CVE List
Id | CVE No. | Status | Description | Phase | Votes | Comments | Actions |
---|---|---|---|---|---|---|---|
6927 | CVE-2003-0098 | Candidate | Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server. | Modified (20071016) | ACCEPT(4) Armstrong, Cole, Green, Jones | NOOP(2) Christey, Cox | Christey> SUSE:SuSE-SA:2003:022 | CALDERA:CSSA-2003-015.0 | Christey> DEBIAN:DSA-277 | URL:http://www.debian.org/security/2003/dsa-277 | Christey> CHANGEREF BID:6828 | (BID:7200 is for the overflows) | View |
6928 | CVE-2003-0099 | Candidate | Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before 3.10.5, may allow attackers to cause a denial of service or execute arbitrary code, related to usage of the vsprintf function. | Modified (20071016) | ACCEPT(4) Armstrong, Cole, Green, Jones | NOOP(2) Christey, Cox | Christey> SUSE:SuSE-SA:2003:022 | CALDERA:CSSA-2003-015.0 | Christey> DEBIAN:DSA-277 | URL:http://www.debian.org/security/2003/dsa-277 | Christey> As observed in an email to us by a third party, it appears | that 3.8.6 is probably not affected by this, so the | description should be changed to refer to "3.10.x before | 3.10.5, and 3.8.x before 3.8.6". | Christey> An email from Kern Sibbald on August 21, 2003, confirmed that | 3.8.6 and 3.10.5 fixed the issue. | | CONFIRM:http://sourceforge.net/project/shownotes.php?release_id=137892 | View |
5910 | CVE-2002-1526 | Candidate | Cross-site scripting (XSS) vulnerability in emumail.cgi for EMU Webmail 5.0 allows remote attackers to inject arbitrary HTML or script via the email address field. | Modified (20071016) | ACCEPT(2) Armstrong, Baker | NOOP(4) Christey, Cole, Cox, Wall | Christey> XF:emu-webmail-address-xss(10205) | URL:http://www.iss.net/security_center/static/10205.php | View |
5911 | CVE-2002-1527 | Candidate | emumail.cgi in EMU Webmail 5.0 allows remote attackers to determine the full pathname for emumail.cgi via a malformed string containing script, which generates a regular expression matching error that includes the pathname in the resulting error message. | Modified (20071016) | ACCEPT(2) Armstrong, Baker | NOOP(3) Cole, Cox, Wall | View | |
5919 | CVE-2002-1535 | Candidate | Secure Webserver 1.1 in Raptor 6.5 and Symantec Enterprise Firewall 6.5.2 allows remote attackers to identify IP addresses of hosts on the internal network via a CONNECT request, which generates different error messages if the host is present. | Modified (20071016) | ACCEPT(2) Armstrong, Baker | NOOP(4) Christey, Cole, Cox, Wall | Christey> XF:simple-webserver-topology-disclosure(10363) | URL:http://www.iss.net/security_center/static/10363.php | CONFIRM:http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11a.html | View |
Page 20472 of 20943, showing 5 records out of 104715 total, starting on record 102356, ending on 102360