CVE List

Id CVE No. Status Description Phase Votes Comments Actions
6927  CVE-2003-0098  Candidate  Unknown vulnerability in apcupsd before 3.8.6, and 3.10.x before 3.10.5, allows remote attackers to gain root privileges, possibly via format strings in a request to a slave server.  Modified (20071016)  ACCEPT(4) Armstrong, Cole, Green, Jones | NOOP(2) Christey, Cox  Christey> SUSE:SuSE-SA:2003:022 | CALDERA:CSSA-2003-015.0 | Christey> DEBIAN:DSA-277 | URL:http://www.debian.org/security/2003/dsa-277 | Christey> CHANGEREF BID:6828 | (BID:7200 is for the overflows)  View
6928  CVE-2003-0099  Candidate  Multiple buffer overflows in apcupsd before 3.8.6, and 3.10.x before 3.10.5, may allow attackers to cause a denial of service or execute arbitrary code, related to usage of the vsprintf function.  Modified (20071016)  ACCEPT(4) Armstrong, Cole, Green, Jones | NOOP(2) Christey, Cox  Christey> SUSE:SuSE-SA:2003:022 | CALDERA:CSSA-2003-015.0 | Christey> DEBIAN:DSA-277 | URL:http://www.debian.org/security/2003/dsa-277 | Christey> As observed in an email to us by a third party, it appears | that 3.8.6 is probably not affected by this, so the | description should be changed to refer to "3.10.x before | 3.10.5, and 3.8.x before 3.8.6". | Christey> An email from Kern Sibbald on August 21, 2003, confirmed that | 3.8.6 and 3.10.5 fixed the issue. | | CONFIRM:http://sourceforge.net/project/shownotes.php?release_id=137892  View
5910  CVE-2002-1526  Candidate  Cross-site scripting (XSS) vulnerability in emumail.cgi for EMU Webmail 5.0 allows remote attackers to inject arbitrary HTML or script via the email address field.  Modified (20071016)  ACCEPT(2) Armstrong, Baker | NOOP(4) Christey, Cole, Cox, Wall  Christey> XF:emu-webmail-address-xss(10205) | URL:http://www.iss.net/security_center/static/10205.php  View
5911  CVE-2002-1527  Candidate  emumail.cgi in EMU Webmail 5.0 allows remote attackers to determine the full pathname for emumail.cgi via a malformed string containing script, which generates a regular expression matching error that includes the pathname in the resulting error message.  Modified (20071016)  ACCEPT(2) Armstrong, Baker | NOOP(3) Cole, Cox, Wall    View
5919  CVE-2002-1535  Candidate  Secure Webserver 1.1 in Raptor 6.5 and Symantec Enterprise Firewall 6.5.2 allows remote attackers to identify IP addresses of hosts on the internal network via a CONNECT request, which generates different error messages if the host is present.  Modified (20071016)  ACCEPT(2) Armstrong, Baker | NOOP(4) Christey, Cole, Cox, Wall  Christey> XF:simple-webserver-topology-disclosure(10363) | URL:http://www.iss.net/security_center/static/10363.php | CONFIRM:http://securityresponse.symantec.com/avcenter/security/Content/2002.10.11a.html  View

Page 20472 of 20943, showing 5 records out of 104715 total, starting on record 102356, ending on 102360

Actions