.2%288.9%29sa6 cpe:/o:cisco:ios:11.1%2813%29ca cpe:/o:cisco:ios:12.0%288.0.2%29s cpe:/o:cisco:ios:11.1%289%29ia cpe:/o:cisco:ios:12.0%284%29t cpe:/o:cisco:ios:12.0%284%29xe1 cpe:/o:cisco:ios:11.2wa3 cpe:/o:cisco:ios:12.0%2816.06%29s cpe:/o:cisco:ios:12.0%287%29xf1 cpe:/o:cisco:ios:12.0xd cpe:/o:cisco:ios:12.0wc cpe:/o:cisco:ios:12.0%2813%29s6 cpe:/o:cisco:ios:12.0%285.3%29wc1 cpe:/o:cisco:ios:11.2 cpe:/o:cisco:ios:12.0sp cpe:/o:cisco:ios:12.0xv cpe:/o:cisco:ios:11.3%2811b%29t2 cpe:/o:cisco:ios:12.0%281%29xa3 cpe:/o:cisco:ios:12.0%282%29xg cpe:/o:cisco:ios:12.0%2810%29w5 cpe:/o:cisco:ios:12.0%2815%29s3

CVE-2003-0100

2003-03-03T00:00:00.000-05:00

2008-09-10T20:05:49.507-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

BUGTRAQ 20030221 Re: Cisco IOS OSPF exploit XF cisco-ios-ospf-bo(11373) BUGTRAQ 20030220 Cisco IOS OSPF exploit BID 6895 Buffer overflow in Cisco IOS 11.2.x to 12.0.x allows remote attackers to cause a denial of service and possibly execute commands via a large number of OSPF neighbor announcements.

cpe:/a:usermin:usermin:0.6 cpe:/a:usermin:usermin:0.96 cpe:/a:webmin:webmin:1.0.60 cpe:/a:usermin:usermin:0.5 cpe:/a:usermin:usermin:0.9 cpe:/a:usermin:usermin:0.99 cpe:/a:usermin:usermin:0.4 cpe:/a:usermin:usermin:0.95 cpe:/a:usermin:usermin:0.7 cpe:/a:webmin:webmin:1.0.50 cpe:/a:usermin:usermin:0.8 cpe:/a:usermin:usermin:0.91 cpe:/a:usermin:usermin:0.94 cpe:/a:usermin:usermin:0.97 cpe:/a:usermin:usermin:0.92 cpe:/a:usermin:usermin:0.93 cpe:/a:usermin:usermin:0.98 cpe:/a:engardelinux:guardian_digital_webtool:1.2

CVE-2003-0101

2003-03-03T00:00:00.000-05:00

2008-09-10T20:05:49.570-04:00

10.0

NETWORK

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

CONFIRM http://marc.theaimsgroup.com/?l=webmin-announce&m=104587858408101&w=2 BUGTRAQ 20030224 [SNS Advisory No.62] Webmin/Usermin Session ID Spoofing Vulnerability "Episode 2" BID 6915 MISC http://www.lac.co.jp/security/english/snsadv_e/62_e.html XF webmin-usermin-root-access(11390) DEBIAN DSA-319 CIAC N-058 BUGTRAQ 20030224 GLSA: usermin (200302-14) BUGTRAQ 20030224 Webmin 1.050 - 1.060 remote exploit ENGARDE ESA-20030225-006 HP HPSBUX0303-250 SGI 20030602-01-I SECTRACK 1006160 MANDRAKE MDKSA-2003:025 CONFIRM http://www.linuxsecurity.com/advisories/gentoo_advisory-2886.html SECUNIA 8163 SECUNIA 8115 miniserv.pl in (1) Webmin before 1.070 and (2) Usermin before 1.000 does not properly handle metacharacters such as line feeds and carriage returns (CRLF) in Base-64 encoded strings during Basic authentication, which allows remote attackers to spoof a session ID and gain root privileges.

cpe:/a:file:file:3.34 cpe:/a:file:file:3.39 cpe:/o:netbsd:netbsd:1.5.3 cpe:/a:file:file:3.30 cpe:/o:netbsd:netbsd:1.5 cpe:/a:file:file:3.33 cpe:/o:netbsd:netbsd:1.6 cpe:/a:file:file:3.35 cpe:/a:file:file:3.36 cpe:/a:file:file:3.37 cpe:/a:file:file:3.32 cpe:/o:netbsd:netbsd:1.5.2 cpe:/a:file:file:3.28 cpe:/o:netbsd:netbsd:1.5.1 cpe:/a:file:file:3.40

CVE-2003-0102

2003-03-18T00:00:00.000-05:00

2008-09-10T15:17:56.180-04:00

4.6

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

CERT-VN VU#611865 BID 7008 MISC http://www.idefense.com/advisory/03.04.03.txt XF file-afctr-read-bo(11469) REDHAT RHSA-2003:087 REDHAT RHSA-2003:086 SUSE SuSE-SA:2003:017 MANDRAKE MDKSA-2003:030 DEBIAN DSA-260 BUGTRAQ 20030304 iDEFENSE Security Advisory 03.04.03: Locally Exploitable Buffer Overflow in file(1) IMMUNIX IMNX-2003-7+-012-01 NETBSD NetBSD-SA2003-003 Buffer overflow in tryelf() in readelf.c of the file command allows attackers to execute arbitrary code as the user running file, possibly via a large entity size value in an ELF header (elfhdr.e_shentsize).

cpe:/h:nokia:6210_handset:5.27

CVE-2003-0103

2003-03-07T00:00:00.000-05:00

2008-09-05T16:33:29.380-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

BID 6952 XF nokia-6210-vcard-dos(11421) Format string vulnerability in Nokia 6210 handset allows remote attackers to cause a denial of service (crash, lockup, or restart) via a Multi-Part vCard with fields containing a large number of format string specifiers.

cpe:/a:peoplesoft:peopletools:8.40 cpe:/a:peoplesoft:peopletools:8.13 cpe:/a:peoplesoft:peopletools:8.16 cpe:/a:peoplesoft:peopletools:8.12 cpe:/a:peoplesoft:peopletools:8.18 cpe:/a:peoplesoft:peopletools:8.17 cpe:/a:peoplesoft:peopletools:8.10 cpe:/a:peoplesoft:peopletools:8.14 cpe:/a:peoplesoft:peopletools:8.15 cpe:/a:peoplesoft:peopletools:8.11 cpe:/a:peoplesoft:peopletools:8.41

CVE-2003-0104

2003-03-18T00:00:00.000-05:00

2008-09-05T16:33:29.537-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

BID 7053 XF peoplesoft-schedulertransfer-create-files(10962) ISS 20030310 PeopleSoft PeopleTools Remote Command Execution Vulnerability Directory traversal vulnerability in PeopleTools 8.10 through 8.18, 8.40, and 8.41 allows remote attackers to overwrite arbitrary files via the SchedulerTransfer servlet.

cpe:/a:port80_software:servermask:2.2

CVE-2003-0105

2004-09-28T00:00:00.000-04:00

2008-09-05T16:33:29.707-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

XF servermask-header-obtain-info(16947) MISC http://www.corsaire.com/advisories/c030224-001.txt BUGTRAQ 20040810 Corsaire Security Advisory - Port80 Software ServerMask inconsistencies ServerMask 2.2 and earlier does not obfuscate (1) ETag, (2) HTTP Status Message, or (3) Allow HTTP responses, which could tell remote attackers that the web server is an IIS server.

cpe:/a:symantec:enterprise_firewall:7.0

CVE-2003-0106

2003-04-02T00:00:00.000-05:00

2008-09-05T16:33:29.850-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

CONFIRM http://service1.symantec.com/SUPPORT/ent-gate.nsf/docid/2003032507434754 BUGTRAQ 20030326 Corsaire Security Advisory - Symantec Enterprise Firewall (SEF) H TTP URL pattern evasion issue BID 7196 VULNWATCH 20030326 Corsaire Security Advisory - Symantec Enterprise Firewall (SEF) H TTP URL pattern evasion issue NTBUGTRAQ 20030326 Corsaire Security Advisory - Symantec Enterprise Firewall (SEF) H TTP URL pattern evasion issue The HTTP proxy for Symantec Enterprise Firewall (SEF) 7.0 allows proxy users to bypass pattern matching for blocked URLs via requests that are URL-encoded with escapes, Unicode, or UTF-8.

cpe:/a:gnu:zlib:1.1.4

CVE-2003-0107

2003-03-07T00:00:00.000-05:00

2008-09-10T20:05:50.163-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

CERT-VN VU#142121 XF zlib-gzprintf-bo(11381) BUGTRAQ 20030222 buffer overrun in zlib 1.1.4 BUGTRAQ 20030223 poc zlib sploit just for fun :) CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00038.html BID 6913 REDHAT RHSA-2003:081 REDHAT RHSA-2003:079 OSVDB 6599 MANDRAKE MDKSA-2003:033 SUNALERT 57405 GENTOO GLSA-200303-25 BUGTRAQ 20030225 [sorcerer-spells] ZLIB-SORCERER2003-02-25 BUGTRAQ 20030224 Re: buffer overrun in zlib 1.1.4 CONECTIVA CLSA-2003:619 NETBSD NetBSD-SA2003-004 CALDERA CSSA-2003-011.0 Buffer overflow in the gzprintf function in zlib 1.1.4, when zlib is compiled without vsnprintf or when long inputs are truncated using vsnprintf, allows attackers to cause a denial of service or possibly execute arbitrary code.

cpe:/a:lbl:tcpdump:3.7 cpe:/a:lbl:tcpdump:3.6.2 cpe:/a:lbl:tcpdump:3.5.2 cpe:/a:lbl:tcpdump:3.7.1

CVE-2003-0108

2003-03-07T00:00:00.000-05:00

2008-09-05T16:33:30.117-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

BID 6974 MISC http://www.idefense.com/advisory/02.27.03.txt DEBIAN DSA-255 XF tcpdump-isakmp-dos(11434) REDHAT RHSA-2003:214 REDHAT RHSA-2003:085 REDHAT RHSA-2003:032 SUSE SuSE-SA:2003:0015 MANDRAKE MDKSA-2003:027 BUGTRAQ 20030304 [OpenPKG-SA-2003.014] OpenPKG Security Advisory (tcpdump) BUGTRAQ 20030227 iDEFENSE Security Advisory 02.27.03: TCPDUMP Denial of Service Vulnerability in ISAKMP Packet Parsin CONECTIVA CLA-2003:629 isakmp_sub_print in tcpdump 3.6 through 3.7.1 allows remote attackers to cause a denial of service (CPU consumption) via a certain malformed ISAKMP packet to UDP port 500, which causes tcpdump to enter an infinite loop.

cpe:/o:microsoft:windows_2000::sp1:professional cpe:/o:microsoft:windows_2000_terminal_services::sp3 cpe:/o:microsoft:windows_2000:::datacenter_server cpe:/o:microsoft:windows_2000::sp1:datacenter_server cpe:/o:microsoft:windows_2000::sp3:professional cpe:/o:microsoft:windows_2000::sp1:server cpe:/o:microsoft:windows_2000::sp3:datacenter_server cpe:/o:microsoft:windows_2000::sp3:advanced_server cpe:/o:microsoft:windows_2000_terminal_services::sp2 cpe:/o:microsoft:windows_2000::sp2:datacenter_server cpe:/o:microsoft:windows_2000:::server cpe:/o:microsoft:windows_2000::sp2:advanced_server cpe:/o:microsoft:windows_2000::sp1:advanced_server cpe:/o:microsoft:windows_2000::sp3:server cpe:/o:microsoft:windows_2000::sp2:professional cpe:/o:microsoft:windows_2000:::advanced_server cpe:/o:microsoft:windows_2000_terminal_services::sp1 cpe:/o:microsoft:windows_2000::sp2:server cpe:/o:microsoft:windows_2000:::professional cpe:/o:microsoft:windows_2000_terminal_services

CVE-2003-0109

2003-03-31T00:00:00.000-05:00

2008-09-10T15:17:57.290-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

CERT CA-2003-09 CERT-VN VU#117394 BID 7116 MS MS03-007 XF http-webdav-long-request(11533) ISS 20030317 Microsoft IIS WebDAV Remote Compromise Vulnerability MISC http://www.nextgenss.com/papers/ms03-007-ntdll.pdf MSKB Q815021 CONFIRM http://microsoft.com/downloads/details.aspx?FamilyId=C9A38D45-5145-4844-B62E-C69D32AC929B&displaylang=en NTBUGTRAQ 20030321 New attack vectors and a vulnerability dissection of MS03-007 BUGTRAQ 20030708 WDAV exploit without netcat and with pretty magic number BUGTRAQ 20030328 Fate Research Labs Presents: Analysis of the NTDLL.DLL Exploit BUGTRAQ 20030326 WebDAV exploit: using wide character decoder scheme BUGTRAQ 20030325 IIS 5.0 WebDAV -Proof of concept-. Fully documented. BUGTRAQ 20030321 New attack vectors and a vulnerability dissection of MS03-007 Buffer overflow in ntdll.dll on Microsoft Windows NT 4.0, Windows NT 4.0 Terminal Server Edition, Windows 2000, and Windows XP allows remote attackers to execute arbitrary code, as demonstrated via a WebDAV request to IIS 5.0.

cpe:/a:microsoft:proxy_server:2.0 cpe:/a:microsoft:isa_server:2000 cpe:/a:microsoft:isa_server:2000:sp1 cpe:/a:microsoft:isa_server:2000:fp1 cpe:/a:microsoft:proxy_server:2.0:sp1

CVE-2003-0110

2003-05-05T00:00:00.000-04:00

2008-09-10T15:17:57.353-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

MS MS03-012 MISC http://www.idefense.com/advisory/04.09.03.txt BUGTRAQ 20030409 iDEFENSE Security Advisory 04.09.03: Denial of Service in Microsoft Proxy Server and Internet Security and Acceleration Server 2000 The Winsock Proxy service in Microsoft Proxy Server 2.0 and the Microsoft Firewall service in Internet Security and Acceleration (ISA) Server 2000 allow remote attackers to cause a denial of service (CPU consumption or packet storm) via a spoofed, malformed packet to UDP port 1745.

cpe:/o:microsoft:windows_2000::sp1:professional cpe:/o:microsoft:windows_2000_terminal_services::sp3 cpe:/o:microsoft:windows_2000:::datacenter_server cpe:/o:microsoft:windows_2000::sp1:datacenter_server cpe:/o:microsoft:windows_2000::sp3:professional cpe:/o:microsoft:windows_2000::sp1:server cpe:/o:microsoft:windows_2000::sp3:datacenter_server cpe:/o:microsoft:windows_2000::sp3:advanced_server cpe:/o:microsoft:windows_2000_terminal_services::sp2 cpe:/o:microsoft:windows_2000::sp2:datacenter_server cpe:/a:microsoft:virtual_machine:3809 cpe:/o:microsoft:windows_2000:::server cpe:/o:microsoft:windows_2000::sp2:advanced_server cpe:/o:microsoft:windows_2000::sp1:advanced_server cpe:/o:microsoft:windows_2000::sp3:server cpe:/o:microsoft:windows_2000::sp2:professional cpe:/a:microsoft:virtual_machine:3802 cpe:/o:microsoft:windows_2000:::advanced_server cpe:/o:microsoft:windows_2000_terminal_services::sp1 cpe:/o:microsoft:windows_2000::sp2:server cpe:/o:microsoft:windows_2000:::professional cpe:/a:microsoft:virtual_machine:3805 cpe:/o:microsoft:windows_2000_terminal_services

CVE-2003-0111

2003-05-05T00:00:00.000-04:00

2008-09-10T15:17:57.430-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

CERT-VN VU#447569 MS MS03-011 XF msvm-bytecode-improper-validation(11751) The ByteCode Verifier component of Microsoft Virtual Machine (VM) build 5.0.3809 and earlier, as used in Windows and Internet Explorer, allows remote attackers to bypass security checks and execute arbitrary code via a malicious Java applet, aka "Flaw in Microsoft VM Could Enable System Compromise."

cpe:/o:microsoft:windows_nt:4.0:sp1:server cpe:/o:microsoft:windows_2000_terminal_services::sp3 cpe:/o:microsoft:windows_nt:4.0::server cpe:/o:microsoft:windows_2000::sp1:datacenter_server cpe:/o:microsoft:windows_nt:4.0:sp5:workstation cpe:/o:microsoft:windows_nt:4.0:sp3:workstation cpe:/o:microsoft:windows_xp::gold:professional cpe:/o:microsoft:windows_nt:4.0::enterprise_server cpe:/o:microsoft:windows_2000::sp2:advanced_server cpe:/o:microsoft:windows_2000::sp2:professional cpe:/o:microsoft:windows_nt:4.0:sp1:workstation cpe:/o:microsoft:windows_2000_terminal_services::sp1 cpe:/o:microsoft:windows_nt:4.0:sp4:workstation cpe:/o:microsoft:windows_2000:::professional cpe:/o:microsoft:windows_nt:4.0:sp5:enterprise_server cpe:/o:microsoft:windows_xp::sp1:home cpe:/o:microsoft:windows_nt:4.0:sp6a:server cpe:/o:microsoft:windows_2000::sp1:professional cpe:/o:microsoft:windows_nt:4.0:sp6:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp2:enterprise_server cpe:/o:microsoft:windows_xp:::home cpe:/o:microsoft:windows_nt:4.0:sp2:server cpe:/o:microsoft:windows_nt:4.0:sp3:server cpe:/o:microsoft:windows_nt:4.0:sp4:enterprise_server cpe:/o:microsoft:windows_xp:::64-bit cpe:/o:microsoft:windows_nt:4.0:sp4:terminal_server cpe:/o:microsoft:windows_2000_terminal_services::sp2 cpe:/o:microsoft:windows_2000::sp2:datacenter_server cpe:/o:microsoft:windows_2000:::server cpe:/o:microsoft:windows_nt:4.0:sp6:server cpe:/o:microsoft:windows_nt:4.0:sp1:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp3:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp4:server cpe:/o:microsoft:windows_2000_terminal_services cpe:/o:microsoft:windows_nt:4.0::terminal_server cpe:/o:microsoft:windows_nt:4.0:sp1:enterprise_server cpe:/o:microsoft:windows_nt:4.0:sp6a:enterprise_server cpe:/o:microsoft:windows_2000::sp3:datacenter_server cpe:/o:microsoft:windows_nt:4.0:sp6a:terminal_server cpe:/o:microsoft:windows_nt:4.0:sp6a:workstation cpe:/o:microsoft:windows_nt:4.0:sp6:enterprise_server cpe:/o:microsoft:windows_2000::sp3:server cpe:/o:microsoft:windows_2000:::advanced_server cpe:/o:microsoft:windows_nt:4.0:sp2:workstation cpe:/o:microsoft:windows_nt:4.0:sp3:enterprise_server cpe:/o:microsoft:windows_xp::sp1:64-bit cpe:/o:microsoft:windows_2000:::datacenter_server cpe:/o:microsoft:windows_2000::sp3:professional cpe:/o:microsoft:windows_2000::sp1:server cpe:/o:microsoft:windows_2000::sp3:advanced_server cpe:/o:microsoft:windows_2000::sp1:advanced_server cpe:/o:microsoft:windows_nt:4.0:sp5:server cpe:/o:microsoft:windows_nt:4.0::workstation cpe:/o:microsoft:windows_nt:4.0:sp5:terminal_server cpe:/o:microsoft:windows_2000::sp2:server cpe:/o:microsoft:windows_nt:4.0:sp6:workstation cpe:/o:microsoft:windows_nt:4.0:sp2:terminal_server

CVE-2003-0112

2003-05-12T00:00:00.000-04:00

2008-09-10T15:17:57.493-04:00

4.6

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

CERT-VN VU#446338 BID 7370 MS MS03-013 XF win-kernel-lpcrequestwaitreplyport-bo(11803) Buffer overflow in Windows Kernel allows local users to gain privileges by causing certain error messages to be passed to a debugger.

cpe:/a:microsoft:ie:5.5 cpe:/a:microsoft:ie:5.0.1:sp1 cpe:/a:microsoft:ie:5.0.1 cpe:/a:microsoft:ie:5.0.1:sp3 cpe:/a:microsoft:ie:6.0:sp1 cpe:/a:microsoft:ie:5.5:sp1 cpe:/a:microsoft:ie:5.0.1:sp2 cpe:/a:microsoft:ie:5.5:sp2 cpe:/a:microsoft:ie:6.0

CVE-2003-0113

2003-05-12T00:00:00.000-04:00

2008-09-10T15:17:57.570-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

CERT-VN VU#169753 MS MS03-015 BUGTRAQ 20030426 Buffer overflow in Internet Explorer's HTTP parsing code BUGTRAQ 20030701 URLMON.DLL buffer overflow - technical details Buffer overflow in URLMON.DLL in Microsoft Internet Explorer 5.01, 5.5 and 6.0 allows remote attackers to execute arbitrary code via an HTTP response containing long values in (1) Content-type and (2) Content-encoding fields.

CVE-2003-0114

2003-05-12T00:00:00.000-04:00

2008-09-10T15:17:57.633-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

MS MS03-015 BUGTRAQ 20030203 internet explorer local file reading The file upload control in Microsoft Internet Explorer 5.01, 5.5, and 6.0 allows remote attackers to automatically upload files from the local system via a web page containing a script to upload the files.

CVE-2003-0115

2003-05-12T00:00:00.000-04:00

2008-09-10T15:17:57.710-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

MS MS03-015 XF ie-improper-thirdparty-rendering(11848) Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check parameters that are passed during third party rendering, which could allow remote attackers to execute arbitrary web script, aka the "Third Party Plugin Rendering" vulnerability, a different vulnerability than CVE-2003-0233.

CVE-2003-0116

2003-05-12T00:00:00.000-04:00

2008-09-05T16:33:31.507-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

CERT-VN VU#244729 BID 6306 MS MS03-015 BUGTRAQ 20021203 Poisonous Style for Dialog window turns the zone off. Microsoft Internet Explorer 5.01, 5.5 and 6.0 does not properly check the Cascading Style Sheet input parameter for Modal dialogs, which allows remote attackers to read files on the local system via a web page containing script that creates a dialog and then accesses the target files, aka "Modal Dialog script execution."

cpe:/a:microsoft:biztalk_server:2002::enterprise cpe:/a:microsoft:biztalk_server:2002::developer

CVE-2003-0117

2003-05-12T00:00:00.000-04:00

2008-09-10T15:17:57.837-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

MS MS03-016 BUGTRAQ 20030505 Microsoft Biztalk Server ISAPI HTTP Receive function buffer overflow Buffer overflow in the HTTP receiver function (BizTalkHTTPReceive.dll ISAPI) of Microsoft BizTalk Server 2002 allows attackers to execute arbitrary code via a certain request to the HTTP receiver.

cpe:/a:microsoft:biztalk_server:2002::enterprise cpe:/a:microsoft:biztalk_server:2000:sp1a:developer cpe:/a:microsoft:biztalk_server:2000::standard cpe:/a:microsoft:biztalk_server:2000:sp2:standard cpe:/a:microsoft:biztalk_server:2000:sp2:enterprise cpe:/a:microsoft:biztalk_server:2000:sp1a:enterprise cpe:/a:microsoft:biztalk_server:2000:sp1a:standard cpe:/a:microsoft:biztalk_server:2000::developer cpe:/a:microsoft:biztalk_server:2002::developer cpe:/a:microsoft:biztalk_server:2000::enterprise cpe:/a:microsoft:biztalk_server:2000:sp2:developer

CVE-2003-0118

2003-05-12T00:00:00.000-04:00

2008-09-10T15:17:58.617-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

MS MS03-016 BUGTRAQ 20030505 Microsoft Biztalk Server DTA vulnerable to SQL injection SQL injection vulnerability in the Document Tracking and Administration (DTA) website of Microsoft BizTalk Server 2000 and 2002 allows remote attackers to execute operating system commands via a request to (1) rawdocdata.asp or (2) RawCustomSearchField.asp containing an embedded SQL statement.

cpe:/o:ibm:aix:5.1 cpe:/o:ibm:aix:5.2 cpe:/o:ibm:aix:4.3.3

CVE-2003-0119

2004-02-03T00:00:00.000-05:00

2008-09-05T16:33:31.973-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

CERT-VN VU#624713 BID 7264 IBM MSS-OAR-E01-2003:0245.1 SECUNIA 8221 The secldapclntd daemon in AIX 4.3, 5.1 and 5.2 uses an Internet socket when communicating with the loadmodule, which allows remote attackers to directly connect to the daemon and conduct unauthorized activities.

cpe:/a:mhc-utils:mhc-utils:0.25_snap2001-06-25

CVE-2003-0120

2003-03-07T00:00:00.000-05:00

2008-09-05T16:33:32.130-04:00

1.2

LOCAL

HIGH

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

DEBIAN DSA-256 BID 6978 XF mhc-adb2mhc-insecure-tmp(11439) adb2mhc in the mhc-utils package before 0.25+20010625-7.1 allows local users to overwrite arbitrary files via a symlink attack on a default temporary directory with a predictable name.

cpe:/a:clearswift:mailsweeper:4.1 cpe:/a:clearswift:mailsweeper:4.0 cpe:/a:clearswift:mailsweeper:4.3 cpe:/a:clearswift:mailsweeper:4.2

CVE-2003-0121

2003-03-18T00:00:00.000-05:00

2008-09-05T16:33:32.257-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

BID 7044 BUGTRAQ 20030307 Corsaire Security Advisory - Clearswift MAILsweeper MIME attachment evasion issue BUGTRAQ 20030326 RE: Corsaire Security Advisory - Clearswift MAILsweeper MIME attachment evasion issue Clearswift MAILsweeper 4.x allows remote attackers to bypass attachment detection via an attachment that does not specify a MIME-Version header field, which is processed by some mail clients.

cpe:/a:ibm:lotus_notes_client:5.0.5 cpe:/a:ibm:lotus_domino:5.0 cpe:/a:ibm:lotus_domino:5.0.1 cpe:/a:ibm:lotus_notes_client:5.0.1 cpe:/a:ibm:lotus_notes_client:5.0.11 cpe:/a:ibm:lotus_domino:5.0.8 cpe:/a:ibm:lotus_notes_client:5.0.3 cpe:/a:ibm:lotus_domino:5.0.10 cpe:/a:ibm:lotus_domino:5.0.11 cpe:/a:ibm:lotus_domino:5.0.3 cpe:/a:ibm:lotus_domino:4.6.3 cpe:/a:ibm:lotus_domino:5.0.4a cpe:/a:ibm:lotus_notes_client:5.0.2 cpe:/a:ibm:lotus_domino:5.0.7a cpe:/a:ibm:lotus_notes_client:r5 cpe:/a:ibm:lotus_domino:5.0.9 cpe:/a:ibm:lotus_domino:5.0.2 cpe:/a:ibm:lotus_domino:4.6.4 cpe:/a:ibm:lotus_domino:5.0.5:::french cpe:/a:ibm:lotus_domino:5.0.4::solaris cpe:/a:ibm:lotus_domino:4.6.1 cpe:/a:ibm:lotus_domino:5.0.8a cpe:/a:ibm:lotus_notes_client:5.0.10 cpe:/a:ibm:lotus_notes_client:5.0.9a cpe:/a:ibm:lotus_domino:5.0.6a cpe:/a:ibm:lotus_domino:5.0.7::solaris cpe:/a:ibm:lotus_domino:5.0.8:::french cpe:/a:ibm:lotus_notes_client:5.0 cpe:/a:ibm:lotus_notes_client:5.0.4 cpe:/a:ibm:lotus_domino:5.0.5 cpe:/a:ibm:lotus_domino:5.0.6 cpe:/a:ibm:lotus_domino:5.0.9a

CVE-2003-0122

2003-03-18T00:00:00.000-05:00

2008-09-05T16:33:32.410-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

CERT-VN VU#433489 CERT CA-2003-11 BID 7037 CONFIRM http://www-1.ibm.com/support/docview.wss?rs=482&q=Domino&uid=swg21105101 BUGTRAQ 20030313 R7-0010: Buffer Overflow in Lotus Notes Protocol Authentication MISC http://www.rapid7.com/advisories/R7-0010.html XF lotus-nrpc-bo(11526) CIAC N-065 VULNWATCH 20030313 R7-0010: Buffer Overflow in Lotus Notes Protocol Authentication Buffer overflow in Notes server before Lotus Notes R4, R5 before 5.0.11, and early R6 allows remote attackers to execute arbitrary code via a long distinguished name (DN) during NotesRPC authentication and an outer field length that is less than that of the DN field.

CVE-2003-0123

2003-03-18T00:00:00.000-05:00

2008-09-05T16:33:32.600-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

CERT-VN VU#411489 CERT CA-2003-11 BID 7038 CONFIRM http://www-1.ibm.com/support/docview.wss?rs=482&q=Domino&uid=swg21105060 BUGTRAQ 20030313 R7-0011: Lotus Notes/Domino Web Retriever HTTP Status Buffer Overflow MISC http://www.rapid7.com/advisories/R7-0011.html XF lotus-web-retriever-bo(11525) CIAC N-065 Buffer overflow in Web Retriever client for Lotus Notes/Domino R4.5 through R6 allows remote malicious web servers to cause a denial of service (crash) via a long HTTP status line.

cpe:/a:andries_brouwer:man:1.5k cpe:/a:andries_brouwer:man:1.5i2 cpe:/a:andries_brouwer:man:1.5j cpe:/a:andries_brouwer:man:1.5h1 cpe:/a:andries_brouwer:man:1.5i

CVE-2003-0124

2003-03-18T00:00:00.000-05:00

2008-09-05T16:33:32.803-04:00

4.6

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

BID 7066 BUGTRAQ 20030311 Vulnerability in man < 1.5l XF man-myxsprintf-code-execution(11512) REDHAT RHSA-2003:134 REDHAT RHSA-2003:133 GENTOO GLSA-200303-13 CONECTIVA CLSA-2003:620 man before 1.5l allows attackers to execute arbitrary code via a malformed man file with improper quotes, which causes the my_xsprintf function to return a string with the value "unsafe," which is then executed as a program via a system call if it is in the search path of the user who runs man.

cpe:/h:multitech:routefinder_550_vpn:4.63

CVE-2003-0125

2003-03-18T00:00:00.000-05:00

2008-09-05T16:33:32.957-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

MISC http://www.krusesecurity.dk/advisories/routefind550bof.txt CONFIRM ftp://ftp.multitech.com/Routers/RF550VPN.TXT XF routefinder-vpn-options-bo(11514) BID 7067 Buffer overflow in the web interface for SOHO Routefinder 550 before firmware 4.63 allows remote attackers to cause a denial of service (reboot) and execute arbitrary code via a long GET /OPTIONS value.

cpe:/h:multitech:routefinder_550_vpn:4.63 cpe:/h:multitech:routefinder_550_vpn:4.64_beta

CVE-2003-0126

2003-03-18T00:00:00.000-05:00

2008-09-05T16:33:33.083-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

MISC http://www.krusesecurity.dk/advisories/routefind550bof.txt The web interface for SOHO Routefinder 550 firmware 4.63 and earlier, and possibly later versions, has a default "admin" account with a blank password, which could allow attackers on the LAN side to conduct unauthorized activities.

cpe:/o:linux:linux_kernel:2.4.16 cpe:/o:linux:linux_kernel:2.2.2 cpe:/o:linux:linux_kernel:2.2.24 cpe:/o:linux:linux_kernel:2.4.1 cpe:/o:linux:linux_kernel:2.4.6 cpe:/o:linux:linux_kernel:2.2.9 cpe:/o:linux:linux_kernel:2.4.17 cpe:/o:linux:linux_kernel:2.2.23 cpe:/o:linux:linux_kernel:2.4.14 cpe:/o:linux:linux_kernel:2.2.12 cpe:/o:linux:linux_kernel:2.4.7 cpe:/o:linux:linux_kernel:2.2.22 cpe:/o:linux:linux_kernel:2.2.15 cpe:/o:linux:linux_kernel:2.4.10 cpe:/o:linux:linux_kernel:2.4.11 cpe:/o:linux:linux_kernel:2.4.4 cpe:/o:linux:linux_kernel:2.4.13 cpe:/o:linux:linux_kernel:2.4.19 cpe:/o:linux:linux_kernel:2.2.21 cpe:/o:linux:linux_kernel:2.2.3 cpe:/o:linux:linux_kernel:2.2.5 cpe:/o:linux:linux_kernel:2.2.10 cpe:/o:linux:linux_kernel:2.2.8 cpe:/o:linux:linux_kernel:2.4.9 cpe:/o:linux:linux_kernel:2.2.17 cpe:/o:linux:linux_kernel:2.4.8 cpe:/o:linux:linux_kernel:2.4.21:pre1 cpe:/o:linux:linux_kernel:2.4.18 cpe:/o:linux:linux_kernel:2.4.20 cpe:/o:linux:linux_kernel:2.2.19 cpe:/o:linux:linux_kernel:2.4.5 cpe:/o:linux:linux_kernel:2.2.14 cpe:/o:linux:linux_kernel:2.2.1 cpe:/o:linux:linux_kernel:2.2.13 cpe:/o:linux:linux_kernel:2.4.12 cpe:/o:linux:linux_kernel:2.2.6 cpe:/o:linux:linux_kernel:2.2.16 cpe:/o:linux:linux_kernel:2.2.20 cpe:/o:linux:linux_kernel:2.2.0 cpe:/o:linux:linux_kernel:2.2.7 cpe:/o:linux:linux_kernel:2.2.11 cpe:/o:linux:linux_kernel:2.2.4 cpe:/o:linux:linux_kernel:2.4.15 cpe:/o:linux:linux_kernel:2.4.0 cpe:/o:linux:linux_kernel:2.2.18 cpe:/o:linux:linux_kernel:2.4.2 cpe:/o:linux:linux_kernel:2.4.3

CVE-2003-0127

2003-03-31T00:00:00.000-05:00

2008-09-10T15:18:01.163-04:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

CERT-VN VU#628849 REDHAT RHSA-2003:098 REDHAT RHSA-2003:145 DEBIAN DSA-495 DEBIAN DSA-423 DEBIAN DSA-336 DEBIAN DSA-332 DEBIAN DSA-312 DEBIAN DSA-311 DEBIAN DSA-276 DEBIAN DSA-270 GENTOO GLSA-200303-17 REDHAT RHSA-2003:088 CALDERA CSSA-2003-020.0 REDHAT RHSA-2003:103 MANDRAKE MDKSA-2003:039 MANDRAKE MDKSA-2003:038 ENGARDE ESA-20030515-017 VULNWATCH 20030317 Fwd: Ptrace hole / Linux 2.2.25 The kernel module loader in Linux kernel 2.2.x before 2.2.25, and 2.4.x before 2.4.21, allows local users to gain root privileges by using ptrace to attach to a child process that is spawned by the kernel.

cpe:/a:ximian:evolution:1.0.7 cpe:/a:ximian:evolution:1.2.1 cpe:/a:ximian:evolution:1.2 cpe:/a:ximian:evolution:1.0.4 cpe:/a:ximian:evolution:1.2.2 cpe:/a:ximian:evolution:1.0.3 cpe:/a:ximian:evolution:1.1.1 cpe:/a:ximian:evolution:1.0.6 cpe:/a:ximian:evolution:1.0.8 cpe:/a:ximian:evolution:1.0.5

CVE-2003-0128

2003-03-24T00:00:00.000-05:00

2008-09-10T15:18:01.557-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

BID 7117 MISC http://www.coresecurity.com/common/showdoc.php?idx=309&idxseccion=10 REDHAT RHSA-2003:108 BUGTRAQ 20030319 CORE-2003-03-04-01: Multiple vulnerabilities in Ximian 's Evolution Mail User Agent MANDRAKE MDKSA-2003:045 GENTOO GLSA-200303-18 BUGTRAQ 20030321 GLSA: evolution (200303-18) CONECTIVA CLA-2003:648 The try_uudecoding function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a malicious uuencoded (UUE) header, possibly triggering a heap-based buffer overflow.

CVE-2003-0129

2003-03-24T00:00:00.000-05:00

2008-09-10T15:18:01.617-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

BID 7118 MISC http://www.coresecurity.com/common/showdoc.php?idx=309&idxseccion=10 BUGTRAQ 20030321 GLSA: evolution (200303-18) REDHAT RHSA-2003:108 BUGTRAQ 20030319 CORE-2003-03-04-01: Multiple vulnerabilities in Ximian 's Evolution Mail User Agent MANDRAKE MDKSA-2003:045 GENTOO GLSA-200303-18 CONECTIVA CLA-2003:648 Ximian Evolution Mail User Agent 1.2.2 and earlier allows remote attackers to cause a denial of service (memory consumption) via a mail message that is uuencoded multiple times.

CVE-2003-0130

2003-03-24T00:00:00.000-05:00

2008-09-10T15:18:01.697-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

BID 7119 MISC http://www.coresecurity.com/common/showdoc.php?idx=309&idxseccion=10 BUGTRAQ 20030321 GLSA: evolution (200303-18) REDHAT RHSA-2003:108 BUGTRAQ 20030319 CORE-2003-03-04-01: Multiple vulnerabilities in Ximian 's Evolution Mail User Agent MANDRAKE MDKSA-2003:045 GENTOO GLSA-200303-18 CONECTIVA CLA-2003:648 The handle_image function in mail-format.c for Ximian Evolution Mail User Agent 1.2.2 and earlier does not properly escape HTML characters, which allows remote attackers inject arbitrary data and HTML via a MIME Content-ID header in a MIME-encoded image.

cpe:/a:openssl:openssl:0.9.6a cpe:/a:openssl:openssl:0.9.6 cpe:/a:openssl:openssl:0.9.6d cpe:/a:openssl:openssl:0.9.6i cpe:/a:openssl:openssl:0.9.6e cpe:/a:openssl:openssl:0.9.7a cpe:/a:openssl:openssl:0.9.6h cpe:/a:openssl:openssl:0.9.6b cpe:/a:openssl:openssl:0.9.7 cpe:/a:openssl:openssl:0.9.6c cpe:/a:openssl:openssl:0.9.6g

CVE-2003-0131

2003-03-24T00:00:00.000-05:00

2011-03-07T21:12:10.750-05:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

CERT-VN VU#888801 BID 7148 BUGTRAQ 20030319 [OpenSSL Advisory] Klima-Pokorny-Rosa attack on PKCS #1 v1.5 padding XF ssl-premaster-information-leak(11586) BUGTRAQ 20030327 Immunix Secured OS 7+ openssl update REDHAT RHSA-2003:102 REDHAT RHSA-2003:101 CONFIRM http://www.openssl.org/news/secadv_20030319.txt SUSE SuSE-SA:2003:024 MISC http://www.linuxsecurity.com/advisories/immunix_advisory-3066.html IMMUNIX IMNX-2003-7+-001-01 DEBIAN DSA-288 CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00028.html MISC http://eprint.iacr.org/2003/052/ SGI 20030501-01-I NETBSD NetBSD-SA2003-007 SUSE SuSE-SA:2003:024 BUGTRAQ 20030327 Immunix Secured OS 7+ openssl update OPENPKG OpenPKG-SA-2003.026 MANDRAKE MDKSA-2003:035 GENTOO GLSA-200303-20 TRUSTIX 2003-0013 BUGTRAQ 20030324 GLSA: openssl (200303-20) CONECTIVA CLA-2003:625 CALDERA CSSA-2003-014.0 The SSL and TLS components for OpenSSL 0.9.6i and earlier, 0.9.7, and 0.9.7a allow remote attackers to perform an unauthorized RSA private key operation via a modified Bleichenbacher attack that uses a large number of SSL or TLS connections using PKCS #1 v1.5 padding that cause OpenSSL to leak information regarding the relationship between ciphertext and the associated plaintext, aka the "Klima-Pokorny-Rosa attack."

cpe:/a:apache:http_server:2.0.28 cpe:/a:apache:http_server:2.0.41 cpe:/a:apache:http_server:2.0.36 cpe:/a:apache:http_server:2.0.40 cpe:/a:apache:http_server:2.0.37 cpe:/a:apache:http_server:2.0.42 cpe:/a:apache:http_server:2.0.35 cpe:/a:apache:http_server:2.0.43 cpe:/a:apache:http_server:2.0.39 cpe:/a:apache:http_server:2.0.44 cpe:/a:apache:http_server:2.0.32 cpe:/a:apache:http_server:2.0 cpe:/a:apache:http_server:2.0.9 cpe:/a:apache:http_server:2.0.38

CVE-2003-0132

2003-04-11T00:00:00.000-04:00

2009-05-13T00:17:01.110-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

CERT-VN VU#206537 BUGTRAQ 20030402 [ANNOUNCE] Apache 2.0.45 Released VUPEN ADV-2009-1233 REDHAT RHSA-2003:139 MISC http://www.idefense.com/advisory/04.08.03.txt MISC http://support.ca.com/irj/portal/anonymous/phpsupcontent?contentID=205147 SECUNIA 8499 SECUNIA 34920 CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00028.html BUGTRAQ 20030411 PATCH: [CAN-2003-0132] Apache 2.0.44 Denial of Service BUGTRAQ 20030410 working apache <= 2.0.44 DoS exploit for linux. BUGTRAQ 20030408 Exploit Code Released for Apache 2.x Memory Leak BUGTRAQ 20030409 GLSA: apache (200304-01) BUGTRAQ 20030408 iDEFENSE Security Advisory 04.08.03: Denial of Service in Apache HTTP Server 2.x A memory leak in Apache 2.0 through 2.0.44 allows remote attackers to cause a denial of service (memory consumption) via large chunks of linefeed characters, which causes Apache to allocate 80 bytes for each linefeed.

cpe:/a:gnome:gtkhtml:1.1.10 cpe:/a:gnome:gtkhtml:1.1.9

CVE-2003-0133

2003-05-05T00:00:00.000-04:00

2008-09-10T15:18:02.493-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

REDHAT RHSA-2003:126 MANDRAKE MDKSA-2003:046 CONECTIVA CLA-2003:737 GtkHTML, as included in Evolution before 1.2.4, allows remote attackers to cause a denial of service (crash) via certain malformed messages.

cpe:/a:apache:http_server:2.0.28 cpe:/a:apache:http_server:2.0.41 cpe:/a:apache:http_server:2.0.36 cpe:/a:apache:http_server:2.0.40 cpe:/a:apache:http_server:2.0.37 cpe:/a:apache:http_server:2.0.42 cpe:/a:apache:http_server:2.0.35 cpe:/a:apache:http_server:2.0.45 cpe:/a:apache:http_server:2.0.43 cpe:/a:apache:http_server:2.0.39 cpe:/a:apache:http_server:2.0.44 cpe:/a:apache:http_server:2.0.32 cpe:/a:apache:http_server:2.0 cpe:/a:apache:http_server:2.0.9 cpe:/a:apache:http_server:2.0.38

CVE-2003-0134

2003-04-11T00:00:00.000-04:00

2008-09-05T16:33:34.473-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

BUGTRAQ 20030402 [ANNOUNCE] Apache 2.0.45 Released CONFIRM http://cvs.apache.org/viewcvs/apr/file_io/os2/filestat.c.diff?r1=1.34&r2=1.35 BUGTRAQ 20030528 [SECURITY] [ANNOUNCE] Apache 2.0.46 released Unknown vulnerability in filestat.c for Apache running on OS2, versions 2.0 through 2.0.45, allows unknown attackers to cause a denial of service via requests related to device names.

cpe:/o:redhat:linux:9.0::i386

CVE-2003-0135

2003-04-11T00:00:00.000-04:00

2008-09-10T15:18:02.633-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

BID 7253 REDHAT RHSA-2003:084 vsftpd FTP daemon in Red Hat Linux 9 is not compiled against TCP wrappers (tcp_wrappers) but is installed as a standalone service, which inadvertently prevents vsftpd from restricting access as intended.

cpe:/o:astart_technologies:lprng:3.7.4 cpe:/o:astart_technologies:lprng:3.8.10.1 cpe:/o:astart_technologies:lprng:3.8.19 cpe:/o:astart_technologies:lprng:3.8.9

CVE-2003-0136

2003-05-05T00:00:00.000-04:00

2008-09-10T15:18:02.710-04:00

2.1

LOCAL

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

REDHAT RHSA-2003:142 DEBIAN DSA-285 CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=188366 psbanner in the LPRng package allows local users to overwrite arbitrary files via a symbolic link attack on the /tmp/before file.

cpe:/a:nokia:sgsn_dx200

CVE-2003-0137

2003-03-18T00:00:00.000-05:00

2008-09-10T15:18:02.773-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ATSTAKE A031303-2 SECUNIA 8301 SNMP daemon in the DX200 based network element for Nokia Serving GPRS support node (SGSN) allows remote attackers to read SNMP options via arbitrary community strings.

cpe:/a:mit:kerberos:4

CVE-2003-0138

2003-03-24T00:00:00.000-05:00

2008-09-10T15:18:02.853-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

CERT-VN VU#623217 DEBIAN DSA-266 CONFIRM http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt REDHAT RHSA-2003:091 REDHAT RHSA-2003:052 REDHAT RHSA-2003:051 DEBIAN DSA-273 DEBIAN DSA-269 BID 7113 BUGTRAQ 20030331 GLSA: krb5 & mit-krb5 (200303-28) BUGTRAQ 20030317 MITKRB5-SA-2003-004: Cryptographic weaknesses in Kerberos v4 protocol Version 4 of the Kerberos protocol (krb4), as used in Heimdal and other packages, allows an attacker to impersonate any principal in a realm via a chosen-plaintext attack.

cpe:/a:mit:kerberos:4

CVE-2003-0139

2003-03-24T00:00:00.000-05:00

2008-09-10T15:18:02.913-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

CERT-VN VU#442569 CONFIRM http://web.mit.edu/kerberos/www/advisories/MITKRB5-SA-2003-004-krb4.txt BUGTRAQ 20030319 MITKRB5-SA-2003-004: Cryptographic weaknesses in Kerberos v4 REDHAT RHSA-2003:091 REDHAT RHSA-2003:052 REDHAT RHSA-2003:051 DEBIAN DSA-273 DEBIAN DSA-266 BUGTRAQ 20030330 GLSA: openafs (200303-26) BUGTRAQ 20030331 GLSA: krb5 & mit-krb5 (200303-28) Certain weaknesses in the implementation of version 4 of the Kerberos protocol (krb4) in the krb5 distribution, when triple-DES keys are used to key krb4 services, allow an attacker to create krb4 tickets for unauthorized principals using a cut-and-paste attack and "ticket splicing."

cpe:/a:mutt:mutt:1.3.24 cpe:/a:mutt:mutt:1.5.3 cpe:/a:mutt:mutt:1.3.12 cpe:/a:mutt:mutt:1.3.25 cpe:/a:mutt:mutt:1.3.17 cpe:/a:mutt:mutt:1.3.16 cpe:/a:mutt:mutt:1.3.22 cpe:/a:mutt:mutt:1.4.0 cpe:/a:mutt:mutt:1.3.27

CVE-2003-0140

2003-03-24T00:00:00.000-05:00

2008-09-10T15:18:02.993-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

BID 7120 BUGTRAQ 20030320 CORE-20030304-02: Vulnerability in Mutt Mail User Agent XF mutt-folder-name-bo(11583) BUGTRAQ 20030319 mutt-1.4.1 fixes a buffer overflow. REDHAT RHSA-2003:109 SUSE SuSE-SA:2003:020 DEBIAN DSA-268 MANDRAKE MDKSA-2003:041 GENTOO GLSA-200303-19 MISC http://www.coresecurity.com/common/showdoc.php?idx=310&idxseccion=10 BUGTRAQ 20030430 GLSA: balsa (200304-10) BUGTRAQ 20030322 GLSA: mutt (200303-19) BUGTRAQ 20030320 [OpenPKG-SA-2003.025] OpenPKG Security Advisory (mutt) CONECTIVA CLA-2003:630 CONECTIVA CLA-2003:626 Buffer overflow in Mutt 1.4.0 and possibly earlier versions, 1.5.x up to 1.5.3, and other programs that use Mutt code such as Balsa before 2.0.10, allows a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a crafted folder.

cpe:/a:realnetworks:realplayer:8.0 cpe:/a:realnetworks:realone_player:6.0.10.505:gold cpe:/a:realnetworks:realone_player:2.0 cpe:/a:realnetworks:realone_player:6.0.11.841 cpe:/a:realnetworks:realone_player:6.0.11.830 cpe:/a:realnetworks:realone_player:9.0.0.297 cpe:/a:realnetworks:realone_player:6.0.11.853 cpe:/a:realnetworks:realone_player:9.0.0.288 cpe:/a:realnetworks:realone_player:6.0.11.818 cpe:/a:realnetworks:realone_enterprise_desktop:6.0.11.774

CVE-2003-0141

2003-04-02T00:00:00.000-05:00

2011-03-07T21:12:11.487-05:00

5.1

NETWORK

HIGH

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

CERT-VN VU#705761 BID 7177 MISC http://www.coresecurity.com/common/showdoc.php?idx=311&idxseccion=10 BUGTRAQ 20030328 CORE-2003-0306: RealPlayer PNG deflate heap corruption vulnerability VULNWATCH 20030328 CORE-2003-0306: RealPlayer PNG deflate heap corruption vulnerability The PNG deflate algorithm in RealOne Player 6.0.11.x and earlier, RealPlayer 8/RealPlayer Plus 8 6.0.9.584, and other versions allows remote attackers to corrupt the heap and overwrite arbitrary memory via a PNG graphic file format containing compressed data using fixed trees that contain the length values 286-287, which are treated as a very large length.

cpe:/a:adobe:acrobat_reader:6.0

CVE-2003-0142

2003-08-18T00:00:00.000-04:00

2008-09-05T16:33:35.757-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

CERT-VN VU#689835 BUGTRAQ 20030708 Adobe Acrobat and PDF security: no improvements for 2 years Adobe Acrobat Reader (acroread) 6, under certain circumstances when running with the "Certified plug-ins only" option disabled, loads plug-ins with signatures used for older versions of Acrobat, which can allow attackers to cause Acrobat to enter Certified mode and run untrusted plugins by modifying the CTIsCertifiedMode function.

cpe:/a:qualcomm:qpopper:4.0.1 cpe:/a:qualcomm:qpopper:4.0.4 cpe:/a:qualcomm:qpopper:4.0.3 cpe:/a:qualcomm:qpopper:4.0.2

CVE-2003-0143

2003-03-18T00:00:00.000-05:00

2008-09-05T16:33:35.910-04:00

10.0

NETWORK

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

BID 7058 DEBIAN DSA-259 XF qpopper-popmsg-macroname-bo(11516) BUGTRAQ 20030310 QPopper 4.0.x buffer overflow vulnerability SUSE SuSE-SA:2003:018 GENTOO GLSA-200303-12 BUGTRAQ 20030314 [OpenPKG-SA-2003.018] OpenPKG Security Advisory (qpopper) BUGTRAQ 20030312 Re: QPopper 4.0.x buffer overflow vulnerability The pop_msg function in qpopper 4.0.x before 4.0.5fc2 does not null terminate a message buffer after a call to Qvsnprintf, which could allow authenticated users to execute arbitrary code via a buffer overflow in a mdef command with a long macro name.

cpe:/o:openbsd:openbsd:2.4 cpe:/o:openbsd:openbsd:2.0 cpe:/o:openbsd:openbsd:3.1 cpe:/o:bsd:lpr:0.48 cpe:/o:freebsd:freebsd:2.2.6 cpe:/o:freebsd:freebsd:2.2.5 cpe:/o:openbsd:openbsd:3.0 cpe:/o:openbsd:openbsd:2.2 cpe:/o:freebsd:freebsd:2.2.3 cpe:/a:lprold:lprold:3.0.48 cpe:/o:bsd:lpr:2000-05-07 cpe:/o:freebsd:freebsd:2.2.4 cpe:/o:openbsd:openbsd:2.3 cpe:/o:openbsd:openbsd:2.1 cpe:/o:openbsd:openbsd:2.8 cpe:/o:openbsd:openbsd:2.5 cpe:/o:openbsd:openbsd:3.2 cpe:/o:openbsd:openbsd:2.9 cpe:/o:openbsd:openbsd:2.6 cpe:/o:openbsd:openbsd:2.7 cpe:/o:freebsd:freebsd:2.2.2 cpe:/o:freebsd:freebsd:2.2

CVE-2003-0144

2003-03-31T00:00:00.000-05:00

2008-09-10T15:18:03.273-04:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

BID 7025 XF lprm-bo(11473) SUSE SuSE-SA:2003:0014 DEBIAN DSA-275 DEBIAN DSA-267 SGI 20030406-02-P CONFIRM ftp://ftp.openbsd.org/pub/OpenBSD/patches/3.2/common/010_lprm.patch MANDRAKE MDKSA-2003:059 SECUNIA 8293 BUGTRAQ 20030308 OpenBSD lprm(1) exploit BUGTRAQ 20030305 potential buffer overflow in lprm (fwd) Buffer overflow in the lprm command in the lprold lpr package on SuSE 7.1 through 7.3, OpenBSD 3.2 and earlier, and possibly other operating systems, allows local users to gain root privileges via long command line arguments such as (1) request ID or (2) user name.

cpe:/a:lbl:tcpdump:3.7 cpe:/a:lbl:tcpdump:3.6.2 cpe:/a:lbl:tcpdump:3.5.2 cpe:/a:lbl:tcpdump:3.7.1

CVE-2003-0145

2003-03-31T00:00:00.000-05:00

2008-09-05T16:33:36.257-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

CONFIRM http://www.tcpdump.org/tcpdump-changes.txt XF tcpdump-radius-attribute-dos(11857) REDHAT RHSA-2003:214 REDHAT RHSA-2003:151 REDHAT RHSA-2003:032 MANDRAKE MDKSA-2003:027 DEBIAN DSA-261 Unknown vulnerability in tcpdump before 3.7.2 related to an inability to "Handle unknown RADIUS attributes properly," allows remote attackers to cause a denial of service (infinite loop), a different vulnerability than CAN-2003-0093.

cpe:/a:netpbm:netpbm:9.20

CVE-2003-0146

2003-03-31T00:00:00.000-05:00

2008-09-05T16:33:36.397-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

CERT-VN VU#630433 DEBIAN DSA-263 XF netpbm-multiple-bo(11463) BID 6979 REDHAT RHSA-2003:060 BUGTRAQ 20030228 NetPBM, multiple vulnerabilities CONECTIVA CLSA-2003:656 Multiple vulnerabilities in NetPBM 9.20 and earlier, and possibly other versions, may allow remote attackers to cause a denial of service or execute arbitrary code via "maths overflow errors" such as (1) integer signedness errors or (2) integer overflows, which lead to buffer overflows.

cpe:/a:openssl:openssl:0.9.6a cpe:/a:openssl:openssl:0.9.6 cpe:/a:stunnel:stunnel:3.17 cpe:/a:stunnel:stunnel:3.20 cpe:/a:openssl:openssl:0.9.6h cpe:/a:stunnel:stunnel:3.13 cpe:/a:openssl:openssl:0.9.7 cpe:/a:stunnel:stunnel:3.15 cpe:/a:openssl:openssl:0.9.6g cpe:/a:stunnel:stunnel:3.8 cpe:/a:stunnel:stunnel:3.12 cpe:/a:stunnel:stunnel:3.9 cpe:/a:openssl:openssl:0.9.6b cpe:/a:stunnel:stunnel:3.18 cpe:/a:openssl:openssl:0.9.6c cpe:/a:stunnel:stunnel:4.04 cpe:/a:openssl:openssl:0.9.6i cpe:/a:openssl:openssl:0.9.6e cpe:/a:openssl:openssl:0.9.7a cpe:/a:stunnel:stunnel:4.02 cpe:/a:openpkg:openpkg cpe:/a:stunnel:stunnel:3.14 cpe:/a:stunnel:stunnel:3.16 cpe:/a:openpkg:openpkg:1.2 cpe:/a:stunnel:stunnel:3.10 cpe:/a:stunnel:stunnel:3.19 cpe:/a:openssl:openssl:0.9.6d cpe:/a:openpkg:openpkg:1.1 cpe:/a:stunnel:stunnel:4.03 cpe:/a:stunnel:stunnel:3.11 cpe:/a:stunnel:stunnel:4.0 cpe:/a:stunnel:stunnel:3.7 cpe:/a:stunnel:stunnel:3.22 cpe:/a:stunnel:stunnel:3.21 cpe:/a:stunnel:stunnel:4.01

CVE-2003-0147

2003-03-31T00:00:00.000-05:00

2011-03-07T21:12:12.063-05:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

CERT-VN VU#997481 BUGTRAQ 20030327 Immunix Secured OS 7+ openssl update BUGTRAQ 20030325 Fwd: APPLE-SA-2003-03-24 Samba, OpenSSL REDHAT RHSA-2003:102 REDHAT RHSA-2003:101 CONFIRM http://www.openssl.org/news/secadv_20030317.txt MANDRAKE MDKSA-2003:035 DEBIAN DSA-288 BUGTRAQ 20030317 [ADVISORY] Timing Attack on OpenSSL BUGTRAQ 20030313 Vulnerability in OpenSSL MISC http://crypto.stanford.edu/~dabo/papers/ssl-timing.pdf VULNWATCH 20030313 OpenSSL Private Key Disclosure SGI 20030501-01-I IMMUNIX IMNX-2003-7+-001-01 BUGTRAQ 20030325 Fwd: APPLE-SA-2003-03-24 Samba, OpenSSL OPENPKG OpenPKG-SA-2003.019 GENTOO GLSA-200303-23 GENTOO GLSA-200303-24 GENTOO GLSA-200303-15 BUGTRAQ 20030320 [OpenPKG-SA-2003.026] OpenPKG Security Advisory (openssl) CONECTIVA CLA-2003:625 CALDERA CSSA-2003-014.0 OpenSSL does not use RSA blinding by default, which allows local and remote attackers to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the use of different integer multiplication algorithms ("Karatsuba" and normal).

cpe:/a:mcafee:epolicy_orchestrator:2.0 cpe:/a:mcafee:epolicy_orchestrator:3.0 cpe:/a:mcafee:epolicy_orchestrator:2.5.1 cpe:/a:mcafee:epolicy_orchestrator:2.5:sp1 cpe:/a:mcafee:epolicy_orchestrator:2.5

CVE-2003-0148

2003-08-27T00:00:00.000-04:00

2008-09-10T15:18:05.197-04:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

CONFIRM http://www.nai.com/us/promos/mcafee/epo_vulnerabilities.asp ATSTAKE A073103-1 The default installation of MSDE via McAfee ePolicy Orchestrator 2.0 through 3.0 allows attackers to execute arbitrary code via a series of steps that (1) obtain the database administrator username and encrypted password in a configuration file from the ePO server using a certain request, (2) crack the password due to weak cryptography, and (3) use the password to pass commands through xp_cmdshell.

cpe:/a:mcafee:epolicy_orchestrator:2.0 cpe:/a:mcafee:epolicy_orchestrator:2.5.1 cpe:/a:mcafee:epolicy_orchestrator:2.5:sp1 cpe:/a:mcafee:epolicy_orchestrator:2.5

CVE-2003-0149

2003-08-27T00:00:00.000-04:00

2008-09-10T15:18:05.273-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

CONFIRM http://www.nai.com/us/promos/mcafee/epo_vulnerabilities.asp ATSTAKE A073103-1 Heap-based buffer overflow in ePO agent for McAfee ePolicy Orchestrator 2.0, 2.5, and 2.5.1 allows remote attackers to execute arbitrary code via a POST request containing long parameters.

cpe:/a:mysql:mysql:3.23.53 cpe:/a:mysql:mysql:3.23.52 cpe:/a:mysql:mysql:3.23.55 cpe:/a:mysql:mysql:3.23.54 cpe:/a:mysql:mysql:3.23.54a cpe:/a:mysql:mysql:3.23.53a

CVE-2003-0150

2003-03-24T00:00:00.000-05:00

2011-03-07T21:12:12.313-05:00

9.0

NETWORK

LOW

SINGLE_INSTANCE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

CERT-VN VU#203897 BID 7052 BUGTRAQ 20030318 [OpenPKG-SA-2003.022] OpenPKG Security Advisory (mysql) XF mysql-datadir-root-privileges(11510) REDHAT RHSA-2003:093 ENGARDE ESA-20030324-012 DEBIAN DSA-303 REDHAT RHSA-2003:094 BUGTRAQ 20030318 GLSA: mysql (200303-14) BUGTRAQ 20030310 Re: MySQL user can be changed to root BUGTRAQ 20030308 MySQL_user_can_be_changed_to_root? CONECTIVA CLA-2003:743 MANDRAKE MDKSA-2003:057 MySQL 3.23.55 and earlier creates world-writeable files and allows mysql users to gain root privileges by using the "SELECT * INFO OUTFILE" operator to overwrite a configuration file and cause mysql to run as root upon restart, as demonstrated by modifying my.cnf.

cpe:/a:bea:weblogic_server:6.1:sp1 cpe:/a:bea:weblogic_server:7.0:sp2 cpe:/a:bea:weblogic_server:7.0.0.1:sp1:express cpe:/a:bea:weblogic_server:7.0.0.1 cpe:/a:bea:weblogic_server:6.1::express cpe:/a:bea:weblogic_server:7.0:sp1:express cpe:/a:bea:weblogic_server:6.1:sp1:express cpe:/a:bea:weblogic_server:6.1:sp2:express cpe:/a:bea:weblogic_server:7.0.0.1:sp1 cpe:/a:bea:weblogic_server:6.0 cpe:/a:bea:weblogic_server:7.0::express cpe:/a:bea:weblogic_server:6.0::express cpe:/a:bea:weblogic_server:6.1:sp3:express cpe:/a:bea:weblogic_server:7.0.0.1:sp2:express cpe:/a:bea:weblogic_server:6.0:sp2:express cpe:/a:bea:weblogic_server:7.0.0.1::express cpe:/a:bea:weblogic_server:6.0:sp2 cpe:/a:bea:weblogic_server:7.0:sp1 cpe:/a:bea:weblogic_server:6.1:sp2 cpe:/a:bea:weblogic_server:7.0 cpe:/a:bea:weblogic_server:6.1 cpe:/a:bea:weblogic_server:6.1:sp3 cpe:/a:bea:weblogic_server:6.1:sp4:express cpe:/a:bea:weblogic_server:6.0:sp1 cpe:/a:bea:weblogic_server:7.0:sp2:express cpe:/a:bea:weblogic_server:6.1:sp4 cpe:/a:bea:weblogic_server:7.0.0.1:sp2 cpe:/a:bea:weblogic_server:6.0:sp1:express

CVE-2003-0151

2003-03-24T00:00:00.000-05:00

2008-09-05T16:33:37.257-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

BUGTRAQ 20030317 S21SEC-011 - Multiple vulnerabilities in BEA WebLogic Server BUGTRAQ 20030317 SPI ADVISORY: Remote Administration of BEA WebLogic Server and Express MISC http://www.s21sec.com/en/avisos/s21sec-011-en.txt CONFIRM http://dev2dev.bea.com/resourcelibrary/advisoriesnotifications/BEA03-28.jsp BID 7124 BID 7122 BEA WebLogic Server and Express 6.0 through 7.0 does not properly restrict access to certain internal servlets that perform administrative functions, which allows remote attackers to read arbitrary files or execute arbitrary code.

cpe:/a:mozilla:bonsai:1.3

CVE-2003-0152

2003-04-02T00:00:00.000-05:00

2008-09-05T16:33:37.443-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

BID 7162 DEBIAN DSA-265 Unknown vulnerability in bonsai Mozilla CVS query tool allows remote attackers to execute arbitrary commands as the www-data user.

cpe:/a:mozilla:bonsai:1.3

CVE-2003-0153

2003-04-02T00:00:00.000-05:00

2008-09-10T15:18:07.273-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

DEBIAN DSA-265 XF bonsai-path-disclosure(9921) BUGTRAQ 20020819 Advisory: Bonsai XSS and Physical Path Revealing Vulnerabilities CONFIRM http://bugzilla.mozilla.org/show_bug.cgi?id=187230 BID 5517 bonsai Mozilla CVS query tool leaks the absolute pathname of the tool in certain error messages generated by (1) cvslog.cgi, (2) cvsview2.cgi, or (3) multidiff.cgi.

cpe:/a:mozilla:bonsai:1.3

CVE-2003-0154

2003-04-02T00:00:00.000-05:00

2008-09-05T16:33:37.723-04:00

6.8

NETWORK

MEDIUM

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

BID 5516 DEBIAN DSA-265 XF bonsai-error-message-xss(9920) BUGTRAQ 20020819 Advisory: Bonsai XSS and Physical Path Revealing Vulnerabilities CONFIRM http://bugzilla.mozilla.org/show_bug.cgi?id=163573 MISC http://bugzilla.mozilla.org/show_bug.cgi?id=146244 CONFIRM http://bugzilla.mozilla.org/attachment.cgi?id=95985&action=view CONFIRM http://bugzilla.mozilla.org/attachment.cgi?id=95950&action=view Cross-site scripting vulnerabilities (XSS) in bonsai Mozilla CVS query tool allow remote attackers to execute arbitrary web script via (1) the file, root, or rev parameters to cvslog.cgi, (2) the file or root parameters to cvsblame.cgi, (3) various parameters to cvsquery.cgi, (4) the person parameter to showcheckins.cgi, (5) the module parameter to cvsqueryform.cgi, and (6) possibly other attack vectors as identified by Mozilla bug #146244.

cpe:/a:mozilla:bonsai:1.3

CVE-2003-0155

2003-04-02T00:00:00.000-05:00

2008-09-05T16:33:37.863-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

BID 7163 DEBIAN DSA-265 bonsai Mozilla CVS query tool allows remote attackers to gain access to the parameters page without authentication.

cpe:/a:cross_referencer:lxr:0.9 cpe:/a:cross_referencer:lxr:0.3 cpe:/a:cross_referencer:lxr:0.9.2 cpe:/a:cross_referencer:lxr:0.9.1 cpe:/a:cross_referencer:lxr:0.8

CVE-2003-0156

2003-03-24T00:00:00.000-05:00

2008-09-05T16:33:38.007-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

BID 7062 DEBIAN DSA-264 BUGTRAQ 20030311 Cross-Referencing Linux vulnerability Directory traversal vulnerability in Cross-Referencing Linux (LXR) allows remote attackers to read arbitrary files via .. (dot dot) sequences in the v parameter.

CVE-2003-0157

2003-03-24T00:00:00.000-05:00

2008-09-10T15:18:08.460-04:00

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0138. Reason: This candidate is a reservation duplicate of CVE-2003-0138 due to incomplete coordination. Notes: All CVE users should reference CVE-2003-0138 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

CVE-2003-0158

2003-03-24T00:00:00.000-05:00

2008-09-10T15:18:08.710-04:00

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0139. Reason: This candidate is a reservation duplicate of CVE-2003-0139 due to incomplete coordination. Notes: All CVE users should reference CVE-2003-0139 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.

CVE-2003-0159

2003-04-02T00:00:00.000-05:00

2008-09-10T15:18:08.773-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

BID 7050 CONFIRM http://www.ethereal.com/appnotes/enpa-sa-00008.html SUSE SuSE-SA:2003:019 REDHAT RHSA-2003:077 MANDRAKE MDKSA-2003:051 BUGTRAQ 20030309 GLSA: ethereal (200303-10) Heap-based buffer overflow in the NTLMSSP code for Ethereal 0.9.9 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code.

cpe:/a:squirrelmail:squirrelmail:1.2.11

CVE-2003-0160

2003-04-02T00:00:00.000-05:00

2008-09-10T15:18:08.853-04:00

5.8

NETWORK

MEDIUM

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

CONFIRM http://sourceforge.net/mailarchive/forum.php?thread_id=1641953&forum_id=1988 REDHAT RHSA-2003:112 Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail before 1.2.11 allow remote attackers to inject arbitrary HTML code and steal information from a client's web browser.

cpe:/o:hp:hp-ux:10.24 cpe:/a:sendmail:sendmail:8.11.1 cpe:/a:sendmail:sendmail_switch:2.2.4 cpe:/o:hp:sis cpe:/o:compaq:tru64:5.1b_pk1_bl1 cpe:/a:sendmail:sendmail_switch:3.0.1 cpe:/a:sendmail:sendmail:8.9.3 cpe:/o:sun:solaris:9.0:x86_update_2 cpe:/a:sendmail:sendmail:8.12:beta5 cpe:/a:sendmail:sendmail:3.0.3 cpe:/a:sendmail:sendmail:2.6.1 cpe:/a:sendmail:sendmail_switch:2.2.2 cpe:/o:hp:hp-ux:10.08 cpe:/o:hp:hp-ux:10.00 cpe:/o:hp:hp-ux:10.20 cpe:/a:sendmail:sendmail:8.11.4 cpe:/a:sendmail:sendmail:8.11.2 cpe:/a:sendmail:sendmail:8.9.2 cpe:/o:compaq:tru64:4.0f_pk6_bl17 cpe:/o:hp:hp-ux:11.22 cpe:/a:sendmail:sendmail:8.12.3 cpe:/a:sendmail:sendmail_switch:2.1.3 cpe:/a:sendmail:sendmail:8.11.6 cpe:/o:compaq:tru64:5.1a_pk1_bl1 cpe:/o:hp:hp-ux:10.26 cpe:/o:compaq:tru64:5.1_pk5_bl19 cpe:/o:hp:hp-ux:11.00 cpe:/o:sun:solaris:2.6 cpe:/o:hp:hp-ux:10.16 cpe:/a:sendmail:sendmail:8.12:beta16 cpe:/a:sendmail:sendmail:8.12.5 cpe:/o:sun:solaris:2.5.1 cpe:/o:sun:solaris:9.0::sparc cpe:/o:hp:hp-ux:10.30 cpe:/a:sendmail:sendmail:8.12.2 cpe:/a:sendmail:sendmail_switch:2.1.5 cpe:/a:sendmail:sendmail_switch:3.0.3 cpe:/a:sendmail:sendmail:8.11.0 cpe:/a:sendmail:sendmail:8.10 cpe:/a:sendmail:sendmail:3.0 cpe:/a:sendmail:sendmail:8.10.1 cpe:/a:sendmail:sendmail:2.6.2 cpe:/a:sendmail:sendmail:3.0.1 cpe:/o:sun:solaris:9.0::x86 cpe:/o:compaq:tru64:4.0b cpe:/o:compaq:tru64:4.0f_pk7_bl18 cpe:/o:compaq:tru64:5.1_pk3_bl17 cpe:/a:sendmail:sendmail:8.12:beta7 cpe:/o:sun:solaris:8.0::x86 cpe:/o:compaq:tru64:5.0_pk4_bl17 cpe:/o:sun:solaris:8.0 cpe:/o:sun:solaris:2.5::x86 cpe:/o:compaq:tru64:5.1 cpe:/o:compaq:tru64:4.0d cpe:/a:sendmail:sendmail:8.12:beta10 cpe:/a:sendmail:sendmail:8.9.0 cpe:/o:sun:solaris:2.4 cpe:/a:sendmail:sendmail_switch:2.1.1 cpe:/a:sendmail:sendmail:8.11.5 cpe:/o:sun:solaris:2.4::x86 cpe:/a:sendmail:sendmail_switch:3.0 cpe:/o:sun:solaris:2.5.1::ppc cpe:/o:hp:hp-ux:10.09 cpe:/o:compaq:tru64:5.1_pk6_bl20 cpe:/a:sendmail:sendmail:8.12.7 cpe:/a:sendmail:sendmail:3.0.2 cpe:/o:hp:hp-ux:11.20 cpe:/a:sendmail:sendmail_switch:2.1 cpe:/o:compaq:tru64:5.0 cpe:/o:hp:hp-ux:10.10 cpe:/o:hp:hp-ux:10.34 cpe:/o:hp:hp-ux_series_800:10.20 cpe:/a:sendmail:sendmail:8.12.0 cpe:/a:sendmail:sendmail:8.12.4 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:7.0 cpe:/a:sendmail:sendmail:2.6 cpe:/a:sendmail:sendmail_switch:2.2.1 cpe:/o:hp:hp-ux:10.01 cpe:/a:sendmail:sendmail:8.10.2 cpe:/o:sun:solaris:2.5 cpe:/a:sendmail:sendmail:8.12:beta12 cpe:/o:compaq:tru64:4.0d_pk9_bl17 cpe:/a:sendmail:sendmail:8.12.1 cpe:/o:compaq:tru64:5.0f cpe:/a:sendmail:sendmail:8.12.6 cpe:/a:sendmail:sendmail:8.9.1 cpe:/o:compaq:tru64:4.0g_pk3_bl17 cpe:/o:compaq:tru64:5.1a cpe:/a:sendmail:sendmail_switch:2.2.5 cpe:/o:compaq:tru64:4.0f cpe:/o:sun:solaris:2.6::x86 cpe:/a:sendmail:sendmail_switch:2.2 cpe:/o:hp:hp-ux_series_700:10.20 cpe:/o:compaq:tru64:4.0g cpe:/o:hp:hp-ux:11.0.4 cpe:/o:compaq:tru64:5.0_pk4_bl18 cpe:/o:compaq:tru64:5.1b cpe:/a:sendmail:sendmail_switch:2.1.2 cpe:/a:sendmail:sendmail_switch:3.0.2 cpe:/o:compaq:tru64:5.0a_pk3_bl17 cpe:/o:compaq:tru64:5.1_pk4_bl18 cpe:/o:hp:hp-ux:11.11 cpe:/a:sendmail:sendmail:8.11.3 cpe:/o:compaq:tru64:5.1a_pk3_bl3 cpe:/a:sendmail:sendmail_switch:2.1.4 cpe:/a:sendmail:sendmail_switch:2.2.3 cpe:/o:compaq:tru64:5.0a cpe:/o:compaq:tru64:5.1a_pk2_bl2 cpe:/a:sendmail:sendmail:8.12.8 cpe:/o:sun:solaris:2.5.1::x86

CVE-2003-0161

2003-04-02T00:00:00.000-05:00

2010-05-25T00:18:16.750-04:00

10.0

NETWORK

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

CERT CA-2003-12 CERT-VN VU#897604 BID 7230 REDHAT RHSA-2003:120 IMMUNIX IMNX-2003-7+-002-01 REDHAT RHSA-2003:121 DEBIAN DSA-290 DEBIAN DSA-278 SUNALERT 1001088 BUGTRAQ 20030329 Sendmail: -1 gone wild FULLDISC 20030329 Sendmail: -1 gone wild CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00028.html SGI 20030401-01-P SCO SCOSA-2004.11 FREEBSD FreeBSD-SA-03:07 CALDERA CSSA-2003-016.0 IMMUNIX IMNX-2003-7+-002-01 BUGTRAQ 20030331 GLSA: sendmail (200303-27) BUGTRAQ 20030520 [Fwd: 127 Research and Development: 127 Day!] GENTOO GLSA-200303-27 SUNALERT 52700 SUNALERT 52620 BUGTRAQ 20030330 [OpenPKG-SA-2003.027] OpenPKG Security Advisory (sendmail) BUGTRAQ 20030329 sendmail 8.12.9 available CONECTIVA CLA-2003:614 The prescan() function in the address parser (parseaddr.c) in Sendmail before 8.12.9 does not properly handle certain conversions from char and int types, which can cause a length check to be disabled when Sendmail misinterprets an input value as a special "NOCHAR" control value, allowing attackers to cause a denial of service and possibly execute arbitrary code via a buffer overflow attack using messages, a different vulnerability than CVE-2002-1337.

cpe:/a:ecartis:ecartis:1.0.0_snapshot_2002-10-13

CVE-2003-0162

2003-04-02T00:00:00.000-05:00

2008-09-05T16:33:38.973-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

BID 6971 XF ecartis-password-reset(11431) DEBIAN DSA-271 BUGTRAQ 20030303 Re: Ecardis Password Reseting Vulnerability BUGTRAQ 20030227 Ecardis Password Reseting Vulnerability Ecartis 1.0.0 (formerly listar) before snapshot 20030227 allows remote attackers to reset passwords of other users and gain privileges by modifying hidden form fields in the HTML page.

cpe:/a:gaim-encryption:gaim-encryption:1.15 cpe:/a:gaim-encryption:gaim-encryption:1.13 cpe:/a:gaim-encryption:gaim-encryption:1.14

CVE-2003-0163

2003-05-05T00:00:00.000-04:00

2008-09-05T16:33:39.130-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

BID 7182 MISC http://www.rapid7.com/advisories/R7-0013.html BUGTRAQ 20030412 R7-0013: Heap Corruption in Gaim-Encryption Plugin decrypt_msg for the Gaim-Encryption GAIM plugin 1.15 and earlier does not properly validate a message length parameter, which allows remote attackers to cause a denial of service (crash) via a negative length, which overwrites arbitrary heap memory with a zero byte.

cpe:/a:gnome:eog:1.1.1 cpe:/a:gnome:eog:1.0.0 cpe:/a:gnome:eog:1.1.3 cpe:/a:gnome:eog:1.0.2 cpe:/a:gnome:eog:1.1.2 cpe:/a:gnome:eog:1.0.4 cpe:/a:gnome:eog:1.0.3 cpe:/a:gnome:eog:2.2.0 cpe:/a:gnome:eog:1.1.4 cpe:/a:gnome:eog:1.0.1

CVE-2003-0165

2003-04-02T00:00:00.000-05:00

2008-09-10T15:18:09.133-04:00

4.6

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

CERT-VN VU#363001 BID 7121 REDHAT RHSA-2003:128 BUGTRAQ 20030328 CORE-2003-0304-03: Vulnerability in GNOME's Eye of Gnome VULNWATCH 20030328 Vulnerability in GNOME's Eye of Gnome MANDRAKE MDKSA-2003:048 MISC http://www.coresecurity.com/common/showdoc.php?idx=312&idxseccion=10 Format string vulnerability in Eye Of Gnome (EOG) allows attackers to execute arbitrary code via format string specifiers in a command line argument for the file to display.

cpe:/a:php:php:4.1.1 cpe:/a:php:php:4.0.5 cpe:/a:php:php:4.0.7 cpe:/a:php:php:4.0.1 cpe:/a:php:php:4.3 cpe:/a:php:php:4.3.1 cpe:/a:php:php:4.0.4 cpe:/a:php:php:4.2.0 cpe:/a:php:php:4.2.2 cpe:/a:php:php:4.1.0 cpe:/a:php:php:4.2.1 cpe:/a:php:php:4.0.2 cpe:/a:php:php:4.0.3 cpe:/a:php:php:4.0.6 cpe:/a:php:php:4.1.2 cpe:/a:php:php:4.2.3 cpe:/a:php:php:4.0

CVE-2003-0166

2003-04-02T00:00:00.000-05:00

2008-09-10T15:18:09.197-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

BID 7198 BID 7197 BUGTRAQ 20030326 @(#)Mordred Labs advisory - Integer overflow in PHP memory allocator BUGTRAQ 20030402 Inaccurate Reports Concerning PHP Vulnerabilities BUGTRAQ 20030327 RE: FUD-ALARM: @(#)Mordred Labs advisory - Integer overflow in PHP memory allocator CONECTIVA CLSA-2003:691 Integer signedness error in emalloc() function for PHP before 4.3.2 allow remote attackers to cause a denial of service (memory consumption) and possibly execute arbitrary code via negative arguments to functions such as (1) socket_recv, (2) socket_recvfrom, and possibly other functions.

cpe:/a:mutt:mutt:1.3.24 cpe:/a:mutt:mutt:1.3.12 cpe:/a:mutt:mutt:1.3.25 cpe:/a:mutt:mutt:1.3.17 cpe:/a:mutt:mutt:1.3.16 cpe:/a:mutt:mutt:1.3.12.1 cpe:/a:mutt:mutt:1.3.22 cpe:/a:mutt:mutt:1.3.28 cpe:/a:mutt:mutt:1.3.27

CVE-2003-0167

2003-04-02T00:00:00.000-05:00

2008-09-05T16:33:39.630-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

BID 7229 DEBIAN DSA-274 DEBIAN DSA-300 Multiple off-by-one buffer overflows in the IMAP capability for Mutt 1.3.28 and earlier, and Balsa 1.2.4 and earlier, allow a remote malicious IMAP server to cause a denial of service (crash) and possibly execute arbitrary code via a specially crafted mail folder, a different vulnerability than CVE-2003-0140.

cpe:/a:apple:quicktime:6.0 cpe:/a:apple:quicktime:5.0

CVE-2003-0168

2003-04-02T00:00:00.000-05:00

2011-03-07T21:12:13.643-05:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

CERT-VN VU#112553 BUGTRAQ 20030401 Fwd: QuickTime 6.1 for Windows is available MISC http://www.idefense.com/advisory/03.31.03.txt CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00027.html VULNWATCH 20030331 iDEFENSE Security Advisory 03.31.03: Buffer Overflow in Windows QuickTime Player XF quicktime-url-bo(11671) BID 7247 BUGTRAQ 20030401 iDEFENSE Security Advisory 03.31.03: Buffer Overflow in Windows QuickTime Player BUGTRAQ 20030401 Fwd: QuickTime 6.1 for Windows is available OSVDB 10561 Buffer overflow in Apple QuickTime Player 5.x and 6.0 for Windows allows remote attackers to execute arbitrary code via a long QuickTime URL.

cpe:/a:hp:instant_toptools:5.04

CVE-2003-0169

2003-04-11T00:00:00.000-04:00

2008-09-05T16:33:39.910-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

BID 7246 VULNWATCH 20030331 [DDI-1012] Malformed request causes denial of service in HP Instant TopTools BUGTRAQ 20030331 [DDI-1012] Malformed request causes denial of service in HP Instant TopTools hpnst.exe in the GoAhead-Webs webserver for HP Instant TopTools before 5.55 allows remote attackers to cause a denial of service (CPU consumption) via a request to hpnst.exe that calls itself, which causes an infinite loop.

cpe:/o:ibm:aix:5.2

CVE-2003-0170

2004-03-29T00:00:00.000-05:00

2008-09-05T16:33:40.037-04:00

10.0

NETWORK

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

XF aix-ftpd-gain-access(11823) BID 7346 AIXAPAR IY42424 IBM MSS-OAR-E01-2003.0469.1 OSVDB 4878 Unknown vulnerability in ftpd in IBM AIX 5.2, when configured to use Kerberos 5 for authentication, allows remote attackers to gain privileges via unknown attack vectors.

cpe:/o:apple:mac_os_x:10.1.5 cpe:/o:apple:mac_os_x_server:10.2.1 cpe:/o:apple:mac_os_x:10.2.3 cpe:/o:apple:mac_os_x:10.0.3 cpe:/o:apple:mac_os_x:10.2 cpe:/o:apple:mac_os_x:10.1.3 cpe:/o:apple:mac_os_x:10.1.4 cpe:/o:apple:mac_os_x_server:10.0 cpe:/o:apple:mac_os_x:10.1 cpe:/o:apple:mac_os_x:10.2.1 cpe:/o:apple:mac_os_x:10.1.1 cpe:/o:apple:mac_os_x_server:10.2 cpe:/o:apple:mac_os_x_server:10.2.4 cpe:/o:apple:mac_os_x:10.0.1 cpe:/o:apple:mac_os_x:10.0.4 cpe:/o:apple:mac_os_x:10.2.2 cpe:/o:apple:mac_os_x:10.0.2 cpe:/o:apple:mac_os_x:10.0 cpe:/o:apple:mac_os_x_server:10.2.3 cpe:/o:apple:mac_os_x_server:10.2.2 cpe:/o:apple:mac_os_x:10.2.4 cpe:/o:apple:mac_os_x:10.1.2

CVE-2003-0171

2003-05-05T00:00:00.000-04:00

2008-09-10T15:18:10.087-04:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

ATSTAKE A041003-1 CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00028.html DirectoryServices in MacOS X trusts the PATH environment variable to locate and execute the touch command, which allows local users to execute arbitrary commands by modifying the PATH to point to a directory containing a malicious touch program.

cpe:/a:php:php:4.3.1

CVE-2003-0172

2003-04-02T00:00:00.000-05:00

2008-09-05T16:33:40.397-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

BID 7210 BUGTRAQ 20030327 @(#)Mordred Labs advisory - PHP for Win32: buffer overflow in openlog() function XF php-openlog-stack-bo(11637) BUGTRAQ 20041222 PHP v4.3.x exploit for Windows. BUGTRAQ 20030327 Re: @(#)Mordred Labs advisory - PHP for Win32: buffer overflow in openlog() function OSVDB 2113 BUGTRAQ 20030402 Inaccurate Reports Concerning PHP Vulnerabilities Buffer overflow in openlog function for PHP 4.3.1 on Windows operating system, and possibly other OSes, allows remote attackers to cause a crash and possibly execute arbitrary code via a long filename argument.

cpe:/o:sgi:irix:6.5.4m cpe:/o:sgi:irix:6.5.16m cpe:/a:xfsdump:xfsdump:2.0.2 cpe:/o:sgi:irix:6.5.11m cpe:/a:xfsdump:xfsdump:2.0.3 cpe:/o:sgi:irix:6.5.10f cpe:/o:sgi:irix:6.5.15 cpe:/o:sgi:irix:6.5.17 cpe:/o:sgi:irix:6.5.14 cpe:/a:xfsdump:xfsdump:2.0.5 cpe:/o:sgi:irix:6.5.17m cpe:/o:sgi:irix:6.5.3 cpe:/o:sgi:irix:6.5.16 cpe:/o:sgi:irix:6.5.5f cpe:/o:sgi:irix:6.5.9f cpe:/o:sgi:irix:6.5.8 cpe:/o:sgi:irix:6.5.6m cpe:/a:xfsdump:xfsdump:2.0.0 cpe:/o:sgi:irix:6.5.6f cpe:/o:sgi:irix:6.5.3f cpe:/o:sgi:irix:6.5.9m cpe:/o:sgi:irix:6.5.12m cpe:/o:sgi:irix:6.5.12f cpe:/o:sgi:irix:6.5.5 cpe:/a:xfsdump:xfsdump:2.0.4 cpe:/o:sgi:irix:6.5.4 cpe:/o:sgi:irix:6.5.10 cpe:/o:sgi:irix:6.5.8f cpe:/o:sgi:irix:6.5.2f cpe:/o:sgi:irix:6.5.10m cpe:/o:sgi:irix:6.5.17f cpe:/o:sgi:irix:6.5.14f cpe:/o:sgi:irix:6.5.18f cpe:/o:sgi:irix:6.5.6 cpe:/o:sgi:irix:6.5.15f cpe:/o:sgi:irix:6.5.4f cpe:/o:sgi:irix:6.5.8m cpe:/o:sgi:irix:6.5.13 cpe:/o:sgi:irix:6.5.18m cpe:/o:sgi:irix:6.5.19f cpe:/o:sgi:irix:6.5.18 cpe:/o:sgi:irix:6.5.11 cpe:/o:sgi:irix:6.5.19m cpe:/o:sgi:irix:6.5.2m cpe:/o:sgi:irix:6.5.9 cpe:/o:sgi:irix:6.5.14m cpe:/o:sgi:irix:6.5.12 cpe:/o:sgi:irix:6.5.13m cpe:/o:sgi:irix:6.5.19 cpe:/o:sgi:irix:6.5.3m cpe:/a:xfsdump:xfsdump:2.0.1 cpe:/o:sgi:irix:6.5.13f cpe:/o:sgi:irix:6.5 cpe:/o:sgi:irix:6.5.7f cpe:/o:sgi:irix:6.5.7 cpe:/o:sgi:irix:6.5.11f cpe:/o:sgi:irix:6.5.7m cpe:/o:sgi:irix:6.5.15m cpe:/o:sgi:irix:6.5.5m cpe:/o:sgi:irix:6.5.16f cpe:/o:sgi:irix:6.5.1 cpe:/o:sgi:irix:6.5.2

CVE-2003-0173

2003-05-05T00:00:00.000-04:00

2008-09-10T15:18:10.320-04:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

CERT-VN VU#111673 DEBIAN DSA-283 SGI 20030404-01-P MANDRAKE MDKSA-2003:047 xfsdq in xfsdump does not create quota information files securely, which allows local users to gain root privileges.

cpe:/o:sgi:irix:6.5.4m cpe:/o:sgi:irix:6.5.16m cpe:/o:sgi:irix:6.5.11m cpe:/o:sgi:irix:6.5.10f cpe:/o:sgi:irix:6.5.17 cpe:/o:sgi:irix:6.5.15 cpe:/o:sgi:irix:6.5.14 cpe:/o:sgi:irix:6.5.17m cpe:/o:sgi:irix:6.5.3 cpe:/o:sgi:irix:6.5.16 cpe:/o:sgi:irix:6.5.5f cpe:/o:sgi:irix:6.5.9f cpe:/o:sgi:irix:6.5.8 cpe:/o:sgi:irix:6.5.6m cpe:/o:sgi:irix:6.5.6f cpe:/o:sgi:irix:6.5.3f cpe:/o:sgi:irix:6.5.9m cpe:/o:sgi:irix:6.5.12f cpe:/o:sgi:irix:6.5.12m cpe:/o:sgi:irix:6.5.5 cpe:/o:sgi:irix:6.5.4 cpe:/o:sgi:irix:6.5.10 cpe:/o:sgi:irix:6.5.8f cpe:/o:sgi:irix:6.5.2f cpe:/o:sgi:irix:6.5.10m cpe:/o:sgi:irix:6.5.17f cpe:/o:sgi:irix:6.5.14f cpe:/o:sgi:irix:6.5.18f cpe:/o:sgi:irix:6.5.15f cpe:/o:sgi:irix:6.5.6 cpe:/o:sgi:irix:6.5.4f cpe:/o:sgi:irix:6.5.8m cpe:/o:sgi:irix:6.5.13 cpe:/o:sgi:irix:6.5.18m cpe:/o:sgi:irix:6.5.19f cpe:/o:sgi:irix:6.5.18 cpe:/o:sgi:irix:6.5.11 cpe:/o:sgi:irix:6.5.19m cpe:/o:sgi:irix:6.5.2m cpe:/o:sgi:irix:6.5.9 cpe:/o:sgi:irix:6.5.14m cpe:/o:sgi:irix:6.5.12 cpe:/o:sgi:irix:6.5.13m cpe:/o:sgi:irix:6.5.19 cpe:/o:sgi:irix:6.5.3m cpe:/o:sgi:irix:6.5.13f cpe:/o:sgi:irix:6.5 cpe:/o:sgi:irix:6.5.7f cpe:/o:sgi:irix:6.5.7 cpe:/o:sgi:irix:6.5.11f cpe:/o:sgi:irix:6.5.7m cpe:/o:sgi:irix:6.5.15m cpe:/o:sgi:irix:6.5.16f cpe:/o:sgi:irix:6.5.5m cpe:/o:sgi:irix:6.5.1 cpe:/o:sgi:irix:6.5.2

CVE-2003-0174

2003-05-12T00:00:00.000-04:00

2008-09-05T16:33:40.833-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

BID 7442 SGI 20030407-01-P XF irix-ldap-authentication-bypass(11860) CIAC N-084 The LDAP name service (nsd) in IRIX 6.5.19 and earlier does not properly verify if the USERPASSWORD attribute has been provided by an LDAP server, which could allow attackers to log in without a password.

cpe:/o:sgi:irix:6.5.4m cpe:/o:sgi:irix:6.5.16m cpe:/o:sgi:irix:6.5.11m cpe:/o:sgi:irix:6.5.10f cpe:/o:sgi:irix:6.5.17 cpe:/o:sgi:irix:6.5.15 cpe:/o:sgi:irix:6.5.14 cpe:/o:sgi:irix:6.5.17m cpe:/o:sgi:irix:6.5.3 cpe:/o:sgi:irix:6.5.16 cpe:/o:sgi:irix:6.5.5f cpe:/o:sgi:irix:6.5.9f cpe:/o:sgi:irix:6.5.8 cpe:/o:sgi:irix:6.5.6m cpe:/o:sgi:irix:6.5.6f cpe:/o:sgi:irix:6.5.20m cpe:/o:sgi:irix:6.5.3f cpe:/o:sgi:irix:6.5.9m cpe:/o:sgi:irix:6.5.12f cpe:/o:sgi:irix:6.5.12m cpe:/o:sgi:irix:6.5.5 cpe:/o:sgi:irix:6.5.4 cpe:/o:sgi:irix:6.5.10 cpe:/o:sgi:irix:6.5.8f cpe:/o:sgi:irix:6.5.2f cpe:/o:sgi:irix:6.5.20 cpe:/o:sgi:irix:6.5.20f cpe:/o:sgi:irix:6.5.10m cpe:/o:sgi:irix:6.5.17f cpe:/o:sgi:irix:6.5.14f cpe:/o:sgi:irix:6.5.18f cpe:/o:sgi:irix:6.5.15f cpe:/o:sgi:irix:6.5.6 cpe:/o:sgi:irix:6.5.4f cpe:/o:sgi:irix:6.5.8m cpe:/o:sgi:irix:6.5.13 cpe:/o:sgi:irix:6.5.18m cpe:/o:sgi:irix:6.5.19f cpe:/o:sgi:irix:6.5.18 cpe:/o:sgi:irix:6.5.11 cpe:/o:sgi:irix:6.5.19m cpe:/o:sgi:irix:6.5.2m cpe:/o:sgi:irix:6.5.9 cpe:/o:sgi:irix:6.5.14m cpe:/o:sgi:irix:6.5.12 cpe:/o:sgi:irix:6.5.13m cpe:/o:sgi:irix:6.5.19 cpe:/o:sgi:irix:6.5.3m cpe:/o:sgi:irix:6.5.13f cpe:/o:sgi:irix:6.5 cpe:/o:sgi:irix:6.5.7f cpe:/o:sgi:irix:6.5.7 cpe:/o:sgi:irix:6.5.11f cpe:/o:sgi:irix:6.5.7m cpe:/o:sgi:irix:6.5.15m cpe:/o:sgi:irix:6.5.16f cpe:/o:sgi:irix:6.5.5m cpe:/o:sgi:irix:6.5.1 cpe:/o:sgi:irix:6.5.2

CVE-2003-0175

2004-02-03T00:00:00.000-05:00

2008-09-05T16:33:41.097-04:00

2.1

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

CERT-VN VU#142228 XF irix-piocswatch-ioctl-dos(12241) BID 7868 SGI 20030603-01-P SECTRACK 1008770 SGI IRIX before 6.5.21 allows local users to cause a denial of service (kernel panic) via a certain call to the PIOCSWATCH ioctl.

cpe:/o:sgi:irix:6.5.18f cpe:/o:sgi:irix:6.5.16m cpe:/o:sgi:irix:6.5.15f cpe:/o:sgi:irix:6.5.6 cpe:/o:sgi:irix:6.5.13 cpe:/o:sgi:irix:6.5.18m cpe:/o:sgi:irix:6.5.14 cpe:/o:sgi:irix:6.5.19f cpe:/o:sgi:irix:6.5.17m cpe:/o:sgi:irix:6.5.11 cpe:/o:sgi:irix:6.5.19m cpe:/o:sgi:irix:6.5.3 cpe:/o:sgi:irix:6.5.9 cpe:/o:sgi:irix:6.5.12 cpe:/o:sgi:irix:6.5.8 cpe:/o:sgi:irix:6.5.20m cpe:/o:sgi:irix:6.5.7 cpe:/o:sgi:irix:6.5.15m cpe:/o:sgi:irix:6.5.16f cpe:/o:sgi:irix:6.5.5 cpe:/o:sgi:irix:6.5.4 cpe:/o:sgi:irix:6.5.10 cpe:/o:sgi:irix:6.5.1 cpe:/o:sgi:irix:6.5.2 cpe:/o:sgi:irix:6.5.20f cpe:/o:sgi:irix:6.5.17f

CVE-2003-0176

2003-08-18T00:00:00.000-04:00

2008-09-05T16:33:41.363-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

SGI 20030701-01-P The Name Service Daemon (nsd), when running on an NIS master on SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, allows remote attackers to cause a denial of service (crash) via a UDP port scan.

CVE-2003-0177

2003-08-18T00:00:00.000-04:00

2008-09-05T16:33:41.550-04:00

4.6

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

SGI 20030701-01-P SGI IRIX 6.5.x through 6.5.20f, and possibly earlier versions, does not follow "-" entries in the /etc/group file, which may cause subsequent group membership entries to be processed inadvertently.

cpe:/a:ibm:lotus_domino_web_server:6.0

CVE-2003-0178

2003-04-02T00:00:00.000-05:00

2008-09-05T16:33:41.757-04:00

10.0

NETWORK

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

CERT-VN VU#772817 CERT-VN VU#542873 CERT-VN VU#206361 CERT CA-2003-11 BID 6871 BUGTRAQ 20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b) XF lotus-domino-hostname-bo(11337) XF lotus-domino-inotes-bo(11336) BID 6870 MISC http://www.nextgenss.com/advisories/lotus-inotesoflow.txt MISC http://www.nextgenss.com/advisories/lotus-hostlocbo.txt CIAC N-065 NTBUGTRAQ 20030217 Domino Advisories UPDATE NTBUGTRAQ 20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b) NTBUGTRAQ 20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a) BUGTRAQ 20030217 Domino Advisories UPDATE BUGTRAQ 20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a) VULNWATCH 20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c) VULNWATCH 20030217 Lotus Domino Web Server iNotes Overflow (#NISR17022003b) VULNWATCH 20030217 Lotus Domino Web Server Host/Location Buffer Overflow Vulnerability (#NISR17022003a) Multiple buffer overflows in Lotus Domino Web Server before 6.0.1 allow remote attackers to cause a denial of service or execute arbitrary code via (1) the s_ViewName option in the PresetFields parameter for iNotes, (2) the Foldername option in the PresetFields parameter for iNotes, or (3) a long Host header, which is inserted into a long Location header and used during a redirect operation.

cpe:/a:ibm:lotus_domino_web_server:6.0 cpe:/a:ibm:lotus_notes_client:6.0

CVE-2003-0179

2003-04-02T00:00:00.000-05:00

2008-09-05T16:33:41.897-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

CERT-VN VU#571297 CERT CA-2003-11 BID 6872 BUGTRAQ 20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c) XF lotus-notes-activex-bo(11339) MISC http://www.nextgenss.com/advisories/lotus-inotesclientaxbo.txt CIAC N-065 CONFIRM http://www-1.ibm.com/support/docview.wss?uid=swg21104543 NTBUGTRAQ 20030217 Domino Advisories UPDATE NTBUGTRAQ 20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c) BUGTRAQ 20030217 Domino Advisories UPDATE VULNWATCH 20030217 Lotus iNotes Client ActiveX Control Buffer Overrun (#NISR17022003c) Buffer overflow in the COM Object Control Handler for Lotus Domino 6.0.1 and earlier allows remote attackers to execute arbitrary code via multiple attack vectors, as demonstrated using the InitializeUsingNotesUserName method in the iNotes ActiveX control.

cpe:/a:ibm:lotus_domino_web_server:6.0

CVE-2003-0180

2003-04-02T00:00:00.000-05:00

2011-03-07T21:12:14.783-05:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

CERT-VN VU#355169 CERT CA-2003-11 MISC http://www.nextgenss.com/advisories/lotus-60dos.txt XF lotus-incomplete-post-dos(11360) BID 6951 CIAC N-065 CONFIRM http://www-1.ibm.com/support/docview.wss?uid=swg21104528 VULNWATCH 20030218 More Lotus Domino Advisories Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via an incomplete POST request, as demonstrated using the h_PageUI form.

cpe:/a:ibm:lotus_domino_web_server:6.0

CVE-2003-0181

2003-04-02T00:00:00.000-05:00

2008-09-05T16:33:42.193-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

CERT CA-2003-11 MISC http://www.nextgenss.com/advisories/lotus-60dos.txt XF lotus-invalid-field-dos(11361) BID 6951 CONFIRM http://www-1.ibm.com/support/docview.wss?uid=swg21104528 VULNWATCH 20030218 More Lotus Domino Advisories Lotus Domino Web Server (nhttp.exe) before 6.0.1 allows remote attackers to cause a denial of service via a "Fictionary Value Field POST request" as demonstrated using the s_Validation form with a long, unknown parameter name.

cpe:/o:linux:linux_kernel:2.4.20

CVE-2003-0187

2003-08-27T00:00:00.000-04:00

2008-09-10T15:18:10.947-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

BUGTRAQ 20030802 [SECURITY] Netfilter Security Advisory: Conntrack list_del() DoS The connection tracking core of Netfilter for Linux 2.4.20, with CONFIG_IP_NF_CONNTRACK enabled or the ip_conntrack module loaded, allows remote attackers to cause a denial of service (resource consumption) due to an inconsistency with Linux 2.4.20's support of linked lists, which causes Netfilter to fail to identify connections with an UNCONFIRMED status and use large timeouts.

cpe:/a:redhat:lv:4.49.4-7::i386 cpe:/a:redhat:lv:4.49.4-3::i386 cpe:/o:redhat:linux:9.0::i386 cpe:/o:redhat:linux:7.3 cpe:/a:redhat:lv:4.49.4-1::i386 cpe:/a:lv:lv:4.49.3 cpe:/o:redhat:linux:8.0 cpe:/o:redhat:linux:7.1 cpe:/a:lv:lv:4.49.1 cpe:/o:redhat:linux:7.2 cpe:/a:redhat:lv:4.49.4-9::i386 cpe:/a:lv:lv:4.49.4 cpe:/a:lv:lv:4.49.2

CVE-2003-0188

2003-06-09T00:00:00.000-04:00

2008-09-10T15:18:11.023-04:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

REDHAT RHSA-2003:169 DEBIAN DSA-304 TURBO TLSA-2003-35 REDHAT RHSA-2003:167 lv reads a .lv file from the current working directory, which allows local users to execute arbitrary commands as other lv users by placing malicious .lv files into other directories.

cpe:/a:apache:http_server:2.0.43 cpe:/a:apache:http_server:2.0.44 cpe:/a:apache:http_server:2.0.41 cpe:/a:apache:http_server:2.0.40 cpe:/a:apache:http_server:2.0.42 cpe:/a:apache:http_server:2.0.45

CVE-2003-0189

2003-06-09T00:00:00.000-04:00

2008-09-05T16:33:42.647-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

CERT-VN VU#479268 REDHAT RHSA-2003:186 CONFIRM http://www.apache.org/dist/httpd/Announcement2.html BUGTRAQ 20030528 [SECURITY] [ANNOUNCE] Apache 2.0.46 released XF apache-aprpasswordvalidate-dos(12091) BID 7725 SECUNIA 8881 CONECTIVA CLA-2003:661 The authentication module for Apache 2.0.40 through 2.0.45 on Unix does not properly handle threads safely when using the crypt_r or crypt functions, which allows remote attackers to cause a denial of service (failed Basic authentication with valid usernames and passwords) when a threaded MPM is used.

cpe:/a:openbsd:openssh:3.6.1p1 cpe:/a:openbsd:openssh:3.4p1

CVE-2003-0190

2003-05-12T00:00:00.000-04:00

2011-03-07T21:12:15.470-05:00

5.0

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

BID 7467 BUGTRAQ 20030430 OpenSSH/PAM timing attack allows remote users identification TURBO TLSA-2003-31 REDHAT RHSA-2003:224 REDHAT RHSA-2003:222 BUGTRAQ 20030806 [OpenPKG-SA-2003.035] OpenPKG Security Advisory (openssh) FULLDISC 20030430 OpenSSH/PAM timing attack allows remote users identification MISC http://lab.mediaservice.net/advisory/2003-01-openssh.txt OpenSSH-portable (OpenSSH) 3.6.1p1 and earlier with PAM support enabled immediately sends an error message when a user does not exist, which allows remote attackers to determine valid usernames via a timing attack.

cpe:/a:apache:http_server:2.0.28 cpe:/a:apache:http_server:2.0.41 cpe:/a:apache:http_server:2.0.36 cpe:/a:apache:http_server:2.0.40 cpe:/a:apache:http_server:2.0.37 cpe:/a:apache:http_server:2.0.42 cpe:/a:apache:http_server:2.0.35 cpe:/a:apache:http_server:2.0.45 cpe:/a:apache:http_server:2.0.43 cpe:/a:apache:http_server:2.0.39 cpe:/a:apache:http_server:2.0.44 cpe:/a:apache:http_server:2.0.46 cpe:/a:apache:http_server:2.0.32 cpe:/a:apache:http_server:2.0 cpe:/a:apache:http_server:2.0.38

CVE-2003-0192

2003-08-18T00:00:00.000-04:00

2008-09-10T15:18:11.993-04:00

6.4

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

REDHAT RHSA-2003:240 BUGTRAQ 20030709 [ANNOUNCE][SECURITY] Apache 2.0.47 released REDHAT RHSA-2003:243 SCO SCOSA-2004.6 REDHAT RHSA-2003:244 MANDRAKE MDKSA-2003:075 Apache 2 before 2.0.47, and certain versions of mod_ssl for Apache 1.3, do not properly handle "certain sequences of per-directory renegotiations and the SSLCipherSuite directive being used to upgrade from a weak ciphersuite to a strong one," which could cause Apache to use the weak ciphersuite.

cpe:/a:catdoc:catdoc:0.91

CVE-2003-0193

2004-08-18T00:00:00.000-04:00

2008-09-05T16:33:43.130-04:00

2.1

LOCAL

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

DEBIAN DSA-575 XF catdoc-xlsview-symlink(16335) BID 11560 OSVDB 11193 SECUNIA 13022 SECUNIA 13021 CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?archive=no&bug=183525 msxlsview.sh in xlsview for catdoc 0.91 and earlier allows local users to overwrite arbitrary files via a symlink attack on predictable temporary file names ("word$$.html").

cpe:/o:redhat:linux:9.0::i386 cpe:/o:redhat:linux:7.3 cpe:/a:redhat:tcpdump:3.7.2-1::i386 cpe:/o:redhat:linux:8.0 cpe:/o:redhat:linux:7.1 cpe:/a:redhat:tcpdump:3.6.3-3::i386 cpe:/a:redhat:tcpdump:3.6.2-9::i386 cpe:/a:redhat:tcpdump:3.4-39::i386 cpe:/o:redhat:linux:7.2 cpe:/a:redhat:tcpdump:3.6.2-9::ia64 cpe:/a:redhat:tcpdump:3.6.2-12::i386

CVE-2003-0194

2003-06-09T00:00:00.000-04:00

2008-09-05T16:33:43.270-04:00

4.6

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

REDHAT RHSA-2003:174 REDHAT RHSA-2003:151 tcpdump does not properly drop privileges to the pcap user when starting up.

cpe:/o:slackware:slackware_linux:9.0 cpe:/o:slackware:slackware_linux:8.1

CVE-2003-0195

2003-06-16T00:00:00.000-04:00

2008-09-10T15:18:12.197-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

REDHAT RHSA-2003:171 DEBIAN DSA-317 TURBO TLSA-2003-33 SUSE SuSE-SA:2003:028 BID 7637 MANDRAKE MDKSA-2003:062 BUGTRAQ 20030529 [slackware-security] CUPS DoS vulnerability fixed (SSA:2003-149-01) CONECTIVA CLSA-2003:678 CUPS before 1.1.19 allows remote attackers to cause a denial of service via a partial printing request to the IPP port (631), which does not time out.

cpe:/o:hp:hp-ux:10.24 cpe:/o:sun:solaris:8.0 cpe:/a:samba:samba:2.2.3 cpe:/a:samba:samba:2.2.7a cpe:/o:compaq:tru64:5.1 cpe:/o:compaq:tru64:5.1b_pk1_bl1 cpe:/a:samba:samba:2.0.7 cpe:/a:samba:samba:2.2.0a cpe:/a:samba:samba:2.0.8 cpe:/o:compaq:tru64:4.0d cpe:/a:hp:cifs-9000_server:a.01.09.01 cpe:/a:samba:samba:2.2.5 cpe:/a:samba:samba:2.2.1a cpe:/o:hp:hp-ux:10.20 cpe:/a:hp:cifs-9000_server:a.01.05 cpe:/o:sun:solaris:2.5.1::ppc cpe:/a:samba:samba:2.2.0 cpe:/o:compaq:tru64:5.1_pk6_bl20 cpe:/a:samba:samba:2.2.4 cpe:/o:hp:hp-ux:11.04 cpe:/o:hp:hp-ux:11.20 cpe:/o:compaq:tru64:4.0f_pk6_bl17 cpe:/o:compaq:tru64:5.0 cpe:/a:hp:cifs-9000_server:a.01.09.02 cpe:/a:samba:samba:2.2.8 cpe:/o:hp:hp-ux:11.22 cpe:/a:samba:samba:2.0.3 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:7.0 cpe:/o:hp:hp-ux:10.01 cpe:/a:hp:cifs-9000_server:a.01.07 cpe:/a:samba:samba:2.2.3a cpe:/o:compaq:tru64:5.1a_pk1_bl1 cpe:/a:samba:samba:2.2.6 cpe:/o:hp:hp-ux:11.00 cpe:/o:compaq:tru64:5.1_pk5_bl19 cpe:/o:sun:solaris:2.6 cpe:/o:compaq:tru64:4.0d_pk9_bl17 cpe:/a:samba-tng:samba-tng:0.3.1 cpe:/a:hp:cifs-9000_server:a.01.09 cpe:/a:hp:cifs-9000_server:a.01.06 cpe:/a:samba:samba:2.0.1 cpe:/o:sun:solaris:2.5.1 cpe:/o:sun:solaris:9.0::sparc cpe:/o:compaq:tru64:5.0f cpe:/a:hp:cifs-9000_server:a.01.08.01 cpe:/o:compaq:tru64:4.0g_pk3_bl17 cpe:/o:compaq:tru64:5.1a cpe:/o:compaq:tru64:4.0f cpe:/o:sun:solaris:2.6::x86 cpe:/a:samba:samba:2.2.7 cpe:/a:samba-tng:samba-tng:0.3 cpe:/o:compaq:tru64:4.0g cpe:/o:compaq:tru64:5.0_pk4_bl18 cpe:/o:compaq:tru64:5.1b cpe:/o:sun:solaris:9.0::x86 cpe:/o:compaq:tru64:4.0b cpe:/o:compaq:tru64:4.0f_pk7_bl18 cpe:/o:compaq:tru64:5.0a_pk3_bl17 cpe:/o:compaq:tru64:5.1_pk3_bl17 cpe:/o:compaq:tru64:5.1_pk4_bl18 cpe:/o:hp:hp-ux:11.11 cpe:/o:compaq:tru64:5.1a_pk3_bl3 cpe:/a:samba:samba:2.0.6 cpe:/a:samba:samba:2.0.2 cpe:/a:hp:cifs-9000_server:a.01.08 cpe:/a:samba:samba:2.2.2 cpe:/o:sun:solaris:8.0::x86 cpe:/a:samba:samba:2.0.0 cpe:/a:samba:samba:2.0.10 cpe:/a:samba:samba:2.0.4 cpe:/a:samba:samba:2.0.5 cpe:/o:compaq:tru64:5.0a cpe:/o:compaq:tru64:5.1a_pk2_bl2 cpe:/o:compaq:tru64:5.0_pk4_bl17 cpe:/o:sun:solaris:2.5.1::x86 cpe:/a:samba:samba:2.0.9

CVE-2003-0196

2003-05-05T00:00:00.000-04:00

2008-09-10T15:18:12.257-04:00

10.0

NETWORK

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

REDHAT RHSA-2003:137 DEBIAN DSA-280 BUGTRAQ 20030407 [OpenPKG-SA-2003.028] OpenPKG Security Advisory (samba) MANDRAKE MDKSA-2003:044 BUGTRAQ 20030407 Immunix Secured OS 7+ samba update Multiple buffer overflows in Samba before 2.2.8a may allow remote attackers to execute arbitrary code or cause a denial of service, as discovered by the Samba team and a different vulnerability than CVE-2003-0201.

cpe:/a:borland_software:interbase:6.5 cpe:/a:borland_software:interbase:6.4 cpe:/a:firebirdsql:firebird:1.0.2 cpe:/a:borland_software:interbase:6.0

CVE-2003-0197

2003-04-11T00:00:00.000-04:00

2008-09-10T15:18:13.307-04:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

MISC http://www.secnetops.com/research/advisories/SRT2003-04-03-1300.txt BUGTRAQ 20030403 SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow VULNWATCH 20030403 SRT2003-04-03-1300 - Interbase ISC_LOCK_ENV overflow Buffer overflow gds_lock_mgr of Interbase Database 6.x allows local users to gain privileges via a long ISC_LOCK_ENV environment variable (INTERBASE_LOCK).

cpe:/o:apple:mac_os_x:10.1.5 cpe:/o:apple:mac_os_x_server:10.2.1 cpe:/o:apple:mac_os_x:10.2.3 cpe:/o:apple:mac_os_x:10.0.3 cpe:/o:apple:mac_os_x:10.1.3 cpe:/o:apple:mac_os_x:10.1.4 cpe:/o:apple:mac_os_x_server:10.0 cpe:/o:apple:mac_os_x:10.1 cpe:/o:apple:mac_os_x:10.2.1 cpe:/o:apple:mac_os_x:10.1.1 cpe:/o:apple:mac_os_x_server:10.2 cpe:/o:apple:mac_os_x_server:10.2.4 cpe:/o:apple:mac_os_x:10.0.1 cpe:/o:apple:mac_os_x:10.0.4 cpe:/o:apple:mac_os_x:10.2.2 cpe:/o:apple:mac_os_x:10.0.2 cpe:/o:apple:mac_os_x:10.0 cpe:/o:apple:mac_os_x_server:10.2.3 cpe:/o:apple:mac_os_x_server:10.2.2 cpe:/o:apple:mac_os_x:10.2.4 cpe:/o:apple:mac_os_x:10.1.2

CVE-2003-0198

2003-05-05T00:00:00.000-04:00

2008-09-10T15:18:13.383-04:00

6.4

NETWORK

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

CONFIRM http://lists.apple.com/mhonarc/security-announce/msg00028.html Mac OS X before 10.2.5 allows guest users to modify the permissions of the DropBox folder and read unauthorized files.

cpe:/o:hp:hp-ux:10.24 cpe:/o:sun:solaris:8.0 cpe:/o:apple:mac_os_x:10.2 cpe:/a:samba:samba:2.2.7a cpe:/o:compaq:tru64:5.1 cpe:/o:compaq:tru64:5.1b_pk1_bl1 cpe:/a:samba:samba:2.0.7 cpe:/a:samba:samba:2.2.0a cpe:/a:samba:samba:2.0.8 cpe:/o:compaq:tru64:4.0d cpe:/a:hp:cifs-9000_server:a.01.09.01 cpe:/o:sun:solaris:9.0:x86_update_2 cpe:/a:samba:samba:2.2.5 cpe:/a:samba:samba:2.2.1a cpe:/o:hp:hp-ux:10.20 cpe:/a:hp:cifs-9000_server:a.01.05 cpe:/o:sun:solaris:2.5.1::ppc cpe:/a:samba:samba:2.2.0 cpe:/o:compaq:tru64:5.1_pk6_bl20 cpe:/a:samba:samba:2.2.4 cpe:/o:hp:hp-ux:11.04 cpe:/o:hp:hp-ux:11.20 cpe:/o:compaq:tru64:4.0f_pk6_bl17 cpe:/o:compaq:tru64:5.0 cpe:/o:apple:mac_os_x:10.2.1 cpe:/a:hp:cifs-9000_server:a.01.09.02 cpe:/a:samba:samba:2.2.8 cpe:/o:hp:hp-ux:11.22 cpe:/a:samba:samba:2.0.3 cpe:/o:sun:solaris:7.0::x86 cpe:/o:sun:solaris:7.0 cpe:/o:hp:hp-ux:10.01 cpe:/a:hp:cifs-9000_server:a.01.07 cpe:/a:samba:samba:2.2.3a cpe:/o:compaq:tru64:5.1a_pk1_bl1 cpe:/a:samba:samba:2.2.6 cpe:/o:hp:hp-ux:11.00 cpe:/o:compaq:tru64:5.1_pk5_bl19 cpe:/o:sun:solaris:2.6 cpe:/o:compaq:tru64:4.0d_pk9_bl17 cpe:/a:samba-tng:samba-tng:0.3.1 cpe:/a:hp:cifs-9000_server:a.01.09 cpe:/a:hp:cifs-9000_server:a.01.06 cpe:/a:samba:samba:2.0.1 cpe:/o:sun:solaris:2.5.1 cpe:/o:sun:solaris:9.0::sparc cpe:/o:compaq:tru64:5.0f cpe:/a:hp:cifs-9000_server:a.01.08.01 cpe:/o:apple:mac_os_x:10.2.2 cpe:/o:compaq:tru64:4.0g_pk3_bl17 cpe:/o:compaq:tru64:5.1a cpe:/o:compaq:tru64:4.0f cpe:/o:sun:solaris:2.6::x86 cpe:/a:samba:samba:2.2.7 cpe:/a:samba-tng:samba-tng:0.3 cpe:/o:apple:mac_os_x:10.2.4 cpe:/o:compaq:tru64:4.0g cpe:/o:apple:mac_os_x:10.2.3 cpe:/o:compaq:tru64:5.0_pk4_bl18 cpe:/o:compaq:tru64:5.1b cpe:/o:sun:solaris:9.0::x86 cpe:/o:compaq:tru64:4.0b cpe:/o:compaq:tru64:4.0f_pk7_bl18 cpe:/o:compaq:tru64:5.0a_pk3_bl17 cpe:/o:compaq:tru64:5.1_pk3_bl17 cpe:/o:compaq:tru64:5.1_pk4_bl18 cpe:/o:hp:hp-ux:11.11 cpe:/o:compaq:tru64:5.1a_pk3_bl3 cpe:/a:samba:samba:2.0.6 cpe:/a:samba:samba:2.0.2 cpe:/a:hp:cifs-9000_server:a.01.08 cpe:/o:sun:solaris:8.0::x86 cpe:/a:samba:samba:2.0.0 cpe:/a:samba:samba:2.0.10 cpe:/a:samba:samba:2.0.4 cpe:/a:samba:samba:2.0.5 cpe:/o:compaq:tru64:5.0a cpe:/o:compaq:tru64:5.1a_pk2_bl2 cpe:/o:compaq:tru64:5.0_pk4_bl17 cpe:/o:sun:solaris:2.5.1::x86 cpe:/a:samba:samba:2.0.9

CVE-2003-0201

2003-05-05T00:00:00.000-04:00

2008-09-10T15:18:14.103-04:00

10.0

NETWORK

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

CERT-VN VU#267873 BID 7294 DEBIAN DSA-280 BUGTRAQ 20030407 [DDI-1013] Buffer Overflow in Samba allows remote root compromise REDHAT RHSA-2003:137 SUSE SuSE-SA:2003:025 MISC http://www.digitaldefense.net/labs/advisories/DDI-1013.txt SGI 20030403-01-P MANDRAKE MDKSA-2003:044 BUGTRAQ 20030409 GLSA: samba (200304-02) BUGTRAQ 20030408 [Sorcerer-spells] SAMBA--SORCERER2003-04-08 BUGTRAQ 20030407 Immunix Secured OS 7+ samba update CONECTIVA CLA-2003:624 Buffer overflow in the call_trans2open function in trans2.c for Samba 2.2.x before 2.2.8a, 2.0.10 and earlier 2.0.x versions, and Samba-TNG before 0.3.2, allows remote attackers to execute arbitrary code.

cpe:/a:brian_renaud:metrics:1.0

CVE-2003-0202

2004-04-15T00:00:00.000-04:00

2008-09-05T16:33:44.550-04:00

4.6

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

DEBIAN DSA-279 XF metrics-tmpfile-symlink(11734) BID 7293 The (1) halstead and (2) gather_stats scripts in metrics 1.0 allow local users to overwrite arbitrary files via a symlink attack on temporary files.

cpe:/a:moxftp:moxftp:2.2 cpe:/a:xftp:xftp:2.2

CVE-2003-0203

2003-04-11T00:00:00.000-04:00

2011-03-07T21:12:16.407-05:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

BID 6921 XF moxftp-welcome-banner-bo(11399) DEBIAN DSA-281 BUGTRAQ 20030223 moxftp arbitrary code execution poc/advisory SECTRACK 1006156 FULLDISC 20030223 moxftp arbitrary code execution poc/advisory SECUNIA 8136 Buffer overflow in moxftp 2.2 and earlier allows remote malicious FTP servers to execute arbitrary code via a long FTP banner.

cpe:/o:kde:kde:3.1.1 cpe:/o:kde:kde:2.2 cpe:/o:kde:kde:3.0.4 cpe:/o:kde:kde:3.0.3a cpe:/o:kde:kde:3.0.2 cpe:/o:kde:kde:3.0.3 cpe:/o:kde:kde:3.0.5a cpe:/o:kde:kde:2.2.1 cpe:/o:kde:kde:2.2.2 cpe:/o:kde:kde:2.0 cpe:/o:kde:kde:3.0.1 cpe:/o:kde:kde:3.0 cpe:/o:kde:kde:3.0.5 cpe:/o:kde:kde:2.1.1 cpe:/o:kde:kde:3.1 cpe:/o:kde:kde:2.1 cpe:/o:kde:kde:2.1.2 cpe:/o:kde:kde:2.0.1

CVE-2003-0204

2003-05-05T00:00:00.000-04:00

2008-09-10T15:18:14.867-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

CONFIRM http://www.kde.org/info/security/advisory-20030409-1.txt DEBIAN DSA-284 REDHAT RHSA-2003:002 DEBIAN DSA-296 DEBIAN DSA-293 CONFIRM http://bugs.kde.org/show_bug.cgi?id=56808 CONFIRM http://bugs.kde.org/show_bug.cgi?id=53343 MANDRAKE MDKSA-2003:049 BUGTRAQ 20030414 GLSA: kde-2.x (200304-05.1) BUGTRAQ 20030412 [Sorcerer-spells] KDE-SORCERER2003-04-12 BUGTRAQ 20030411 GLSA: kde-2.x (200304-05) BUGTRAQ 20030410 GLSA: kde-3.x (200304-04) CONECTIVA CLA-2003:747 CONECTIVA CLA-2003:668 KDE 2 and KDE 3.1.1 and earlier 3.x versions allows attackers to execute arbitrary commands via (1) PostScript (PS) or (2) PDF files, related to missing -dPARANOIDSAFER and -dSAFER arguments when using the kghostview Ghostscript viewer.

cpe:/a:gkrellm_newsticker:gkrellm_newsticker:0.3

CVE-2003-0205

2003-05-12T00:00:00.000-04:00

2008-09-10T15:18:14.930-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

DEBIAN DSA-294 BUGTRAQ 20030423 Security problems in gkrellm-newsticker gkrellm-newsticker gkrellm plugin before 0.3-3.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the ticker title of a URI.

cpe:/a:gkrellm_newsticker:gkrellm_newsticker:0.3

CVE-2003-0206

2003-05-12T00:00:00.000-04:00

2008-09-10T15:18:14.993-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

DEBIAN DSA-294 BUGTRAQ 20030423 Security problems in gkrellm-newsticker gkrellm-newsticker gkrellm plugin before 0.3-3.1 allows remote attackers to cause a denial of service (crash) via (1) link or (2) title elements that contain multiple lines.

cpe:/a:gs-common:gs-common:0.3.3

CVE-2003-0207

2003-05-05T00:00:00.000-04:00

2008-09-10T15:18:15.070-04:00

2.1

LOCAL

LOW

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

DEBIAN DSA-286 ps2epsi creates insecure temporary files when calling ghostscript, which allows local attackers to overwrite arbitrary files.

cpe:/a:macromedia:flash

CVE-2003-0208

2003-05-05T00:00:00.000-04:00

2008-09-05T16:33:45.457-04:00

4.3

NETWORK

MEDIUM

NONE

PARTIAL

NONE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

MISC http://www.securiteam.com/securitynews/5XP0B0U9PE.html CONFIRM http://www.macromedia.com/support/flash/ts/documents/clicktag_security.htm FULLDISC 20030413 Misuse of Macromedia Flash Ads clickTAG Option May Lead to Privacy Breach BUGTRAQ 20030413 Misuse of Macromedia Flash Ads clickTAG Option May Lead to Privacy Breach Cross-site scripting (XSS) vulnerability in Macromedia Flash ad user tracking capability allows remote attackers to insert arbitrary Javascript via the clickTAG field.

cpe:/a:sourcefire:snort:1.9 cpe:/a:sourcefire:snort:1.8.3 cpe:/a:sourcefire:snort:1.8.6 cpe:/a:sourcefire:snort:1.9.1 cpe:/a:sourcefire:snort:1.8.7 cpe:/a:sourcefire:snort:1.8.5 cpe:/a:sourcefire:snort:1.8 cpe:/a:sourcefire:snort:1.8.2 cpe:/a:sourcefire:snort:1.8.1 cpe:/a:smoothwall:smoothwall:2.0_beta_4 cpe:/a:sourcefire:snort:1.8.4

CVE-2003-0209

2003-05-05T00:00:00.000-04:00

2008-09-10T15:18:15.603-04:00

10.0

NETWORK

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

CERT-VN VU#139129 CERT CA-2003-13 BID 7178 DEBIAN DSA-297 MISC http://www.coresecurity.com/common/showdoc.php?idx=313&idxseccion=10 ENGARDE ESA-20030430-013 BUGTRAQ 20030428 GLSA: snort (200304-06) BUGTRAQ 20030423 Snort <=1.9.1 exploit BUGTRAQ 20030422 GLSA: snort (200304-05) BUGTRAQ 20030415 CORE-2003-0307: Snort TCP Stream Reassembly Integer Overflow Vulnerability MANDRAKE MDKSA-2003:052 Integer overflow in the TCP stream reassembly module (stream4) for Snort 2.0 and earlier allows remote attackers to execute arbitrary code via large sequence numbers in packets, which enable a heap-based buffer overflow.

cpe:/a:cisco:secure_access_control_server:3.0.1 cpe:/a:cisco:secure_access_control_server:2.3 cpe:/a:cisco:secure_access_control_server:3.1.1 cpe:/a:cisco:secure_access_control_server:3.0 cpe:/a:cisco:secure_access_control_server:2.4 cpe:/a:cisco:secure_access_control_server:2.6 cpe:/a:cisco:secure_access_control_server:2.6.4 cpe:/a:cisco:secure_access_control_server:2.6.3 cpe:/a:cisco:secure_access_control_server:2.1 cpe:/a:cisco:secure_access_control_server:2.6.2 cpe:/a:cisco:secure_access_control_server:2.5 cpe:/a:cisco:secure_access_control_server:3.0.3

CVE-2003-0210

2003-05-12T00:00:00.000-04:00

2008-09-10T15:18:15.697-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

CERT-VN VU#697049 CISCO 20030423 Cisco Secure Access Control Server for Windows Admin Buffer Overflow Vulnerability BUGTRAQ 20030424 NSFOCUS SA2003-04 : Remote Buffer Overflow Vulnerability in Web Management Interface of Cisco Secure ACS NTBUGTRAQ 20030424 NSFOCUS SA2003-04 : Remote Buffer Overflow Vulnerability in Web Management Interface of Cisco Secure ACS Buffer overflow in the administration service (CSAdmin) for Cisco Secure ACS before 3.1.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long user parameter to port 2002.

cpe:/a:xinetd:xinetd:2.3.4 cpe:/a:xinetd:xinetd:2.3.0 cpe:/a:xinetd:xinetd:2.3.3 cpe:/a:xinetd:xinetd:2.3.6 cpe:/a:xinetd:xinetd:2.3.2 cpe:/a:xinetd:xinetd:2.3.10 cpe:/a:xinetd:xinetd:2.3.8 cpe:/a:xinetd:xinetd:2.3.7 cpe:/a:xinetd:xinetd:2.3.1 cpe:/a:xinetd:xinetd:2.3.9 cpe:/a:xinetd:xinetd:2.3.5

CVE-2003-0211

2003-05-05T00:00:00.000-04:00

2008-09-10T15:18:15.807-04:00

5.0

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

BUGTRAQ 20030418 Xinetd 2.3.10 Memory Leaks REDHAT RHSA-2003:160 CONFIRM http://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=88537 MANDRAKE MDKSA-2003:056 CONECTIVA CLA-2003:782 Memory leak in xinetd 2.3.10 allows remote attackers to cause a denial of service (memory consumption) via a large number of rejected connections.

cpe:/a:rinetd:rinetd:0.52 cpe:/a:rinetd:rinetd:0.61

CVE-2003-0212

2003-05-12T00:00:00.000-04:00

2008-09-10T15:18:15.930-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

DEBIAN DSA-289 BUGTRAQ 20030417 Vulnerability in rinetd handleAccept in rinetd before 0.62 does not properly resize the connection list when it becomes full and sets an array index incorrectly, which allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large number of connections.

cpe:/a:poptop:pptp_server:1.1.3 cpe:/a:poptop:pptp_server:1.1.4b2 cpe:/a:poptop:pptp_server:1.1.4b1 cpe:/a:poptop:pptp_server:1.1.2 cpe:/a:poptop:pptp_server:1.0.1 cpe:/a:poptop:pptp_server:1.1.3_2002-10-09

CVE-2003-0213

2003-05-12T00:00:00.000-04:00

2008-09-05T16:33:46.287-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

CERT-VN VU#673993 BID 7316 BUGTRAQ 20030409 PoPToP PPTP server remotely exploitable buffer overflow DEBIAN DSA-295 SUSE SuSE-SA:2003:029 BUGTRAQ 20030418 Exploit for PoPToP PPTP server BUGTRAQ 20030422 Re: Exploit for PoPToP PPTP server - Linux version CONFIRM http://sourceforge.net/project/shownotes.php?release_id=138437 BUGTRAQ 20030428 GLSA: pptpd (200304-08) ctrlpacket.c in PoPToP PPTP server before 1.1.4-b3 allows remote attackers to cause a denial of service via a length field of 0 or 1, which causes a negative value to be fed into a read operation, leading to a buffer overflow.

cpe:/a:debian:mime-support:3.15 cpe:/a:debian:mime-support:3.13 cpe:/a:debian:mime-support:3.12 cpe:/a:debian:mime-support:3.9 cpe:/a:debian:mime-support:3.19 cpe:/a:debian:mime-support:3.18 cpe:/a:debian:mime-support:3.16 cpe:/a:debian:mime-support:3.14 cpe:/a:debian:mime-support:3.10 cpe:/a:debian:mime-support:3.17 cpe:/a:debian:mime-support:3.11 cpe:/a:debian:mime-support:3.20 cpe:/a:debian:mime-support:3.21

CVE-2003-0214

2003-05-12T00:00:00.000-04:00

2008-09-05T16:33:46.443-04:00

4.6

LOCAL

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

DEBIAN DSA-292 run-mailcap in mime-support 3.22 and earlier allows local users to overwrite arbitrary files via a symlink attack on temporary files.

cpe:/a:battleaxe_software:bttlxeforum:2.0_beta_3

CVE-2003-0215

2003-05-12T00:00:00.000-04:00

2008-09-10T15:18:16.603-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

CONFIRM http://www.battleaxesoftware.com/forums/forum.asp?forumid=36&select=1812 BUGTRAQ 20030424 SQL injection in BttlxeForum SECTRACK 1006632 SQL injection vulnerability in bttlxeForum 2.0 beta 3 and earlier allows remote attackers to bypass authentication via the (1) username and (2) password fields, and possibly other fields.

cpe:/o:cisco:catos:7.5%281%29

CVE-2003-0216

2003-05-12T00:00:00.000-04:00

2008-09-10T15:18:16.663-04:00

9.3

NETWORK

MEDIUM

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

CERT-VN VU#443257 CISCO 20030424 Cisco Security Advisory: Cisco Catalyst Enable Password Bypass Vulnerability Unknown vulnerability in Cisco Catalyst 7.5(1) allows local users to bypass authentication and gain access to the enable mode without a password.

cpe:/a:neoteris:instant_virtual_extranet:3.01

CVE-2003-0217

2003-06-16T00:00:00.000-04:00

2008-09-10T15:18:16.727-04:00

6.8

NETWORK

MEDIUM

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_USER_ACCESS

BUGTRAQ 20030513 XSS In Neoteris IVE Allows Session Hijacking Cross-site scripting (XSS) vulnerability in Neoteris Instant Virtual Extranet (IVE) 3.01 and earlier allows remote attackers to insert arbitrary web script and bypass authentication via a certain CGI script.

cpe:/a:monkey-project:monkey_http_daemon:0.6.0 cpe:/a:monkey-project:monkey_http_daemon:0.1.1 cpe:/a:monkey-project:monkey_http_daemon:0.5.2 cpe:/a:monkey-project:monkey_http_daemon:0.6.1

CVE-2003-0218

2003-05-12T00:00:00.000-04:00

2012-10-24T00:00:00.000-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

BID 7202 BUGTRAQ 20030428 GLSA: monkeyd (200304-07.1) VULNWATCH 20030420 Monkey HTTPd Remote Buffer Overflow CONFIRM http://monkeyd.sourceforge.net/Changelog.txt BUGTRAQ 20030420 Monkey HTTPd Remote Buffer Overflow Buffer overflow in PostMethod() function for Monkey HTTP Daemon (monkeyd) 0.6.1 and earlier allows remote attackers to execute arbitrary code via a POST request with a large body.

cpe:/a:kerio:personal_firewall_2:2.1.4 cpe:/a:kerio:personal_firewall_2:2.1.1 cpe:/a:kerio:personal_firewall_2:2.1 cpe:/a:kerio:personal_firewall_2:2.1.2 cpe:/a:kerio:personal_firewall_2:2.1.3

CVE-2003-0219

2003-05-12T00:00:00.000-04:00

2008-09-05T16:33:47.193-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

CERT-VN VU#641012 MISC http://www.coresecurity.com/common/showdoc.php?idx=314&idxseccion=10 BID 7179 BUGTRAQ 20030428 CORE-2003-0305-02: Vulnerabilities in Kerio Personal Firewall Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute administrator commands by sniffing packets from a valid session and replaying them against the remote administration server.

cpe:/a:kerio:personal_firewall_2:2.1.4 cpe:/a:kerio:personal_firewall_2:2.1.1 cpe:/a:kerio:personal_firewall_2:2.1 cpe:/a:kerio:personal_firewall_2:2.1.2 cpe:/a:kerio:personal_firewall_2:2.1.3

CVE-2003-0220

2003-05-12T00:00:00.000-04:00

2008-09-05T16:33:47.347-04:00

7.5

NETWORK

LOW

NONE

PARTIAL

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_OTHER_ACCESS

CERT-VN VU#454716 MISC http://www.coresecurity.com/common/showdoc.php?idx=314&idxseccion=10 BID 7180 BUGTRAQ 20030428 CORE-2003-0305-02: Vulnerabilities in Kerio Personal Firewall Buffer overflow in the administrator authentication process for Kerio Personal Firewall (KPF) 2.1.4 and earlier allows remote attackers to execute arbitrary code via a handshake packet.

cpe:/o:hp:tru64:5.1b:pk1

CVE-2003-0221

2003-05-12T00:00:00.000-04:00

2008-09-05T16:33:47.503-04:00

7.2

LOCAL

LOW

NONE

COMPLETE

http://nvd.nist.gov

2004-01-01T00:00:00.000-05:00

ALLOWS_ADMIN_ACCESS

XF tru64-dupatch-setld-symlink(11892) BID 7452 HP SSRT3471 The (1) dupatch and (2) setld utilities in HP Tru64 UNIX 5.1B PK1 and earlier allows local users to overwrite files and possibly gain root privileges via a symlink attack.

cpe:/a:oracle:oracle8i:8.1.7 cpe:/a:oracle:oracle8i:8.1.5 cpe:/a:oracle:oracle9i:9.0.1.2 cpe:/a:oracle:oracle8i:8.1.7.4 cpe:/a:oracle:oracle9i:9.2.0.1 cpe:/a:oracle:oracle9i:9.0 cpe:/a:oracle:oracle8i:8.0.6.3 cpe:/a:oracle:database_server:9.2.1 cpe:/a:oracle:oracle9i:9.0.1 cpe:/a:oracle:database_server:8.1.5 cpe:/a:oracle:oracle8i:8.1.6 cpe:/a:oracle:database_server:9.2.2 cpe:/a:oracle:oracle9i:9.0.2 cpe:/a:oracle:oracle9i:9.0.1.3 cpe:/a:oracle:database_server:8.0.3 cpe:/a:oracle:oracle8i:8.1.7.1 cpe:/a:oracle:oracle9i:9.0.1.4 cpe:/a:oracle:database_server:7.3.3 cpe:/a:oracle:database_server:8.0.2 cpe:/a:oracle:database_server:8.0.5.1 cpe:/a:oracle:oracle8i:8.1x cpe:/a:oracle:database_server:8.0.1 cpe:/a:oracle:database_server:7.3.4 cpe:/a:oracle:database_server:8.1.6 cpe:/a:oracle:oracle8i:8.0.6 cpe:/a:oracle:oracle8i:8.0x cpe:/a:oracle:oracle9i:9.2.0.2 cpe:/a:oracle:database_server:8.0.4 cpe:/a:oracle:database_server:8.0.5 cpe:/a:oracle:database_server:8.1.7 cpe:/a:oracle:database_server:8.0.6

CVE-2003-0222

2003-05-12T00:00:00.000-04:00

2008-09-05T00:00:00.000-04:00

9.0

NETWORK

LOW

SINGLE_INSTANCE

COMPLETE

http://nvd.nist.gov