Total
274589 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2003-0393 | 1 Privacyware | 1 Privatefirewall | 2024-11-20 | N/A |
Privacyware Privatefirewall 3.0 does not block certain incoming packets when in "Filter Internet Traffic" or Deny Internet Traffic" modes, which allows remote attackers to identify running services via FIN scans or Xmas scans. | ||||
CVE-2003-0392 | 1 St | 1 Ftp Service | 2024-11-20 | N/A |
Directory traversal vulnerability in ST FTP Service 3.0 allows remote attackers to list arbitrary directories via a CD command with a DoS drive letter argument (e.g. E:). | ||||
CVE-2003-0391 | 1 Amax Information Technologies | 1 Magic Winmail Server | 2024-11-20 | N/A |
Format string vulnerability in Magic WinMail Server 2.3, and possibly other 2.x versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format string specifiers in the PASS command. | ||||
CVE-2003-0390 | 1 James Theiler | 1 Opt | 2024-11-20 | N/A |
Multiple buffer overflows in Options Parsing Tool (OPT) shared library 3.18 and earlier, when used in setuid programs, may allow local users to execute arbitrary code via long command line options that are fed into macros such as opt_warn_2, as used in functions such as opt_atoi. | ||||
CVE-2003-0389 | 1 Rsa | 1 Ace Agent | 2024-11-20 | N/A |
Cross-site scripting (XSS) vulnerability in the secure redirect function of RSA ACE/Agent 5.0 for Windows, and 5.x for Web, allows remote attackers to insert arbitrary web script and possibly cause users to enter a passphrase via a GET request containing the script. | ||||
CVE-2003-0388 | 2 Andrew Morgan, Redhat | 2 Linux Pam, Enterprise Linux | 2024-11-20 | N/A |
pam_wheel in Linux-PAM 0.78, with the trust option enabled and the use_uid option disabled, allows local users to spoof log entries and gain privileges by causing getlogin() to return a spoofed user name. | ||||
CVE-2003-0386 | 2 Openbsd, Redhat | 2 Openssh, Enterprise Linux | 2024-11-20 | N/A |
OpenSSH 3.6.1 and earlier, when restricting host access by numeric IP addresses and with VerifyReverseMapping disabled, allows remote attackers to bypass "from=" and "user@host" address restrictions by connecting to a host from a system whose reverse DNS hostname contains the numeric IP address. | ||||
CVE-2003-0385 | 1 Debian | 1 Debian Linux | 2024-11-20 | N/A |
Buffer overflow in xaos 3.0-23 and earlier, when running setuid, allows local users to gain root privileges via a long -language option. | ||||
CVE-2003-0382 | 2 Debian, Michael Jennings | 2 Debian Linux, Eterm | 2024-11-20 | N/A |
Buffer overflow in Eterm 0.9.2 allows local users to gain privileges via a long ETERMPATH environment variable. | ||||
CVE-2003-0381 | 1 Norman Ramsey | 1 Noweb | 2024-11-20 | N/A |
Multiple vulnerabilities in noweb 2.9 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files via multiple vectors including the noroff script. | ||||
CVE-2003-0380 | 1 Atftpd | 1 Atftpd | 2024-11-20 | N/A |
Buffer overflow in atftp daemon (atftpd) 0.6.1 and earlier, and possibly later versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long filename. | ||||
CVE-2003-0379 | 1 Apple | 1 Afp Server | 2024-11-20 | N/A |
Unknown vulnerability in Apple File Service (AFP Server) for Mac OS X Server, when sharing files on a UFS or re-shared NFS volume, allows remote attackers to overwrite arbitrary files. | ||||
CVE-2003-0378 | 1 Apple | 1 Mac Os X | 2024-11-20 | N/A |
The Kerberos login authentication feature in Mac OS X, when used with an LDAPv3 server and LDAP bind authentication, may send cleartext passwords to the LDAP server when the AuthenticationAuthority attribute is not set. | ||||
CVE-2003-0377 | 1 Iisprotect | 1 Iisprotect | 2024-11-20 | N/A |
SQL injection vulnerability in the web-based administration interface for iisPROTECT 2.2-r4, and possibly earlier versions, allows remote attackers to insert arbitrary SQL and execute code via certain variables, as demonstrated using the GroupName variable in SiteAdmin.ASP. | ||||
CVE-2003-0376 | 1 Qualcomm | 1 Eudora | 2024-11-20 | N/A |
Buffer overflow in Eudora 5.2.1 allows remote attackers to cause a denial of service (crash and failed restart) and possibly execute arbitrary code via an Attachment Converted argument with a large number of . (dot) characters. | ||||
CVE-2003-0375 | 1 Xmb Forum | 1 Xmb | 2024-11-20 | N/A |
Cross-site scripting (XSS) vulnerability in member.php of XMBforum XMB 1.8.x (aka Partagium) allows remote attackers to insert arbitrary HTML and web script via the "member" parameter. | ||||
CVE-2003-0374 | 1 Nessus | 1 Nessus | 2024-11-20 | N/A |
Multiple unknown vulnerabilities in Nessus before 2.0.6, in libnessus and possibly libnasl, a different set of vulnerabilities than those identified by CVE-2003-0372 and CVE-2003-0373, aka "similar issues in other nasl functions as well as in libnessus." | ||||
CVE-2003-0373 | 1 Nessus | 1 Nessus | 2024-11-20 | N/A |
Multiple buffer overflows in libnasl in Nessus before 2.0.6 allow local users with plugin upload privileges to cause a denial of service (core dump) and possibly execute arbitrary code via (1) a long proto argument to the scanner_add_port function, (2) a long user argument to the ftp_log_in function, (3) a long pass argument to the ftp_log_in function. | ||||
CVE-2003-0372 | 1 Nessus | 1 Nessus | 2024-11-20 | N/A |
Signed integer vulnerability in libnasl in Nessus before 2.0.6 allows local users with plugin upload privileges to cause a denial of service (core dump) and possibly execute arbitrary code by causing a negative argument to be provided to the insstr function as used in a NASL script. | ||||
CVE-2003-0371 | 1 Prishtina Soft | 1 Prishtina Ftp | 2024-11-20 | N/A |
Buffer overflow in Prishtina FTP client 1.x allows remote FTP servers to cause a denial of service (crash) and possibly execute arbitrary code via a long FTP banner. |