Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2005-3169 | 1 Microsoft | 1 Windows 2000 | 2008-09-05 | 5.0 MEDIUM | N/A |
| Microsoft Windows 2000 before Update Rollup 1 for SP4, when the "audit directory service access" policy is enabled, does not record a 565 event message for File Delete Child operations on an Active Directory object in the security event log, which could allow attackers to conduct unauthorized activities without detection. | |||||
| CVE-2005-3170 | 1 Microsoft | 1 Windows 2000 | 2008-09-05 | 5.1 MEDIUM | N/A |
| The LDAP client on Microsoft Windows 2000 before Update Rollup 1 for SP4 accepts certificates using LDAP Secure Sockets Layer (LDAPS) even when the Certificate Authority (CA) is not trusted, which could allow attackers to trick users into believing that they are accessing a trusted site. | |||||
| CVE-2005-3171 | 1 Microsoft | 1 Windows 2000 | 2008-09-05 | 4.6 MEDIUM | N/A |
| Microsoft Windows 2000 before Update Rollup 1 for SP4 records Event ID 1704 to indicate that Group Policy security settings were successfully updated, even when the processing fails such as when Ntuser.pol cannot be accessed, which could cause system administrators to believe that the system is compliant with the specified settings. | |||||
| CVE-2005-3172 | 1 Microsoft | 1 Windows 2000 | 2008-09-05 | 5.0 MEDIUM | N/A |
| The WideCharToMultiByte function in Microsoft Windows 2000 before Update Rollup 1 for SP4 does not properly convert strings with Japanese composite characters in the last character, which could prevent the string from being null terminated and lead to data corruption or enable buffer overflow attacks. | |||||
| CVE-2005-3173 | 1 Microsoft | 1 Windows 2000 | 2008-09-05 | 4.6 MEDIUM | N/A |
| Microsoft Windows 2000 before Update Rollup 1 for SP4 does not apply group policies if the user logs on using UPN credentials with a trailing dot, which prevents Windows 2000 from finding the correct domain controller and could allow the user to bypass intended restrictions. | |||||
| CVE-2005-3174 | 1 Microsoft | 1 Windows 2000 | 2008-09-05 | 4.6 MEDIUM | N/A |
| Microsoft Windows 2000 before Update Rollup 1 for SP4 allows users to log on to the domain, even when their password has expired, if the fully qualified domain name (FQDN) is 8 characters long. | |||||
| CVE-2005-3175 | 1 Microsoft | 1 Windows 2000 | 2008-09-05 | 7.2 HIGH | N/A |
| Microsoft Windows 2000 before Update Rollup 1 for SP4 allows a local administrator to unlock a computer even if it has been locked by a domain administrator, which allows the local administrator to access the session as the domain administrator. | |||||
| CVE-2005-3176 | 1 Microsoft | 1 Windows 2000 | 2008-09-05 | 7.5 HIGH | N/A |
| Microsoft Windows 2000 before Update Rollup 1 for SP4 does not record the IP address of a Windows Terminal Services client in a security log event if the client connects successfully, which could make it easier for attackers to escape detection. | |||||
| CVE-2005-3177 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2008-09-05 | 4.6 MEDIUM | N/A |
| CHKDSK in Microsoft Windows 2000 before Update Rollup 1 for SP4, Windows XP, and Windows Server 2003, when running in fix mode, does not properly handle security descriptors if the master file table contains a large number of files or if the descriptors do not satisfy certain NTFS conventions, which could cause ACLs for some files to be reverted to less secure defaults, or cause security descriptors to be removed. | |||||
| CVE-2005-3238 | 1 Sun | 1 Solaris | 2008-09-05 | 2.1 LOW | N/A |
| Multiple unspecified vulnerabilities in Solaris 10 SCTP Socket Option Processing allows local users to cause a denial of service (panic) via unspecified attack vectors. | |||||
| CVE-2005-3251 | 1 Gallery Project | 1 Gallery | 2008-09-05 | 6.4 MEDIUM | N/A |
| Directory traversal vulnerability in the gallery script in Gallery 2.0 (G2) allows remote attackers to read or include arbitrary files via ".." sequences in the g2_itemId parameter. | |||||
| CVE-2005-3254 | 1 Nathan Neulinger | 1 Cgiwrap | 2008-09-05 | 10.0 HIGH | N/A |
| The CGIwrap program before 3.9 on Debian GNU/Linux uses an incorrect minimum value of 100 for a UID to determine whether it can perform a seteuid operation, which could allow attackers to execute code as other system UIDs that are greater than the minimum value, which should be 1000 on Debian systems. | |||||
| CVE-2005-3255 | 1 Nathan Neulinger | 1 Cgiwrap | 2008-09-05 | 5.0 MEDIUM | N/A |
| The (1) cgiwrap and (2) php-cgiwrap packages before 3.9 in Debian GNU/Linux provide access to debugging CGIs under the web document root, which allows remote attackers to obtain sensitive information via direct requests to those CGIs. | |||||
| CVE-2005-3268 | 1 Raphael Bossek | 1 Yiff Server | 2008-09-05 | 2.1 LOW | N/A |
| yiff server (yiff-server) 2.14.2 on Debian GNU/Linux runs as root and does not properly verify ownership of files that it opens, which allows local users to read arbitrary files. | |||||
| CVE-2005-3270 | 1 Symantec | 1 Norton Antivirus | 2008-09-05 | 7.2 HIGH | N/A |
| Untrusted search path vulnerability in DiskMountNotify for Symantec Norton AntiVirus 9.0.3 allows local users to gain privileges by modifying the PATH to reference a malicious (1) ps or (2) grep file. | |||||
| CVE-2005-3277 | 1 Hp | 1 Hp-ux | 2008-09-05 | 10.0 HIGH | N/A |
| The LPD service in HP-UX 10.20 11.11 (11i) and earlier allows remote attackers to execute arbitrary code via shell metacharacters ("`" or single backquote) in a request that is not properly handled when an error occurs, as demonstrated by killing the connection, a different vulnerability than CVE-2002-1473. | |||||
| CVE-2005-3279 | 1 Jan Kybic | 1 Bitmap Viewer | 2008-09-05 | 7.2 HIGH | N/A |
| Stack-based buffer overflow in the vgasco_printf function in Jan Kybic BitMap Viewer (BMV) 1.2, when compiled with the M_UNIX flag and running setuid, allows local users to gain privileges via a long filename in the -b command line option. | |||||
| CVE-2005-3281 | 1 Nukefixes | 1 Nukefixes | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in NukeFixes 3.1 for PHP-Nuke 7.8 allows remote attackers to include arbitrary files via the file parameter. | |||||
| CVE-2005-3282 | 1 Splatt | 1 Splatt Forum | 2008-09-05 | 7.5 HIGH | N/A |
| Splatt Forum 3.0 to 3.2 allows remote attackers to bypass authentication via unknown vectors. | |||||
| CVE-2005-3284 | 1 Ahnlab | 3 Myv3, V3net, V3pro 2004 | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple buffer overflows in AhnLab V3 AntiVirus V3Pro 2004 before 6.0.0.488, V3Net for Windows Server 6.0 before 6.0.0.488, and MyV3, with compressed file scanning enabled, allow remote attackers to execute arbitrary code via crafted (1) ALZ, (2) UUE, or (3) XXE archives. | |||||
| CVE-2005-3285 | 1 Comersus Open Technologies | 1 Comersus Backoffice Plus | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in comersus_backoffice_searchItemForm.asp in Comersus BackOffice Plus allows remote attackers to inject arbitrary web script or HTML via the (1) forwardTo1, (2) forwardTo2, (3) nameFT1, or (4) nameFT2 parameters. | |||||
| CVE-2005-3287 | 1 Rockliffe | 1 Mailsite Express | 2008-09-05 | 5.0 MEDIUM | N/A |
| Incomplete blacklist vulnerability in Mailsite Express allows remote attackers to upload and possibly execute files via attachments with executable extensions such as ASPX, which are not converted to .TXT like other dangerous extensions, and which can be directly requested from the cache directory. | |||||
| CVE-2005-3288 | 1 Rockliffe | 1 Mailsite Express | 2008-09-05 | 5.0 MEDIUM | N/A |
| Mailsite Express allows remote attackers to upload and execute files with executable extensions such as ASP by attaching the file using the "compose page" feature, then accessing the file from the cache directory before saving or sending the message. | |||||
| CVE-2005-3289 | 1 Ibm | 1 Aix | 2008-09-05 | 2.1 LOW | N/A |
| LSCFG in IBM AIX 5.2 and 5.3 does not create temporary files securely, which allows local users to corrupt /etc/passwd and possibly other system files via the trace file. | |||||
| CVE-2005-3291 | 1 Stani | 1 Stanis Python Editor | 2008-09-05 | 4.6 MEDIUM | N/A |
| Stani's Python Editor (SPE) 0.7.5 is installed with world-writable permissions, which allows local users to gain privileges by modifying executable files. | |||||
| CVE-2005-3292 | 1 Xeobook | 1 Xeobook | 2008-09-05 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Xeobook 0.93 allow remote attackers to inject arbitrary web script or HTML via Javascript events in tages such as <b>. | |||||
| CVE-2005-2531 | 1 Openvpn | 1 Openvpn | 2008-09-05 | 5.0 MEDIUM | N/A |
| OpenVPN before 2.0.1, when running with "verb 0" and without TLS authentication, does not properly flush the OpenSSL error queue when a client fails certificate authentication to the server and causes the error to be processed by the wrong client, which allows remote attackers to cause a denial of service (client disconnection) via a large number of failed authentication attempts. | |||||
| CVE-2005-2532 | 1 Openvpn | 1 Openvpn | 2008-09-05 | 5.0 MEDIUM | N/A |
| OpenVPN before 2.0.1 does not properly flush the OpenSSL error queue when a packet can not be decrypted by the server, which allows remote authenticated attackers to cause a denial of service (client disconnection) via a large number of packets that can not be decrypted. | |||||
| CVE-2005-2533 | 1 Openvpn | 1 Openvpn | 2008-09-05 | 2.1 LOW | N/A |
| OpenVPN before 2.0.1, when running in "dev tap" Ethernet bridging mode, allows remote authenticated clients to cause a denial of service (memory exhaustion) via a flood of packets with a large number of spoofed MAC addresses. | |||||
| CVE-2005-2534 | 1 Openvpn | 1 Openvpn | 2008-09-05 | 2.6 LOW | N/A |
| Race condition in OpenVPN before 2.0.1, when --duplicate-cn is not enabled, allows remote attackers to cause a denial of service (server crash) via simultaneous TCP connections from multiple clients that use the same client certificate. | |||||
| CVE-2005-2547 | 1 Bluez Project | 1 Bluez | 2008-09-05 | 7.5 HIGH | N/A |
| security.c in hcid for BlueZ 2.16, 2.17, and 2.18 allows remote attackers to execute arbitrary commands via shell metacharacters in the Bluetooth device name when invoking the PIN helper. | |||||
| CVE-2005-2551 | 1 Novell | 1 Edirectory | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in dhost.exe in iMonitor for Novell eDirectory 8.7.3 on Windows allows attackers to cause a denial of service (crash) and obtain access to files via unknown vectors. | |||||
| CVE-2005-2588 | 1 Dvbbs | 1 Dvbbs | 2008-09-05 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in DVBBS 7.1 SP2 and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the page parameter to dispbbs.asp, (2) name parameter to dispuser.asp, or the (3) title, (4) view, or (5) act parameter to boardhelp.asp. | |||||
| CVE-2005-2589 | 1 Linksys | 1 Wrt54gs | 2008-09-05 | 7.5 HIGH | N/A |
| Unknown vulnerability in Linksys WRT54GS wireless router with firmware 4.50.6, with WPA Personal/TKIP authentication enabled, allows remote clients to bypass authentication by connecting without using encryption. | |||||
| CVE-2005-2594 | 1 Apple | 1 Safari | 2008-09-05 | 5.0 MEDIUM | N/A |
| Apple Safari 1.3 (132) on Mac OS X 1.3.9 allows remote attackers to cause a denial of service (crash) via certain Javascript, possibly involving a function that defines a handler for itself within the function body. | |||||
| CVE-2005-2595 | 1 Dada Mail | 1 Dada Mail | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Dada Mail before 2.10 Alpha 1 allows remote attackers to execute arbitrary Javascript via archived messages. | |||||
| CVE-2005-2596 | 1 Gallery Project | 1 Gallery | 2008-09-05 | 4.6 MEDIUM | N/A |
| User.php in Gallery, as used in Postnuke, allows users with any Admin privileges to gain access to all galleries. | |||||
| CVE-2005-2598 | 1 Dokeos | 1 Dokeos | 2008-09-05 | 5.0 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in Dokeos 1.6 and earlier, and possibly Claroline, allow remote attackers to (1) delete arbitrary files or directories via the delete parameter to claroline/scorm/scormdocument.php, (2) move arbitrary files via the move_to and move_file parameters to claroline/document/document.php, or determine the existence of arbitrary files via the file parameter to (3) claroline/scorm/showinframes.php or (4) claroline/scorm/contents.php. | |||||
| CVE-2005-2600 | 1 Ilia Alshanetsky | 1 Fudforum | 2008-09-05 | 5.0 MEDIUM | N/A |
| FUDForum 2.6.15 with "Tree View" enabled, as used in other products such as phpgroupware and egroupware, allows remote attackers to read private posts via a modified mid parameter. | |||||
| CVE-2005-2601 | 1 Midicart Software | 1 Midicart Php Shopping Cart | 2008-09-05 | 7.5 HIGH | N/A |
| SQL injection vulnerability in MidiCart allows remote attackers to execute arbitrary SQL commands via the code_no parameter to (1) Item_Show.asp or (2) search_list.asp. | |||||
| CVE-2005-2602 | 1 Mozilla | 2 Firefox, Thunderbird | 2008-09-05 | 2.6 LOW | N/A |
| Mozilla Thunderbird 1.0 and Firefox 1.0.6 allows remote attackers to obfuscate URIs via a long URI, which causes the address bar to go blank and could facilitate phishing attacks. | |||||
| CVE-2005-2605 | 1 Omnipilot Software | 1 Lasso Professional Server | 2008-09-05 | 6.4 MEDIUM | N/A |
| Unknown vulnerability in Lasso Professional Server8.0.4 and 8.0.5 allows attackers to bypass authentication, related to [Auth] tags. | |||||
| CVE-2005-2607 | 1 Phpsimplicity | 1 Simplicity Of Upload | 2008-09-05 | 5.0 MEDIUM | N/A |
| PHP file include vulnerability in download.php in PHPSimplicity Simplicity oF Upload before 1.3.1 allows remote attackers to include arbitrary local and remote files via the language parameter and a terminating null ("%00") characters. | |||||
| CVE-2005-2608 | 1 Safehtml | 1 Safehtml | 2008-09-05 | 4.3 MEDIUM | N/A |
| SafeHTML before 1.3.5 does not properly filter script in UTF-7 and CSS comments, which allows remote attackers to conduct cross-site scripting (XSS) attacks in vulnerable applications that use SafeHTML. | |||||
| CVE-2005-2609 | 1 Vegadns | 1 Vegadns | 2008-09-05 | 5.0 MEDIUM | N/A |
| index.php in VegaDNS 0.8.1, 0.9.8, and possibly other versions, allows remote attackers to obtain the full server path via an invalid VDNS_Sessid parameter. | |||||
| CVE-2005-2610 | 1 Vegadns | 1 Vegadns | 2008-09-05 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in VegaDNS 0.8.1, 0.9.8, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via the message parameter. | |||||
| CVE-2005-2612 | 1 Wordpress | 1 Wordpress | 2008-09-05 | 7.5 HIGH | N/A |
| Direct code injection vulnerability in WordPress 1.5.1.3 and earlier allows remote attackers to execute arbitrary PHP code via the cache_lastpostdate[server] cookie. | |||||
| CVE-2005-2614 | 1 Crosscom Olicom | 1 Discuz | 2008-09-05 | 7.5 HIGH | N/A |
| Discuz! 4.0 rc4 does not properly restrict types of files that are uploaded to the server, which allows remote attackers to execute arbitrary commands via a filename containing ".php.rar" or other multiple extensions that include .php. | |||||
| CVE-2005-2615 | 1 Eqdkp | 1 Eqdkp | 2008-09-05 | 7.5 HIGH | N/A |
| Unknown vulnerability in session.php in EQdkp before 1.3.0 has unknown impact and attack vectors, possibly involving auto_login_id. | |||||
| CVE-2005-2617 | 1 Linux | 1 Linux Kernel | 2008-09-05 | 3.6 LOW | N/A |
| The syscall32_setup_pages function in syscall32.c for Linux kernel 2.6.12 and later, on the 64-bit x86 platform, does not check the return value of the insert_vm_struct function, which allows local users to trigger a memory leak via a 32-bit application with crafted ELF headers. | |||||