Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain root privileges via (1) su, (2) chsh, (3) passwd, (4) chfn, (5) dxchpwd, and (6) libc.
Max CVSS
7.2
EPSS Score
0.08%
Published
2002-08-01
Updated
2017-07-11
Buffer overflow in quot in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.
Max CVSS
4.6
EPSS Score
0.04%
Published
2002-08-30
Updated
2017-07-11
Unknown vulnerability in ping in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to cause a denial of service.
Max CVSS
2.1
EPSS Score
0.05%
Published
2002-08-30
Updated
2017-07-11
Buffer overflow in binmail in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to gain privileges.
Max CVSS
4.6
EPSS Score
0.04%
Published
2002-08-30
Updated
2017-07-11
Buffer overflow in traceroute in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.
Max CVSS
4.6
EPSS Score
0.04%
Published
2002-08-31
Updated
2017-07-11
Buffer overflow in ypmatch in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allows local users to execute arbitrary code.
Max CVSS
4.6
EPSS Score
0.04%
Published
2002-08-31
Updated
2017-07-11
Multiple buffer overflows in HP Tru64 UNIX 5.1a, 5.1, 5.0a, 4.0g, and 4.0f allow local users to gain privileges via (1) lpc, (2) lpd, (3) lpq, (4) lpr, or (5) lprm.
Max CVSS
4.6
EPSS Score
0.04%
Published
2002-08-30
Updated
2017-07-11
Cross-site scripting (XSS) vulnerability in MyWebServer 1.0.2 allows remote attackers to insert script and HTML via a long request followed by the malicious script, which is echoed back to the user in an error message.
Max CVSS
4.3
EPSS Score
0.58%
Published
2002-08-14
Updated
2016-10-18
Buffer overflow in the search capability for MyWebServer 1.0.2 allows remote attackers to execute arbitrary code via a long searchTarget parameter.
Max CVSS
7.5
EPSS Score
4.37%
Published
2002-08-14
Updated
2016-10-18
Blazix before 1.2.2 allows remote attackers to read source code of JSP scripts or list restricted web directories via an HTTP request that ends in a (1) "+" or (2) "\" (backslash) character.
Max CVSS
5.0
EPSS Score
1.77%
Published
2002-08-24
Updated
2008-09-05
The error checking routine used for the C_Verify call on a symmetric verification key in the nCipher PKCS#11 library 1.2.0 and later returns the CKR_OK status even when it detects an invalid signature, which could allow remote attackers to modify or forge messages.
Max CVSS
5.0
EPSS Score
0.57%
Published
2002-08-01
Updated
2008-09-05
Cross-site scripting (XSS) vulnerability in CERN Proxy Server allows remote attackers to execute script as other users via a link to a non-existent page whose name contains the script, which is inserted into the resulting error page.
Max CVSS
4.3
EPSS Score
0.58%
Published
2002-08-12
Updated
2008-09-05
The Google toolbar 1.1.60, when running on Internet Explorer 5.5 and 6.0, allows remote attackers to cause a denial of service (crash with an exception in oleaut32.dll) via malicious HTML, possibly related to small width and height parameters or an incorrect call to the Google.Search() function.
Max CVSS
2.6
EPSS Score
6.52%
Published
2002-08-15
Updated
2021-07-23
LocalWEB2000 HTTP server 2.1.0 stores passwords in plain text under the web document root in users.lst, which allows remote attackers to obtain the passwords via a direct request to users.lst.
Max CVSS
5.0
EPSS Score
0.60%
Published
2002-08-29
Updated
2017-07-11
Linux-iSCSI iSCSI implementation installs the iscsi.conf file with world-readable permissions on some operating systems, including Red Hat Linux Limbo Beta #1, which could allow local users to gain privileges by reading the cleartext CHAP password.
Max CVSS
4.6
EPSS Score
0.04%
Published
2002-08-12
Updated
2016-10-18
Cisco VPN 5000 series concentrator hardware 6.0.21.0002 and earlier, and 5.2.23.0003 and earlier, when using RADIUS with a challenge type of Password Authentication Protocol (PAP) or Challenge, sends the user password in cleartext in a validation retry request, which could allow remote attackers to steal passwords via sniffing.
Max CVSS
5.0
EPSS Score
0.16%
Published
2002-08-12
Updated
2018-10-30
tinyproxy HTTP proxy 1.5.0, 1.4.3, and earlier allows remote attackers to execute arbitrary code via memory that is freed twice (double-free).
Max CVSS
7.5
EPSS Score
1.89%
Published
2002-08-12
Updated
2016-12-08
The decoder for Macromedia Shockwave Flash allows remote attackers to execute arbitrary code via a malformed SWF header that contains more data than the specified length.
Max CVSS
7.5
EPSS Score
7.33%
Published
2002-08-12
Updated
2016-10-18
Buffer overflow in Sun ONE / iPlanet Web Server 4.1 and 6.0 allows remote attackers to execute arbitrary code via an HTTP request using chunked transfer encoding.
Max CVSS
7.5
EPSS Score
5.16%
Published
2002-08-12
Updated
2016-10-18
Off-by-one overflow in the CVS PreservePermissions of rcs.c for CVSD before 1.11.2 allows local users to execute arbitrary code.
Max CVSS
7.8
EPSS Score
0.04%
Published
2002-08-12
Updated
2024-02-02
Buffer overflow in Eudora 5.1.1 and 5.0-J for Windows, and possibly other versions, allows remote attackers to execute arbitrary code via a multi-part message with a long boundary string.
Max CVSS
7.5
EPSS Score
7.95%
Published
2002-08-12
Updated
2016-10-18
Internet Explorer 5, 5.6, and 6 allows remote attackers to bypass cookie privacy settings and store information across browser sessions via the userData (storeuserData) feature.
Max CVSS
7.5
EPSS Score
1.00%
Published
2002-08-12
Updated
2021-07-23
The kqueue mechanism in FreeBSD 4.3 through 4.6 STABLE allows local users to cause a denial of service (kernel panic) via a pipe call in which one end is terminated and an EVFILT_WRITE filter is registered for the other end.
Max CVSS
2.1
EPSS Score
0.04%
Published
2002-08-12
Updated
2016-10-18
Network File System (NFS) in FreeBSD 4.6.1 RELEASE-p7 and earlier, NetBSD 1.5.3 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service (hang) via an RPC message with a zero length payload, which causes NFS to reference a previous payload and enter an infinite loop.
Max CVSS
5.0
EPSS Score
1.54%
Published
2002-08-12
Updated
2017-10-10
Integer overflow in the Berkeley Fast File System (FFS) in FreeBSD 4.6.1 RELEASE-p4 and earlier allows local users to access arbitrary file contents within FFS to gain privileges by creating a file that is larger than allowed by the virtual memory system.
Max CVSS
4.6
EPSS Score
0.04%
Published
2002-08-12
Updated
2016-10-18
253 vulnerabilities found
1 2 3 4 5 6 7 8 9 10 11
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!