LanGuard reports



Supported OVAL Bulletins


More information on 2010 updates



ID:
CVE-2006-2313
Title:
SANS06C2: PostgreSQL 8.1 SQL injection vulnerability
Type:
Services
Bulletins:
CVE-2006-2313
CVE-2006-2313
SFBID18092
Severity:
High
Description:
PostgreSQL 8.1.x before 8.1.4 allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, aka one variant of "Encoding-Based SQL Injection."
Applies to:
Created:
2006-12-20
Updated:
2010-08-21

ID:
OVAL536
Title:
Windows Media Format ASF Parsing Vulnerability
Type:
Miscellaneous
Bulletins:
OVAL536
CVE-2006-4702
Severity:
Low
Description:
Buffer overflow in the Windows Media Format Runtime in Microsoft Windows Media Player (WMP) 6.4 and Windows XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file.
Applies to:
Windows Media Format Runtime 7.1
Windows Media Format Runtime 9.0
Windows Media Format Runtime 9.5
Windows Media Player 6.4
Created:
2006-12-13
Updated:
2015-12-22

ID:
OVAL761
Title:
Script Error Handling Memory Corruption Vulnerability
Type:
Web
Bulletins:
OVAL761
CVE-2006-5579
Severity:
Low
Description:
Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using JavaScript to cause certain errors simultaneously, which results in the access of previously freed memory, aka "Script Error Handling Memory Corruption Vulnerability."
Applies to:
Microsoft Internet Explorer
Created:
2006-12-13
Updated:
2015-08-03

ID:
OVAL337
Title:
TIF Folder Information Disclosure Vulnerability
Type:
Web
Bulletins:
OVAL337
CVE-2006-5578
Severity:
Low
Description:
Microsoft Internet Explorer 6 and earlier allows remote attackers to read Temporary Internet Files (TIF) and obtain sensitive information via unspecified vectors involving certain drag and drop operations, aka "TIF Folder Information Disclosure Vulnerability," and a different issue than CVE-2006-5577.
Applies to:
Microsoft Internet Explorer
Created:
2006-12-13
Updated:
2015-08-03

ID:
OVAL116
Title:
DHTML Script Function Memory Corruption Vulnerability
Type:
Web
Bulletins:
OVAL116
CVE-2006-5581
Severity:
Low
Description:
Unspecified vulnerability in Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code via certain DHTML script functions, such as normalize, and "incorrectly created elements" that trigger memory corruption, aka "DHTML Script Function Memory Corruption Vulnerability."
Applies to:
Microsoft Internet Explorer
Created:
2006-12-13
Updated:
2015-08-03

ID:
OVAL313
Title:
TIF Folder Information Disclosure Vulnerability
Type:
Web
Bulletins:
OVAL313
CVE-2006-5577
Severity:
Low
Description:
Microsoft Internet Explorer 6 and earlier allows remote attackers to obtain sensitive information via unspecified uses of the OBJECT HTML tag, which discloses the absolute path of the corresponding TIF folder, aka "TIF Folder Information Disclosure Vulnerability," and a different issue than CVE-2006-5578.
Applies to:
Microsoft Internet Explorer
Created:
2006-12-13
Updated:
2015-08-03

ID:
OVAL669
Title:
Windows Media Format ASX Parsing Vulnerability
Type:
Miscellaneous
Bulletins:
OVAL669
CVE-2006-6134
Severity:
Low
Description:
Heap-based buffer overflow in the WMCheckURLScheme function in WMVCORE.DLL in Microsoft Windows Media Player (WMP) 10.00.00.4036 on Windows XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via a long HREF attribute, using an unrecognized protocol, in a REF element in an ASX PlayList file.
Applies to:
Windows Media Format Runtime 7.1
Windows Media Format Runtime 9.0
Windows Media Format Runtime 9.5
Created:
2006-12-13
Updated:
2015-08-10

ID:
CVE-2006-6538
Title:
D-LINK DWL-2000AP+ firmware 2.11 allows remote attackers to cause (1) a denial of service (device reset) via a flood of ARP replies on the wired or wireless (radio) link and (2) a denial of service (device crash) via a flood of ARP requests on the...
Type:
Hardware
Bulletins:
CVE-2006-6538
Severity:
High
Description:
D-LINK DWL-2000AP+ firmware 2.11 allows remote attackers to cause (1) a denial of service (device reset) via a flood of ARP replies on the wired or wireless (radio) link and (2) a denial of service (device crash) via a flood of ARP requests on the wireless link.
Applies to:
DWL-2000AP
Created:
2006-12-13
Updated:
2017-02-28

ID:
CVE-2006-2753
Title:
SANS06C2: SQL Injection vulnerability in MySQL 4.1.x
Type:
Services
Bulletins:
CVE-2006-2753
SFBID18219
Severity:
High
Description:
SQL injection vulnerability in MySQL 4.1.x before 4.1.20 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input.
Applies to:
MySQL 4.1
Created:
2006-12-12
Updated:
2010-08-21

ID:
CVE-2006-2753
Title:
SANS06C2: SQL Injection vulnerability in MySQL 5.0.x
Type:
Services
Bulletins:
CVE-2006-2753
SFBID18219
Severity:
High
Description:
SQL injection vulnerability in MySQL 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input.
Applies to:
MySQL 5
Created:
2006-12-12
Updated:
2010-08-21

ID:
CVE-2006-2313
Title:
SANC06C2: PostgreSQL 8.0 SQL injection vulnerability
Type:
Services
Bulletins:
CVE-2006-2313
CVE-2006-2313
SFBID18092
Severity:
High
Description:
PostgreSQL 8.0.x before 8.0.8 allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, aka one variant of "Encoding-Based SQL Injection."
Applies to:
Created:
2006-12-12
Updated:
2010-08-21

ID:
CVE-2006-2313
Title:
SANS06C2: PostgreSQL 8.0 SQL injection vulnerability
Type:
Services
Bulletins:
CVE-2006-2313
CVE-2006-2313
SFBID18092
Severity:
High
Description:
PostgreSQL 8.0.x before 8.0.8 allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, aka one variant of "Encoding-Based SQL Injection."
Applies to:
Created:
2006-12-12
Updated:
2010-08-21

ID:
CVE-2005-3641
Title:
SANS06C2: Multiple vulnerabilities in Oracle Database 9i
Type:
Services
Bulletins:
CVE-2005-3641
CVE-2006-0256
CVE-2006-0257
CVE-2006-0258
CVE-2006-0260
CVE-2006-0261
CVE-2006-0262
CVE-2006-0263
CVE-2006-0265
CVE-2006-0266
CVE-2006-0267
CVE-2006-0268
CVE-2006-0271
CVE-2006-0272
CVE-2006-0282
CVE-2006-0290
CVE-2006-0286
CVE-2006-0285
SFBID15450
SFBID16287
SFBID17590
Severity:
High
Description:
Multiple vulnerabilities exist in some versions of Oracle Database Server 9i. It is recommended to update to the latest versions or apply the latest patches.
Applies to:
Oracle Database 9
Created:
2006-12-11
Updated:
2010-08-21

ID:
CVE-2005-3641
Title:
SANS06C2: Multiple vulnerabilities in Oracle Database 10g
Type:
Services
Bulletins:
CVE-2005-3641
CVE-2005-3641
CVE-2006-0257
CVE-2006-0259
CVE-2006-0259
CVE-2006-0261
CVE-2006-0262
CVE-2006-0263
CVE-2006-0265
CVE-2006-0266
CVE-2006-0267
CVE-2006-0268
CVE-2006-0269
CVE-2006-0270
CVE-2006-0271
CVE-2006-0271
CVE-2006-0272
CVE-2006-0282
SFBID15450
SFBID16287
SFBID16384
SFBID17590
SFBID16294
SFBID19054
Severity:
High
Description:
Multiple vulnerabilities exist in some versions of Oracle Database Server 10g. It is recommended to update to the latest versions or apply the latest patches.
Applies to:
Oracle Database 10
Created:
2006-12-06
Updated:
2010-08-21

ID:
CVE-2006-5478
Title:
SANS07S6: Multiple vulnerabilities in Novell eDirectory 8.x
Type:
Software
Bulletins:
CVE-2006-5478
CVE-2006-4509
CVE-2006-4510
CVE-2006-4177
CVE-2006-2496
SFBID20655
SFBID20853
SFBID20663
SFBID20664
SFBID18026
Severity:
High
Description:
Multiple vulnerabilities exist in Novell eDirectory 8.8.x before 8.8.1 FTF1, and 8.x up to 8.7.3.8. These include overflow attacks that allow remote code execution and denial of service.
Applies to:
Created:
2006-12-04
Updated:
2010-08-21

ID:
CVE-2006-0992
Title:
SANS07S6: Stack-based buffer overflow in Novell GroupWise Messenger
Type:
Software
Bulletins:
CVE-2006-0992
SFBID17503
Severity:
High
Description:
Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary code via a long Accept-Language value without a comma or semicolon.
Applies to:
Created:
2006-12-01
Updated:
2010-08-21

ID:
CVE-2006-0323
Title:
SANS06C5: Buffer overflow in swfformat.dll in Real Rhapsody 3
Type:
Software
Bulletins:
CVE-2006-0323
SFBID17202
Severity:
High
Description:
Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including Rhapsody 3 allows remote attackers to execute arbitrary code via a crafted SWF (Flash) file with (1) a a size value that is less than the actual size, or (2) other unspecified manipulations.
Applies to:
RealNetworks Rhapsody
Created:
2006-11-30
Updated:
2010-08-21

ID:
CVE-2005-1928
Title:
SANS07C6: Multiple vulnerabilities in Trend Micro ServerProtect EarthAgent 5.58 and earlier
Type:
Software
Bulletins:
CVE-2005-1928
CVE-2005-1929
SFBID15865
SFBID15866
SFBID15868
Severity:
High
Description:
Multiple vulnerabilities exist in Trend Micro ServerProtect EarthAgent versions 5.58 and earlier. These include multiple heap-based buffer overflows and denial of service.
Applies to:
Trend Micro ServerProtect
Created:
2006-11-30
Updated:
2010-08-21

ID:
CVE-2005-2628
Title:
SANS06C5: Multiple vulnerabilities in Macromedia Flash
Type:
Software
Bulletins:
CVE-2005-2628
CVE-2005-3591
SFBID15332
SFBID15334
Severity:
High
Description:
Multiple vulnerabilities exist in Macromedia Flash versions 7.0.19.0 and earlier. These include denial of service and remote execution.
Applies to:
Created:
2006-11-28
Updated:
2010-08-21

ID:
CVE-2006-1370
Title:
SANS06C5: Multiple Vulnerabilities in RealPlayer
Type:
Software
Bulletins:
CVE-2006-1370
CVE-2005-2922
CVE-2005-4126
CVE-2005-3677
CVE-2005-2936
SFBID17202
SFBID15691
SFBID15398
SFBID15448
Severity:
High
Description:
Multiple vulnerabilities exist in RealNetworks RealPlayer in versions 10.5 6.0.12.1348 and earlier. These include buffer overflows, and possibility of remote code execution and denial of service. It is suggested to update to the latest version.
Applies to:
RealNetworks RealPlayer
Created:
2006-11-27
Updated:
2010-08-21

ID:
CVE-2006-1249
Title:
SANS06C5: Multiple iTunes and QuickTime Vulnerabilities
Type:
Software
Bulletins:
CVE-2006-1249
CVE-2005-4092
CVE-2005-3713
CVE-2006-2238
CVE-2006-1456
CVE-2005-3711
CVE-2005-3710
CVE-2005-3709
CVE-2005-3708
CVE-2005-3707
CVE-2005-2340
CVE-2005-2743
SFBID17074
SFBID15732
SFBID17953
SFBID16202
Severity:
High
Description:
Multiple vulnerabilities exist in QuickTime Player versions before 7.0.4, and in iTunes 6.0.2 and earlier. These include integer overflow, and heap-based buffer overflows. It is recommended to update to the latest versions of these products.
Applies to:
iTunes and QuickTime
Created:
2006-11-27
Updated:
2010-08-21

ID:
CVE-2005-2310
Title:
SANS06C5: Multiple buffer overflows in NullSoft Winamp 5.13 and earlier
Type:
Software
Bulletins:
CVE-2005-2310
CVE-2005-3188
CVE-2005-3188
SFBID16623
SFBID16462
SFBID14276
Severity:
High
Description:
Multiple buffer overflow vulnerabilities exist in Winamp 5.13 and earlier which allow remote code execution. It is recommended to update to the latest version.
Applies to:
Nullsoft Winamp
Created:
2006-11-27
Updated:
2010-08-21

ID:
CVE-2006-6055
Title:
Stack-based buffer overflow in A5AGU.SYS 1.0.1.41 for the D-Link DWL-G132 wireless adapter allows remote attackers to execute arbitrary code via a 802.11 beacon request with a long Rates information element (IE).
Type:
Hardware
Bulletins:
CVE-2006-6055
SFBID21032
Severity:
High
Description:
Stack-based buffer overflow in A5AGU.SYS 1.0.1.41 for the D-Link DWL-G132 wireless adapter allows remote attackers to execute arbitrary code via a 802.11 beacon request with a long Rates information element (IE).
Applies to:
DWL-G132
Created:
2006-11-21
Updated:
2017-02-28

ID:
SFBID715
Title:
Sendmail 8-8-4
Type:
Mail
Bulletins:
SFBID715
Severity:
High
Description:
Berkeley Sendmail is prone to a group permissions vulnerability. When delivering mail to a program which is listed in a .forward or :include: file, this program will be run the group permissions possessed by the owner of the .forward or :include: file. The owner of the file is used to initialize the list of group permissions obtained by scanning the /etc/group file, that are in force when the program is run. In such an environment it is possible to attain group permissions one should not have by linking to a file that is owned by someone else who has group write permissions. In order to solve such a problem one should upgrade to at least version 8.8.4 of sendmail or else install a vendor supplied patch.
Applies to:
Sendmail
Created:
2006-11-10
Updated:
2010-08-21

ID:
CVE-2006-5536
Title:
Directory traversal vulnerability in cgi-bin/webcm in D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote attackers to read arbitrary files via a .. (dot dot) in the getpage parameter.
Type:
Hardware
Bulletins:
CVE-2006-5536
SFBID20689
Severity:
Medium
Description:
Directory traversal vulnerability in cgi-bin/webcm in D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote attackers to read arbitrary files via a .. (dot dot) in the getpage parameter.
Applies to:
DSL-G624T
Created:
2006-10-26
Updated:
2017-02-28

ID:
CVE-2006-5537
Title:
Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/webcm in D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allow remote attackers to inject arbitrary web script or HTML via the (1) upnp:settings/state or (2) upnp:settings/connection...
Type:
Hardware
Bulletins:
CVE-2006-5537
Severity:
Medium
Description:
Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/webcm in D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allow remote attackers to inject arbitrary web script or HTML via the (1) upnp:settings/state or (2) upnp:settings/connection parameters.
Applies to:
DSL-G624T
Created:
2006-10-26
Updated:
2017-02-28

ID:
CVE-2006-5538
Title:
D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote attackers to list contents of the cgi-bin directory via unspecified vectors, probably a direct request.
Type:
Hardware
Bulletins:
CVE-2006-5538
Severity:
Medium
Description:
D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote attackers to list contents of the cgi-bin directory via unspecified vectors, probably a direct request.
Applies to:
DSL-G624T
Created:
2006-10-26
Updated:
2017-02-28

ID:
CVE-2006-5553
Title:
Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan...
Type:
Hardware
Bulletins:
CVE-2006-5553
SFBID20737
Severity:
High
Description:
Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options.
Applies to:
Unified Callmanager
Created:
2006-10-26
Updated:
2017-02-28

ID:
CVE-2006-5382
Title:
3Com Switch SS3 4400 switches, firmware 5.11, 6.00 and 6.10 and earlier, allow remote attackers to read the SNMP Read-Write Community string and conduct unauthorized actions via unspecified "normally restricted management packets on the device" that...
Type:
Hardware
Bulletins:
CVE-2006-5382
SFBID20736
Severity:
High
Description:
3Com Switch SS3 4400 switches, firmware 5.11, 6.00 and 6.10 and earlier, allow remote attackers to read the SNMP Read-Write Community string and conduct unauthorized actions via unspecified "normally restricted management packets on the device" that cause the community string to be returned.
Applies to:
3Com SS3-4400-24PWR
3Com SS3-4400-24PWR
3Com SS3-4400-24PWR
Created:
2006-10-25
Updated:
2017-02-28

ID:
REF000161
Title:
Ftp Exposing Full Path
Type:
FTP
Bulletins: Severity:
Medium
Description:
Anonymous FTP is exposing full path. This might give out sensitive information or mean that the ftp server is misconfigured.
Applies to:
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000177
Title:
Apache Tomcat running
Type:
Information
Bulletins: Severity:
Information
Description:
Apache Tomcat running on port 8080
Applies to:
Apache Tomcat
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000180
Title:
Microsoft SQL server
Type:
Information
Bulletins: Severity:
Information
Description:
Microsoft SQL server is installed on this computer.
Applies to:
Microsoft SQL
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000181
Title:
MySQL (open source database) running
Type:
Information
Bulletins: Severity:
Information
Description:
MySQL is running on this computer.
Applies to:
MySQL
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000182
Title:
Oracle HTTP Server running
Type:
Information
Bulletins: Severity:
Information
Description:
Oracle HTTP server running on this computer.
Applies to:
Oracle
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000185
Title:
Squid running
Type:
Information
Bulletins: Severity:
Information
Description:
Squid Web Proxy Cache is running on this computer.
Applies to:
Squid
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000188
Title:
Sub7 server passworded
Type:
Information
Bulletins: Severity:
Information
Description:
Verify if the Sub7 server is passworded or not
Applies to:
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000190
Title:
Webmin running
Type:
Information
Bulletins: Severity:
Information
Description:
Webmin installed and running on this computer (port 10000)
Applies to:
Webmin
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000192
Title:
List of modems installed
Type:
Information
Bulletins: Severity:
Information
Description:
lists the installed modem drivers
Applies to:
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000193
Title:
Citrix server running on this host
Type:
Information
Bulletins: Severity:
Information
Description:
For information only
Applies to:
Citrix
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000194
Title:
Finger service running
Type:
Information
Bulletins: Severity:
Information
Description:
Using a finger server a remote user can get a wide range of information regarding users on the local machine.
Applies to:
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000195
Title:
IMAP4 server banner provides information to attacker
Type:
Information
Bulletins: Severity:
Information
Description:
Imap banners with information such as server versions and types should be omitted where possible. Instead you can change them to something more generic that will hide such information from potential intruders.
Applies to:
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000196
Title:
Some POP3 server banners providing information to attacker
Type:
Information
Bulletins: Severity:
Information
Description:
The script displays the information provided by the POP3 server. This information could help an attacker choose the best attack vector for the server.
Applies to:
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000197
Title:
VNC server listening on port 5901
Type:
Information
Bulletins: Severity:
Information
Description:
The remote server is running VNC. VNC permits a console to be displayed remotely and should be disabled if not required. VNC can be blocked using a firewall or simply by stopping the VNC service.
Applies to:
VNC
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000240
Title:
BugBear-B backdoor
Type:
Miscellaneous
Bulletins: Severity:
High
Description:
BugBear.B (worm) leaves a backdoor which allows hackers remote access to your computer.
Applies to:
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000245
Title:
Upnp helper is running
Type:
Miscellaneous
Bulletins: Severity:
Low
Description:
This service is not recommended to be running production machines.
Applies to:
UPnP
Created:
2006-10-17
Updated:
2010-08-21

ID:
REF000252
Title:
Sasser worm
Type:
Miscellaneous
Bulletins: Severity:
High
Description:
Sasser worm leaves a backdoor on port 5554 which allows transfer of files. Make sure you run an Antivirus on the infected computer.
Applies to:
Created:
2006-10-17
Updated:
2010-08-21

ID:
CVE-2006-5202
Title:
Linksys WRT54g firmware 1.00.9 does not require credentials when making configuration changes, which allows remote attackers to modify arbitrary configurations via a direct request to Security.tri, as demonstrated using the SecurityMode and layout...
Type:
Hardware
Bulletins:
CVE-2006-5202
SFBID19347
Severity:
Medium
Description:
Linksys WRT54g firmware 1.00.9 does not require credentials when making configuration changes, which allows remote attackers to modify arbitrary configurations via a direct request to Security.tri, as demonstrated using the SecurityMode and layout parameters, a different issue than CVE-2006-2559.
Applies to:
wrt54g
Created:
2006-10-10
Updated:
2017-02-28

ID:
OVAL100
Title:
VML Buffer Overrun Vulnerability
Type:
Web
Bulletins:
OVAL100
CVE-2006-4868
Severity:
Low
Description:
Stack-based buffer overflow in the Vector Graphics Rendering engine (vgx.dll), as used in Microsoft Outlook and Internet Explorer 6.0 on Windows XP SP2, and possibly other versions, allows remote attackers to execute arbitrary code via a Vector Markup Language (VML) file with a long fill parameter within a rect tag.
Applies to:
Microsoft Internet Explorer
Created:
2006-09-27
Updated:
2015-08-03

ID:
CVE-2006-4950
Title:
Cisco IOS DOCSIS Persistent Default SNMP Community String
Type:
Hardware
Bulletins:
CVE-2006-4950
SFBID20125
Severity:
High
Description:
Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, the VG224 Analog Phone Gateway, and the MWR 1900 and 1941 Mobile Wireless Edge Routers, is incorrectly identified as supporting DOCSIS, which allows remote attackers to gain read-write access via a hard-coded cable-docsis community string and read or modify arbitrary SNMP variables.
Applies to:
Created:
2006-09-23
Updated:
2017-02-28

ID:
OVAL160
Title:
Windows Server 2003 Plug and Play Buffer Overflow Vulnerability
Type:
Miscellaneous
Bulletins:
OVAL160
CVE-2005-1983
Severity:
Low
Description:
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
Applies to:
Created:
2006-09-22
Updated:
2016-02-19

ID:
OVAL256
Title:
Windows XP,SP2 Print Spooler Service Buffer Overflow
Type:
Miscellaneous
Bulletins:
OVAL256
CVE-2005-1984
Severity:
Low
Description:
Buffer overflow in the Print Spooler service (Spoolsv.exe) for Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via a malicious message.
Applies to:
Created:
2006-09-22
Updated:
2016-02-19

ID:
OVAL783
Title:
Windows Server 2003 Plug and Play Buffer Overflow Vulnerability
Type:
Miscellaneous
Bulletins:
OVAL783
CVE-2005-1983
Severity:
Low
Description:
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
Applies to:
Created:
2006-09-22
Updated:
2016-02-19

ID:
OVAL180
Title:
Windows 2000,SP4 Remote Desktop Protocol (RDP) DoS Vulnerability
Type:
Miscellaneous
Bulletins:
OVAL180
CVE-2005-1218
Severity:
Low
Description:
The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests.
Applies to:
Created:
2006-09-22
Updated:
2016-02-19

ID:
OVAL497
Title:
Windows XP,SP2 Plug and Play Buffer Overflow Vulnerability
Type:
Miscellaneous
Bulletins:
OVAL497
CVE-2005-1983
Severity:
Low
Description:
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
Applies to:
Created:
2006-09-22
Updated:
2016-02-19

ID:
OVAL376
Title:
Windows XP,SP2 Remote Desktop Protocol (RDP) DoS Vulnerability
Type:
Miscellaneous
Bulletins:
OVAL376
CVE-2005-1218
Severity:
Low
Description:
The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests.
Applies to:
Created:
2006-09-22
Updated:
2016-02-19

ID:
OVAL346
Title:
Windows Server 2003,SP1 Remote Desktop Protocol (RDP) DoS Vulnerability
Type:
Miscellaneous
Bulletins:
OVAL346
CVE-2005-1218
Severity:
Low
Description:
The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests.
Applies to:
Created:
2006-09-22
Updated:
2016-02-19

ID:
OVAL474
Title:
Windows 2000 Plug and Play Buffer Overflow Vulnerability
Type:
Miscellaneous
Bulletins:
OVAL474
CVE-2005-1983
Severity:
Low
Description:
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
Applies to:
Created:
2006-09-22
Updated:
2016-02-19

ID:
OVAL618
Title:
Windows XP,SP1 Remote Desktop Protocol (RDP) DoS Vulnerability
Type:
Miscellaneous
Bulletins:
OVAL618
CVE-2005-1218
Severity:
Low
Description:
The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests.
Applies to:
Created:
2006-09-22
Updated:
2016-02-19

ID:
OVAL267
Title:
Windows XP Plug and Play Buffer Overflow Vulnerability
Type:
Miscellaneous
Bulletins:
OVAL267
CVE-2005-1983
Severity:
Low
Description:
Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm.
Applies to:
Created:
2006-09-22
Updated:
2016-02-19

ID:
OVAL609
Title:
Windows Server 2003 Remote Desktop Protocol (RDP) DoS Vulnerability
Type:
Miscellaneous
Bulletins:
OVAL609
CVE-2005-1218
Severity:
Low
Description:
The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests.
Applies to:
Created:
2006-09-22
Updated:
2016-02-19

ID:
CVE-2006-4774
Title:
Cisco IOS VTP Version Field DoS
Type:
Hardware
Bulletins:
CVE-2006-4774
SFBID19998
Severity:
High
Description:
The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to cause a denial of service by sending a VTP version 1 summary frame with a VTP version field value of 2.
Applies to:
Created:
2006-09-13
Updated:
2017-02-28

ID:
CVE-2006-4775
Title:
Cisco IOS VTP Revision Integer Wrap DoS
Type:
Hardware
Bulletins:
CVE-2006-4775
SFBID19998
Severity:
High
Description:
The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context.
Applies to:
Created:
2006-09-13
Updated:
2017-02-28

ID:
CVE-2006-4776
Title:
Cisco IOS VTP VLAN Name Overflow
Type:
Hardware
Bulletins:
CVE-2006-4776
SFBID19998
Severity:
High
Description:
Heap-based buffer overflow in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to execute arbitrary code via a long VLAN name in a VTP type 2 summary advertisement.
Applies to:
Created:
2006-09-13
Updated:
2017-02-28

ID:
CVE-2006-4662
Title:
SANS06C4: ICQ 2003b Buffer Overflow
Type:
Software
Bulletins:
CVE-2006-4662
SFBID19897
Severity:
High
Description:
Heap-based buffer overflow in the MCRegEx__Search function in AOL ICQ Pro 2003b Build 3916 and earlier allows remote attackers to execute arbitrary code via an inconsistent length field of a Message in a 0x2711 Type-Length-Value (TLV) type.
Applies to:
AOL ICQ
Created:
2006-09-12
Updated:
2010-08-21

ID:
CVE-2006-4650
Title:
Cisco IOS GRE Packet Decapsulation
Type:
Hardware
Bulletins:
CVE-2006-4650
SFBID19878
Severity:
Low
Description:
Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to an integer overflow that references data from incorrect memory locations, which allows remote attackers to inject crafted packets into the routing queue, possibly bypassing intended router ACLs.
Applies to:
Created:
2006-09-08
Updated:
2017-02-28

ID:
CVE-2006-4430
Title:
The Cisco Network Admission Control (NAC) 3.6.4.1 and earlier allows remote attackers to prevent installation of the Cisco Clean Access (CCA) Agent and bypass local and remote protection mechanisms by modifying (1) the HTTP User-Agent header or (2)...
Type:
Hardware
Bulletins:
CVE-2006-4430
SFBID19726
Severity:
Medium
Description:
The Cisco Network Admission Control (NAC) 3.6.4.1 and earlier allows remote attackers to prevent installation of the Cisco Clean Access (CCA) Agent and bypass local and remote protection mechanisms by modifying (1) the HTTP User-Agent header or (2) the behavior of the TCP/IP stack. NOTE: the vendor has disputed the severity of this issue, stating that users cannot bypass authentication mechanisms.
Applies to:
Created:
2006-08-28
Updated:
2017-02-28

ID:
CVE-2006-4352
Title:
The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information.
Type:
Hardware
Bulletins:
CVE-2006-4352
Severity:
Medium
Description:
The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information.
Applies to:
Cisco CSS 11100 Content Services Switch Series
Created:
2006-08-25
Updated:
2017-02-28

ID:
CVE-2006-2112
Title:
Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, allows remote attackers to use the FTP...
Type:
Hardware
Bulletins:
CVE-2006-2112
SFBID19711
Severity:
High
Description:
Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, allows remote attackers to use the FTP printing interface as a proxy ("FTP bounce") by using arbitrary PORT arguments to connect to systems for which access would be otherwise restricted.
Applies to:
Laser Printer 5100cn
Laser Printer 3100cn
Created:
2006-08-24
Updated:
2017-02-28

ID:
CVE-2006-2113
Title:
The embedded HTTP server in Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, does not...
Type:
Hardware
Bulletins:
CVE-2006-2113
SFBID19716
Severity:
Medium
Description:
The embedded HTTP server in Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, does not properly perform authentication for HTTP requests, which allows remote attackers to modify system configuration via crafted requests, including changing the administrator password or causing a denial of service to the print server.
Applies to:
Laser Printer 5100cn
Laser Printer 3100cn
Created:
2006-08-24
Updated:
2017-02-28

ID:
CVE-2006-4312
Title:
Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user...
Type:
Hardware
Bulletins:
CVE-2006-4312
SFBID19681
Severity:
Medium
Description:
Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user passwords, and the enable password to be changed to a "non-random value" under certain circumstances, which causes administrators to be locked out and might allow attackers to gain access.
Applies to:
Cisco PIX 535 Firewall
Cisco PIX 525 Firewall
Cisco PIX 506 Firewall
Cisco PIX 501 Firewall
Cisco PIX 520 Firewall
Cisco PIX 515 Firewall
Cisco PIX 515E Firewall
Created:
2006-08-23
Updated:
2017-02-28

ID:
CVE-2006-4313
Title:
Cisco VPN 3000 Concentrator FTP Management Unauthorized Command Execution
Type:
Hardware
Bulletins:
CVE-2006-4313
SFBID19680
Severity:
Medium
Description:
Multiple unspecified vulnerabilities in Cisco VPN 3000 series concentrators before 4.1, 4.1.x up to 4.1(7)L, and 4.7.x up to 4.7(2)F allow attackers to execute the (1) CWD, (2) MKD, (3) CDUP, (4) RNFR, (5) SIZE, and (6) RMD FTP commands to modify files or create and delete directories via unknown vectors.
Applies to:
Created:
2006-08-23
Updated:
2017-02-28

ID:
CVE-2006-4194
Title:
** DISPUTED ** Unspecified vulnerability in Cisco PIX 500 Series Security Appliances allows remote attackers to send arbitrary UDP packets to intranet devices via unspecified vectors involving Session Initiation Protocol (SIP) fixup commands, a...
Type:
Hardware
Bulletins:
CVE-2006-4194
SFBID19536
Severity:
Medium
Description:
** DISPUTED ** Unspecified vulnerability in Cisco PIX 500 Series Security Appliances allows remote attackers to send arbitrary UDP packets to intranet devices via unspecified vectors involving Session Initiation Protocol (SIP) fixup commands, a different issue than CVE-2006-4032. NOTE: the vendor, after working with the researcher, has been unable to reproduce the issue.
Applies to:
Cisco PIX 535 Firewall
Cisco PIX 525 Firewall
Cisco PIX 506 Firewall
Cisco PIX 501 Firewall
Cisco PIX 520 Firewall
Cisco PIX 515 Firewall
Cisco PIX 515E Firewall
Created:
2006-08-16
Updated:
2017-02-28

ID:
CVE-2006-4143
Title:
Netgear FVG318 running firmware 1.0.40 allows remote attackers to cause a denial of service (router reset) via TCP packets with bad checksums.
Type:
Hardware
Bulletins:
CVE-2006-4143
SFBID19468
Severity:
High
Description:
Netgear FVG318 running firmware 1.0.40 allows remote attackers to cause a denial of service (router reset) via TCP packets with bad checksums.
Applies to:
FVG318 Router
Created:
2006-08-14
Updated:
2017-02-28

ID:
OVAL433
Title:
HTML Layout and Positioning Memory Corruption Vulnerability
Type:
Web
Bulletins:
OVAL433
CVE-2006-3450
Severity:
Low
Description:
Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using the document.getElementByID Javascript function to access crafted Cascading Style Sheet (CSS) elements, and possibly other unspecified vectors involving certain layout positioning combinations in an HTML file.
Applies to:
Microsoft Internet Explorer
Created:
2006-08-11
Updated:
2015-08-03

ID:
OVAL577
Title:
Source Element Cross-Domain Vulnerability
Type:
Web
Bulletins:
OVAL577
CVE-2006-3639
Severity:
Low
Description:
Microsoft Internet Explorer 5.01 and 6 does not properly identify the originating domain zone when handling redirects, which allows remote attackers to read cross-domain web pages and possibly execute code via unspecified vectors involving a crafted web page, aka "Source Element Cross-Domain Vulnerability."
Applies to:
Microsoft Internet Explorer
Created:
2006-08-11
Updated:
2015-08-03

ID:
OVAL694
Title:
Visual Basic for Applications Vulnerability
Type:
Software
Bulletins:
OVAL694
CVE-2006-3649
Severity:
Low
Description:
Buffer overflow in Microsoft Visual Basic for Applications (VBA) SDK 6.0 through 6.4, as used by Microsoft Office 2000 SP3, Office XP SP3, Project 2000 SR1, Project 2002 SP1, Access 2000 Runtime SP3, Visio 2002 SP2, and Works Suite 2004 through 2006, allows user-assisted attackers to execute arbitrary code via unspecified document properties that are not verified when VBA is invoked to open documents.
Applies to:
Microsoft Visual Basic 6.0
Created:
2006-08-11
Updated:
2015-08-10

ID:
OVAL502
Title:
HTML Rendering Memory Corruption Vulnerability
Type:
Web
Bulletins:
OVAL502
CVE-2006-3637
Severity:
Low
Description:
Microsoft Internet Explorer 5.01 SP4 and 6 does not properly handle various HTML layout component combinations, which allows user-assisted remote attackers to execute arbitrary code via a crafted HTML file that leads to memory corruption, aka "HTML Rendering Memory Corruption Vulnerability."
Applies to:
Microsoft Internet Explorer
Created:
2006-08-11
Updated:
2015-08-03

ID:
OVAL171
Title:
Window Location Information Disclosure Vulnerability
Type:
Web
Bulletins:
OVAL171
CVE-2006-3640
Severity:
Low
Description:
Microsoft Internet Explorer 5.01 and 6 allows certain script to persist across navigations between pages, which allows remote attackers to obtain the window location of visited web pages in other domains or zones, aka "Window Location Information Disclosure Vulnerability."
Applies to:
Microsoft Internet Explorer
Created:
2006-08-11
Updated:
2015-08-03

ID:
OVAL738
Title:
Redirect Cross-Domain Information Disclosure Vulnerability
Type:
Web
Bulletins:
OVAL738
CVE-2006-3280
Severity:
Low
Description:
Cross-domain vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, aka "Redirect Cross-Domain Information Disclosure Vulnerability."
Applies to:
Microsoft Internet Explorer
Created:
2006-08-11
Updated:
2015-08-03

ID:
OVAL5
Title:
CSS Memory Corruption Vulnerability
Type:
Web
Bulletins:
OVAL5
CVE-2006-3451
Severity:
Low
Description:
Microsoft Internet Explorer 5 SP4 and 6 do not properly garbage collect when "multiple imports are used on a styleSheets collection" to construct a chain of Cascading Style Sheets (CSS), which allows remote attackers to execute arbitrary code via unspecified vectors.
Applies to:
Microsoft Internet Explorer
Created:
2006-08-11
Updated:
2015-08-03

ID:
OVAL462
Title:
FTP Server Command Injection Vulnerability
Type:
Web
Bulletins:
OVAL462
CVE-2004-1166
Severity:
Low
Description:
CRLF injection vulnerability in Microsoft Internet Explorer 6.0.2800.1106 and earlier allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT command.
Applies to:
Microsoft Internet Explorer
Created:
2006-08-11
Updated:
2015-08-03

ID:
OVAL719
Title:
COM Object Instantiation Memory Corruption Vulnerability
Type:
Web
Bulletins:
OVAL719
CVE-2006-3638
Severity:
Low
Description:
Microsoft Internet Explorer 5.01 and 6 does not properly handle uninitialized COM objects, which allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code, as demonstrated by the Nth function in the DirectAnimation.DATuple ActiveX control, aka "COM Object Instantiation Memory Corruption Vulnerability."
Applies to:
Microsoft Internet Explorer
Created:
2006-08-11
Updated:
2015-08-03

ID:
CVE-2006-4015
Title:
Hewlett-Packard (HP) ProCurve 3500yl, 6200yl, and 5400zl switches with software before K.11.33 allow remote attackers to cause a denial of service (possibly memory leak or system crash) via unknown vectors.
Type:
Hardware
Bulletins:
CVE-2006-4015
SFBID19310
Severity:
Medium
Description:
Hewlett-Packard (HP) ProCurve 3500yl, 6200yl, and 5400zl switches with software before K.11.33 allow remote attackers to cause a denial of service (possibly memory leak or system crash) via unknown vectors.
Applies to:
ProCurve Switch 3500yl
Procurve Switch 6200yl
Procurve Switch 5400zl
Created:
2006-08-07
Updated:
2017-02-28

ID:
CVE-2006-3906
Title:
Cisco Multiple Products IKE Phase-1 Packet Saturation DoS
Type:
Hardware
Bulletins:
CVE-2006-3906
SFBID19176
Severity:
Medium
Description:
Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected.
Applies to:
Cisco PIX 506 Firewall
Cisco PIX 501 Firewall
Cisco PIX 535 Firewall
Cisco PIX 515E Firewall
Cisco PIX 525 Firewall
Cisco PIX 520 Firewall
Cisco PIX 515 Firewall
Cisco Vpn 3005 Concentrator
Cisco VPN 3030 Concentrator
Cisco VPN 3060...
Created:
2006-07-27
Updated:
2017-02-28

ID:
CVE-2006-3687
Title:
Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in D-Link DI-524, DI-604 Broadband Router, DI-624, D-Link DI-784, WBR-1310 Wireless G Router, WBR-2310 RangeBooster G Router, and EBR-2310 Ethernet Broadband Router allows...
Type:
Hardware
Bulletins:
CVE-2006-3687
SFBID19006
Severity:
High
Description:
Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in D-Link DI-524, DI-604 Broadband Router, DI-624, D-Link DI-784, WBR-1310 Wireless G Router, WBR-2310 RangeBooster G Router, and EBR-2310 Ethernet Broadband Router allows remote attackers to execute arbitrary code via a long M-SEARCH request to UDP port 1900.
Applies to:
DI-784
WBR-1310
DI-524
DI-624
WBR-2310
DI-604
EBR-2310
Created:
2006-07-21
Updated:
2017-02-28

ID:
CVE-2006-3592
Title:
Unspecified vulnerability in the command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to execute arbitrary commands with elevated privileges via unspecified vectors, involving "certain CLI...
Type:
Hardware
Bulletins:
CVE-2006-3592
SFBID18952
Severity:
Medium
Description:
Unspecified vulnerability in the command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to execute arbitrary commands with elevated privileges via unspecified vectors, involving "certain CLI commands," aka bug CSCse11005.
Applies to:
Unified Callmanager
Created:
2006-07-18
Updated:
2017-02-28

ID:
CVE-2006-3593
Title:
The command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to overwrite arbitrary files by redirecting a command's output to a file or folder, aka bug CSCse31704.
Type:
Hardware
Bulletins:
CVE-2006-3593
SFBID18952
Severity:
Medium
Description:
The command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to overwrite arbitrary files by redirecting a command's output to a file or folder, aka bug CSCse31704.
Applies to:
Unified Callmanager
Created:
2006-07-18
Updated:
2017-02-28

ID:
CVE-2006-3594
Title:
Buffer overflow in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows remote attackers to execute arbitrary code via a long hostname in a SIP request, aka bug CSCsd96542.
Type:
Hardware
Bulletins:
CVE-2006-3594
SFBID18952
Severity:
High
Description:
Buffer overflow in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows remote attackers to execute arbitrary code via a long hostname in a SIP request, aka bug CSCsd96542.
Applies to:
Unified Callmanager
Created:
2006-07-18
Updated:
2017-02-28

ID:
CVE-2006-3529
Title:
Memory leak in Juniper JUNOS 6.4 through 8.0, built before May 10, 2006, allows remote attackers to cause a denial of service (kernel packet memory consumption and crash) via crafted IPv6 packets whose buffers are not released after they are processed.
Type:
Hardware
Bulletins:
CVE-2006-3529
SFBID18930
Severity:
Medium
Description:
Memory leak in Juniper JUNOS 6.4 through 8.0, built before May 10, 2006, allows remote attackers to cause a denial of service (kernel packet memory consumption and crash) via crafted IPv6 packets whose buffers are not released after they are processed.
Applies to:
Created:
2006-07-11
Updated:
2017-02-28

ID:
CVE-2006-3291
Title:
Cisco Wireless Access Point Local User List Only Configuration Weakness Authentication Bypass
Type:
Hardware
Bulletins:
CVE-2006-3291
SFBID18704
Severity:
High
Description:
The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on the Cisco Wireless Access Point and Wireless Bridge, reconfigures itself when it is changed to use the "Local User List Only (Individual Passwords)" setting, which removes all security and password configurations and allows remote attackers to access the system.
Applies to:
Created:
2006-06-28
Updated:
2017-02-28

ID:
CVE-2006-3109
Title:
Cisco CallManager Web Interface ccmuser/logon.asp XSS
Type:
Hardware
Bulletins:
CVE-2006-3109
SFBID18504
Severity:
Medium
Description:
Cross-site scripting (XSS) vulnerability in Cisco CallManager 3.3 before 3.3(5)SR3, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3), and 4.3 before 4.3(1), allows remote attackers to inject arbitrary web script or HTML via the (1) pattern parameter in ccmadmin/phonelist.asp and (2) arbitrary parameters in ccmuser/logon.asp, aka bugid CSCsb68657.
Applies to:
Cisco Call Manager
Created:
2006-06-20
Updated:
2017-02-28

ID:
CVE-2006-3073
Title:
Multiple cross-site scripting (XSS) vulnerabilities in the WebVPN feature in the Cisco VPN 3000 Series Concentrators and Cisco ASA 5500 Series Adaptive Security Appliances (ASA), when in WebVPN clientless mode, allow remote attackers to inject...
Type:
Hardware
Bulletins:
CVE-2006-3073
SFBID18419
Severity:
Low
Description:
Multiple cross-site scripting (XSS) vulnerabilities in the WebVPN feature in the Cisco VPN 3000 Series Concentrators and Cisco ASA 5500 Series Adaptive Security Appliances (ASA), when in WebVPN clientless mode, allow remote attackers to inject arbitrary web script or HTML via the domain parameter in (1) dnserror.html and (2) connecterror.html, aka bugid CSCsd81095 (VPN3k) and CSCse48193 (ASA). NOTE: the vendor states that "WebVPN full-network-access mode" is not affected, despite the claims by the original researcher.
Applies to:
Created:
2006-06-19
Updated:
2017-02-28

ID:
CVE-2006-2901
Title:
The web server for D-Link Wireless Access-Point (DWL-2100ap) firmware 2.10na and earlier allows remote attackers to obtain sensitive system information via a request to an arbitrary .cfg file, which returns configuration information including passwords.
Type:
Hardware
Bulletins:
CVE-2006-2901
SFBID18299
Severity:
Medium
Description:
The web server for D-Link Wireless Access-Point (DWL-2100ap) firmware 2.10na and earlier allows remote attackers to obtain sensitive system information via a request to an arbitrary .cfg file, which returns configuration information including passwords.
Applies to:
DWL-2100AP
Created:
2006-06-07
Updated:
2017-02-28

ID:
CVE-2006-2653
Title:
Cross-site scripting (XSS) vulnerability in login_error.shtml for D-Link DSA-3100 allows remote attackers to inject arbitrary HTML or web script via an encoded uname parameter.
Type:
Hardware
Bulletins:
CVE-2006-2653
SFBID18168
Severity:
Low
Description:
Cross-site scripting (XSS) vulnerability in login_error.shtml for D-Link DSA-3100 allows remote attackers to inject arbitrary HTML or web script via an encoded uname parameter.
Applies to:
DSA-3100
Created:
2006-05-30
Updated:
2017-02-28

ID:
CVE-2006-2559
Title:
Linksys WRT54G Wireless-G Broadband Router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using...
Type:
Hardware
Bulletins:
CVE-2006-2559
Severity:
High
Description:
Linksys WRT54G Wireless-G Broadband Router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic.
Applies to:
wrt54g
Created:
2006-05-23
Updated:
2017-02-28

ID:
CVE-2006-2337
Title:
Directory traversal vulnerability in webcm in the D-Link DSL-G604T Wireless ADSL Router Modem allows remote attackers to read arbitrary files via an absolute path in the getpage parameter.
Type:
Hardware
Bulletins:
CVE-2006-2337
Severity:
Medium
Description:
Directory traversal vulnerability in webcm in the D-Link DSL-G604T Wireless ADSL Router Modem allows remote attackers to read arbitrary files via an absolute path in the getpage parameter.
Applies to:
DSL-G604T
Created:
2006-05-11
Updated:
2017-02-28

ID:
OVAL1987
Title:
Remote Code Execution Vulnerability in Flash Player 6 and 7
Type:
Web
Bulletins:
OVAL1987
CVE-2005-2628
Severity:
Low
Description:
Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to execute arbitrary code via a SWF file with a modified frame type identifier that is used as an out-of-bounds array index to a function pointer.
Applies to:
Adobe Flash Player
Created:
2006-05-10
Updated:
2015-08-03

ID:
OVAL1922
Title:
Remote Code Execution Vulnerability in Flash Player 8
Type:
Web
Bulletins:
OVAL1922
CVE-2006-0024
Severity:
Low
Description:
Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file.
Applies to:
Adobe Flash Player
Created:
2006-05-10
Updated:
2015-08-03

ID:
CVE-2006-0515
Title:
Cisco PIX/ASA/FWSM WebSense URL Filter Bypass
Type:
Hardware
Bulletins:
CVE-2006-0515
SFBID17883
Severity:
High
Description:
Cisco PIX/ASA 7.1.x before 7.1(2) and 7.0.x before 7.0(5), PIX 6.3.x before 6.3.5(112), and FWSM 2.3.x before 2.3(4) and 3.x before 3.1(7), when used with Websense/N2H2, allows remote attackers to bypass HTTP access restrictions by splitting the GET method of an HTTP request into multiple packets, which prevents the request from being sent to Websense for inspection, aka bugs CSCsc67612, CSCsc68472, and CSCsd81734.
Applies to:
Created:
2006-05-09
Updated:
2017-02-28

ID:
CVE-2006-1973
Title:
Multiple unspecified vulnerabilities in Linksys RT31P2 VoIP router allow remote attackers to cause a denial of service via malformed Session Initiation Protocol (SIP) messages.
Type:
Hardware
Bulletins:
CVE-2006-1973
SFBID17631
Severity:
Medium
Description:
Multiple unspecified vulnerabilities in Linksys RT31P2 VoIP router allow remote attackers to cause a denial of service via malformed Session Initiation Protocol (SIP) messages.
Applies to:
rt31p2
Created:
2006-04-21
Updated:
2017-02-28

ID:
CVE-2006-1927
Title:
Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS) and running on Cisco CRS-1 or Cisco 12000 series routers, allows remote attackers to cause a denial of service (Line card crash) via certain MPLS packets, as identified by Cisco...
Type:
Hardware
Bulletins:
CVE-2006-1927
SFBID17607
Severity:
Medium
Description:
Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS) and running on Cisco CRS-1 or Cisco 12000 series routers, allows remote attackers to cause a denial of service (Line card crash) via certain MPLS packets, as identified by Cisco bug ID CSCsc77475.
Applies to:
Created:
2006-04-20
Updated:
2017-02-28

ID:
CVE-2006-1928
Title:
Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS) and running on Cisco CRS-1 routers, allows remote attackers to cause a denial of service (Modular Services Cards (MSC) crash or "MPLS packet handling problems") via certain MPLS...
Type:
Hardware
Bulletins:
CVE-2006-1928
SFBID17607
Severity:
Medium
Description:
Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS) and running on Cisco CRS-1 routers, allows remote attackers to cause a denial of service (Modular Services Cards (MSC) crash or "MPLS packet handling problems") via certain MPLS packets, as identified by Cisco bug IDs (1) CSCsd15970 and (2) CSCsd55531.
Applies to:
Created:
2006-04-20
Updated:
2017-02-28

ID:
OVAL1748
Title:
FPSE XSS Vulnerability
Type:
Web
Bulletins:
OVAL1748
CVE-2006-0015
Severity:
Low
Description:
Cross-site scripting (XSS) vulnerability in _vti_bin/_vti_adm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows remote attackers to inject arbitrary web script or HTML, then leverage the attack to execute arbitrary programs or create new accounts, via the (1) operation, (2) command, and (3) name parameters.
Applies to:
Microsoft FrontPage Server Extensions 2002
Created:
2006-04-13
Updated:
2015-08-10

ID:
CVE-2006-1670
Title:
Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (memory exhaustion and possibly card reset) by sending an invalid response when the final ACK is expected,...
Type:
Hardware
Bulletins:
CVE-2006-1670
SFBID17384
Severity:
High
Description:
Control cards for Cisco Optical Networking System (ONS) 15000 series nodes before 20060405 allow remote attackers to cause a denial of service (memory exhaustion and possibly card reset) by sending an invalid response when the final ACK is expected, aka bug ID CSCei45910.
Applies to:
Cisco ONS 15327 SONET Multiservice Platform
Created:
2006-04-07
Updated:
2017-02-28

ID:
CVE-2006-1631
Title:
Cisco 11500 Content Services Switch HTTP Compression DoS
Type:
Hardware
Bulletins:
CVE-2006-1631
SFBID17383
Severity:
Medium
Description:
Unspecified vulnerability in the HTTP compression functionality in Cisco CSS 11500 Series Content Services switches allows remote attackers to cause a denial of service (device reload) via (1) "valid, but obsolete" or (2) "specially crafted" HTTP requests.
Applies to:
Content Services Switch 11500
Created:
2006-04-05
Updated:
2017-02-28

ID:
CVE-2006-0784
Title:
D-Link DWL-G700AP with firmware 2.00 and 2.01 allows remote attackers to cause a denial of service (CAMEO HTTP service crash) via a request composed of "GET" followed by a space and two newlines, possibly triggering the crash due to missing arguments.
Type:
Hardware
Bulletins:
CVE-2006-0784
SFBID16690
Severity:
Medium
Description:
D-Link DWL-G700AP with firmware 2.00 and 2.01 allows remote attackers to cause a denial of service (CAMEO HTTP service crash) via a request composed of "GET" followed by a space and two newlines, possibly triggering the crash due to missing arguments.
Applies to:
DWL-G700AP
Created:
2006-02-19
Updated:
2017-02-28

ID:
CVE-2006-0483
Title:
Cisco VPN 3000 series concentrators running software 4.7.0 through 4.7.2.A allow remote attackers to cause a denial of service (device reload or user disconnect) via a crafted HTTP packet.
Type:
Hardware
Bulletins:
CVE-2006-0483
SFBID16394
Severity:
High
Description:
Cisco VPN 3000 series concentrators running software 4.7.0 through 4.7.2.A allow remote attackers to cause a denial of service (device reload or user disconnect) via a crafted HTTP packet.
Applies to:
Cisco VPN 3060 Concentrator
Cisco VPN 3030 Concentrator
Cisco VPN 3015 Concentrator
Cisco VPN 3080 Concentrator
Cisco Vpn 3005 Concentrator
Created:
2006-01-31
Updated:
2017-02-28

ID:
CVE-2006-0485
Title:
Cisco IOS AAA tclsh Command Authentication Bypass
Type:
Hardware
Bulletins:
CVE-2006-0485
SFBID16383
Severity:
Medium
Description:
The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS EXEC commands that were prohibited via the AAA configuration, aka Bug ID CSCeh73049.
Applies to:
Created:
2006-01-31
Updated:
2017-02-28

ID:
CVE-2006-0486
Title:
Cisco IOS tclsh Login Process Re-Use
Type:
Hardware
Bulletins:
CVE-2006-0486
Severity:
Medium
Description:
Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T based trains, and 12.4 based trains reuse a Tcl Shell process across login sessions of different local users on the same terminal if the first user does not use tclquit before exiting, which may cause subsequent local users to execute unintended commands or bypass AAA command authorization checks, aka Bug ID CSCef77770.
Applies to:
Created:
2006-01-31
Updated:
2017-02-28

ID:
CVE-2006-0354
Title:
Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) allows remote authenticated users to cause a denial of service (termination of packet passing or termination of client connections) by sending the management interface a large...
Type:
Hardware
Bulletins:
CVE-2006-0354
SFBID16217
Severity:
Medium
Description:
Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) allows remote authenticated users to cause a denial of service (termination of packet passing or termination of client connections) by sending the management interface a large number of spoofed ARP packets, which creates a large ARP table that exhausts memory, aka Bug ID CSCsc16644.
Applies to:
Cisco Aironet Ap 1230
Cisco Aironet Ap1400
Cisco Aironet Ap350
Cisco Aironet Ap1300
Cisco Aironet AP1240
Cisco Aironet Ap1130ag
Cisco Aironet Ap1200
Cisco Aironet Ap1100
Created:
2006-01-22
Updated:
2017-02-28

ID:
CVE-2006-0367
Title:
Cisco CallManager CCMAdmin Crafted URL Privilege Escalation
Type:
Hardware
Bulletins:
CVE-2006-0367
SFBID16293
Severity:
Medium
Description:
Unspecified vulnerability in Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allows remote authenticated users with read-only administrative privileges to obtain full administrative privileges via a "crafted URL on the CCMAdmin web page."
Applies to:
Cisco Call Manager
Created:
2006-01-22
Updated:
2017-02-28

ID:
CVE-2006-0368
Title:
Cisco CallManager Port 2000 Connection Saturation Resource Consumption DoS
Type:
Hardware
Bulletins:
CVE-2006-0368
SFBID16295
Severity:
High
Description:
Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allow remote attackers to (1) cause a denial of service (CPU and memory consumption) via a large number of open TCP connections to port 2000 and (2) cause a denial of service (fill the Windows Service Manager communication queue) via a large number of TCP connections to port 2001, 2002, or 7727.
Applies to:
Cisco Call Manager
Created:
2006-01-22
Updated:
2017-02-28

ID:
CVE-2006-0340
Title:
Cisco IOS MMP Stack Group Bidding Protocol (SGBP) Crafted UDP Packet Remote DoS
Type:
Hardware
Bulletins:
CVE-2006-0340
SFBID16303
Severity:
High
Description:
Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a crafted UDP packet to port 9900.
Applies to:
Created:
2006-01-20
Updated:
2017-02-28

ID:
CVE-2006-0309
Title:
Linksys BEFVP41 VPN Router 2.0 with firmware 1.01.04 allows remote attackers on the local network, to cause a denial of service via IP packets with a null IP option length.
Type:
Hardware
Bulletins:
CVE-2006-0309
SFBID16307
Severity:
Medium
Description:
Linksys BEFVP41 VPN Router 2.0 with firmware 1.01.04 allows remote attackers on the local network, to cause a denial of service via IP packets with a null IP option length.
Applies to:
BEFVP41
Created:
2006-01-18
Updated:
2017-02-28