| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Whois Internic Lookup program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry. |
| Matt's Whois program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry. |
| CC Whois program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry. |
| The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option. |
| Windows NT does not properly download a system policy if the domain user logs into the domain with a space at the end of the domain name. |
| UnixWare pkgtrans allows local users to read arbitrary files via a symlink attack. |
| Buffer overflow in Internet Explorer 5 directshow filter (MSDXM.OCX) allows remote attackers to execute commands via the vnd.ms.radio protocol. |
| Error messages generated by gdm with the VerboseAuth setting allows an attacker to identify valid users on a system. |
| Buffer overflow in GoodTech Telnet Server NT allows remote users to cause a denial of service via a long login name. |
| HP VirtualVault with the PHSS_17692 patch allows unprivileged processes to bypass access restrictions via the Trusted Gateway Proxy (TGP). |
| Modifications to ACLs (Access Control Lists) in Microsoft Exchange 5.5 do not take effect until the directory store cache is refreshed. |
| Windows NT with SYSKEY reuses the keystream that is used for encrypting SAM password hashes, allowing an attacker to crack passwords. |
| Windows NT Local Security Authority (LSA) allows remote attackers to cause a denial of service via malformed arguments to the LsaLookupSids function which looks up the SID, aka "Malformed Security Identifier Request." |
| Buffer overflow in Infoseek Ultraseek search engine allows remote attackers to execute commands via a long GET request. |
| wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress. |
| Cisco Cache Engine allows an attacker to replace content in the cache. |
| Microsoft SQL 7.0 server allows a remote attacker to cause a denial of service via a malformed TDS packet. |
| The web administration interface for Cisco Cache Engine allows remote attackers to view performance statistics. |
| Cisco Cache Engine allows a remote attacker to gain access via a null username and password. |
| Netscape Navigator uses weak encryption for storing a user's Netscape mail password. |
