| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH. |
| Ipswitch Imail 6.0 allows remote attackers to cause a denial of service via a large number of connections in which a long Host: header is sent, which causes a thread to crash. |
| Buffer overflow in ddicgi.exe program in Mobius DocumentDirect for the Internet 1.2 allows remote attackers to execute arbitrary commands via a long GET request. |
| Buffer overflow in the web authorization form of Mobius DocumentDirect for the Internet 1.2 allows remote attackers to cause a denial of service or execute arbitrary commands via a long username. |
| Buffer overflow in ddicgi.exe in Mobius DocumentDirect for the Internet 1.2 allows remote attackers to execute arbitrary commands via a long User-Agent parameter. |
| The tmpwatch utility in Red Hat Linux forks a new process for each directory level, which allows local users to cause a denial of service by creating deeply nested directories in /tmp or /var/tmp/. |
| annclist.exe in webTV for Windows allows remote attackers to cause a denial of service by via a large, malformed UDP packet to ports 22701 through 22705. |
| Buffer overflow in Fastream FTP++ 2.0 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long username. |
| Htgrep CGI program allows remote attackers to read arbitrary files by specifying the full pathname in the hdr parameter. |
| Buffer overflow in WinSMTP 1.06f and 2.X allows remote attackers to cause a denial of service via a long (1) USER or (2) HELO command. |
| The Windows 2000 telnet client attempts to perform NTLM authentication by default, which allows remote attackers to capture and replay the NTLM challenge/response via a telnet:// URL that points to the malicious server, aka the "Windows 2000 Telnet Client NTLM Authentication" vulnerability. |
| search.dll Sambar ISAPI Search utility in Sambar Server 4.4 Beta 3 allows remote attackers to read arbitrary directories by specifying the directory in the query parameter. |
| Fastream FUR HTTP server 1.0b allows remote attackers to cause a denial of service via a long GET request. |
| WinCOM LPD 1.00.90 allows remote attackers to cause a denial of service via a large number of LPD options to the LPD port (515). |
| Buffer overflow in XMail POP3 server before version 0.59 allows remote attackers to execute arbitrary commands via a long USER command. |
| Buffer overflow in XMail POP3 server before version 0.59 allows remote attackers to execute arbitrary commands via a long APOP command. |
| The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
| Buffer overflow in pam_smb and pam_ntdom pluggable authentication modules (PAM) allow remote attackers to execute arbitrary commands via a login with a long user name. |
| kdebug daemon (kdebugd) in Digital Unix 4.0F allows remote attackers to read arbitrary files by specifying the full file name in the initialization packet. |
| Buffer overflow in Darxite 0.4 and earlier allows a remote attacker to execute arbitrary commands via a long username or password. |
