| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Sendmail allows local users to reinitialize the aliases database via the newaliases command, then cause a denial of service by interrupting Sendmail. |
| Matt's Whois program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry. |
| Buffer overflow in Infoseek Ultraseek search engine allows remote attackers to execute commands via a long GET request. |
| Cisco Cache Engine allows an attacker to replace content in the cache. |
| The web administration interface for Cisco Cache Engine allows remote attackers to view performance statistics. |
| Cisco Cache Engine allows a remote attacker to gain access via a null username and password. |
| Netscape Navigator uses weak encryption for storing a user's Netscape mail password. |
| War FTP Daemon 1.70 allows remote attackers to cause a denial of service by flooding it with connections. |
| Groupwise web server GWWEB.EXE allows remote attackers to determine the real path of the web server via the HELP parameter. |
| Buffer overflow in VDO Live Player allows remote attackers to execute commands on the VDO client via a malformed .vdo file. |
| xsoldier program allows local users to gain root access via a long argument. |
| The Disney Go Express Search allows remote attackers to access and modify search information for users by connecting to an HTTP server on the user's system. |
| An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy. |
| SMTP component of Lotus Domino 4.6.1 on AS/400, and possibly other operating systems, allows a remote attacker to crash the mail server via a long string. |
| Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument. |
| Buffer overflow in Apple AppleShare Mail Server 5.0.3 on MacOS 8.1 and earlier allows a remote attacker to cause a denial of service (crash) via a long HELO command. |
| Seattle Labs Emurl 2.0, and possibly earlier versions, stores e-mail attachments in a specific directory with scripting enabled, which allows a malicious ASP file attachment to execute when the recipient opens the message. |
| IPChains in Linux kernels 2.2.10 and earlier does not reassemble IP fragments before checking the header information, which allows a remote attacker to bypass the filtering rules using several fragments with 0 offsets. |
| SpectroSERVER in Cabletron Spectrum Enterprise Manager 5.0 installs a directory tree with insecure permissions, which allows local users to replace a privileged executable (processd) with a Trojan horse, facilitating a root or Administrator compromise. |
| The installation of Novell Netware NDS 5.99 provides an unauthenticated client with Read access for the tree, which allows remote attackers to access sensitive information such as users, groups, and readable objects via CX.EXE and NLIST.EXE. |