Vulnerabilities (CVE)

Filter

130145 total CVE
CVE Vendors Products Updated CVSS
CVE-2003-0698 2008-09-10 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2003-0743. Reason: This candidate is a duplicate of CVE-2003-0743. Notes: All CVE users should reference CVE-2003-0743 instead of this candidate. All references and descriptions...
CVE-2003-0697 1 Ibm 1 Aix 2008-09-10 7.2
Format string vulnerability in lpd in the bos.rte.printers fileset for AIX 4.3 through 5.2, with debug enabled, allows local users to cause a denial of service (crash) or gain root privileges.
CVE-2003-0691 2008-09-10 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not associated with any specific security issue. Notes: none.
CVE-2003-0689 1 Redhat 1 Enterprise Linux 2008-09-10 7.5
The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow.
CVE-2003-0687 2008-09-10 N/A
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate has been revoked by its Candidate Numbering Authority (CNA) because it was internally assigned to a problem that was not reachable (the affected routine...
CVE-2003-0680 1 Sgi 1 Irix 2008-09-10 7.5
Unknown vulnerability in NFS for SGI IRIX 6.5.21 and earlier may allow an NFS client to bypass read-only restrictions.
CVE-2003-0679 1 Sgi 1 Irix 2008-09-10 2.1
Unknown vulnerability in the libcpr library for the Checkpoint/Restart (cpr) system on SGI IRIX 6.5.21f and earlier allows local users to truncate or overwrite certain files.
CVE-2003-0677 1 Cisco 1 Webns 2008-09-10 5.0
Cisco CSS 11000 routers on the CS800 chassis allow remote attackers to cause a denial of service (CPU consumption or reboot) via a large number of TCP SYN packets to the circuit IP address, aka "ONDM Ping failure."
CVE-2003-0672 1 Leon J Breedt 1 Pam-pgsql 2008-09-10 7.5
Format string vulnerability in pam-pgsql 0.5.2 and earlier allows remote attackers to execute arbitrary code via the username that isp rovided during authentication, which is not properly handled when recording a log message.
CVE-2003-0671 1 Jeremy Elson 1 Tcpflow 2008-09-10 7.2
Format string vulnerability in tcpflow, when used in a setuid context, allows local users to execute arbitrary code via the device name argument, as demonstrated in Sustworks IPNetSentryX and IPNetMonitorX the setuid program RunTCPFlow.
CVE-2003-0670 1 Sustainable Softworks 2 Ipnetsentryx, Ipnetmonitorx 2008-09-10 2.1
Sustworks IPNetSentryX and IPNetMonitorX allow local users to sniff network packets via the setuid helper applications (1) RunTCPDump, which calls tcpdump, and (2) RunTCPFlow, which calls tcpflow.
CVE-2003-0658 2 Caldera, Sco 4 Openserver, Openlinux Server, Openlinux Workstation and 1 more 2008-09-10 5.0
Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules.
CVE-2003-0654 1 Autorespond 1 Autorespond 2008-09-10 7.5
Buffer overflow in autorespond may allow remote attackers to execute arbitrary code as the autorespond user via qmail.
CVE-2003-0653 1 Netbsd 1 Netbsd 2008-09-10 5.0
The OSI networking kernel (sys/netiso) in NetBSD 1.6.1 and earlier does not use a BSD-required "PKTHDR" mbuf when sending certain error responses to the sender of an OSI packet, which allows remote attackers to cause a denial of service (kernel...
CVE-2003-0649 1 Xpcd 1 Xpcd 2008-09-10 7.2
Buffer overflow in xpcd-svga for xpcd 2.08 and earlier allows local users to execute arbitrary code via a long HOME environment variable.
CVE-2003-0647 1 Cisco 1 Ios 2008-09-10 7.5
Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET request.
CVE-2003-0646 1 Trend Micro 2 Housecall, Damage Cleanup Server 2008-09-10 7.5
Multiple buffer overflows in ActiveX controls used by Trend Micro HouseCall 5.5 and 5.7, and Damage Cleanup Server 1.0, allow remote attackers to execute arbitrary code via long parameter strings.
CVE-2003-0643 1 Linux 1 Linux Kernel 2008-09-10 2.1
Integer signedness error in the Linux Socket Filter implementation (filter.c) in Linux 2.4.3-pre3 to 2.4.22-pre10 allows attackers to cause a denial of service (crash).
CVE-2003-0613 1 Zblast 1 Zblast 2008-09-10 4.6
Buffer overflow in zblast-svgalib of zblast 1.2.1 and earlier allows local users to execute arbitrary code via the high score file.
CVE-2003-0610 1 Mcafee 1 Epolicy Orchestrator 2008-09-10 5.0
Directory traversal vulnerability in ePO agent for McAfee ePolicy Orchestrator 3.0 allows remote attackers to read arbitrary files via a certain HTTP request.