| ID: CVE-2002-1892 |
Title: NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information. |
Type: Hardware |
Bulletins:
CVE-2002-1892 SFBID5830 |
Severity: Low |
| Description: NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information. | ||||
| Applies to: FVS318v3 Firewall |
Created: 2002-12-31 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-2341 |
Title: Cross-site scripting (XSS) vulnerability in content blocking in SonicWALL SOHO3 6.3.0.0 allows remote attackers to inject arbitrary web script or HTML via a blocked URL. |
Type: Hardware |
Bulletins:
CVE-2002-2341 SFBID4755 |
Severity: Medium |
| Description: Cross-site scripting (XSS) vulnerability in content blocking in SonicWALL SOHO3 6.3.0.0 allows remote attackers to inject arbitrary web script or HTML via a blocked URL. | ||||
| Applies to: SonicWall Firewall SoHo 3 |
Created: 2002-12-31 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-1865 |
Title: Buffer overflow in the Embedded HTTP server, as used in (1) D-Link DI-804 4.68, Dl-704 V2.56b6, and Dl-704 V2.56b5 and (2) Linksys Etherfast BEFW11S4 Wireless AP + Cable/DSL Router 1.37.2 through 1.42.7 and Linksys WAP11 1.3 and 1.4, allows remote... |
Type: Hardware |
Bulletins:
CVE-2002-1865 SFBID6090 |
Severity: Medium |
| Description: Buffer overflow in the Embedded HTTP server, as used in (1) D-Link DI-804 4.68, Dl-704 V2.56b6, and Dl-704 V2.56b5 and (2) Linksys Etherfast BEFW11S4 Wireless AP + Cable/DSL Router 1.37.2 through 1.42.7 and Linksys WAP11 1.3 and 1.4, allows remote attackers to cause a denial of service (crash) via a long header, as demonstrated using the Host header. | ||||
| Applies to: BEFW11S4 DI-704 DI-804 wap11 |
Created: 2002-12-31 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-2137 |
Title: GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) D-Link DWL-900AP+ B1 2.1 and 2.2, (3) ALLOY GL-2422AP-S, (4) EUSSO GL2422-AP, and (5) LINKSYS WAP11-V2.2, allow remote attackers to obtain sensitive... |
Type: Hardware |
Bulletins:
CVE-2002-2137 SFBID6100 |
Severity: Medium |
| Description: GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) D-Link DWL-900AP+ B1 2.1 and 2.2, (3) ALLOY GL-2422AP-S, (4) EUSSO GL2422-AP, and (5) LINKSYS WAP11-V2.2, allow remote attackers to obtain sensitive information like WEP keys, the administrator password, and the MAC filter via a "getsearch" request to UDP port 27155. | ||||
| Applies to: DWL-900AP+B wap11 |
Created: 2002-12-31 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-2159 |
Title: Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the "Block WAN" and "Remote Admin" options are disabled, which allows remote attackers to... |
Type: Hardware |
Bulletins:
CVE-2002-2159 SFBID4987 |
Severity: High |
| Description: Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the "Block WAN" and "Remote Admin" options are disabled, which allows remote attackers to gain access. | ||||
| Applies to: BEFSR41 befsr11 befsru31 |
Created: 2002-12-31 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-2371 |
Title: Linksys WET11 firmware 1.31 and 1.32 allows remote attackers to cause a denial of service (crash) via a packet containing the device's hardware address as the source MAC address in the DLC header. |
Type: Hardware |
Bulletins:
CVE-2002-2371 SFBID6046 |
Severity: High |
| Description: Linksys WET11 firmware 1.31 and 1.32 allows remote attackers to cause a denial of service (crash) via a packet containing the device's hardware address as the source MAC address in the DLC header. | ||||
| Applies to: wet11 |
Created: 2002-12-31 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-1810 |
Title: D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to access the TFTP server without authentication and read the config.img file, which contains sensitive information such as the administrative password, the WEP encryption keys, and... |
Type: Hardware |
Bulletins:
CVE-2002-1810 SFBID6015 |
Severity: High |
| Description: D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to access the TFTP server without authentication and read the config.img file, which contains sensitive information such as the administrative password, the WEP encryption keys, and network configuration information. | ||||
| Applies to: DWL-900AP+B |
Created: 2002-12-31 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-2150 |
Title: Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as (1) TCP SYN flood, (2) UDP flood, or (3) Crikey CRC Flood, which causes the... |
Type: Hardware |
Bulletins:
CVE-2002-2150 SFBID6023 |
Severity: Medium |
| Description: Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as (1) TCP SYN flood, (2) UDP flood, or (3) Crikey CRC Flood, which causes the firewall to refuse any new connections. | ||||
| Applies to: |
Created: 2002-12-31 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-1706 |
Title: Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message... |
Type: Hardware |
Bulletins:
CVE-2002-1706 SFBID5041 |
Severity: Medium |
| Description: Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature, which is approved by the router. | ||||
| Applies to: |
Created: 2002-12-31 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-1768 |
Title: Cisco IOS 11.1 through 12.2, when HSRP support is not enabled, allows remote attackers to cause a denial of service (CPU consumption) via randomly sized UDP packets to the Hot Standby Routing Protocol (HSRP) port 1985. |
Type: Hardware |
Bulletins:
CVE-2002-1768 SFBID4948 |
Severity: Medium |
| Description: Cisco IOS 11.1 through 12.2, when HSRP support is not enabled, allows remote attackers to cause a denial of service (CPU consumption) via randomly sized UDP packets to the Hot Standby Routing Protocol (HSRP) port 1985. | ||||
| Applies to: |
Created: 2002-12-31 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-2052 |
Title: Cisco 2611 router running IOS 12.1(6.5), possibly an interim release, allows remote attackers to cause a denial of service via port scans such as (1) scanning all ports on a single host and (2) scanning a network of hosts for a single open port... |
Type: Hardware |
Bulletins:
CVE-2002-2052 SFBID4947 |
Severity: Medium |
| Description: Cisco 2611 router running IOS 12.1(6.5), possibly an interim release, allows remote attackers to cause a denial of service via port scans such as (1) scanning all ports on a single host and (2) scanning a network of hosts for a single open port through the router. NOTE: the vendor could not reproduce this issue, saying that the original reporter was using an interim release of the software. | ||||
| Applies to: |
Created: 2002-12-31 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-2053 |
Title: The design of the Hot Standby Routing Protocol (HSRP), as implemented on Cisco IOS 12.1, when using IRPAS, allows remote attackers to cause a denial of service (CPU consumption) via a router with the same IP address as the interface on which HSRP is... |
Type: Hardware |
Bulletins:
CVE-2002-2053 SFBID4949 |
Severity: Medium |
| Description: The design of the Hot Standby Routing Protocol (HSRP), as implemented on Cisco IOS 12.1, when using IRPAS, allows remote attackers to cause a denial of service (CPU consumption) via a router with the same IP address as the interface on which HSRP is running, which causes a loop. | ||||
| Applies to: |
Created: 2002-12-31 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-2208 |
Title: Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements,... |
Type: Hardware |
Bulletins:
CVE-2002-2208 SFBID6443 |
Severity: High |
| Description: Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network. | ||||
| Applies to: |
Created: 2002-12-31 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-2239 |
Title: The Cisco Optical Service Module (OSM) for the Catalyst 6500 and 7600 series running Cisco IOS 12.1(8)E through 12.1(13.4)E allows remote attackers to cause a denial of service (hang) via a malformed packet. |
Type: Hardware |
Bulletins:
CVE-2002-2239 SFBID6358 |
Severity: High |
| Description: The Cisco Optical Service Module (OSM) for the Catalyst 6500 and 7600 series running Cisco IOS 12.1(8)E through 12.1(13.4)E allows remote attackers to cause a denial of service (hang) via a malformed packet. | ||||
| Applies to: |
Created: 2002-12-31 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-2315 |
Title: Cisco IOS 11.2.x and 12.0.x does not limit the size of its redirect table, which allows remote attackers to cause a denial of service (memory consumption) via spoofed ICMP redirect packets to the router. |
Type: Hardware |
Bulletins:
CVE-2002-2315 SFBID4786 |
Severity: High |
| Description: Cisco IOS 11.2.x and 12.0.x does not limit the size of its redirect table, which allows remote attackers to cause a denial of service (memory consumption) via spoofed ICMP redirect packets to the router. | ||||
| Applies to: |
Created: 2002-12-31 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-2316 |
Title: Cisco Catalyst 4000 series switches running CatOS 5.5.5, 6.3.5, and 7.1.2 do not always learn MAC addresses from a single initial packet, which causes unicast traffic to be broadcast across the switch and allows remote attackers to obtain sensitive... |
Type: Hardware |
Bulletins:
CVE-2002-2316 SFBID4790 |
Severity: Medium |
| Description: Cisco Catalyst 4000 series switches running CatOS 5.5.5, 6.3.5, and 7.1.2 do not always learn MAC addresses from a single initial packet, which causes unicast traffic to be broadcast across the switch and allows remote attackers to obtain sensitive network information by sniffing. | ||||
| Applies to: |
Created: 2002-12-31 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-2379 |
Title: ** DISPUTED ** Cisco AS5350 IOS 12.2(11)T with access control lists (ACLs) applied and possibly with ssh running allows remote attackers to cause a denial of service (crash) via a port scan, possibly due to an ssh bug. NOTE: this issue could not be... |
Type: Hardware |
Bulletins:
CVE-2002-2379 SFBID6059 |
Severity: High |
| Description: ** DISPUTED ** Cisco AS5350 IOS 12.2(11)T with access control lists (ACLs) applied and possibly with ssh running allows remote attackers to cause a denial of service (crash) via a port scan, possibly due to an ssh bug. NOTE: this issue could not be reproduced by the vendor. | ||||
| Applies to: Cisco AS5350 Universal Gateway |
Created: 2002-12-31 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-1357 |
Title: Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder... |
Type: Hardware |
Bulletins:
CVE-2002-1357 SFBID6405 |
Severity: High |
| Description: Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. | ||||
| Applies to: |
Created: 2002-12-23 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-1358 |
Title: Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. |
Type: Hardware |
Bulletins:
CVE-2002-1358 |
Severity: High |
| Description: Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. | ||||
| Applies to: |
Created: 2002-12-23 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-1359 |
Title: Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder... |
Type: Hardware |
Bulletins:
CVE-2002-1359 SFBID6407 |
Severity: High |
| Description: Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite. | ||||
| Applies to: |
Created: 2002-12-23 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-1360 |
Title: Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code... |
Type: Hardware |
Bulletins:
CVE-2002-1360 |
Severity: High |
| Description: Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite. | ||||
| Applies to: |
Created: 2002-12-23 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-1354 |
Title: TYPSoft FTP Server 0-99-8 Arbitrary Dir Listing |
Type: FTP |
Bulletins:
CVE-2002-1354 |
Severity: Medium |
| Description: TYPSoft version 0.99.8 is prone to a vulnerability where a remote user can view directory listings for directories located outside of the FTP document directory. The character sequence ‘...’ is not properly filtered, thus leading to such a vulnerability. The vulnerability issue was fixed in version 0.99.13 or later, which is available at: http://www.idefense.com/advisory/12.16.02a.txt. | ||||
| Applies to: TYPSoft FTP Server |
Created: 2002-12-13 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-1272 |
Title: Alcatel OmniSwitch 7700/7800 switches running AOS 5.1.1 contains a back door telnet server that was intended for development but not removed before distribution, which allows remote attackers to gain administrative privileges. |
Type: Hardware |
Bulletins:
CVE-2002-1272 SFBID6220 |
Severity: High |
| Description: Alcatel OmniSwitch 7700/7800 switches running AOS 5.1.1 contains a back door telnet server that was intended for development but not removed before distribution, which allows remote attackers to gain administrative privileges. | ||||
| Applies to: |
Created: 2002-12-11 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-1312 |
Title: Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to... |
Type: Hardware |
Bulletins:
CVE-2002-1312 SFBID6208 |
Severity: Medium |
| Description: Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password. | ||||
| Applies to: BEFSR41 BEFSR81 BEFSX41 BEFVP41 BEFW11S4 befsr11 befsru31 |
Created: 2002-11-20 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-1236 |
Title: The remote management web server for Linksys BEFSR41 EtherFast Cable/DSL Router before firmware 1.42.7 allows remote attackers to cause a denial of service (crash) via an HTTP request to Gozila.cgi without any arguments. |
Type: Hardware |
Bulletins:
CVE-2002-1236 SFBID6086 |
Severity: Medium |
| Description: The remote management web server for Linksys BEFSR41 EtherFast Cable/DSL Router before firmware 1.42.7 allows remote attackers to cause a denial of service (crash) via an HTTP request to Gozila.cgi without any arguments. | ||||
| Applies to: BEFSR41 |
Created: 2002-11-12 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-1222 |
Title: Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request. |
Type: Hardware |
Bulletins:
CVE-2002-1222 SFBID5976 |
Severity: High |
| Description: Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request. | ||||
| Applies to: |
Created: 2002-10-28 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-1147 |
Title: The HTTP administration interface for HP Procurve 4000M Switch firmware before C.09.16, with stacking features and remote administration enabled, does not authenticate requests to reset the device, which allows remote attackers to cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2002-1147 SFBID5784 |
Severity: High |
| Description: The HTTP administration interface for HP Procurve 4000M Switch firmware before C.09.16, with stacking features and remote administration enabled, does not authenticate requests to reset the device, which allows remote attackers to cause a denial of service via a direct request to the device_reset CGI program. | ||||
| Applies to: Procurve Switch 4000m |
Created: 2002-10-11 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-1068 |
Title: The web server for D-Link DP-300 print server allows remote attackers to cause a denial of service (hang) via a large HTTP POST request. |
Type: Hardware |
Bulletins:
CVE-2002-1068 SFBID5330 |
Severity: Medium |
| Description: The web server for D-Link DP-300 print server allows remote attackers to cause a denial of service (hang) via a large HTTP POST request. | ||||
| Applies to: DP-303 |
Created: 2002-10-04 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-1069 |
Title: The remote administration capability for the D-Link DI-804 router 4.68 allows remote attackers to bypass authentication and release DHCP addresses or obtain sensitive information via a direct web request to the pages (1) release.htm, (2) Device... |
Type: Hardware |
Bulletins:
CVE-2002-1069 SFBID5544 |
Severity: Medium |
| Description: The remote administration capability for the D-Link DI-804 router 4.68 allows remote attackers to bypass authentication and release DHCP addresses or obtain sensitive information via a direct web request to the pages (1) release.htm, (2) Device Status, or (3) Device Information. | ||||
| Applies to: DI-804 |
Created: 2002-10-04 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-0886 |
Title: Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to... |
Type: Hardware |
Bulletins:
CVE-2002-0886 SFBID4813 |
Severity: Medium |
| Description: Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory. | ||||
| Applies to: |
Created: 2002-10-04 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-0891 |
Title: The web interface (WebUI) of NetScreen ScreenOS before 2.6.1r8, and certain 2.8.x and 3.0.x versions before 3.0.3r1, allows remote attackers to cause a denial of service (crash) via a long user name. |
Type: Hardware |
Bulletins:
CVE-2002-0891 SFBID4842 |
Severity: Medium |
| Description: The web interface (WebUI) of NetScreen ScreenOS before 2.6.1r8, and certain 2.8.x and 3.0.x versions before 3.0.3r1, allows remote attackers to cause a denial of service (crash) via a long user name. | ||||
| Applies to: |
Created: 2002-10-04 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-0954 |
Title: The encryption algorithms for enable and passwd commands on Cisco PIX Firewall can be executed quickly due to a limited number of rounds, which make it easier for an attacker to decrypt the passwords using brute force techniques. |
Type: Hardware |
Bulletins:
CVE-2002-0954 |
Severity: High |
| Description: The encryption algorithms for enable and passwd commands on Cisco PIX Firewall can be executed quickly due to a limited number of rounds, which make it easier for an attacker to decrypt the passwords using brute force techniques. | ||||
| Applies to: |
Created: 2002-10-04 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-0870 |
Title: The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL... |
Type: Hardware |
Bulletins:
CVE-2002-0870 |
Severity: High |
| Description: The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instead of navigating through the interface, possibly via a variant of the original attack, as identified by Cisco bug ID CSCdw08549. | ||||
| Applies to: Cisco CSS 11100 Content Services Switch Series |
Created: 2002-09-05 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-0426 |
Title: VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys. |
Type: Hardware |
Bulletins:
CVE-2002-0426 SFBID4250 |
Severity: High |
| Description: VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys. | ||||
| Applies to: BEFVP41 |
Created: 2002-08-12 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-0505 |
Title: Memory leak in the Call Telephony Integration (CTI) Framework authentication for Cisco CallManager 3.0 and 3.1 before 3.1(3) allows remote attackers to cause a denial of service (crash and reload) via a series of authentication failures, e.g. via... |
Type: Hardware |
Bulletins:
CVE-2002-0505 SFBID4370 |
Severity: Medium |
| Description: Memory leak in the Call Telephony Integration (CTI) Framework authentication for Cisco CallManager 3.0 and 3.1 before 3.1(3) allows remote attackers to cause a denial of service (crash and reload) via a series of authentication failures, e.g. via incorrect passwords. | ||||
| Applies to: Cisco Call Manager |
Created: 2002-08-12 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-0792 |
Title: The web management interface for Cisco Content Service Switch (CSS) 11000 switches allows remote attackers to cause a denial of service (soft reset) via (1) an HTTPS POST request, or (2) malformed XML data. |
Type: Hardware |
Bulletins:
CVE-2002-0792 SFBID4747 |
Severity: Medium |
| Description: The web management interface for Cisco Content Service Switch (CSS) 11000 switches allows remote attackers to cause a denial of service (soft reset) via (1) an HTTPS POST request, or (2) malformed XML data. | ||||
| Applies to: Cisco CSS 11100 Content Services Switch Series |
Created: 2002-08-12 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-0813 |
Title: Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename. |
Type: Hardware |
Bulletins:
CVE-2002-0813 SFBID5328 |
Severity: High |
| Description: Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename. | ||||
| Applies to: |
Created: 2002-08-12 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-0661 |
Title: Apache: Apache 2.0.39 directory traversal and path disclosure bug |
Type: Web |
Bulletins:
CVE-2002-0661 SFBID5434 |
Severity: High |
| Description: Directory traversal and path disclosure. | ||||
| Applies to: Apache |
Created: 2002-08-09 |
Updated: 2010-10-27 |
||
| ID: CVE-2002-0826 |
Title: Ipswitch WS_FTP Server 3-1-1 Buffer Overflow in SITE CPWD Command Processing |
Type: FTP |
Bulletins:
CVE-2002-0826 SFBID5427 |
Severity: High |
| Description: Ipswitch WS_FTP server is prone to a vulnerability, where a remote authenticated user can cause a buffer overflow and execute arbitrary code while having system level privileges. A patch has been released by the vendor, which is available at: ftp://ftp.ipswitch.com/ipswitch/product_support/WS_FTP_Server/ifs312.exe. For more information on how to apply patches, see: http://www.ipswitch.com/Support/WS_FTP-Server/patch-upgrades.html. The buffer overflow can be generated by sending a special SITE CPWD command, which overwrites the EIP register, causing arbitrary code to be executed. | ||||
| Applies to: Ipswitch WS_FTP Server |
Created: 2002-08-08 |
Updated: 2010-08-21 |
||
| ID: REF000107 |
Title: All Servers: Tomcat source.jsp directory listing and webroot location display |
Type: Web |
Bulletins: | Severity: Medium |
| Description: Remote attackers can obtain listings of web directories. For more information, visit: http://www.cgisecurity.com/archive/webservers/tomcat_3.23_and_3.24_source.jsp_dir_listing_path_disclose.txt | ||||
| Applies to: Apache Tomcat |
Created: 2002-08-01 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-0655 |
Title: OpenSSL versions older than 0.9.7e and 0.9.6m |
Type: Miscellaneous |
Bulletins:
CVE-2002-0655 CVE-2002-0656 CVE-2002-0657 CVE-2002-0659 SFBID5361 SFBID5362 SFBID5363 SFBID5364 SFBID5366 |
Severity: High |
| Description: The OpenSSL library provides cryptographic support to applications that communicate over the network such as the Apache web server, POP3, IMAP, SMTP and LDAP servers. Any vulnerability within the library can be exploited via these applications. Multiple vulnerabilities have been found in the OpenSSL library, allowing remote users to execute arbitrary code with root privileges. Version prior to 0.9.7d and 0.9.6m are affected, thus one is advised to upgrade to a newer version. | ||||
| Applies to: OpenSSL |
Created: 2002-07-30 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-0713 |
Title: Multiple Squid vulnerabilities |
Type: Services |
Bulletins:
CVE-2002-0713 CVE-2002-0714 CVE-2002-0715 SFBID5154 SFBID5155 SFBID5156 SFBID5157 SFBID5158 |
Severity: High |
| Description: Remote code execution and/or denial of service. | ||||
| Applies to: |
Created: 2002-07-03 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-0545 |
Title: Cisco Aironet before 11.21 with Telnet enabled allows remote attackers to cause a denial of service (reboot) via a series of login attempts with invalid usernames and passwords. |
Type: Hardware |
Bulletins:
CVE-2002-0545 SFBID4461 |
Severity: Medium |
| Description: Cisco Aironet before 11.21 with Telnet enabled allows remote attackers to cause a denial of service (reboot) via a series of login attempts with invalid usernames and passwords. | ||||
| Applies to: Cisco Aironet Ap340 Cisco Aironet Ap350 |
Created: 2002-07-03 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-0350 |
Title: HP Procurve Switch 4000M running firmware C.08.22 and C.09.09 allows remote attackers to cause a denial of service via a port scan of the management IP address, which disables the telnet service. |
Type: Hardware |
Bulletins:
CVE-2002-0350 SFBID4212 |
Severity: High |
| Description: HP Procurve Switch 4000M running firmware C.08.22 and C.09.09 allows remote attackers to cause a denial of service via a port scan of the management IP address, which disables the telnet service. | ||||
| Applies to: Procurve Switch 4000m |
Created: 2002-06-25 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-0339 |
Title: Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding (CEF) enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet's length is less than the IP level packet length. |
Type: Hardware |
Bulletins:
CVE-2002-0339 SFBID4191 |
Severity: Medium |
| Description: Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding (CEF) enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet's length is less than the IP level packet length. | ||||
| Applies to: |
Created: 2002-06-25 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-0640 |
Title: Remote OpenSSH Vulnerability |
Type: Miscellaneous |
Bulletins:
CVE-2002-0640 SFBID5093 |
Severity: Low |
| Description: A remotely exploitable vulnerability exists in OpenSSH prior to version 3.3 (Version 3.3 is affected only if UsePrivilegeSeparation is disabled). | ||||
| Applies to: OpenSSH |
Created: 2002-06-24 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-0392 |
Title: Apache Chunked-Encoding Memory Corruption Vulnerability |
Type: Miscellaneous |
Bulletins:
CVE-2002-0392 SFBID5033 |
Severity: High |
| Description: This version is vulnerable to a bug which may be remotely exploitable. Download the latest version of Apache from httpd.apache.org. | ||||
| Applies to: Apache |
Created: 2002-06-17 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-1634 |
Title: All Servers: Netware default programs display server information |
Type: Web |
Bulletins:
CVE-2002-1634 SFBID4874 |
Severity: Medium |
| Description: Possible sensitive information disclosure. | ||||
| Applies to: Netware |
Created: 2002-05-29 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-1634 |
Title: All Servers: Netware default programs display server information |
Type: Web |
Bulletins:
CVE-2002-1634 SFBID4874 |
Severity: Medium |
| Description: Possible sensitive information disclosure. | ||||
| Applies to: Netware |
Created: 2002-05-29 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-0234 |
Title: NetScreen ScreenOS before 2.6.1 does not support a maximum number of concurrent sessions for a system, which allows an attacker on the trusted network to cause a denial of service (resource exhaustion) via a port scan to an external network, which... |
Type: Hardware |
Bulletins:
CVE-2002-0234 SFBID4015 |
Severity: Low |
| Description: NetScreen ScreenOS before 2.6.1 does not support a maximum number of concurrent sessions for a system, which allows an attacker on the trusted network to cause a denial of service (resource exhaustion) via a port scan to an external network, which consumes all available connections. | ||||
| Applies to: |
Created: 2002-05-29 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-0893 |
Title: IIS: ServletExec 4.1 ISAPI File Reading |
Type: Web |
Bulletins:
CVE-2002-0893 SFBID4795 |
Severity: Medium |
| Description: View the contents of files normally inaccessible. | ||||
| Applies to: IIS |
Created: 2002-05-22 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-0379 |
Title: IMAP4 server |
Type: Services |
Bulletins:
CVE-2002-0379 SFBID4713 |
Severity: High |
| Description: Wu-imapd is vulnerable to a buffer overflow condition. This has been reported to occur when a valid user requests partial mailbox attributes. Exploitation may result in the execution of arbitrary code. | ||||
| Applies to: |
Created: 2002-05-10 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-0889 |
Title: Qualcomm QPopper Bulletin Name Buffer Overflow Vulnerability |
Type: |
Bulletins:
CVE-2002-0889 SFBID4614 |
Severity: Medium |
| Description: QUALCOMM’s QPopper is freely available, and is designed to work on various operating systems, however, a vulnerability exists which affects only the UNIX and Linux platforms. When a user supplies a bulletin with a name longer than 256 bytes, a buffer overflow will occur, resulting in overwriting of the process memory, and also arbitrary code execution. Caldera has issued some fixes. The upgrade is available at: ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.20/ | ||||
| Applies to: Qualcomm Qpopper |
Created: 2002-04-28 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-0575 |
Title: AFS-Kerberos Support in OpenSSH Poses a Security Threat |
Type: Miscellaneous |
Bulletins:
CVE-2002-0575 SFBID4560 |
Severity: High |
| Description: See webpage for more information. | ||||
| Applies to: OpenSSH |
Created: 2002-04-19 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-1744 |
Title: IIS: Microsoft IIS CodeBrws.ASP Source Code Disclosure Vulnerability |
Type: Web |
Bulletins:
CVE-2002-1744 SFBID4525 |
Severity: Medium |
| Description: Source code disclosure. | ||||
| Applies to: IIS |
Created: 2002-04-16 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-0109 |
Title: Linksys EtherFast BEFN2PS4, BEFSR41, and BEFSR81 Routers, and possibly other products, allow remote attackers to gain sensitive information and cause a denial of service via an SNMP query for the default community string "public," which causes the... |
Type: Hardware |
Bulletins:
CVE-2002-0109 SFBID3795 |
Severity: Medium |
| Description: Linksys EtherFast BEFN2PS4, BEFSR41, and BEFSR81 Routers, and possibly other products, allow remote attackers to gain sensitive information and cause a denial of service via an SNMP query for the default community string "public," which causes the router to change its configuration and send SNMP trap information back to the system that initiated the query. | ||||
| Applies to: BEFSR41 BEFSR81 |
Created: 2002-03-25 |
Updated: 2020-08-14 |
||
| ID: CVE-2002-0061 |
Title: Apache: Apache Win32 Batch File Remote Command Execution Vulnerability |
Type: Web |
Bulletins:
CVE-2002-0061 SFBID4335 |
Severity: High |
| Description: Remote Command Execution. | ||||
| Applies to: Apache |
Created: 2002-03-21 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-0434 |
Title: All Servers: Directory.php Allows Arbitrary Code Execution |
Type: Web |
Bulletins:
CVE-2002-0434 SFBID4278 |
Severity: Low |
| Description: Arbitrary Code Execution. | ||||
| Applies to: |
Created: 2002-03-12 |
Updated: 2010-08-21 |
||
| ID: CVE-2001-0461 |
Title: All Servers: Free On-line Dictionary |
Type: Web |
Bulletins:
CVE-2001-0461 |
Severity: High |
| Description: Possible Remote command execution. | ||||
| Applies to: |
Created: 2002-03-09 |
Updated: 2010-08-21 |
||
| ID: CVE-2000-1196 |
Title: Netscape: Netscape PSCOErrPage |
Type: Web |
Bulletins:
CVE-2000-1196 |
Severity: Medium |
| Description: View any file on the remote computer. | ||||
| Applies to: Netscape |
Created: 2002-03-09 |
Updated: 2010-08-21 |
||
| ID: SFBID4261 |
Title: Web server 404 path disclosure |
Type: Miscellaneous |
Bulletins:
SFBID4261 |
Severity: Medium |
| Description: Some web servers disclose the webroot path when asked for a non existant page. This should not be allowed on production servers. | ||||
| Applies to: |
Created: 2002-03-09 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-0083 |
Title: OpenSSH Channel Code Off-By-One Vulnerability |
Type: Miscellaneous |
Bulletins:
CVE-2002-0083 SFBID4241 |
Severity: Low |
| Description: Exploitation of this vulnerability may give the attacker the ability to execute arbitrary code on the vulnerable system. | ||||
| Applies to: OpenSSH |
Created: 2002-03-07 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-0082 |
Title: Apache Mod_SSL-Apache-SSL Buffer Overflow Vulnerability |
Type: Miscellaneous |
Bulletins:
CVE-2002-0082 SFBID4189 |
Severity: High |
| Description: May allow for attackers to execute arbitrary code. | ||||
| Applies to: Apache |
Created: 2002-02-27 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-0081 |
Title: PHP Post File Upload Buffer Overflow Vulnerabilities |
Type: Miscellaneous |
Bulletins:
CVE-2002-0081 SFBID4183 |
Severity: High |
| Description: Possibly run arbitrary code (read the advisory for more info). | ||||
| Applies to: PHP |
Created: 2002-02-26 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-0232 |
Title: All Servers: MRTG CGI Arbitrary File Display Vulnerability |
Type: Web |
Bulletins:
CVE-2002-0232 SFBID4017 |
Severity: Medium |
| Description: View arbitrary files. | ||||
| Applies to: MRTG |
Created: 2002-02-02 |
Updated: 2010-10-27 |
||
| ID: CVE-2002-0232 |
Title: All Servers: MRTG CGI Arbitrary File Display Vulnerability |
Type: Web |
Bulletins:
CVE-2002-0232 SFBID4017 |
Severity: Medium |
| Description: View arbitrary files. | ||||
| Applies to: MRTG |
Created: 2002-02-02 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-0232 |
Title: All Servers: MRTG CGI Arbitrary File Display Vulnerability |
Type: Web |
Bulletins:
CVE-2002-0232 SFBID4017 |
Severity: Medium |
| Description: View arbitrary files. | ||||
| Applies to: MRTG |
Created: 2002-02-02 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-0232 |
Title: All Servers: MRTG CGI Arbitrary File Display Vulnerability |
Type: Web |
Bulletins:
CVE-2002-0232 SFBID4017 |
Severity: Medium |
| Description: View arbitrary files. | ||||
| Applies to: MRTG |
Created: 2002-02-02 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-0232 |
Title: All Servers: MRTG CGI Arbitrary File Display Vulnerability |
Type: Web |
Bulletins:
CVE-2002-0232 SFBID4017 |
Severity: Medium |
| Description: View arbitrary files. | ||||
| Applies to: MRTG |
Created: 2002-02-02 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-2113 |
Title: All Servers: AHG's 'search.cgi' Search Engine Input Validation Flaw |
Type: Web |
Bulletins:
CVE-2002-2113 SFBID3985 |
Severity: High |
| Description: Remote users can execute arbitrary commands on the web server. | ||||
| Applies to: AHG |
Created: 2002-01-29 |
Updated: 2010-08-21 |
||
| ID: SFBID3915 |
Title: All Servers: COWS CGI Online Worldweb Shopping Information Disclosure Vulnerability |
Type: Web |
Bulletins:
SFBID3915 |
Severity: Medium |
| Description: Sensitive information disclosure. | ||||
| Applies to: COWS |
Created: 2002-01-21 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-2032 |
Title: All Servers: Possible PHPNuke SQL_Debug Information Disclosure Vulnerability |
Type: Web |
Bulletins:
CVE-2002-2032 SFBID3906 |
Severity: Medium |
| Description: Information disclosure. | ||||
| Applies to: |
Created: 2002-01-18 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-2033 |
Title: Apache: Faqmanager.cgi file read vulnerability |
Type: Web |
Bulletins:
CVE-2002-2033 SFBID3810 |
Severity: Medium |
| Description: Faqmanager can be used to read files on the server the httpd has access to. | ||||
| Applies to: Apache |
Created: 2002-01-07 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-2029 |
Title: Apache: Security Risk When Using the CGI Binary (PHP.EXE) Under Apache |
Type: Web |
Bulletins:
CVE-2002-2029 SFBID3786 |
Severity: High |
| Description: Read arbitrary files from remote server. | ||||
| Applies to: Apache |
Created: 2002-01-04 |
Updated: 2010-10-27 |
||
| ID: REF000013 |
Title: Apache: Apache manual |
Type: Web |
Bulletins: | Severity: Low |
| Description: Apache online manual has not been removed. | ||||
| Applies to: Apache |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000015 |
Title: Apache: Apache server-info |
Type: Web |
Bulletins: | Severity: Low |
| Description: Information such as server version and type should be hidden/omitted or changed to something more generic where possible so that such information is hidden from potential intruders. | ||||
| Applies to: Apache |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000016 |
Title: Apache: Apache server-status |
Type: Web |
Bulletins: | Severity: Low |
| Description: Information such as server version and type should be hidden/omitted or changed to something more generic where possible so that such information is hidden from potential intruders. | ||||
| Applies to: Apache |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: CVE-2000-0628 |
Title: Apache: Apache source.asp |
Type: Web |
Bulletins:
CVE-2000-0628 |
Severity: Medium |
| Description: Create files in the directory where source.asp is located. An attacker can upload his own scripts and run them. | ||||
| Applies to: Apache |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000040 |
Title: All Servers: Directory Manager Execution bug |
Type: Web |
Bulletins: | Severity: Medium |
| Description: Allows an attacker to execute commands as webserver-user. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000060 |
Title: IIS: IIS ASP.NET Application Trace Enabled |
Type: Web |
Bulletins: | Severity: Low |
| Description: Possible sensitive information disclosure. | ||||
| Applies to: IIS |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000062 |
Title: IIS: IIS Global.asa Retrieval |
Type: Web |
Bulletins: | Severity: Low |
| Description: Possible sensitive information disclosure. | ||||
| Applies to: IIS |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000081 |
Title: Netscape: Netscape Administration Server admin password |
Type: Web |
Bulletins: | Severity: Medium |
| Description: Read encrypted password for Netscape Administration server. | ||||
| Applies to: Netscape |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000090 |
Title: All Servers: Perl.exe |
Type: Web |
Bulletins: | Severity: Medium |
| Description: Possible to run perl commands (web server level privileges). | ||||
| Applies to: Perl |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000124 |
Title: IIS: Terminal Services |
Type: Web |
Bulletins: | Severity: Low |
| Description: Terminal Services are installed on this computer. | ||||
| Applies to: IIS |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000178 |
Title: ClearCase running |
Type: Information |
Bulletins: | Severity: Information |
| Description: ClearCase is running on this computer. | ||||
| Applies to: ClearCase |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000179 |
Title: Frontpage extensions enabled |
Type: Information |
Bulletins: | Severity: Information |
| Description: Frontpage extensions are enabled on this web server. | ||||
| Applies to: Frontpage extensions |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000183 |
Title: Perl module running |
Type: Information |
Bulletins: | Severity: Information |
| Description: mod_perl is installed on this web server. | ||||
| Applies to: Perl |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000184 |
Title: PHP module running |
Type: Information |
Bulletins: | Severity: Information |
| Description: PHP is installed on this web server. | ||||
| Applies to: PHP |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000186 |
Title: SSL enabled |
Type: Information |
Bulletins: | Severity: Information |
| Description: SSL is designed to encrypt and thus secure data in transit between a client and a server. However SSL does not eradicate vulnerabilities on the web server. These servers are vulnerable to the same attacks that compromise other non-SSL web servers. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000187 |
Title: SSL module running |
Type: Information |
Bulletins: | Severity: Information |
| Description: SSL is designed to encrypt and thus secure data in transit between a client and a server. However SSL does not eradicate vulnerabilities on the web server. These servers are vulnerable to the same attacks that compromise other non-SSL web servers. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000189 |
Title: Systems Management Server |
Type: Information |
Bulletins: | Severity: Information |
| Description: Systems Management Server is running on this computer. | ||||
| Applies to: SMS |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000191 |
Title: A modem is installed on this computer |
Type: Information |
Bulletins: | Severity: Information |
| Description: Modems can be a network security threats because they allow insiders to make unfiltered connections using the telephone system | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000198 |
Title: Linux/Unix application package(s) version check |
Type: Information |
Bulletins: | Severity: Information |
| Description: This check lists all application that are older than latest recorded release. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000256 |
Title: Vulnerable Linux/Unix application package |
Type: Miscellaneous |
Bulletins: | Severity: High |
| Description: Checks installed application versions for known security updates issued in newer versions. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000260 |
Title: AutoShareServer |
Type: Registry |
Bulletins: | Severity: Low |
| Description: The administrative shares (C$,D$,ADMIN$,etc) are available on this machine. For Internal networks these are normally turned on for administrative purposes. For Web server(s) these are normally turned off in order to solidify the possible entry points (since it is more exposed to attacks.). If you don't use them set HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters\AutoShareServer to 0 to prevent creation of these shares. For more information, visit: http://support.microsoft.com/kb/245117 | ||||
| Applies to: Windows |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000262 |
Title: AutoShareWKS |
Type: Registry |
Bulletins: | Severity: Low |
| Description: The administrative shares (C$,D$,ADMIN$,etc) are available on this machine. For Internal networks these are normally turned on for administrative purposes. For Web server(s) these are normally turned off in order to solidify the possible entry points (since it is more exposed to attacks.). If you don't use them set HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters\AutoShareWks to 0 to prevent creation of these shares. For more information, visit: http://support.microsoft.com/kb/245117 | ||||
| Applies to: Windows |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0660 |
Title: Back Orifice 2000 (BO2K) trojan |
Type: Registry |
Bulletins:
CVE-1999-0660 |
Severity: Medium |
| Description: Back Orifice 2000 is a backdoor trojan horse, which when installed on Microsoft Windows system it allows attackers to gain full access to the system through a network connection. In consists of a client and a server, where the client runs on one machine and is used to monitor and control a second machine running the server application. To remove Back Orifice manually one needs to restart the machine in MS_DOS mode and delete the Back Orifice server from the Windows system directory using the following command:DEL C:\WINDOWS\SYSTEM\EXE~1Back Orifice will also add a key to the registry: HKEY_LOCAL_MACHINE\SOFTWARE\Cult Of The Dead Cow\Back Orifice 2000So by checking the registry, such trojan can be detected.When the trojan horse is executed it opens connections from the computer where it is installed, to the Internet. An intruder will be able to control the computer. The trojan horse is invisible and will restart itself automatically when Windows is rebooted. Through Back Orifice, an attacker can view and modify files, create a log file of the computer users’ actions, crash a computer, and take screen shots of the computer screen. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000265 |
Title: Cached Logon Credentials |
Type: Registry |
Bulletins: | Severity: Low |
| Description: Microsoft Windows NT caches the logon information of users who would have logged on, so that they would be able to logon when the server is unavailable. When a domain controller is unavailable and a user’s logon information is cached, the user will still be allowed to logon. The cache can hold up from 0 to 50 logon attempts, with the value of 0 disabling logon caching. If the value is set to a high value and an administrator logs in to computers to solve specific problems, an attacker might obtain the credentials of the administrator at a later stage, and logon with such an account, having powerful privileges. The registry value for setting this type of caching is: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\CachedLogonsCount. Ideally it should be set to either 0 to disable caching, or else it should be set to 1 to provide for functionality (allowing the last user to logon immediately next time) and security. | ||||
| Applies to: Windows NT |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0660 |
Title: CrazyNet trojan |
Type: Registry |
Bulletins:
CVE-1999-0660 |
Severity: Medium |
| Description: CrazyNet Trojan inserts itself into a computer and runs in the background, allowing an attacker to gain full control over this computer. Such trojan is installed in %windir%\Registry32.exe, where %windir% is a variable, and is the folder where Windows is installed. The following lines in System.ini are set:run=Registry32.exeshell=Explorer.exe Registry32.exeIt also created the valueReg32With the string “Registry32.exe”in the registry keyHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunIn order to solve this problem, delete the value Reg32 in the registry. One should also delete the two mentioned lines above from the System.ini file. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000271 |
Title: Guest users have access to the application log |
Type: Registry |
Bulletins: | Severity: Medium |
| Description: You should disable guest access by creating a DWORD key named "RestrictGuestAccess" with value of "1" (HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/EventLog/Application) | ||||
| Applies to: Windows |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000273 |
Title: Guest users have access to the security log |
Type: Registry |
Bulletins: | Severity: Medium |
| Description: You should disable guest access by creating a DWORD key named "RestrictGuestAccess" with value of "1" (HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/EventLog/Security). | ||||
| Applies to: Windows |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000275 |
Title: Guest users have access to the system log |
Type: Registry |
Bulletins: | Severity: Medium |
| Description: You should disable guest access by creating a DWORD key named "RestrictGuestAccess" with value of "1" (HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/EventLog/System) | ||||
| Applies to: Windows |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0660 |
Title: Indoctrination trojan |
Type: Registry |
Bulletins:
CVE-1999-0660 |
Severity: Medium |
| Description: A trojan horse is likely to be installed on this computer. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0660 |
Title: Kuang trojan |
Type: Registry |
Bulletins:
CVE-1999-0660 |
Severity: Medium |
| Description: A trojan horse is likely to be installed on this computer. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000282 |
Title: Last logged-on username visible |
Type: Registry |
Bulletins: | Severity: Low |
| Description: By default, Windows displays the last logged-on user. For more information, visit: http://support.microsoft.com/kb/114463 | ||||
| Applies to: Windows |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000283 |
Title: LM Hash |
Type: Registry |
Bulletins: | Severity: Medium |
| Description: It is recommended to use NTLM authentication instead of LM. For more information, visit: http://support.microsoft.com/kb/147706 | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0660 |
Title: Ncw trojan |
Type: Registry |
Bulletins:
CVE-1999-0660 |
Severity: Medium |
| Description: A trojan horse is likely to be installed on this computer. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0660 |
Title: NetbusPro2 trojan |
Type: Registry |
Bulletins:
CVE-1999-0660 |
Severity: Medium |
| Description: A trojan horse is likely to be installed on this computer. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0660 |
Title: Priority BETA trojan |
Type: Registry |
Bulletins:
CVE-1999-0660 |
Severity: Medium |
| Description: A trojan horse is likely to be installed on this computer. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0660 |
Title: Prosiak 0-70 trojan |
Type: Registry |
Bulletins:
CVE-1999-0660 |
Severity: Medium |
| Description: A trojan horse is likely to be installed on this computer. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0660 |
Title: Psychward trojan |
Type: Registry |
Bulletins:
CVE-1999-0660 |
Severity: Medium |
| Description: A trojan horse is likely to be installed on this computer. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000295 |
Title: Shutdown without logon |
Type: Registry |
Bulletins: | Severity: Low |
| Description: Anybody is allowed to shutdown this computer. For more information, visit: http://support.microsoft.com/kb/816569 | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2018-05-02 |
||
| ID: CVE-1999-0660 |
Title: Subseven 2-x trojan |
Type: Registry |
Bulletins:
CVE-1999-0660 |
Severity: Medium |
| Description: A trojan horse is likely to be installed on this computer. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0660 |
Title: Syphillis 1-18 trojan |
Type: Registry |
Bulletins:
CVE-1999-0660 |
Severity: Medium |
| Description: A trojan horse is likely to be installed on this computer. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0660 |
Title: Telecomando trojan |
Type: Registry |
Bulletins:
CVE-1999-0660 |
Severity: Medium |
| Description: A trojan horse is likely to be installed on this computer. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000303 |
Title: Blaster Worm |
Type: Registry |
Bulletins: | Severity: High |
| Description: Blaster Worm was a computer worm that spread through Microsoft Windows XP and Windows 2000 operating systems. The worm was programmed to start a SYN flood on August 2003 against port 80 of windowsupdate.com, creating a denial of service attack against such site. However, Microsoft immediately shut down the targeted site creating minimal effects. The worm can be detected because it adds the value: "windows auto update"="msblast.exe"To the registry key:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunThe worm spread by exploiting a buffer overflow in the DCOM RPC service on the affected operating system. Computers infected with such worm will become unstable and will restart. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000304 |
Title: Nachi Worm |
Type: Registry |
Bulletins: | Severity: High |
| Description: A trojan horse is likely to be installed on this computer. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000305 |
Title: Auto Logon |
Type: Registry |
Bulletins: | Severity: High |
| Description: Automatic logon uses the domain, user name, and password stored in the registry to log users on to the computer when the system starts. The problem with automatic logon is the fact that any user can start your computer and log on using your account. Automatic logon proceeds differently from authenticated logon, and can cause timing conflicts. For example if one is loading several network transport protocols, automatic logon might cause Windows 2000 to attempt to connect to some network resources before the protocols’ network transports are completely loaded. In order to solve this vulnerability one should set AutoAdminLogon to 0, and delete the value of DefaultPassword. The latter is stored and displayed in the registry editor in plain, unencrypted text. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000306 |
Title: Windows AutoUpdate is enabled but require user intervention for both patch download and installation |
Type: Registry |
Bulletins: | Severity: Low |
| Description: Although windows AutoUpdate is enabled, the system relies on the end user to approve both patch download and installation.This could lead to a delay in patch installation or no installation at all. | ||||
| Applies to: Windows |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000307 |
Title: Windows AutoUpdate is enabled but requires user interaction to install patches |
Type: Registry |
Bulletins: | Severity: Low |
| Description: While AutoUpdate is enabled, the end user must approve the installation. This could lead to a delay in patches installation should the user select not install patches promptly. | ||||
| Applies to: Windows |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000308 |
Title: Windows AutoUpdate is not enabled |
Type: Registry |
Bulletins: | Severity: High |
| Description: Windows AutoUpdate is not enabled, therefore it is recommended to look into this issue unless LANguard is used for network-wide patch management. | ||||
| Applies to: Windows |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000309 |
Title: amd service running |
Type: RPC |
Bulletins: | Severity: High |
| Description: Some versions of this service are vulnerable (Run arbitrary commands). | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000311 |
Title: fam service running |
Type: RPC |
Bulletins: | Severity: Medium |
| Description: Some versions of this service are vulnerable (Run arbitrary commands as root). | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000319 |
Title: This computer is a NIS server |
Type: RPC |
Bulletins: | Severity: Low |
| Description: NIS has a reputation of being extremely insecure. Read the following document for detalied information. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000322 |
Title: walld message spoofing |
Type: RPC |
Bulletins: | Severity: Low |
| Description: An attacker can use this service for spoofing console messages. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000323 |
Title: yppasswdd service running |
Type: RPC |
Bulletins: | Severity: High |
| Description: Some versions of this service are vulnerable (Run arbitrary commands as root). | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
