| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| NFS allows users to use a "cd .." command to access other directories besides the exported file system. |
| The convert.bas program in the Novell web server allows a remote attackers to read any file on the system that is internally accessible by the web server. |
| Windows NT crashes or locks up when a Samba client executes a "cd .." command on a file share. |
| The passwd command in Solaris can be subjected to a denial of service. |
| Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard port number is 111. |
| Solaris rpcbind can be exploited to overwrite arbitrary files and gain root access. |
| IIS newdsn.exe CGI script allows remote users to overwrite files. |
| Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1. |
| A quote cwd command on FTP servers can reveal the full path of the home directory of the "ftp" user. |
| The GNU tar command, when used in FTP sessions, may allow an attacker to execute arbitrary commands. |
| MIME buffer overflow in Sendmail 8.8.0 and 8.8.1 gives root access. |
| Extra long export lists over 256 characters in some mount daemons allows NFS directories to be mounted by anyone. |
| Automount daemon automountd allows local or remote users to gain privileges via shell metacharacters. |
| Solaris rpc.mountd generates error messages that allow a remote attacker to determine what files are on the server. |
| libnsl in Solaris allowed an attacker to perform a denial of service of rpcbind. |
| Livingston portmaster machines could be rebooted via a series of commands. |
| Denial of service in Cisco IOS web server allows attackers to reboot the router using a long URL. |
| Solaris syslogd crashes when receiving a message from a host that doesn't have an inverse DNS entry. |
| Progressive Networks Real Video server (pnserver) can be crashed remotely. |
| Tor before 0.1.1.20 allows remote attackers to identify hidden services via a malicious Tor server that attempts a large number of accesses of the hidden service, which eventually causes a circuit to be built through the malicious server. |
