| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash. |
| Sun's ftpd daemon can be subjected to a denial of service. |
| Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0. |
| IRIX fam service allows an attacker to obtain a list of all files on the server. |
| Solaris ufsrestore buffer overflow. |
| AIX routed allows remote users to modify sensitive files. |
| Buffer overflow in ArgoSoft FTP Server 1.4.3.6 allows remote attackers to execute arbitrary code via Unicode in the RNTO command, as demonstrated by the Infigo FTPStress Fuzzer. |
| Denial of service in AIX telnet can freeze a system and prevent users from accessing the server. |
| Buffer overflow in AIX rcp command allows local users to obtain root access. |
| Sendmail decode alias can be used to overwrite sensitive files. |
| Multiple cross-site scripting (XSS) vulnerabilities in links.php in PHP Linkliste 1.0b allow remote attackers to inject arbitrary web script or HTML via the (1) new_input, (2) new_url, or (3) new_name parameter. |
| Buffer overflow in AIX and Solaris "gethostbyname" library call allows root access through corrupt DNS host names. |
| SQL injection vulnerability in search.php in Servous sBLOG 0.7.2 allows remote attackers to execute arbitrary SQL commands via the keyword parameter. NOTE: this issue can be used to trigger path disclosure. In addition, it might be primary to vector 1 in CVE-2006-1135. |
| A later variation on the Teardrop IP denial of service attack, a.k.a. Teardrop-2. |
| Buffer overflow in KarjaSoft Sami FTP Server 2.0.2 and earlier allows remote attackers to execute arbitrary code via a long (1) USER or (2) PASS command. |
| The web interface for AWStats 6.4 and 6.5, when statistics updates are enabled, allows remote attackers to execute arbitrary code via shell metacharacters in the migrate parameter. |
| finger allows recursive searches by using a long string of @ symbols. |
| Buffer overflow in ffbconfig in Solaris 2.5.1. |
| Some implementations of rlogin allow root access if given a -froot parameter. |
| Cross-site request forgery (CSRF) vulnerability in Citrix Presentation Server 4.0 and 4.5, MetaFrame Presentation Server 3.0, and Access Essentials 1.0 through 2.0 allows remote attackers to execute arbitrary published applications, and possibly other programs, as authenticated users via the InitialProgram key in an ICA connection. NOTE: some of these details are obtained from third party information. |
