| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in the InterAccess telnet server TelnetD allows remote attackers to execute commands via a long login name. |
| Microsoft Windows 9x operating systems allow an attacker to cause a denial of service via a pathname that includes file device names, aka the "DOS Device in Path Name" vulnerability. |
| The mtr program only uses a seteuid call when attempting to drop privileges, which could allow local users to gain root privileges. |
| The default configuration of Serv-U 2.5d and earlier allows remote attackers to determine the real pathname of the server by requesting a URL for a directory or file that does not exist. |
| Buffer overflow in AnalogX Proxy 4.13 allows remote attackers to execute arbitrary code via a long URL to port 6588. |
| Sojourn search engine allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
| Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords. |
| Firewall-1 3.0 and 4.0 leaks packets with private IP address information, which could allow remote attackers to determine the real IP address of the host that is making the connection. |
| Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument. |
| ColdFusion Server 4.x allows remote attackers to determine the real pathname of the server via an HTTP request to the application.cfm or onrequestend.cfm files. |
| AOL Instant Messenger (AIM) client allows remote attackers to cause a denial of service via a message with a malformed ASCII value. |
| The default configuration of Dosemu in Corel Linux 1.0 allows local users to execute the system.com program and gain privileges. |
| The lit program in Sun Flex License Manager (FlexLM) follows symlinks, which allows local users to modify arbitrary files. |
| InterAccess TelnetD Server 4.0 allows remote attackers to conduct a denial of service via malformed terminal client configuration information. |
| FTP Explorer uses weak encryption for storing the username, password, and profile of FTP sites. |
| vqSoft vqServer stores sensitive information such as passwords in cleartext in the server.cfg file, which allows attackers to gain privileges. |
| Vulnerability in SCO cu program in UnixWare 7.x allows local users to gain privileges. |
| The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious xauth program. |
| Linux kreatecd trusts a user-supplied path that is used to find the cdrecord program, allowing local users to gain root privileges. |
| WindMail allows remote attackers to read arbitrary files or execute commands via shell metacharacters. |
