| ID: MITRE:11268 |
Title: Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 and earlier versions |
Type: Software |
Bulletins:
MITRE:11268 CVE-2010-3557 |
Severity: Medium |
| Description: Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to the modification of "behavior and state of certain JDK classes" and "mutable static." | ||||
| Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2024-09-07 |
||
| ID: MITRE:11798 |
Title: Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 and earlier versions |
Type: Software |
Bulletins:
MITRE:11798 CVE-2010-3553 |
Severity: High |
| Description: Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to unsafe reflection involving the UIDefault.ProxyLazyValue class. | ||||
| Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2024-09-07 |
||
| ID: MITRE:11880 |
Title: Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 and earlier versions |
Type: Software |
Bulletins:
MITRE:11880 CVE-2010-3559 |
Severity: High |
| Description: Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this involves an incorrect sign extension in the HeadspaceSoundbank.nGetName function, which allows attackers to execute arbitrary code via a crafted BANK record that leads to a buffer overflow. | ||||
| Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2024-09-07 |
||
| ID: MITRE:12240 |
Title: Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 and earlier versions |
Type: Software |
Bulletins:
MITRE:12240 CVE-2010-3572 |
Severity: High |
| Description: Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | ||||
| Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2024-09-07 |
||
| ID: MITRE:12004 |
Title: Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business 6 Update and 21 and earlier versions |
Type: Software |
Bulletins:
MITRE:12004 CVE-2010-3552 |
Severity: High |
| Description: Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | ||||
| Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2024-09-07 |
||
| ID: MITRE:12005 |
Title: Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update and 21 and earlier versions |
Type: Software |
Bulletins:
MITRE:12005 CVE-2010-3560 |
Severity: Low |
| Description: Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality via unknown vectors. | ||||
| Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2024-09-07 |
||
| ID: MITRE:11330 |
Title: Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 and earlier versions |
Type: Software |
Bulletins:
MITRE:11330 CVE-2010-3551 |
Severity: Medium |
| Description: Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality via unknown vectors. | ||||
| Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2024-09-07 |
||
| ID: MITRE:11990 |
Title: Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 and earlier versions |
Type: Software |
Bulletins:
MITRE:11990 CVE-2010-3573 |
Severity: Medium |
| Description: Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to missing validation of request headers in the HttpURLConnection class when they are set by applets, which allows remote attackers to bypass the intended security policy. | ||||
| Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2024-09-07 |
||
| ID: MITRE:11871 |
Title: Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update and 21 and earlier versions |
Type: Software |
Bulletins:
MITRE:11871 CVE-2010-3558 |
Severity: High |
| Description: Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | ||||
| Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2024-09-07 |
||
| ID: MITRE:11619 |
Title: Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update and 25 and earlier versions |
Type: Software |
Bulletins:
MITRE:11619 CVE-2010-3550 |
Severity: High |
| Description: Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | ||||
| Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2024-09-07 |
||
| ID: MITRE:12226 |
Title: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 and earlier versions |
Type: Software |
Bulletins:
MITRE:12226 CVE-2010-3569 |
Severity: High |
| Description: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this allows remote attackers to execute arbitrary code by causing the defaultReadObject method in the Serialization API to set a volatile field multiple times. | ||||
| Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2024-09-07 |
||
| ID: MITRE:12029 |
Title: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 and earlier versions |
Type: Software |
Bulletins:
MITRE:12029 CVE-2010-3568 |
Severity: High |
| Description: Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is a race condition related to deserialization. | ||||
| Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2024-09-07 |
||
| ID: MITRE:12173 |
Title: Unspecified vulnerability in the Deployment Toolkit component in Oracle Java SE and Java for Business 6 Update 21 and earlier versions |
Type: Software |
Bulletins:
MITRE:12173 CVE-2010-3570 |
Severity: High |
| Description: Unspecified vulnerability in the Deployment Toolkit component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | ||||
| Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2024-09-07 |
||
| ID: MITRE:11320 |
Title: Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Update and 21 and earlier versions |
Type: Software |
Bulletins:
MITRE:11320 CVE-2010-3555 |
Severity: High |
| Description: Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the January 2011 CPU. Oracle has not commented on claims from a reliable third party coordinator that the ActiveX Plugin does not properly initialize an object field that is used as a window handle, which allows attackers to execute arbitrary code. | ||||
| Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2024-09-07 |
||
| ID: MITRE:12181 |
Title: Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Update and 21 and earlier versions |
Type: Software |
Bulletins:
MITRE:12181 CVE-2010-3563 |
Severity: High |
| Description: Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Update 21 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is related to "how Web Start retrieves security policies," BasicServiceImpl, and forged policies that bypass sandbox restrictions. | ||||
| Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2024-09-07 |
||
| ID: MITRE:12200 |
Title: Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update and 25 and earlier versions |
Type: Software |
Bulletins:
MITRE:12200 CVE-2010-3561 |
Severity: High |
| Description: Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21 and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this involves the use of the privileged accept method in the ServerSocket class, which does not limit which hosts can connect and allows remote attackers to bypass intended network access restrictions. | ||||
| Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2024-09-07 |
||
| ID: MITRE:12189 |
Title: Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 and earlier versions |
Type: Software |
Bulletins:
MITRE:12189 CVE-2010-3554 |
Severity: High |
| Description: Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to "permissions granted to certain system objects." | ||||
| Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2024-09-07 |
||
| ID: MITRE:11714 |
Title: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, and 5.0 Update 25 and earlier versions |
Type: Software |
Bulletins:
MITRE:11714 CVE-2010-3567 |
Severity: High |
| Description: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, and 5.0 Update 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is related to a calculation error in right-to-left text character counts for the ICU OpenType font rendering implementation, which triggers an out-of-bounds memory access. | ||||
| Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2024-09-07 |
||
| ID: MITRE:12225 |
Title: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update and 25 and earlier versions |
Type: Software |
Bulletins:
MITRE:12225 CVE-2010-3566 |
Severity: High |
| Description: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update and 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow that leads to a buffer overflow via a crafted devs (device information) tag structure in a color profile. | ||||
| Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2024-09-07 |
||
| ID: MITRE:12180 |
Title: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 and earlier versions |
Type: Software |
Bulletins:
MITRE:12180 CVE-2010-3565 |
Severity: High |
| Description: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, and 1.4.2_27 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow that triggers memory corruption via large values in a subsample of a JPEG image, related to JPEGImageWriter.writeImage in the imageio API. | ||||
| Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2024-09-07 |
||
| ID: MITRE:11893 |
Title: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 and earlier versions |
Type: Software |
Bulletins:
MITRE:11893 CVE-2010-3562 |
Severity: High |
| Description: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable downstream vendor that this is a double free vulnerability in IndexColorModel that allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code. | ||||
| Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2024-09-07 |
||
| ID: MITRE:12177 |
Title: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 and earlier versions |
Type: Software |
Bulletins:
MITRE:12177 CVE-2010-3571 |
Severity: High |
| Description: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle has not commented on claims from a reliable researcher that this is an integer overflow in the color profile parser that allows remote attackers to execute arbitrary code via a crafted Tag structure in a color profile. | ||||
| Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2024-09-07 |
||
| ID: MITRE:11815 |
Title: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 and earlier versions |
Type: Software |
Bulletins:
MITRE:11815 CVE-2010-3556 |
Severity: High |
| Description: Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.2_27, and 1.3.1_28 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. | ||||
| Applies to: Oracle Java SE |
Created: 2010-12-27 |
Updated: 2024-09-07 |
||
| ID: MITRE:12219 |
Title: Untrusted search path vulnerability in Microsoft Office PowerPoint 2007 |
Type: Software |
Bulletins:
MITRE:12219 CVE-2010-3142 |
Severity: High |
| Description: Untrusted search path vulnerability in Microsoft Office PowerPoint 2007 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse rpawinet.dll that is located in the same folder as a .odp, .pothtml, .potm, .potx, .ppa, .ppam, .pps, .ppt, .ppthtml, .pptm, .pptxml, .pwz, .sldm, .sldx, and .thmx file. | ||||
| Applies to: Microsoft Office PowerPoint 2007 |
Created: 2010-12-20 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-4012 |
Title: Race condition in Apple iOS 4.0 through 4.1 for iPhone 3G and later allows physically proximate attackers to bypass the passcode lock by making a call from the Emergency Call screen, then quickly pressing the Sleep/Wake button. |
Type: Mobile Devices |
Bulletins:
CVE-2010-4012 |
Severity: Medium |
| Description: Race condition in Apple iOS 4.0 through 4.1 for iPhone 3G and later allows physically proximate attackers to bypass the passcode lock by making a call from the Emergency Call screen, then quickly pressing the Sleep/Wake button. | ||||
| Applies to: |
Created: 2010-12-08 |
Updated: 2024-09-07 |
||
| ID: MITRE:6653 |
Title: Windows Media Player Memory Corruption Vulnerability |
Type: Software |
Bulletins:
MITRE:6653 CVE-2010-2745 |
Severity: High |
| Description: Microsoft Windows Media Player (WMP) 9 through 12 does not properly deallocate objects during a browser reload action, which allows user-assisted remote attackers to execute arbitrary code via crafted media content referenced in an HTML document, aka "Windows Media Player Memory Corruption Vulnerability." | ||||
| Applies to: Windows Media Player |
Created: 2010-12-06 |
Updated: 2024-09-07 |
||
| ID: MITRE:7360 |
Title: Vulnerability in offline backup mechanism in Research In Motion (RIM) BlackBerry Desktop Software |
Type: Software |
Bulletins:
MITRE:7360 CVE-2010-3741 |
Severity: Medium |
| Description: The offline backup mechanism in Research In Motion (RIM) BlackBerry Desktop Software uses single-iteration PBKDF2, which makes it easier for local users to decrypt a .ipd file via a brute-force attack. | ||||
| Applies to: BlackBerry Desktop Software |
Created: 2010-12-06 |
Updated: 2024-09-07 |
||
| ID: MITRE:6843 |
Title: Untrusted search path vulnerability in BlackBerry Desktop Software version less than 6.0.0.47 |
Type: Software |
Bulletins:
MITRE:6843 CVE-2010-2600 |
Severity: High |
| Description: Untrusted search path vulnerability in BlackBerry Desktop Software before 6.0.0.47 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse DLL that is located in the same folder as a file that is processed by Blackberry. | ||||
| Applies to: BlackBerry Desktop Software |
Created: 2010-12-06 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-4354 |
Title: The remote-access IPSec VPN implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices, PIX Security Appliances 500 series devices, and VPN Concentrators 3000 series devices responds to an Aggressive Mode IKE Phase I message only... |
Type: Hardware |
Bulletins:
CVE-2010-4354 |
Severity: Medium |
| Description: The remote-access IPSec VPN implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices, PIX Security Appliances 500 series devices, and VPN Concentrators 3000 series devices responds to an Aggressive Mode IKE Phase I message only when the group name is configured on the device, which allows remote attackers to enumerate valid group names via a series of IKE negotiation attempts, aka Bug ID CSCtj96108, a different vulnerability than CVE-2005-2025. | ||||
| Applies to: Cisco VPN 3015 Concentrator Cisco VPN 3030 Concentrator Cisco VPN 3060 Concentrator Cisco VPN 3080 Concentrator Cisco Vpn 3005 Concentrator |
Created: 2010-11-30 |
Updated: 2024-09-07 |
||
| ID: MITRE:6645 |
Title: Vulnerability in pl\php ADD-ON in PostgreSQL version less than or equal to 9.0 |
Type: Software |
Bulletins:
MITRE:6645 CVE-2010-3781 |
Severity: Medium |
| Description: The PL/php add-on 1.4 and earlier for PostgreSQL does not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain privileges via crafted script code in a SECURITY DEFINER function, a related issue to CVE-2010-3433. | ||||
| Applies to: PostgreSQL |
Created: 2010-11-29 |
Updated: 2024-09-07 |
||
| ID: MITRE:7291 |
Title: Privilege-escalation vulnerability in PostgreSQL version less than or equal to 9.0 |
Type: Software |
Bulletins:
MITRE:7291 CVE-2010-3433 |
Severity: Medium |
| Description: The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 before 8.1.22, 8.2 before 8.2.18, 8.3 before 8.3.12, 8.4 before 8.4.5, and 9.0 before 9.0.1 do not properly protect script execution by a different SQL user identity within the same session, which allows remote authenticated users to gain privileges via crafted script code in a SECURITY DEFINER function, as demonstrated by (1) redefining standard functions or (2) redefining operators, a different vulnerability than CVE-2010-1168, CVE-2010-1169, CVE-2010-1170, and CVE-2010-1447. | ||||
| Applies to: PostgreSQL |
Created: 2010-11-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-3829 |
Title: WebKit in Apple iOS before 4.2 allows remote attackers to bypass the remote image loading setting in Mail via an HTML LINK element with a DNS prefetching property, as demonstrated by an HTML e-mail message that uses a LINK element for... |
Type: Mobile Devices |
Bulletins:
CVE-2010-3829 |
Severity: Medium |
| Description: WebKit in Apple iOS before 4.2 allows remote attackers to bypass the remote image loading setting in Mail via an HTML LINK element with a DNS prefetching property, as demonstrated by an HTML e-mail message that uses a LINK element for X-Confirm-Reading-To functionality, a related issue to CVE-2010-3813. | ||||
| Applies to: |
Created: 2010-11-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-3831 |
Title: Photos in Apple iOS before 4.2 enables support for HTTP Basic Authentication over an unencrypted connection, which allows man-in-the-middle attackers to read MobileMe account passwords by spoofing a MobileMe Gallery server during a... |
Type: Mobile Devices |
Bulletins:
CVE-2010-3831 |
Severity: Medium |
| Description: Photos in Apple iOS before 4.2 enables support for HTTP Basic Authentication over an unencrypted connection, which allows man-in-the-middle attackers to read MobileMe account passwords by spoofing a MobileMe Gallery server during a "Send to MobileMe" action. | ||||
| Applies to: |
Created: 2010-11-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-3830 |
Title: Networking in Apple iOS before 4.2 accesses an invalid pointer during the processing of packet filter rules, which allows local users to gain privileges via unspecified vectors. |
Type: Mobile Devices |
Bulletins:
CVE-2010-3830 |
Severity: High |
| Description: Networking in Apple iOS before 4.2 accesses an invalid pointer during the processing of packet filter rules, which allows local users to gain privileges via unspecified vectors. | ||||
| Applies to: |
Created: 2010-11-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-3828 |
Title: iAd Content Display in Apple iOS before 4.2 allows man-in-the-middle attackers to make calls via a crafted URL in an ad. |
Type: Mobile Devices |
Bulletins:
CVE-2010-3828 |
Severity: Medium |
| Description: iAd Content Display in Apple iOS before 4.2 allows man-in-the-middle attackers to make calls via a crafted URL in an ad. | ||||
| Applies to: |
Created: 2010-11-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-3832 |
Title: Heap-based buffer overflow in the GSM mobility management implementation in Telephony in Apple iOS before 4.2 on the iPhone and iPad allows remote attackers to execute arbitrary code on the baseband processor via a crafted Temporary... |
Type: Mobile Devices |
Bulletins:
CVE-2010-3832 |
Severity: Medium |
| Description: Heap-based buffer overflow in the GSM mobility management implementation in Telephony in Apple iOS before 4.2 on the iPhone and iPad allows remote attackers to execute arbitrary code on the baseband processor via a crafted Temporary Mobile Subscriber Identity (TMSI) field. | ||||
| Applies to: |
Created: 2010-11-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-3827 |
Title: Apple iOS before 4.2 does not properly validate signatures before displaying a configuration profile in the configuration installation utility, which allows remote attackers to spoof profiles via unspecified vectors. |
Type: Mobile Devices |
Bulletins:
CVE-2010-3827 |
Severity: Medium |
| Description: Apple iOS before 4.2 does not properly validate signatures before displaying a configuration profile in the configuration installation utility, which allows remote attackers to spoof profiles via unspecified vectors. | ||||
| Applies to: |
Created: 2010-11-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-3039 |
Title: /usr/local/cm/bin/pktCap_protectData in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6, 7, and 8 allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in a request to the... |
Type: Hardware |
Bulletins:
CVE-2010-3039 SFBID44672 |
Severity: Medium |
| Description: /usr/local/cm/bin/pktCap_protectData in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6, 7, and 8 allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in a request to the administrative interface, aka Bug IDs CSCti52041 and CSCti74930. | ||||
| Applies to: Unified Communications Manager |
Created: 2010-11-09 |
Updated: 2024-09-07 |
||
| ID: MITRE:6778 |
Title: Untrusted search path vulnerability in Adobe PhotoShop CS2 through CS5 |
Type: Software |
Bulletins:
MITRE:6778 CVE-2010-3127 |
Severity: High |
| Description: Untrusted search path vulnerability in Adobe PhotoShop CS2 through CS5 allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll or Wintab32.dll that is located in the same folder as a PSD or other file that is processed by PhotoShop. NOTE: some of these details are obtained from third party information. | ||||
| Applies to: Adobe Photoshop |
Created: 2010-11-08 |
Updated: 2024-09-07 |
||
| ID: MITRE:7221 |
Title: Apple iTunes Webkit Unspecified Vulnerability |
Type: Software |
Bulletins:
MITRE:7221 CVE-2010-1763 |
Severity: High |
| Description: Unspecified vulnerability in WebKit in Apple iTunes before 9.2 on Windows has unknown impact and attack vectors, a different vulnerability than CVE-2010-1387 and CVE-2010-1769. | ||||
| Applies to: Apple iTunes |
Created: 2010-11-01 |
Updated: 2024-09-07 |
||
| ID: MITRE:7604 |
Title: Apple iTunes Log File Insecure File Operation Local Privilege Escalation Vulnerability |
Type: Software |
Bulletins:
MITRE:7604 CVE-2010-1768 |
Severity: Medium |
| Description: Unspecified vulnerability in Apple iTunes before 9.1 allows local users to gain console privileges via vectors related to log files, "insecure file operation," and syncing an iPhone, iPad, or iPod touch. | ||||
| Applies to: Apple iTunes |
Created: 2010-11-01 |
Updated: 2024-09-07 |
||
| ID: MITRE:7061 |
Title: Apple iTunes JavaScriptCore Page Transitions Denial Of Service Vulnerability |
Type: Software |
Bulletins:
MITRE:7061 CVE-2010-1387 |
Severity: High |
| Description: Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page transitions, a different vulnerability than CVE-2010-1763 and CVE-2010-1769. | ||||
| Applies to: Apple iTunes |
Created: 2010-11-01 |
Updated: 2024-09-07 |
||
| ID: MITRE:7217 |
Title: Apple iTunes DLL Loading Arbitrary Code Execution Vulnerability |
Type: Software |
Bulletins:
MITRE:7217 CVE-2010-1795 |
Severity: High |
| Description: Untrusted search path vulnerability in Apple iTunes before 9.1, when running on Windows 7, Vista, and XP, allows local users and possibly remote attackers to gain privileges via a Trojan horse DLL in the current working directory. | ||||
| Applies to: Apple iTunes |
Created: 2010-11-01 |
Updated: 2024-09-07 |
||
| ID: MITRE:6988 |
Title: Apple iTunes Crafted itpc: URL Buffer Overflow Vulnerability |
Type: Software |
Bulletins:
MITRE:6988 CVE-2010-1777 |
Severity: High |
| Description: Buffer overflow in Apple iTunes before 9.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted itpc: URL. | ||||
| Applies to: Apple iTunes |
Created: 2010-11-01 |
Updated: 2024-09-07 |
||
| ID: MITRE:7178 |
Title: Apple iTunes Crafted itpc: URL Buffer Overflow Vulnerability |
Type: Software |
Bulletins:
MITRE:7178 CVE-2010-1769 |
Severity: High |
| Description: WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, accesses out-of-bounds memory during the handling of tables, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, a different vulnerability than CVE-2010-1387 and CVE-2010-1763. | ||||
| Applies to: Apple iTunes |
Created: 2010-11-01 |
Updated: 2024-09-07 |
||
| ID: CISEC:1127 |
Title: Heap-based buffer overflow in the opj_dwt_interleave_v function in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows |
Type: Web |
Bulletins:
CISEC:1127 CVE-2016-5157 |
Severity: Medium |
| Description: Heap-based buffer overflow in the opj_dwt_interleave_v function in dwt.c in OpenJPEG, as used in PDFium in Google Chrome before 53.0.2785.89 on Windows and OS X and before 53.0.2785.92 on Linux, allows remote attackers to execute arbitrary code via crafted coordinate values in JPEG 2000 data. | ||||
| Applies to: Google Chrome |
Created: 2010-10-07 |
Updated: 2024-09-07 |
||
| ID: MITRE:12011 |
Title: Movie Maker Memory Corruption Vulnerability |
Type: Software |
Bulletins:
MITRE:12011 CVE-2010-2564 |
Severity: High |
| Description: Buffer overflow in Microsoft Windows Movie Maker (WMM) 2.1, 2.6, and 6.0 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted project file, aka "Movie Maker Memory Corruption Vulnerability." | ||||
| Applies to: Movie Maker 2.1 Movie Maker 2.6 Movie Maker 6.0 |
Created: 2010-09-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2831 |
Title: Unspecified vulnerability in the NAT for SIP implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic on UDP port 5060, aka Bug ID CSCtf17624. |
Type: Hardware |
Bulletins:
CVE-2010-2831 |
Severity: High |
| Description: Unspecified vulnerability in the NAT for SIP implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic on UDP port 5060, aka Bug ID CSCtf17624. | ||||
| Applies to: |
Created: 2010-09-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2832 |
Title: Unspecified vulnerability in the NAT for H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtf91428. |
Type: Hardware |
Bulletins:
CVE-2010-2832 |
Severity: High |
| Description: Unspecified vulnerability in the NAT for H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtf91428. | ||||
| Applies to: |
Created: 2010-09-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2833 |
Title: Unspecified vulnerability in the NAT for H.225.0 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtd86472. |
Type: Hardware |
Bulletins:
CVE-2010-2833 |
Severity: High |
| Description: Unspecified vulnerability in the NAT for H.225.0 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1 allows remote attackers to cause a denial of service (device reload) via transit traffic, aka Bug ID CSCtd86472. | ||||
| Applies to: |
Created: 2010-09-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2829 |
Title: Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2 and 2.6.x before 2.6.1, allows remote attackers to cause a denial of service (traceback and device reload) via... |
Type: Hardware |
Bulletins:
CVE-2010-2829 |
Severity: High |
| Description: Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2 and 2.6.x before 2.6.1, allows remote attackers to cause a denial of service (traceback and device reload) via crafted H.323 packets, aka Bug ID CSCtd33567. | ||||
| Applies to: |
Created: 2010-09-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2828 |
Title: Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2 and 2.6.x before 2.6.1, allows remote attackers to cause a denial of service (device reload) via crafted H.323... |
Type: Hardware |
Bulletins:
CVE-2010-2828 |
Severity: High |
| Description: Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 through 15.1, and IOS XE 2.5.x before 2.5.2 and 2.6.x before 2.6.1, allows remote attackers to cause a denial of service (device reload) via crafted H.323 packets, aka Bug ID CSCtc73759. | ||||
| Applies to: |
Created: 2010-09-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2830 |
Title: The IGMPv3 implementation in Cisco IOS 12.2, 12.3, 12.4, and 15.0 and IOS XE 2.5.x before 2.5.2, when PIM is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed IGMP packet, aka Bug ID CSCte14603. |
Type: Hardware |
Bulletins:
CVE-2010-2830 |
Severity: High |
| Description: The IGMPv3 implementation in Cisco IOS 12.2, 12.3, 12.4, and 15.0 and IOS XE 2.5.x before 2.5.2, when PIM is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed IGMP packet, aka Bug ID CSCte14603. | ||||
| Applies to: |
Created: 2010-09-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2836 |
Title: Memory leak in the SSL VPN feature in Cisco IOS 12.4, 15.0, and 15.1, when HTTP port redirection is enabled, allows remote attackers to cause a denial of service (memory consumption) by improperly disconnecting SSL sessions, leading to connections... |
Type: Hardware |
Bulletins:
CVE-2010-2836 |
Severity: High |
| Description: Memory leak in the SSL VPN feature in Cisco IOS 12.4, 15.0, and 15.1, when HTTP port redirection is enabled, allows remote attackers to cause a denial of service (memory consumption) by improperly disconnecting SSL sessions, leading to connections that remain in the CLOSE-WAIT state, aka Bug ID CSCtg21685. | ||||
| Applies to: |
Created: 2010-09-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2834 |
Title: Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)SU1, 7.x before 7.1(5), and 8.0 before 8.0(2) allow remote... |
Type: Hardware |
Bulletins:
CVE-2010-2834 |
Severity: High |
| Description: Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5)SU1, 7.x before 7.1(5), and 8.0 before 8.0(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via crafted SIP registration traffic over UDP, aka Bug IDs CSCtf72678 and CSCtf14987. | ||||
| Applies to: Unified Communications Manager |
Created: 2010-09-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2835 |
Title: Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.0 before 7.0(2a)su3, 7.1su before 7.1(3b)su2, 7.1 before... |
Type: Hardware |
Bulletins:
CVE-2010-2835 |
Severity: High |
| Description: Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.0 before 7.0(2a)su3, 7.1su before 7.1(3b)su2, 7.1 before 7.1(5), and 8.0 before 8.0(1) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a SIP REFER request with an invalid Refer-To header, aka Bug IDs CSCta20040 and CSCta31358. | ||||
| Applies to: Unified Communications Manager |
Created: 2010-09-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1807 |
Title: WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1807 SFBID43047 |
Severity: High |
| Description: WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk before 1.2.6; does not properly validate floating-point data, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted HTML document, related to non-standard NaN representation. | ||||
| Applies to: |
Created: 2010-09-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2841 |
Title: Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 4.2 before 4.2.209.0; 4.2M before 4.2.207.54M; 5.0, 5.1, and 6.0 before 6.0.196.0; and 5.2 before 5.2.193.11 allows remote authenticated users to cause a denial of service... |
Type: Hardware |
Bulletins:
CVE-2010-2841 |
Severity: Medium |
| Description: Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 4.2 before 4.2.209.0; 4.2M before 4.2.207.54M; 5.0, 5.1, and 6.0 before 6.0.196.0; and 5.2 before 5.2.193.11 allows remote authenticated users to cause a denial of service (device reload) via crafted HTTP packets that trigger invalid arguments to the emweb component, aka Bug ID CSCtd16938. | ||||
| Applies to: |
Created: 2010-09-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0574 |
Title: Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 3.2 before 3.2.215.0; 4.1 and 4.2 before 4.2.205.0; 4.1M and 4.2M before 4.2.207.54M; 5.0, 5.1, and 6.0 before 6.0.188.0; and 5.2 before 5.2.193.11 allows remote attackers to... |
Type: Hardware |
Bulletins:
CVE-2010-0574 |
Severity: High |
| Description: Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 3.2 before 3.2.215.0; 4.1 and 4.2 before 4.2.205.0; 4.1M and 4.2M before 4.2.207.54M; 5.0, 5.1, and 6.0 before 6.0.188.0; and 5.2 before 5.2.193.11 allows remote attackers to cause a denial of service (device reload) via a crafted IKE packet, aka Bug ID CSCta56653. | ||||
| Applies to: |
Created: 2010-09-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0575 |
Title: Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possibly 4.1 through 6.0.x, allows remote attackers to bypass ACLs in the controller CPU, and consequently send network traffic to unintended segments or devices, via unspecified... |
Type: Hardware |
Bulletins:
CVE-2010-0575 |
Severity: Medium |
| Description: Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possibly 4.1 through 6.0.x, allows remote attackers to bypass ACLs in the controller CPU, and consequently send network traffic to unintended segments or devices, via unspecified vectors, a different vulnerability than CVE-2010-3034. | ||||
| Applies to: |
Created: 2010-09-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-3034 |
Title: Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possibly 4.1 through 6.0.x, allows remote attackers to bypass ACLs in the controller CPU, and consequently send network traffic to unintended segments or devices, via unspecified... |
Type: Hardware |
Bulletins:
CVE-2010-3034 |
Severity: Medium |
| Description: Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possibly 4.1 through 6.0.x, allows remote attackers to bypass ACLs in the controller CPU, and consequently send network traffic to unintended segments or devices, via unspecified vectors, a different vulnerability than CVE-2010-0575. | ||||
| Applies to: |
Created: 2010-09-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2842 |
Title: Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a... |
Type: Hardware |
Bulletins:
CVE-2010-2842 |
Severity: High |
| Description: Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2843 and CVE-2010-3033. | ||||
| Applies to: |
Created: 2010-09-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2843 |
Title: Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a... |
Type: Hardware |
Bulletins:
CVE-2010-2843 |
Severity: High |
| Description: Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2842 and CVE-2010-3033. | ||||
| Applies to: |
Created: 2010-09-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-3033 |
Title: Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a... |
Type: Hardware |
Bulletins:
CVE-2010-3033 |
Severity: High |
| Description: Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2842 and CVE-2010-2843. | ||||
| Applies to: |
Created: 2010-09-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1814 |
Title: WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1814 SFBID43083 |
Severity: Medium |
| Description: WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving form menus. | ||||
| Applies to: |
Created: 2010-09-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1813 |
Title: WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving HTML object outlines. |
Type: Mobile Devices |
Bulletins:
CVE-2010-1813 |
Severity: Medium |
| Description: WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via vectors involving HTML object outlines. | ||||
| Applies to: |
Created: 2010-09-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1812 |
Title: Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1812 SFBID43079 |
Severity: Medium |
| Description: Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving selections. | ||||
| Applies to: |
Created: 2010-09-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1815 |
Title: Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1815 SFBID43081 |
Severity: Medium |
| Description: Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors involving scrollbars. | ||||
| Applies to: |
Created: 2010-09-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1809 |
Title: The Accessibility component in Apple iOS before 4.1 on the iPhone and iPod touch does not perform the expected VoiceOver announcement associated with the location services icon, which has unspecified impact and attack vectors. |
Type: Mobile Devices |
Bulletins:
CVE-2010-1809 |
Severity: High |
| Description: The Accessibility component in Apple iOS before 4.1 on the iPhone and iPod touch does not perform the expected VoiceOver announcement associated with the location services icon, which has unspecified impact and attack vectors. | ||||
| Applies to: |
Created: 2010-09-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1811 |
Title: ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF file. |
Type: Mobile Devices |
Bulletins:
CVE-2010-1811 |
Severity: Medium |
| Description: ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF file. | ||||
| Applies to: |
Created: 2010-09-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1810 |
Title: FaceTime in Apple iOS before 4.1 on the iPhone and iPod touch does not properly handle invalid X.509 certificates, which allows man-in-the-middle attackers to redirect calls via a crafted certificate. |
Type: Mobile Devices |
Bulletins:
CVE-2010-1810 |
Severity: Low |
| Description: FaceTime in Apple iOS before 4.1 on the iPhone and iPod touch does not properly handle invalid X.509 certificates, which allows man-in-the-middle attackers to redirect calls via a crafted certificate. | ||||
| Applies to: |
Created: 2010-09-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1781 |
Title: Double free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the rendering of an... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1781 SFBID43077 |
Severity: Medium |
| Description: Double free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to the rendering of an inline element. | ||||
| Applies to: |
Created: 2010-09-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1817 |
Title: Buffer overflow in ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file. |
Type: Mobile Devices |
Bulletins:
CVE-2010-1817 |
Severity: Medium |
| Description: Buffer overflow in ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted GIF file. | ||||
| Applies to: |
Created: 2010-09-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-3035 |
Title: Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the... |
Type: Hardware |
Bulletins:
CVE-2010-3035 |
Severity: Medium |
| Description: Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transitive attributes, which allows remote attackers to cause a denial of service (peering reset) via a crafted prefix announcement, as demonstrated in the wild in August 2010 with attribute type code 99, aka Bug ID CSCti62211. | ||||
| Applies to: |
Created: 2010-08-30 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2837 |
Title: The SIPStationInit implementation in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.1SU before 6.1(5)SU1, 7.0SU before 7.0(2a)SU3, 7.1SU before 7.1(3b)SU2, 7.1 before 7.1(5), and 8.0 before 8.0(1) allows remote attackers to... |
Type: Hardware |
Bulletins:
CVE-2010-2837 |
Severity: High |
| Description: The SIPStationInit implementation in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.1SU before 6.1(5)SU1, 7.0SU before 7.0(2a)SU3, 7.1SU before 7.1(3b)SU2, 7.1 before 7.1(5), and 8.0 before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP message, aka Bug ID CSCtd17310. | ||||
| Applies to: Unified Communications Manager |
Created: 2010-08-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2838 |
Title: The SendCombinedStatusInfo implementation in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.0SU before 7.0(2a)SU3, 7.1 before 7.1(5), and 8.0 before 8.0(3) allows remote attackers to cause a denial of service (process... |
Type: Hardware |
Bulletins:
CVE-2010-2838 |
Severity: High |
| Description: The SendCombinedStatusInfo implementation in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.0SU before 7.0(2a)SU3, 7.1 before 7.1(5), and 8.0 before 8.0(3) allows remote attackers to cause a denial of service (process failure) via a malformed SIP REGISTER message, aka Bug ID CSCtf66305. | ||||
| Applies to: Unified Communications Manager |
Created: 2010-08-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2825 |
Title: Unspecified vulnerability in the SIP inspection feature on the Cisco Application Control Engine (ACE) Module with software A2(1.x) before A2(1.6), A2(2.x) before A2(2.3), and A2(3.x) before A2(3.1) for Catalyst 6500 series switches and 7600 series... |
Type: Hardware |
Bulletins:
CVE-2010-2825 |
Severity: High |
| Description: Unspecified vulnerability in the SIP inspection feature on the Cisco Application Control Engine (ACE) Module with software A2(1.x) before A2(1.6), A2(2.x) before A2(2.3), and A2(3.x) before A2(3.1) for Catalyst 6500 series switches and 7600 series routers, and the Cisco Application Control Engine (ACE) 4710 appliance with software before A3(2.4), allows remote attackers to cause a denial of service (device reload) via crafted SIP packets over (1) TCP or (2) UDP, aka Bug IDs CSCta65603 and CSCta71569. | ||||
| Applies to: Cisco Ace 4710 |
Created: 2010-08-17 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2822 |
Title: Unspecified vulnerability in the RTSP inspection feature on the Cisco Application Control Engine (ACE) Module with software before A2(3.2) for Catalyst 6500 series switches and 7600 series routers, and the Cisco Application Control Engine (ACE) 4710... |
Type: Hardware |
Bulletins:
CVE-2010-2822 |
Severity: High |
| Description: Unspecified vulnerability in the RTSP inspection feature on the Cisco Application Control Engine (ACE) Module with software before A2(3.2) for Catalyst 6500 series switches and 7600 series routers, and the Cisco Application Control Engine (ACE) 4710 appliance with software before A3(2.6), allows remote attackers to cause a denial of service (device reload) via crafted RTSP packets over TCP, aka Bug IDs CSCta85227 and CSCtg14858. | ||||
| Applies to: Cisco Ace 4710 |
Created: 2010-08-17 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2823 |
Title: Unspecified vulnerability in the deep packet inspection feature on the Cisco Application Control Engine (ACE) 4710 appliance with software before A3(2.6) allows remote attackers to cause a denial of service (device reload) via crafted HTTP packets,... |
Type: Hardware |
Bulletins:
CVE-2010-2823 |
Severity: High |
| Description: Unspecified vulnerability in the deep packet inspection feature on the Cisco Application Control Engine (ACE) 4710 appliance with software before A3(2.6) allows remote attackers to cause a denial of service (device reload) via crafted HTTP packets, related to HTTP, RTSP, and SIP inspection, aka Bug ID CSCtb54493. | ||||
| Applies to: Cisco Ace 4710 |
Created: 2010-08-17 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1797 |
Title: Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1797 SFBID42151 |
Severity: High |
| Description: Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2 CharStrings interpreter in cff/cffgload.c in FreeType before 2.4.2, as used in Apple iOS before 4.0.2 on the iPhone and iPod touch and before 3.2.2 on the iPad, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted CFF opcodes in embedded fonts in a PDF document, as demonstrated by JailbreakMe. NOTE: some of these details are obtained from third party information. | ||||
| Applies to: |
Created: 2010-08-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2827 |
Title: Cisco IOS 15.1(2)T allows remote attackers to cause a denial of service (resource consumption and TCP outage) via spoofed TCP packets, related to embryonic TCP connections that remain in the SYN_RCVD or SYN_SENT state, aka Bug ID CSCti18193. |
Type: Hardware |
Bulletins:
CVE-2010-2827 SFBID42426 |
Severity: High |
| Description: Cisco IOS 15.1(2)T allows remote attackers to cause a denial of service (resource consumption and TCP outage) via spoofed TCP packets, related to embryonic TCP connections that remain in the SYN_RCVD or SYN_SENT state, aka Bug ID CSCti18193. | ||||
| Applies to: |
Created: 2010-08-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2983 |
Title: The workgroup bridge (aka WGB) functionality in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (dropped connection) via a series of spoofed EAPoL-Logoff frames, related to an... |
Type: Hardware |
Bulletins:
CVE-2010-2983 |
Severity: High |
| Description: The workgroup bridge (aka WGB) functionality in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (dropped connection) via a series of spoofed EAPoL-Logoff frames, related to an "EAPoL logoff attack," aka Bug ID CSCte43374. | ||||
| Applies to: Wireless Lan Controller Software |
Created: 2010-08-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2976 |
Title: The controller in Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 has (1) a default SNMP read-only community of public, (2) a default SNMP read-write community of private, and a value of "default" for the (3) SNMP v3 username, (4)... |
Type: Hardware |
Bulletins:
CVE-2010-2976 |
Severity: High |
| Description: The controller in Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 has (1) a default SNMP read-only community of public, (2) a default SNMP read-write community of private, and a value of "default" for the (3) SNMP v3 username, (4) SNMP v3 authentication password, and (5) SNMP v3 privacy password, which makes it easier for remote attackers to obtain access. | ||||
| Applies to: Wireless Lan Controller Software |
Created: 2010-08-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2988 |
Title: Cross-site scripting (XSS) vulnerability in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCtf35333. |
Type: Hardware |
Bulletins:
CVE-2010-2988 |
Severity: Medium |
| Description: Cross-site scripting (XSS) vulnerability in Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCtf35333. | ||||
| Applies to: Wireless Lan Controller Software |
Created: 2010-08-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2975 |
Title: Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 does not properly handle multiple SSH sessions, which allows physically proximate attackers to read a password, related to an "arrow key failure," aka Bug ID CSCtg51544. |
Type: Hardware |
Bulletins:
CVE-2010-2975 |
Severity: Low |
| Description: Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 does not properly handle multiple SSH sessions, which allows physically proximate attackers to read a password, related to an "arrow key failure," aka Bug ID CSCtg51544. | ||||
| Applies to: Wireless Lan Controller Software |
Created: 2010-08-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2980 |
Title: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (pbuf exhaustion and device crash) via fragmented traffic, aka Bug ID CSCtd26794. |
Type: Hardware |
Bulletins:
CVE-2010-2980 |
Severity: High |
| Description: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (pbuf exhaustion and device crash) via fragmented traffic, aka Bug ID CSCtd26794. | ||||
| Applies to: Wireless Lan Controller Software |
Created: 2010-08-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2979 |
Title: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (buffer leak and device crash) via ARP requests that trigger an ARP storm, aka Bug ID CSCte43508. |
Type: Hardware |
Bulletins:
CVE-2010-2979 |
Severity: High |
| Description: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows remote attackers to cause a denial of service (buffer leak and device crash) via ARP requests that trigger an ARP storm, aka Bug ID CSCte43508. | ||||
| Applies to: Wireless Lan Controller Software |
Created: 2010-08-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2984 |
Title: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 4404 series controllers does not properly implement the WEBAUTH_REQD state, which allows remote attackers to bypass intended access restrictions via WLAN traffic, aka Bug ID CSCtb75305. |
Type: Hardware |
Bulletins:
CVE-2010-2984 |
Severity: High |
| Description: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 4404 series controllers does not properly implement the WEBAUTH_REQD state, which allows remote attackers to bypass intended access restrictions via WLAN traffic, aka Bug ID CSCtb75305. | ||||
| Applies to: Wireless Lan Controller Software |
Created: 2010-08-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2978 |
Title: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not use an adequate message-digest algorithm for a self-signed certificate, which allows remote attackers to bypass intended access restrictions via vectors involving collisions,... |
Type: Hardware |
Bulletins:
CVE-2010-2978 |
Severity: High |
| Description: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not use an adequate message-digest algorithm for a self-signed certificate, which allows remote attackers to bypass intended access restrictions via vectors involving collisions, aka Bug ID CSCtd67660. | ||||
| Applies to: Wireless Lan Controller Software |
Created: 2010-08-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2977 |
Title: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not properly implement TLS and SSL, which has unspecified impact and remote attack vectors, aka Bug ID CSCtd01611. |
Type: Hardware |
Bulletins:
CVE-2010-2977 |
Severity: High |
| Description: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not properly implement TLS and SSL, which has unspecified impact and remote attack vectors, aka Bug ID CSCtd01611. | ||||
| Applies to: Wireless Lan Controller Software |
Created: 2010-08-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2982 |
Title: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to discover a group password via a series of SNMP requests, as demonstrated by an SNMP walk, aka Bug ID CSCtb74037. |
Type: Hardware |
Bulletins:
CVE-2010-2982 |
Severity: High |
| Description: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to discover a group password via a series of SNMP requests, as demonstrated by an SNMP walk, aka Bug ID CSCtb74037. | ||||
| Applies to: Wireless Lan Controller Software |
Created: 2010-08-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2981 |
Title: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (device crash) by pinging a virtual interface, aka Bug ID CSCte55370. |
Type: Hardware |
Bulletins:
CVE-2010-2981 |
Severity: High |
| Description: Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a denial of service (device crash) by pinging a virtual interface, aka Bug ID CSCte55370. | ||||
| Applies to: Wireless Lan Controller Software |
Created: 2010-08-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2707 |
Title: Unspecified vulnerability on the HP ProCurve 2626 and 2650 switches before H.10.80 allows remote attackers to obtain sensitive information, modify data, and cause a denial of service via unknown vectors. |
Type: Hardware |
Bulletins:
CVE-2010-2707 |
Severity: High |
| Description: Unspecified vulnerability on the HP ProCurve 2626 and 2650 switches before H.10.80 allows remote attackers to obtain sensitive information, modify data, and cause a denial of service via unknown vectors. | ||||
| Applies to: Procurve Switch 2626 Procurve Switch 2626-pwr Procurve Switch 2650 Procurve Switch 2650-pwr |
Created: 2010-08-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2708 |
Title: Unspecified vulnerability on the HP ProCurve 2610 switch before R.11.22, when DHCP is enabled, allows remote attackers to cause a denial of service via unknown vectors. |
Type: Hardware |
Bulletins:
CVE-2010-2708 |
Severity: Medium |
| Description: Unspecified vulnerability on the HP ProCurve 2610 switch before R.11.22, when DHCP is enabled, allows remote attackers to cause a denial of service via unknown vectors. | ||||
| Applies to: Procurve Switch 2610-24 Procurve Switch 2610-24-pwr Procurve Switch 2610-24/12pwr Procurve Switch 2610-48 Procurve Switch 2610-48-pwr |
Created: 2010-08-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2705 |
Title: Unspecified vulnerability on the HP ProCurve 1800-24G switch with software PB.03.02 and earlier, and the ProCurve 1800-8G switch with software PA.03.02 and earlier, when SNMP is enabled, allows remote attackers to obtain sensitive information via... |
Type: Hardware |
Bulletins:
CVE-2010-2705 |
Severity: Medium |
| Description: Unspecified vulnerability on the HP ProCurve 1800-24G switch with software PB.03.02 and earlier, and the ProCurve 1800-8G switch with software PA.03.02 and earlier, when SNMP is enabled, allows remote attackers to obtain sensitive information via unknown vectors. | ||||
| Applies to: Procurve Switch 1800-24g Procurve Switch 1800-8g |
Created: 2010-08-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1581 |
Title: Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3... |
Type: Hardware |
Bulletins:
CVE-2010-1581 SFBID42187 |
Severity: High |
| Description: Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtd32627. | ||||
| Applies to: |
Created: 2010-08-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2814 |
Title: Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3... |
Type: Hardware |
Bulletins:
CVE-2010-2814 SFBID42196 |
Severity: High |
| Description: Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf37506. | ||||
| Applies to: Cisco ASA 5505 Adaptive Security Appliance Cisco ASA 5510 Adaptive Security Appliance Cisco ASA 5520 Adaptive Security Appliance Cisco ASA 5540 Adaptive Security Appliance Cisco ASA 5550 Adaptive Security Appliance Cisco ASA 5580 Adaptive... |
Created: 2010-08-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2815 |
Title: Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3... |
Type: Hardware |
Bulletins:
CVE-2010-2815 SFBID42198 |
Severity: High |
| Description: Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf55259. | ||||
| Applies to: Cisco ASA 5505 Adaptive Security Appliance Cisco ASA 5510 Adaptive Security Appliance Cisco ASA 5520 Adaptive Security Appliance Cisco ASA 5540 Adaptive Security Appliance Cisco ASA 5550 Adaptive Security Appliance Cisco ASA 5580 Adaptive... |
Created: 2010-08-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1578 |
Title: Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security... |
Type: Hardware |
Bulletins:
CVE-2010-1578 |
Severity: High |
| Description: Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc77567. | ||||
| Applies to: |
Created: 2010-08-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1579 |
Title: Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security... |
Type: Hardware |
Bulletins:
CVE-2010-1579 |
Severity: High |
| Description: Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc79922. | ||||
| Applies to: |
Created: 2010-08-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1580 |
Title: Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security... |
Type: Hardware |
Bulletins:
CVE-2010-1580 |
Severity: High |
| Description: Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc85753. | ||||
| Applies to: |
Created: 2010-08-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2816 |
Title: Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.17), 8.1 before 8.1(2.45), and 8.2 before 8.2(2.13) allows remote attackers to cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2010-2816 SFBID42189 |
Severity: High |
| Description: Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.17), 8.1 before 8.1(2.45), and 8.2 before 8.2(2.13) allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCtd32106. | ||||
| Applies to: Cisco ASA 5505 Adaptive Security Appliance Cisco ASA 5510 Adaptive Security Appliance Cisco ASA 5520 Adaptive Security Appliance Cisco ASA 5540 Adaptive Security Appliance Cisco ASA 5550 Adaptive Security Appliance Cisco ASA 5580 Adaptive... |
Created: 2010-08-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2706 |
Title: Unspecified vulnerability in the In-band Agent on the HP ProCurve 2610 switch before R.11.30 allows remote attackers to cause a denial of service via unknown vectors. |
Type: Hardware |
Bulletins:
CVE-2010-2706 |
Severity: Medium |
| Description: Unspecified vulnerability in the In-band Agent on the HP ProCurve 2610 switch before R.11.30 allows remote attackers to cause a denial of service via unknown vectors. | ||||
| Applies to: Procurve Switch 2610-24 Procurve Switch 2610-24-pwr Procurve Switch 2610-24/12pwr Procurve Switch 2610-48 Procurve Switch 2610-48-pwr |
Created: 2010-08-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2817 |
Title: Unspecified vulnerability in the IKE implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.10), and... |
Type: Hardware |
Bulletins:
CVE-2010-2817 SFBID42190 |
Severity: High |
| Description: Unspecified vulnerability in the IKE implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.0 before 7.0(8.11), 7.1 and 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.10), and 8.3 before 8.3(1.1) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a crafted IKE message, aka Bug ID CSCte46507. | ||||
| Applies to: Cisco ASA 5505 Adaptive Security Appliance Cisco ASA 5510 Adaptive Security Appliance Cisco ASA 5520 Adaptive Security Appliance Cisco ASA 5540 Adaptive Security Appliance Cisco ASA 5550 Adaptive Security Appliance Cisco ASA 5580 Adaptive... |
Created: 2010-08-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2973 |
Title: Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, as demonstrated by JailbreakMe. |
Type: Mobile Devices |
Bulletins:
CVE-2010-2973 SFBID42151 |
Severity: Medium |
| Description: Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2.2 on the iPad, allows local users to gain privileges via vectors involving IOSurface properties, as demonstrated by JailbreakMe. | ||||
| Applies to: |
Created: 2010-08-05 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1574 |
Title: IOS 12.2(52)SE and 12.2(52)SE1 on Cisco Industrial Ethernet (IE) 3000 series switches has (1) a community name of public for RO access and (2) a community name of private for RW access, which makes it easier for remote attackers to modify the... |
Type: Hardware |
Bulletins:
CVE-2010-1574 SFBID41436 |
Severity: High |
| Description: IOS 12.2(52)SE and 12.2(52)SE1 on Cisco Industrial Ethernet (IE) 3000 series switches has (1) a community name of public for RO access and (2) a community name of private for RW access, which makes it easier for remote attackers to modify the configuration or obtain potentially sensitive information via SNMP requests, aka Bug ID CSCtf25589. | ||||
| Applies to: |
Created: 2010-07-08 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1576 |
Title: The Cisco Content Services Switch (CSS) 11500 with software before 8.20.4.02 and the Application Control Engine (ACE) 4710 with software before A2(3.0) do not properly handle use of LF, CR, and LFCR as alternatives to the standard CRLF sequence... |
Type: Hardware |
Bulletins:
CVE-2010-1576 SFBID41315 |
Severity: High |
| Description: The Cisco Content Services Switch (CSS) 11500 with software before 8.20.4.02 and the Application Control Engine (ACE) 4710 with software before A2(3.0) do not properly handle use of LF, CR, and LFCR as alternatives to the standard CRLF sequence between HTTP headers, which allows remote attackers to bypass intended header insertions or conduct HTTP request smuggling attacks via crafted header data, as demonstrated by LF characters preceding ClientCert-Subject and ClientCert-Subject-CN headers, aka Bug ID CSCta04885. | ||||
| Applies to: Cisco Ace 4710 Content Services Switch 11500 |
Created: 2010-07-06 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2629 |
Title: The Cisco Content Services Switch (CSS) 11500 with software 8.20.4.02 and the Application Control Engine (ACE) 4710 with software A2(3.0) do not properly handle LF header terminators in situations where the GET line is terminated by CRLF, which... |
Type: Hardware |
Bulletins:
CVE-2010-2629 SFBID41315 |
Severity: High |
| Description: The Cisco Content Services Switch (CSS) 11500 with software 8.20.4.02 and the Application Control Engine (ACE) 4710 with software A2(3.0) do not properly handle LF header terminators in situations where the GET line is terminated by CRLF, which allows remote attackers to conduct HTTP request smuggling attacks and possibly bypass intended header insertions via crafted header data, as demonstrated by an LF character between the ClientCert-Subject and ClientCert-Subject-CN headers. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-1576. | ||||
| Applies to: Cisco Ace 4710 Content Services Switch 11500 |
Created: 2010-07-06 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1575 |
Title: The Cisco Content Services Switch (CSS) 11500 with software 08.20.1.01 conveys authentication data through ClientCert-* headers but does not delete client-supplied ClientCert-* headers, which might allow remote attackers to bypass authentication via... |
Type: Hardware |
Bulletins:
CVE-2010-1575 SFBID41315 |
Severity: High |
| Description: The Cisco Content Services Switch (CSS) 11500 with software 08.20.1.01 conveys authentication data through ClientCert-* headers but does not delete client-supplied ClientCert-* headers, which might allow remote attackers to bypass authentication via crafted header data, as demonstrated by a ClientCert-Subject-CN header, aka Bug ID CSCsz04690. | ||||
| Applies to: Content Services Switch 11500 |
Created: 2010-07-06 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-4922 |
Title: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote authenticated users to cause a denial of service (traceback) by establishing many IPsec L2L tunnels from remote peer... |
Type: Hardware |
Bulletins:
CVE-2009-4922 |
Severity: Medium |
| Description: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote authenticated users to cause a denial of service (traceback) by establishing many IPsec L2L tunnels from remote peer IP addresses, aka Bug ID CSCso15583. | ||||
| Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-4916 |
Title: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote authenticated users to cause a denial of service (console hang) via a login action during failover replication, aka... |
Type: Hardware |
Bulletins:
CVE-2009-4916 |
Severity: Medium |
| Description: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote authenticated users to cause a denial of service (console hang) via a login action during failover replication, aka Bug ID CSCsq80095. | ||||
| Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-4915 |
Title: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device reload) via unknown network traffic, as demonstrated by a "connection... |
Type: Hardware |
Bulletins:
CVE-2009-4915 |
Severity: High |
| Description: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device reload) via unknown network traffic, as demonstrated by a "connection stress test," aka Bug ID CSCsq68451. | ||||
| Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-4917 |
Title: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device reload) via a high volume of SIP traffic, aka Bug ID CSCsr65901. |
Type: Hardware |
Bulletins:
CVE-2009-4917 |
Severity: High |
| Description: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device reload) via a high volume of SIP traffic, aka Bug ID CSCsr65901. | ||||
| Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-4911 |
Title: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device crash) via vectors involving SSL VPN and PPPoE transactions, aka Bug... |
Type: Hardware |
Bulletins:
CVE-2009-4911 |
Severity: High |
| Description: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (device crash) via vectors involving SSL VPN and PPPoE transactions, aka Bug ID CSCsm77958. | ||||
| Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-4923 |
Title: Unspecified vulnerability in the DTLS implementation on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (traceback) via TLS fragments, aka Bug ID CSCso53162. |
Type: Hardware |
Bulletins:
CVE-2009-4923 |
Severity: High |
| Description: Unspecified vulnerability in the DTLS implementation on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (traceback) via TLS fragments, aka Bug ID CSCso53162. | ||||
| Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-4920 |
Title: Unspecified vulnerability in CTM on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software 8.1(2) allows remote attackers to cause a denial of service (watchdog traceback) via a large amount of small-packet data, aka Bug ID CSCsu11412. |
Type: Hardware |
Bulletins:
CVE-2009-4920 |
Severity: High |
| Description: Unspecified vulnerability in CTM on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software 8.1(2) allows remote attackers to cause a denial of service (watchdog traceback) via a large amount of small-packet data, aka Bug ID CSCsu11412. | ||||
| Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-4913 |
Title: The IPv6 implementation on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) exposes IP services on the "far side of the box," which might allow remote attackers to bypass intended access restrictions via IPv6... |
Type: Hardware |
Bulletins:
CVE-2009-4913 |
Severity: Medium |
| Description: The IPv6 implementation on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) exposes IP services on the "far side of the box," which might allow remote attackers to bypass intended access restrictions via IPv6 packets, aka Bug ID CSCso58622. | ||||
| Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-4914 |
Title: Memory leak on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via Subject Alternative Name fields in an X.509 certificate, aka Bug ID... |
Type: Hardware |
Bulletins:
CVE-2009-4914 |
Severity: High |
| Description: Memory leak on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via Subject Alternative Name fields in an X.509 certificate, aka Bug ID CSCsq17879. | ||||
| Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-4910 |
Title: Cross-site scripting (XSS) vulnerability in the WebVPN portal on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug... |
Type: Hardware |
Bulletins:
CVE-2009-4910 |
Severity: Medium |
| Description: Cross-site scripting (XSS) vulnerability in the WebVPN portal on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka Bug ID CSCsq78418. | ||||
| Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-7257 |
Title: CRLF injection vulnerability in +webvpn+/index.html in WebVPN on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to inject arbitrary HTTP headers as demonstrated by a redirect attack... |
Type: Hardware |
Bulletins:
CVE-2008-7257 SFBID41159 |
Severity: Medium |
| Description: CRLF injection vulnerability in +webvpn+/index.html in WebVPN on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to inject arbitrary HTTP headers as demonstrated by a redirect attack involving a %0d%0aLocation%3a sequence in a URI, or conduct HTTP response splitting attacks via unspecified vectors, aka Bug ID CSCsr09163. | ||||
| Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-4912 |
Title: Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) complete an SSL handshake with an HTTPS client even if this client is unauthorized, which might allow remote attackers to bypass intended access restrictions... |
Type: Hardware |
Bulletins:
CVE-2009-4912 |
Severity: High |
| Description: Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) complete an SSL handshake with an HTTPS client even if this client is unauthorized, which might allow remote attackers to bypass intended access restrictions via an HTTPS session, aka Bug ID CSCso10876. | ||||
| Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-4921 |
Title: Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allow remote attackers to cause a denial of service (traceback) via malformed TCP packets, aka Bug ID CSCsm84110. |
Type: Hardware |
Bulletins:
CVE-2009-4921 |
Severity: High |
| Description: Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allow remote attackers to cause a denial of service (traceback) via malformed TCP packets, aka Bug ID CSCsm84110. | ||||
| Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-4918 |
Title: Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allow remote attackers to cause a denial of service (IKE process hang) via malformed NAT-T packets, aka Bug ID CSCsr74439. |
Type: Hardware |
Bulletins:
CVE-2009-4918 |
Severity: High |
| Description: Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allow remote attackers to cause a denial of service (IKE process hang) via malformed NAT-T packets, aka Bug ID CSCsr74439. | ||||
| Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-4919 |
Title: Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to have an unspecified impact via long IKE attributes, aka Bug ID CSCsu43121. |
Type: Hardware |
Bulletins:
CVE-2009-4919 |
Severity: High |
| Description: Buffer overflow on Cisco Adaptive Security Appliances (ASA) 5580 series devices with software before 8.1(2) allows remote attackers to have an unspecified impact via long IKE attributes, aka Bug ID CSCsu43121. | ||||
| Applies to: Cisco ASA 5580 Adaptive Security Appliance |
Created: 2010-06-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2506 |
Title: Cross-site scripting (XSS) vulnerability in debug.cgi in Linksys WAP54Gv3 firmware 3.05.03 and 3.04.03 allows remote attackers to inject arbitrary web script or HTML via the data1 parameter. |
Type: Hardware |
Bulletins:
CVE-2010-2506 |
Severity: Low |
| Description: Cross-site scripting (XSS) vulnerability in debug.cgi in Linksys WAP54Gv3 firmware 3.05.03 and 3.04.03 allows remote attackers to inject arbitrary web script or HTML via the data1 parameter. | ||||
| Applies to: WAP54G |
Created: 2010-06-28 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1407 |
Title: WebKit in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the history.replaceState method in certain situations involving IFRAME elements, which allows remote attackers to obtain sensitive information via... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1407 SFBID41016 |
Severity: Medium |
| Description: WebKit in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the history.replaceState method in certain situations involving IFRAME elements, which allows remote attackers to obtain sensitive information via a crafted HTML document. | ||||
| Applies to: |
Created: 2010-06-22 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1757 |
Title: WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enforce the expected boundary restrictions on content display by an IFRAME element, which allows remote attackers to spoof the user interface via a crafted HTML document. |
Type: Mobile Devices |
Bulletins:
CVE-2010-1757 SFBID41016 |
Severity: Medium |
| Description: WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enforce the expected boundary restrictions on content display by an IFRAME element, which allows remote attackers to spoof the user interface via a crafted HTML document. | ||||
| Applies to: |
Created: 2010-06-22 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1756 |
Title: The Settings application in Apple iOS before 4 on the iPhone and iPod touch does not properly report the wireless network that is in use, which might make it easier for remote attackers to trick users into communicating over an... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1756 SFBID41016 |
Severity: Medium |
| Description: The Settings application in Apple iOS before 4 on the iPhone and iPod touch does not properly report the wireless network that is in use, which might make it easier for remote attackers to trick users into communicating over an unintended network. | ||||
| Applies to: |
Created: 2010-06-22 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1752 |
Title: Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to URL handling. |
Type: Mobile Devices |
Bulletins:
CVE-2010-1752 SFBID41016 |
Severity: Medium |
| Description: Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to URL handling. | ||||
| Applies to: |
Created: 2010-06-22 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1755 |
Title: Safari in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the Accept Cookies preference, which makes it easier for remote web servers to track users via a cookie. |
Type: Mobile Devices |
Bulletins:
CVE-2010-1755 SFBID41016 |
Severity: Medium |
| Description: Safari in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the Accept Cookies preference, which makes it easier for remote web servers to track users via a cookie. | ||||
| Applies to: |
Created: 2010-06-22 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1775 |
Title: Race condition in Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch allows physically proximate attackers to bypass intended passcode requirements, and pair a locked device with a computer and access arbitrary data,... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1775 SFBID41016 |
Severity: Low |
| Description: Race condition in Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch allows physically proximate attackers to bypass intended passcode requirements, and pair a locked device with a computer and access arbitrary data, via vectors involving the initial boot. | ||||
| Applies to: |
Created: 2010-06-22 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1754 |
Title: Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch does not properly handle alert-based unlocks in conjunction with subsequent Remote Lock operations through MobileMe, which allows physically proximate attackers to... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1754 SFBID41016 |
Severity: Medium |
| Description: Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch does not properly handle alert-based unlocks in conjunction with subsequent Remote Lock operations through MobileMe, which allows physically proximate attackers to bypass intended passcode requirements via unspecified vectors. | ||||
| Applies to: |
Created: 2010-06-22 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1753 |
Title: ImageIO in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG image. |
Type: Mobile Devices |
Bulletins:
CVE-2010-1753 SFBID41016 |
Severity: Medium |
| Description: ImageIO in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted JPEG image. | ||||
| Applies to: |
Created: 2010-06-22 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1751 |
Title: Application Sandbox in Apple iOS before 4 on the iPhone and iPod touch does not prevent photo-library access, which might allow remote attackers to obtain location information via unspecified vectors. |
Type: Mobile Devices |
Bulletins:
CVE-2010-1751 SFBID41016 |
Severity: Medium |
| Description: Application Sandbox in Apple iOS before 4 on the iPhone and iPod touch does not prevent photo-library access, which might allow remote attackers to obtain location information via unspecified vectors. | ||||
| Applies to: |
Created: 2010-06-22 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1387 |
Title: Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of service... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1387 SFBID41016 |
Severity: High |
| Description: Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page transitions, a different vulnerability than CVE-2010-1763 and CVE-2010-1769. | ||||
| Applies to: |
Created: 2010-06-18 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2293 |
Title: The Ping tools web interface in Dlink Di-604 router allows remote authenticated users to cause a denial of service via a large "ip textfield" size. |
Type: Hardware |
Bulletins:
CVE-2010-2293 SFBID40691 |
Severity: Medium |
| Description: The Ping tools web interface in Dlink Di-604 router allows remote authenticated users to cause a denial of service via a large "ip textfield" size. | ||||
| Applies to: DI-604 |
Created: 2010-06-15 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2292 |
Title: Cross-site scripting (XSS) vulnerability in the Ping tools web interface in Dlink Di-604 router allows remote attackers to inject arbitrary web script or HTML via the IP field. |
Type: Hardware |
Bulletins:
CVE-2010-2292 SFBID40691 |
Severity: Medium |
| Description: Cross-site scripting (XSS) vulnerability in the Ping tools web interface in Dlink Di-604 router allows remote attackers to inject arbitrary web script or HTML via the IP field. | ||||
| Applies to: DI-604 |
Created: 2010-06-15 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1573 |
Title: Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded username (Gemtek) and password (gemtekswd) for a debug interface for certain web pages, which allows remote attackers to execute arbitrary commands via the (1) data1, (2) data2, or (3)... |
Type: Hardware |
Bulletins:
CVE-2010-1573 SFBID40648 |
Severity: High |
| Description: Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded username (Gemtek) and password (gemtekswd) for a debug interface for certain web pages, which allows remote attackers to execute arbitrary commands via the (1) data1, (2) data2, or (3) data3 parameters to (a) Debug_command_page.asp and (b) debug.cgi. | ||||
| Applies to: wap54g |
Created: 2010-06-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-2261 |
Title: Linksys WAP54Gv3 firmware 3.04.03 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) data2 and (2) data3 parameters to (a) Debug_command_page.asp and (b) debug.cgi. |
Type: Hardware |
Bulletins:
CVE-2010-2261 |
Severity: High |
| Description: Linksys WAP54Gv3 firmware 3.04.03 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) data2 and (2) data3 parameters to (a) Debug_command_page.asp and (b) debug.cgi. | ||||
| Applies to: wap54g |
Created: 2010-06-09 |
Updated: 2024-09-07 |
||
| ID: MITRE:7170 |
Title: VBScript Help Keypress Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:7170 CVE-2010-0483 |
Severity: High |
| Description: vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2, when Internet Explorer is used, allows user-assisted remote attackers to execute arbitrary code by referencing a (1) local pathname, (2) UNC share pathname, or (3) WebDAV server with a crafted .hlp file in the fourth argument (aka helpfile argument) to the MsgBox function, leading to code execution involving winhlp32.exe when the F1 key is pressed, aka "VBScript Help Keypress Vulnerability." | ||||
| Applies to: VBScript 5.1 VBScript 5.6 VBScript 5.7 VBScript 5.8 |
Created: 2010-06-07 |
Updated: 2024-09-07 |
||
| ID: MITRE:7049 |
Title: LibTIFF 'LZWDecodeCompat()' Remote Buffer Underflow Vulnerability |
Type: Software |
Bulletins:
MITRE:7049 CVE-2009-2285 |
Severity: Medium |
| Description: Buffer underflow in the LZWDecodeCompat function in libtiff 3.8.2 allows context-dependent attackers to cause a denial of service (crash) via a crafted TIFF image, a different vulnerability than CVE-2008-2327. | ||||
| Applies to: Apple Safari Apple iTunes |
Created: 2010-06-07 |
Updated: 2024-09-07 |
||
| ID: MITRE:7561 |
Title: Apple Safari TIFF Image Uninitialized Memory Information Disclosure Vulnerability |
Type: Software |
Bulletins:
MITRE:7561 CVE-2010-0042 |
Severity: Medium |
| Description: ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafted TIFF image. | ||||
| Applies to: Apple Safari Apple iTunes |
Created: 2010-06-07 |
Updated: 2024-09-07 |
||
| ID: MITRE:6741 |
Title: Apple Safari Prior to 4.0.5 Integer Overflow Vulnerability |
Type: Software |
Bulletins:
MITRE:6741 CVE-2010-0040 |
Severity: High |
| Description: Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, and iTunes before 9.1, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via an image with a crafted color profile that triggers a heap-based buffer overflow. | ||||
| Applies to: Apple Safari Apple iTunes |
Created: 2010-06-07 |
Updated: 2024-09-07 |
||
| ID: MITRE:6901 |
Title: Apple Safari ImageIO TIFF Image Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
MITRE:6901 CVE-2010-0043 |
Severity: High |
| Description: ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted TIFF image. | ||||
| Applies to: Apple Safari Apple iTunes |
Created: 2010-06-07 |
Updated: 2024-09-07 |
||
| ID: MITRE:6885 |
Title: Apple Safari BMP Image Uninitialized Memory Information Disclosure Vulnerability |
Type: Software |
Bulletins:
MITRE:6885 CVE-2010-0041 |
Severity: Medium |
| Description: ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory access is associated with initialized memory, which allows remote attackers to obtain potentially sensitive information from process memory via a crafted BMP image. | ||||
| Applies to: Apple Safari Apple iTunes |
Created: 2010-06-07 |
Updated: 2024-09-07 |
||
| ID: MITRE:7427 |
Title: Apple iTunes MP4 File Processing Denial of Service Vulnerability |
Type: Software |
Bulletins:
MITRE:7427 CVE-2010-0531 |
Severity: Medium |
| Description: Apple iTunes before 9.1 allows remote attackers to cause a denial of service (infinite loop) via a crafted MP4 podcast file. | ||||
| Applies to: Apple iTunes |
Created: 2010-06-07 |
Updated: 2024-09-07 |
||
| ID: MITRE:7110 |
Title: Apple iTunes Install or Update Privilege Escalation Vulnerability |
Type: Software |
Bulletins:
MITRE:7110 CVE-2010-0532 |
Severity: Medium |
| Description: Race condition in the installation package in Apple iTunes before 9.1 on Windows allows local users to gain privileges by replacing an unspecified file with a Trojan horse. | ||||
| Applies to: Apple iTunes |
Created: 2010-06-07 |
Updated: 2024-09-07 |
||
| ID: MITRE:8595 |
Title: Movie Maker and Producer Buffer Overflow Vulnerability |
Type: Software |
Bulletins:
MITRE:8595 CVE-2010-0265 |
Severity: High |
| Description: Buffer overflow in Microsoft Windows Movie Maker 2.1, 2.6, and 6.0, and Microsoft Producer 2003, allows remote attackers to execute arbitrary code via a crafted project (.MSWMM) file, aka "Movie Maker and Producer Buffer Overflow Vulnerability." | ||||
| Applies to: Microsoft Producer 2003 Movie Maker 2.1 Movie Maker 2.6 Movie Maker 6.0 |
Created: 2010-05-24 |
Updated: 2024-09-07 |
||
| ID: MITRE:7709 |
Title: libpng buffer overflow |
Type: Software |
Bulletins:
MITRE:7709 CVE-2004-0597 |
Severity: High |
| Description: Multiple buffer overflows in libpng 1.2.5 and earlier, as used in multiple products, allow remote attackers to execute arbitrary code via malformed PNG images in which (1) the png_handle_tRNS function does not properly validate the length of transparency chunk (tRNS) data, or the (2) png_handle_sBIT or (3) png_handle_hIST functions do not perform sufficient bounds checking. | ||||
| Applies to: Adobe Acrobat Reader MSN Messenger 4.7 MSN Messenger 6.1 MSN Messenger 6.2 |
Created: 2010-05-17 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-4821 |
Title: The D-Link DIR-615 with firmware 3.10NA does not require administrative authentication for apply.cgi, which allows remote attackers to (1) change the admin password via the admin_password parameter, (2) disable the security requirement for the Wi-Fi... |
Type: Hardware |
Bulletins:
CVE-2009-4821 SFBID37415 |
Severity: Medium |
| Description: The D-Link DIR-615 with firmware 3.10NA does not require administrative authentication for apply.cgi, which allows remote attackers to (1) change the admin password via the admin_password parameter, (2) disable the security requirement for the Wi-Fi network via unspecified vectors, or (3) modify DNS settings via unspecified vectors. | ||||
| Applies to: DIR-615 |
Created: 2010-04-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1226 |
Title: The HTTP client functionality in Apple iPhone OS 3.1 on the iPhone 2G and 3.1.3 on the iPhone 3GS allows remote attackers to cause a denial of service (Safari, Mail, or Springboard crash) via a crafted innerHTML property of a DIV... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1226 SFBID38758 |
Severity: Medium |
| Description: The HTTP client functionality in Apple iPhone OS 3.1 on the iPhone 2G and 3.1.3 on the iPhone 3GS allows remote attackers to cause a denial of service (Safari, Mail, or Springboard crash) via a crafted innerHTML property of a DIV element, related to a "malformed character" issue. | ||||
| Applies to: |
Created: 2010-04-01 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1181 |
Title: Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a MARQUEE element. |
Type: Mobile Devices |
Bulletins:
CVE-2010-1181 |
Severity: Medium |
| Description: Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long string in a MARQUEE element. | ||||
| Applies to: |
Created: 2010-03-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-1119 |
Title: Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on Mac OS X 10.4, and Safari on Apple iPhone OS allows remote attackers to execute arbitrary code or cause... |
Type: Mobile Devices |
Bulletins:
CVE-2010-1119 SFBID40620 |
Severity: High |
| Description: Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Safari before 4.1 on Mac OS X 10.4, and Safari on Apple iPhone OS allows remote attackers to execute arbitrary code or cause a denial of service (application crash), or read the SMS database or other data, via vectors related to "attribute manipulation," as demonstrated by Vincenzo Iozzo and Ralf Philipp Weinmann during a Pwn2Own competition at CanSecWest 2010. | ||||
| Applies to: |
Created: 2010-03-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0581 |
Title: Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz89904, the "SIP Packet Parsing Arbitrary Code Execution Vulnerability." |
Type: Hardware |
Bulletins:
CVE-2010-0581 |
Severity: High |
| Description: Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz89904, the "SIP Packet Parsing Arbitrary Code Execution Vulnerability." | ||||
| Applies to: |
Created: 2010-03-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0580 |
Title: Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz48680, the "SIP Message Processing Arbitrary Code Execution Vulnerability." |
Type: Hardware |
Bulletins:
CVE-2010-0580 |
Severity: High |
| Description: Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz48680, the "SIP Message Processing Arbitrary Code Execution Vulnerability." | ||||
| Applies to: |
Created: 2010-03-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0584 |
Title: Unspecified vulnerability in Cisco IOS 12.4, when NAT SCCP fragmentation support is enabled, allows remote attackers to cause a denial of service (device reload) via crafted Skinny Client Control Protocol (SCCP) packets, aka Bug ID CSCsy09250. |
Type: Hardware |
Bulletins:
CVE-2010-0584 |
Severity: High |
| Description: Unspecified vulnerability in Cisco IOS 12.4, when NAT SCCP fragmentation support is enabled, allows remote attackers to cause a denial of service (device reload) via crafted Skinny Client Control Protocol (SCCP) packets, aka Bug ID CSCsy09250. | ||||
| Applies to: |
Created: 2010-03-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0576 |
Title: Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x through 2.3.x before 2.3.2, and IOS XR 3.2.x through 3.4.3, when Multiprotocol Label Switching (MPLS) and Label Distribution Protocol (LDP) are enabled, allows remote attackers... |
Type: Hardware |
Bulletins:
CVE-2010-0576 SFBID38938 |
Severity: High |
| Description: Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x through 2.3.x before 2.3.2, and IOS XR 3.2.x through 3.4.3, when Multiprotocol Label Switching (MPLS) and Label Distribution Protocol (LDP) are enabled, allows remote attackers to cause a denial of service (device reload or process restart) via a crafted LDP packet, aka Bug IDs CSCsz45567 and CSCsj25893. | ||||
| Applies to: |
Created: 2010-03-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0579 |
Title: The SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device reload) via a malformed SIP message, aka Bug ID CSCtb93416, the "SIP Message Handling Denial of Service Vulnerability." |
Type: Hardware |
Bulletins:
CVE-2010-0579 |
Severity: High |
| Description: The SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device reload) via a malformed SIP message, aka Bug ID CSCtb93416, the "SIP Message Handling Denial of Service Vulnerability." | ||||
| Applies to: |
Created: 2010-03-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0578 |
Title: The IKE implementation in Cisco IOS 12.2 through 12.4 on Cisco 7200 and 7301 routers with VAM2+ allows remote attackers to cause a denial of service (device reload) via a malformed IKE packet, aka Bug ID CSCtb13491. |
Type: Hardware |
Bulletins:
CVE-2010-0578 SFBID38932 |
Severity: High |
| Description: The IKE implementation in Cisco IOS 12.2 through 12.4 on Cisco 7200 and 7301 routers with VAM2+ allows remote attackers to cause a denial of service (device reload) via a malformed IKE packet, aka Bug ID CSCtb13491. | ||||
| Applies to: |
Created: 2010-03-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0583 |
Title: Memory leak in the H.323 implementation in Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (memory consumption and device reload) via malformed H.323 packets, aka Bug ID CSCtb93855. |
Type: Hardware |
Bulletins:
CVE-2010-0583 SFBID38934 |
Severity: High |
| Description: Memory leak in the H.323 implementation in Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (memory consumption and device reload) via malformed H.323 packets, aka Bug ID CSCtb93855. | ||||
| Applies to: |
Created: 2010-03-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0577 |
Title: Cisco IOS 12.2 through 12.4, when certain PMTUD, SNAT, or window-size configurations are used, allows remote attackers to cause a denial of service (infinite loop, and device reload or hang) via a TCP segment with crafted options, aka Bug ID CSCsz75186. |
Type: Hardware |
Bulletins:
CVE-2010-0577 SFBID38930 |
Severity: High |
| Description: Cisco IOS 12.2 through 12.4, when certain PMTUD, SNAT, or window-size configurations are used, allows remote attackers to cause a denial of service (infinite loop, and device reload or hang) via a TCP segment with crafted options, aka Bug ID CSCsz75186. | ||||
| Applies to: |
Created: 2010-03-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0585 |
Title: Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny... |
Type: Hardware |
Bulletins:
CVE-2010-0585 |
Severity: High |
| Description: Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug ID CSCsz48614, the "SCCP Packet Processing Denial of Service Vulnerability." | ||||
| Applies to: |
Created: 2010-03-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0586 |
Title: Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny... |
Type: Hardware |
Bulletins:
CVE-2010-0586 |
Severity: High |
| Description: Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed Skinny Client Control Protocol (SCCP) message, aka Bug ID CSCsz49741, the "SCCP Request Handling Denial of Service Vulnerability." | ||||
| Applies to: |
Created: 2010-03-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0582 |
Title: Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (interface queue wedge) via malformed H.323 packets, aka Bug ID CSCta19962. |
Type: Hardware |
Bulletins:
CVE-2010-0582 |
Severity: High |
| Description: Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (interface queue wedge) via malformed H.323 packets, aka Bug ID CSCta19962. | ||||
| Applies to: |
Created: 2010-03-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0936 |
Title: Cross-site scripting (XSS) vulnerability in auth.asp on the D-LINK DKVM-IP8 with firmware 2282_dlinkA4_p8_20071213 allows remote attackers to inject arbitrary web script or HTML via the nickname parameter. |
Type: Hardware |
Bulletins:
CVE-2010-0936 SFBID37646 |
Severity: Medium |
| Description: Cross-site scripting (XSS) vulnerability in auth.asp on the D-LINK DKVM-IP8 with firmware 2282_dlinkA4_p8_20071213 allows remote attackers to inject arbitrary web script or HTML via the nickname parameter. | ||||
| Applies to: DKVM-IP8 |
Created: 2010-03-08 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0592 |
Title: The CTI Manager service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)sr1a, 6.x before 6.1(3), 7.0x before 7.0(2), 7.1x before 7.1(2), and 8.x before 8.0(1) allows remote attackers to cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2010-0592 SFBID38497 |
Severity: High |
| Description: The CTI Manager service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)sr1a, 6.x before 6.1(3), 7.0x before 7.0(2), 7.1x before 7.1(2), and 8.x before 8.0(1) allows remote attackers to cause a denial of service (service failure) via a malformed message, aka Bug ID CSCsu31800. | ||||
| Applies to: Unified Communications Manager |
Created: 2010-03-05 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0590 |
Title: The CMSIPUtility component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.x before 7.1(3a)su1 and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP Register... |
Type: Hardware |
Bulletins:
CVE-2010-0590 SFBID38495 |
Severity: High |
| Description: The CMSIPUtility component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 7.x before 7.1(3a)su1 and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP Register message, aka Bug ID CSCtc37188. | ||||
| Applies to: Unified Communications Manager |
Created: 2010-03-05 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0591 |
Title: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before 7.1(3b)SU2, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP REG message, related to... |
Type: Hardware |
Bulletins:
CVE-2010-0591 SFBID38498 |
Severity: High |
| Description: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before 7.1(3b)SU2, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SIP REG message, related to an overflow of the Telephone-URL field, aka Bug ID CSCtc62362. | ||||
| Applies to: Unified Communications Manager |
Created: 2010-03-05 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0588 |
Title: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before 7.1(3a)su1, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SCCP (1) RegAvailableLines... |
Type: Hardware |
Bulletins:
CVE-2010-0588 SFBID38501 |
Severity: High |
| Description: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before 7.1(3a)su1, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SCCP (1) RegAvailableLines or (2) FwdStatReq message with an invalid Line number, aka Bug ID CSCtc47823. | ||||
| Applies to: Unified Communications Manager |
Created: 2010-03-05 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0587 |
Title: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)SR2, 6.x before 6.1(5), 7.x before 7.1(3a)su1, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SCCP... |
Type: Hardware |
Bulletins:
CVE-2010-0587 SFBID38496 |
Severity: High |
| Description: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)SR2, 6.x before 6.1(5), 7.x before 7.1(3a)su1, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SCCP StationCapabilitiesRes message with an invalid MaxCap field, aka Bug ID CSCtc38985. | ||||
| Applies to: Unified Communications Manager |
Created: 2010-03-05 |
Updated: 2024-09-07 |
||
| ID: MITRE:7573 |
Title: ATL Null String Vulnerability |
Type: |
Bulletins:
MITRE:7573 CVE-2009-2495 |
Severity: High |
| Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1 does not properly enforce string termination, which allows remote attackers to obtain sensitive information via a crafted HTML document with an ATL (1) component or (2) control that triggers a buffer over-read, related to ATL headers and buffer allocation, aka "ATL Null String Vulnerability." | ||||
| Applies to: Microsoft Office Visio Viewer 2003 Microsoft Office Visio Viewer 2007 Microsoft Outlook 2002 Microsoft Outlook 2003 Microsoft Outlook 2007 Microsoft Visio Viewer 2002 Microsoft Visual Studio .NET 2003 Microsoft Visual Studio 2005 |
Created: 2010-02-22 |
Updated: 2024-09-07 |
||
| ID: MITRE:7995 |
Title: Apple iTunes Filetype Remote Off-By-One Stack Buffer Overflow Vulnerability |
Type: Software |
Bulletins:
MITRE:7995 CVE-2008-4116 |
Severity: High |
| Description: Buffer overflow in Apple QuickTime 7.5.5 and iTunes 8.0 allows remote attackers to cause a denial of service (browser crash) or possibly execute arbitrary code via a long type attribute in a quicktime tag (1) on a web page or embedded in a (2) .mp4 or (3) .mov file, possibly related to the Check_stack_cookie function and an off-by-one error that leads to a heap-based buffer overflow. | ||||
| Applies to: Apple QuickTime Apple iTunes |
Created: 2010-02-22 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0149 |
Title: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.2 before 7.2(4.46), 8.0 before 8.0(4.38), 8.1 before 8.1(2.29), and 8.2 before 8.2(1.5); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a... |
Type: Hardware |
Bulletins:
CVE-2010-0149 SFBID38275 |
Severity: High |
| Description: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.2 before 7.2(4.46), 8.0 before 8.0(4.38), 8.1 before 8.1(2.29), and 8.2 before 8.2(1.5); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (prevention of new connections) via crafted TCP segments during termination of the TCP connection that cause the connection to remain in CLOSEWAIT status, aka "TCP Connection Exhaustion Denial of Service Vulnerability." | ||||
| Applies to: |
Created: 2010-02-19 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0565 |
Title: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10), allows remote attackers to cause a denial of service (page fault and device... |
Type: Hardware |
Bulletins:
CVE-2010-0565 SFBID38280 |
Severity: High |
| Description: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10), allows remote attackers to cause a denial of service (page fault and device reload) via a malformed DTLS message, aka Bug ID CSCtb64913 and "WebVPN DTLS Denial of Service Vulnerability." | ||||
| Applies to: |
Created: 2010-02-19 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0568 |
Title: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.7), 8.1 before 8.1(2.40), and 8.2 before 8.2(2.1); and Cisco PIX 500 Series Security Appliance; allows remote... |
Type: Hardware |
Bulletins:
CVE-2010-0568 SFBID38279 |
Severity: High |
| Description: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.7), 8.1 before 8.1(2.40), and 8.2 before 8.2(2.1); and Cisco PIX 500 Series Security Appliance; allows remote attackers to bypass NTLMv1 authentication via a crafted username, aka Bug ID CSCte21953. | ||||
| Applies to: |
Created: 2010-02-19 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0150 |
Title: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.2), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.16); and Cisco PIX 500 Series Security Appliance; allows... |
Type: Hardware |
Bulletins:
CVE-2010-0150 SFBID38277 |
Severity: High |
| Description: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.2), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.16); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCsy91157. | ||||
| Applies to: |
Created: 2010-02-19 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0569 |
Title: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.2), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.16); and Cisco PIX 500 Series Security Appliance; allows... |
Type: Hardware |
Bulletins:
CVE-2010-0569 SFBID38281 |
Severity: High |
| Description: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.2), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.16); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (device reload) via malformed SIP messages, aka Bug ID CSCtc96018. | ||||
| Applies to: |
Created: 2010-02-19 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0567 |
Title: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.1), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.15); and Cisco PIX 500 Series Security Appliance; allows... |
Type: Hardware |
Bulletins:
CVE-2010-0567 SFBID38279 |
Severity: Medium |
| Description: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(5.1), 8.1 before 8.1(2.37), and 8.2 before 8.2(1.15); and Cisco PIX 500 Series Security Appliance; allows remote attackers to cause a denial of service (active IPsec tunnel loss and prevention of new tunnels) via a malformed IKE message through an existing tunnel to UDP port 4500, aka Bug ID CSCtc47782. | ||||
| Applies to: |
Created: 2010-02-19 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0566 |
Title: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10) allows remote attackers to cause a denial of service... |
Type: Hardware |
Bulletins:
CVE-2010-0566 SFBID38278 |
Severity: High |
| Description: Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10), 7.2 before 7.2(4.45), 8.0 before 8.0(4.44), 8.1 before 8.1(2.35), and 8.2 before 8.2(1.10) allows remote attackers to cause a denial of service (device reload) via a malformed TCP segment when certain NAT translation and Cisco AIP-SSM configurations are used, aka Bug ID CSCtb37219. | ||||
| Applies to: |
Created: 2010-02-19 |
Updated: 2024-09-07 |
||
| ID: MITRE:7581 |
Title: ATL Uninitialized Object Vulnerability |
Type: |
Bulletins:
MITRE:7581 CVE-2009-0901 |
Severity: High |
| Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not prevent VariantClear calls on an uninitialized VARIANT, which allows remote attackers to execute arbitrary code via a malformed stream to an ATL (1) component or (2) control, related to ATL headers and error handling, aka "ATL Uninitialized Object Vulnerability." | ||||
| Applies to: Microsoft Office Visio Viewer 2003 Microsoft Office Visio Viewer 2007 Microsoft Outlook 2002 Microsoft Outlook 2003 Microsoft Outlook 2007 Microsoft Visio Viewer 2002 Microsoft Visual Studio .NET 2003 Microsoft Visual Studio 2005 |
Created: 2010-02-08 |
Updated: 2024-09-07 |
||
| ID: MITRE:6716 |
Title: ATL COM Initialization Vulnerability |
Type: |
Bulletins:
MITRE:6716 CVE-2009-2493 |
Severity: High |
| Description: The Active Template Library (ATL) in Microsoft Visual Studio .NET 2003 SP1, Visual Studio 2005 SP1 and 2008 Gold and SP1, and Visual C++ 2005 SP1 and 2008 Gold and SP1; and Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold and SP2; does not properly restrict use of OleLoadFromStream in instantiating objects from data streams, which allows remote attackers to execute arbitrary code via a crafted HTML document with an ATL (1) component or (2) control, related to ATL headers and bypassing security policies, aka "ATL COM Initialization Vulnerability." | ||||
| Applies to: Microsoft Internet Explorer 5 Microsoft Internet Explorer 6 Microsoft Office Visio Viewer 2003 Microsoft Office Visio Viewer 2007 Microsoft Outlook 2002 Microsoft Outlook 2003 Microsoft Outlook 2007 Microsoft Visio Viewer 2002 |
Created: 2010-02-08 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0038 |
Title: Recovery Mode in Apple iPhone OS 1.0 through 3.1.2, and iPhone OS for iPod touch 1.1 through 3.1.2, allows physically proximate attackers to bypass device locking, and read or modify arbitrary data, via a USB control message that... |
Type: Mobile Devices |
Bulletins:
CVE-2010-0038 SFBID38040 |
Severity: Medium |
| Description: Recovery Mode in Apple iPhone OS 1.0 through 3.1.2, and iPhone OS for iPod touch 1.1 through 3.1.2, allows physically proximate attackers to bypass device locking, and read or modify arbitrary data, via a USB control message that triggers memory corruption. | ||||
| Applies to: |
Created: 2010-02-03 |
Updated: 2024-09-07 |
||
| ID: MITRE:5846 |
Title: WordPad and Office Text converter Memory Corruption Vulnerability |
Type: Software |
Bulletins:
MITRE:5846 CVE-2009-2506 |
Severity: High |
| Description: Integer overflow in the text converters in Microsoft Office Word 2002 SP3 and 2003 SP3; Works 8.5; Office Converter Pack; and WordPad in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a DOC file with an invalid number of property names in the DocumentSummaryInformation stream, which triggers a heap-based buffer overflow. | ||||
| Applies to: Microsoft Office Converter Pack Microsoft Word 2002 Microsoft Word 2003 Microsoft Works 8.5 |
Created: 2010-01-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2010-0137 |
Title: Unspecified vulnerability in the sshd_child_handler process in the SSH server in Cisco IOS XR 3.4.1 through 3.7.0 allows remote attackers to cause a denial of service (process crash and memory consumption) via a crafted SSH2 packet, aka Bug ID CSCsu10574. |
Type: Hardware |
Bulletins:
CVE-2010-0137 SFBID37878 |
Severity: High |
| Description: Unspecified vulnerability in the sshd_child_handler process in the SSH server in Cisco IOS XR 3.4.1 through 3.7.0 allows remote attackers to cause a denial of service (process crash and memory consumption) via a crafted SSH2 packet, aka Bug ID CSCsu10574. | ||||
| Applies to: |
Created: 2010-01-21 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-4455 |
Title: The default configuration of Cisco ASA 5500 Series Adaptive Security Appliance (Cisco ASA) 7.0, 7.1, 7.2, 8.0, 8.1, and 8.2 allows portal traffic to access arbitrary backend servers, which might allow remote authenticated users to bypass intended... |
Type: Hardware |
Bulletins:
CVE-2009-4455 |
Severity: Medium |
| Description: The default configuration of Cisco ASA 5500 Series Adaptive Security Appliance (Cisco ASA) 7.0, 7.1, 7.2, 8.0, 8.1, and 8.2 allows portal traffic to access arbitrary backend servers, which might allow remote authenticated users to bypass intended access restrictions and access unauthorized web sites via a crafted URL obfuscated with ROT13 and a certain encoding. NOTE: this issue was originally reported as a vulnerability related to lack of restrictions to URLs listed in the Cisco WebVPN bookmark component, but the vendor states that "The bookmark feature is not a security feature." | ||||
| Applies to: |
Created: 2009-12-29 |
Updated: 2024-09-07 |
||
| ID: MITRE:6407 |
Title: Windows Media Runtime Voice Sample Rate Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:6407 CVE-2009-0555 |
Severity: High |
| Description: Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly process Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted audio file that uses the Windows Media Speech codec, aka "Windows Media Runtime Voice Sample Rate Vulnerability." | ||||
| Applies to: Windows Media Format Runtime 11 Windows Media Format Runtime 9.0 Windows Media Format Runtime 9.5 |
Created: 2009-12-07 |
Updated: 2024-09-07 |
||
| ID: MITRE:6484 |
Title: Windows Media Runtime Heap Corruption Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:6484 CVE-2009-2525 |
Severity: High |
| Description: Microsoft Windows Media Runtime, as used in DirectShow WMA Voice Codec, Windows Media Audio Voice Decoder, and Audio Compression Manager (ACM), does not properly initialize unspecified functions within compressed audio files, which allows remote attackers to execute arbitrary code via (1) a crafted media file or (2) crafted streaming content, aka "Windows Media Runtime Heap Corruption Vulnerability." | ||||
| Applies to: Windows Media Format Runtime 11 Windows Media Format Runtime 9.0 Windows Media Format Runtime 9.5 |
Created: 2009-12-07 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2631 |
Title: Multiple clientless SSL VPN products that run in web browsers, including Stonesoft StoneGate; Cisco ASA; SonicWALL E-Class SSL VPN and SonicWALL SSL VPN; SafeNet SecureWire Access Gateway; Juniper Networks Secure Access; Nortel CallPilot; Citrix... |
Type: Hardware |
Bulletins:
CVE-2009-2631 SFBID37152 |
Severity: Medium |
| Description: Multiple clientless SSL VPN products that run in web browsers, including Stonesoft StoneGate; Cisco ASA; SonicWALL E-Class SSL VPN and SonicWALL SSL VPN; SafeNet SecureWire Access Gateway; Juniper Networks Secure Access; Nortel CallPilot; Citrix Access Gateway; and other products, when running in configurations that do not restrict access to the same domain as the VPN, retrieve the content of remote URLs from one domain and rewrite them so they originate from the VPN's domain, which violates the same origin policy and allows remote attackers to conduct cross-site scripting attacks, read cookies that originated from other domains, access the Web VPN session to gain access to internal resources, perform key logging, and conduct other attacks. NOTE: it could be argued that this is a fundamental design problem in any clientless VPN solution, as opposed to a commonly-introduced error that can be fixed in separate implementations. Therefore a single CVE has been assigned for all products that have this design. | ||||
| Applies to: SonicWall SSL-VPN SonicWall SSL-VPN E Class |
Created: 2009-12-04 |
Updated: 2024-09-07 |
||
| ID: MITRE:5967 |
Title: GDI+ WMF Integer Overflow Vulnerability |
Type: Web |
Bulletins:
MITRE:5967 CVE-2009-2500 |
Severity: High |
| Description: Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted WMF image file, aka "GDI+ WMF Integer Overflow Vulnerability." | ||||
| Applies to: Microsoft Internet Explorer 6 Microsoft Office 2003 Microsoft Office 2007 Microsoft Office Visio 2002 Microsoft Office XP Microsoft SQL Server 2005 Microsoft Visual Studio 2008 |
Created: 2009-11-30 |
Updated: 2024-09-07 |
||
| ID: MITRE:5898 |
Title: GDI+ TIFF Buffer Overflow Vulnerability |
Type: Web |
Bulletins:
MITRE:5898 CVE-2009-2502 |
Severity: High |
| Description: Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted TIFF image file, aka "GDI+ TIFF Buffer Overflow Vulnerability." | ||||
| Applies to: Microsoft Internet Explorer 6 Microsoft Office 2003 Microsoft Office 2007 Microsoft Office Visio 2002 Microsoft Office XP Microsoft SQL Server 2005 Microsoft Visual Studio 2008 |
Created: 2009-11-30 |
Updated: 2024-09-07 |
||
| ID: MITRE:6491 |
Title: GDI+ TIFF Buffer Overflow Vulnerability |
Type: Web |
Bulletins:
MITRE:6491 CVE-2009-2503 |
Severity: High |
| Description: GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 does not properly allocate an unspecified buffer, which allows remote attackers to execute arbitrary code via a crafted TIFF image file that triggers memory corruption, aka "GDI+ TIFF Memory Corruption Vulnerability." | ||||
| Applies to: Microsoft Internet Explorer 6 Microsoft Office 2003 Microsoft Office 2007 Microsoft Office Visio 2002 Microsoft Office XP Microsoft SQL Server 2005 Microsoft Visual Studio 2008 |
Created: 2009-11-30 |
Updated: 2024-09-07 |
||
| ID: MITRE:6134 |
Title: GDI+ PNG Integer Overflow Vulnerability |
Type: Software |
Bulletins:
MITRE:6134 CVE-2009-3126 |
Severity: High |
| Description: Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allows remote attackers to execute arbitrary code via a crafted PNG image file, aka "GDI+ PNG Integer Overflow Vulnerability." | ||||
| Applies to: Microsoft Office 2003 Microsoft Office 2007 Microsoft Office Visio 2002 Microsoft Office XP Microsoft SQL Server 2005 Microsoft Visual Studio 2008 |
Created: 2009-11-30 |
Updated: 2024-09-07 |
||
| ID: MITRE:6282 |
Title: GDI+ .NET API Vulnerability |
Type: Software |
Bulletins:
MITRE:6282 CVE-2009-2504 |
Severity: High |
| Description: Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Excel Viewer, Office PowerPoint Viewer 2007 Gold, SP1, and SP2, Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2, Expression Web, Expression Web 2, Groove 2007 Gold and SP1, Works 8.5, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2 and SP3, Report Viewer 2005 SP1, Report Viewer 2008 Gold and SP1, and Forefront Client Security 1.0 allow remote attackers to execute arbitrary code via (1) a crafted XAML browser application (XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "GDI+ .NET API Vulnerability." | ||||
| Applies to: Microsoft Office 2003 Microsoft Office 2007 Microsoft Office Visio 2002 Microsoft Office XP Microsoft SQL Server 2005 Microsoft Visual Studio 2008 |
Created: 2009-11-30 |
Updated: 2024-09-07 |
||
| ID: MITRE:6290 |
Title: Apple iTunes '.pls' File Buffer Overflow Vulnerability |
Type: Software |
Bulletins:
MITRE:6290 CVE-2009-2817 |
Severity: High |
| Description: Buffer overflow in Apple iTunes before 9.0.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted .pls file. | ||||
| Applies to: Apple iTunes |
Created: 2009-11-30 |
Updated: 2024-09-07 |
||
| ID: MITRE:6257 |
Title: Windows Media Header Parsing Invalid Free Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:6257 CVE-2009-2498 |
Severity: High |
| Description: Microsoft Windows Media Format Runtime 9.0, 9.5, and 11 and Windows Media Services 9.1 and 2008 do not properly parse malformed headers in Advanced Systems Format (ASF) files, which allows remote attackers to execute arbitrary code via a crafted (1) .asf, (2) .wmv, or (3) .wma file, aka "Windows Media Header Parsing Invalid Free Vulnerability." | ||||
| Applies to: Microsoft Media Services 9 Microsoft Media Services 9.1 Windows Media Format Runtime 11 Windows Media Format Runtime 9.0 Windows Media Format Runtime 9.5 |
Created: 2009-10-19 |
Updated: 2024-09-07 |
||
| ID: MITRE:6316 |
Title: JScript Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
MITRE:6316 CVE-2009-1920 |
Severity: High |
| Description: The JScript scripting engine 5.1, 5.6, 5.7, and 5.8 in JScript.dll in Microsoft Windows, as used in Internet Explorer, does not properly load decoded scripts into memory before execution, which allows remote attackers to execute arbitrary code via a crafted web site that triggers memory corruption, aka "JScript Remote Code Execution Vulnerability." | ||||
| Applies to: JScript Scripting Engine |
Created: 2009-10-19 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2999 |
Title: The com.android.phone process in Android 1.5 CRBxx allows remote attackers to cause a denial of service (application restart and network disconnection) via an SMS message containing a malformed WAP Push message that triggers an... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2999 |
Severity: Medium |
| Description: The com.android.phone process in Android 1.5 CRBxx allows remote attackers to cause a denial of service (application restart and network disconnection) via an SMS message containing a malformed WAP Push message that triggers an ArrayIndexOutOfBoundsException exception, possibly a related issue to CVE-2009-2656. | ||||
| Applies to: |
Created: 2009-10-14 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-3698 |
Title: An unspecified function in the Dalvik API in Android 1.5 and earlier allows remote attackers to cause a denial of service (system process restart) via a crafted application, possibly a related issue to CVE-2009-2656. |
Type: Mobile Devices |
Bulletins:
CVE-2009-3698 SFBID36590 |
Severity: Medium |
| Description: An unspecified function in the Dalvik API in Android 1.5 and earlier allows remote attackers to cause a denial of service (system process restart) via a crafted application, possibly a related issue to CVE-2009-2656. | ||||
| Applies to: |
Created: 2009-10-14 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-3486 |
Title: Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via the host parameter to (1) the pinghost program, reachable through the... |
Type: Hardware |
Bulletins:
CVE-2009-3486 SFBID36537 |
Severity: Low |
| Description: Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via the host parameter to (1) the pinghost program, reachable through the diagnose program; or (2) the traceroute program, reachable through the diagnose program; or (3) the probe-limit parameter to the configuration program; the (4) wizard-ids or (5) pager-new-identifier parameter in a firewall-filters action to the configuration program; (6) the cos-physical-interface-name parameter in a cos-physical-interfaces-edit action to the configuration program; the (7) wizard-args or (8) wizard-ids parameter in an snmp action to the configuration program; the (9) username or (10) fullname parameter in a users action to the configuration program; or the (11) certname or (12) certbody parameter in a local-cert (aka https) action to the configuration program. | ||||
| Applies to: |
Created: 2009-09-30 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-3487 |
Title: Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via (1) the JEXEC_OUTID parameter in a JEXEC_MODE_RELAY_OUTPUT action to the... |
Type: Hardware |
Bulletins:
CVE-2009-3487 SFBID36537 |
Severity: Low |
| Description: Multiple cross-site scripting (XSS) vulnerabilities in the J-Web interface in Juniper JUNOS 8.5R1.14 allow remote authenticated users to inject arbitrary web script or HTML via (1) the JEXEC_OUTID parameter in a JEXEC_MODE_RELAY_OUTPUT action to the jexec program; the (2) act, (3) refresh-time, or (4) ifid parameter to scripter.php; (5) the revision parameter in a rollback action to the configuration program; the m[] parameter to the (6) monitor, (7) manage, (8) events, (9) configuration, or (10) alarms program; (11) the m[] parameter to the default URI; (12) the m[] parameter in a browse action to the default URI; (13) the wizard-next parameter in an https action to the configuration program; or the (14) Contact Information, (15) System Description, (16) Local Engine ID, (17) System Location, or (18) System Name Override SNMP parameter, related to the configuration program. | ||||
| Applies to: |
Created: 2009-09-30 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-3485 |
Title: Cross-site scripting (XSS) vulnerability in the J-Web interface in Juniper JUNOS 8.5R1.14 and 9.0R1.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI. |
Type: Hardware |
Bulletins:
CVE-2009-3485 SFBID36537 |
Severity: Medium |
| Description: Cross-site scripting (XSS) vulnerability in the J-Web interface in Juniper JUNOS 8.5R1.14 and 9.0R1.1 allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI. | ||||
| Applies to: |
Created: 2009-09-30 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2867 |
Title: Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4T, 12.4XZ, and 12.4YA, when Zone-Based Policy Firewall SIP Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted SIP... |
Type: Hardware |
Bulletins:
CVE-2009-2867 |
Severity: High |
| Description: Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4T, 12.4XZ, and 12.4YA, when Zone-Based Policy Firewall SIP Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted SIP transit packet, aka Bug ID CSCsr18691. | ||||
| Applies to: |
Created: 2009-09-28 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2869 |
Title: Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to cause a denial of service (device reload) via a crafted NTPv4 packet, aka Bug IDs CSCsu24505 and CSCsv75948. |
Type: Hardware |
Bulletins:
CVE-2009-2869 |
Severity: High |
| Description: Unspecified vulnerability in Cisco IOS 12.2XNA, 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to cause a denial of service (device reload) via a crafted NTPv4 packet, aka Bug IDs CSCsu24505 and CSCsv75948. | ||||
| Applies to: |
Created: 2009-09-28 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2870 |
Title: Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when the Cisco Unified Border Element feature is enabled, allows remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCsx25880. |
Type: Hardware |
Bulletins:
CVE-2009-2870 |
Severity: High |
| Description: Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when the Cisco Unified Border Element feature is enabled, allows remote attackers to cause a denial of service (device reload) via crafted SIP messages, aka Bug ID CSCsx25880. | ||||
| Applies to: |
Created: 2009-09-28 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2868 |
Title: Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when certificate-based authentication is enabled for IKE, allows remote attackers to cause a denial of service (Phase 1 SA exhaustion) via crafted requests, aka Bug IDs CSCsy07555 and CSCee72997. |
Type: Hardware |
Bulletins:
CVE-2009-2868 |
Severity: High |
| Description: Unspecified vulnerability in Cisco IOS 12.2 through 12.4, when certificate-based authentication is enabled for IKE, allows remote attackers to cause a denial of service (Phase 1 SA exhaustion) via crafted requests, aka Bug IDs CSCsy07555 and CSCee72997. | ||||
| Applies to: |
Created: 2009-09-28 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2866 |
Title: Unspecified vulnerability in Cisco IOS 12.2 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet, aka Bug ID CSCsz38104. |
Type: Hardware |
Bulletins:
CVE-2009-2866 SFBID36494 |
Severity: High |
| Description: Unspecified vulnerability in Cisco IOS 12.2 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet, aka Bug ID CSCsz38104. | ||||
| Applies to: |
Created: 2009-09-28 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2871 |
Title: Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when SSLVPN sessions, SSH sessions, or IKE encrypted nonces are enabled, allows remote attackers to cause a denial of service (device reload) via a crafted encrypted packet, aka Bug ID CSCsq24002. |
Type: Hardware |
Bulletins:
CVE-2009-2871 |
Severity: High |
| Description: Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when SSLVPN sessions, SSH sessions, or IKE encrypted nonces are enabled, allows remote attackers to cause a denial of service (device reload) via a crafted encrypted packet, aka Bug ID CSCsq24002. | ||||
| Applies to: |
Created: 2009-09-28 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2862 |
Title: The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to bypass intended access restrictions via crafted requests, aka Bug IDs CSCsx07114,... |
Type: Hardware |
Bulletins:
CVE-2009-2862 SFBID36495 |
Severity: Medium |
| Description: The Object Groups for Access Control Lists (ACLs) feature in Cisco IOS 12.2XNB, 12.2XNC, 12.2XND, 12.4MD, 12.4T, 12.4XZ, and 12.4YA allows remote attackers to bypass intended access restrictions via crafted requests, aka Bug IDs CSCsx07114, CSCsu70214, CSCsw47076, CSCsv48603, CSCsy54122, and CSCsu50252. | ||||
| Applies to: |
Created: 2009-09-28 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2863 |
Title: Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12.0 through 12.4 allows remote attackers to bypass authentication, or bypass the consent web page, via a crafted request, aka Bug ID CSCsy15227. |
Type: Hardware |
Bulletins:
CVE-2009-2863 SFBID36491 |
Severity: High |
| Description: Race condition in the Firewall Authentication Proxy feature in Cisco IOS 12.0 through 12.4 allows remote attackers to bypass authentication, or bypass the consent web page, via a crafted request, aka Bug ID CSCsy15227. | ||||
| Applies to: |
Created: 2009-09-28 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2864 |
Title: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 5.x before 5.1(3g), 6.x before 6.1(4), 7.0.x before 7.0(2a)su1, and 7.1.x before 7.1(2) allows remote attackers to cause a denial of service (service restart) via malformed SIP... |
Type: Hardware |
Bulletins:
CVE-2009-2864 SFBID36496 |
Severity: High |
| Description: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 5.x before 5.1(3g), 6.x before 6.1(4), 7.0.x before 7.0(2a)su1, and 7.1.x before 7.1(2) allows remote attackers to cause a denial of service (service restart) via malformed SIP messages, aka Bug ID CSCsz95423. | ||||
| Applies to: Unified Callmanager Unified Communications Manager |
Created: 2009-09-28 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2873 |
Title: Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via malformed packets, aka Bug ID CSCsx70889. |
Type: Hardware |
Bulletins:
CVE-2009-2873 |
Severity: High |
| Description: Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via malformed packets, aka Bug ID CSCsx70889. | ||||
| Applies to: |
Created: 2009-09-28 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2872 |
Title: Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via a malformed packet that is not properly handled during switching from... |
Type: Hardware |
Bulletins:
CVE-2009-2872 |
Severity: Medium |
| Description: Cisco IOS 12.0 through 12.4, when IP-based tunnels and the Cisco Express Forwarding feature are enabled, allows remote attackers to cause a denial of service (device reload) via a malformed packet that is not properly handled during switching from one tunnel to a second tunnel, aka Bug IDs CSCsh97579 and CSCsq31776. | ||||
| Applies to: |
Created: 2009-09-28 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2865 |
Title: Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express (CME) component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a... |
Type: Hardware |
Bulletins:
CVE-2009-2865 SFBID36498 |
Severity: High |
| Description: Buffer overflow in the login implementation in the Extension Mobility feature in the Unified Communications Manager Express (CME) component in Cisco IOS 12.4XW, 12.4XY, 12.4XZ, and 12.4YA allows remote attackers to execute arbitrary code or cause a denial of service via crafted HTTP requests, aka Bug ID CSCsq58779. | ||||
| Applies to: |
Created: 2009-09-28 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-3341 |
Title: Buffer overflow on the Linksys WRT54GL wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this... |
Type: Hardware |
Bulletins:
CVE-2009-3341 |
Severity: High |
| Description: Buffer overflow on the Linksys WRT54GL wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | ||||
| Applies to: wrt54gl |
Created: 2009-09-24 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-3347 |
Title: Buffer overflow on the D-Link DIR-400 wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this... |
Type: Hardware |
Bulletins:
CVE-2009-3347 SFBID36237 |
Severity: High |
| Description: Buffer overflow on the D-Link DIR-400 wireless router allows remote attackers to execute arbitrary code via unspecified vectors, as demonstrated by a certain module in VulnDisco Pack Professional 8.10 through 8.11. NOTE: as of 20090917, this disclosure has no actionable information. However, because the VulnDisco Pack author is a reliable researcher, the issue is being assigned a CVE identifier for tracking purposes. | ||||
| Applies to: DIR-400 |
Created: 2009-09-24 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-3273 |
Title: iPhone Mail in Apple iPhone OS, and iPhone OS for iPod touch, does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL e-mail servers via a crafted certificate. |
Type: Mobile Devices |
Bulletins:
CVE-2009-3273 SFBID36370 |
Severity: High |
| Description: iPhone Mail in Apple iPhone OS, and iPhone OS for iPod touch, does not validate X.509 certificates, which allows man-in-the-middle attackers to spoof arbitrary SSL e-mail servers via a crafted certificate. | ||||
| Applies to: |
Created: 2009-09-21 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-3271 |
Title: Apple Safari on iPhone OS 3.0.1 allows remote attackers to cause a denial of service (application crash) via a long tel: URL in the SRC attribute of an IFRAME element. |
Type: Mobile Devices |
Bulletins:
CVE-2009-3271 SFBID36386 |
Severity: Medium |
| Description: Apple Safari on iPhone OS 3.0.1 allows remote attackers to cause a denial of service (application crash) via a long tel: URL in the SRC attribute of an IFRAME element. | ||||
| Applies to: |
Created: 2009-09-21 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2797 |
Title: The WebKit component in Safari in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not remove usernames and passwords from URLs sent in Referer headers, which allows remote attackers to obtain sensitive... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2797 SFBID36339 |
Severity: Medium |
| Description: The WebKit component in Safari in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not remove usernames and passwords from URLs sent in Referer headers, which allows remote attackers to obtain sensitive information by reading Referer logs on a web server. | ||||
| Applies to: |
Created: 2009-09-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2796 |
Title: The UIKit component in Apple iPhone OS 3.0, and iPhone OS 3.0.1 for iPod touch, allows physically proximate attackers to discover a password by watching a user undo deletions of characters in the password. |
Type: Mobile Devices |
Bulletins:
CVE-2009-2796 SFBID36335 |
Severity: Low |
| Description: The UIKit component in Apple iPhone OS 3.0, and iPhone OS 3.0.1 for iPod touch, allows physically proximate attackers to discover a password by watching a user undo deletions of characters in the password. | ||||
| Applies to: |
Created: 2009-09-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2815 |
Title: The Telephony component in Apple iPhone OS before 3.1 does not properly handle SMS arrival notifications, which allows remote attackers to cause a denial of service (NULL pointer dereference and service interruption) via a crafted... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2815 |
Severity: High |
| Description: The Telephony component in Apple iPhone OS before 3.1 does not properly handle SMS arrival notifications, which allows remote attackers to cause a denial of service (NULL pointer dereference and service interruption) via a crafted SMS message. | ||||
| Applies to: |
Created: 2009-09-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2207 |
Title: The MobileMail component in Apple iPhone OS 3.0 and 3.0.1, and iPhone OS 3.0 for iPod touch, lists deleted e-mail messages in Spotlight search results, which might allow local users to obtain sensitive information by reading these... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2207 SFBID36337 |
Severity: Low |
| Description: The MobileMail component in Apple iPhone OS 3.0 and 3.0.1, and iPhone OS 3.0 for iPod touch, lists deleted e-mail messages in Spotlight search results, which might allow local users to obtain sensitive information by reading these messages. | ||||
| Applies to: |
Created: 2009-09-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2794 |
Title: The Exchange Support component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not properly implement the "Maximum inactivity time lock" functionality, which allows local users to bypass intended... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2794 SFBID36342 |
Severity: Medium |
| Description: The Exchange Support component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, does not properly implement the "Maximum inactivity time lock" functionality, which allows local users to bypass intended Microsoft Exchange restrictions by choosing a large Require Passcode time value. | ||||
| Applies to: |
Created: 2009-09-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2206 |
Title: Multiple heap-based buffer overflows in the AudioCodecs library in the CoreAudio component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allow remote attackers to execute arbitrary code or cause a denial... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2206 SFBID36338 |
Severity: Medium |
| Description: Multiple heap-based buffer overflows in the AudioCodecs library in the CoreAudio component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted (1) AAC or (2) MP3 file, as demonstrated by a ringtone with malformed entries in the sample size table. | ||||
| Applies to: |
Created: 2009-09-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2795 |
Title: Heap-based buffer overflow in the Recovery Mode component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allows local users to bypass the passcode requirement and access arbitrary data via vectors related... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2795 SFBID36341 |
Severity: High |
| Description: Heap-based buffer overflow in the Recovery Mode component in Apple iPhone OS before 3.1, and iPhone OS before 3.1.1 for iPod touch, allows local users to bypass the passcode requirement and access arbitrary data via vectors related to "command parsing." | ||||
| Applies to: |
Created: 2009-09-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0627 |
Title: Unspecified vulnerability in Cisco NX-OS before 4.0(1a)N2(1), when running on Nexus 5000 platforms, allows remote attackers to cause a denial of service (crash) via an unspecified "sequence of TCP packets" related to "TCP State manipulation,"... |
Type: Hardware |
Bulletins:
CVE-2009-0627 |
Severity: High |
| Description: Unspecified vulnerability in Cisco NX-OS before 4.0(1a)N2(1), when running on Nexus 5000 platforms, allows remote attackers to cause a denial of service (crash) via an unspecified "sequence of TCP packets" related to "TCP State manipulation," possibly related to separate attacks against CVE-2008-4609. | ||||
| Applies to: Cisco Nexus 5000 Series Cisco Nexus 7000 |
Created: 2009-09-08 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2861 |
Title: The Over-the-Air Provisioning (OTAP) functionality on Cisco Aironet Lightweight Access Point 1100 and 1200 devices does not properly implement access-point association, which allows remote attackers to spoof a controller and cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2009-2861 SFBID36145 |
Severity: High |
| Description: The Over-the-Air Provisioning (OTAP) functionality on Cisco Aironet Lightweight Access Point 1100 and 1200 devices does not properly implement access-point association, which allows remote attackers to spoof a controller and cause a denial of service (service outage) via crafted remote radio management (RRM) packets, aka "SkyJack" or Bug ID CSCtb56664. | ||||
| Applies to: Cisco Aironet Ap1100 Cisco Aironet Ap1200 |
Created: 2009-08-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2050 |
Title: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) before 6.1(1) allows remote attackers to cause a denial of service (voice-services outage) via a malformed header in a SIP message, aka Bug ID CSCsi46466. |
Type: Hardware |
Bulletins:
CVE-2009-2050 SFBID36152 |
Severity: High |
| Description: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) before 6.1(1) allows remote attackers to cause a denial of service (voice-services outage) via a malformed header in a SIP message, aka Bug ID CSCsi46466. | ||||
| Applies to: Unified Communications Manager |
Created: 2009-08-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2054 |
Title: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2a)su1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and... |
Type: Hardware |
Bulletins:
CVE-2009-2054 SFBID36152 |
Severity: High |
| Description: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2a)su1 allows remote attackers to cause a denial of service (file-descriptor exhaustion and SIP outage) via a flood of TCP packets, aka Bug ID CSCsx23689. | ||||
| Applies to: Unified Communications Manager |
Created: 2009-08-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2053 |
Title: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP... |
Type: Hardware |
Bulletins:
CVE-2009-2053 SFBID36152 |
Severity: High |
| Description: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2a)su1, and 7.1 before 7.1(2) allows remote attackers to cause a denial of service (file-descriptor exhaustion and SCCP outage) via a flood of TCP packets, aka Bug ID CSCsx32236. | ||||
| Applies to: Unified Communications Manager |
Created: 2009-08-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2052 |
Title: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2), and 7.1 before 7.1(2); and Cisco Unified Presence 1.x, 6.x before 6.0(6), and 7.x before 7.0(4); allows remote... |
Type: Hardware |
Bulletins:
CVE-2009-2052 SFBID36152 |
Severity: High |
| Description: Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), 7.0 before 7.0(2), and 7.1 before 7.1(2); and Cisco Unified Presence 1.x, 6.x before 6.0(6), and 7.x before 7.0(4); allows remote attackers to cause a denial of service (TCP services outage) via a large number of TCP connections, related to "tracking of network connections," aka Bug IDs CSCsq22534 and CSCsw52371. | ||||
| Applies to: Unified Communications Manager |
Created: 2009-08-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2051 |
Title: Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), and 7.x before 7.1(2) allow remote... |
Type: Hardware |
Bulletins:
CVE-2009-2051 SFBID36152 |
Severity: High |
| Description: Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x, 5.x before 5.1(3g), 6.x before 6.1(4), and 7.x before 7.1(2) allow remote attackers to cause a denial of service (device reload or voice-services outage) via a malformed SIP INVITE message that triggers an improper call to the sipSafeStrlen function, aka Bug IDs CSCsz40392 and CSCsz43987. | ||||
| Applies to: Unified Communications Manager |
Created: 2009-08-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2976 |
Title: Cisco Aironet Lightweight Access Point (AP) devices send the contents of certain multicast data frames in cleartext, which allows remote attackers to discover Wireless LAN Controller MAC addresses and IP addresses, and AP configuration details, by... |
Type: Hardware |
Bulletins:
CVE-2009-2976 |
Severity: High |
| Description: Cisco Aironet Lightweight Access Point (AP) devices send the contents of certain multicast data frames in cleartext, which allows remote attackers to discover Wireless LAN Controller MAC addresses and IP addresses, and AP configuration details, by sniffing the wireless network. | ||||
| Applies to: Cisco Aironet Ap1100 Cisco Aironet Ap1200 |
Created: 2009-08-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2056 |
Title: Cisco IOS XR 3.8.1 and earlier allows remote authenticated users to cause a denial of service (process crash) via vectors involving a BGP UPDATE message with many AS numbers prepended to the AS path. |
Type: Hardware |
Bulletins:
CVE-2009-2056 |
Severity: Low |
| Description: Cisco IOS XR 3.8.1 and earlier allows remote authenticated users to cause a denial of service (process crash) via vectors involving a BGP UPDATE message with many AS numbers prepended to the AS path. | ||||
| Applies to: |
Created: 2009-08-21 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1154 |
Title: Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a denial of service (process crash) via a long BGP UPDATE message, as demonstrated by a message with many AS numbers in the AS Path Attribute. |
Type: Hardware |
Bulletins:
CVE-2009-1154 |
Severity: Low |
| Description: Cisco IOS XR 3.8.1 and earlier allows remote attackers to cause a denial of service (process crash) via a long BGP UPDATE message, as demonstrated by a message with many AS numbers in the AS Path Attribute. | ||||
| Applies to: |
Created: 2009-08-21 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2055 |
Title: Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009. |
Type: Hardware |
Bulletins:
CVE-2009-2055 |
Severity: Medium |
| Description: Cisco IOS XR 3.4.0 through 3.8.1 allows remote attackers to cause a denial of service (session reset) via a BGP UPDATE message with an invalid attribute, as demonstrated in the wild on 17 August 2009. | ||||
| Applies to: |
Created: 2009-08-19 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2199 |
Title: Incomplete blacklist vulnerability in WebKit in Apple Safari before 4.0.3, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to spoof domain names in URLs, and... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2199 SFBID36026 |
Severity: Medium |
| Description: Incomplete blacklist vulnerability in WebKit in Apple Safari before 4.0.3, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to spoof domain names in URLs, and possibly conduct phishing attacks, via unspecified homoglyphs. | ||||
| Applies to: |
Created: 2009-08-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2204 |
Title: Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS message that triggers memory... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2204 SFBID35569 |
Severity: High |
| Description: Unspecified vulnerability in the CoreTelephony component in Apple iPhone OS before 3.0.1 allows remote attackers to execute arbitrary code, obtain GPS coordinates, or enable the microphone via an SMS message that triggers memory corruption, as demonstrated by Charlie Miller at SyScan '09 Singapore. | ||||
| Applies to: |
Created: 2009-08-03 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2656 |
Title: Unspecified vulnerability in the com.android.phone process in Android 1.0, 1.1, and 1.5 allows remote attackers to cause a denial of service (network disconnection) via a crafted SMS message, as demonstrated by Collin Mulliner and... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2656 SFBID35886 |
Severity: Medium |
| Description: Unspecified vulnerability in the com.android.phone process in Android 1.0, 1.1, and 1.5 allows remote attackers to cause a denial of service (network disconnection) via a crafted SMS message, as demonstrated by Collin Mulliner and Charlie Miller at Black Hat USA 2009. | ||||
| Applies to: |
Created: 2009-08-03 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1168 |
Title: Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through... |
Type: Hardware |
Bulletins:
CVE-2009-1168 SFBID35862 |
Severity: High |
| Description: Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (memory corruption and device reload) by using an RFC4271 peer to send an update with a long series of AS numbers, aka Bug ID CSCsy86021. | ||||
| Applies to: |
Created: 2009-07-30 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2049 |
Title: Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1 through 12.2(33)SXI2, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t... |
Type: Hardware |
Bulletins:
CVE-2009-2049 SFBID35860 |
Severity: Medium |
| Description: Cisco IOS 12.0(32)S12 through 12.0(32)S13 and 12.0(33)S3 through 12.0(33)S4, 12.0(32)SY8 through 12.0(32)SY9, 12.2(33)SXI1 through 12.2(33)SXI2, 12.2XNC before 12.2(33)XNC2, 12.2XND before 12.2(33)XND1, and 12.4(24)T1; and IOS XE 2.3 through 2.3.1t and 2.4 through 2.4.0; when RFC4893 BGP routing is enabled, allows remote attackers to cause a denial of service (device reload) by using an RFC4271 peer to send a malformed update, aka Bug ID CSCta33973. | ||||
| Applies to: |
Created: 2009-07-30 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1167 |
Title: Unspecified vulnerability on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules... |
Type: Hardware |
Bulletins:
CVE-2009-1167 |
Severity: High |
| Description: Unspecified vulnerability on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to modify the configuration via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCsy44672. | ||||
| Applies to: Cisco Catalyst 3750G Cisco WLC 2000 Cisco WLC 2100 Cisco WLC 4100 |
Created: 2009-07-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1166 |
Title: The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services... |
Type: Hardware |
Bulletins:
CVE-2009-1166 |
Severity: High |
| Description: The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0 and 5.x before 5.2.191.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to cause a denial of service (device reload) via a crafted (1) HTTP or (2) HTTPS request, aka Bug ID CSCsy27708. | ||||
| Applies to: Cisco Catalyst 3750G |
Created: 2009-07-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1164 |
Title: The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.2 before 4.2.205.0 and 5.x before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services... |
Type: Hardware |
Bulletins:
CVE-2009-1164 |
Severity: High |
| Description: The administrative web interface on the Cisco Wireless LAN Controller (WLC) platform 4.2 before 4.2.205.0 and 5.x before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to cause a denial of service (device reload) via a malformed response to a (1) HTTP or (2) HTTPS authentication request, aka Bug ID CSCsx03715. | ||||
| Applies to: Cisco Catalyst 3750G Cisco WLC 2000 Cisco WLC 2100 Cisco WLC 4100 |
Created: 2009-07-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1165 |
Title: Memory leak on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0, 5.1 before 5.1.163.0, and 5.0 and 5.2 before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless... |
Type: Hardware |
Bulletins:
CVE-2009-1165 SFBID35817 |
Severity: High |
| Description: Memory leak on the Cisco Wireless LAN Controller (WLC) platform 4.x before 4.2.205.0, 5.1 before 5.1.163.0, and 5.0 and 5.2 before 5.2.178.0, as used in Cisco 1500 Series, 2000 Series, 2100 Series, 4100 Series, 4200 Series, and 4400 Series Wireless Services Modules (WiSM), WLC Modules for Integrated Services Routers, and Catalyst 3750G Integrated Wireless LAN Controllers, allows remote attackers to cause a denial of service (memory consumption and device reload) via SSH management connections, aka Bug ID CSCsw40789. | ||||
| Applies to: Cisco Catalyst 3750G Cisco WLC 2000 Cisco WLC 2100 Cisco WLC 4100 |
Created: 2009-07-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-2348 |
Title: Android 1.5 CRBxx allows local users to bypass the (1) Manifest.permission.CAMERA (aka android.permission.CAMERA) and (2) Manifest.permission.AUDIO_RECORD (aka android.permission.RECORD_AUDIO) configuration settings by installing and... |
Type: Mobile Devices |
Bulletins:
CVE-2009-2348 SFBID35717 |
Severity: Medium |
| Description: Android 1.5 CRBxx allows local users to bypass the (1) Manifest.permission.CAMERA (aka android.permission.CAMERA) and (2) Manifest.permission.AUDIO_RECORD (aka android.permission.RECORD_AUDIO) configuration settings by installing and executing an application that does not make a permission request before using the camera or microphone. | ||||
| Applies to: |
Created: 2009-07-17 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1725 |
Title: WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1725 SFBID35607 |
Severity: High |
| Description: WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms; KHTML in kdelibs in KDE; QtWebKit (aka Qt toolkit); and possibly other products do not properly handle numeric character references, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. | ||||
| Applies to: |
Created: 2009-07-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1724 |
Title: Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1724 SFBID35441 |
Severity: Medium |
| Description: Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0.2, as used on iPhone OS before 3.1, iPhone OS before 3.1.1 for iPod touch, and other platforms, allows remote attackers to inject arbitrary web script or HTML via vectors related to parent and top objects. | ||||
| Applies to: |
Created: 2009-07-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1203 |
Title: WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 does not properly distinguish its own login screen from the login screens it produces for third-party (1) FTP and (2) CIFS servers, which makes it... |
Type: Hardware |
Bulletins:
CVE-2009-1203 SFBID35475 |
Severity: Medium |
| Description: WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 does not properly distinguish its own login screen from the login screens it produces for third-party (1) FTP and (2) CIFS servers, which makes it easier for remote attackers to trick a user into sending WebVPN credentials to an arbitrary server via a URL associated with that server, aka Bug ID CSCsy80709. | ||||
| Applies to: |
Created: 2009-06-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1202 |
Title: WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass certain protection mechanisms involving URL rewriting and HTML rewriting, and conduct cross-site scripting (XSS)... |
Type: Hardware |
Bulletins:
CVE-2009-1202 SFBID35480 |
Severity: Medium |
| Description: WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass certain protection mechanisms involving URL rewriting and HTML rewriting, and conduct cross-site scripting (XSS) attacks, by modifying the first hex-encoded character in a /+CSCO+ URI, aka Bug ID CSCsy80705. | ||||
| Applies to: |
Created: 2009-06-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1201 |
Title: Eval injection vulnerability in the csco_wrap_js function in /+CSCOL+/cte.js in WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass a DOM wrapper and conduct... |
Type: Hardware |
Bulletins:
CVE-2009-1201 SFBID35476 |
Severity: Medium |
| Description: Eval injection vulnerability in the csco_wrap_js function in /+CSCOL+/cte.js in WebVPN on the Cisco Adaptive Security Appliances (ASA) device with software 8.0(4), 8.1.2, and 8.2.1 allows remote attackers to bypass a DOM wrapper and conduct cross-site scripting (XSS) attacks by setting CSCO_WebVPN['process'] to the name of a crafted function, aka Bug ID CSCsy80694. | ||||
| Applies to: |
Created: 2009-06-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1692 |
Title: WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Safari, and other software, allows remote attackers to cause a denial of service (memory consumption or device reset) via... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1692 SFBID35414 |
Severity: High |
| Description: WebKit before r41741, as used in Apple iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Safari, and other software, allows remote attackers to cause a denial of service (memory consumption or device reset) via a web page containing an HTMLSelectElement object with a large length attribute, related to the length property of a Select object. | ||||
| Applies to: |
Created: 2009-06-19 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1683 |
Title: The Telephony component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted ICMP echo request, which triggers an... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1683 SFBID35414 |
Severity: High |
| Description: The Telephony component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted ICMP echo request, which triggers an assertion error related to a "logic issue." | ||||
| Applies to: |
Created: 2009-06-19 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1679 |
Title: The Profiles component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1, when installing a configuration profile, can replace the password policy from Exchange ActiveSync with a weaker password... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1679 SFBID35414 |
Severity: Low |
| Description: The Profiles component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1, when installing a configuration profile, can replace the password policy from Exchange ActiveSync with a weaker password policy, which allows physically proximate attackers to bypass the intended policy. | ||||
| Applies to: |
Created: 2009-06-19 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0959 |
Title: The MPEG-4 video codec in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted MPEG-4 video file that triggers an "input... |
Type: Mobile Devices |
Bulletins:
CVE-2009-0959 SFBID35414 |
Severity: High |
| Description: The MPEG-4 video codec in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to cause a denial of service (device reset) via a crafted MPEG-4 video file that triggers an "input validation issue." | ||||
| Applies to: |
Created: 2009-06-19 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0960 |
Title: The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not provide an option to disable remote image loading in HTML email, which allows remote attackers to determine the device... |
Type: Mobile Devices |
Bulletins:
CVE-2009-0960 SFBID35414 |
Severity: Medium |
| Description: The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not provide an option to disable remote image loading in HTML email, which allows remote attackers to determine the device address and when an e-mail is read via an HTML email containing an image URL. | ||||
| Applies to: |
Created: 2009-06-19 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0961 |
Title: The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 dismisses the call approval dialog when another alert appears, which might allow remote attackers to force the iPhone to place a... |
Type: Mobile Devices |
Bulletins:
CVE-2009-0961 SFBID35414 |
Severity: Medium |
| Description: The Mail component in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 dismisses the call approval dialog when another alert appears, which might allow remote attackers to force the iPhone to place a call without user approval by causing an application to trigger an alert. | ||||
| Applies to: |
Created: 2009-06-19 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1680 |
Title: Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly clear the search history when it is cleared from the Settings application, which allows physically proximate attackers to... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1680 SFBID35414 |
Severity: Low |
| Description: Safari in Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly clear the search history when it is cleared from the Settings application, which allows physically proximate attackers to obtain the search history. | ||||
| Applies to: |
Created: 2009-06-19 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0958 |
Title: Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 stores an exception for a hostname when the user accepts an untrusted Exchange server certificate, which causes it to be accepted without prompting in... |
Type: Mobile Devices |
Bulletins:
CVE-2009-0958 SFBID35414 |
Severity: Medium |
| Description: Apple iPhone OS 1.0 through 2.2.1 and iPhone OS for iPod touch 1.1 through 2.2.1 stores an exception for a hostname when the user accepts an untrusted Exchange server certificate, which causes it to be accepted without prompting in future usage and allows remote Exchange servers to obtain sensitive information such as credentials. | ||||
| Applies to: |
Created: 2009-06-19 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1698 |
Title: WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1698 SFBID35260 |
Severity: High |
| Description: WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not initialize a pointer during handling of a Cascading Style Sheets (CSS) attr function call with a large numerical argument, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. | ||||
| Applies to: |
Created: 2009-06-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1690 |
Title: Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1690 SFBID35260 |
Severity: High |
| Description: Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, iPhone OS for iPod touch 1.1 through 2.2.1, Google Chrome 1.0.154.53, and possibly other products, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) by setting an unspecified property of an HTML tag that causes child elements to be freed and later accessed when an HTML error occurs, related to "recursion in certain DOM event handlers." | ||||
| Applies to: |
Created: 2009-06-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1701 |
Title: Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1701 SFBID35260 |
Severity: High |
| Description: Use-after-free vulnerability in the JavaScript DOM implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) by destroying a document.body element that has an unspecified XML container with elements that support the dir attribute. | ||||
| Applies to: |
Created: 2009-06-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1700 |
Title: The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read XML content from... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1700 SFBID35260 |
Severity: Medium |
| Description: The XSLT implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle redirects, which allows remote attackers to read XML content from arbitrary web pages via a crafted document. | ||||
| Applies to: |
Created: 2009-06-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1699 |
Title: The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle XML external entities, which allows remote attackers to read... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1699 SFBID35260 |
Severity: High |
| Description: The XSL stylesheet implementation in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 does not properly handle XML external entities, which allows remote attackers to read arbitrary files via a crafted DTD, as demonstrated by a file:///etc/passwd URL in an entity declaration, related to an "XXE attack." | ||||
| Applies to: |
Created: 2009-06-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1702 |
Title: Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1702 SFBID35260 |
Severity: Medium |
| Description: Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 4.0, iPhone OS 1.0 through 2.2.1, and iPhone OS for iPod touch 1.1 through 2.2.1 allows remote attackers to inject arbitrary web script or HTML via vectors related to improper handling of Location and History objects. | ||||
| Applies to: |
Created: 2009-06-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1754 |
Title: The PackageManagerService class in services/java/com/android/server/PackageManagerService.java in Android 1.5 through 1.5 CRB42 does not properly check developer certificates during processing of sharedUserId requests at an... |
Type: Mobile Devices |
Bulletins:
CVE-2009-1754 SFBID35090 |
Severity: Medium |
| Description: The PackageManagerService class in services/java/com/android/server/PackageManagerService.java in Android 1.5 through 1.5 CRB42 does not properly check developer certificates during processing of sharedUserId requests at an application's installation time, which allows remote user-assisted attackers to access application data by creating a package that specifies a shared user ID with an arbitrary application. | ||||
| Applies to: |
Created: 2009-05-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1561 |
Title: Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that change the administrator... |
Type: Hardware |
Bulletins:
CVE-2009-1561 SFBID34616 |
Severity: Medium |
| Description: Cross-site request forgery (CSRF) vulnerability in administration.cgi on the Cisco Linksys WRT54GC router with firmware 1.05.7 allows remote attackers to hijack the intranet connectivity of arbitrary users for requests that change the administrator password via the sysPasswd and sysConfirmPasswd parameters. | ||||
| Applies to: wrt54gc |
Created: 2009-05-06 |
Updated: 2024-09-07 |
||
| ID: MITRE:5868 |
Title: Microsoft Malformed BMP Filter Vulnerability |
Type: Software |
Bulletins:
MITRE:5868 CVE-2008-3020 |
Severity: High |
| Description: Microsoft Office 2000 SP3 and XP SP3; Office Converter Pack; and Works 8 do not properly parse the length of a BMP file, which allows remote attackers to execute arbitrary code via a crafted BMP file, aka the "Malformed BMP Filter Vulnerability." | ||||
| Applies to: Microsoft Office 2000 Microsoft Office Converter Pack Microsoft Office Project 2002 Microsoft Office XP Microsoft Works |
Created: 2009-05-04 |
Updated: 2024-09-07 |
||
| ID: MITRE:5336 |
Title: Apple iTunes Information Disclosure Vulnerability |
Type: Software |
Bulletins:
MITRE:5336 CVE-2009-0143 |
Severity: Medium |
| Description: Apple iTunes before 8.1 does not properly inform the user about the origin of an authentication request, which makes it easier for remote podcast servers to trick a user into providing a username and password when subscribing to a crafted podcast. | ||||
| Applies to: Apple iTunes |
Created: 2009-05-04 |
Updated: 2024-09-07 |
||
| ID: MITRE:6001 |
Title: Apple iTunes Denial of Service Vulnerability |
Type: Software |
Bulletins:
MITRE:6001 CVE-2009-0016 |
Severity: Medium |
| Description: Apple iTunes before 8.1 on Windows allows remote attackers to cause a denial of service (infinite loop) via a Digital Audio Access Protocol (DAAP) message with a crafted Content-Length header. | ||||
| Applies to: Apple iTunes |
Created: 2009-05-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1156 |
Title: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15, when an SSL VPN or ASDM access is configured, allows remote attackers to cause a denial of service (device reload)... |
Type: Hardware |
Bulletins:
CVE-2009-1156 SFBID34429 |
Severity: Medium |
| Description: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 8.0 before 8.0(4)25 and 8.1 before 8.1(2)15, when an SSL VPN or ASDM access is configured, allows remote attackers to cause a denial of service (device reload) via a crafted (1) SSL or (2) HTTP packet. | ||||
| Applies to: |
Created: 2009-04-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1158 |
Title: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)26, 8.0 before 8.0(4)24, and 8.1 before 8.1(2)14, when H.323 inspection is enabled, allows remote... |
Type: Hardware |
Bulletins:
CVE-2009-1158 SFBID34429 |
Severity: High |
| Description: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series devices 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)26, 8.0 before 8.0(4)24, and 8.1 before 8.1(2)14, when H.323 inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted H.323 packet. | ||||
| Applies to: |
Created: 2009-04-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1159 |
Title: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2 before 7.2(4)26, 8.0 before 8.0(4)22, and 8.1 before 8.1(2)12, when SQL*Net inspection is enabled, allows remote attackers to cause a... |
Type: Hardware |
Bulletins:
CVE-2009-1159 SFBID34429 |
Severity: High |
| Description: Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2 before 7.2(4)26, 8.0 before 8.0(4)22, and 8.1 before 8.1(2)12, when SQL*Net inspection is enabled, allows remote attackers to cause a denial of service (traceback and device reload) via a series of SQL*Net packets. | ||||
| Applies to: |
Created: 2009-04-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1157 |
Title: Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)30, 8.0 before 8.0(4)28, and 8.1 before 8.1(2)19 allows remote attackers to cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2009-1157 SFBID34429 |
Severity: High |
| Description: Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)6, 7.1 before 7.1(2)82, 7.2 before 7.2(4)30, 8.0 before 8.0(4)28, and 8.1 before 8.1(2)19 allows remote attackers to cause a denial of service (memory consumption or device reload) via a crafted TCP packet. | ||||
| Applies to: |
Created: 2009-04-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1155 |
Title: Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(2)82, 7.2 before 7.2(4)27, 8.0 before 8.0(4)25, and 8.1 before 8.1(2)15, when AAA override-account-disable is entered in a general-attributes field,... |
Type: Hardware |
Bulletins:
CVE-2009-1155 SFBID34429 |
Severity: High |
| Description: Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.1(1) through 7.1(2)82, 7.2 before 7.2(4)27, 8.0 before 8.0(4)25, and 8.1 before 8.1(2)15, when AAA override-account-disable is entered in a general-attributes field, allow remote attackers to bypass authentication and establish a VPN session to an ASA device via unspecified vectors. | ||||
| Applies to: |
Created: 2009-04-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-1160 |
Title: Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote... |
Type: Hardware |
Bulletins:
CVE-2009-1160 SFBID34429 |
Severity: Medium |
| Description: Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)1, 7.1 before 7.1(2)74, 7.2 before 7.2(4)9, and 8.0 before 8.0(4)5 do not properly implement the implicit deny statement, which might allow remote attackers to successfully send packets that bypass intended access restrictions, aka Bug ID CSCsq91277. | ||||
| Applies to: |
Created: 2009-04-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-6576 |
Title: Unspecified vulnerability in the "session limitation technique" in the FTP service on Nortel Communications Server 1000 (CS1K) 4.50.x, when running on VGMC or signaling nodes, allows remote attackers to cause a denial of service (resource exhaustion... |
Type: Hardware |
Bulletins:
CVE-2008-6576 SFBID28691 |
Severity: High |
| Description: Unspecified vulnerability in the "session limitation technique" in the FTP service on Nortel Communications Server 1000 (CS1K) 4.50.x, when running on VGMC or signaling nodes, allows remote attackers to cause a denial of service (resource exhaustion and failed updates) via unknown vectors that causes consumption of all available sessions. | ||||
| Applies to: CS 1000 |
Created: 2009-04-01 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-6577 |
Title: Nortel MG1000S, Signaling Server, and Call Server on the Communications Server 1000 (CS1K) 4.50.x contain multiple unspecified hard-coded accounts and passwords, which allows remote attackers to gain privileges. |
Type: Hardware |
Bulletins:
CVE-2008-6577 SFBID28691 |
Severity: High |
| Description: Nortel MG1000S, Signaling Server, and Call Server on the Communications Server 1000 (CS1K) 4.50.x contain multiple unspecified hard-coded accounts and passwords, which allows remote attackers to gain privileges. | ||||
| Applies to: CS 1000 |
Created: 2009-04-01 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-6579 |
Title: Nortel Communication Server 1000 4.50.x allows remote attackers to obtain Web application structure via unknown vectors related to "web resources to phones and administrators." |
Type: Hardware |
Bulletins:
CVE-2008-6579 SFBID28691 |
Severity: Medium |
| Description: Nortel Communication Server 1000 4.50.x allows remote attackers to obtain Web application structure via unknown vectors related to "web resources to phones and administrators." | ||||
| Applies to: CS 1000 |
Created: 2009-04-01 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-6578 |
Title: Multiple unspecified vulnerabilities in Nortel Communication Server 1000 4.50.x allow remote attackers to execute arbitrary commands to gain privileges, obtain sensitive information, or cause a denial of service via unknown vectors. |
Type: Hardware |
Bulletins:
CVE-2008-6578 SFBID28691 |
Severity: High |
| Description: Multiple unspecified vulnerabilities in Nortel Communication Server 1000 4.50.x allow remote attackers to execute arbitrary commands to gain privileges, obtain sensitive information, or cause a denial of service via unknown vectors. | ||||
| Applies to: CS 1000 |
Created: 2009-04-01 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0636 |
Title: Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when SIP voice services are enabled, allows remote attackers to cause a denial of service (device crash) via a valid SIP message. |
Type: Hardware |
Bulletins:
CVE-2009-0636 SFBID34243 |
Severity: High |
| Description: Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when SIP voice services are enabled, allows remote attackers to cause a denial of service (device crash) via a valid SIP message. | ||||
| Applies to: |
Created: 2009-03-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0631 |
Title: Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when configured with (1) IP Service Level Agreements (SLAs) Responder, (2) Session Initiation Protocol (SIP), (3) H.323 Annex E Call Signaling Transport, or (4) Media Gateway Control Protocol... |
Type: Hardware |
Bulletins:
CVE-2009-0631 SFBID34245 |
Severity: High |
| Description: Unspecified vulnerability in Cisco IOS 12.0 through 12.4, when configured with (1) IP Service Level Agreements (SLAs) Responder, (2) Session Initiation Protocol (SIP), (3) H.323 Annex E Call Signaling Transport, or (4) Media Gateway Control Protocol (MGCP) allows remote attackers to cause a denial of service (blocked input queue on the inbound interface) via a crafted UDP packet. | ||||
| Applies to: |
Created: 2009-03-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0626 |
Title: The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTPS packet. |
Type: Hardware |
Bulletins:
CVE-2009-0626 SFBID34239 |
Severity: High |
| Description: The SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (device reload or hang) via a crafted HTTPS packet. | ||||
| Applies to: |
Created: 2009-03-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0637 |
Title: The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enforce the CLI view configuration for file transfers, which allows remote authenticated users with an attached CLI view to (1) read or (2) overwrite... |
Type: Hardware |
Bulletins:
CVE-2009-0637 SFBID34247 |
Severity: High |
| Description: The SCP server in Cisco IOS 12.2 through 12.4, when Role-Based CLI Access is enabled, does not enforce the CLI view configuration for file transfers, which allows remote authenticated users with an attached CLI view to (1) read or (2) overwrite arbitrary files via an SCP command. | ||||
| Applies to: |
Created: 2009-03-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0630 |
Title: The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway Signaling Support Over Transport Layer Security (TLS) Transport; (3) Secure Signaling and Media Encryption; (4) Blocks Extensible Exchange Protocol (BEEP); (5) Network Admission... |
Type: Hardware |
Bulletins:
CVE-2009-0630 SFBID34242 |
Severity: High |
| Description: The (1) Cisco Unified Communications Manager Express; (2) SIP Gateway Signaling Support Over Transport Layer Security (TLS) Transport; (3) Secure Signaling and Media Encryption; (4) Blocks Extensible Exchange Protocol (BEEP); (5) Network Admission Control HTTP Authentication Proxy; (6) Per-user URL Redirect for EAPoUDP, Dot1x, and MAC Authentication Bypass; (7) Distributed Director with HTTP Redirects; and (8) TCP DNS features in Cisco IOS 12.0 through 12.4 do not properly handle IP sockets, which allows remote attackers to cause a denial of service (outage or resource consumption) via a series of crafted TCP packets. | ||||
| Applies to: |
Created: 2009-03-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0629 |
Title: The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Architecture (NCIA) support, (5) Data-link switching (aka DLSw), (6) Remote Source-Route Bridging... |
Type: Hardware |
Bulletins:
CVE-2009-0629 SFBID34238 |
Severity: Medium |
| Description: The (1) Airline Product Set (aka ALPS), (2) Serial Tunnel Code (aka STUN), (3) Block Serial Tunnel Code (aka BSTUN), (4) Native Client Interface Architecture (NCIA) support, (5) Data-link switching (aka DLSw), (6) Remote Source-Route Bridging (RSRB), (7) Point to Point Tunneling Protocol (PPTP), (8) X.25 for Record Boundary Preservation (RBP), (9) X.25 over TCP (XOT), and (10) X.25 Routing features in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (device reload) via a series of crafted TCP packets. | ||||
| Applies to: |
Created: 2009-03-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0634 |
Title: Multiple unspecified vulnerabilities in the home agent (HA) implementation in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge... |
Type: Hardware |
Bulletins:
CVE-2009-0634 SFBID34241 |
Severity: High |
| Description: Multiple unspecified vulnerabilities in the home agent (HA) implementation in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge and interface outage) via an ICMP packet, aka Bug ID CSCso05337. | ||||
| Applies to: |
Created: 2009-03-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0633 |
Title: Multiple unspecified vulnerabilities in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge and interface outage) via MIPv6... |
Type: Hardware |
Bulletins:
CVE-2009-0633 SFBID34241 |
Severity: High |
| Description: Multiple unspecified vulnerabilities in the (1) Mobile IP NAT Traversal feature and (2) Mobile IPv6 subsystem in Cisco IOS 12.3 through 12.4 allow remote attackers to cause a denial of service (input queue wedge and interface outage) via MIPv6 packets, aka Bug ID CSCsm97220. | ||||
| Applies to: |
Created: 2009-03-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0628 |
Title: Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (memory consumption and device crash) by disconnecting an SSL session in an abnormal manner, leading to a Transmission Control... |
Type: Hardware |
Bulletins:
CVE-2009-0628 SFBID34239 |
Severity: High |
| Description: Memory leak in the SSLVPN feature in Cisco IOS 12.3 through 12.4 allows remote attackers to cause a denial of service (memory consumption and device crash) by disconnecting an SSL session in an abnormal manner, leading to a Transmission Control Block (TCB) leak. | ||||
| Applies to: |
Created: 2009-03-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0635 |
Title: Memory leak in the Cisco Tunneling Control Protocol (cTCP) encapsulation feature in Cisco IOS 12.4, when an Easy VPN (aka EZVPN) server is enabled, allows remote attackers to cause a denial of service (memory consumption and device crash) via a... |
Type: Hardware |
Bulletins:
CVE-2009-0635 SFBID34246 |
Severity: High |
| Description: Memory leak in the Cisco Tunneling Control Protocol (cTCP) encapsulation feature in Cisco IOS 12.4, when an Easy VPN (aka EZVPN) server is enabled, allows remote attackers to cause a denial of service (memory consumption and device crash) via a sequence of TCP packets. | ||||
| Applies to: |
Created: 2009-03-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0632 |
Title: The IP Phone Personal Address Book (PAB) Synchronizer feature in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.1, 4.2 before 4.2(3)SR4b, 4.3 before 4.3(2)SR1b, 5.x before 5.1(3e), 6.x before 6.1(3), and 7.0 before 7.0(2)... |
Type: Hardware |
Bulletins:
CVE-2009-0632 SFBID34082 |
Severity: High |
| Description: The IP Phone Personal Address Book (PAB) Synchronizer feature in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.1, 4.2 before 4.2(3)SR4b, 4.3 before 4.3(2)SR1b, 5.x before 5.1(3e), 6.x before 6.1(3), and 7.0 before 7.0(2) sends privileged directory-service account credentials to the client in cleartext, which allows remote attackers to modify the CUCM configuration and perform other privileged actions by intercepting these credentials, and then using them in requests unrelated to the intended synchronization task, as demonstrated by (1) DC Directory account credentials in CUCM 4.x and (2) TabSyncSysUser account credentials in CUCM 5.x through 7.x. | ||||
| Applies to: Unified Communications Manager |
Created: 2009-03-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0624 |
Title: Unspecified vulnerability in the SNMPv2c implementation in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote... |
Type: Hardware |
Bulletins:
CVE-2009-0624 SFBID33900 |
Severity: Medium |
| Description: Unspecified vulnerability in the SNMPv2c implementation in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of service (device reload) via a crafted SNMPv1 packet. | ||||
| Applies to: Cisco Ace 4710 |
Created: 2009-02-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0623 |
Title: Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2009-0623 SFBID33900 |
Severity: High |
| Description: Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.3) and Cisco ACE 4710 Application Control Engine Appliance before A3(2.1) allows remote attackers to cause a denial of service (device reload) via a crafted SSH packet. | ||||
| Applies to: Cisco Ace 4710 |
Created: 2009-02-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0622 |
Title: Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8a) allows remote authenticated users to execute... |
Type: Hardware |
Bulletins:
CVE-2009-0622 SFBID33900 |
Severity: High |
| Description: Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8a) allows remote authenticated users to execute arbitrary operating-system commands through a command line interface (CLI). | ||||
| Applies to: Cisco Ace 4710 |
Created: 2009-02-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0625 |
Title: Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8.0) allows remote attackers to cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2009-0625 SFBID33900 |
Severity: High |
| Description: Unspecified vulnerability in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers before A2(1.2) and Cisco ACE 4710 Application Control Engine Appliance before A1(8.0) allows remote attackers to cause a denial of service (device reload) via a crafted SNMPv3 packet. | ||||
| Applies to: Cisco Ace 4710 |
Created: 2009-02-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0742 |
Title: The username command in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers and Cisco ACE 4710 Application Control Engine Appliance stores a cleartext password by default, which allows context-dependent attackers... |
Type: Hardware |
Bulletins:
CVE-2009-0742 |
Severity: High |
| Description: The username command in Cisco ACE Application Control Engine Module for Catalyst 6500 Switches and 7600 Routers and Cisco ACE 4710 Application Control Engine Appliance stores a cleartext password by default, which allows context-dependent attackers to obtain sensitive information. | ||||
| Applies to: Cisco Ace 4710 |
Created: 2009-02-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0621 |
Title: Cisco ACE 4710 Application Control Engine Appliance before A1(8a) uses default (1) usernames and (2) passwords for (a) the administrator, (b) web management, and (c) device management, which makes it easier for remote attackers to perform... |
Type: Hardware |
Bulletins:
CVE-2009-0621 SFBID33900 |
Severity: High |
| Description: Cisco ACE 4710 Application Control Engine Appliance before A1(8a) uses default (1) usernames and (2) passwords for (a) the administrator, (b) web management, and (c) device management, which makes it easier for remote attackers to perform configuration changes to the Device Manager and other components, or obtain operating-system access. | ||||
| Applies to: Cisco Ace 4710 |
Created: 2009-02-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-6096 |
Title: Cross-site scripting (XSS) vulnerability in Juniper NetScreen ScreenOS before 5.4r10, 6.0r6, and 6.1r2 allows remote attackers to inject arbitrary web script or HTML via the user name parameter to the (1) web interface login page or the (2) telnet... |
Type: Hardware |
Bulletins:
CVE-2008-6096 SFBID31528 |
Severity: Medium |
| Description: Cross-site scripting (XSS) vulnerability in Juniper NetScreen ScreenOS before 5.4r10, 6.0r6, and 6.1r2 allows remote attackers to inject arbitrary web script or HTML via the user name parameter to the (1) web interface login page or the (2) telnet login page. | ||||
| Applies to: |
Created: 2009-02-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0470 |
Title: Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 12.4(23) allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under (1) level/15/exec/-/ or (2) exec/, a different... |
Type: Hardware |
Bulletins:
CVE-2009-0470 SFBID33625 |
Severity: Medium |
| Description: Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 12.4(23) allow remote attackers to inject arbitrary web script or HTML via the PATH_INFO to the default URI under (1) level/15/exec/-/ or (2) exec/, a different vulnerability than CVE-2008-3821. | ||||
| Applies to: |
Created: 2009-02-06 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0471 |
Title: Cross-site request forgery (CSRF) vulnerability in the HTTP server in Cisco IOS 12.4(23) allows remote attackers to execute arbitrary commands, as demonstrated by executing the hostname command with a level/15/configure/-/hostname request. |
Type: Hardware |
Bulletins:
CVE-2009-0471 |
Severity: Medium |
| Description: Cross-site request forgery (CSRF) vulnerability in the HTTP server in Cisco IOS 12.4(23) allows remote attackers to execute arbitrary commands, as demonstrated by executing the hostname command with a level/15/configure/-/hostname request. | ||||
| Applies to: |
Created: 2009-02-06 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0061 |
Title: Unspecified vulnerability in the Wireless LAN Controller (WLC) TSEC driver in the Cisco 4400 WLC, Cisco Catalyst 6500 and 7600 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before... |
Type: Hardware |
Bulletins:
CVE-2009-0061 SFBID33608 |
Severity: High |
| Description: Unspecified vulnerability in the Wireless LAN Controller (WLC) TSEC driver in the Cisco 4400 WLC, Cisco Catalyst 6500 and 7600 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.1 allows remote attackers to cause a denial of service (device crash or hang) via unknown IP packets. | ||||
| Applies to: Cisco WLC 4400 |
Created: 2009-02-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0062 |
Title: Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain... |
Type: Hardware |
Bulletins:
CVE-2009-0062 SFBID33608 |
Severity: High |
| Description: Unspecified vulnerability in the Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.2.173.0 allows remote authenticated users to gain privileges via unknown vectors, as demonstrated by escalation from the (1) Lobby Admin and (2) Local Management User privilege levels. | ||||
| Applies to: |
Created: 2009-02-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0058 |
Title: The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.2 allow remote attackers to cause a denial... |
Type: Hardware |
Bulletins:
CVE-2009-0058 SFBID33608 |
Severity: Medium |
| Description: The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.x before 5.2 allow remote attackers to cause a denial of service (web authentication outage or device reload) via unspecified network traffic, as demonstrated by a vulnerability scanner. | ||||
| Applies to: Cisco WLC 4400 |
Created: 2009-02-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0059 |
Title: The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.2.x before 5.2.157.0 allow remote attackers to cause a... |
Type: Hardware |
Bulletins:
CVE-2009-0059 SFBID33608 |
Severity: High |
| Description: The Cisco Wireless LAN Controller (WLC), Cisco Catalyst 6500 Wireless Services Module (WiSM), and Cisco Catalyst 3750 Integrated Wireless LAN Controller with software 4.x before 4.2.176.0 and 5.2.x before 5.2.157.0 allow remote attackers to cause a denial of service (device reload) via a web authentication (aka WebAuth) session that includes a malformed POST request to login.html. | ||||
| Applies to: Cisco WLC 4400 |
Created: 2009-02-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2009-0057 |
Title: The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager 5.x before 5.1(3e) and 6.x before 6.1(3) allows remote attackers to cause a denial of service (voice service outage) by sending malformed input over a... |
Type: Hardware |
Bulletins:
CVE-2009-0057 SFBID33379 |
Severity: Medium |
| Description: The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager 5.x before 5.1(3e) and 6.x before 6.1(3) allows remote attackers to cause a denial of service (voice service outage) by sending malformed input over a TCP session in which the "client terminates prematurely." | ||||
| Applies to: Unified Communications Manager |
Created: 2009-01-22 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-3821 |
Title: Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI. |
Type: Hardware |
Bulletins:
CVE-2008-3821 SFBID33260 |
Severity: Medium |
| Description: Multiple cross-site scripting (XSS) vulnerabilities in the HTTP server in Cisco IOS 11.0 through 12.4 allow remote attackers to inject arbitrary web script or HTML via (1) the query string to the ping program or (2) unspecified other aspects of the URI. | ||||
| Applies to: |
Created: 2009-01-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-3818 |
Title: Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, 7.2.2, 8.0.x, 8.5.1, and 8.5.2 allows remote attackers to cause a denial of service (control-card reset) via a crafted TCP session. |
Type: Hardware |
Bulletins:
CVE-2008-3818 SFBID33261 |
Severity: High |
| Description: Cisco ONS 15310-CL, 15310-MA, 15327, 15454, 15454 SDH, and 15600 with software 7.0.2 through 7.0.6, 7.2.2, 8.0.x, 8.5.1, and 8.5.2 allows remote attackers to cause a denial of service (control-card reset) via a crafted TCP session. | ||||
| Applies to: |
Created: 2009-01-16 |
Updated: 2024-09-07 |
||
| ID: MITRE:6075 |
Title: HIS Command Execution Vulnerability |
Type: Software |
Bulletins:
MITRE:6075 CVE-2008-3466 |
Severity: High |
| Description: Microsoft Host Integration Server (HIS) 2000, 2004, and 2006 does not limit RPC access to administrative functions, which allows remote attackers to bypass authentication and execute arbitrary programs via a crafted SNA RPC message using opcode 1 or 6 to call the CreateProcess function, aka "HIS Command Execution Vulnerability." | ||||
| Applies to: Microsoft Host Integration Server 2000 Microsoft Host Integration Server 2004 Microsoft Host Integration Server 2004 Client Microsoft Host Integration Server 2006 |
Created: 2008-12-08 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-5230 |
Title: The Temporal Key Integrity Protocol (TKIP) implementation in unspecified Cisco products and other vendors' products, as used in WPA and WPA2 on Wi-Fi networks, has insufficient countermeasures against certain crafted and replayed packets, which... |
Type: Hardware |
Bulletins:
CVE-2008-5230 SFBID32164 |
Severity: Medium |
| Description: The Temporal Key Integrity Protocol (TKIP) implementation in unspecified Cisco products and other vendors' products, as used in WPA and WPA2 on Wi-Fi networks, has insufficient countermeasures against certain crafted and replayed packets, which makes it easier for remote attackers to decrypt packets from an access point (AP) to a client and spoof packets from an AP to a client, and conduct ARP poisoning attacks or other attacks, as demonstrated by tkiptun-ng. | ||||
| Applies to: |
Created: 2008-11-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-4230 |
Title: The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 displays SMS messages when the emergency-call screen is visible, which allows physically proximate attackers to obtain... |
Type: Mobile Devices |
Bulletins:
CVE-2008-4230 SFBID32394 |
Severity: Low |
| Description: The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 displays SMS messages when the emergency-call screen is visible, which allows physically proximate attackers to obtain sensitive information by reading these messages. NOTE: this might be a duplicate of CVE-2008-4593. | ||||
| Applies to: |
Created: 2008-11-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-4228 |
Title: The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows physically proximate attackers to leverage the emergency-call ability of locked devices to make a phone call to an... |
Type: Mobile Devices |
Bulletins:
CVE-2008-4228 SFBID32394 |
Severity: Low |
| Description: The Passcode Lock feature in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows physically proximate attackers to leverage the emergency-call ability of locked devices to make a phone call to an arbitrary number. | ||||
| Applies to: |
Created: 2008-11-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-4232 |
Title: Safari in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.1 through 2.1 does not restrict an IFRAME's content display to the boundaries of the IFRAME, which allows remote attackers to spoof a user interface via a... |
Type: Mobile Devices |
Bulletins:
CVE-2008-4232 SFBID32394 |
Severity: Medium |
| Description: Safari in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.1 through 2.1 does not restrict an IFRAME's content display to the boundaries of the IFRAME, which allows remote attackers to spoof a user interface via a crafted HTML document. | ||||
| Applies to: |
Created: 2008-11-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-4231 |
Title: Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not properly handle HTML TABLE elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory... |
Type: Mobile Devices |
Bulletins:
CVE-2008-4231 SFBID32394 |
Severity: High |
| Description: Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not properly handle HTML TABLE elements, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption and application crash) via a crafted HTML document. | ||||
| Applies to: |
Created: 2008-11-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-4233 |
Title: Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not isolate the call-approval dialog from the process of launching new applications, which allows remote attackers to make arbitrary phone... |
Type: Mobile Devices |
Bulletins:
CVE-2008-4233 SFBID32394 |
Severity: Low |
| Description: Safari in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 does not isolate the call-approval dialog from the process of launching new applications, which allows remote attackers to make arbitrary phone calls via a crafted HTML document. | ||||
| Applies to: |
Created: 2008-11-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-4229 |
Title: Race condition in the Passcode Lock feature in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.0 through 2.1 allows physically proximate attackers to remove the lock and launch arbitrary applications by restoring the... |
Type: Mobile Devices |
Bulletins:
CVE-2008-4229 SFBID32394 |
Severity: Low |
| Description: Race condition in the Passcode Lock feature in Apple iPhone OS 2.0 through 2.1 and iPhone OS for iPod touch 2.0 through 2.1 allows physically proximate attackers to remove the lock and launch arbitrary applications by restoring the device from a backup. | ||||
| Applies to: |
Created: 2008-11-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-1586 |
Title: ImageIO in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allow remote attackers to cause a denial of service (memory consumption and device reset) via a crafted TIFF image. |
Type: Mobile Devices |
Bulletins:
CVE-2008-1586 SFBID32394 |
Severity: High |
| Description: ImageIO in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allow remote attackers to cause a denial of service (memory consumption and device reset) via a crafted TIFF image. | ||||
| Applies to: |
Created: 2008-11-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-4227 |
Title: Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 changes the encryption level of PPTP VPN connections to a lower level than was previously used, which makes it easier for remote attackers to obtain... |
Type: Mobile Devices |
Bulletins:
CVE-2008-4227 SFBID32394 |
Severity: High |
| Description: Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 changes the encryption level of PPTP VPN connections to a lower level than was previously used, which makes it easier for remote attackers to obtain sensitive information or hijack a connection by decrypting network traffic. | ||||
| Applies to: |
Created: 2008-11-25 |
Updated: 2024-09-07 |
||
| ID: REF000667 |
Title: USB devices installed over time |
Type: Information |
Bulletins: | Severity: Information |
| Description: This check generates a list of all USB devices that have been connected to the scanned computer. | ||||
| Applies to: |
Created: 2008-11-17 |
Updated: 2010-08-21 |
||
| ID: CVE-2008-4963 |
Title: Unspecified vulnerability in the VLAN Trunking Protocol (VTP) implementation on Cisco IOS and CatOS, when the VTP operating mode is not transparent, allows remote attackers to cause a denial of service (device reload or hang) via a crafted VTP... |
Type: Hardware |
Bulletins:
CVE-2008-4963 SFBID32120 |
Severity: High |
| Description: Unspecified vulnerability in the VLAN Trunking Protocol (VTP) implementation on Cisco IOS and CatOS, when the VTP operating mode is not transparent, allows remote attackers to cause a denial of service (device reload or hang) via a crafted VTP packet sent to a switch interface configured as a trunk port. | ||||
| Applies to: |
Created: 2008-11-06 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-4918 |
Title: Cross-site scripting (XSS) vulnerability in SonicWALL SonicOS Enhanced before 4.0.1.1, as used in SonicWALL Pro 2040 and TZ 180 and 190, allows remote attackers to inject arbitrary web script or HTML into arbitrary web sites via a URL to a site that... |
Type: Hardware |
Bulletins:
CVE-2008-4918 SFBID31998 |
Severity: Medium |
| Description: Cross-site scripting (XSS) vulnerability in SonicWALL SonicOS Enhanced before 4.0.1.1, as used in SonicWALL Pro 2040 and TZ 180 and 190, allows remote attackers to inject arbitrary web script or HTML into arbitrary web sites via a URL to a site that is blocked based on content filtering, which is not properly handled in the CFS block page, aka "universal website hijacking." | ||||
| Applies to: |
Created: 2008-11-04 |
Updated: 2024-09-07 |
||
| ID: MITRE:6035 |
Title: Apple iTunes Local Privilege Escalation Vulnerability |
Type: Software |
Bulletins:
MITRE:6035 CVE-2008-3636 |
Severity: High |
| Description: Integer overflow in the IopfCompleteRequest API in the kernel in Microsoft Windows 2000, XP, Server 2003, and Vista allows context-dependent attackers to gain privileges. NOTE: this issue was originally reported for GEARAspiWDM.sys 2.0.7.5 in Gear Software CD DVD Filter driver before 4.001.7, as used in other products including Apple iTunes and multiple Symantec and Norton products, which allows local users to gain privileges via repeated IoAttachDevice IOCTL calls to \\.\GEARAspiWDMDevice in this GEARAspiWDM.sys. However, the root cause is the integer overflow in the API call itself. | ||||
| Applies to: Apple iTunes |
Created: 2008-11-03 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-3816 |
Title: Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2(4)9 and 7.2(4)10 allows remote attackers to cause a denial of service (device reload) via a crafted IPv6 packet. |
Type: Hardware |
Bulletins:
CVE-2008-3816 SFBID31863 |
Severity: High |
| Description: Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.2(4)9 and 7.2(4)10 allows remote attackers to cause a denial of service (device reload) via a crafted IPv6 packet. | ||||
| Applies to: Cisco ASA 5500 Adaptive Security Appliance Cisco PIX 500 Firewall Series |
Created: 2008-10-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-3815 |
Title: Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)3, 7.1 before 7.1(2)78, 7.2 before 7.2(4)16, 8.0 before 8.0(4)6, and 8.1 before 8.1(1)13, when configured as a VPN using... |
Type: Hardware |
Bulletins:
CVE-2008-3815 SFBID31864 |
Severity: Medium |
| Description: Unspecified vulnerability in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 7.0 before 7.0(8)3, 7.1 before 7.1(2)78, 7.2 before 7.2(4)16, 8.0 before 8.0(4)6, and 8.1 before 8.1(1)13, when configured as a VPN using Microsoft Windows NT Domain authentication, allows remote attackers to bypass VPN authentication via unknown vectors. | ||||
| Applies to: |
Created: 2008-10-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-3817 |
Title: Memory leak in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 8.0 before 8.0(4) and 8.1 before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via an unspecified sequence of packets,... |
Type: Hardware |
Bulletins:
CVE-2008-3817 SFBID31865 |
Severity: High |
| Description: Memory leak in Cisco Adaptive Security Appliances (ASA) 5500 Series and PIX Security Appliances 8.0 before 8.0(4) and 8.1 before 8.1(2) allows remote attackers to cause a denial of service (memory consumption) via an unspecified sequence of packets, related to the "initialization code for the hardware crypto accelerator." | ||||
| Applies to: Cisco ASA 5500 Adaptive Security Appliance Cisco PIX 500 Firewall Series |
Created: 2008-10-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-4609 |
Title: The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple... |
Type: Hardware |
Bulletins:
CVE-2008-4609 |
Severity: High |
| Description: The TCP implementation in (1) Linux, (2) platforms based on BSD Unix, (3) Microsoft Windows, (4) Cisco products, and probably other operating systems allows remote attackers to cause a denial of service (connection queue exhaustion) via multiple vectors that manipulate information in the TCP state table, as demonstrated by sockstress. | ||||
| Applies to: |
Created: 2008-10-20 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-4594 |
Title: Unspecified vulnerability in the SNMPv3 component in Linksys WAP4400N firmware 1.2.14 on the Marvell Semiconductor 88W8361P-BEM1 chipset has unknown impact and attack vectors, probably remote. |
Type: Hardware |
Bulletins:
CVE-2008-4594 |
Severity: High |
| Description: Unspecified vulnerability in the SNMPv3 component in Linksys WAP4400N firmware 1.2.14 on the Marvell Semiconductor 88W8361P-BEM1 chipset has unknown impact and attack vectors, probably remote. | ||||
| Applies to: wap400n |
Created: 2008-10-17 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-4441 |
Title: The Marvell driver for the Linksys WAP4400N Wi-Fi access point with firmware 1.2.14 on the Marvell 88W8361P-BEM1 chipset, when WEP mode is enabled, does not properly parse malformed 802.11 frames, which allows remote attackers to cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2008-4441 SFBID31742 |
Severity: High |
| Description: The Marvell driver for the Linksys WAP4400N Wi-Fi access point with firmware 1.2.14 on the Marvell 88W8361P-BEM1 chipset, when WEP mode is enabled, does not properly parse malformed 802.11 frames, which allows remote attackers to cause a denial of service (reboot or hang-up) via a malformed association request containing the WEP flag, as demonstrated by a request that is too short, a different vulnerability than CVE-2008-1144 and CVE-2008-1197. | ||||
| Applies to: wap400n |
Created: 2008-10-14 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-4211 |
Title: Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows remote attackers to cause a denial of service... |
Type: Mobile Devices |
Bulletins:
CVE-2008-4211 SFBID31681 |
Severity: High |
| Description: Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted Microsoft Excel file that triggers an out-of-bounds memory access, related to "handling of columns." | ||||
| Applies to: |
Created: 2008-10-10 |
Updated: 2024-09-07 |
||
| ID: MITRE:5995 |
Title: Windows Messenger Information Disclosure Vulnerability |
Type: Software |
Bulletins:
MITRE:5995 CVE-2008-0082 |
Severity: High |
| Description: An ActiveX control (Messenger.UIAutomation.1) in Windows Messenger 4.7 and 5.1 is marked as safe-for-scripting, which allows remote attackers to control the Messenger application, and "change state," obtain contact information, and establish audio or video connections without notification via unknown vectors. | ||||
| Applies to: MSN Messenger 4.7 MSN Messenger 5.1 |
Created: 2008-10-06 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-4383 |
Title: Stack-based buffer overflow in the Agranet-Emweb embedded management web server in Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS 5.1 before 5.1.6.463.R02, 5.4 before 5.4.1.429.R01, 6.1.3 before 6.1.3.965.R01,... |
Type: Hardware |
Bulletins:
CVE-2008-4383 SFBID30652 |
Severity: High |
| Description: Stack-based buffer overflow in the Agranet-Emweb embedded management web server in Alcatel OmniSwitch OS7000, OS6600, OS6800, OS6850, and OS9000 Series devices with AoS 5.1 before 5.1.6.463.R02, 5.4 before 5.4.1.429.R01, 6.1.3 before 6.1.3.965.R01, 6.1.5 before 6.1.5.595.R01, and 6.3 before 6.3.1.966.R01 allows remote attackers to execute arbitrary code via a long Session cookie. | ||||
| Applies to: |
Created: 2008-10-03 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-4296 |
Title: The Cisco Linksys WRT350N with firmware 1.0.3.7 has "admin" as its default password for the "admin" account, which makes it easier for remote attackers to obtain access. |
Type: Hardware |
Bulletins:
CVE-2008-4296 |
Severity: High |
| Description: The Cisco Linksys WRT350N with firmware 1.0.3.7 has "admin" as its default password for the "admin" account, which makes it easier for remote attackers to obtain access. | ||||
| Applies to: wrt350n |
Created: 2008-09-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-3802 |
Title: Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (device reload) via unspecified valid SIP messages, aka... |
Type: Hardware |
Bulletins:
CVE-2008-3802 |
Severity: High |
| Description: Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (device reload) via unspecified valid SIP messages, aka Cisco bug ID CSCsk42759, a different vulnerability than CVE-2008-3800 and CVE-2008-3801. | ||||
| Applies to: |
Created: 2008-09-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-3800 |
Title: Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service... |
Type: Hardware |
Bulletins:
CVE-2008-3800 SFBID31367 |
Severity: High |
| Description: Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsu38644, a different vulnerability than CVE-2008-3801 and CVE-2008-3802. | ||||
| Applies to: Unified Callmanager Unified Communications Manager |
Created: 2008-09-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-3801 |
Title: Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service... |
Type: Hardware |
Bulletins:
CVE-2008-3801 SFBID31367 |
Severity: High |
| Description: Unspecified vulnerability in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4 and Unified Communications Manager 4.1 through 6.1, when VoIP is configured, allows remote attackers to cause a denial of service (device or process reload) via unspecified valid SIP messages, aka Cisco Bug ID CSCsm46064, a different vulnerability than CVE-2008-3800 and CVE-2008-3802. | ||||
| Applies to: Unified Callmanager Unified Communications Manager |
Created: 2008-09-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-3804 |
Title: Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (memory corruption) via crafted packets for which the software... |
Type: Hardware |
Bulletins:
CVE-2008-3804 |
Severity: High |
| Description: Unspecified vulnerability in the Multi Protocol Label Switching (MPLS) Forwarding Infrastructure (MFI) in Cisco IOS 12.2 and 12.4 allows remote attackers to cause a denial of service (memory corruption) via crafted packets for which the software path is used. | ||||
| Applies to: |
Created: 2008-09-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-3813 |
Title: Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the L2TP mgmt daemon process is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted L2TP packet. |
Type: Hardware |
Bulletins:
CVE-2008-3813 |
Severity: High |
| Description: Unspecified vulnerability in Cisco IOS 12.2 and 12.4, when the L2TP mgmt daemon process is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted L2TP packet. | ||||
| Applies to: |
Created: 2008-09-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-3808 |
Title: Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted Protocol Independent Multicast (PIM) packet. |
Type: Hardware |
Bulletins:
CVE-2008-3808 SFBID31356 |
Severity: High |
| Description: Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via a crafted Protocol Independent Multicast (PIM) packet. | ||||
| Applies to: |
Created: 2008-09-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-2739 |
Title: The SERVICE.DNS signature engine in the Intrusion Prevention System (IPS) in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device crash or hang) via network traffic that triggers unspecified IPS signatures, a... |
Type: Hardware |
Bulletins:
CVE-2008-2739 |
Severity: High |
| Description: The SERVICE.DNS signature engine in the Intrusion Prevention System (IPS) in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device crash or hang) via network traffic that triggers unspecified IPS signatures, a different vulnerability than CVE-2008-1447. | ||||
| Applies to: |
Created: 2008-09-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-3799 |
Title: Memory leak in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (memory consumption and voice-service outage) via unspecified valid SIP... |
Type: Hardware |
Bulletins:
CVE-2008-3799 |
Severity: High |
| Description: Memory leak in the Session Initiation Protocol (SIP) implementation in Cisco IOS 12.2 through 12.4, when VoIP is configured, allows remote attackers to cause a denial of service (memory consumption and voice-service outage) via unspecified valid SIP messages. | ||||
| Applies to: |
Created: 2008-09-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-3812 |
Title: Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed HTTP transit packet. |
Type: Hardware |
Bulletins:
CVE-2008-3812 SFBID31354 |
Severity: High |
| Description: Cisco IOS 12.4, when IOS firewall Application Inspection Control (AIC) with HTTP Deep Packet Inspection is enabled, allows remote attackers to cause a denial of service (device reload) via a malformed HTTP transit packet. | ||||
| Applies to: |
Created: 2008-09-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-3798 |
Title: Cisco IOS 12.4 allows remote attackers to cause a denial of service (device crash) via a normal, properly formed SSL packet that occurs during termination of an SSL session. |
Type: Hardware |
Bulletins:
CVE-2008-3798 |
Severity: High |
| Description: Cisco IOS 12.4 allows remote attackers to cause a denial of service (device crash) via a normal, properly formed SSL packet that occurs during termination of an SSL session. | ||||
| Applies to: |
Created: 2008-09-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-3810 |
Title: Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka CSCsg22426, a different vulnerability than... |
Type: Hardware |
Bulletins:
CVE-2008-3810 SFBID31359 |
Severity: High |
| Description: Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka CSCsg22426, a different vulnerability than CVE-2008-3811. | ||||
| Applies to: |
Created: 2008-09-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-3811 |
Title: Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka Cisco Bug ID CSCsi17020, a different... |
Type: Hardware |
Bulletins:
CVE-2008-3811 SFBID31359 |
Severity: High |
| Description: Cisco IOS 12.2 and 12.4, when NAT Skinny Call Control Protocol (SCCP) Fragmentation Support is enabled, allows remote attackers to cause a denial of service (device reload) via segmented SCCP messages, aka Cisco Bug ID CSCsi17020, a different vulnerability than CVE-2008-3810. | ||||
| Applies to: |
Created: 2008-09-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-3807 |
Title: Cisco IOS 12.2 and 12.3 on Cisco uBR10012 series devices, when linecard redundancy is configured, enables a read/write SNMP service with "private" as the community, which allows remote attackers to obtain administrative access by guessing this... |
Type: Hardware |
Bulletins:
CVE-2008-3807 |
Severity: High |
| Description: Cisco IOS 12.2 and 12.3 on Cisco uBR10012 series devices, when linecard redundancy is configured, enables a read/write SNMP service with "private" as the community, which allows remote attackers to obtain administrative access by guessing this community and sending SNMP requests. | ||||
| Applies to: |
Created: 2008-09-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-3809 |
Title: Cisco IOS 12.0 through 12.4 on Gigabit Switch Router (GSR) devices (aka 12000 Series routers) allows remote attackers to cause a denial of service (device crash) via a malformed Protocol Independent Multicast (PIM) packet. |
Type: Hardware |
Bulletins:
CVE-2008-3809 SFBID31356 |
Severity: High |
| Description: Cisco IOS 12.0 through 12.4 on Gigabit Switch Router (GSR) devices (aka 12000 Series routers) allows remote attackers to cause a denial of service (device crash) via a malformed Protocol Independent Multicast (PIM) packet. | ||||
| Applies to: |
Created: 2008-09-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-3805 |
Title: Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2008-3805 |
Severity: High |
| Description: Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UDP packets, a different vulnerability than CVE-2008-3806. | ||||
| Applies to: |
Created: 2008-09-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-3806 |
Title: Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2008-3806 |
Severity: High |
| Description: Cisco IOS 12.0 through 12.4 on Cisco 10000, uBR10012 and uBR7200 series devices handles external UDP packets that are sent to 127.0.0.0/8 addresses intended for IPC communication within the device, which allows remote attackers to cause a denial of service (device or linecard reload) via crafted UDP packets, a different vulnerability than CVE-2008-3805. | ||||
| Applies to: |
Created: 2008-09-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-3803 |
Title: A "logic error" in Cisco IOS 12.0 through 12.4, when a Multiprotocol Label Switching (MPLS) VPN with extended communities is configured, sometimes causes a corrupted route target (RT) to be used, which allows remote attackers to read traffic from... |
Type: Hardware |
Bulletins:
CVE-2008-3803 SFBID31366 |
Severity: Medium |
| Description: A "logic error" in Cisco IOS 12.0 through 12.4, when a Multiprotocol Label Switching (MPLS) VPN with extended communities is configured, sometimes causes a corrupted route target (RT) to be used, which allows remote attackers to read traffic from other VPNs in opportunistic circumstances. | ||||
| Applies to: |
Created: 2008-09-26 |
Updated: 2024-09-07 |
||
| ID: MITRE:5997 |
Title: Microsoft PICT Filter Parsing Vulnerability |
Type: Software |
Bulletins:
MITRE:5997 CVE-2008-3021 |
Severity: High |
| Description: Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of a PICT file, which allows remote attackers to execute arbitrary code via a crafted PICT file with an invalid bits_per_pixel field, aka the "PICT Filter Parsing Vulnerability," a different vulnerability than CVE-2008-3018. | ||||
| Applies to: Microsoft Office 2000 Microsoft Office 2003 Microsoft Office Converter Pack Microsoft Office Project 2002 Microsoft Office XP Microsoft Works 8 |
Created: 2008-09-22 |
Updated: 2024-09-07 |
||
| ID: MITRE:6019 |
Title: Microsoft Office WPG Image File Heap Corruption Vulnerability |
Type: Software |
Bulletins:
MITRE:6019 CVE-2008-3460 |
Severity: High |
| Description: WPGIMP32.FLT in Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 does not properly parse the length of a WordPerfect Graphics (WPG) file, which allows remote attackers to execute arbitrary code via a crafted WPG file, aka the "WPG Image File Heap Corruption Vulnerability." | ||||
| Applies to: Microsoft Office 2000 Microsoft Office 2003 Microsoft Office Converter Pack Microsoft Office Project 2002 Microsoft Office XP Microsoft Works |
Created: 2008-09-22 |
Updated: 2024-09-07 |
||
| ID: MITRE:5879 |
Title: Microsoft Malformed PICT Filter Vulnerability |
Type: Software |
Bulletins:
MITRE:5879 CVE-2008-3018 |
Severity: High |
| Description: Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of a PICT file, which allows remote attackers to execute arbitrary code via a crafted PICT file, aka the "Malformed PICT Filter Vulnerability," a different vulnerability than CVE-2008-3021. | ||||
| Applies to: Microsoft Office 2000 Microsoft Office 2003 Microsoft Office Converter Pack Microsoft Office Project 2002 Microsoft Office XP Microsoft Works |
Created: 2008-09-22 |
Updated: 2024-09-07 |
||
| ID: MITRE:6122 |
Title: Microsoft Malformed EPS Filter Vulnerability |
Type: Software |
Bulletins:
MITRE:6122 CVE-2008-3019 |
Severity: High |
| Description: Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of an Encapsulated PostScript (EPS) file, which allows remote attackers to execute arbitrary code via a crafted EPS file, aka the "Malformed EPS Filter Vulnerability." | ||||
| Applies to: Microsoft Office 2000 Microsoft Office 2003 Microsoft Office Converter Pack Microsoft Office Project 2002 Microsoft Office XP Microsoft Works |
Created: 2008-09-22 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-4133 |
Title: The web proxy service on the D-Link DIR-100 with firmware 1.12 and earlier does not properly filter web requests with large URLs, which allows remote attackers to bypass web restriction filters. |
Type: Hardware |
Bulletins:
CVE-2008-4133 SFBID31050 |
Severity: Medium |
| Description: The web proxy service on the D-Link DIR-100 with firmware 1.12 and earlier does not properly filter web requests with large URLs, which allows remote attackers to bypass web restriction filters. | ||||
| Applies to: DIR-100 |
Created: 2008-09-19 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-4128 |
Title: Multiple cross-site request forgery (CSRF) vulnerabilities in the HTTP Administration component in Cisco IOS 12.4 on the 871 Integrated Services Router allow remote attackers to execute arbitrary commands via (1) a certain "show privilege" command... |
Type: Hardware |
Bulletins:
CVE-2008-4128 SFBID31218 |
Severity: High |
| Description: Multiple cross-site request forgery (CSRF) vulnerabilities in the HTTP Administration component in Cisco IOS 12.4 on the 871 Integrated Services Router allow remote attackers to execute arbitrary commands via (1) a certain "show privilege" command to the /level/15/exec/- URI, and (2) a certain "alias exec" command to the /level/15/exec/-/configure/http URI. NOTE: some of these details are obtained from third party information. | ||||
| Applies to: |
Created: 2008-09-18 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-1197 |
Title: The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse the SSID information element in an association request, which allows remote authenticated users to cause a... |
Type: Hardware |
Bulletins:
CVE-2008-1197 SFBID30976 |
Severity: Medium |
| Description: The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse the SSID information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a "Null SSID." | ||||
| Applies to: WPN802 Access Point |
Created: 2008-09-05 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-1144 |
Title: The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse EAPoL-Key packets, which allows remote authenticated users to cause a denial of service (device reboot or... |
Type: Hardware |
Bulletins:
CVE-2008-1144 SFBID31013 |
Severity: Medium |
| Description: The Marvell driver for the Netgear WN802T Wi-Fi access point with firmware 1.3.16 on the Marvell 88W8361P-BEM1 chipset does not properly parse EAPoL-Key packets, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via a malformed EAPoL-Key packet with a crafted "advertised length." | ||||
| Applies to: WPN802 Access Point |
Created: 2008-09-05 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-5474 |
Title: The driver for the Linksys WRT350N Wi-Fi access point with firmware 2.00.17 on the Atheros AR5416-AC1E chipset does not properly parse the Atheros vendor-specific information element in an association request, which allows remote authenticated users... |
Type: Hardware |
Bulletins:
CVE-2007-5474 SFBID31012 |
Severity: Medium |
| Description: The driver for the Linksys WRT350N Wi-Fi access point with firmware 2.00.17 on the Atheros AR5416-AC1E chipset does not properly parse the Atheros vendor-specific information element in an association request, which allows remote authenticated users to cause a denial of service (device reboot or hang) or possibly execute arbitrary code via an Atheros information element with an invalid length, as demonstrated by an element that is too long. | ||||
| Applies to: wrt350n |
Created: 2008-09-05 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-2736 |
Title: Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) 5500 devices 8.0(3)15, 8.0(3)16, 8.1(1)4, and 8.1(1)5, when configured as a clientless SSL VPN endpoint, allows remote attackers to obtain usernames and passwords via unknown... |
Type: Hardware |
Bulletins:
CVE-2008-2736 SFBID30998 |
Severity: High |
| Description: Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) 5500 devices 8.0(3)15, 8.0(3)16, 8.1(1)4, and 8.1(1)5, when configured as a clientless SSL VPN endpoint, allows remote attackers to obtain usernames and passwords via unknown vectors, aka Bug ID CSCsq45636. | ||||
| Applies to: |
Created: 2008-09-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-2735 |
Title: The HTTP server in Cisco Adaptive Security Appliance (ASA) 5500 devices 8.0 before 8.0(3)15 and 8.1 before 8.1(1)5, when configured as a clientless SSL VPN endpoint, does not properly process URIs, which allows remote attackers to cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2008-2735 SFBID30998 |
Severity: High |
| Description: The HTTP server in Cisco Adaptive Security Appliance (ASA) 5500 devices 8.0 before 8.0(3)15 and 8.1 before 8.1(1)5, when configured as a clientless SSL VPN endpoint, does not properly process URIs, which allows remote attackers to cause a denial of service (device reload) via a URI in a crafted SSL or HTTP packet, aka Bug ID CSCsq19369. | ||||
| Applies to: |
Created: 2008-09-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-2732 |
Title: Multiple unspecified vulnerabilities in the SIP inspection functionality in Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.0 before 7.0(7)16, 7.1 before 7.1(2)71, 7.2 before 7.2(4)7, 8.0 before 8.0(3)20, and 8.1 before 8.1(1)8 allow... |
Type: Hardware |
Bulletins:
CVE-2008-2732 SFBID30998 |
Severity: High |
| Description: Multiple unspecified vulnerabilities in the SIP inspection functionality in Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.0 before 7.0(7)16, 7.1 before 7.1(2)71, 7.2 before 7.2(4)7, 8.0 before 8.0(3)20, and 8.1 before 8.1(1)8 allow remote attackers to cause a denial of service (device reload) via unknown vectors, aka Bug IDs CSCsq07867, CSCsq57091, CSCsk60581, and CSCsq39315. | ||||
| Applies to: |
Created: 2008-09-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-2734 |
Title: Memory leak in the crypto functionality in Cisco Adaptive Security Appliance (ASA) 5500 devices 7.2 before 7.2(4)2, 8.0 before 8.0(3)14, and 8.1 before 8.1(1)4, when configured as a clientless SSL VPN endpoint, allows remote attackers to cause a... |
Type: Hardware |
Bulletins:
CVE-2008-2734 SFBID30998 |
Severity: High |
| Description: Memory leak in the crypto functionality in Cisco Adaptive Security Appliance (ASA) 5500 devices 7.2 before 7.2(4)2, 8.0 before 8.0(3)14, and 8.1 before 8.1(1)4, when configured as a clientless SSL VPN endpoint, allows remote attackers to cause a denial of service (memory consumption and VPN hang) via a crafted SSL or HTTP packet, aka Bug ID CSCso66472. | ||||
| Applies to: |
Created: 2008-09-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-2733 |
Title: Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.2 before 7.2(4)2, 8.0 before 8.0(3)14, and 8.1 before 8.1(1)4, when configured as a client VPN endpoint, do not properly process IPSec client authentication, which allows remote... |
Type: Hardware |
Bulletins:
CVE-2008-2733 SFBID30998 |
Severity: High |
| Description: Cisco PIX and Adaptive Security Appliance (ASA) 5500 devices 7.2 before 7.2(4)2, 8.0 before 8.0(3)14, and 8.1 before 8.1(1)4, when configured as a client VPN endpoint, do not properly process IPSec client authentication, which allows remote attackers to cause a denial of service (device reload) via a crafted authentication attempt, aka Bug ID CSCso69942. | ||||
| Applies to: |
Created: 2008-09-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-2062 |
Title: The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) before 4.2(3)SR4, and 4.3 before 4.3(2)SR1, allows remote attackers to bypass authentication, and obtain cluster configuration information... |
Type: Hardware |
Bulletins:
CVE-2008-2062 SFBID29935 |
Severity: Medium |
| Description: The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) before 4.2(3)SR4, and 4.3 before 4.3(2)SR1, allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the service port, aka Bug ID CSCsq35151. | ||||
| Applies to: Unified Communications Manager |
Created: 2008-06-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-2730 |
Title: The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to bypass authentication, and obtain cluster configuration information and... |
Type: Hardware |
Bulletins:
CVE-2008-2730 SFBID29935 |
Severity: Medium |
| Description: The Real-Time Information Server (RIS) Data Collector service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to bypass authentication, and obtain cluster configuration information and statistics, via a direct TCP connection to the service port, aka Bug ID CSCsj90843. | ||||
| Applies to: Unified Communications Manager |
Created: 2008-06-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-2061 |
Title: The Computer Telephony Integration (CTI) Manager service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3c) and 6.x before 6.1(2) allows remote attackers to cause a denial of service (TSP crash) via malformed network traffic to TCP... |
Type: Hardware |
Bulletins:
CVE-2008-2061 SFBID29933 |
Severity: High |
| Description: The Computer Telephony Integration (CTI) Manager service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3c) and 6.x before 6.1(2) allows remote attackers to cause a denial of service (TSP crash) via malformed network traffic to TCP port 2748. | ||||
| Applies to: Unified Communications Manager |
Created: 2008-06-26 |
Updated: 2024-09-07 |
||
| ID: MITRE:5578 |
Title: Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability |
Type: Services |
Bulletins:
MITRE:5578 CVE-2007-6026 |
Severity: High |
| Description: Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944. | ||||
| Applies to: Microsoft Jet 4.0 Database Engine |
Created: 2008-06-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-2636 |
Title: The HTTP service on the Cisco Linksys WRH54G with firmware 1.01.03 allows remote attackers to cause a denial of service (management interface outage) or possibly execute arbitrary code via a URI that begins with a "/./" sequence, contains many... |
Type: Hardware |
Bulletins:
CVE-2008-2636 |
Severity: High |
| Description: The HTTP service on the Cisco Linksys WRH54G with firmware 1.01.03 allows remote attackers to cause a denial of service (management interface outage) or possibly execute arbitrary code via a URI that begins with a "/./" sequence, contains many instances of a "front_page" sequence, and ends with a ".asp" sequence. | ||||
| Applies to: wrh54g |
Created: 2008-06-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-2057 |
Title: The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a... |
Type: Hardware |
Bulletins:
CVE-2008-2057 |
Severity: Medium |
| Description: The Instant Messenger (IM) inspection engine in Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(4), 8.0.x before 8.0(3)10, and 8.1.x before 8.1(1)2 allows remote attackers to cause a denial of service via a crafted packet. | ||||
| Applies to: Cisco PIX 500 Firewall Series |
Created: 2008-06-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-2056 |
Title: Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 and 8.1.x before 8.1(1)1 allows remote attackers to cause a denial of service (device reload) via a crafted Transport Layer Security (TLS) packet to the... |
Type: Hardware |
Bulletins:
CVE-2008-2056 |
Severity: High |
| Description: Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 and 8.1.x before 8.1(1)1 allows remote attackers to cause a denial of service (device reload) via a crafted Transport Layer Security (TLS) packet to the device interface. | ||||
| Applies to: Cisco PIX 500 Firewall Series |
Created: 2008-06-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-2059 |
Title: Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 allows remote attackers to bypass control-plane ACLs for the device via unknown vectors. |
Type: Hardware |
Bulletins:
CVE-2008-2059 |
Severity: High |
| Description: Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 8.0.x before 8.0(3)9 allows remote attackers to bypass control-plane ACLs for the device via unknown vectors. | ||||
| Applies to: Cisco PIX 500 Firewall Series |
Created: 2008-06-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-2058 |
Title: Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.0.x before 8.0(2)17 allows remote attackers to cause a denial of service (device reload) via a port scan against TCP port 443 on the device. |
Type: Hardware |
Bulletins:
CVE-2008-2058 |
Severity: High |
| Description: Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.2.x before 7.2(3)2 and 8.0.x before 8.0(2)17 allows remote attackers to cause a denial of service (device reload) via a port scan against TCP port 443 on the device. | ||||
| Applies to: Cisco PIX 500 Firewall Series |
Created: 2008-06-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-2055 |
Title: Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.1.x before 7.1(2)70, 7.2.x before 7.2(4), and 8.0.x before 8.0(3)10 allows remote attackers to cause a denial of service via a crafted TCP ACK packet to the device interface. |
Type: Hardware |
Bulletins:
CVE-2008-2055 |
Severity: High |
| Description: Cisco Adaptive Security Appliance (ASA) and Cisco PIX security appliance 7.1.x before 7.1(2)70, 7.2.x before 7.2(4), and 8.0.x before 8.0(3)10 allows remote attackers to cause a denial of service via a crafted TCP ACK packet to the device interface. | ||||
| Applies to: Cisco PIX 500 Firewall Series |
Created: 2008-06-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-1159 |
Title: Multiple unspecified vulnerabilities in the SSH server in Cisco IOS 12.4 allow remote attackers to cause a denial of service (device restart) via unknown vectors, aka Bug ID (1) CSCsk42419, (2) CSCsk60020, and (3) CSCsh51293. |
Type: Hardware |
Bulletins:
CVE-2008-1159 SFBID29314 |
Severity: High |
| Description: Multiple unspecified vulnerabilities in the SSH server in Cisco IOS 12.4 allow remote attackers to cause a denial of service (device restart) via unknown vectors, aka Bug ID (1) CSCsk42419, (2) CSCsk60020, and (3) CSCsh51293. | ||||
| Applies to: |
Created: 2008-05-22 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-1747 |
Title: Unspecified vulnerability in Cisco Unified Communications Manager 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (CCM service restart) via... |
Type: Hardware |
Bulletins:
CVE-2008-1747 SFBID29221 |
Severity: High |
| Description: Unspecified vulnerability in Cisco Unified Communications Manager 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (CCM service restart) via an unspecified SIP INVITE message, aka Bug ID CSCsk46944. | ||||
| Applies to: Unified Communications Manager |
Created: 2008-05-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-1746 |
Title: The SNMP Trap Agent service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (core dump and... |
Type: Hardware |
Bulletins:
CVE-2008-1746 SFBID29221 |
Severity: High |
| Description: The SNMP Trap Agent service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR6, 4.2 before 4.2(3)SR3, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) allows remote attackers to cause a denial of service (core dump and service restart) via a series of malformed UDP packets, as demonstrated by the IP Stack Integrity Checker (ISIC), aka Bug ID CSCsj24113. | ||||
| Applies to: Unified Communications Manager |
Created: 2008-05-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-1744 |
Title: The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, and 4.3 before 4.3(2) allows remote attackers to cause a denial of service (service crash) via... |
Type: Hardware |
Bulletins:
CVE-2008-1744 SFBID29221 |
Severity: High |
| Description: The Certificate Authority Proxy Function (CAPF) service in Cisco Unified Communications Manager (CUCM) 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, and 4.3 before 4.3(2) allows remote attackers to cause a denial of service (service crash) via malformed network traffic, aka Bug ID CSCsk46770. | ||||
| Applies to: Unified Callmanager Unified Communications Manager |
Created: 2008-05-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-1743 |
Title: Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to cause a denial of service (memory consumption and service... |
Type: Hardware |
Bulletins:
CVE-2008-1743 SFBID29221 |
Severity: High |
| Description: Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) and 6.x before 6.1(1) allows remote attackers to cause a denial of service (memory consumption and service interruption) via a series of malformed TCP packets, aka Bug ID CSCsi98433. | ||||
| Applies to: Unified Communications Manager |
Created: 2008-05-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-1742 |
Title: Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) allows remote attackers to cause a denial of service (memory consumption and service interruption) via a series of... |
Type: Hardware |
Bulletins:
CVE-2008-1742 SFBID29221 |
Severity: High |
| Description: Memory leak in the Certificate Trust List (CTL) Provider service in Cisco Unified Communications Manager (CUCM) 5.x before 5.1(3) allows remote attackers to cause a denial of service (memory consumption and service interruption) via a series of malformed TCP packets, as demonstrated by TCPFUZZ, aka Bug ID CSCsj80609. | ||||
| Applies to: Unified Communications Manager |
Created: 2008-05-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-1748 |
Title: Cisco Unified Communications Manager 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) does not properly validate SIP URLs, which allows remote attackers to cause a denial of service (service... |
Type: Hardware |
Bulletins:
CVE-2008-1748 SFBID29221 |
Severity: High |
| Description: Cisco Unified Communications Manager 4.1 before 4.1(3)SR7, 4.2 before 4.2(3)SR4, 4.3 before 4.3(2), 5.x before 5.1(3), and 6.x before 6.1(1) does not properly validate SIP URLs, which allows remote attackers to cause a denial of service (service interruption) via a SIP INVITE message, aka Bug ID CSCsl22355. | ||||
| Applies to: Unified Communications Manager |
Created: 2008-05-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-1745 |
Title: Cisco Unified Communications Manager (CUCM) 5.x before 5.1(2) and 6.x before 6.1(1) allows remote attackers to cause a denial of service (service interruption) via a SIP JOIN message with a malformed header, aka Bug ID CSCsi48115. |
Type: Hardware |
Bulletins:
CVE-2008-1745 SFBID29221 |
Severity: High |
| Description: Cisco Unified Communications Manager (CUCM) 5.x before 5.1(2) and 6.x before 6.1(1) allows remote attackers to cause a denial of service (service interruption) via a SIP JOIN message with a malformed header, aka Bug ID CSCsi48115. | ||||
| Applies to: Unified Communications Manager |
Created: 2008-05-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-1154 |
Title: The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not... |
Type: Hardware |
Bulletins:
CVE-2008-1154 SFBID28591 |
Severity: High |
| Description: The Disaster Recovery Framework (DRF) master server in Cisco Unified Communications products, including Unified Communications Manager (CUCM) 5.x and 6.x, Unified Presence 1.x and 6.x, Emergency Responder 2.x, and Mobility Manager 2.x, does not require authentication for requests received from the network, which allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| Applies to: Unified Communications Manager |
Created: 2008-04-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-1156 |
Title: Unspecified vulnerability in the Multicast Virtual Private Network (MVPN) implementation in Cisco IOS 12.0, 12.2, 12.3, and 12.4 allows remote attackers to create "extra multicast states on the core routers" via a crafted Multicast Distribution Tree... |
Type: Hardware |
Bulletins:
CVE-2008-1156 SFBID28464 |
Severity: Medium |
| Description: Unspecified vulnerability in the Multicast Virtual Private Network (MVPN) implementation in Cisco IOS 12.0, 12.2, 12.3, and 12.4 allows remote attackers to create "extra multicast states on the core routers" via a crafted Multicast Distribution Tree (MDT) Data Join message. | ||||
| Applies to: |
Created: 2008-03-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-1150 |
Title: The virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (resource exhaustion) via a series of PPTP sessions, related to the persistence of interface descriptor block (IDB)... |
Type: Hardware |
Bulletins:
CVE-2008-1150 SFBID28460 |
Severity: High |
| Description: The virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (resource exhaustion) via a series of PPTP sessions, related to the persistence of interface descriptor block (IDB) data structures after process termination, aka bug ID CSCdv59309. | ||||
| Applies to: |
Created: 2008-03-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-1152 |
Title: The data-link switching (DLSw) component in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device restart or memory consumption) via crafted (1) UDP port 2067 or (2) IP protocol 91 packets. |
Type: Hardware |
Bulletins:
CVE-2008-1152 SFBID28465 |
Severity: High |
| Description: The data-link switching (DLSw) component in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device restart or memory consumption) via crafted (1) UDP port 2067 or (2) IP protocol 91 packets. | ||||
| Applies to: |
Created: 2008-03-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-1151 |
Title: Memory leak in the virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (memory consumption) via a series of PPTP sessions, related to "dead memory" that remains allocated... |
Type: Hardware |
Bulletins:
CVE-2008-1151 SFBID28460 |
Severity: High |
| Description: Memory leak in the virtual private dial-up network (VPDN) component in Cisco IOS before 12.3 allows remote attackers to cause a denial of service (memory consumption) via a series of PPTP sessions, related to "dead memory" that remains allocated after process termination, aka bug ID CSCsj58566. | ||||
| Applies to: |
Created: 2008-03-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-1153 |
Title: Cisco IOS 12.1, 12.2, 12.3, and 12.4, with IPv4 UDP services and the IPv6 protocol enabled, allows remote attackers to cause a denial of service (device crash and possible blocked interface) via a crafted IPv6 packet to the device. |
Type: Hardware |
Bulletins:
CVE-2008-1153 SFBID28461 |
Severity: High |
| Description: Cisco IOS 12.1, 12.2, 12.3, and 12.4, with IPv4 UDP services and the IPv6 protocol enabled, allows remote attackers to cause a denial of service (device crash and possible blocked interface) via a crafted IPv6 packet to the device. | ||||
| Applies to: |
Created: 2008-03-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-6709 |
Title: The Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware has "admin" as its default password for the "admin" account, which makes it easier for remote attackers to obtain access. |
Type: Hardware |
Bulletins:
CVE-2007-6709 |
Severity: High |
| Description: The Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware has "admin" as its default password for the "admin" account, which makes it easier for remote attackers to obtain access. | ||||
| Applies to: wag54gs |
Created: 2008-03-13 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-6707 |
Title: Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than... |
Type: Hardware |
Bulletins:
CVE-2007-6707 |
Severity: Medium |
| Description: Multiple cross-site scripting (XSS) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to inject arbitrary web script or HTML via unspecified vectors, a different issue than CVE-2007-3574. | ||||
| Applies to: wag54gs |
Created: 2008-03-13 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-6708 |
Title: Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administrators via an arbitrary valid request to an... |
Type: Hardware |
Bulletins:
CVE-2007-6708 |
Severity: Medium |
| Description: Multiple cross-site request forgery (CSRF) vulnerabilities on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.01.03 and earlier firmware allow remote attackers to perform actions as administrators via an arbitrary valid request to an administrative URI, as demonstrated by (1) a Restore Factory Defaults action using the mtenRestore parameter to setup.cgi and (2) creation of a user account using the sysname parameter to setup.cgi. | ||||
| Applies to: wag54gs |
Created: 2008-03-13 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-1247 |
Title: The web interface on the Linksys WRT54g router with firmware 1.00.9 does not require credentials when invoking scripts, which allows remote attackers to perform arbitrary administrative actions via a direct request to (1) Advanced.tri, (2)... |
Type: Hardware |
Bulletins:
CVE-2008-1247 SFBID28381 |
Severity: High |
| Description: The web interface on the Linksys WRT54g router with firmware 1.00.9 does not require credentials when invoking scripts, which allows remote attackers to perform arbitrary administrative actions via a direct request to (1) Advanced.tri, (2) AdvRoute.tri, (3) Basic.tri, (4) ctlog.tri, (5) ddns.tri, (6) dmz.tri, (7) factdefa.tri, (8) filter.tri, (9) fw.tri, (10) manage.tri, (11) ping.tri, (12) PortRange.tri, (13) ptrigger.tri, (14) qos.tri, (15) rstatus.tri, (16) tracert.tri, (17) vpn.tri, (18) WanMac.tri, (19) WBasic.tri, or (20) WFilter.tri. NOTE: the Security.tri vector is already covered by CVE-2006-5202. | ||||
| Applies to: wrt54g |
Created: 2008-03-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-1263 |
Title: The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI. |
Type: Hardware |
Bulletins:
CVE-2008-1263 |
Severity: Medium |
| Description: The Linksys WRT54G router stores passwords and keys in cleartext in the Config.bin file, which might allow remote authenticated users to obtain sensitive information via an HTTP request for the top-level Config.bin URI. | ||||
| Applies to: wrt54g |
Created: 2008-03-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-1264 |
Title: The Linksys WRT54G router has "admin" as its default FTP password, which allows remote attackers to access sensitive files including nvram.cfg, a file that lists all HTML documents, and an ELF executable file. |
Type: Hardware |
Bulletins:
CVE-2008-1264 |
Severity: High |
| Description: The Linksys WRT54G router has "admin" as its default FTP password, which allows remote attackers to access sensitive files including nvram.cfg, a file that lists all HTML documents, and an ELF executable file. | ||||
| Applies to: wrt54g |
Created: 2008-03-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-1265 |
Title: The Linksys WRT54G router allows remote attackers to cause a denial of service (device restart) via a long username and password to the FTP interface. |
Type: Hardware |
Bulletins:
CVE-2008-1265 |
Severity: High |
| Description: The Linksys WRT54G router allows remote attackers to cause a denial of service (device restart) via a long username and password to the FTP interface. | ||||
| Applies to: wrt54g |
Created: 2008-03-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-1268 |
Title: The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware does not verify authentication credentials, which allows remote attackers to establish an FTP session by sending an arbitrary username and password. |
Type: Hardware |
Bulletins:
CVE-2008-1268 |
Severity: High |
| Description: The FTP server on the Linksys WRT54G 7 router with 7.00.1 firmware does not verify authentication credentials, which allows remote attackers to establish an FTP session by sending an arbitrary username and password. | ||||
| Applies to: wrt54g 7 |
Created: 2008-03-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-1266 |
Title: Multiple buffer overflows in the web interface on the D-Link DI-524 router allow remote attackers to cause a denial of service (device crash) or possibly have unspecified other impact via (1) a long username or (2) an HTTP header with a large name... |
Type: Hardware |
Bulletins:
CVE-2008-1266 SFBID28439 |
Severity: High |
| Description: Multiple buffer overflows in the web interface on the D-Link DI-524 router allow remote attackers to cause a denial of service (device crash) or possibly have unspecified other impact via (1) a long username or (2) an HTTP header with a large name and an empty value. | ||||
| Applies to: DI-524 |
Created: 2008-03-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-1243 |
Title: Cross-site scripting (XSS) vulnerability on the Linksys WRT300N router with firmware 2.00.20, when Mozilla Firefox or Apple Safari is used, allows remote attackers to inject arbitrary web script or HTML via the dyndns_domain parameter to the default URI. |
Type: Hardware |
Bulletins:
CVE-2008-1243 |
Severity: Medium |
| Description: Cross-site scripting (XSS) vulnerability on the Linksys WRT300N router with firmware 2.00.20, when Mozilla Firefox or Apple Safari is used, allows remote attackers to inject arbitrary web script or HTML via the dyndns_domain parameter to the default URI. | ||||
| Applies to: wrt300n |
Created: 2008-03-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-1258 |
Title: Cross-site scripting (XSS) vulnerability in prim.htm on the D-Link DI-604 router allows remote attackers to inject arbitrary web script or HTML via the rf parameter. |
Type: Hardware |
Bulletins:
CVE-2008-1258 SFBID28439 |
Severity: Medium |
| Description: Cross-site scripting (XSS) vulnerability in prim.htm on the D-Link DI-604 router allows remote attackers to inject arbitrary web script or HTML via the rf parameter. | ||||
| Applies to: DI-604 |
Created: 2008-03-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-1253 |
Title: Cross-site scripting (XSS) vulnerability in cgi-bin/webcm on the D-Link DSL-G604T router allows remote attackers to inject arbitrary web script or HTML via the var:category parameter, as demonstrated by a request for advanced/portforw.htm on the... |
Type: Hardware |
Bulletins:
CVE-2008-1253 SFBID28439 |
Severity: Medium |
| Description: Cross-site scripting (XSS) vulnerability in cgi-bin/webcm on the D-Link DSL-G604T router allows remote attackers to inject arbitrary web script or HTML via the var:category parameter, as demonstrated by a request for advanced/portforw.htm on the fwan page. | ||||
| Applies to: DSL-G604T |
Created: 2008-03-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-0026 |
Title: SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 before 5.1(3a) and 6.0/6.1 before 6.1(1a) allows remote authenticated users to execute arbitrary SQL commands via the key parameter to the (1) admin and... |
Type: Hardware |
Bulletins:
CVE-2008-0026 SFBID27775 |
Severity: Medium |
| Description: SQL injection vulnerability in Cisco Unified CallManager/Communications Manager (CUCM) 5.0/5.1 before 5.1(3a) and 6.0/6.1 before 6.1(1a) allows remote authenticated users to execute arbitrary SQL commands via the key parameter to the (1) admin and (2) user interface pages. | ||||
| Applies to: Unified Callmanager Unified Communications Manager |
Created: 2008-02-14 |
Updated: 2024-09-07 |
||
| ID: MITRE:3622 |
Title: Windows Media Format Remote Code Execution Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:3622 CVE-2007-0064 |
Severity: High |
| Description: Heap-based buffer overflow in Windows Media Format Runtime 7.1, 9, 9.5, 9.5 x64 Edition, 11, and Windows Media Services 9.1 for Microsoft Windows 2000, XP, Server 2003, and Vista allows user-assisted remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file. | ||||
| Applies to: Windows Media Format Runtime 11 Windows Media Format Runtime 7.1 Windows Media Format Runtime 9.0 Windows Media Format Runtime 9.5 |
Created: 2008-02-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-0028 |
Title: Unspecified vulnerability in Cisco PIX 500 Series Security Appliance and 5500 Series Adaptive Security Appliance (ASA) before 7.2(3)6 and 8.0(3), when the Time-to-Live (TTL) decrement feature is enabled, allows remote attackers to cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2008-0028 SFBID27418 |
Severity: High |
| Description: Unspecified vulnerability in Cisco PIX 500 Series Security Appliance and 5500 Series Adaptive Security Appliance (ASA) before 7.2(3)6 and 8.0(3), when the Time-to-Live (TTL) decrement feature is enabled, allows remote attackers to cause a denial of service (device reload) via a crafted IP packet. | ||||
| Applies to: Cisco ASA 5500 Adaptive Security Appliance |
Created: 2008-01-23 |
Updated: 2024-09-07 |
||
| ID: REF000657 |
Title: IM installed: Yahoo! Messenger |
Type: Software |
Bulletins: | Severity: Low |
| Description: Yahoo Messenger instant messaging client is installed. | ||||
| Applies to: Yahoo Messenger |
Created: 2008-01-17 |
Updated: 2010-08-21 |
||
| ID: REF000661 |
Title: IM installed: Windows Live Messenger |
Type: Software |
Bulletins: | Severity: Low |
| Description: Windows Live Messenger instant messaging client is installed. | ||||
| Applies to: Windows Live Messenger |
Created: 2008-01-17 |
Updated: 2010-08-21 |
||
| ID: REF000658 |
Title: IM installed: Trillian |
Type: Software |
Bulletins: | Severity: Low |
| Description: Trillian instant messaging client is installed. | ||||
| Applies to: Trillian |
Created: 2008-01-17 |
Updated: 2010-08-21 |
||
| ID: REF000659 |
Title: IM installed: Skype |
Type: Software |
Bulletins: | Severity: Low |
| Description: Skype instant messaging client is installed. | ||||
| Applies to: Skype |
Created: 2008-01-17 |
Updated: 2010-08-21 |
||
| ID: REF000662 |
Title: IM installed: Pidgin |
Type: Software |
Bulletins: | Severity: Low |
| Description: Pidgin instant messaging client is installed. | ||||
| Applies to: Pidgin |
Created: 2008-01-17 |
Updated: 2010-08-21 |
||
| ID: REF000656 |
Title: IM installed: ICQ |
Type: Software |
Bulletins: | Severity: Low |
| Description: ICQ instant messaging client is installed. | ||||
| Applies to: ICQ |
Created: 2008-01-17 |
Updated: 2010-08-21 |
||
| ID: REF000655 |
Title: IM installed: Google Talk |
Type: Software |
Bulletins: | Severity: Low |
| Description: Google Talk instant messaging client is installed. | ||||
| Applies to: Google Talk |
Created: 2008-01-17 |
Updated: 2010-08-21 |
||
| ID: REF000660 |
Title: IM installed: Gizmo |
Type: Software |
Bulletins: | Severity: Low |
| Description: Gizmo instant messaging client is installed. | ||||
| Applies to: Gizmo |
Created: 2008-01-17 |
Updated: 2010-08-21 |
||
| ID: CVE-2008-0027 |
Title: Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM) 4.2 before 4.2(3)SR3 and 4.3 before 4.3(1)SR1, and CallManager 4.0 and 4.1 before 4.1(3)SR5c, allows... |
Type: Hardware |
Bulletins:
CVE-2008-0027 SFBID27313 |
Severity: High |
| Description: Heap-based buffer overflow in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM) 4.2 before 4.2(3)SR3 and 4.3 before 4.3(1)SR1, and CallManager 4.0 and 4.1 before 4.1(3)SR5c, allows remote attackers to cause a denial of service or execute arbitrary code via a long request. | ||||
| Applies to: Unified Callmanager Unified Communications Manager |
Created: 2008-01-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-0588 |
Title: SANS07C4:Apple QuickDraw on Mac OSX 10.4.8 and earlier allows remote denial of service |
Type: Software |
Bulletins:
CVE-2007-0588 SFBID22228 |
Severity: High |
| Description: The InternalUnpackBits function in Apple QuickDraw, as used by Quicktime 7.1.3 and other applications on Mac OS X 10.4.8 and earlier, allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted PICT file that triggers memory corruption in the _GetSrcBits32ARGB function. | ||||
| Applies to: Apple QuickDraw |
Created: 2008-01-11 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-0466 |
Title: SANS07C4: Telestream Flip4Mac WMV for Quicktime 2.1.0.33 remote code execution vulnerability |
Type: Software |
Bulletins:
CVE-2007-0466 SFBID22286 |
Severity: High |
| Description: Telestream Flip4Mac Windows Media Components for Quicktime 2.1.0.33 allows remote attackers to execute arbitrary code via a crafted ASF_File_Properties_Object size field in a WMV file, which triggers memory corruption. | ||||
| Applies to: Telestream Flip4Mac WMV |
Created: 2008-01-11 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-0731 |
Title: SANS07S3: Samba module in Apple Mac OS X buffer overflow |
Type: Services |
Bulletins:
CVE-2007-0731 SFBID22948 |
Severity: High |
| Description: Stack-based buffer overflow in the Apple-specific Samba module (SMB File Server) in Apple Mac OS X 10.3.9 through 10.4.8 allows context-dependent attackers to execute arbitrary code via a long ACL. | ||||
| Applies to: Apple Mac OS X |
Created: 2008-01-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-6652 |
Title: SANS07S3: Buffer overflow in libc used in FTP daemon and tnftpd in Apple Mac OS X |
Type: Services |
Bulletins:
CVE-2006-6652 SFBID21377 |
Severity: High |
| Description: Buffer overflow in the glob implementation (glob.c) in libc in Apple Mac OS X before 2007-004, as used by the FTP daemon and tnftpd, allows remote authenticated users to execute arbitrary code via a long pathname that results from path expansion. | ||||
| Applies to: FTP |
Created: 2008-01-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-0776 |
Title: SANS07C1: Multiple Vulnerabilities in Mozilla Firefox earlier than 2.0.0.8 |
Type: Web |
Bulletins:
CVE-2007-0776 CVE-2007-0777 CVE-2007-0779 CVE-2007-0981 CVE-2007-1092 CVE-2007-2292 CVE-2007-2867 CVE-2007-3734 CVE-2007-3735 CVE-2007-3737 CVE-2007-3738 CVE-2007-3845 CVE-2007-4841 CVE-2007-5338 CVE-2006-4565 CVE-2006-4571 CVE-2006-5463 CVE-2006-5747 SFBID26132 SFBID20957 SFBID20042 SFBID25543 SFBID22679 SFBID24946 SFBID24242 SFBID22694 SFBID23668 SFBID22566 SFBID21668 |
Severity: High |
| Description: Multiple vulnerabilities exist in Mozilla Firefox versions earlier than 2.0.0.8. These include remote execution of arbitrary code, denial of service, and spoofing of GUI elements. | ||||
| Applies to: Mozilla Firefox |
Created: 2008-01-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2008-0228 |
Title: Cross-site request forgery (CSRF) vulnerability in apply.cgi in the Linksys WRT54GL Wireless-G Broadband Router with firmware 4.30.9 allows remote attackers to perform actions as administrators. |
Type: Hardware |
Bulletins:
CVE-2008-0228 |
Severity: High |
| Description: Cross-site request forgery (CSRF) vulnerability in apply.cgi in the Linksys WRT54GL Wireless-G Broadband Router with firmware 4.30.9 allows remote attackers to perform actions as administrators. | ||||
| Applies to: wrt54gl |
Created: 2008-01-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-0994 |
Title: SANS07S5: Sophos Anti-Virus products allow remote code execution via crafted CAB |
Type: Software |
Bulletins:
CVE-2006-0994 SFBID17876 |
Severity: High |
| Description: Multiple Sophos Anti-Virus products, including Anti-Virus for Windows 5.x before 5.2.1 and 4.x before 4.05, when cabinet file inspection is enabled, allows remote attackers to execute arbitrary code via a CAB file with "invalid folder count values," which leads to heap corruption. | ||||
| Applies to: Sophos Anti-Virus |
Created: 2008-01-08 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-6335 |
Title: SANS07S5: Multiple buffer overflows in Sophos Anti-Virus scanning engine before 2.40 |
Type: Software |
Bulletins:
CVE-2006-6335 SFBID21563 |
Severity: High |
| Description: Multiple buffer overflows in Sophos Anti-Virus scanning engine before 2.40 allow remote attackers to execute arbitrary code via (1) a SIT archive with a long filename that is not null-terminated, which triggers a heap-based overflow in veex.dll due to improper length calculation, and (2) a CPIO archive, with a long filename that is not null-terminated, which triggers a stack-based overflow in veex.dll. | ||||
| Applies to: Sophos Anti-Virus |
Created: 2008-01-08 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-3509 |
Title: SANS07S4: Buffer overflow in Symantec/Veritas Backup Exec |
Type: Software |
Bulletins:
CVE-2007-3509 SFBID23897 |
Severity: High |
| Description: Heap-based buffer overflow in the RPC subsystem in Symantec Backup Exec for Windows Servers 10.0, 10d, and 11d allows remote attackers to cause a denial of service (process exit) and possibly execute arbitrary code via crafted ncacn_ip_tcp requests. | ||||
| Applies to: Symantec/Veritas Backup Exec |
Created: 2008-01-07 |
Updated: 2024-09-07 |
||
| ID: REF000618 |
Title: IM installed: xchat installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Xchat instant messaging client installed. | ||||
| Applies to: |
Created: 2008-01-07 |
Updated: 2010-08-21 |
||
| ID: REF000617 |
Title: IM installed: konversation installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Koversation instant messaging client installed. | ||||
| Applies to: |
Created: 2008-01-07 |
Updated: 2010-08-21 |
||
| ID: CVE-2007-2974 |
Title: SANS07S5: Multiple Vulnerabilities in Avira AntiVir |
Type: Software |
Bulletins:
CVE-2007-2974 CVE-2007-2973 CVE-2007-2972 CVE-2007-1671 SFBID23823 SFBID24187 SFBID24239 |
Severity: High |
| Description: Multiple vulnerabilities exist in Avira AntiVir antivirus engine prior to 7.04.00.24 and avpack prior to 7.03.00.09. | ||||
| Applies to: Avira AntiVir |
Created: 2008-01-03 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-3509 |
Title: SANS07S4: Heap-based buffer overflow in the RPC subsystem in Symantec Backup Exec for Windows Servers |
Type: Services |
Bulletins:
CVE-2007-3509 SFBID23897 |
Severity: High |
| Description: Heap-based buffer overflow in the RPC subsystem in Symantec Backup Exec for Windows Servers 10.0, 10d, and 11d allows remote attackers to cause a denial of service (process exit) and possibly execute arbitrary code via crafted ncacn_ip_tcp requests. | ||||
| Applies to: Symantec Backup Exec for Windows Servers |
Created: 2008-01-03 |
Updated: 2024-09-07 |
||
| ID: REF000584 |
Title: Config pam: no bruteforce protection configured |
Type: Services |
Bulletins: | Severity: Low |
| Description: No PAM brute-force protection modules detected. Modules pam_abl and pam_al missing. | ||||
| Applies to: |
Created: 2008-01-03 |
Updated: 2010-08-21 |
||
| ID: CVE-2007-2139 |
Title: SANS07S4: Multiple unspecified vulnerabilities in mediasvr and caloggerd in CA BrightStor ARCServe Backup |
Type: Services |
Bulletins:
CVE-2007-2139 SFBID23635 |
Severity: High |
| Description: Multiple stack-based buffer overflows in the SUN RPC service in CA (formerly Computer Associates) BrightStor ARCserve Media Server, as used in BrightStor ARCserve Backup 9.01 through 11.5 SP2, BrightStor Enterprise Backup 10.5, Server Protection Suite 2, and Business Protection Suite 2, allow remote attackers to execute arbitrary code via malformed RPC strings. | ||||
| Applies to: CA BrightStor ARCServe Backup |
Created: 2007-12-21 |
Updated: 2024-09-07 |
||
| ID: REF000653 |
Title: MP installed: VLC browser plug-in is installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: VLC Media Plugin for internet browsers is installed. | ||||
| Applies to: |
Created: 2007-12-20 |
Updated: 2010-08-21 |
||
| ID: REF000651 |
Title: MP installed: MPlayer browser plug-in is installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: MPlayer Media Plugin for internet browsers is installed. | ||||
| Applies to: |
Created: 2007-12-20 |
Updated: 2010-08-21 |
||
| ID: REF000652 |
Title: MP installed: HelixPlayer browser plug-in is installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: HelixPlayer Media Plugin for internet browsers is installed. | ||||
| Applies to: |
Created: 2007-12-20 |
Updated: 2010-08-21 |
||
| ID: REF000654 |
Title: MP installed: GCJ java browser plug-in is installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Java Media Plugin for internet browsers is installed. | ||||
| Applies to: |
Created: 2007-12-20 |
Updated: 2010-08-21 |
||
| ID: REF000650 |
Title: MP installed: Flash browser plug-in is installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Flash Media Plugin for internet browsers is installed. | ||||
| Applies to: |
Created: 2007-12-20 |
Updated: 2010-08-21 |
||
| ID: CVE-2006-5339 |
Title: SANS07S7: Multiple vulnerabilities in Oracle 8.1.7.4 |
Type: Services |
Bulletins:
CVE-2006-5339 CVE-2006-5340 CVE-2006-5344 CVE-2007-0272 SFBID20588 SFBID22083 |
Severity: High |
| Description: Multiple vulnerabilities exist in Oracle 8.1.7.4, including buffer overflows, and multiple unspecified vulnerabilities. | ||||
| Applies to: Oracle Database 8i |
Created: 2007-12-17 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-1086 |
Title: SANS07S7: Multiple vulnerabilities in IBM DB2 |
Type: Services |
Bulletins:
CVE-2007-1086 CVE-2007-1087 CVE-2007-1088 CVE-2007-1089 CVE-2007-2582 CVE-2007-5652 SFBID22677 SFBID26010 SFBID23890 SFBID26450 |
Severity: High |
| Description: Multiple vulnerabilities exist in IBM DB2 before version 9.1 FixPack4. These include execution of arbitrary code, creation and modification of arbitrary files, and execution of unauthorized SQL commands. | ||||
| Applies to: IBM DB2 |
Created: 2007-12-17 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-6372 |
Title: Unspecified vulnerability in Juniper JUNOS 7.3 through 8.4 allows remote attackers to cause a denial of service (crash) via malformed BGP packets, possibly BGP UPDATE packets that trigger session flapping. |
Type: Hardware |
Bulletins:
CVE-2007-6372 SFBID26869 |
Severity: High |
| Description: Unspecified vulnerability in Juniper JUNOS 7.3 through 8.4 allows remote attackers to cause a denial of service (crash) via malformed BGP packets, possibly BGP UPDATE packets that trigger session flapping. | ||||
| Applies to: |
Created: 2007-12-14 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-5332 |
Title: SANS07S7: Multiple vulnerabilities in Oracle Database 9i |
Type: Services |
Bulletins:
CVE-2006-5332 CVE-2006-5334 CVE-2006-5336 CVE-2006-5339 CVE-2006-5340 CVE-2006-5341 CVE-2006-5342 CVE-2006-5344 CVE-2006-5345 CVE-2007-0272 CVE-2007-2118 CVE-2007-5506 SFBID20588 SFBID22083 SFBID23532 |
Severity: High |
| Description: Multiple vulnerabilities exist in some versions of Oracle Database Server 9i. It is recommended to update to the latest versions or apply the latest patches. | ||||
| Applies to: Oracle Database 9i |
Created: 2007-12-14 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-5332 |
Title: SANS07S7: Multiple vulnerabilities in Oracle Database 10g |
Type: Services |
Bulletins:
CVE-2006-5332 CVE-2006-5333 CVE-2006-5334 CVE-2006-5335 CVE-2006-5336 CVE-2006-5339 CVE-2006-5340 CVE-2006-5341 CVE-2006-5342 CVE-2006-5343 CVE-2006-5344 CVE-2006-5345 CVE-2007-0272 CVE-2007-1442 CVE-2007-2113 CVE-2007-5506 SFBID20588 SFBID22083 SFBID23532 SFBID22905 |
Severity: High |
| Description: Multiple vulnerabilities exist in some versions of Oracle Database Server 10g. It is recommended to update to the latest versions or apply the latest patches. | ||||
| Applies to: Oracle Database 10g |
Created: 2007-12-14 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-1680 |
Title: SANS07A1: Stack-based buffer overflow in Yahoo! Messenger before 20070313 |
Type: Software |
Bulletins:
CVE-2007-1680 SFBID23291 |
Severity: High |
| Description: Stack-based buffer overflow in the createAndJoinConference function in the AudioConf ActiveX control (yacscom.dll) in Yahoo! Messenger before March 13, 2007, allows remote attackers to execute arbitrary code via long socksHostname and hostname properties. | ||||
| Applies to: |
Created: 2007-12-14 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-2418 |
Title: SANS07A1: Multiple buffer overflow vulnerabilities in Trillian earlier than 3.1.7.0 |
Type: Software |
Bulletins:
CVE-2007-2418 CVE-2007-2478 CVE-2007-3832 CVE-2007-3305 SFBID23781 SFBID23730 SFBID24927 SFBID24523 |
Severity: High |
| Description: Multiple buffer overflow vulnerabilities exist in Cerulean Studios Trillian 3.x before 3.1.7.0, allowing remote attackers to execute arbitrary code. | ||||
| Applies to: Cerulean Studios Trillian |
Created: 2007-12-14 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-0711 |
Title: SANS07C4: Multiple vulnerabilities in Apple Quicktime 7.2 and earlier |
Type: Software |
Bulletins:
CVE-2007-0711 CVE-2007-0712 CVE-2007-0714 CVE-2007-2295 CVE-2007-2296 CVE-2007-0754 CVE-2007-2389 CVE-2007-2393 CVE-2007-2394 CVE-2007-5045 CVE-2007-4673 SFBID24873 SFBID22827 SFBID22844 SFBID25913 SFBID23652 SFBID23923 SFBID23650 SFBID24222 |
Severity: High |
| Description: Multiple vulnerabilities exist in Apple Quicktime version 7.2 and earlier. These include possibility of information disclosure and code execution. | ||||
| Applies to: Apple QuickTime |
Created: 2007-12-11 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-3457 |
Title: SANS07C4: Adobe Flash Player 8.0.34.0 and earlier vulnerable to CSRF attack |
Type: Software |
Bulletins:
CVE-2007-3457 |
Severity: Medium |
| Description: Adobe Flash Player 8.0.34.0 and earlier insufficiently validates HTTP Referer headers, which potentially allows remote attackers to conduct a CSRF attack via a crafted SWF file. | ||||
| Applies to: Adobe Flash Player |
Created: 2007-12-11 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-2497 |
Title: SANS07C4: Multiple Vulnerabilities in RealPlayer 10, 10.5 and 11 Beta |
Type: Software |
Bulletins:
CVE-2007-2497 CVE-2007-3410 CVE-2007-5601 SFBID23712 SFBID26130 |
Severity: High |
| Description: Multiple vulnerabilities exist in RealPlayer versions 10.0, 10.5 and 11 Beta. These include remote execution of arbitrary code, and denial of service. | ||||
| Applies to: RealPlayer |
Created: 2007-12-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-3752 |
Title: SANS07C4: Buffer overflow in Apple iTunes before 7.4 |
Type: Software |
Bulletins:
CVE-2007-3752 |
Severity: High |
| Description: Buffer overflow in Apple iTunes before 7.4 allows remote attackers to cause a denial of service (application termination) or execute arbitrary code via a music file with crafted album cover art. | ||||
| Applies to: Apple iTunes |
Created: 2007-12-10 |
Updated: 2024-09-07 |
||
| ID: REF000642 |
Title: P2P installed: mldonkey installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: mlDonkey P2P file sharing client installed. | ||||
| Applies to: |
Created: 2007-12-10 |
Updated: 2010-08-21 |
||
| ID: CVE-2007-0044 |
Title: SANS07C1: Multiple vulnerabilities in Adobe Reader earlier than 8.0.0 |
Type: Software |
Bulletins:
CVE-2007-0044 CVE-2007-0046 CVE-2007-0103 CVE-2007-0045 SFBID21858 SFBID21910 |
Severity: High |
| Description: Multiple vulnerabilities exist in Adobe Reader earlier than 8.0.0, some of which have unknown impact. Known vulnerabilities include denial of service and remote execution of arbitrary code. | ||||
| Applies to: Adobe Reader |
Created: 2007-12-07 |
Updated: 2024-09-07 |
||
| ID: REF000638 |
Title: P2P installed: xmule installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: xMule P2P file sharing client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000636 |
Title: P2P installed: transmission installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Transmission P2P file sharing client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000635 |
Title: P2P installed: rtorrent installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: rTorrent P2P file sharing client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000634 |
Title: P2P installed: qtella installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Qtella P2P file sharing client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000643 |
Title: P2P installed: napster installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Napster P2P file sharing client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000646 |
Title: P2P installed: nap installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Nap P2P file sharing client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000640 |
Title: P2P installed: mutella installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Mutella P2P file sharing client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000645 |
Title: P2P installed: lopster instaled |
Type: Software |
Bulletins: | Severity: Low |
| Description: Lopster P2P file sharing client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000632 |
Title: P2P installed: ktorrent installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Ktorrent P2P file sharing client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000633 |
Title: P2P installed: kommute installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Komute P2P file sharing client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000641 |
Title: P2P installed: knapster installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Knapster P2P file sharing client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000647 |
Title: P2P installed: gtk-gnutella installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: GTK-Gnutella P2P file sharing client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000644 |
Title: P2P installed: gnut installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Gnut P2P file sharing client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000631 |
Title: P2P installed: gnunet installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: GnuNet P2P file sharing client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000630 |
Title: P2P installed: deluge installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Deluge P2P file sharing client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000637 |
Title: P2P installed: dctc installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: DCtc P2P file sharing client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000629 |
Title: P2P installed: ctorrent installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: cTorrent P2P file sharing client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000628 |
Title: P2P installed: bittorrent installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: BitTorrent P2P file sharing client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000627 |
Title: P2P installed: bittornado installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: BitTornado P2P file sharing client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000649 |
Title: P2P installed: bitstormlite installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: BitStormLite P2P file sharing client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000626 |
Title: P2P installed: azureus installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Azureus P2P file sharing client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000639 |
Title: P2P installed: apollon installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Apollon P2P file sharing client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000648 |
Title: P2P installed: amule installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: aMule P2P file sharing client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000624 |
Title: IM installed: ytalk installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Ytalk instant messaging client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000621 |
Title: IM installed: yahoo messenger installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Yahoo Messenger instant messaging client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000622 |
Title: IM installed: trebuchet installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Trebuchet instant messaging client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000623 |
Title: IM installed: talk installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Talk instant messaging client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000601 |
Title: IM installed: skype installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Skype instant messaging client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000615 |
Title: IM installed: sircd installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: sIRCd instant messaging server installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000614 |
Title: IM installed: sim installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Sim instant messaging client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000613 |
Title: IM installed: psi installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: PSI instant messaging client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000612 |
Title: IM installed: pidgin installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Pidgin instant messaging client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000611 |
Title: IM installed: micq installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: mICQ instant messaging client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000610 |
Title: IM installed: lostirc installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: LostIRC instant messaging client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000609 |
Title: IM installed: licq installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: LICQ instant messaging client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000608 |
Title: IM installed: kxicq installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: KxICQ instant messaging client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000620 |
Title: IM installed: kopete installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Kopete instant messaging client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000616 |
Title: IM installed: kicq installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: KICQ instant messaging client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000607 |
Title: IM installed: kadu installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Kadu instant messaging client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000606 |
Title: IM installed: jabbin installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Jabin instant messaging client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000605 |
Title: IM installed: jabber installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Jabber instant messaging client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000604 |
Title: IM installed: gossip installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Gossip instant messaging client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000603 |
Title: IM installed: gnu gadu installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: GNU Gadu instant messaging client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000619 |
Title: IM installed: gaim installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Gaim instant messaging client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000625 |
Title: IM installed: gabber installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Gabber instant messaging client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000602 |
Title: IM installed: epic installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: Epic instant messaging client installed. | ||||
| Applies to: |
Created: 2007-12-06 |
Updated: 2010-08-21 |
||
| ID: REF000663 |
Title: Config laptop: swap partition not encrypted |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: Computer was identified as a laptop. No encryption was detected on the swap partition. | ||||
| Applies to: |
Created: 2007-12-05 |
Updated: 2010-08-21 |
||
| ID: REF000665 |
Title: Config laptop: root partition not encypted |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: Computer was identified as a laptop. No encryption was detected on the root partition. | ||||
| Applies to: |
Created: 2007-12-05 |
Updated: 2010-08-21 |
||
| ID: REF000664 |
Title: Config laptop: home partition not encrypted |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: Computer was identified as a laptop. No encryption was detected on the home partition. | ||||
| Applies to: |
Created: 2007-12-05 |
Updated: 2010-08-21 |
||
| ID: CVE-2007-2867 |
Title: SANS07C3: Multiple Vulnerabilities in Mozilla Thunderbird 2.x earlier than 2.0.0.6 |
Type: |
Bulletins:
CVE-2007-2867 CVE-2007-3734 CVE-2007-3735 CVE-2007-3845 SFBID24242 SFBID24946 |
Severity: High |
| Description: Mozilla Thunderbird 2.x versions earlier than 2.0.0.6 are vulnerable to remote denial of service attacks and remote execution of arbitrary commands. | ||||
| Applies to: Mozilla Thunderbird |
Created: 2007-12-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-0777 |
Title: SANS07C3: Multiple Vulnerabilities in Mozilla Thunderbird 1.5.x earlier than 1.5.0.13 |
Type: |
Bulletins:
CVE-2007-0777 CVE-2007-2867 CVE-2007-3845 CVE-2006-4565 CVE-2006-4571 CVE-2006-5463 CVE-2006-5747 CVE-2006-6502 CVE-2007-1282 SFBID22694 SFBID24242 SFBID21668 SFBID20042 SFBID20957 SFBID22845 |
Severity: High |
| Description: Mozilla Thunderbird 1.5.x versions earlier than 1.5.0.13 are vulnerable to remote denial of service attacks and remote execution of arbitrary commands. | ||||
| Applies to: Mozilla Thunderbird |
Created: 2007-12-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-0981 |
Title: SANS07C1: Multiple Vulnerabilities in SeaMonkey earlier than 1.1.5 |
Type: Web |
Bulletins:
CVE-2007-0981 CVE-2007-1092 CVE-2007-5338 CVE-2006-4565 CVE-2006-4571 CVE-2006-5463 CVE-2006-5747 CVE-2006-6502 CVE-2006-6504 CVE-2007-0777 CVE-2007-0779 CVE-2007-1282 CVE-2007-2867 CVE-2007-3845 SFBID22694 SFBID22566 SFBID22679 SFBID24242 SFBID26132 SFBID24242 SFBID21668 SFBID22845 SFBID20957 SFBID20042 |
Severity: High |
| Description: Multiple vulnerabilities exist in SeaMonkey versions earlier than 1.1.5. These include remote execution of arbitrary code, denial of service, and spoofing of GUI elements. | ||||
| Applies to: SeaMonkey |
Created: 2007-12-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-0776 |
Title: SANS07C1: Multiple Vulnerabilities in Mozilla Firefox earlier than 2.0.0.8 |
Type: Web |
Bulletins:
CVE-2007-0776 CVE-2007-0777 CVE-2007-0779 CVE-2007-0981 CVE-2007-1092 CVE-2007-2292 CVE-2007-2867 CVE-2007-3734 CVE-2007-3735 CVE-2007-3737 CVE-2007-3738 CVE-2007-3845 CVE-2007-4841 CVE-2007-5338 CVE-2006-4565 CVE-2006-4571 CVE-2006-5463 CVE-2006-5747 SFBID26132 SFBID20957 SFBID20042 SFBID25543 SFBID22679 SFBID24946 SFBID24242 SFBID22694 SFBID23668 SFBID22566 SFBID21668 |
Severity: High |
| Description: Multiple vulnerabilities exist in Mozilla Firefox versions earlier than 2.0.0.8. These include remote execution of arbitrary code, denial of service, and spoofing of GUI elements. | ||||
| Applies to: Mozilla Firefox |
Created: 2007-12-04 |
Updated: 2024-09-07 |
||
| ID: REF000578 |
Title: Config yum-updatesd: auto-updating disabled |
Type: Services |
Bulletins: | Severity: Low |
| Description: yum-updatesd auto-update is disabled. See /etc/yum/yum-updatesd.conf for details. | ||||
| Applies to: |
Created: 2007-12-04 |
Updated: 2010-08-21 |
||
| ID: REF000580 |
Title: Config yum-updatesd: auto-resolving dependencies disabled |
Type: Services |
Bulletins: | Severity: Low |
| Description: yum-updatesd auto-resolving of update dependencies is disabled. See /etc/yum/yum-updatesd.conf for details. | ||||
| Applies to: |
Created: 2007-12-04 |
Updated: 2010-08-21 |
||
| ID: REF000579 |
Title: Config yum-updatesd: auto-downloading disabled |
Type: Services |
Bulletins: | Severity: Low |
| Description: yum-updatesd update auto-downloading is disabled. See /etc/yum/yum-updatesd.conf for details. | ||||
| Applies to: |
Created: 2007-12-04 |
Updated: 2010-08-21 |
||
| ID: REF000583 |
Title: Config apt: update notification disabled |
Type: Services |
Bulletins: | Severity: Low |
| Description: apt-update notification is disabled. | ||||
| Applies to: |
Created: 2007-12-04 |
Updated: 2010-08-21 |
||
| ID: REF000582 |
Title: Config apt: daily job disabled |
Type: Services |
Bulletins: | Severity: Low |
| Description: apt daily update job is disabled, /etc/cron.daily/apt is missing. | ||||
| Applies to: |
Created: 2007-12-04 |
Updated: 2010-08-21 |
||
| ID: REF000581 |
Title: Config apt: auto-updating package lists disabled |
Type: Services |
Bulletins: | Severity: Low |
| Description: apt auto-updating package lists is disabled. See /etc/apt/apt.conf.d/10periodic and /etc/apt/apt.conf.d/15adept-periodic-update for details. | ||||
| Applies to: |
Created: 2007-12-04 |
Updated: 2010-08-21 |
||
| ID: REF000577 |
Title: Config yum-updatesd: start on boot disabled |
Type: Services |
Bulletins: | Severity: Low |
| Description: yum-updatesd is installed but not activated during init3 or init5 startup. See 'chkconfig --list' output for details. | ||||
| Applies to: |
Created: 2007-12-03 |
Updated: 2010-08-21 |
||
| ID: CVE-2007-5020 |
Title: APSB07-18: Adobe Acrobat mailto: vulnerability |
Type: Software |
Bulletins:
CVE-2007-5020 SFBID25748 |
Severity: High |
| Description: Critical vulnerabilities have been identified in Adobe Reader and Acrobat that could allow an attacker who successfully exploits these vulnerabilities to take control of the affected system. This issue only affects customers on Windows XP or Windows 2003 with Internet Explorer 7 installed. A malicious file must be loaded in Adobe Reader or Acrobat by the end user for an attacker to exploit these vulnerabilities. It is recommended that affected users update to Adobe Reader 8.1.1 or Acrobat 8.1.1. | ||||
| Applies to: |
Created: 2007-10-30 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-5651 |
Title: Unspecified vulnerability in the Extensible Authentication Protocol (EAP) implementation in Cisco IOS 12.3 and 12.4 on Cisco Access Points and 1310 Wireless Bridges (Wireless EAP devices), IOS 12.1 and 12.2 on Cisco switches (Wired EAP devices), and... |
Type: Hardware |
Bulletins:
CVE-2007-5651 SFBID26139 |
Severity: High |
| Description: Unspecified vulnerability in the Extensible Authentication Protocol (EAP) implementation in Cisco IOS 12.3 and 12.4 on Cisco Access Points and 1310 Wireless Bridges (Wireless EAP devices), IOS 12.1 and 12.2 on Cisco switches (Wired EAP devices), and CatOS 6.x through 8.x on Cisco switches allows remote attackers to cause a denial of service (device reload) via a crafted EAP Response Identity packet. | ||||
| Applies to: |
Created: 2007-10-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-5549 |
Title: Unspecified vulnerability in Command EXEC in Cisco IOS allows local users to bypass command restrictions and obtain sensitive information via an unspecified "variation of an IOS command" involving "two different methods", aka CSCsk16129. NOTE: as... |
Type: Hardware |
Bulletins:
CVE-2007-5549 |
Severity: Low |
| Description: Unspecified vulnerability in Command EXEC in Cisco IOS allows local users to bypass command restrictions and obtain sensitive information via an unspecified "variation of an IOS command" involving "two different methods", aka CSCsk16129. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||||
| Applies to: |
Created: 2007-10-18 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-5550 |
Title: Unspecified vulnerability in Cisco IOS allows remote attackers to obtain the IOS version via unspecified vectors involving a "common network service", aka PSIRT-1255024833. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no... |
Type: Hardware |
Bulletins:
CVE-2007-5550 |
Severity: Medium |
| Description: Unspecified vulnerability in Cisco IOS allows remote attackers to obtain the IOS version via unspecified vectors involving a "common network service", aka PSIRT-1255024833. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||||
| Applies to: |
Created: 2007-10-18 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-5551 |
Title: Off-by-one error in Cisco IOS allows remote attackers to execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information.... |
Type: Hardware |
Bulletins:
CVE-2007-5551 |
Severity: High |
| Description: Off-by-one error in Cisco IOS allows remote attackers to execute arbitrary code via unspecified vectors that trigger a heap-based buffer overflow. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||||
| Applies to: |
Created: 2007-10-18 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-5548 |
Title: Multiple stack-based buffer overflows in Command EXEC in Cisco IOS allow local users to gain privileges via unspecified vectors, aka (1) PSIRT-0474975756 and (2) PSIRT-0388256465. NOTE: as of 20071016, the only disclosure is a vague pre-advisory... |
Type: Hardware |
Bulletins:
CVE-2007-5548 |
Severity: Medium |
| Description: Multiple stack-based buffer overflows in Command EXEC in Cisco IOS allow local users to gain privileges via unspecified vectors, aka (1) PSIRT-0474975756 and (2) PSIRT-0388256465. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||||
| Applies to: |
Created: 2007-10-18 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-5552 |
Title: Integer overflow in Cisco IOS allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known... |
Type: Hardware |
Bulletins:
CVE-2007-5552 |
Severity: High |
| Description: Integer overflow in Cisco IOS allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||||
| Applies to: |
Created: 2007-10-18 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-5547 |
Title: Cross-site scripting (XSS) vulnerability in Cisco IOS allows remote attackers to inject arbitrary web script or HTML, and execute IOS commands, via unspecified vectors, aka PSIRT-2022590358. NOTE: as of 20071016, the only disclosure is a vague... |
Type: Hardware |
Bulletins:
CVE-2007-5547 |
Severity: Medium |
| Description: Cross-site scripting (XSS) vulnerability in Cisco IOS allows remote attackers to inject arbitrary web script or HTML, and execute IOS commands, via unspecified vectors, aka PSIRT-2022590358. NOTE: as of 20071016, the only disclosure is a vague pre-advisory with no actionable information. However, since it is from a well-known researcher, it is being assigned a CVE identifier for tracking purposes. | ||||
| Applies to: |
Created: 2007-10-18 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-5569 |
Title: Cisco PIX and ASA appliances with 7.1 and 7.2 software, when configured for TLS sessions to the device, allow remote attackers to cause a denial of service (device reload) via a crafted TLS packet, aka CSCsg43276 and CSCsh97120. |
Type: Hardware |
Bulletins:
CVE-2007-5569 SFBID26104 |
Severity: High |
| Description: Cisco PIX and ASA appliances with 7.1 and 7.2 software, when configured for TLS sessions to the device, allow remote attackers to cause a denial of service (device reload) via a crafted TLS packet, aka CSCsg43276 and CSCsh97120. | ||||
| Applies to: |
Created: 2007-10-18 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-5537 |
Title: Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(2), and Unified CallManager 5.0, allow remote attackers to cause a denial of service (kernel panic) via a flood of SIP INVITE messages to UDP port 5060, which triggers... |
Type: Hardware |
Bulletins:
CVE-2007-5537 SFBID26105 |
Severity: High |
| Description: Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(2), and Unified CallManager 5.0, allow remote attackers to cause a denial of service (kernel panic) via a flood of SIP INVITE messages to UDP port 5060, which triggers resource exhaustion, aka CSCsi75822. | ||||
| Applies to: Unified Callmanager Unified Communications Manager |
Created: 2007-10-17 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-5538 |
Title: Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attackers to execute arbitrary code or cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2007-5538 SFBID26105 |
Severity: High |
| Description: Buffer overflow in the Centralized TFTP File Locator Service in Cisco Unified Communications Manager (CUCM, formerly CallManager) 5.1 before 5.1(3), and Unified CallManager 5.0, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors involving the processing of filenames, aka CSCsh47712. | ||||
| Applies to: Unified Callmanager Unified Communications Manager |
Created: 2007-10-17 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-5468 |
Title: Cisco CallManager 5.1.1.3000-5 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote attackers to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof... |
Type: Hardware |
Bulletins:
CVE-2007-5468 SFBID26057 |
Severity: Medium |
| Description: Cisco CallManager 5.1.1.3000-5 does not verify the Digest authentication header URI against the Request URI in SIP messages, which allows remote attackers to use sniffed Digest authentication credentials to call arbitrary telephone numbers or spoof caller ID (aka "toll fraud and authentication forward attack"). | ||||
| Applies to: Cisco Call Manager |
Created: 2007-10-15 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-5381 |
Title: Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco IOS before 12.2(18)SXF11, 12.4(16a), and 12.4(2)T6 allow remote attackers to execute arbitrary code by setting a long hostname on the target system, then causing an error message... |
Type: Hardware |
Bulletins:
CVE-2007-5381 SFBID26001 |
Severity: High |
| Description: Stack-based buffer overflow in the Line Printer Daemon (LPD) in Cisco IOS before 12.2(18)SXF11, 12.4(16a), and 12.4(2)T6 allow remote attackers to execute arbitrary code by setting a long hostname on the target system, then causing an error message to be printed, as demonstrated by a telnet session to the LPD from a source port other than 515. | ||||
| Applies to: |
Created: 2007-10-11 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-4634 |
Title: Multiple SQL injection vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to execute arbitrary SQL commands... |
Type: Hardware |
Bulletins:
CVE-2007-4634 SFBID25480 |
Severity: High |
| Description: Multiple SQL injection vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to execute arbitrary SQL commands via the lang variable to the (1) user or (2) admin logon page, aka CSCsi64265. | ||||
| Applies to: Cisco Call Manager Unified Communications Manager |
Created: 2007-08-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-4633 |
Title: Multiple cross-site scripting (XSS) vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to inject arbitrary web... |
Type: Hardware |
Bulletins:
CVE-2007-4633 SFBID25480 |
Severity: Medium |
| Description: Multiple cross-site scripting (XSS) vulnerabilities in Cisco CallManager and Unified Communications Manager (CUCM) before 3.3(5)sr2b, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allow remote attackers to inject arbitrary web script or HTML via the lang variable to the (1) user or (2) admin logon page, aka CSCsi10728. | ||||
| Applies to: Cisco Call Manager Unified Communications Manager |
Created: 2007-08-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-4632 |
Title: Cisco IOS 12.2E, 12.2F, and 12.2S places a "no login" line into the VTY configuration when an administrator makes certain changes to a (1) VTY/AUX or (2) CONSOLE setting on a device without AAA enabled, which allows remote attackers to bypass... |
Type: Hardware |
Bulletins:
CVE-2007-4632 SFBID25482 |
Severity: Medium |
| Description: Cisco IOS 12.2E, 12.2F, and 12.2S places a "no login" line into the VTY configuration when an administrator makes certain changes to a (1) VTY/AUX or (2) CONSOLE setting on a device without AAA enabled, which allows remote attackers to bypass authentication and obtain a terminal session, a different vulnerability than CVE-1999-0293 and CVE-2005-2105. | ||||
| Applies to: |
Created: 2007-08-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-4430 |
Title: Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a "show ip bgp regexp" command. NOTE:... |
Type: Hardware |
Bulletins:
CVE-2007-4430 SFBID25352 |
Severity: Medium |
| Description: Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows context-dependent attackers to cause a denial of service (device restart and BGP routing table rebuild) via certain regular expressions in a "show ip bgp regexp" command. NOTE: unauthenticated remote attacks are possible in environments with anonymous telnet and Looking Glass access. | ||||
| Applies to: |
Created: 2007-08-20 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-4294 |
Title: Unspecified vulnerability in Cisco Unified Communications Manager (CUCM) 5.0, 5.1, and 6.0, and IOS 12.0 through 12.4, allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80102. |
Type: Hardware |
Bulletins:
CVE-2007-4294 SFBID25239 |
Severity: Medium |
| Description: Unspecified vulnerability in Cisco Unified Communications Manager (CUCM) 5.0, 5.1, and 6.0, and IOS 12.0 through 12.4, allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80102. | ||||
| Applies to: Unified Communications Manager |
Created: 2007-08-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-4285 |
Title: Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to 12.3, including some versions before 12.3(15) and 12.3(14)T, allows remote attackers to obtain sensitive information (partial packet contents) or cause a denial of service (router or... |
Type: Hardware |
Bulletins:
CVE-2007-4285 |
Severity: High |
| Description: Unspecified vulnerability in Cisco IOS and Cisco IOS XR 12.x up to 12.3, including some versions before 12.3(15) and 12.3(14)T, allows remote attackers to obtain sensitive information (partial packet contents) or cause a denial of service (router or component crash) via crafted IPv6 packets with a Type 0 routing header. | ||||
| Applies to: |
Created: 2007-08-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-4295 |
Title: Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80749. |
Type: Hardware |
Bulletins:
CVE-2007-4295 SFBID25239 |
Severity: Medium |
| Description: Unspecified vulnerability in Cisco IOS 12.0 through 12.4 allows remote attackers to execute arbitrary code via a malformed SIP packet, aka CSCsi80749. | ||||
| Applies to: |
Created: 2007-08-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-4292 |
Title: Multiple memory leaks in Cisco IOS 12.0 through 12.4 allow remote attackers to cause a denial of service (device crash) via a malformed SIP packet, aka (1) CSCsf11855, (2) CSCeb21064, (3) CSCse40276, (4) CSCse68355, (5) CSCsf30058, (6) CSCsb24007,... |
Type: Hardware |
Bulletins:
CVE-2007-4292 SFBID25239 |
Severity: High |
| Description: Multiple memory leaks in Cisco IOS 12.0 through 12.4 allow remote attackers to cause a denial of service (device crash) via a malformed SIP packet, aka (1) CSCsf11855, (2) CSCeb21064, (3) CSCse40276, (4) CSCse68355, (5) CSCsf30058, (6) CSCsb24007, and (7) CSCsc60249. | ||||
| Applies to: |
Created: 2007-08-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-4291 |
Title: Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service via (1) a malformed MGCP packet, which causes a device hang, aka CSCsf08998; a malformed H.323 packet, which causes a device crash, as identified by (2) CSCsi60004 with... |
Type: Hardware |
Bulletins:
CVE-2007-4291 SFBID25239 |
Severity: High |
| Description: Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service via (1) a malformed MGCP packet, which causes a device hang, aka CSCsf08998; a malformed H.323 packet, which causes a device crash, as identified by (2) CSCsi60004 with Proxy Unregistration and (3) CSCsg70474; and a malformed Real-time Transport Protocol (RTP) packet, which causes a device crash, as identified by (4) CSCse68138, related to VOIP RTP Lib, and (5) CSCse05642, related to I/O memory corruption. | ||||
| Applies to: |
Created: 2007-08-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-4293 |
Title: Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device crash) via (1) "abnormal" MGCP messages, aka CSCsd81407; and (2) a large facsimile packet, aka CSCej20505. |
Type: Hardware |
Bulletins:
CVE-2007-4293 SFBID25239 |
Severity: High |
| Description: Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (device crash) via (1) "abnormal" MGCP messages, aka CSCsd81407; and (2) a large facsimile packet, aka CSCej20505. | ||||
| Applies to: |
Created: 2007-08-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-4286 |
Title: Buffer overflow in the Next Hop Resolution Protocol (NHRP) functionality in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (restart) and execute arbitrary code via a crafted NHRP packet. |
Type: Hardware |
Bulletins:
CVE-2007-4286 SFBID25238 |
Severity: High |
| Description: Buffer overflow in the Next Hop Resolution Protocol (NHRP) functionality in Cisco IOS 12.0 through 12.4 allows remote attackers to cause a denial of service (restart) and execute arbitrary code via a crafted NHRP packet. | ||||
| Applies to: |
Created: 2007-08-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-4263 |
Title: Unspecified vulnerability in the server side of the Secure Copy (SCP) implementation in Cisco 12.2-based IOS allows remote authenticated users to read, write or overwrite any file on the device's filesystem via unknown vectors. |
Type: Hardware |
Bulletins:
CVE-2007-4263 SFBID25240 |
Severity: High |
| Description: Unspecified vulnerability in the server side of the Secure Copy (SCP) implementation in Cisco 12.2-based IOS allows remote authenticated users to read, write or overwrite any file on the device's filesystem via unknown vectors. | ||||
| Applies to: |
Created: 2007-08-08 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-4011 |
Title: Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software before 3.2 20070727, 4.0 before 20070727, and 4.1 before 4.1.180.0 allows remote attackers to cause a denial of service (traffic amplification or... |
Type: Hardware |
Bulletins:
CVE-2007-4011 SFBID25043 |
Severity: High |
| Description: Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software before 3.2 20070727, 4.0 before 20070727, and 4.1 before 4.1.180.0 allows remote attackers to cause a denial of service (traffic amplification or ARP storm) via a crafted unicast ARP request that (1) has a destination MAC address unknown to the Layer-2 infrastructure, aka CSCsj69233; or (2) occurs during Layer-3 roaming across IP subnets, aka CSCsj70841. | ||||
| Applies to: |
Created: 2007-07-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-4012 |
Title: Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software 4.1 before 4.1.180.0 allows remote attackers to cause a denial of service (ARP storm) via a broadcast ARP packet that "targets the IP address of a... |
Type: Hardware |
Bulletins:
CVE-2007-4012 SFBID25043 |
Severity: High |
| Description: Cisco 4100 and 4400, Airespace 4000, and Catalyst 6500 and 3750 Wireless LAN Controller (WLC) software 4.1 before 4.1.180.0 allows remote attackers to cause a denial of service (ARP storm) via a broadcast ARP packet that "targets the IP address of a known client context", aka CSCsj50374. | ||||
| Applies to: |
Created: 2007-07-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-3944 |
Title: Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions (PCRE) library in the JavaScript engine in WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, allow remote attackers to execute... |
Type: Mobile Devices |
Bulletins:
CVE-2007-3944 SFBID25002 |
Severity: High |
| Description: Multiple heap-based buffer overflows in the Perl Compatible Regular Expressions (PCRE) library in the JavaScript engine in WebKit in Apple Safari 3 Beta before Update 3.0.3, and iPhone before 1.0.1, allow remote attackers to execute arbitrary code via certain JavaScript regular expressions. NOTE: this issue was originally reported only for MobileSafari on the iPhone. NOTE: it is not clear whether this stems from an issue in the original distribution of PCRE, which might already have a separate CVE identifier. | ||||
| Applies to: |
Created: 2007-07-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-3775 |
Title: Unspecified vulnerability in Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allows remote attackers to cause a denial of service (loss of cluster services) via unspecified vectors, aka (1)... |
Type: Hardware |
Bulletins:
CVE-2007-3775 SFBID24867 |
Severity: High |
| Description: Unspecified vulnerability in Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allows remote attackers to cause a denial of service (loss of cluster services) via unspecified vectors, aka (1) CSCsj09859 and (2) CSCsj19985. | ||||
| Applies to: Unified Communications Manager |
Created: 2007-07-15 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-5277 |
Title: Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via a crafted packet that... |
Type: Hardware |
Bulletins:
CVE-2006-5277 SFBID24868 |
Severity: High |
| Description: Off-by-one error in the Certificate Trust List (CTL) Provider service (CTLProvider.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via a crafted packet that triggers a heap-based buffer overflow. | ||||
| Applies to: Unified Callmanager Unified Communications Manager |
Created: 2007-07-15 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-5278 |
Title: Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets,... |
Type: Hardware |
Bulletins:
CVE-2006-5278 SFBID24868 |
Severity: High |
| Description: Integer overflow in the Real-Time Information Server (RIS) Data Collector service (RisDC.exe) in Cisco Unified Communications Manager (CUCM, formerly CallManager) before 20070711 allow remote attackers to execute arbitrary code via crafted packets, resulting in a heap-based buffer overflow. | ||||
| Applies to: Unified Callmanager Unified Communications Manager |
Created: 2007-07-15 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-3776 |
Title: Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allow remote attackers to obtain sensitive information via unspecified vectors that reveal the SNMP community strings and configuration settings,... |
Type: Hardware |
Bulletins:
CVE-2007-3776 SFBID24867 |
Severity: Medium |
| Description: Cisco Unified Communications Manager (CUCM, formerly CallManager) and Unified Presence Server (CUPS) allow remote attackers to obtain sensitive information via unspecified vectors that reveal the SNMP community strings and configuration settings, aka (1) CSCsj20668 and (2) CSCsj25962. | ||||
| Applies to: Unified Communications Manager |
Created: 2007-07-15 |
Updated: 2024-09-07 |
||
| ID: MITRE:1670 |
Title: CAPICOM.Certificates Vulnerability |
Type: Software |
Bulletins:
MITRE:1670 CVE-2007-0940 |
Severity: High |
| Description: Unspecified vulnerability in the Cryptographic API Component Object Model Certificates ActiveX control (CAPICOM.dll) in Microsoft CAPICOM and BizTalk Server 2004 SP1 and SP2 allows remote attackers to execute arbitrary code via unspecified vectors, aka the "CAPICOM.Certificates Vulnerability." | ||||
| Applies to: Microsoft Capicom |
Created: 2007-07-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-3574 |
Title: Multiple cross-site scripting (XSS) vulnerabilities in setup.cgi on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.00.06 firmware allow remote attackers to inject arbitrary web script or HTML via the (1) c4_trap_ip_, (2) devname, (3)... |
Type: Hardware |
Bulletins:
CVE-2007-3574 SFBID24682 |
Severity: Medium |
| Description: Multiple cross-site scripting (XSS) vulnerabilities in setup.cgi on the Cisco Linksys WAG54GS Wireless-G ADSL Gateway with 1.00.06 firmware allow remote attackers to inject arbitrary web script or HTML via the (1) c4_trap_ip_, (2) devname, (3) snmp_getcomm, or (4) snmp_setcomm parameter. | ||||
| Applies to: wag54gs |
Created: 2007-07-05 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-3348 |
Title: The D-Link DPH-540/DPH-541 phone allows remote attackers to cause a denial of service (device outage) via a malformed SDP header in a SIP INVITE message. |
Type: Hardware |
Bulletins:
CVE-2007-3348 SFBID24538 |
Severity: High |
| Description: The D-Link DPH-540/DPH-541 phone allows remote attackers to cause a denial of service (device outage) via a malformed SDP header in a SIP INVITE message. | ||||
| Applies to: DPH-540 DPH-541 |
Created: 2007-06-22 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-3347 |
Title: The D-Link DPH-540/DPH-541 phone accepts SIP INVITE messages that are not from the Call Server's IP address, which allows remote attackers to engage in arbitrary SIP communication with the phone, as demonstrated by communication with forged caller ID. |
Type: Hardware |
Bulletins:
CVE-2007-3347 SFBID24560 |
Severity: High |
| Description: The D-Link DPH-540/DPH-541 phone accepts SIP INVITE messages that are not from the Call Server's IP address, which allows remote attackers to engage in arbitrary SIP communication with the phone, as demonstrated by communication with forged caller ID. | ||||
| Applies to: DPH-540 DPH-541 |
Created: 2007-06-22 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-2832 |
Title: Cross-site scripting (XSS) vulnerability in the web application firewall in Cisco CallManager before 3.3(5)sr3, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allows remote attackers to inject arbitrary web script or HTML via... |
Type: Hardware |
Bulletins:
CVE-2007-2832 SFBID24119 |
Severity: Medium |
| Description: Cross-site scripting (XSS) vulnerability in the web application firewall in Cisco CallManager before 3.3(5)sr3, 4.1 before 4.1(3)sr5, 4.2 before 4.2(3)sr2, and 4.3 before 4.3(1)sr1 allows remote attackers to inject arbitrary web script or HTML via the pattern parameter to CCMAdmin/serverlist.asp (aka the search-form) and possibly other unspecified vectors. | ||||
| Applies to: Cisco Call Manager |
Created: 2007-05-23 |
Updated: 2024-09-07 |
||
| ID: MITRE:2001 |
Title: CMS Memory Corruption Vulnerability |
Type: Software |
Bulletins:
MITRE:2001 CVE-2007-0938 |
Severity: High |
| Description: Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2 does not properly handle certain characters in a crafted HTTP GET request, which allows remote attackers to execute arbitrary code, aka the "CMS Memory Corruption Vulnerability." | ||||
| Applies to: Microsoft Content Management Server 2001 Microsoft Content Management Server 2002 |
Created: 2007-05-23 |
Updated: 2024-09-07 |
||
| ID: MITRE:1575 |
Title: CMS Cross-Site Scripting and Spoofing Vulnerability |
Type: Software |
Bulletins:
MITRE:1575 CVE-2007-0939 |
Severity: Medium |
| Description: Cross-site scripting (XSS) vulnerability in Microsoft Content Management Server (MCMS) 2001 SP1 and 2002 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors involving HTML redirection queries, aka "Cross-site Scripting and Spoofing Vulnerability." | ||||
| Applies to: Microsoft Content Management Server 2001 Microsoft Content Management Server 2002 |
Created: 2007-05-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-2813 |
Title: Cisco IOS 12.4 and earlier, when using the crypto packages and SSL support is enabled, allows remote attackers to cause a denial of service via a malformed (1) ClientHello, (2) ChangeCipherSpec, or (3) Finished message during an SSL session. |
Type: Hardware |
Bulletins:
CVE-2007-2813 SFBID24097 |
Severity: High |
| Description: Cisco IOS 12.4 and earlier, when using the crypto packages and SSL support is enabled, allows remote attackers to cause a denial of service via a malformed (1) ClientHello, (2) ChangeCipherSpec, or (3) Finished message during an SSL session. | ||||
| Applies to: |
Created: 2007-05-22 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-2734 |
Title: The 3Com TippingPoint IPS do not properly handle certain full-width and half-width Unicode character encodings in an HTTP POST request, which might allow remote attackers to evade detection of HTTP traffic. |
Type: Hardware |
Bulletins:
CVE-2007-2734 |
Severity: High |
| Description: The 3Com TippingPoint IPS do not properly handle certain full-width and half-width Unicode character encodings in an HTTP POST request, which might allow remote attackers to evade detection of HTTP traffic. | ||||
| Applies to: TippingPoint 200 TippingPoint 2000E TippingPoint 2400E TippingPoint 50 TippingPoint 5000E TippingPoint 600E |
Created: 2007-05-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-2688 |
Title: The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic. |
Type: Hardware |
Bulletins:
CVE-2007-2688 SFBID23980 |
Severity: High |
| Description: The Cisco Intrusion Prevention System (IPS) and IOS with Firewall/IPS Feature Set do not properly handle certain full-width and half-width Unicode character encodings, which might allow remote attackers to evade detection of HTTP traffic. | ||||
| Applies to: |
Created: 2007-05-15 |
Updated: 2024-09-07 |
||
| ID: REF000467 |
Title: AutoRun is enabled |
Type: Miscellaneous |
Bulletins: | Severity: High |
| Description: Microsoft Windows supports automatic execution in CD/DVD drives and other removable media. This poses a security risk in the case where a CD or removable disk containing malware that automatically installs itself once the disc is inserted. It is recommended to disable AutoRun both for CD/DVD drives and also for other removable drives. | ||||
| Applies to: |
Created: 2007-05-10 |
Updated: 2010-09-20 |
||
| ID: CVE-2007-2587 |
Title: The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote authenticated users to cause a denial of service (IOS reload) via unspecified vectors involving transferring files (aka bug ID CSCse29244). |
Type: Hardware |
Bulletins:
CVE-2007-2587 SFBID23885 |
Severity: Medium |
| Description: The IOS FTP Server in Cisco IOS 11.3 through 12.4 allows remote authenticated users to cause a denial of service (IOS reload) via unspecified vectors involving transferring files (aka bug ID CSCse29244). | ||||
| Applies to: |
Created: 2007-05-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-2586 |
Title: The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that... |
Type: Hardware |
Bulletins:
CVE-2007-2586 SFBID23885 |
Severity: High |
| Description: The FTP Server in Cisco IOS 11.3 through 12.4 does not properly check user authorization, which allows remote attackers to execute arbitrary code, and have other impact including reading startup-config, as demonstrated by a crafted MKD command that involves access to a VTY device and overflows a buffer, aka bug ID CSCek55259. | ||||
| Applies to: |
Created: 2007-05-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-2502 |
Title: Unspecified vulnerability in HP ProCurve 9300m Series switches with software 08.0.01c through 08.0.01j allows remote attackers to cause a denial of service via unknown vectors, a different switch series than CVE-2006-4015. |
Type: Hardware |
Bulletins:
CVE-2007-2502 SFBID23791 |
Severity: High |
| Description: Unspecified vulnerability in HP ProCurve 9300m Series switches with software 08.0.01c through 08.0.01j allows remote attackers to cause a denial of service via unknown vectors, a different switch series than CVE-2006-4015. | ||||
| Applies to: Procurve Switch 9300m |
Created: 2007-05-03 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-2462 |
Title: Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via... |
Type: Hardware |
Bulletins:
CVE-2007-2462 SFBID23768 |
Severity: High |
| Description: Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 before 7.2(2)8, when using Layer 2 Tunneling Protocol (L2TP) or Remote Management Access, allows remote attackers to bypass LDAP authentication and gain privileges via unknown vectors. | ||||
| Applies to: |
Created: 2007-05-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-2463 |
Title: Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)17 allows remote attackers to cause a denial of service (device reload) via unknown vectors related to VPN connection termination... |
Type: Hardware |
Bulletins:
CVE-2007-2463 SFBID23768 |
Severity: High |
| Description: Unspecified vulnerability in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)17 allows remote attackers to cause a denial of service (device reload) via unknown vectors related to VPN connection termination and password expiry. | ||||
| Applies to: |
Created: 2007-05-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-2461 |
Title: The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 allows remote attackers to cause a denial of service (dropped packets) via a DHCPREQUEST or DHCPINFORM message that causes multiple DHCPACK messages to be sent from DHCP... |
Type: Hardware |
Bulletins:
CVE-2007-2461 SFBID23763 |
Severity: High |
| Description: The DHCP relay agent in Cisco Adaptive Security Appliance (ASA) and PIX 7.2 allows remote attackers to cause a denial of service (dropped packets) via a DHCPREQUEST or DHCPINFORM message that causes multiple DHCPACK messages to be sent from DHCP servers to the agent, which consumes the memory allocated for a local buffer. NOTE: this issue only occurs when multiple DHCP servers are used. | ||||
| Applies to: |
Created: 2007-05-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-2464 |
Title: Race condition in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)19, when using "clientless SSL VPNs," allows remote attackers to cause a denial of service (device reload) via "non-standard SSL sessions." |
Type: Hardware |
Bulletins:
CVE-2007-2464 SFBID23768 |
Severity: High |
| Description: Race condition in Cisco Adaptive Security Appliance (ASA) and PIX 7.1 before 7.1(2)49 and 7.2 before 7.2(2)19, when using "clientless SSL VPNs," allows remote attackers to cause a denial of service (device reload) via "non-standard SSL sessions." | ||||
| Applies to: |
Created: 2007-05-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-2332 |
Title: Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 6_05.140 uses a fixed DES key to encrypt passwords, which allows remote authenticated users to obtain a password via a brute force attack on a hash from the LDAP store. |
Type: Hardware |
Bulletins:
CVE-2007-2332 SFBID23562 |
Severity: High |
| Description: Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 6_05.140 uses a fixed DES key to encrypt passwords, which allows remote authenticated users to obtain a password via a brute force attack on a hash from the LDAP store. | ||||
| Applies to: Contivity 1740 VPN Router Contivity1010 Contivity1050 Contivity1100 Contivity1700 Contivity1750 Contivity2700 Contivity5000 |
Created: 2007-04-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-2333 |
Title: Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow... |
Type: Hardware |
Bulletins:
CVE-2007-2333 SFBID23562 |
Severity: High |
| Description: Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 includes the FIPSecryptedtest1219 and FIPSunecryptedtest1219 default accounts in the LDAP template, which might allow remote attackers to access the private network. | ||||
| Applies to: Contivity1000 Contivity2000 Contivity4000 Contivity5000 |
Created: 2007-04-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-2334 |
Title: Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration... |
Type: Hardware |
Bulletins:
CVE-2007-2334 SFBID23562 |
Severity: High |
| Description: Nortel VPN Router (aka Contivity) 1000, 2000, 4000, and 5000 before 5_05.149, 5_05.3xx before 5_05.304, and 6.x before 6_05.140 has two template HTML files lacking certain verification tags, which allows remote attackers to access the administration interface and change the device configuration via certain requests. | ||||
| Applies to: Contivity1000 Contivity2000 Contivity4000 Contivity5000 |
Created: 2007-04-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-2036 |
Title: The SNMP implementation in the Cisco Wireless LAN Controller (WLC) before 20070419 uses the default read-only community public, and the default read-write community private, which allows remote attackers to read and modify SNMP variables, aka Bug ID... |
Type: Hardware |
Bulletins:
CVE-2007-2036 SFBID23461 |
Severity: High |
| Description: The SNMP implementation in the Cisco Wireless LAN Controller (WLC) before 20070419 uses the default read-only community public, and the default read-write community private, which allows remote attackers to read and modify SNMP variables, aka Bug ID CSCse02384. | ||||
| Applies to: |
Created: 2007-04-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-2038 |
Title: The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.193.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service (loss of packet forwarding) via (1)... |
Type: Hardware |
Bulletins:
CVE-2007-2038 SFBID23461 |
Severity: Medium |
| Description: The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.193.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service (loss of packet forwarding) via (1) crafted SNAP packets, (2) malformed 802.11 traffic, or (3) packets with certain header length values, aka Bug ID CSCsg36361. | ||||
| Applies to: Cisco WLC 2000 Cisco WLC 2100 Cisco WLC 4100 Cisco WLC 4400 |
Created: 2007-04-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-2039 |
Title: The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.171.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service (loss of packet forwarding) via (1)... |
Type: Hardware |
Bulletins:
CVE-2007-2039 SFBID23461 |
Severity: Medium |
| Description: The Network Processing Unit (NPU) in the Cisco Wireless LAN Controller (WLC) before 3.2.171.5, 4.0.x before 4.0.206.0, and 4.1.x allows remote attackers on a local wireless network to cause a denial of service (loss of packet forwarding) via (1) crafted SNAP packets, (2) malformed 802.11 traffic, or (3) packets with certain header length values, aka Bug IDs CSCsg15901 and CSCsh10841. | ||||
| Applies to: |
Created: 2007-04-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-2041 |
Title: Cisco Wireless LAN Controller (WLC) before 4.0.206.0 saves the WLAN ACL configuration with an invalid checksum, which prevents WLAN ACLs from being loaded at boot time, and might allow remote attackers to bypass intended access restrictions, aka Bug... |
Type: Hardware |
Bulletins:
CVE-2007-2041 SFBID23461 |
Severity: Medium |
| Description: Cisco Wireless LAN Controller (WLC) before 4.0.206.0 saves the WLAN ACL configuration with an invalid checksum, which prevents WLAN ACLs from being loaded at boot time, and might allow remote attackers to bypass intended access restrictions, aka Bug ID CSCse58195. | ||||
| Applies to: Cisco WLC 2100 Cisco WLC 4400 |
Created: 2007-04-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-2037 |
Title: Cisco Wireless LAN Controller (WLC) before 3.2.116.21, and 4.0.x before 4.0.155.0, allows remote attackers on a local network to cause a denial of service (device crash) via malformed Ethernet traffic. |
Type: Hardware |
Bulletins:
CVE-2007-2037 SFBID23461 |
Severity: Low |
| Description: Cisco Wireless LAN Controller (WLC) before 3.2.116.21, and 4.0.x before 4.0.155.0, allows remote attackers on a local network to cause a denial of service (device crash) via malformed Ethernet traffic. | ||||
| Applies to: |
Created: 2007-04-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-2040 |
Title: Cisco Aironet 1000 Series and 1500 Series Lightweight Access Points before 3.2.185.0, and 4.0.x before 4.0.206.0, have a hard-coded password, which allows attackers with physical access to perform arbitrary actions on the device, aka Bug ID CSCsg15192. |
Type: Hardware |
Bulletins:
CVE-2007-2040 SFBID23461 |
Severity: Medium |
| Description: Cisco Aironet 1000 Series and 1500 Series Lightweight Access Points before 3.2.185.0, and 4.0.x before 4.0.206.0, have a hard-coded password, which allows attackers with physical access to perform arbitrary actions on the device, aka Bug ID CSCsg15192. | ||||
| Applies to: |
Created: 2007-04-16 |
Updated: 2024-09-07 |
||
| ID: MITRE:746 |
Title: Word Malformed Data Structures Vulnerability |
Type: Software |
Bulletins:
MITRE:746 CVE-2006-6456 |
Severity: High |
| Description: Unspecified vulnerability in Microsoft Word 2000, 2002, and 2003 and Word Viewer 2003 allows remote attackers to execute code via unspecified vectors related to malformed data structures that trigger memory corruption, a different vulnerability than CVE-2006-5994. | ||||
| Applies to: Microsoft Word |
Created: 2007-04-10 |
Updated: 2024-09-07 |
||
| ID: MITRE:1141 |
Title: FTP Server Response Parsing Memory Corruption Vulnerability |
Type: Web |
Bulletins:
MITRE:1141 CVE-2007-0217 |
Severity: High |
| Description: The wininet.dll FTP client code in Microsoft Internet Explorer 5.01 and 6 might allow remote attackers to execute arbitrary code via an FTP server response of a specific length that causes a terminating null byte to be written outside of a buffer, which causes heap corruption. | ||||
| Applies to: Microsoft Internet Explorer |
Created: 2007-04-10 |
Updated: 2024-09-07 |
||
| ID: MITRE:257 |
Title: COM Object Instantiation Memory Corruption Vulnerability |
Type: Web |
Bulletins:
MITRE:257 CVE-2007-0219 |
Severity: High |
| Description: Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects from (1) Msb1fren.dll, (2) Htmlmm.ocx, and (3) Blnmgrps.dll as ActiveX controls, which allows remote attackers to execute arbitrary code via unspecified vectors, a different issue than CVE-2006-4697. | ||||
| Applies to: Microsoft Internet Explorer 5 Microsoft Internet Explorer 6 Microsoft Internet Explorer 7 |
Created: 2007-04-10 |
Updated: 2024-09-07 |
||
| ID: MITRE:1120 |
Title: COM Object Instantiation Memory Corruption Vulnerability |
Type: Web |
Bulletins:
MITRE:1120 CVE-2006-4697 |
Severity: High |
| Description: Microsoft Internet Explorer 5.01, 6, and 7 uses certain COM objects from Imjpcksid.dll as ActiveX controls, which allows remote attackers to execute arbitrary code via unspecified vectors. NOTE: this issue might be related to CVE-2006-4193. | ||||
| Applies to: Microsoft Internet Explorer |
Created: 2007-04-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-1826 |
Title: Unspecified vulnerability in the IPSec Manager Service for Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allows remote attackers to cause a denial of service (loss of cluster... |
Type: Hardware |
Bulletins:
CVE-2007-1826 SFBID23181 |
Severity: High |
| Description: Unspecified vulnerability in the IPSec Manager Service for Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allows remote attackers to cause a denial of service (loss of cluster services) via a "specific UDP packet" to UDP port 8500, aka bug ID CSCsg60949. | ||||
| Applies to: Unified Callmanager |
Created: 2007-04-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-1833 |
Title: The Skinny Call Control Protocol (SCCP) implementation in Cisco Unified CallManager (CUCM) 3.3 before 3.3(5)SR2a, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3)SR1, and 5.0 before 5.0(4a)SU1 allows remote attackers to cause a denial of service (loss of... |
Type: Hardware |
Bulletins:
CVE-2007-1833 SFBID23181 |
Severity: Medium |
| Description: The Skinny Call Control Protocol (SCCP) implementation in Cisco Unified CallManager (CUCM) 3.3 before 3.3(5)SR2a, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3)SR1, and 5.0 before 5.0(4a)SU1 allows remote attackers to cause a denial of service (loss of voice services) by sending crafted packets to the (1) SCCP (2000/tcp) or (2) SCCPS (2443/tcp) port. | ||||
| Applies to: Unified Callmanager |
Created: 2007-04-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-1834 |
Title: Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allow remote attackers to cause a denial of service (loss of voice services) via a flood of ICMP echo requests, aka bug ID CSCsf12698. |
Type: Hardware |
Bulletins:
CVE-2007-1834 SFBID23181 |
Severity: High |
| Description: Cisco Unified CallManager (CUCM) 5.0 before 5.0(4a)SU1 and Cisco Unified Presence Server (CUPS) 1.0 before 1.0(3) allow remote attackers to cause a denial of service (loss of voice services) via a flood of ICMP echo requests, aka bug ID CSCsf12698. | ||||
| Applies to: Unified Callmanager |
Created: 2007-04-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-1585 |
Title: The Linksys WAG200G with firmware 1.01.01, WRT54GC 2 with firmware 1.00.7, and WRT54GC 1 with firmware 1.03.0 and earlier allow remote attackers to obtain sensitive information (passwords and configuration data) via a packet to UDP port 916. NOTE:... |
Type: Hardware |
Bulletins:
CVE-2007-1585 SFBID23063 |
Severity: Medium |
| Description: The Linksys WAG200G with firmware 1.01.01, WRT54GC 2 with firmware 1.00.7, and WRT54GC 1 with firmware 1.03.0 and earlier allow remote attackers to obtain sensitive information (passwords and configuration data) via a packet to UDP port 916. NOTE: some of these details are obtained from third party information. | ||||
| Applies to: wag200g wrt54gc |
Created: 2007-03-21 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-1467 |
Title: Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace... |
Type: Hardware |
Bulletins:
CVE-2007-1467 SFBID22982 |
Severity: Low |
| Description: Multiple cross-site scripting (XSS) vulnerabilities in (1) PreSearch.html and (2) PreSearch.class in Cisco Secure Access Control Server (ACS), VPN Client, Unified Personal Communicator, MeetingPlace, Unified MeetingPlace, Unified MeetingPlace Express, CallManager, IP Communicator, Unified Video Advantage, Unified Videoconferencing 35xx products, Unified Videoconferencing Manager, WAN Manager, Security Device Manager, Network Analysis Module (NAM), CiscoWorks and related products, Wireless LAN Solution Engine (WLSE), 2006 Wireless LAN Controllers (WLC), and Wireless Control System (WCS) allow remote attackers to inject arbitrary web script or HTML via the text field of the search form. | ||||
| Applies to: Cisco Call Manager |
Created: 2007-03-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-1258 |
Title: Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and the MSFC2, MSFC2a and MSFC3 running in Hybrid Mode on Cisco Catalyst 6000, 6500 and Cisco 7600 series systems; allows remote attackers on a local network segment to cause a... |
Type: Hardware |
Bulletins:
CVE-2007-1258 |
Severity: Medium |
| Description: Unspecified vulnerability in Cisco IOS 12.2SXA, SXB, SXD, and SXF; and the MSFC2, MSFC2a and MSFC3 running in Hybrid Mode on Cisco Catalyst 6000, 6500 and Cisco 7600 series systems; allows remote attackers on a local network segment to cause a denial of service (software reload) via a certain MPLS packet. | ||||
| Applies to: Cisco Catalyst 6000 Cisco Catalyst 6500 Series Switches Cisco Catalyst 7600 |
Created: 2007-03-03 |
Updated: 2024-09-07 |
||
| ID: REF000466 |
Title: P2P Software: SoulSeek Installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: P2P Clients can pose a number of security risks. Even when used legitimately to download only authorized material, P2P clients might still constitute a security issue. P2P networks are huge networks interconnecting all clients together. P2P networks are made up from millions of users sharing and downloading files from each other. While most modern P2P networks use a hash system to ensure file authenticity most searches are performed using string searching and thus a download file might not be what the user thinks it to be, it might be a virus or a Trojan which would threaten network integrity. It might also be a copyright work disguised poorly as something benign thus potentially exposing the company to potential legal issues. P2P Clients also share content off the hard disk with all millions of users on the network. While care might be taken to make sure no confidential data is shared, vulnerability in the P2P client could potentially expose the entire system. Further more a disgruntled employee might use p2p to smuggle confidential data out of the company, or abuse the legitimate use and download copyrighted material. Solution: If P2P technology is needed by the company it might be wise considering running you own network of servers so that better control can be maintained on who has access to the network or what files are circulating. If an alternative can be used it might be advisable to find a more secure way of file distribution. | ||||
| Applies to: SoulSeek |
Created: 2007-03-02 |
Updated: 2010-08-21 |
||
| ID: REF000465 |
Title: P2P Software: Shareaza Installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: P2P Clients can pose a number of security risks. Even when used legitimately to download only authorized material, P2P clients might still constitute a security issue. P2P networks are huge networks interconnecting all clients together. P2P networks are made up from millions of users sharing and downloading files from each other. While most modern P2P networks use a hash system to ensure file authenticity most searches are performed using string searching and thus a download file might not be what the user thinks it to be, it might be a virus or a Trojan which would threaten network integrity. It might also be a copyright work disguised poorly as something benign thus potentially exposing the company to potential legal issues. P2P Clients also share content off the hard disk with all millions of users on the network. While care might be taken to make sure no confidential data is shared, vulnerability in the P2P client could potentially expose the entire system. Further more a disgruntled employee might use p2p to smuggle confidential data out of the company, or abuse the legitimate use and download copyrighted material. Solution: If P2P technology is needed by the company it might be wise considering running you own network of servers so that better control can be maintained on who has access to the network or what files are circulating. If an alternative can be used it might be advisable to find a more secure way of file distribution. | ||||
| Applies to: Shareaza |
Created: 2007-03-02 |
Updated: 2010-08-21 |
||
| ID: REF000464 |
Title: P2P Software: Kazaa Installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: P2P Clients can pose a number of security risks. Even when used legitimately to download only authorized material, P2P clients might still constitute a security issue. P2P networks are huge networks interconnecting all clients together. P2P networks are made up from millions of users sharing and downloading files from each other. While most modern P2P networks use a hash system to ensure file authenticity most searches are performed using string searching and thus a download file might not be what the user thinks it to be, it might be a virus or a Trojan which would threaten network integrity. It might also be a copyright work disguised poorly as something benign thus potentially exposing the company to potential legal issues. P2P Clients also share content off the hard disk with all millions of users on the network. While care might be taken to make sure no confidential data is shared, vulnerability in the P2P client could potentially expose the entire system. Further more a disgruntled employee might use p2p to smuggle confidential data out of the company, or abuse the legitimate use and download copyrighted material. Solution: If P2P technology is needed by the company it might be wise considering running you own network of servers so that better control can be maintained on who has access to the network or what files are circulating. If an alternative can be used it might be advisable to find a more secure way of file distribution. | ||||
| Applies to: Kazaa |
Created: 2007-03-02 |
Updated: 2010-08-21 |
||
| ID: REF000463 |
Title: P2P Software: IMESH Installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: P2P Clients can pose a number of security risks. Even when used legitimately to download only authorized material, P2P clients might still constitute a security issue. P2P networks are huge networks interconnecting all clients together. P2P networks are made up from millions of users sharing and downloading files from each other. While most modern P2P networks use a hash system to ensure file authenticity most searches are performed using string searching and thus a download file might not be what the user thinks it to be, it might be a virus or a Trojan which would threaten network integrity. It might also be a copyright work disguised poorly as something benign thus potentially exposing the company to potential legal issues. P2P Clients also share content off the hard disk with all millions of users on the network. While care might be taken to make sure no confidential data is shared, vulnerability in the P2P client could potentially expose the entire system. Further more a disgruntled employee might use p2p to smuggle confidential data out of the company, or abuse the legitimate use and download copyrighted material. Solution: If P2P technology is needed by the company it might be wise considering running you own network of servers so that better control can be maintained on who has access to the network or what files are circulating. If an alternative can be used it might be advisable to find a more secure way of file distribution. | ||||
| Applies to: IMesh |
Created: 2007-03-02 |
Updated: 2010-08-21 |
||
| ID: REF000462 |
Title: P2P Software: eMule Installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: P2P Clients can pose a number of security risks. Even when used legitimately to download only authorized material, P2P clients might still constitute a security issue. P2P networks are huge networks interconnecting all clients together. P2P networks are made up from millions of users sharing and downloading files from each other. While most modern P2P networks use a hash system to ensure file authenticity most searches are performed using string searching and thus a download file might not be what the user thinks it to be, it might be a virus or a Trojan which would threaten network integrity. It might also be a copyright work disguised poorly as something benign thus potentially exposing the company to potential legal issues. P2P Clients also share content off the hard disk with all millions of users on the network. While care might be taken to make sure no confidential data is shared, vulnerability in the P2P client could potentially expose the entire system. Further more a disgruntled employee might use p2p to smuggle confidential data out of the company, or abuse the legitimate use and download copyrighted material. Solution: If P2P technology is needed by the company it might be wise considering running you own network of servers so that better control can be maintained on who has access to the network or what files are circulating. If an alternative can be used it might be advisable to find a more secure way of file distribution. | ||||
| Applies to: |
Created: 2007-03-02 |
Updated: 2010-08-21 |
||
| ID: REF000461 |
Title: P2P Software: eDonkey 2000 Installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: P2P Clients can pose a number of security risks. Even when used legitimately to download only authorized material, P2P clients might still constitute a security issue. P2P networks are huge networks interconnecting all clients together. P2P networks are made up from millions of users sharing and downloading files from each other. While most modern P2P networks use a hash system to ensure file authenticity most searches are performed using string searching and thus a download file might not be what the user thinks it to be, it might be a virus or a Trojan which would threaten network integrity. It might also be a copyright work disguised poorly as something benign thus potentially exposing the company to potential legal issues. P2P Clients also share content off the hard disk with all millions of users on the network. While care might be taken to make sure no confidential data is shared, vulnerability in the P2P client could potentially expose the entire system. Further more a disgruntled employee might use p2p to smuggle confidential data out of the company, or abuse the legitimate use and download copyrighted material. Solution: If P2P technology is needed by the company it might be wise considering running you own network of servers so that better control can be maintained on who has access to the network or what files are circulating. If an alternative can be used it might be advisable to find a more secure way of file distribution. | ||||
| Applies to: eDonkey 2000 |
Created: 2007-03-02 |
Updated: 2010-08-21 |
||
| ID: REF000460 |
Title: P2P Software: DC++ Installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: P2P Clients can pose a number of security risks. Even when used legitimately to download only authorized material, P2P clients might still constitute a security issue. P2P networks are huge networks interconnecting all clients together. P2P networks are made up from millions of users sharing and downloading files from each other. While most modern P2P networks use a hash system to ensure file authenticity most searches are performed using string searching and thus a download file might not be what the user thinks it to be, it might be a virus or a Trojan which would threaten network integrity. It might also be a copyright work disguised poorly as something benign thus potentially exposing the company to potential legal issues. P2P Clients also share content off the hard disk with all millions of users on the network. While care might be taken to make sure no confidential data is shared, vulnerability in the P2P client could potentially expose the entire system. Further more a disgruntled employee might use p2p to smuggle confidential data out of the company, or abuse the legitimate use and download copyrighted material. Solution: If P2P technology is needed by the company it might be wise considering running you own network of servers so that better control can be maintained on who has access to the network or what files are circulating. If an alternative can be used it might be advisable to find a more secure way of file distribution. | ||||
| Applies to: DC++ |
Created: 2007-03-02 |
Updated: 2010-08-21 |
||
| ID: REF000459 |
Title: P2P Software: BitTorrent Installed |
Type: Software |
Bulletins: | Severity: Low |
| Description: P2P Clients can pose a number of security risks. Even when used legitimately to download only authorized material, P2P clients might still constitute a security issue. P2P networks are huge networks interconnecting all clients together. P2P networks are made up from millions of users sharing and downloading files from each other. While most modern P2P networks use a hash system to ensure file authenticity most searches are performed using string searching and thus a download file might not be what the user thinks it to be, it might be a virus or a Trojan which would threaten network integrity. It might also be a copyright work disguised poorly as something benign thus potentially exposing the company to potential legal issues. P2P Clients also share content off the hard disk with all millions of users on the network. While care might be taken to make sure no confidential data is shared, vulnerability in the P2P client could potentially expose the entire system. Further more a disgruntled employee might use p2p to smuggle confidential data out of the company, or abuse the legitimate use and download copyrighted material. Solution: If P2P technology is needed by the company it might be wise considering running you own network of servers so that better control can be maintained on who has access to the network or what files are circulating. If an alternative can be used it might be advisable to find a more secure way of file distribution. | ||||
| Applies to: BitTorrent |
Created: 2007-03-02 |
Updated: 2010-08-21 |
||
| ID: MITRE:669 |
Title: Windows Media Format ASX Parsing Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:669 CVE-2006-6134 |
Severity: High |
| Description: Heap-based buffer overflow in the WMCheckURLScheme function in WMVCORE.DLL in Microsoft Windows Media Player (WMP) 10.00.00.4036 on Windows XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to cause a denial of service (application crash) and execute arbitrary code via a long HREF attribute, using an unrecognized protocol, in a REF element in an ASX PlayList file. | ||||
| Applies to: Windows Media Format Runtime 7.1 Windows Media Format Runtime 9.0 Windows Media Format Runtime 9.5 |
Created: 2007-02-20 |
Updated: 2024-09-07 |
||
| ID: MITRE:536 |
Title: Windows Media Format ASF Parsing Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:536 CVE-2006-4702 |
Severity: Medium |
| Description: Buffer overflow in the Windows Media Format Runtime in Microsoft Windows Media Player (WMP) 6.4 and Windows XP SP2, Server 2003, and Server 2003 SP1 allows remote attackers to execute arbitrary code via a crafted Advanced Systems Format (ASF) file. | ||||
| Applies to: Windows Media Format Runtime 7.1 Windows Media Format Runtime 9.0 Windows Media Format Runtime 9.5 Windows Media Player 6.4 |
Created: 2007-02-20 |
Updated: 2024-09-07 |
||
| ID: MITRE:313 |
Title: TIF Folder Information Disclosure Vulnerability |
Type: Web |
Bulletins:
MITRE:313 CVE-2006-5577 |
Severity: Medium |
| Description: Microsoft Internet Explorer 6 and earlier allows remote attackers to obtain sensitive information via unspecified uses of the OBJECT HTML tag, which discloses the absolute path of the corresponding TIF folder, aka "TIF Folder Information Disclosure Vulnerability," and a different issue than CVE-2006-5578. | ||||
| Applies to: Microsoft Internet Explorer |
Created: 2007-02-20 |
Updated: 2024-09-07 |
||
| ID: MITRE:337 |
Title: TIF Folder Information Disclosure Vulnerability |
Type: Web |
Bulletins:
MITRE:337 CVE-2006-5578 |
Severity: Low |
| Description: Microsoft Internet Explorer 6 and earlier allows remote attackers to read Temporary Internet Files (TIF) and obtain sensitive information via unspecified vectors involving certain drag and drop operations, aka "TIF Folder Information Disclosure Vulnerability," and a different issue than CVE-2006-5577. | ||||
| Applies to: Microsoft Internet Explorer |
Created: 2007-02-20 |
Updated: 2024-09-07 |
||
| ID: MITRE:761 |
Title: Script Error Handling Memory Corruption Vulnerability |
Type: Web |
Bulletins:
MITRE:761 CVE-2006-5579 |
Severity: High |
| Description: Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using JavaScript to cause certain errors simultaneously, which results in the access of previously freed memory, aka "Script Error Handling Memory Corruption Vulnerability." | ||||
| Applies to: Microsoft Internet Explorer |
Created: 2007-02-20 |
Updated: 2024-09-07 |
||
| ID: MITRE:116 |
Title: DHTML Script Function Memory Corruption Vulnerability |
Type: Web |
Bulletins:
MITRE:116 CVE-2006-5581 |
Severity: High |
| Description: Unspecified vulnerability in Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code via certain DHTML script functions, such as normalize, and "incorrectly created elements" that trigger memory corruption, aka "DHTML Script Function Memory Corruption Vulnerability." | ||||
| Applies to: Microsoft Internet Explorer |
Created: 2007-02-20 |
Updated: 2024-09-07 |
||
| ID: REF000454 |
Title: Config shadow: incorrect file premissions |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: the shadow file has incorrect permissions. Consider setting the permissions to '400' or '-r--------' and owner/group to '0:0'. | ||||
| Applies to: |
Created: 2007-02-16 |
Updated: 2010-08-21 |
||
| ID: REF000458 |
Title: Config passwd: incorrect file permissions |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: the passwd file has incorrect permissions. Consider setting the permissions to '644' or '-rw-r--r--' and owner/group to '0:0'. | ||||
| Applies to: |
Created: 2007-02-16 |
Updated: 2010-08-21 |
||
| ID: REF000456 |
Title: Config LILO: no password configured |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: lilo boot manager has no password set. Consider configuring a password to avoid overriding the boot settings. | ||||
| Applies to: |
Created: 2007-02-16 |
Updated: 2010-08-21 |
||
| ID: REF000457 |
Title: Config INIT: pasword-less single user mode |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2007-02-16 |
Updated: 2010-08-21 |
||
| ID: REF000455 |
Title: Config GRUB: no password configured |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: grub boot manager has no password set. Consider configuring a password to avoid overriding the boot settings. | ||||
| Applies to: |
Created: 2007-02-16 |
Updated: 2010-08-21 |
||
| ID: REF000451 |
Title: Config PAM: password strenght checking not configured |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: pluggable authentication modules pam_cracklib.so password strenght checking not configured. | ||||
| Applies to: |
Created: 2007-02-15 |
Updated: 2010-08-21 |
||
| ID: REF000450 |
Title: Config PAM: minimum password lenght less than 6 |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: pluggable authentication modules pam_unix.so or pam_cracklib.so minimum password lenght is less than 6. Consider increasing the minimum password lenght. | ||||
| Applies to: |
Created: 2007-02-15 |
Updated: 2010-08-21 |
||
| ID: REF000452 |
Title: Config PAM: empty passwords enabled |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: pluggable authentication modules pam_unix.so empty passwords enabled. Consider removing 'nullok' form the pam_unix.so config line in /etc/pam.d/common-password. | ||||
| Applies to: |
Created: 2007-02-15 |
Updated: 2010-08-21 |
||
| ID: REF000453 |
Title: Config PAM: difference between paswords less than 6 |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: pluggable authentication modules pam_cracklib.so minimum required difference between passwords is less than 6 characters. Consider increasing this value. | ||||
| Applies to: |
Created: 2007-02-15 |
Updated: 2010-08-21 |
||
| ID: REF000431 |
Title: Config GDM: remote root login enabled |
Type: Services |
Bulletins: | Severity: Low |
| Description: GDM login manager remote root login enabled. If you don't need this feature, set 'AllowRemoteRoot=false'. | ||||
| Applies to: |
Created: 2007-02-15 |
Updated: 2010-08-21 |
||
| ID: REF000449 |
Title: Config GDM: remote logins enabled |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: GDM login manager remote logins enabled. If you don't need this feature, set 'Enable=false' in /etc/X11/gdm/gfm.conf. | ||||
| Applies to: |
Created: 2007-02-15 |
Updated: 2010-08-21 |
||
| ID: REF000448 |
Title: Config GDM: remote autologin enabled |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: GDM login manager remote autologin enabled. If you don't need this feature, set 'AllowRemoteAutoLogin=false'. | ||||
| Applies to: |
Created: 2007-02-15 |
Updated: 2010-08-21 |
||
| ID: REF000403 |
Title: Config VSFTPd: upload enabled |
Type: FTP |
Bulletins: | Severity: Low |
| Description: VSFTPd upload enabled. If you don't need this feature, set 'write_enable=NO'. | ||||
| Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
||
| ID: REF000404 |
Title: Config VSFTPd: anonymous upload enabled |
Type: FTP |
Bulletins: | Severity: Low |
| Description: VSFTPd anonymous upload enabled. If you don't need this feature, set 'anon_upload_enable=NO'. | ||||
| Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
||
| ID: REF000402 |
Title: Config VSFTPd: anonymous login enabled |
Type: FTP |
Bulletins: | Severity: Low |
| Description: VSFTPd anonymous login enabled. If you don't need this feature, set 'anonymous_enable=NO'. | ||||
| Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
||
| ID: REF000428 |
Title: Config SSHd: using default port |
Type: Services |
Bulletins: | Severity: Low |
| Description: SSH service is running on the default port 22. Consider changing the port to avoid automated attacks. | ||||
| Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
||
| ID: REF000429 |
Title: Config SSHd: protocol 1 enabled |
Type: Services |
Bulletins: | Severity: Low |
| Description: SSH protocol 1 enabled. If you don't need this functionality, set 'Protocol 2'. | ||||
| Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
||
| ID: REF000427 |
Title: Config SSHd: .rhosts and .shosts enabled |
Type: Services |
Bulletins: | Severity: Low |
| Description: use of .rhost and .shost files is enabled. If you don't need this functionality, set 'IgnoreRhosts yes'. | ||||
| Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
||
| ID: REF000430 |
Title: Config SSH: protocol 1 enabled |
Type: Services |
Bulletins: | Severity: Low |
| Description: SSH protocol 1 enabled. If you don't need this functionality, set 'Protocol 2'. | ||||
| Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
||
| ID: REF000437 |
Title: Config shadow: weak encryption detected |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: Some or all of the passwords in /etc/shadow are not encrypted using SHA-256/512 or stronger encryption Algorithms | ||||
| Applies to: |
Created: 2007-02-14 |
Updated: 2016-07-21 |
||
| ID: REF000447 |
Title: Config passwd: no shadow file detected |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: shadow file not found. Consider configuring a shadow file for password storage. | ||||
| Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
||
| ID: REF000446 |
Title: Config passwd: multiple root accounts |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: file /etc/passwd contains user with ID:0 other than root. Make sure this is a legal account. | ||||
| Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
||
| ID: REF000442 |
Title: Config KDM: shutdown by everybody enabled |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: KDM login manager allows shutdown to everybody. If you don't need this functionality, set 'AllowShutdown=None'. | ||||
| Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
||
| ID: REF000441 |
Title: Config KDM: root login enabled |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: KDM login manager root login enabled. If you don't need this functionality, set 'AllowRootLogin=false'. | ||||
| Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
||
| ID: REF000439 |
Title: Config KDM: password-less login enabled |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: KDM login manager password-less login enabled. If you don't need this functionality, set 'NoPassEnabled=false'. | ||||
| Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
||
| ID: REF000440 |
Title: Config KDM: empty password login enabled |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: KDM login manager empty password login enabled. If you don't need this functionality, set 'AllowNullPasswd=false'. | ||||
| Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
||
| ID: REF000438 |
Title: Config KDM: autologin enabled |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: KDM login manager autologin enabled. If you don't need this functionality, set 'AutoLoginEnabled=false'. | ||||
| Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
||
| ID: REF000445 |
Title: Config GDM: shutdown by everbody enabled |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: GDM login manager allows shutdown to everybody. If you don't need this feature, set 'SystemMenu=false'. | ||||
| Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
||
| ID: REF000444 |
Title: Config GDM: root login enabled |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: GDM login manager root login enabled. If you don't need this feature, set 'AllowRoot=false'. | ||||
| Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
||
| ID: REF000443 |
Title: Config GDM: autologin enabled |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: GDM login manager autologin enabled. If you don't need this feature, set 'AutomaticLoginEnable=false'. | ||||
| Applies to: |
Created: 2007-02-14 |
Updated: 2010-08-21 |
||
| ID: CVE-2007-0917 |
Title: The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to 12.3T allows remote attackers to bypass IPS signatures that use regular expressions via fragmented packets. |
Type: Hardware |
Bulletins:
CVE-2007-0917 SFBID22549 |
Severity: Medium |
| Description: The Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XE to 12.3T allows remote attackers to bypass IPS signatures that use regular expressions via fragmented packets. | ||||
| Applies to: |
Created: 2007-02-13 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-0918 |
Title: The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations... |
Type: Hardware |
Bulletins:
CVE-2007-0918 SFBID22549 |
Severity: High |
| Description: The ATOMIC.TCP signature engine in the Intrusion Prevention System (IPS) feature for Cisco IOS 12.4XA, 12.3YA, 12.3T, and other trains allows remote attackers to cause a denial of service (IPS crash and traffic loss) via unspecified manipulations that are not properly handled by the regular expression feature, as demonstrated using the 3123.0 (Netbus Pro Traffic) signature. | ||||
| Applies to: |
Created: 2007-02-13 |
Updated: 2024-09-07 |
||
| ID: REF000383 |
Title: GFI EndPointSecurity Report |
Type: Services |
Bulletins: | Severity: High |
| Description: This check generates a report regarding the status of GFI EndPointSecurity and EndPointSecurity Agent. This report is created on the GFI LANguard Network Security Scanner directory on Data\Reports\ESEC-Network-Report.csv. EndPointSecurity controls entry and exit of data via USB sticks, iPods, PDAs and other devices. For more information, visit http://www.gfi.com/endpointsecurity | ||||
| Applies to: GFI EndPointSecurity |
Created: 2007-02-13 |
Updated: 2010-08-21 |
||
| ID: REF000382 |
Title: GFI EndPointSecurity agent missing |
Type: Services |
Bulletins: | Severity: High |
| Description: The GFI EndPointSecurity agent is not installed on this machine. EndPointSecurity controls entry and exit of data via USB sticks, iPods, PDAs and other devices. For more information, visit http://www.gfi.com/endpointsecurity | ||||
| Applies to: GFI EndPointSecurity |
Created: 2007-02-13 |
Updated: 2010-08-21 |
||
| ID: CVE-2006-1249 |
Title: SANS06C5: Multiple iTunes and QuickTime for Mac Vulnerabilities |
Type: Software |
Bulletins:
CVE-2006-1249 CVE-2005-4092 CVE-2005-3713 CVE-2006-2238 CVE-2006-1456 CVE-2005-3711 CVE-2005-3710 CVE-2005-3709 CVE-2005-3708 CVE-2005-3707 CVE-2005-2340 CVE-2005-2743 SFBID17074 SFBID15732 SFBID17953 SFBID16202 |
Severity: High |
| Description: Multiple vulnerabilities exist in QuickTime Player versions before 7.0.4, and in iTunes 6.0.2 and earlier. These include integer overflow, and heap-based buffer overflows. It is recommended to update to the latest versions of these products. | ||||
| Applies to: iTunes and QuickTime |
Created: 2007-02-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-5084 |
Title: SANS06C4: Skype for Mac 1.5.*.79 and earlier vulnerable to DoS or remote code execution. |
Type: Software |
Bulletins:
CVE-2006-5084 SFBID20218 |
Severity: High |
| Description: In some circumstances, a Skype URL can be crafted that, if followed, could cause the execution of arbitrary code on the platform on which Skype is running. It is recommended to update to Skype version 1.5.*.80 or later. | ||||
| Applies to: Skype |
Created: 2007-02-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-3505 |
Title: SANS06M1: WebKit in Apple Mac OS X 10.3.9 and 10.4.7 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code. |
Type: Web |
Bulletins:
CVE-2006-3505 SFBID19289 |
Severity: High |
| Description: A maliciously-crafted HTML document could cause a previously deallocated object to be accessed. This may lead to an application crash or arbitrary code execution. It is recommended to install Apple Security Update 2006-004 or update to the latest Mac OS X version. More information regarding this update may be obtained from http://docs.info.apple.com/article.html?artnum=304063 | ||||
| Applies to: WebKit |
Created: 2007-02-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-3946 |
Title: SANS06M1: WebCore in Apple Mac OS X 10.4 through 10.4.7 allows remote attackers to cause a denial of service |
Type: Web |
Bulletins:
CVE-2006-3946 SFBID19250 |
Severity: High |
| Description: A memory management error in WebKit's handling of certain HTML could allow a malicious web site to cause a crash or potentially execute arbitrary code as the user viewing the site. It is recommended to update to Mac OS X version 10.4.8 or later. | ||||
| Applies to: WebCore |
Created: 2007-02-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-3946 |
Title: SANS06M1: WebCore in Apple Mac OS X 10.3.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code. |
Type: Web |
Bulletins:
CVE-2006-3946 SFBID19250 |
Severity: High |
| Description: A memory management error in WebKit's handling of certain HTML could allow a malicious web site to cause a crash or potentially execute arbitrary code as the user viewing the site. It is recommended to install Apple Security Update 2006-006. More information regarding this update can be obtained from http://docs.info.apple.com/article.html?artnum=304460 | ||||
| Applies to: WebCore |
Created: 2007-02-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-0848 |
Title: SANS06M1: Vulnerability in Safari and LaunchServices can lead to remote code exencution. |
Type: Web |
Bulletins:
CVE-2006-0848 |
Severity: Medium |
| Description: It is possible to construct a file which appears to be a safe file type, such as an image or movie, but is actually an application. When the "Open `safe' files after downloading" option is enabled in Safari's General preferences, visiting a malicious web site may result in the automatic download and execution of such a file. A proof-of-concept has been detected on public web sites that demonstrates the automatic execution of shell scripts. It is recommended to install Apple Security Update 2006-001 or update to the latest version of Mac OS X. More information about this update can be obtained from http://docs.info.apple.com/article.html?artnum=303382 | ||||
| Applies to: LaunchServices |
Created: 2007-02-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-4394 |
Title: SANS06M1: Vulnerability in LoginWindow in Apple Mac OS X 10.4 through 10.4.7, allows network accounts without GUIDs to bypass service access controls. |
Type: Software |
Bulletins:
CVE-2006-4394 SFBID20271 |
Severity: High |
| Description: Service access controls can be used to restrict which users are allowed to log in to a system via loginwindow. A logic error in loginwindow allows network accounts without GUIDs to bypass service access controls. This issue only affects systems that have been configured to use service access controls for loginwindow and to allow network accounts to authenticate users without a GUID. It is recommended to update to Mac OS X version 10.4.8 or later. | ||||
| Applies to: LoginWindow |
Created: 2007-02-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-0397 |
Title: SANS06M1: Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 |
Type: Web |
Bulletins:
CVE-2006-0397 CVE-2006-0398 CVE-2006-0399 |
Severity: High |
| Description: Unspecified vulnerability in Safari, LaunchServices, and/or CoreTypes in Apple Mac OS X 10.4 up to 10.4.5 allows attackers to trick a user into opening an application that appears to be a safe file type. It is recommended to install Apple Security Update 2006-002 or update to the latest Mac OS X release. More information regarding this update can be obtained from http://docs.info.apple.com/article.html?artnum=303453 | ||||
| Applies to: Safari |
Created: 2007-02-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-2516 |
Title: SANS06M1: Safari in Mac OS X 10.3.9 and 10.4.2 allows remote attackers to execute arbitrary commands. |
Type: Web |
Bulletins:
CVE-2005-2516 |
Severity: High |
| Description: Safari in Mac OS X 10.3.9 and 10.4.2, when rendering Rich Text Format (RTF) files, can directly access URLs without performing the normal security checks, which allows remote attackers to execute arbitrary commands. It is recommended to install Apple Security Update 2005-007 or update to the latest Mac OS X release. More information regarding this update can be obtained from http://docs.info.apple.com/article.html?artnum=302163 | ||||
| Applies to: Safari |
Created: 2007-02-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-1450 |
Title: SANS06M1: Multiple vulnerabilities in Mail in Apple Mac OS X 10.3.9 and 10.4.6 |
Type: |
Bulletins:
CVE-2006-1450 CVE-2006-1449 SFBID17951 |
Severity: High |
| Description: Multiple vulnerabilities exist in Mail in Apple Mac OS X 10.3.9 and 10.4.6 which can allow execution of arbitrary code. It is recommended to install Security Update 2006-003 or the latest version of Mac OS X. More information about this update can be obtained from http://docs.info.apple.com/article.html?artnum=303737. | ||||
| Applies to: |
Created: 2007-02-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-3705 |
Title: SANS06M1: Heap-based buffer overflow in WebKit in Mac OS X and OS X Server 10.3.9 and 10.4.3, allows remote attackers to execute arbitrary code. |
Type: Web |
Bulletins:
CVE-2005-3705 SFBID15647 |
Severity: High |
| Description: WebKit contains a heap overflow that may lead to the execution of arbitrary code. This may be triggered by content downloaded from malicious web sites in applications that use WebKit such as Safari. It is recommended to install Apple Security Update 2005-009 or update to the latest Mac OS X version. More information regarding this update can be obtained from http://docs.info.apple.com/article.html?artnum=302847 | ||||
| Applies to: Safari |
Created: 2007-02-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-3498 |
Title: SANS06M1: Buffer overflow in the DHCP component for Apple Mac OS X 10.3.9 and 10.4.7 and earlier |
Type: Services |
Bulletins:
CVE-2006-3498 SFBID19289 |
Severity: High |
| Description: Stack-based buffer overflow in bootpd in the DHCP component for Apple Mac OS X 10.3.9 and 10.4.7 and earlier allows remote attackers to execute arbitrary code via a crafted BOOTP request. It is recommended to install Apple Security Update 2006-004 or update to the latest version of Mac OS X. More information about this update can be obtained from http://docs.info.apple.com/article.html?artnum=304063 | ||||
| Applies to: Mac OS X |
Created: 2007-02-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-2518 |
Title: SANS06M1: Buffer overflow in servermgrd in Mac OS X Server 10.4.2 and earlier |
Type: Software |
Bulletins:
CVE-2005-2518 |
Severity: High |
| Description: A buffer overflow in the handling of authentication can lead to arbitrary code execution by a remote attacker. This vulnerability is present in Mac OS X Server 10.4 to 10.4.2. It is recommended to install Apple Security Update 2005-007 or update to the latest version of Mac OS X. More information about this update can be obtained from http://docs.info.apple.com/article.html?artnum=302163 | ||||
| Applies to: servermgrd |
Created: 2007-02-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-1987 |
Title: SANS06M1: Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via an invalid FRAME tag. |
Type: Web |
Bulletins:
CVE-2006-1987 SFBID17634 |
Severity: High |
| Description: Apple Safari 2.0.3 allows remote attackers to cause a denial of service and possibly execute code via an invalid FRAME tag, possibly due to (1) multiple SCROLLING attributes with no values, or (2) a SRC attribute with no value. It is recommended to update Safari by installing Apple Security Update 2006-004 or updating to the latest Mac OS X release. More information regarding this update can be obtained from http://docs.info.apple.com/article.html?artnum=304063 | ||||
| Applies to: Safari |
Created: 2007-02-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-1469 |
Title: SANS06M1: Multiple Vulnerabilities in ImageIO |
Type: Software |
Bulletins:
CVE-2006-1469 CVE-2006-1982 CVE-2005-2747 SFBID18731 SFBID17634 SFBID17951 SFBID14914 |
Severity: High |
| Description: Multiple vulnerabilities exist in ImageIO in Mac OS X versions 10.4 to 10.4.6. It is recommended to update to version 10.4.7 or later immediately. | ||||
| Applies to: Mac OS X |
Created: 2007-02-08 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-0384 |
Title: SANS06M1: automount in Mac OS X 10.4.5 and earlier vulnerable to denial of service or execution of arbitrary code. |
Type: Software |
Bulletins:
CVE-2006-0384 SFBID16907 |
Severity: High |
| Description: File servers on the local network may be able to cause Mac OS X systems to mount file systems with reserved names. This could cause the systems to become unresponsive, or possibly allow arbitrary code delivered from the file servers to run on the target system. It is recommended to install Security Update 2006-001 or update to the latest Mac OS X version. | ||||
| Applies to: automount |
Created: 2007-02-08 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-3507 |
Title: SANS06M1: Multiple vulnerabilities in AirPort wireless driver |
Type: Software |
Bulletins:
CVE-2006-3507 CVE-2006-3508 CVE-2006-3509 SFBID20144 |
Severity: High |
| Description: Multiple vulnerabilities exist in AirPort wireless driver on Apple Mac OS X 10.3.9 and 10.4.7 and earlier. It is recommended to install AirPort Update 2006-001 and Security Update 2006-005 on this machine or update to the latest Mac OS X version. More information about these updates can be obtained from http://docs.info.apple.com/article.html?artnum=304420 | ||||
| Applies to: Mac OS X |
Created: 2007-02-07 |
Updated: 2024-09-07 |
||
| ID: REF000409 |
Title: Config SSHd: X11 forwarding enabled |
Type: Services |
Bulletins: | Severity: Low |
| Description: X11 forwarding over ssh is enabled. If you don't need this functionality, set 'X11Forwarding no'. | ||||
| Applies to: |
Created: 2007-02-07 |
Updated: 2010-08-21 |
||
| ID: REF000408 |
Title: Config SSHd: root login permited |
Type: Services |
Bulletins: | Severity: Low |
| Description: root SSH logins are permitted. If you don't need this functionality, set 'PermitRootLogin no'. | ||||
| Applies to: |
Created: 2007-02-07 |
Updated: 2010-08-21 |
||
| ID: REF000410 |
Title: Config SSHd: empty passwords permited |
Type: Services |
Bulletins: | Severity: Low |
| Description: SSH logins with empty passwords are permitted. If you don't need this functionality, set 'PermitEmptyPasswords no'. | ||||
| Applies to: |
Created: 2007-02-07 |
Updated: 2010-08-21 |
||
| ID: REF000436 |
Title: Config shadow: empty password detected |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: password file /etc/shadow contains an empty password | ||||
| Applies to: |
Created: 2007-02-07 |
Updated: 2010-08-21 |
||
| ID: REF000412 |
Title: Config SElinux: not in strict mode |
Type: Services |
Bulletins: | Severity: Low |
| Description: SElinux is in targeted mode. Consider switching to strict mode. | ||||
| Applies to: |
Created: 2007-02-07 |
Updated: 2010-08-21 |
||
| ID: REF000411 |
Title: Config SElinux: not in enforcing mode |
Type: Services |
Bulletins: | Severity: Low |
| Description: SElinux is disabled or in permissive mode. Consider switching to enforcing mode. | ||||
| Applies to: |
Created: 2007-02-07 |
Updated: 2010-08-21 |
||
| ID: REF000407 |
Title: Service running: SSH |
Type: Services |
Bulletins: | Severity: Low |
| Description: If this computer is not administered via secure shell, the SSH service is most likely unnecessary. | ||||
| Applies to: |
Created: 2007-02-06 |
Updated: 2010-08-21 |
||
| ID: REF000433 |
Title: Config BIND: allow-update not specified |
Type: DNS |
Bulletins: | Severity: Low |
| Description: allow-update keyword specifies who can do zone updates on this dns server. | ||||
| Applies to: |
Created: 2007-02-05 |
Updated: 2010-08-21 |
||
| ID: REF000434 |
Title: Config BIND: allow-transfer not specified |
Type: DNS |
Bulletins: | Severity: Low |
| Description: allow-transfer keyword specifies who can do zone transfers from this dns server. | ||||
| Applies to: |
Created: 2007-02-05 |
Updated: 2010-08-21 |
||
| ID: REF000435 |
Title: Config BIND: allow-recursion not specified |
Type: DNS |
Bulletins: | Severity: Low |
| Description: allow-recursion keyword specifies who can do recursive queries on this dns server. The dns recursive queries are available to everyone by default. It's recomended to restrict access if this is not a public dns server. | ||||
| Applies to: |
Created: 2007-02-05 |
Updated: 2010-08-21 |
||
| ID: REF000432 |
Title: Config BIND: allow-query not specified |
Type: DNS |
Bulletins: | Severity: Low |
| Description: allow-recursion keyword specifies who can do queries on this dns server. The dns service is available to everyone by default. It's recomended to restrict access if this is not an authoritative dns server. | ||||
| Applies to: |
Created: 2007-02-05 |
Updated: 2010-08-21 |
||
| ID: REF000415 |
Title: Service running: Telnet |
Type: Services |
Bulletins: | Severity: Low |
| Description: If this is not a Telnet server, this service is most likely unnecessary. Telnet is an obsolete and insecure service, use SSH instead. | ||||
| Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
||
| ID: REF000422 |
Title: Service running: SWAT |
Type: Services |
Bulletins: | Severity: Low |
| Description: If this is not a SAMBA file server, this service is most likely unnecessary. | ||||
| Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
||
| ID: REF000416 |
Title: Service running: SMTP |
Type: Services |
Bulletins: | Severity: Low |
| Description: If this is not a SMTP mail server, the SMTP service is most likely unnecessary. | ||||
| Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
||
| ID: REF000425 |
Title: Service running: SAMBA SMB |
Type: Services |
Bulletins: | Severity: Low |
| Description: If this is not a SAMBA file server, the SMB service is most likely unnecessary. | ||||
| Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
||
| ID: REF000426 |
Title: Service running: SAMBA NMB |
Type: Services |
Bulletins: | Severity: Low |
| Description: | ||||
| Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
||
| ID: REF000424 |
Title: Service running: PostgeSQL |
Type: Services |
Bulletins: | Severity: Low |
| Description: If this is not a database server, the PostgreSQL service is most likely unnecessary. | ||||
| Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
||
| ID: REF000420 |
Title: Service running: POP3 |
Type: Services |
Bulletins: | Severity: Low |
| Description: If this is not a POP mail server, the POP3 service is most likely unnecessary. | ||||
| Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
||
| ID: REF000423 |
Title: Service running: MySQL |
Type: Services |
Bulletins: | Severity: Low |
| Description: If this is not a database server, the MySQL service is most likely unnecessary. | ||||
| Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
||
| ID: REF000421 |
Title: Service running: IMAP4 |
Type: Services |
Bulletins: | Severity: Low |
| Description: If this is not an IMAP mail server, the IMAP4 service is most likely unnecessary. | ||||
| Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
||
| ID: REF000419 |
Title: Service running: HTTPS |
Type: Services |
Bulletins: | Severity: Low |
| Description: If this is not a secure web server, the HTTPS service is most likely unnecessary. | ||||
| Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
||
| ID: REF000406 |
Title: Service running: HTTP |
Type: Services |
Bulletins: | Severity: Low |
| Description: If this is not an web server, the HTTP service is most likely unnecessary. | ||||
| Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
||
| ID: REF000414 |
Title: Service running: FTP |
Type: Services |
Bulletins: | Severity: Low |
| Description: If this is not a FTP server, the FTP service is most likely unnecessary. FTP is very problematic and insecure service, use HTTP, HTTPS or SFTP instead. | ||||
| Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
||
| ID: REF000413 |
Title: Service running: Finger |
Type: Services |
Bulletins: | Severity: Low |
| Description: If this is not an Finger server, this service is most likely unnecessary. Finger is an obsolete and insecure service, use LDAP directory services instead. | ||||
| Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
||
| ID: REF000417 |
Title: Service running: DNS |
Type: Services |
Bulletins: | Severity: Low |
| Description: If this is not a internet domain name server, the DNS service is most likely unnecessary. | ||||
| Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
||
| ID: REF000418 |
Title: Service running: CUPS |
Type: Services |
Bulletins: | Severity: Low |
| Description: If this is not a CUPS print server, the CUPS server service is most likely unnecessary. | ||||
| Applies to: |
Created: 2007-01-31 |
Updated: 2010-08-21 |
||
| ID: CVE-2007-0648 |
Title: Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session Initiated Protocol (SIP) configured, allows remote attackers to cause a denial of service (crash) by sending a crafted packet to port 5060/UDP. |
Type: Hardware |
Bulletins:
CVE-2007-0648 SFBID22330 |
Severity: High |
| Description: Cisco IOS after 12.3(14)T, 12.3(8)YC1, 12.3(8)YG, and 12.4, with voice support and without Session Initiated Protocol (SIP) configured, allows remote attackers to cause a denial of service (crash) by sending a crafted packet to port 5060/UDP. | ||||
| Applies to: |
Created: 2007-01-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2007-0199 |
Title: The Data-link Switching (DLSw) feature in Cisco IOS 11.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via "an invalid value in a DLSw message... during the capabilities exchange." |
Type: Hardware |
Bulletins:
CVE-2007-0199 SFBID21990 |
Severity: Medium |
| Description: The Data-link Switching (DLSw) feature in Cisco IOS 11.0 through 12.4 allows remote attackers to cause a denial of service (device reload) via "an invalid value in a DLSw message... during the capabilities exchange." | ||||
| Applies to: |
Created: 2007-01-11 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-2313 |
Title: SANS06C2: PostgreSQL 8.1 SQL injection vulnerability |
Type: Services |
Bulletins:
CVE-2006-2313 CVE-2006-2313 SFBID18092 |
Severity: High |
| Description: PostgreSQL 8.1.x before 8.1.4 allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, aka one variant of "Encoding-Based SQL Injection." | ||||
| Applies to: |
Created: 2006-12-20 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-6538 |
Title: D-LINK DWL-2000AP+ firmware 2.11 allows remote attackers to cause (1) a denial of service (device reset) via a flood of ARP replies on the wired or wireless (radio) link and (2) a denial of service (device crash) via a flood of ARP requests on the... |
Type: Hardware |
Bulletins:
CVE-2006-6538 |
Severity: High |
| Description: D-LINK DWL-2000AP+ firmware 2.11 allows remote attackers to cause (1) a denial of service (device reset) via a flood of ARP replies on the wired or wireless (radio) link and (2) a denial of service (device crash) via a flood of ARP requests on the wireless link. | ||||
| Applies to: DWL-2000AP |
Created: 2006-12-13 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-2753 |
Title: SANS06C2: SQL Injection vulnerability in MySQL 5.0.x |
Type: Services |
Bulletins:
CVE-2006-2753 SFBID18219 |
Severity: High |
| Description: SQL injection vulnerability in MySQL 5.0.x before 5.0.22 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input. | ||||
| Applies to: MySQL 5 |
Created: 2006-12-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-2753 |
Title: SANS06C2: SQL Injection vulnerability in MySQL 4.1.x |
Type: Services |
Bulletins:
CVE-2006-2753 SFBID18219 |
Severity: High |
| Description: SQL injection vulnerability in MySQL 4.1.x before 4.1.20 allows context-dependent attackers to execute arbitrary SQL commands via crafted multibyte encodings in character sets such as SJIS, BIG5, and GBK, which are not properly handled when the mysql_real_escape function is used to escape the input. | ||||
| Applies to: MySQL 4.1 |
Created: 2006-12-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-2313 |
Title: SANS06C2: PostgreSQL 8.0 SQL injection vulnerability |
Type: Services |
Bulletins:
CVE-2006-2313 CVE-2006-2313 SFBID18092 |
Severity: High |
| Description: PostgreSQL 8.0.x before 8.0.8 allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, aka one variant of "Encoding-Based SQL Injection." | ||||
| Applies to: |
Created: 2006-12-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-2313 |
Title: SANC06C2: PostgreSQL 8.0 SQL injection vulnerability |
Type: Services |
Bulletins:
CVE-2006-2313 CVE-2006-2313 SFBID18092 |
Severity: High |
| Description: PostgreSQL 8.0.x before 8.0.8 allows context-dependent attackers to bypass SQL injection protection methods in applications via invalid encodings of multibyte characters, aka one variant of "Encoding-Based SQL Injection." | ||||
| Applies to: |
Created: 2006-12-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-3641 |
Title: SANS06C2: Multiple vulnerabilities in Oracle Database 9i |
Type: Services |
Bulletins:
CVE-2005-3641 CVE-2006-0256 CVE-2006-0257 CVE-2006-0258 CVE-2006-0260 CVE-2006-0261 CVE-2006-0262 CVE-2006-0263 CVE-2006-0265 CVE-2006-0266 CVE-2006-0267 CVE-2006-0268 CVE-2006-0271 CVE-2006-0272 CVE-2006-0282 CVE-2006-0290 CVE-2006-0286 CVE-2006-0285 SFBID15450 SFBID16287 SFBID17590 |
Severity: High |
| Description: Multiple vulnerabilities exist in some versions of Oracle Database Server 9i. It is recommended to update to the latest versions or apply the latest patches. | ||||
| Applies to: Oracle Database 9 |
Created: 2006-12-11 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-3641 |
Title: SANS06C2: Multiple vulnerabilities in Oracle Database 10g |
Type: Services |
Bulletins:
CVE-2005-3641 CVE-2005-3641 CVE-2006-0257 CVE-2006-0259 CVE-2006-0259 CVE-2006-0261 CVE-2006-0262 CVE-2006-0263 CVE-2006-0265 CVE-2006-0266 CVE-2006-0267 CVE-2006-0268 CVE-2006-0269 CVE-2006-0270 CVE-2006-0271 CVE-2006-0271 CVE-2006-0272 CVE-2006-0282 SFBID15450 SFBID16287 SFBID16384 SFBID17590 SFBID16294 SFBID19054 |
Severity: High |
| Description: Multiple vulnerabilities exist in some versions of Oracle Database Server 10g. It is recommended to update to the latest versions or apply the latest patches. | ||||
| Applies to: Oracle Database 10 |
Created: 2006-12-06 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-5478 |
Title: SANS07S6: Multiple vulnerabilities in Novell eDirectory 8.x |
Type: Software |
Bulletins:
CVE-2006-5478 CVE-2006-4509 CVE-2006-4510 CVE-2006-4177 CVE-2006-2496 SFBID20655 SFBID20853 SFBID20663 SFBID20664 SFBID18026 |
Severity: High |
| Description: Multiple vulnerabilities exist in Novell eDirectory 8.8.x before 8.8.1 FTF1, and 8.x up to 8.7.3.8. These include overflow attacks that allow remote code execution and denial of service. | ||||
| Applies to: |
Created: 2006-12-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-0992 |
Title: SANS07S6: Stack-based buffer overflow in Novell GroupWise Messenger |
Type: Software |
Bulletins:
CVE-2006-0992 SFBID17503 |
Severity: High |
| Description: Stack-based buffer overflow in Novell GroupWise Messenger before 2.0 Public Beta 2 allows remote attackers to execute arbitrary code via a long Accept-Language value without a comma or semicolon. | ||||
| Applies to: |
Created: 2006-12-01 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-1928 |
Title: SANS07C6: Multiple vulnerabilities in Trend Micro ServerProtect EarthAgent 5.58 and earlier |
Type: Software |
Bulletins:
CVE-2005-1928 CVE-2005-1929 SFBID15865 SFBID15866 SFBID15868 |
Severity: High |
| Description: Multiple vulnerabilities exist in Trend Micro ServerProtect EarthAgent versions 5.58 and earlier. These include multiple heap-based buffer overflows and denial of service. | ||||
| Applies to: Trend Micro ServerProtect |
Created: 2006-11-30 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-0323 |
Title: SANS06C5: Buffer overflow in swfformat.dll in Real Rhapsody 3 |
Type: Software |
Bulletins:
CVE-2006-0323 SFBID17202 |
Severity: High |
| Description: Buffer overflow in swfformat.dll in multiple RealNetworks products and versions including Rhapsody 3 allows remote attackers to execute arbitrary code via a crafted SWF (Flash) file with (1) a a size value that is less than the actual size, or (2) other unspecified manipulations. | ||||
| Applies to: RealNetworks Rhapsody |
Created: 2006-11-30 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-2628 |
Title: SANS06C5: Multiple vulnerabilities in Macromedia Flash |
Type: Software |
Bulletins:
CVE-2005-2628 CVE-2005-3591 SFBID15332 SFBID15334 |
Severity: High |
| Description: Multiple vulnerabilities exist in Macromedia Flash versions 7.0.19.0 and earlier. These include denial of service and remote execution. | ||||
| Applies to: |
Created: 2006-11-28 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-1370 |
Title: SANS06C5: Multiple Vulnerabilities in RealPlayer |
Type: Software |
Bulletins:
CVE-2006-1370 CVE-2005-2922 CVE-2005-4126 CVE-2005-3677 CVE-2005-2936 SFBID17202 SFBID15691 SFBID15398 SFBID15448 |
Severity: High |
| Description: Multiple vulnerabilities exist in RealNetworks RealPlayer in versions 10.5 6.0.12.1348 and earlier. These include buffer overflows, and possibility of remote code execution and denial of service. It is suggested to update to the latest version. | ||||
| Applies to: RealNetworks RealPlayer |
Created: 2006-11-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-1249 |
Title: SANS06C5: Multiple iTunes and QuickTime Vulnerabilities |
Type: Software |
Bulletins:
CVE-2006-1249 CVE-2005-4092 CVE-2005-3713 CVE-2006-2238 CVE-2006-1456 CVE-2005-3711 CVE-2005-3710 CVE-2005-3709 CVE-2005-3708 CVE-2005-3707 CVE-2005-2340 CVE-2005-2743 SFBID17074 SFBID15732 SFBID17953 SFBID16202 |
Severity: High |
| Description: Multiple vulnerabilities exist in QuickTime Player versions before 7.0.4, and in iTunes 6.0.2 and earlier. These include integer overflow, and heap-based buffer overflows. It is recommended to update to the latest versions of these products. | ||||
| Applies to: iTunes and QuickTime |
Created: 2006-11-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-2310 |
Title: SANS06C5: Multiple buffer overflows in NullSoft Winamp 5.13 and earlier |
Type: Software |
Bulletins:
CVE-2005-2310 CVE-2005-3188 CVE-2005-3188 SFBID16623 SFBID16462 SFBID14276 |
Severity: High |
| Description: Multiple buffer overflow vulnerabilities exist in Winamp 5.13 and earlier which allow remote code execution. It is recommended to update to the latest version. | ||||
| Applies to: Nullsoft Winamp |
Created: 2006-11-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-6055 |
Title: Stack-based buffer overflow in A5AGU.SYS 1.0.1.41 for the D-Link DWL-G132 wireless adapter allows remote attackers to execute arbitrary code via a 802.11 beacon request with a long Rates information element (IE). |
Type: Hardware |
Bulletins:
CVE-2006-6055 SFBID21032 |
Severity: High |
| Description: Stack-based buffer overflow in A5AGU.SYS 1.0.1.41 for the D-Link DWL-G132 wireless adapter allows remote attackers to execute arbitrary code via a 802.11 beacon request with a long Rates information element (IE). | ||||
| Applies to: DWL-G132 |
Created: 2006-11-21 |
Updated: 2024-09-07 |
||
| ID: SFBID715 |
Title: Sendmail 8-8-4 |
Type: |
Bulletins:
SFBID715 |
Severity: High |
| Description: Berkeley Sendmail is prone to a group permissions vulnerability. When delivering mail to a program which is listed in a .forward or :include: file, this program will be run the group permissions possessed by the owner of the .forward or :include: file. The owner of the file is used to initialize the list of group permissions obtained by scanning the /etc/group file, that are in force when the program is run. In such an environment it is possible to attain group permissions one should not have by linking to a file that is owned by someone else who has group write permissions. In order to solve such a problem one should upgrade to at least version 8.8.4 of sendmail or else install a vendor supplied patch. | ||||
| Applies to: Sendmail |
Created: 2006-11-10 |
Updated: 2010-08-21 |
||
| ID: MITRE:100 |
Title: VML Buffer Overrun Vulnerability |
Type: Web |
Bulletins:
MITRE:100 CVE-2006-4868 |
Severity: High |
| Description: Stack-based buffer overflow in the Vector Graphics Rendering engine (vgx.dll), as used in Microsoft Outlook and Internet Explorer 6.0 on Windows XP SP2, and possibly other versions, allows remote attackers to execute arbitrary code via a Vector Markup Language (VML) file with a long fill parameter within a rect tag. | ||||
| Applies to: Microsoft Internet Explorer |
Created: 2006-10-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-5537 |
Title: Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/webcm in D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allow remote attackers to inject arbitrary web script or HTML via the (1) upnp:settings/state or (2) upnp:settings/connection... |
Type: Hardware |
Bulletins:
CVE-2006-5537 |
Severity: Medium |
| Description: Multiple cross-site scripting (XSS) vulnerabilities in cgi-bin/webcm in D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allow remote attackers to inject arbitrary web script or HTML via the (1) upnp:settings/state or (2) upnp:settings/connection parameters. | ||||
| Applies to: DSL-G624T |
Created: 2006-10-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-5536 |
Title: Directory traversal vulnerability in cgi-bin/webcm in D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote attackers to read arbitrary files via a .. (dot dot) in the getpage parameter. |
Type: Hardware |
Bulletins:
CVE-2006-5536 SFBID20689 |
Severity: Medium |
| Description: Directory traversal vulnerability in cgi-bin/webcm in D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote attackers to read arbitrary files via a .. (dot dot) in the getpage parameter. | ||||
| Applies to: DSL-G624T |
Created: 2006-10-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-5538 |
Title: D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote attackers to list contents of the cgi-bin directory via unspecified vectors, probably a direct request. |
Type: Hardware |
Bulletins:
CVE-2006-5538 |
Severity: Medium |
| Description: D-Link DSL-G624T firmware 3.00B01T01.YA-C.20060616 allows remote attackers to list contents of the cgi-bin directory via unspecified vectors, probably a direct request. | ||||
| Applies to: DSL-G624T |
Created: 2006-10-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-5553 |
Title: Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan... |
Type: Hardware |
Bulletins:
CVE-2006-5553 SFBID20737 |
Severity: High |
| Description: Cisco Security Agent (CSA) for Linux 4.5 before 4.5.1.657 and 5.0 before 5.0.0.193, as used by Unified CallManager (CUCM) and Unified Presence Server (CUPS), allows remote attackers to cause a denial of service (resource consumption) via a port scan with certain options. | ||||
| Applies to: Unified Callmanager |
Created: 2006-10-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-5382 |
Title: 3Com Switch SS3 4400 switches, firmware 5.11, 6.00 and 6.10 and earlier, allow remote attackers to read the SNMP Read-Write Community string and conduct unauthorized actions via unspecified "normally restricted management packets on the device" that... |
Type: Hardware |
Bulletins:
CVE-2006-5382 SFBID20736 |
Severity: High |
| Description: 3Com Switch SS3 4400 switches, firmware 5.11, 6.00 and 6.10 and earlier, allow remote attackers to read the SNMP Read-Write Community string and conduct unauthorized actions via unspecified "normally restricted management packets on the device" that cause the community string to be returned. | ||||
| Applies to: 3Com SS3-4400-24PWR |
Created: 2006-10-25 |
Updated: 2024-09-07 |
||
| ID: MITRE:376 |
Title: Windows XP,SP2 Remote Desktop Protocol (RDP) DoS Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:376 CVE-2005-1218 |
Severity: Medium |
| Description: The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests. | ||||
| Applies to: |
Created: 2006-10-24 |
Updated: 2024-09-07 |
||
| ID: MITRE:256 |
Title: Windows XP,SP2 Print Spooler Service Buffer Overflow |
Type: Miscellaneous |
Bulletins:
MITRE:256 CVE-2005-1984 |
Severity: High |
| Description: Buffer overflow in the Print Spooler service (Spoolsv.exe) for Microsoft Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code via a malicious message. | ||||
| Applies to: |
Created: 2006-10-24 |
Updated: 2024-09-07 |
||
| ID: MITRE:497 |
Title: Windows XP,SP2 Plug and Play Buffer Overflow Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:497 CVE-2005-1983 |
Severity: High |
| Description: Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm. | ||||
| Applies to: |
Created: 2006-10-24 |
Updated: 2024-09-07 |
||
| ID: MITRE:618 |
Title: Windows XP,SP1 Remote Desktop Protocol (RDP) DoS Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:618 CVE-2005-1218 |
Severity: Medium |
| Description: The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests. | ||||
| Applies to: |
Created: 2006-10-24 |
Updated: 2024-09-07 |
||
| ID: MITRE:267 |
Title: Windows XP Plug and Play Buffer Overflow Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:267 CVE-2005-1983 |
Severity: High |
| Description: Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm. | ||||
| Applies to: |
Created: 2006-10-24 |
Updated: 2024-09-07 |
||
| ID: MITRE:346 |
Title: Windows Server 2003,SP1 Remote Desktop Protocol (RDP) DoS Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:346 CVE-2005-1218 |
Severity: Medium |
| Description: The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests. | ||||
| Applies to: |
Created: 2006-10-24 |
Updated: 2024-09-07 |
||
| ID: MITRE:609 |
Title: Windows Server 2003 Remote Desktop Protocol (RDP) DoS Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:609 CVE-2005-1218 |
Severity: Medium |
| Description: The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests. | ||||
| Applies to: |
Created: 2006-10-24 |
Updated: 2024-09-07 |
||
| ID: MITRE:160 |
Title: Windows Server 2003 Plug and Play Buffer Overflow Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:160 CVE-2005-1983 |
Severity: High |
| Description: Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm. | ||||
| Applies to: |
Created: 2006-10-24 |
Updated: 2024-09-07 |
||
| ID: MITRE:783 |
Title: Windows Server 2003 Plug and Play Buffer Overflow Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:783 CVE-2005-1983 |
Severity: High |
| Description: Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm. | ||||
| Applies to: |
Created: 2006-10-24 |
Updated: 2024-09-07 |
||
| ID: MITRE:180 |
Title: Windows 2000,SP4 Remote Desktop Protocol (RDP) DoS Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:180 CVE-2005-1218 |
Severity: Medium |
| Description: The Microsoft Windows kernel in Microsoft Windows 2000 Server, Windows XP, and Windows Server 2003 allows remote attackers to cause a denial of service (crash) via crafted Remote Desktop Protocol (RDP) requests. | ||||
| Applies to: |
Created: 2006-10-24 |
Updated: 2024-09-07 |
||
| ID: MITRE:474 |
Title: Windows 2000 Plug and Play Buffer Overflow Vulnerability |
Type: Miscellaneous |
Bulletins:
MITRE:474 CVE-2005-1983 |
Severity: High |
| Description: Stack-based buffer overflow in the Plug and Play (PnP) service for Microsoft Windows 2000 and Windows XP Service Pack 1 allows remote attackers to execute arbitrary code via a crafted packet, and local users to gain privileges via a malicious application, as exploited by the Zotob (aka Mytob) worm. | ||||
| Applies to: |
Created: 2006-10-24 |
Updated: 2024-09-07 |
||
| ID: REF000190 |
Title: Webmin running |
Type: Information |
Bulletins: | Severity: Information |
| Description: Webmin installed and running on this computer (port 10000) | ||||
| Applies to: Webmin |
Created: 2006-10-17 |
Updated: 2010-08-21 |
||
| ID: REF000197 |
Title: VNC server listening on port 5901 |
Type: Information |
Bulletins: | Severity: Information |
| Description: The remote server is running VNC. VNC permits a console to be displayed remotely and should be disabled if not required. VNC can be blocked using a firewall or simply by stopping the VNC service. | ||||
| Applies to: VNC |
Created: 2006-10-17 |
Updated: 2010-08-21 |
||
| ID: REF000245 |
Title: Upnp helper is running |
Type: Miscellaneous |
Bulletins: | Severity: Low |
| Description: This service is not recommended to be running production machines. | ||||
| Applies to: UPnP |
Created: 2006-10-17 |
Updated: 2010-08-21 |
||
| ID: REF000188 |
Title: Sub7 server passworded |
Type: Information |
Bulletins: | Severity: Information |
| Description: Verify if the Sub7 server is passworded or not | ||||
| Applies to: |
Created: 2006-10-17 |
Updated: 2010-08-21 |
||
| ID: REF000185 |
Title: Squid running |
Type: Information |
Bulletins: | Severity: Information |
| Description: Squid Web Proxy Cache is running on this computer. | ||||
| Applies to: Squid |
Created: 2006-10-17 |
Updated: 2010-08-21 |
||
| ID: REF000196 |
Title: Some POP3 server banners providing information to attacker |
Type: Information |
Bulletins: | Severity: Information |
| Description: The script displays the information provided by the POP3 server. This information could help an attacker choose the best attack vector for the server. | ||||
| Applies to: |
Created: 2006-10-17 |
Updated: 2010-08-21 |
||
| ID: REF000252 |
Title: Sasser worm |
Type: Miscellaneous |
Bulletins: | Severity: High |
| Description: Sasser worm leaves a backdoor on port 5554 which allows transfer of files. Make sure you run an Antivirus on the infected computer. | ||||
| Applies to: |
Created: 2006-10-17 |
Updated: 2010-08-21 |
||
| ID: REF000182 |
Title: Oracle HTTP Server running |
Type: Information |
Bulletins: | Severity: Information |
| Description: Oracle HTTP server running on this computer. | ||||
| Applies to: Oracle |
Created: 2006-10-17 |
Updated: 2010-08-21 |
||
| ID: REF000181 |
Title: MySQL (open source database) running |
Type: Information |
Bulletins: | Severity: Information |
| Description: MySQL is running on this computer. | ||||
| Applies to: MySQL |
Created: 2006-10-17 |
Updated: 2010-08-21 |
||
| ID: REF000180 |
Title: Microsoft SQL server |
Type: Information |
Bulletins: | Severity: Information |
| Description: Microsoft SQL server is installed on this computer. | ||||
| Applies to: Microsoft SQL |
Created: 2006-10-17 |
Updated: 2010-08-21 |
||
| ID: REF000192 |
Title: List of modems installed |
Type: Information |
Bulletins: | Severity: Information |
| Description: lists the installed modem drivers | ||||
| Applies to: |
Created: 2006-10-17 |
Updated: 2010-08-21 |
||
| ID: REF000195 |
Title: IMAP4 server banner provides information to attacker |
Type: Information |
Bulletins: | Severity: Information |
| Description: Imap banners with information such as server versions and types should be omitted where possible. Instead you can change them to something more generic that will hide such information from potential intruders. | ||||
| Applies to: |
Created: 2006-10-17 |
Updated: 2010-08-21 |
||
| ID: REF000161 |
Title: Ftp Exposing Full Path |
Type: FTP |
Bulletins: | Severity: Medium |
| Description: Anonymous FTP is exposing full path. This might give out sensitive information or mean that the ftp server is misconfigured. | ||||
| Applies to: |
Created: 2006-10-17 |
Updated: 2010-08-21 |
||
| ID: REF000194 |
Title: Finger service running |
Type: Information |
Bulletins: | Severity: Information |
| Description: Using a finger server a remote user can get a wide range of information regarding users on the local machine. | ||||
| Applies to: |
Created: 2006-10-17 |
Updated: 2010-08-21 |
||
| ID: REF000193 |
Title: Citrix server running on this host |
Type: Information |
Bulletins: | Severity: Information |
| Description: For information only | ||||
| Applies to: Citrix |
Created: 2006-10-17 |
Updated: 2010-08-21 |
||
| ID: REF000240 |
Title: BugBear-B backdoor |
Type: Miscellaneous |
Bulletins: | Severity: High |
| Description: BugBear.B (worm) leaves a backdoor which allows hackers remote access to your computer. | ||||
| Applies to: |
Created: 2006-10-17 |
Updated: 2010-08-21 |
||
| ID: REF000177 |
Title: Apache Tomcat running |
Type: Information |
Bulletins: | Severity: Information |
| Description: Apache Tomcat running on port 8080 | ||||
| Applies to: Apache Tomcat |
Created: 2006-10-17 |
Updated: 2010-08-21 |
||
| ID: MITRE:171 |
Title: Window Location Information Disclosure Vulnerability |
Type: Web |
Bulletins:
MITRE:171 CVE-2006-3640 |
Severity: Medium |
| Description: Microsoft Internet Explorer 5.01 and 6 allows certain script to persist across navigations between pages, which allows remote attackers to obtain the window location of visited web pages in other domains or zones, aka "Window Location Information Disclosure Vulnerability." | ||||
| Applies to: Microsoft Internet Explorer |
Created: 2006-10-16 |
Updated: 2024-09-07 |
||
| ID: MITRE:694 |
Title: Visual Basic for Applications Vulnerability |
Type: Software |
Bulletins:
MITRE:694 CVE-2006-3649 |
Severity: Medium |
| Description: Buffer overflow in Microsoft Visual Basic for Applications (VBA) SDK 6.0 through 6.4, as used by Microsoft Office 2000 SP3, Office XP SP3, Project 2000 SR1, Project 2002 SP1, Access 2000 Runtime SP3, Visio 2002 SP2, and Works Suite 2004 through 2006, allows user-assisted attackers to execute arbitrary code via unspecified document properties that are not verified when VBA is invoked to open documents. | ||||
| Applies to: Microsoft Visual Basic 6.0 |
Created: 2006-10-16 |
Updated: 2024-09-07 |
||
| ID: MITRE:577 |
Title: Source Element Cross-Domain Vulnerability |
Type: Web |
Bulletins:
MITRE:577 CVE-2006-3639 |
Severity: High |
| Description: Microsoft Internet Explorer 5.01 and 6 does not properly identify the originating domain zone when handling redirects, which allows remote attackers to read cross-domain web pages and possibly execute code via unspecified vectors involving a crafted web page, aka "Source Element Cross-Domain Vulnerability." | ||||
| Applies to: Microsoft Internet Explorer |
Created: 2006-10-16 |
Updated: 2024-09-07 |
||
| ID: MITRE:738 |
Title: Redirect Cross-Domain Information Disclosure Vulnerability |
Type: Web |
Bulletins:
MITRE:738 CVE-2006-3280 |
Severity: High |
| Description: Cross-domain vulnerability in Microsoft Internet Explorer 6.0 allows remote attackers to access restricted information from other domains via an object tag with a data parameter that references a link on the attacker's originating site that specifies a Location HTTP header that references the target site, which then makes that content available through the outerHTML attribute of the object, aka "Redirect Cross-Domain Information Disclosure Vulnerability." | ||||
| Applies to: Microsoft Internet Explorer |
Created: 2006-10-16 |
Updated: 2024-09-07 |
||
| ID: MITRE:502 |
Title: HTML Rendering Memory Corruption Vulnerability |
Type: Web |
Bulletins:
MITRE:502 CVE-2006-3637 |
Severity: Medium |
| Description: Microsoft Internet Explorer 5.01 SP4 and 6 does not properly handle various HTML layout component combinations, which allows user-assisted remote attackers to execute arbitrary code via a crafted HTML file that leads to memory corruption, aka "HTML Rendering Memory Corruption Vulnerability." | ||||
| Applies to: Microsoft Internet Explorer |
Created: 2006-10-16 |
Updated: 2024-09-07 |
||
| ID: MITRE:433 |
Title: HTML Layout and Positioning Memory Corruption Vulnerability |
Type: Web |
Bulletins:
MITRE:433 CVE-2006-3450 |
Severity: High |
| Description: Microsoft Internet Explorer 6 allows remote attackers to execute arbitrary code by using the document.getElementByID Javascript function to access crafted Cascading Style Sheet (CSS) elements, and possibly other unspecified vectors involving certain layout positioning combinations in an HTML file. | ||||
| Applies to: Microsoft Internet Explorer |
Created: 2006-10-16 |
Updated: 2024-09-07 |
||
| ID: MITRE:462 |
Title: FTP Server Command Injection Vulnerability |
Type: Web |
Bulletins:
MITRE:462 CVE-2004-1166 |
Severity: High |
| Description: CRLF injection vulnerability in Microsoft Internet Explorer 6.0.2800.1106 and earlier allows remote attackers to execute arbitrary FTP commands via an ftp:// URL that contains a URL-encoded newline ("%0a") before the FTP command, which causes the commands to be inserted into the resulting FTP session, as demonstrated using a PORT command. | ||||
| Applies to: Microsoft Internet Explorer |
Created: 2006-10-16 |
Updated: 2024-09-07 |
||
| ID: MITRE:5 |
Title: CSS Memory Corruption Vulnerability |
Type: Web |
Bulletins:
MITRE:5 CVE-2006-3451 |
Severity: High |
| Description: Microsoft Internet Explorer 5 SP4 and 6 do not properly garbage collect when "multiple imports are used on a styleSheets collection" to construct a chain of Cascading Style Sheets (CSS), which allows remote attackers to execute arbitrary code via unspecified vectors. | ||||
| Applies to: Microsoft Internet Explorer |
Created: 2006-10-16 |
Updated: 2024-09-07 |
||
| ID: MITRE:719 |
Title: COM Object Instantiation Memory Corruption Vulnerability |
Type: Web |
Bulletins:
MITRE:719 CVE-2006-3638 |
Severity: High |
| Description: Microsoft Internet Explorer 5.01 and 6 does not properly handle uninitialized COM objects, which allows remote attackers to cause a denial of service (memory corruption) and possibly execute arbitrary code, as demonstrated by the Nth function in the DirectAnimation.DATuple ActiveX control, aka "COM Object Instantiation Memory Corruption Vulnerability." | ||||
| Applies to: Microsoft Internet Explorer |
Created: 2006-10-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-5202 |
Title: Linksys WRT54g firmware 1.00.9 does not require credentials when making configuration changes, which allows remote attackers to modify arbitrary configurations via a direct request to Security.tri, as demonstrated using the SecurityMode and layout... |
Type: Hardware |
Bulletins:
CVE-2006-5202 SFBID19347 |
Severity: Medium |
| Description: Linksys WRT54g firmware 1.00.9 does not require credentials when making configuration changes, which allows remote attackers to modify arbitrary configurations via a direct request to Security.tri, as demonstrated using the SecurityMode and layout parameters, a different issue than CVE-2006-2559. | ||||
| Applies to: wrt54g |
Created: 2006-10-10 |
Updated: 2024-09-07 |
||
| ID: MITRE:1922 |
Title: Remote Code Execution Vulnerability in Flash Player 8 |
Type: Web |
Bulletins:
MITRE:1922 CVE-2006-0024 |
Severity: Medium |
| Description: Multiple unspecified vulnerabilities in Adobe Flash Player 8.0.22.0 and earlier allow remote attackers to execute arbitrary code via a crafted SWF file. | ||||
| Applies to: Adobe Flash Player |
Created: 2006-10-07 |
Updated: 2024-09-07 |
||
| ID: MITRE:1987 |
Title: Remote Code Execution Vulnerability in Flash Player 6 and 7 |
Type: Web |
Bulletins:
MITRE:1987 CVE-2005-2628 |
Severity: Medium |
| Description: Macromedia Flash 6 and 7 (Flash.ocx) allows remote attackers to execute arbitrary code via a SWF file with a modified frame type identifier that is used as an out-of-bounds array index to a function pointer. | ||||
| Applies to: Adobe Flash Player |
Created: 2006-10-07 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-4950 |
Title: Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, the VG224 Analog Phone Gateway, and the MWR 1900 and 1941 Mobile Wireless Edge Routers, is incorrectly identified as supporting... |
Type: Hardware |
Bulletins:
CVE-2006-4950 SFBID20125 |
Severity: High |
| Description: Cisco IOS 12.2 through 12.4 before 20060920, as used by Cisco IAD2430, IAD2431, and IAD2432 Integrated Access Devices, the VG224 Analog Phone Gateway, and the MWR 1900 and 1941 Mobile Wireless Edge Routers, is incorrectly identified as supporting DOCSIS, which allows remote attackers to gain read-write access via a hard-coded cable-docsis community string and read or modify arbitrary SNMP variables. | ||||
| Applies to: |
Created: 2006-09-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-4775 |
Title: The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a... |
Type: Hardware |
Bulletins:
CVE-2006-4775 SFBID19998 |
Severity: High |
| Description: The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) and CatOS allows remote attackers to cause a denial of service by sending a VTP update with a revision value of 0x7FFFFFFF, which is incremented to 0x80000000 and is interpreted as a negative number in a signed context. | ||||
| Applies to: |
Created: 2006-09-13 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-4774 |
Title: The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to cause a denial of service by sending a VTP version 1 summary frame with a VTP version field value of 2. |
Type: Hardware |
Bulletins:
CVE-2006-4774 SFBID19998 |
Severity: High |
| Description: The VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to cause a denial of service by sending a VTP version 1 summary frame with a VTP version field value of 2. | ||||
| Applies to: |
Created: 2006-09-13 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-4776 |
Title: Heap-based buffer overflow in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to execute arbitrary code via a long VLAN name in a VTP type 2 summary advertisement. |
Type: Hardware |
Bulletins:
CVE-2006-4776 SFBID19998 |
Severity: High |
| Description: Heap-based buffer overflow in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(19) allows remote attackers to execute arbitrary code via a long VLAN name in a VTP type 2 summary advertisement. | ||||
| Applies to: |
Created: 2006-09-13 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-4662 |
Title: SANS06C4: ICQ 2003b Buffer Overflow |
Type: Software |
Bulletins:
CVE-2006-4662 SFBID19897 |
Severity: High |
| Description: Heap-based buffer overflow in the MCRegEx__Search function in AOL ICQ Pro 2003b Build 3916 and earlier allows remote attackers to execute arbitrary code via an inconsistent length field of a Message in a 0x2711 Type-Length-Value (TLV) type. | ||||
| Applies to: AOL ICQ |
Created: 2006-09-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-4650 |
Title: Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to an integer overflow that references data from incorrect... |
Type: Hardware |
Bulletins:
CVE-2006-4650 SFBID19878 |
Severity: Low |
| Description: Cisco IOS 12.0, 12.1, and 12.2, when GRE IP tunneling is used and the RFC2784 compliance fixes are missing, does not verify the offset field of a GRE packet during decapsulation, which leads to an integer overflow that references data from incorrect memory locations, which allows remote attackers to inject crafted packets into the routing queue, possibly bypassing intended router ACLs. | ||||
| Applies to: |
Created: 2006-09-08 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-4352 |
Title: The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information. |
Type: Hardware |
Bulletins:
CVE-2006-4352 |
Severity: Medium |
| Description: The ArrowPoint cookie functionality for Cisco 11000 series Content Service Switches specifies an internal IP address if the administrator does not specify a string option, which allows remote attackers to obtain sensitive information. | ||||
| Applies to: Cisco CSS 11100 Content Services Switch Series |
Created: 2006-08-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-2113 |
Title: The embedded HTTP server in Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, does not... |
Type: Hardware |
Bulletins:
CVE-2006-2113 SFBID19716 |
Severity: Medium |
| Description: The embedded HTTP server in Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, does not properly perform authentication for HTTP requests, which allows remote attackers to modify system configuration via crafted requests, including changing the administrator password or causing a denial of service to the print server. | ||||
| Applies to: Laser Printer 3100cn Laser Printer 5100cn |
Created: 2006-08-24 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-2112 |
Title: Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, allows remote attackers to use the FTP... |
Type: Hardware |
Bulletins:
CVE-2006-2112 SFBID19711 |
Severity: High |
| Description: Fuji Xerox Printing Systems (FXPS) print engine, as used in products including (1) Dell 3000cn through 5110cn and (2) Fuji Xerox DocuPrint firmware before 20060628 and Network Option Card firmware before 5.13, allows remote attackers to use the FTP printing interface as a proxy ("FTP bounce") by using arbitrary PORT arguments to connect to systems for which access would be otherwise restricted. | ||||
| Applies to: Laser Printer 3100cn Laser Printer 5100cn |
Created: 2006-08-24 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-4312 |
Title: Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user... |
Type: Hardware |
Bulletins:
CVE-2006-4312 SFBID19681 |
Severity: Medium |
| Description: Cisco PIX 500 Series Security Appliances and ASA 5500 Series Adaptive Security Appliances, when running 7.0(x) up to 7.0(5) and 7.1(x) up to 7.1(2.4), and Firewall Services Module (FWSM) 3.1(x) up to 3.1(1.6), causes the EXEC password, local user passwords, and the enable password to be changed to a "non-random value" under certain circumstances, which causes administrators to be locked out and might allow attackers to gain access. | ||||
| Applies to: |
Created: 2006-08-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-4143 |
Title: Netgear FVG318 running firmware 1.0.40 allows remote attackers to cause a denial of service (router reset) via TCP packets with bad checksums. |
Type: Hardware |
Bulletins:
CVE-2006-4143 SFBID19468 |
Severity: High |
| Description: Netgear FVG318 running firmware 1.0.40 allows remote attackers to cause a denial of service (router reset) via TCP packets with bad checksums. | ||||
| Applies to: FVG318 Router |
Created: 2006-08-14 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-4015 |
Title: Hewlett-Packard (HP) ProCurve 3500yl, 6200yl, and 5400zl switches with software before K.11.33 allow remote attackers to cause a denial of service (possibly memory leak or system crash) via unknown vectors. |
Type: Hardware |
Bulletins:
CVE-2006-4015 SFBID19310 |
Severity: Medium |
| Description: Hewlett-Packard (HP) ProCurve 3500yl, 6200yl, and 5400zl switches with software before K.11.33 allow remote attackers to cause a denial of service (possibly memory leak or system crash) via unknown vectors. | ||||
| Applies to: ProCurve Switch 3500yl Procurve Switch 5400zl Procurve Switch 6200yl |
Created: 2006-08-07 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-3906 |
Title: Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the... |
Type: Hardware |
Bulletins:
CVE-2006-3906 SFBID19176 |
Severity: Medium |
| Description: Internet Key Exchange (IKE) version 1 protocol, as implemented on Cisco IOS, VPN 3000 Concentrators, and PIX firewalls, allows remote attackers to cause a denial of service (resource exhaustion) via a flood of IKE Phase-1 packets that exceed the session expiration rate. NOTE: it has been argued that this is due to a design weakness of the IKE version 1 protocol, in which case other vendors and implementations would also be affected. | ||||
| Applies to: Cisco PIX 501 Firewall Cisco PIX 506 Firewall Cisco PIX 515 Firewall Cisco PIX 515E Firewall Cisco PIX 520 Firewall Cisco PIX 525 Firewall Cisco PIX 535 Firewall |
Created: 2006-07-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-3687 |
Title: Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in D-Link DI-524, DI-604 Broadband Router, DI-624, D-Link DI-784, WBR-1310 Wireless G Router, WBR-2310 RangeBooster G Router, and EBR-2310 Ethernet Broadband Router allows... |
Type: Hardware |
Bulletins:
CVE-2006-3687 SFBID19006 |
Severity: High |
| Description: Stack-based buffer overflow in the Universal Plug and Play (UPnP) service in D-Link DI-524, DI-604 Broadband Router, DI-624, D-Link DI-784, WBR-1310 Wireless G Router, WBR-2310 RangeBooster G Router, and EBR-2310 Ethernet Broadband Router allows remote attackers to execute arbitrary code via a long M-SEARCH request to UDP port 1900. | ||||
| Applies to: DI-524 DI-604 DI-624 DI-784 EBR-2310 WBR-1310 WBR-2310 |
Created: 2006-07-21 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-3592 |
Title: Unspecified vulnerability in the command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to execute arbitrary commands with elevated privileges via unspecified vectors, involving "certain CLI... |
Type: Hardware |
Bulletins:
CVE-2006-3592 SFBID18952 |
Severity: Medium |
| Description: Unspecified vulnerability in the command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to execute arbitrary commands with elevated privileges via unspecified vectors, involving "certain CLI commands," aka bug CSCse11005. | ||||
| Applies to: Unified Callmanager |
Created: 2006-07-18 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-3593 |
Title: The command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to overwrite arbitrary files by redirecting a command's output to a file or folder, aka bug CSCse31704. |
Type: Hardware |
Bulletins:
CVE-2006-3593 SFBID18952 |
Severity: Medium |
| Description: The command line interface (CLI) in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows local users to overwrite arbitrary files by redirecting a command's output to a file or folder, aka bug CSCse31704. | ||||
| Applies to: Unified Callmanager |
Created: 2006-07-18 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-3594 |
Title: Buffer overflow in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows remote attackers to execute arbitrary code via a long hostname in a SIP request, aka bug CSCsd96542. |
Type: Hardware |
Bulletins:
CVE-2006-3594 SFBID18952 |
Severity: High |
| Description: Buffer overflow in Cisco Unified CallManager (CUCM) 5.0(1) through 5.0(3a) allows remote attackers to execute arbitrary code via a long hostname in a SIP request, aka bug CSCsd96542. | ||||
| Applies to: Unified Callmanager |
Created: 2006-07-18 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-3529 |
Title: Memory leak in Juniper JUNOS 6.4 through 8.0, built before May 10, 2006, allows remote attackers to cause a denial of service (kernel packet memory consumption and crash) via crafted IPv6 packets whose buffers are not released after they are processed. |
Type: Hardware |
Bulletins:
CVE-2006-3529 SFBID18930 |
Severity: Medium |
| Description: Memory leak in Juniper JUNOS 6.4 through 8.0, built before May 10, 2006, allows remote attackers to cause a denial of service (kernel packet memory consumption and crash) via crafted IPv6 packets whose buffers are not released after they are processed. | ||||
| Applies to: |
Created: 2006-07-11 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-3291 |
Title: The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on the Cisco Wireless Access Point and Wireless Bridge, reconfigures itself when it is changed to use the "Local User List Only (Individual Passwords)" setting, which removes all... |
Type: Hardware |
Bulletins:
CVE-2006-3291 SFBID18704 |
Severity: High |
| Description: The web interface on Cisco IOS 12.3(8)JA and 12.3(8)JA1, as used on the Cisco Wireless Access Point and Wireless Bridge, reconfigures itself when it is changed to use the "Local User List Only (Individual Passwords)" setting, which removes all security and password configurations and allows remote attackers to access the system. | ||||
| Applies to: |
Created: 2006-06-28 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-3109 |
Title: Cross-site scripting (XSS) vulnerability in Cisco CallManager 3.3 before 3.3(5)SR3, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3), and 4.3 before 4.3(1), allows remote attackers to inject arbitrary web script or HTML via the (1) pattern parameter in... |
Type: Hardware |
Bulletins:
CVE-2006-3109 SFBID18504 |
Severity: Medium |
| Description: Cross-site scripting (XSS) vulnerability in Cisco CallManager 3.3 before 3.3(5)SR3, 4.1 before 4.1(3)SR4, 4.2 before 4.2(3), and 4.3 before 4.3(1), allows remote attackers to inject arbitrary web script or HTML via the (1) pattern parameter in ccmadmin/phonelist.asp and (2) arbitrary parameters in ccmuser/logon.asp, aka bugid CSCsb68657. | ||||
| Applies to: Cisco Call Manager |
Created: 2006-06-20 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-2901 |
Title: The web server for D-Link Wireless Access-Point (DWL-2100ap) firmware 2.10na and earlier allows remote attackers to obtain sensitive system information via a request to an arbitrary .cfg file, which returns configuration information including passwords. |
Type: Hardware |
Bulletins:
CVE-2006-2901 SFBID18299 |
Severity: Medium |
| Description: The web server for D-Link Wireless Access-Point (DWL-2100ap) firmware 2.10na and earlier allows remote attackers to obtain sensitive system information via a request to an arbitrary .cfg file, which returns configuration information including passwords. | ||||
| Applies to: DWL-2100AP |
Created: 2006-06-07 |
Updated: 2024-09-07 |
||
| ID: MITRE:1748 |
Title: FPSE XSS Vulnerability |
Type: Web |
Bulletins:
MITRE:1748 CVE-2006-0015 |
Severity: Medium |
| Description: Cross-site scripting (XSS) vulnerability in _vti_bin/_vti_adm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows remote attackers to inject arbitrary web script or HTML, then leverage the attack to execute arbitrary programs or create new accounts, via the (1) operation, (2) command, and (3) name parameters. | ||||
| Applies to: Microsoft FrontPage Server Extensions 2002 |
Created: 2006-05-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-2653 |
Title: Cross-site scripting (XSS) vulnerability in login_error.shtml for D-Link DSA-3100 allows remote attackers to inject arbitrary HTML or web script via an encoded uname parameter. |
Type: Hardware |
Bulletins:
CVE-2006-2653 SFBID18168 |
Severity: Low |
| Description: Cross-site scripting (XSS) vulnerability in login_error.shtml for D-Link DSA-3100 allows remote attackers to inject arbitrary HTML or web script via an encoded uname parameter. | ||||
| Applies to: DSA-3100 |
Created: 2006-05-30 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-2559 |
Title: Linksys WRT54G Wireless-G Broadband Router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using... |
Type: Hardware |
Bulletins:
CVE-2006-2559 |
Severity: High |
| Description: Linksys WRT54G Wireless-G Broadband Router allows remote attackers to bypass access restrictions and conduct unauthorized operations via a UPnP request with a modified InternalClient parameter, which is not validated, as demonstrated by using AddPortMapping to forward arbitrary traffic. | ||||
| Applies to: wrt54g |
Created: 2006-05-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-2337 |
Title: Directory traversal vulnerability in webcm in the D-Link DSL-G604T Wireless ADSL Router Modem allows remote attackers to read arbitrary files via an absolute path in the getpage parameter. |
Type: Hardware |
Bulletins:
CVE-2006-2337 |
Severity: Medium |
| Description: Directory traversal vulnerability in webcm in the D-Link DSL-G604T Wireless ADSL Router Modem allows remote attackers to read arbitrary files via an absolute path in the getpage parameter. | ||||
| Applies to: DSL-G604T |
Created: 2006-05-11 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-1973 |
Title: Multiple unspecified vulnerabilities in Linksys RT31P2 VoIP router allow remote attackers to cause a denial of service via malformed Session Initiation Protocol (SIP) messages. |
Type: Hardware |
Bulletins:
CVE-2006-1973 SFBID17631 |
Severity: Medium |
| Description: Multiple unspecified vulnerabilities in Linksys RT31P2 VoIP router allow remote attackers to cause a denial of service via malformed Session Initiation Protocol (SIP) messages. | ||||
| Applies to: rt31p2 |
Created: 2006-04-21 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-1928 |
Title: Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS) and running on Cisco CRS-1 routers, allows remote attackers to cause a denial of service (Modular Services Cards (MSC) crash or "MPLS packet handling problems") via certain MPLS... |
Type: Hardware |
Bulletins:
CVE-2006-1928 SFBID17607 |
Severity: Medium |
| Description: Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS) and running on Cisco CRS-1 routers, allows remote attackers to cause a denial of service (Modular Services Cards (MSC) crash or "MPLS packet handling problems") via certain MPLS packets, as identified by Cisco bug IDs (1) CSCsd15970 and (2) CSCsd55531. | ||||
| Applies to: |
Created: 2006-04-20 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-1927 |
Title: Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS) and running on Cisco CRS-1 or Cisco 12000 series routers, allows remote attackers to cause a denial of service (Line card crash) via certain MPLS packets, as identified by Cisco... |
Type: Hardware |
Bulletins:
CVE-2006-1927 SFBID17607 |
Severity: Medium |
| Description: Cisco IOS XR, when configured for Multi Protocol Label Switching (MPLS) and running on Cisco CRS-1 or Cisco 12000 series routers, allows remote attackers to cause a denial of service (Line card crash) via certain MPLS packets, as identified by Cisco bug ID CSCsc77475. | ||||
| Applies to: |
Created: 2006-04-20 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-1631 |
Title: Unspecified vulnerability in the HTTP compression functionality in Cisco CSS 11500 Series Content Services switches allows remote attackers to cause a denial of service (device reload) via (1) "valid, but obsolete" or (2) "specially crafted" HTTP... |
Type: Hardware |
Bulletins:
CVE-2006-1631 SFBID17383 |
Severity: Medium |
| Description: Unspecified vulnerability in the HTTP compression functionality in Cisco CSS 11500 Series Content Services switches allows remote attackers to cause a denial of service (device reload) via (1) "valid, but obsolete" or (2) "specially crafted" HTTP requests. | ||||
| Applies to: Content Services Switch 11500 |
Created: 2006-04-05 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-0784 |
Title: D-Link DWL-G700AP with firmware 2.00 and 2.01 allows remote attackers to cause a denial of service (CAMEO HTTP service crash) via a request composed of "GET" followed by a space and two newlines, possibly triggering the crash due to missing arguments. |
Type: Hardware |
Bulletins:
CVE-2006-0784 SFBID16690 |
Severity: Medium |
| Description: D-Link DWL-G700AP with firmware 2.00 and 2.01 allows remote attackers to cause a denial of service (CAMEO HTTP service crash) via a request composed of "GET" followed by a space and two newlines, possibly triggering the crash due to missing arguments. | ||||
| Applies to: DWL-G700AP |
Created: 2006-02-19 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-0485 |
Title: The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may... |
Type: Hardware |
Bulletins:
CVE-2006-0485 SFBID16383 |
Severity: Medium |
| Description: The TCL shell in Cisco IOS 12.2(14)S before 12.2(14)S16, 12.2(18)S before 12.2(18)S11, and certain other releases before 25 January 2006 does not perform Authentication, Authorization, and Accounting (AAA) command authorization checks, which may allow local users to execute IOS EXEC commands that were prohibited via the AAA configuration, aka Bug ID CSCeh73049. | ||||
| Applies to: |
Created: 2006-01-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-0486 |
Title: Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T based trains, and 12.4 based trains reuse a Tcl Shell process across login sessions of different local users on the same terminal if the first user... |
Type: Hardware |
Bulletins:
CVE-2006-0486 |
Severity: Medium |
| Description: Certain Cisco IOS releases in 12.2S based trains with maintenance release number 25 and later, 12.3T based trains, and 12.4 based trains reuse a Tcl Shell process across login sessions of different local users on the same terminal if the first user does not use tclquit before exiting, which may cause subsequent local users to execute unintended commands or bypass AAA command authorization checks, aka Bug ID CSCef77770. | ||||
| Applies to: |
Created: 2006-01-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-0367 |
Title: Unspecified vulnerability in Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allows remote authenticated users with read-only administrative privileges to obtain full administrative... |
Type: Hardware |
Bulletins:
CVE-2006-0367 SFBID16293 |
Severity: Medium |
| Description: Unspecified vulnerability in Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allows remote authenticated users with read-only administrative privileges to obtain full administrative privileges via a "crafted URL on the CCMAdmin web page." | ||||
| Applies to: Cisco Call Manager |
Created: 2006-01-22 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-0354 |
Title: Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) allows remote authenticated users to cause a denial of service (termination of packet passing or termination of client connections) by sending the management interface a large... |
Type: Hardware |
Bulletins:
CVE-2006-0354 SFBID16217 |
Severity: Medium |
| Description: Cisco IOS before 12.3-7-JA2 on Aironet Wireless Access Points (WAP) allows remote authenticated users to cause a denial of service (termination of packet passing or termination of client connections) by sending the management interface a large number of spoofed ARP packets, which creates a large ARP table that exhausts memory, aka Bug ID CSCsc16644. | ||||
| Applies to: Cisco Aironet AP1240 Cisco Aironet Ap 1230 Cisco Aironet Ap1100 Cisco Aironet Ap1130ag Cisco Aironet Ap1200 Cisco Aironet Ap1300 Cisco Aironet Ap1400 Cisco Aironet Ap350 |
Created: 2006-01-22 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-0368 |
Title: Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allow remote attackers to (1) cause a denial of service (CPU and memory consumption) via a large number of open TCP connections to port 2000... |
Type: Hardware |
Bulletins:
CVE-2006-0368 SFBID16295 |
Severity: High |
| Description: Cisco CallManager 3.2 and earlier, 3.3 before 3.3(5)SR1, 4.0 before 4.0(2a)SR2c, and 4.1 before 4.1(3)SR2 allow remote attackers to (1) cause a denial of service (CPU and memory consumption) via a large number of open TCP connections to port 2000 and (2) cause a denial of service (fill the Windows Service Manager communication queue) via a large number of TCP connections to port 2001, 2002, or 7727. | ||||
| Applies to: Cisco Call Manager |
Created: 2006-01-22 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-0340 |
Title: Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang... |
Type: Hardware |
Bulletins:
CVE-2006-0340 SFBID16303 |
Severity: High |
| Description: Unspecified vulnerability in Stack Group Bidding Protocol (SGBP) support in Cisco IOS 12.0 through 12.4 running on various Cisco products, when SGBP is enabled, allows remote attackers on the local network to cause a denial of service (device hang and network traffic loss) via a crafted UDP packet to port 9900. | ||||
| Applies to: |
Created: 2006-01-20 |
Updated: 2024-09-07 |
||
| ID: CVE-2006-0309 |
Title: Linksys BEFVP41 VPN Router 2.0 with firmware 1.01.04 allows remote attackers on the local network, to cause a denial of service via IP packets with a null IP option length. |
Type: Hardware |
Bulletins:
CVE-2006-0309 SFBID16307 |
Severity: Medium |
| Description: Linksys BEFVP41 VPN Router 2.0 with firmware 1.01.04 allows remote attackers on the local network, to cause a denial of service via IP packets with a null IP option length. | ||||
| Applies to: BEFVP41 |
Created: 2006-01-18 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-4826 |
Title: Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(22)EA3 on Catalyst 2950T switches allows remote attackers to cause a denial of service (device reboot) via a crafted Subset-Advert message packet, a different... |
Type: Hardware |
Bulletins:
CVE-2005-4826 SFBID22268 |
Severity: Medium |
| Description: Unspecified vulnerability in the VLAN Trunking Protocol (VTP) feature in Cisco IOS 12.1(22)EA3 on Catalyst 2950T switches allows remote attackers to cause a denial of service (device reboot) via a crafted Subset-Advert message packet, a different issue than CVE-2006-4774, CVE-2006-4775, and CVE-2006-4776. | ||||
| Applies to: |
Created: 2005-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-4723 |
Title: D-Link DI-524 Wireless Router, DI-624 Wireless Router, and DI-784 allow remote attackers to cause a denial of service (device reboot) via a series of crafted fragmented UDP packets, possibly involving a missing fragment. |
Type: Hardware |
Bulletins:
CVE-2005-4723 SFBID16621 |
Severity: Medium |
| Description: D-Link DI-524 Wireless Router, DI-624 Wireless Router, and DI-784 allow remote attackers to cause a denial of service (device reboot) via a series of crafted fragmented UDP packets, possibly involving a missing fragment. | ||||
| Applies to: DI-524 DI-624 DI-784 |
Created: 2005-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-4499 |
Title: The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password,... |
Type: Hardware |
Bulletins:
CVE-2005-4499 SFBID16025 |
Severity: High |
| Description: The Downloadable RADIUS ACLs feature in Cisco PIX and VPN 3000 concentrators, when creating an ACL on the Cisco Secure Access Control Server (CS ACS), generates a random internal name for an ACL that is also used as a hidden user name and password, which allows remote attackers to gain privileges by sniffing the username from the cleartext portion of a RADIUS session, then using the password to log in to another device that uses CS ACS. | ||||
| Applies to: Cisco PIX 501 Firewall Cisco PIX 506 Firewall Cisco PIX 515 Firewall Cisco PIX 515E Firewall Cisco PIX 520 Firewall Cisco PIX 525 Firewall Cisco PIX 535 Firewall |
Created: 2005-12-22 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-4258 |
Title: Unspecified Cisco Catalyst Switches allow remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD). NOTE: the provenance of this issue is... |
Type: Hardware |
Bulletins:
CVE-2005-4258 |
Severity: High |
| Description: Unspecified Cisco Catalyst Switches allow remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LanD). NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID. | ||||
| Applies to: Cisco Catalyst 2926 Switch Cisco Catalyst 2970... Cisco Catalyst 4000 Series Switches Cisco Catalyst 4506 Switch Cisco Catalyst 4507R Switch Cisco Catalyst 4900 Series Switches Cisco Catalyst 4908G-L3 Switch Cisco Catalyst 6500 Series Switches |
Created: 2005-12-15 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-4257 |
Title: Linksys WRT54GS and BEFW11S4 allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LAND). NOTE: the provenance of this issue is... |
Type: Hardware |
Bulletins:
CVE-2005-4257 SFBID15861 |
Severity: High |
| Description: Linksys WRT54GS and BEFW11S4 allows remote attackers to cause a denial of service (device crash) via an IP packet with the same source and destination IPs and ports, and with the SYN flag set (aka LAND). NOTE: the provenance of this issue is unknown; the details are obtained solely from the BID. | ||||
| Applies to: BEFW11S4 befw11s4 v3 befw11s4 v4 wrt54gs |
Created: 2005-12-15 |
Updated: 2024-09-07 |
||
| ID: MITRE:1231 |
Title: WinXP,SP2 DirectShow Malicious avi File Vulnerability |
Type: Software |
Bulletins:
MITRE:1231 CVE-2005-2128 |
Severity: Medium |
| Description: QUARTZ.DLL in Microsoft Windows Media Player 9 allows remote attackers to write a null byte to arbitrary memory via an AVI file with a crafted strn element with a modified length value. | ||||
| Applies to: DirectX |
Created: 2005-12-01 |
Updated: 2024-09-07 |
||
| ID: MITRE:1434 |
Title: WinXP,SP1 DirectShow Malicious avi File Vulnerability |
Type: Software |
Bulletins:
MITRE:1434 CVE-2005-2128 |
Severity: Medium |
| Description: QUARTZ.DLL in Microsoft Windows Media Player 9 allows remote attackers to write a null byte to arbitrary memory via an AVI file with a crafted strn element with a modified length value. | ||||
| Applies to: DirectX |
Created: 2005-12-01 |
Updated: 2024-09-07 |
||
| ID: MITRE:1267 |
Title: Win2k,SP4 DirectShow Malicious avi File Vulnerability |
Type: Software |
Bulletins:
MITRE:1267 CVE-2005-2128 |
Severity: Medium |
| Description: QUARTZ.DLL in Microsoft Windows Media Player 9 allows remote attackers to write a null byte to arbitrary memory via an AVI file with a crafted strn element with a modified length value. | ||||
| Applies to: DirectX |
Created: 2005-12-01 |
Updated: 2024-09-07 |
||
| ID: MITRE:1149 |
Title: Server 2003,SP1 DirectShow Malicious avi File Vulnerability |
Type: Software |
Bulletins:
MITRE:1149 CVE-2005-2128 |
Severity: Medium |
| Description: QUARTZ.DLL in Microsoft Windows Media Player 9 allows remote attackers to write a null byte to arbitrary memory via an AVI file with a crafted strn element with a modified length value. | ||||
| Applies to: DirectX |
Created: 2005-12-01 |
Updated: 2024-09-07 |
||
| ID: MITRE:1424 |
Title: Server 2003 DirectShow Malicious avi File Vulnerability |
Type: Software |
Bulletins:
MITRE:1424 CVE-2005-2128 |
Severity: Medium |
| Description: QUARTZ.DLL in Microsoft Windows Media Player 9 allows remote attackers to write a null byte to arbitrary memory via an AVI file with a crafted strn element with a modified length value. | ||||
| Applies to: DirectX |
Created: 2005-12-01 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-3921 |
Title: Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote attackers to inject arbitrary web script or HTML by (1) packets containing HTML that an administrator views via an HTTP interface to the contents of... |
Type: Hardware |
Bulletins:
CVE-2005-3921 SFBID15602 |
Severity: Low |
| Description: Cross-site scripting (XSS) vulnerability in Cisco IOS Web Server for IOS 12.0(2a) allows remote attackers to inject arbitrary web script or HTML by (1) packets containing HTML that an administrator views via an HTTP interface to the contents of memory buffers, as demonstrated by the URI /level/15/exec/-/buffers/assigned/dump; or (2) sending the router Cisco Discovery Protocol (CDP) packets with HTML payload that an administrator views via the CDP status pages. NOTE: these vectors were originally reported as being associated with the dump and packet options in /level/15/exec/-/show/buffers. | ||||
| Applies to: |
Created: 2005-11-30 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-3774 |
Title: Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system,... |
Type: Hardware |
Bulletins:
CVE-2005-3774 SFBID15525 |
Severity: Medium |
| Description: Cisco PIX 6.3 and 7.0 allows remote attackers to cause a denial of service (blocked new connections) via spoofed TCP packets that cause the PIX to create embryonic connections that that would not produce a valid connection with the end system, including (1) SYN packets with invalid checksums, which do not result in a RST; or, from an external interface, (2) one byte of "meaningless data," or (3) a TTL that is one less than needed to reach the internal destination. | ||||
| Applies to: |
Created: 2005-11-22 |
Updated: 2024-09-07 |
||
| ID: CVE-2003-1267 |
Title: GuildFTPd FTP Server Can Be Crashed By Remote Users Requesting DOS Device Names |
Type: FTP |
Bulletins:
CVE-2003-1267 |
Severity: Medium |
| Description: GuildFTPd FTP Server is prone to a vulnerability, where a remote authenticated user or an anonymous user can cause the FTP service to crash, when the user requests a file with a DOS device name. This will lead to a denial of service condition. There is still no solution for such a vulnerability at this point in time. | ||||
| Applies to: GuildFTPd |
Created: 2005-11-16 |
Updated: 2024-09-07 |
||
| ID: MITRE:100110 |
Title: Apache Listening Socket Starvation Vulnerability |
Type: Web |
Bulletins:
MITRE:100110 CVE-2004-0174 |
Severity: Medium |
| Description: Apache 1.4.x before 1.3.30, and 2.0.x before 2.0.49, when using multiple listening sockets on certain platforms, allows remote attackers to cause a denial of service (blocked new connections) via a "short-lived connection on a rarely-accessed listening socket." | ||||
| Applies to: Apache |
Created: 2005-11-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-3481 |
Title: Cisco IOS 12.0 to 12.4 might allow remote attackers to execute arbitrary code via a heap-based buffer overflow in system timers. NOTE: this issue does not correspond to a specific vulnerability, rather a general weakness that only increases the... |
Type: Hardware |
Bulletins:
CVE-2005-3481 SFBID15275 |
Severity: High |
| Description: Cisco IOS 12.0 to 12.4 might allow remote attackers to execute arbitrary code via a heap-based buffer overflow in system timers. NOTE: this issue does not correspond to a specific vulnerability, rather a general weakness that only increases the feasibility of exploitation of any vulnerabilities that might exist. Such design-level weaknesses normally are not included in CVE, so perhaps this issue should be REJECTed. | ||||
| Applies to: |
Created: 2005-11-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-3482 |
Title: Cisco 1200, 1131, and 1240 series Access Points, when operating in Lightweight Access Point Protocol (LWAPP) mode and controlled by 2000 and 4400 series Airespace WLAN controllers running 3.1.59.24, allow remote attackers to send unencrypted traffic... |
Type: Hardware |
Bulletins:
CVE-2005-3482 SFBID15272 |
Severity: Medium |
| Description: Cisco 1200, 1131, and 1240 series Access Points, when operating in Lightweight Access Point Protocol (LWAPP) mode and controlled by 2000 and 4400 series Airespace WLAN controllers running 3.1.59.24, allow remote attackers to send unencrypted traffic to a secure network using frames with the MAC address of an authenticated end host. | ||||
| Applies to: Cisco Aironet 1131 Cisco Aironet Ap1200 Cisco Aironet Ap1240 |
Created: 2005-11-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-3426 |
Title: Cisco CSS 11500 Content Services Switch (CSS) with SSL termination services allows remote attackers to cause a denial of service (memory corruption and device reload) via a malformed client certificate during SSL session negotiation. |
Type: Hardware |
Bulletins:
CVE-2005-3426 SFBID15144 |
Severity: Medium |
| Description: Cisco CSS 11500 Content Services Switch (CSS) with SSL termination services allows remote attackers to cause a denial of service (memory corruption and device reload) via a malformed client certificate during SSL session negotiation. | ||||
| Applies to: Content Services Switch 11500 |
Created: 2005-11-01 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-2973 |
Title: Linux Kernel version prior to 2.6.14-rc5 |
Type: Miscellaneous |
Bulletins:
CVE-2005-2973 SFBID15156 |
Severity: Low |
| Description: The Linux kernel is prone to a vulnerability in version 2.6.13.4. This is due to an infinite loop error in the udp_v6_get_port() function in net/ipv6/udp.c, which can cause a denial of service. Since there is no workarounds to this vulnerability, one should upgrade to version 2.6.14-rec5 or higher. | ||||
| Applies to: Kernel |
Created: 2005-10-20 |
Updated: 2024-09-07 |
||
| ID: MITRE:989 |
Title: Microsoft Outlook Express 6,SP1 News Reading Vulnerability |
Type: |
Bulletins:
MITRE:989 CVE-2005-1213 |
Severity: High |
| Description: Stack-based buffer overflow in the news reader for Microsoft Outlook Express (MSOE.DLL) 5.5 SP2, 6, and 6 SP1 allows remote malicious NNTP servers to execute arbitrary code via a LIST response with a long second field. | ||||
| Applies to: Microsoft Outlook Express |
Created: 2005-10-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-2799 |
Title: Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request. |
Type: Hardware |
Bulletins:
CVE-2005-2799 |
Severity: High |
| Description: Buffer overflow in apply.cgi in Linksys WRT54G 3.01.03, 3.03.6, and possibly other versions before 4.20.7, allows remote attackers to execute arbitrary code via a long HTTP POST request. | ||||
| Applies to: wrt54g |
Created: 2005-09-15 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-2912 |
Title: Linksys WRT54G router allows remote attackers to cause a denial of service (CPU consumption and server hang) via an HTTP POST request with a negative Content-Length value. |
Type: Hardware |
Bulletins:
CVE-2005-2912 |
Severity: Medium |
| Description: Linksys WRT54G router allows remote attackers to cause a denial of service (CPU consumption and server hang) via an HTTP POST request with a negative Content-Length value. | ||||
| Applies to: wrt54g |
Created: 2005-09-14 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-2916 |
Title: Linksys WRT54G 3.01.03, 3.03.6, 4.00.7, and possibly other versions before 4.20.7, does not verify user authentication until after an HTTP POST request has been processed, which allows remote attackers to (1) modify configuration using restore.cgi... |
Type: Hardware |
Bulletins:
CVE-2005-2916 |
Severity: Medium |
| Description: Linksys WRT54G 3.01.03, 3.03.6, 4.00.7, and possibly other versions before 4.20.7, does not verify user authentication until after an HTTP POST request has been processed, which allows remote attackers to (1) modify configuration using restore.cgi or (2) upload new firmware using upgrade.cgi. | ||||
| Applies to: wrt54g |
Created: 2005-09-14 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-2915 |
Title: ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, uses weak encryption (XOR encoding with a fixed byte mask) for configuration information, which could allow attackers to... |
Type: Hardware |
Bulletins:
CVE-2005-2915 |
Severity: Medium |
| Description: ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, uses weak encryption (XOR encoding with a fixed byte mask) for configuration information, which could allow attackers to decrypt the information and possibly re-encrypt it in conjunction with CVE-2005-2914. | ||||
| Applies to: wrt54g |
Created: 2005-09-14 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-2914 |
Title: ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, does not use an authentication initialization function, which allows remote attackers to obtain encrypted configuration... |
Type: Hardware |
Bulletins:
CVE-2005-2914 |
Severity: High |
| Description: ezconfig.asp in Linksys WRT54G router 3.01.03, 3.03.6, non-default configurations of 2.04.4, and possibly other versions, does not use an authentication initialization function, which allows remote attackers to obtain encrypted configuration information and, if the key is known, modify the configuration. | ||||
| Applies to: wrt54g |
Created: 2005-09-14 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-2841 |
Title: Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet Sessions for Cisco IOS 12.2ZH and 12.2ZL, 12.3 and 12.3T, and 12.4 and 12.4T allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted... |
Type: Hardware |
Bulletins:
CVE-2005-2841 |
Severity: High |
| Description: Buffer overflow in Firewall Authentication Proxy for FTP and/or Telnet Sessions for Cisco IOS 12.2ZH and 12.2ZL, 12.3 and 12.3T, and 12.4 and 12.4T allows remote attackers to cause a denial of service and possibly execute arbitrary code via crafted user authentication credentials. | ||||
| Applies to: |
Created: 2005-09-08 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-2640 |
Title: Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which... |
Type: Hardware |
Bulletins:
CVE-2005-2640 SFBID14595 |
Severity: Medium |
| Description: Behavioral discrepancy information leak in Juniper Netscreen VPN running ScreenOS 5.2.0 and earlier, when using IKE with pre-shared key authentication, allows remote attackers to enumerate valid usernames via an IKE Aggressive Mode packet, which generates a response if the username is valid but does not respond when the username is invalid. | ||||
| Applies to: NScreen5GT |
Created: 2005-08-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-2589 |
Title: Unknown vulnerability in Linksys WRT54GS wireless router with firmware 4.50.6, with WPA Personal/TKIP authentication enabled, allows remote clients to bypass authentication by connecting without using encryption. |
Type: Hardware |
Bulletins:
CVE-2005-2589 SFBID14566 |
Severity: High |
| Description: Unknown vulnerability in Linksys WRT54GS wireless router with firmware 4.50.6, with WPA Personal/TKIP authentication enabled, allows remote clients to bypass authentication by connecting without using encryption. | ||||
| Applies to: wrt54gs |
Created: 2005-08-17 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-2434 |
Title: Linksys WRT54G router uses the same private key and certificate for every router, which allows remote attackers to sniff the SSL connection and obtain sensitive information. |
Type: Hardware |
Bulletins:
CVE-2005-2434 SFBID14407 |
Severity: Medium |
| Description: Linksys WRT54G router uses the same private key and certificate for every router, which allows remote attackers to sniff the SSL connection and obtain sensitive information. | ||||
| Applies to: wrt54g |
Created: 2005-08-03 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-2451 |
Title: Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled, allows remote attackers on a local network segment to cause a denial of service (device reload) and possibly execute arbitrary code via a crafted IPv6 packet. |
Type: Hardware |
Bulletins:
CVE-2005-2451 SFBID14414 |
Severity: Low |
| Description: Cisco IOS 12.0 through 12.4 and IOS XR before 3.2, with IPv6 enabled, allows remote attackers on a local network segment to cause a denial of service (device reload) and possibly execute arbitrary code via a crafted IPv6 packet. | ||||
| Applies to: |
Created: 2005-08-03 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-2244 |
Title: The aupair service (aupair.exe) in Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 allows remote attackers to execute arbitrary code or corrupt memory via crafted packets that trigger... |
Type: Hardware |
Bulletins:
CVE-2005-2244 SFBID14255 |
Severity: Medium |
| Description: The aupair service (aupair.exe) in Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 allows remote attackers to execute arbitrary code or corrupt memory via crafted packets that trigger a memory allocation failure and lead to a buffer overflow. | ||||
| Applies to: Cisco Call Manager |
Created: 2005-07-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-2243 |
Title: Memory leak in inetinfo.exe in Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1, when Multi Level Admin (MLA) is enabled, allows remote attackers to cause a denial of service (memory... |
Type: Hardware |
Bulletins:
CVE-2005-2243 SFBID14253 |
Severity: Medium |
| Description: Memory leak in inetinfo.exe in Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1, when Multi Level Admin (MLA) is enabled, allows remote attackers to cause a denial of service (memory consumption) via a large number of Admin Service Tool (AST) logins that fail. | ||||
| Applies to: Cisco Call Manager |
Created: 2005-07-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-2241 |
Title: Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 does not quickly time out Realtime Information Server Data Collection (RISDC) sockets, which results in a "resource leak" that allows... |
Type: Hardware |
Bulletins:
CVE-2005-2241 SFBID14250 |
Severity: Medium |
| Description: Cisco CallManager (CCM) 3.2 and earlier, 3.3 before 3.3(5), 4.0 before 4.0(2a)SR2b, and 4.1 4.1 before 4.1(3)SR1 does not quickly time out Realtime Information Server Data Collection (RISDC) sockets, which results in a "resource leak" that allows remote attackers to cause a denial of service (memory and connection consumption) in RisDC.exe. | ||||
| Applies to: Cisco Call Manager |
Created: 2005-07-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-2105 |
Title: Cisco IOS 12.2T through 12.4 allows remote attackers to bypass Authentication, Authorization, and Accounting (AAA) RADIUS authentication, if the fallback method is set to none, via a long username. |
Type: Hardware |
Bulletins:
CVE-2005-2105 |
Severity: High |
| Description: Cisco IOS 12.2T through 12.4 allows remote attackers to bypass Authentication, Authorization, and Accounting (AAA) RADIUS authentication, if the fallback method is set to none, via a long username. | ||||
| Applies to: |
Created: 2005-07-05 |
Updated: 2024-09-07 |
||
| ID: MITRE:3556 |
Title: Microsoft .NET Framework v1.1 Security Bypass |
Type: Miscellaneous |
Bulletins:
MITRE:3556 CVE-2004-0847 |
Severity: High |
| Description: The Microsoft .NET forms authentication capability for ASP.NET allows remote attackers to bypass authentication for .aspx files in restricted directories via a request containing a (1) "\" (backslash) or (2) "%5C" (encoded backslash), aka "Path Validation Vulnerability." | ||||
| Applies to: Microsoft .NET Framework |
Created: 2005-06-01 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-1802 |
Title: Nortel VPN Router (aka Contivity) allows remote attackers to cause a denial of service (crash) via an IPsec IKE packet with a malformed ISAKMP header. |
Type: Hardware |
Bulletins:
CVE-2005-1802 SFBID13792 |
Severity: Medium |
| Description: Nortel VPN Router (aka Contivity) allows remote attackers to cause a denial of service (crash) via an IPsec IKE packet with a malformed ISAKMP header. | ||||
| Applies to: ... Contivity 1740 VPN Router Contivity1000 Contivity1010 Contivity1050 Contivity1100 Contivity15xx Contivity1600 Contivity1700 Contivity2000 Contivity2500 Contivity2600 Contivity2700 Contivity4000 Contivity4500 Contivity4600 |
Created: 2005-05-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-1828 |
Title: D-Link DSL-504T stores usernames and passwords in cleartext in the router configuration file, which allows remote attackers to obtain sensitive information. |
Type: Hardware |
Bulletins:
CVE-2005-1828 |
Severity: High |
| Description: D-Link DSL-504T stores usernames and passwords in cleartext in the router configuration file, which allows remote attackers to obtain sensitive information. | ||||
| Applies to: DSL-504T |
Created: 2005-05-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-1827 |
Title: D-Link DSL-504T allows remote attackers to bypass authentication and gain privileges, such as upgrade firmware, restart the router or restore a saved configuration, via a direct request to firmwarecfg. |
Type: Hardware |
Bulletins:
CVE-2005-1827 SFBID13679 |
Severity: High |
| Description: D-Link DSL-504T allows remote attackers to bypass authentication and gain privileges, such as upgrade firmware, restart the router or restore a saved configuration, via a direct request to firmwarecfg. | ||||
| Applies to: DSL-504T |
Created: 2005-05-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-1680 |
Title: D-Link DSL-502T, DSL-504T, DSL-562T, and DSL-G604T, when /cgi-bin/firmwarecfg is executed, allows remote attackers to bypass authentication (1) if their IP address already exists in /var/tmp/fw_ip or (2) if their request is the first, which causes... |
Type: Hardware |
Bulletins:
CVE-2005-1680 |
Severity: High |
| Description: D-Link DSL-502T, DSL-504T, DSL-562T, and DSL-G604T, when /cgi-bin/firmwarecfg is executed, allows remote attackers to bypass authentication (1) if their IP address already exists in /var/tmp/fw_ip or (2) if their request is the first, which causes /var/tmp/fw_ip to be created and contain their IP address. | ||||
| Applies to: DSL-502T DSL-504T DSL-562T DSL-G604T |
Created: 2005-05-20 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-1133 |
Title: The POP3 server in IBM iSeries AS/400 returns different error messages when the user exists or not, which allows remote attackers to determine valid user IDs on the server. |
Type: Hardware |
Bulletins:
CVE-2005-1133 SFBID13156 |
Severity: Medium |
| Description: The POP3 server in IBM iSeries AS/400 returns different error messages when the user exists or not, which allows remote attackers to determine valid user IDs on the server. | ||||
| Applies to: IBM OS/400 V4R4M0 |
Created: 2005-05-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-1025 |
Title: The FTP server in AS/400 4.3, when running in IFS mode, allows remote attackers to obtain sensitive information via a symlink attack using RCMD and the ADDLNK utility, as demonstrated using the QSYS.LIB library. |
Type: Hardware |
Bulletins:
CVE-2005-1025 |
Severity: Medium |
| Description: The FTP server in AS/400 4.3, when running in IFS mode, allows remote attackers to obtain sensitive information via a symlink attack using RCMD and the ADDLNK utility, as demonstrated using the QSYS.LIB library. | ||||
| Applies to: IBM OS/400 V4R4M0 |
Created: 2005-05-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-1020 |
Title: Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of service (device reload) (1) via a username that contains a domain name when using a TACACS+ server to authenticate, (2) when a new SSH session is in the... |
Type: Hardware |
Bulletins:
CVE-2005-1020 SFBID13043 |
Severity: High |
| Description: Secure Shell (SSH) 2 in Cisco IOS 12.0 through 12.3 allows remote attackers to cause a denial of service (device reload) (1) via a username that contains a domain name when using a TACACS+ server to authenticate, (2) when a new SSH session is in the login phase and a currently logged in user issues a send command, or (3) when IOS is logging messages and an SSH session is terminated while the server is sending data. | ||||
| Applies to: |
Created: 2005-05-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-1006 |
Title: Multiple cross-site scripting (XSS) vulnerabilities in SonicWALL SOHO 5.1.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the URL or (2) the user login name, which is not filtered when the administrator views the log file. |
Type: Hardware |
Bulletins:
CVE-2005-1006 SFBID12984 |
Severity: Medium |
| Description: Multiple cross-site scripting (XSS) vulnerabilities in SonicWALL SOHO 5.1.7.0 allow remote attackers to inject arbitrary web script or HTML via (1) the URL or (2) the user login name, which is not filtered when the administrator views the log file. | ||||
| Applies to: SonicWall Firewall SoHo |
Created: 2005-05-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-1021 |
Title: Memory leak in Secure Shell (SSH) in Cisco IOS 12.0 through 12.3, when authenticating against a TACACS+ server, allows remote attackers to cause a denial of service (memory consumption) via an incorrect username or password. |
Type: Hardware |
Bulletins:
CVE-2005-1021 SFBID13042 |
Severity: High |
| Description: Memory leak in Secure Shell (SSH) in Cisco IOS 12.0 through 12.3, when authenticating against a TACACS+ server, allows remote attackers to cause a denial of service (memory consumption) via an incorrect username or password. | ||||
| Applies to: |
Created: 2005-05-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-1059 |
Title: Linksys WET11 1.5.4 allows remote attackers to change the password without providing the original password via the data parameter to changepw.html. |
Type: Hardware |
Bulletins:
CVE-2005-1059 SFBID13051 |
Severity: Low |
| Description: Linksys WET11 1.5.4 allows remote attackers to change the password without providing the original password via the data parameter to changepw.html. | ||||
| Applies to: wet11 |
Created: 2005-05-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-1057 |
Title: Cisco IOS 12.2T, 12.3 and 12.3T, when using Easy VPN Server XAUTH version 6 authentication, allows remote attackers to bypass authentication via a "malformed packet." |
Type: Hardware |
Bulletins:
CVE-2005-1057 |
Severity: High |
| Description: Cisco IOS 12.2T, 12.3 and 12.3T, when using Easy VPN Server XAUTH version 6 authentication, allows remote attackers to bypass authentication via a "malformed packet." | ||||
| Applies to: |
Created: 2005-05-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-1058 |
Title: Cisco IOS 12.2T, 12.3 and 12.3T, when processing an ISAKMP profile that specifies XAUTH authentication after Phase 1 negotiation, may not process certain attributes in the ISAKMP profile that specifies XAUTH, which allows remote attackers to bypass... |
Type: Hardware |
Bulletins:
CVE-2005-1058 |
Severity: High |
| Description: Cisco IOS 12.2T, 12.3 and 12.3T, when processing an ISAKMP profile that specifies XAUTH authentication after Phase 1 negotiation, may not process certain attributes in the ISAKMP profile that specifies XAUTH, which allows remote attackers to bypass XAUTH and move to Phase 2 negotiations. | ||||
| Applies to: |
Created: 2005-05-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-0197 |
Title: Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Label Switching (MPLS) installed but disabled, allows remote attackers to cause a denial of service (device reload) via a crafted packet sent to the disabled interface. |
Type: Hardware |
Bulletins:
CVE-2005-0197 SFBID12369 |
Severity: Medium |
| Description: Cisco IOS 12.1T, 12.2, 12.2T, 12.3 and 12.3T, with Multi Protocol Label Switching (MPLS) installed but disabled, allows remote attackers to cause a denial of service (device reload) via a crafted packet sent to the disabled interface. | ||||
| Applies to: |
Created: 2005-05-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-0195 |
Title: Cisco IOS 12.0S through 12.3YH allows remote attackers to cause a denial of service (device restart) via a crafted IPv6 packet. |
Type: Hardware |
Bulletins:
CVE-2005-0195 |
Severity: Medium |
| Description: Cisco IOS 12.0S through 12.3YH allows remote attackers to cause a denial of service (device restart) via a crafted IPv6 packet. | ||||
| Applies to: |
Created: 2005-05-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-0196 |
Title: Cisco IOS 12.0 through 12.3YL, with BGP enabled and running the bgp log-neighbor-changes command, allows remote attackers to cause a denial of service (device reload) via a malformed BGP packet. |
Type: Hardware |
Bulletins:
CVE-2005-0196 |
Severity: Medium |
| Description: Cisco IOS 12.0 through 12.3YL, with BGP enabled and running the bgp log-neighbor-changes command, allows remote attackers to cause a denial of service (device reload) via a malformed BGP packet. | ||||
| Applies to: |
Created: 2005-05-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-1238 |
Title: By design, the built-in FTP server for iSeries AS/400 systems does not support a restricted document root, which allows attackers to read or write arbitrary files, including sensitive QSYS databases, via a full pathname in a GET or PUT request. |
Type: Hardware |
Bulletins:
CVE-2005-1238 |
Severity: High |
| Description: By design, the built-in FTP server for iSeries AS/400 systems does not support a restricted document root, which allows attackers to read or write arbitrary files, including sensitive QSYS databases, via a full pathname in a GET or PUT request. | ||||
| Applies to: IBM OS/400 V4R4M0 |
Created: 2005-05-02 |
Updated: 2024-09-07 |
||
| ID: REF000254 |
Title: Possible Rootkit Detected : Hidden Processes |
Type: Rootkit |
Bulletins: | Severity: High |
| Description: This script identifies processes running hidden from conventional process listing tools. For more information, visit: http://www.cert-in.org.in/training/29thmarch05/rootkits.pdf | ||||
| Applies to: |
Created: 2005-03-29 |
Updated: 2010-08-21 |
||
| ID: REF000255 |
Title: Possible Rootkit Detected : Hidden Processes |
Type: Rootkit |
Bulletins: | Severity: High |
| Description: This script identifies processes running hidden from conventional process listing tools. For more information, visit: http://www.cert-in.org.in/training/29thmarch05/rootkits.pdf | ||||
| Applies to: |
Created: 2005-03-29 |
Updated: 2010-08-21 |
||
| ID: REF000257 |
Title: Possible Rootkit Detected : Altered system call table detected |
Type: Rootkit |
Bulletins: | Severity: High |
| Description: Check Requirements: (1) ‘expect’ and ‘gdb’ application packages to be installed on the target machine for the check to work. (2) A copy of an uncompressed version of the kernel (file name starts with vmlinux*) in either the /boot/ directory OR the home directory of the user used for scanning. NOTE: If more than one vmlinux* is available, the first file found will be used. To customize which file to search for you can edit the script named ‘kernelscan.sh’ and ‘procscan.sh’ and follow the instructions specified there to indicate an alternative kernel file name/location. The script will use ‘gdb’ to extract the current system call table from the running kernel and compare it to the system call table contained in the kernel copy in the /boot/ location (or home). For more information, visit: http://www.cert-in.org.in/training/29thmarch05/rootkits.pdf | ||||
| Applies to: |
Created: 2005-03-29 |
Updated: 2010-08-21 |
||
| ID: REF000253 |
Title: Possible Rootkit Detected : Altered system call functions code |
Type: Rootkit |
Bulletins: | Severity: High |
| Description: Rootkit Detection: System call functions, code analysisCheck Requirements: (1) ‘expect’ and ‘gdb’ application packages to be installed on the target machine for the check to work. (2) A copy of an uncompressed version of the kernel (file name starts with vmlinux*) in either the /boot/ directory OR the home directory of the user used for scanning. NOTE: If more than one vmlinux* is available, the first file found will be used. To customize which file to search for you can edit the script named ‘kernelscan.sh’ and ‘procscan.sh’ and follow the instructions specified there to indicate an alternative kernel file name/location. The script will use ‘gdb’ to decompile the current syscall functions in memory and compare them with the code of the same function in the available kernel copy on the harddisk in the /boot/ location (or home). If the script finds that the code in these two versions differs, the vulnerability will trigger. For more information, visit: http://www.cert-in.org.in/training/29thmarch05/rootkits.pdf | ||||
| Applies to: |
Created: 2005-03-29 |
Updated: 2010-08-21 |
||
| ID: CVE-2005-0186 |
Title: Cisco IOS 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the IOS Telephony Service (ITS), CallManager Express (CME) or Survivable Remote Site Telephony (SRST), allows remote attackers to cause a denial of service (device reboot) via a malformed... |
Type: Hardware |
Bulletins:
CVE-2005-0186 |
Severity: Medium |
| Description: Cisco IOS 12.1YD, 12.2T, 12.3 and 12.3T, when configured for the IOS Telephony Service (ITS), CallManager Express (CME) or Survivable Remote Site Telephony (SRST), allows remote attackers to cause a denial of service (device reboot) via a malformed packet to the SCCP port. | ||||
| Applies to: |
Created: 2005-01-19 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-0290 |
Title: NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to bypass the filters using hex encoded URLs, as demonstrated using a hex encoded file extension. |
Type: Hardware |
Bulletins:
CVE-2005-0290 SFBID12278 |
Severity: High |
| Description: NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to bypass the filters using hex encoded URLs, as demonstrated using a hex encoded file extension. | ||||
| Applies to: FVS318v3 Firewall |
Created: 2005-01-17 |
Updated: 2024-09-07 |
||
| ID: CVE-2005-0291 |
Title: Cross-site scripting (XSS) vulnerability in the log viewer in NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via a blocked URL phrase. |
Type: Hardware |
Bulletins:
CVE-2005-0291 SFBID12278 |
Severity: Medium |
| Description: Cross-site scripting (XSS) vulnerability in the log viewer in NETGEAR FVS318 running firmware 2.4, and possibly other versions, allows remote attackers to inject arbitrary web script or HTML via a blocked URL phrase. | ||||
| Applies to: FVS318v3 Firewall |
Created: 2005-01-17 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-2691 |
Title: Unspecified vulnerability in 3Com SuperStack 3 4400 switches with firmware version before 3.31 allows remote attackers to cause a denial of service (device reset) via a crafted request to the web management interface. NOTE: the provenance of this... |
Type: Hardware |
Bulletins:
CVE-2004-2691 |
Severity: High |
| Description: Unspecified vulnerability in 3Com SuperStack 3 4400 switches with firmware version before 3.31 allows remote attackers to cause a denial of service (device reset) via a crafted request to the web management interface. NOTE: the provenance of this information is unknown; details are obtained from third party reports. | ||||
| Applies to: 3Com SS3-4400-24PWR |
Created: 2004-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-1446 |
Title: Unknown vulnerability in ScreenOS in Juniper Networks NetScreen firewall 3.x through 5.x allows remote attackers to cause a denial of service (device reboot or hang) via a crafted SSH v1 packet. |
Type: Hardware |
Bulletins:
CVE-2004-1446 SFBID10854 |
Severity: Medium |
| Description: Unknown vulnerability in ScreenOS in Juniper Networks NetScreen firewall 3.x through 5.x allows remote attackers to cause a denial of service (device reboot or hang) via a crafted SSH v1 packet. | ||||
| Applies to: |
Created: 2004-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-2606 |
Title: The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with the firewall disabled, allows remote attackers to attempt to login to an administration web page, even when the configuration specifies that remote administration is disabled. |
Type: Hardware |
Bulletins:
CVE-2004-2606 SFBID10441 |
Severity: High |
| Description: The Web interface in Linksys WRT54G 2.02.7 and BEFSR41 version 3, with the firewall disabled, allows remote attackers to attempt to login to an administration web page, even when the configuration specifies that remote administration is disabled. | ||||
| Applies to: befsr41 v3 wrt54g |
Created: 2004-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-2556 |
Title: NetGear WG602 (aka WG602v1) Wireless Access Point firmware 1.04.0 and 1.5.67 has a hardcoded account of username "super" and password "5777364", which allows remote attackers to modify the configuration. |
Type: Hardware |
Bulletins:
CVE-2004-2556 SFBID10459 |
Severity: Medium |
| Description: NetGear WG602 (aka WG602v1) Wireless Access Point firmware 1.04.0 and 1.5.67 has a hardcoded account of username "super" and password "5777364", which allows remote attackers to modify the configuration. | ||||
| Applies to: Netgear Wireless AP WG602 |
Created: 2004-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-2557 |
Title: NetGear WG602 (aka WG602v1) Wireless Access Point 1.7.14 has a hardcoded account of username "superman" and password "21241036", which allows remote attackers to modify the configuration. |
Type: Hardware |
Bulletins:
CVE-2004-2557 SFBID10459 |
Severity: Medium |
| Description: NetGear WG602 (aka WG602v1) Wireless Access Point 1.7.14 has a hardcoded account of username "superman" and password "21241036", which allows remote attackers to modify the configuration. | ||||
| Applies to: Netgear Wireless AP WG602 |
Created: 2004-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-0467 |
Title: Juniper JUNOS 5.x through JUNOS 7.x allows remote attackers to cause a denial of service (routing disabled) via a large number of MPLS packets, which are not filtered or verified before being sent to the Routing Engine, which reduces the speed at... |
Type: Hardware |
Bulletins:
CVE-2004-0467 SFBID12379 |
Severity: Medium |
| Description: Juniper JUNOS 5.x through JUNOS 7.x allows remote attackers to cause a denial of service (routing disabled) via a large number of MPLS packets, which are not filtered or verified before being sent to the Routing Engine, which reduces the speed at which other packets are processed. | ||||
| Applies to: |
Created: 2004-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-2508 |
Title: Cross-site scripting (XSS) vulnerability in main.cgi in Linksys WVC11B Wireless-B Internet Video Camera allows remote attackers to inject arbitrary web script or HTML via the next_file parameter. |
Type: Hardware |
Bulletins:
CVE-2004-2508 SFBID10533 |
Severity: Medium |
| Description: Cross-site scripting (XSS) vulnerability in main.cgi in Linksys WVC11B Wireless-B Internet Video Camera allows remote attackers to inject arbitrary web script or HTML via the next_file parameter. | ||||
| Applies to: wvc11b |
Created: 2004-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-1775 |
Title: Cisco VACM (View-based Access Control MIB) for Catalyst Operating Software (CatOS) 5.5 and 6.1 and IOS 12.0 and 12.1 allows remote attackers to read and modify device configuration via the read-write community string. |
Type: Hardware |
Bulletins:
CVE-2004-1775 SFBID5030 |
Severity: Medium |
| Description: Cisco VACM (View-based Access Control MIB) for Catalyst Operating Software (CatOS) 5.5 and 6.1 and IOS 12.0 and 12.1 allows remote attackers to read and modify device configuration via the read-write community string. | ||||
| Applies to: |
Created: 2004-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-1464 |
Title: Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port. |
Type: Hardware |
Bulletins:
CVE-2004-1464 SFBID11060 |
Severity: Medium |
| Description: Cisco IOS 12.2(15) and earlier allows remote attackers to cause a denial of service (refused VTY (virtual terminal) connections), via a crafted TCP connection to the Telnet or reverse Telnet port. | ||||
| Applies to: |
Created: 2004-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-1454 |
Title: Cisco IOS 12.0S, 12.2, and 12.3, with Open Shortest Path First (OSPF) enabled, allows remote attackers to cause a denial of service (device reload) via a malformed OSPF packet. |
Type: Hardware |
Bulletins:
CVE-2004-1454 SFBID10971 |
Severity: Medium |
| Description: Cisco IOS 12.0S, 12.2, and 12.3, with Open Shortest Path First (OSPF) enabled, allows remote attackers to cause a denial of service (device reload) via a malformed OSPF packet. | ||||
| Applies to: |
Created: 2004-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-2377 |
Title: Alcatel OmniSwitch 7000 and 7800 allows remote attackers to cause a denial of service (reboot) via certain network scans, as demonstrated using a Nessus port scan of ports 1 through 1024 with safe-checks disabled. |
Type: Hardware |
Bulletins:
CVE-2004-2377 SFBID9745 |
Severity: Medium |
| Description: Alcatel OmniSwitch 7000 and 7800 allows remote attackers to cause a denial of service (reboot) via certain network scans, as demonstrated using a Nessus port scan of ports 1 through 1024 with safe-checks disabled. | ||||
| Applies to: OmniSwitch 7800 |
Created: 2004-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-2507 |
Title: Absolute path traversal vulnerability in main.cgi in Linksys WVC11B Wireless-B Internet Video Camera allows remote attackers to read arbitrary files via an absolute pathname in the next_file parameter. |
Type: Hardware |
Bulletins:
CVE-2004-2507 SFBID10476 |
Severity: Medium |
| Description: Absolute path traversal vulnerability in main.cgi in Linksys WVC11B Wireless-B Internet Video Camera allows remote attackers to read arbitrary files via an absolute pathname in the next_file parameter. | ||||
| Applies to: wvc11b |
Created: 2004-12-31 |
Updated: 2024-09-07 |
||
| ID: MITRE:4392 |
Title: Windows Server 2003 NNTP Component Buffer Overflow |
Type: Services |
Bulletins:
MITRE:4392 CVE-2004-0574 |
Severity: High |
| Description: The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows. | ||||
| Applies to: Network News Transport Protocol (NNTP) |
Created: 2004-12-09 |
Updated: 2024-09-07 |
||
| ID: MITRE:5070 |
Title: Windows NT NNTP Component Buffer Overflow |
Type: Services |
Bulletins:
MITRE:5070 CVE-2004-0574 |
Severity: High |
| Description: The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows. | ||||
| Applies to: Network News Transport Protocol (NNTP) |
Created: 2004-12-09 |
Updated: 2024-09-07 |
||
| ID: MITRE:5926 |
Title: Windows 2000 NNTP Component Buffer Overflow |
Type: Services |
Bulletins:
MITRE:5926 CVE-2004-0574 |
Severity: High |
| Description: The Network News Transfer Protocol (NNTP) component of Microsoft Windows NT Server 4.0, Windows 2000 Server, Windows Server 2003, Exchange 2000 Server, and Exchange Server 2003 allows remote attackers to execute arbitrary code via XPAT patterns, possibly related to improper length validation and an "unchecked buffer," leading to off-by-one and heap-based buffer overflows. | ||||
| Applies to: Network News Transport Protocol (NNTP) |
Created: 2004-12-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-0611 |
Title: Web-Based Administration in Netgear FVS318 VPN Router allows remote attackers to cause a denial of service (no new connections) via a large number of open HTTP connections. |
Type: Hardware |
Bulletins:
CVE-2004-0611 SFBID10585 |
Severity: Medium |
| Description: Web-Based Administration in Netgear FVS318 VPN Router allows remote attackers to cause a denial of service (no new connections) via a large number of open HTTP connections. | ||||
| Applies to: FVS318v3 Firewall |
Created: 2004-12-06 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-0468 |
Title: Memory leak in Juniper JUNOS Packet Forwarding Engine (PFE) allows remote attackers to cause a denial of service (memory exhaustion and device reboot) via certain IPv6 packets. |
Type: Hardware |
Bulletins:
CVE-2004-0468 |
Severity: Medium |
| Description: Memory leak in Juniper JUNOS Packet Forwarding Engine (PFE) allows remote attackers to cause a denial of service (memory exhaustion and device reboot) via certain IPv6 packets. | ||||
| Applies to: |
Created: 2004-12-06 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-0615 |
Title: Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a... |
Type: Hardware |
Bulletins:
CVE-2004-0615 SFBID10587 |
Severity: Medium |
| Description: Cross-site scripting (XSS) vulnerability in D-Link DI-614+ SOHO router running firmware 2.30, and DI-704 SOHO router running firmware 2.60B2, and DI-624, allows remote attackers to inject arbitrary script or HTML via the DHCP HOSTNAME option in a DHCP request. | ||||
| Applies to: DI-614+B DI-624 DI-704P |
Created: 2004-12-06 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-0312 |
Title: Linksys WAP55AG 1.07 allows remote attackers with access to an SNMP read only community string to gain access to read/write communtiy strings via a query for OID 1.3.6.1.4.1.3955.2.1.13.1.2. |
Type: Hardware |
Bulletins:
CVE-2004-0312 SFBID9688 |
Severity: Medium |
| Description: Linksys WAP55AG 1.07 allows remote attackers with access to an SNMP read only community string to gain access to read/write communtiy strings via a query for OID 1.3.6.1.4.1.3955.2.1.13.1.2. | ||||
| Applies to: wap55ag |
Created: 2004-11-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-0244 |
Title: Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet,... |
Type: Hardware |
Bulletins:
CVE-2004-0244 SFBID9562 |
Severity: Medium |
| Description: Cisco 6000, 6500, and 7600 series systems with Multilayer Switch Feature Card 2 (MSFC2) and a FlexWAN or OSM module allow local users to cause a denial of service (hang or reset) by sending a layer 2 frame packet that encapsulates a layer 3 packet, but has inconsistent length values with that packet. | ||||
| Applies to: |
Created: 2004-11-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-0352 |
Title: Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a malformed packet to UDP port 5002. |
Type: Hardware |
Bulletins:
CVE-2004-0352 SFBID9806 |
Severity: Medium |
| Description: Cisco 11000 Series Content Services Switches (CSS) running WebNS 5.0(x) before 05.0(04.07)S, and 6.10(x) before 06.10(02.05)S allow remote attackers to cause a denial of service (device reset) via a malformed packet to UDP port 5002. | ||||
| Applies to: Cisco CSS 11050 Content Services Switch Cisco CSS 11100 Content Services Switch Series Cisco CSS 11150 Content Services Switch Cisco CSS 11800 Content Services Switch |
Created: 2004-11-23 |
Updated: 2024-09-07 |
||
| ID: MITRE:188 |
Title: MS Word Macro Security Bypass Vulnerability |
Type: Software |
Bulletins:
MITRE:188 CVE-2003-0664 |
Severity: High |
| Description: Microsoft Word 2002, 2000, 97, and 98(J) does not properly check certain properties of a document, which allows attackers to bypass the macro security model and automatically execute arbitrary macros via a malicious document. | ||||
| Applies to: Microsoft Word 2000 Microsoft Word 2002 Microsoft Word 97 |
Created: 2004-09-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-1650 |
Title: D-Link DCS-900 Internet Camera listens on UDP port 62976 for an IP address, which allows remote attackers to change the IP address of the camera via a UDP broadcast packet. |
Type: Hardware |
Bulletins:
CVE-2004-1650 SFBID11072 |
Severity: High |
| Description: D-Link DCS-900 Internet Camera listens on UDP port 62976 for an IP address, which allows remote attackers to change the IP address of the camera via a UDP broadcast packet. | ||||
| Applies to: DCS-900 |
Created: 2004-08-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-0661 |
Title: Integer signedness error in D-Link AirPlus DI-614+ running firmware 2.30 and earlier allows remote attackers to cause a denial of service (IP lease depletion) via a DHCP request with the LEASETIME option set to -1, which makes the DHCP lease valid... |
Type: Hardware |
Bulletins:
CVE-2004-0661 SFBID10621 |
Severity: Medium |
| Description: Integer signedness error in D-Link AirPlus DI-614+ running firmware 2.30 and earlier allows remote attackers to cause a denial of service (IP lease depletion) via a DHCP request with the LEASETIME option set to -1, which makes the DHCP lease valid for thirteen or more years. | ||||
| Applies to: DI-604 DI-614+B DI-624 |
Created: 2004-08-06 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-0580 |
Title: DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information. |
Type: Hardware |
Bulletins:
CVE-2004-0580 SFBID10329 |
Severity: Medium |
| Description: DHCP on Linksys BEFSR11, BEFSR41, BEFSR81, and BEFSRU31 Cable/DSL Routers, firmware version 1.45.7, does not properly clear previously used buffer contents in a BOOTP reply packet, which allows remote attackers to obtain sensitive information. | ||||
| Applies to: BEFSR41 BEFSR81 BEFSX41 BEFVP41 befsr11 befsr41w befsru31 wap55ag wrt54g |
Created: 2004-08-06 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-0589 |
Title: Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when configured for BGP routing, allows remote attackers to cause a denial of service (device reload) via malformed BGP (1) OPEN or (2) UPDATE messages. |
Type: Hardware |
Bulletins:
CVE-2004-0589 |
Severity: Medium |
| Description: Cisco IOS 11.1(x) through 11.3(x) and 12.0(x) through 12.2(x), when configured for BGP routing, allows remote attackers to cause a denial of service (device reload) via malformed BGP (1) OPEN or (2) UPDATE messages. | ||||
| Applies to: |
Created: 2004-08-06 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-0551 |
Title: Cisco CatOS 5.x before 5.5(20) through 8.x before 8.2(2) and 8.3(2)GLX, as used in Catalyst switches, allows remote attackers to cause a denial of service (system crash and reload) by sending invalid packets instead of the final ACK portion of the... |
Type: Hardware |
Bulletins:
CVE-2004-0551 |
Severity: Medium |
| Description: Cisco CatOS 5.x before 5.5(20) through 8.x before 8.2(2) and 8.3(2)GLX, as used in Catalyst switches, allows remote attackers to cause a denial of service (system crash and reload) by sending invalid packets instead of the final ACK portion of the three-way handshake to the (1) Telnet, (2) HTTP, or (3) SSH services, aka "TCP-ACK DoS attack." | ||||
| Applies to: Cisco Catalyst 2902 Switch Cisco Catalyst 2926 Switch Cisco Catalyst 2926GL Switch Cisco Catalyst 2948G-GE-TX Switch Cisco Catalyst 2980G Switch Cisco Catalyst 2980G-A... Cisco Catalyst C2948G-L3 Ethernet Switch |
Created: 2004-08-06 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-0710 |
Title: IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2004-0710 SFBID10083 |
Severity: Medium |
| Description: IP Security VPN Services Module (VPNSM) in Cisco Catalyst 6500 Series Switch and the Cisco 7600 Series Internet Routers running IOS before 12.2(17b)SXA, before 12.2(17d)SXB, or before 12.2(14)SY03 could allow remote attackers to cause a denial of service (device crash and reload) via a malformed Internet Key Exchange (IKE) packet. | ||||
| Applies to: |
Created: 2004-07-27 |
Updated: 2024-09-07 |
||
| ID: MITRE:2705 |
Title: Windows XP/Server 2003 DirectPlay Denial of Service |
Type: Software |
Bulletins:
MITRE:2705 CVE-2004-0202 |
Severity: Medium |
| Description: IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed packet. | ||||
| Applies to: DirectX |
Created: 2004-07-21 |
Updated: 2024-09-07 |
||
| ID: MITRE:2413 |
Title: Windows XP (64-Bit) DirectPlay Denial of Service |
Type: Software |
Bulletins:
MITRE:2413 CVE-2004-0202 |
Severity: Medium |
| Description: IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed packet. | ||||
| Applies to: DirectX |
Created: 2004-07-21 |
Updated: 2024-09-07 |
||
| ID: MITRE:2190 |
Title: Windows XP (32-Bit) DirectPlay Denial of Service |
Type: Software |
Bulletins:
MITRE:2190 CVE-2004-0202 |
Severity: Medium |
| Description: IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed packet. | ||||
| Applies to: DirectX |
Created: 2004-07-21 |
Updated: 2024-09-07 |
||
| ID: MITRE:2516 |
Title: Windows Server 2003 (32-Bit) DirectPlay Denial of Service |
Type: Software |
Bulletins:
MITRE:2516 CVE-2004-0202 |
Severity: Medium |
| Description: IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed packet. | ||||
| Applies to: DirectX |
Created: 2004-07-21 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0082 |
Title: mod_ssl is old |
Type: Services |
Bulletins:
CVE-2002-0082 SFBID10736 |
Severity: High |
| Description: mod ssl older than 2.8.7 have a buffer over which could allow users to gain a shell remotely. | ||||
| Applies to: Apache |
Created: 2004-07-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-0595 |
Title: PHP older than 4.3.8 |
Type: Services |
Bulletins:
CVE-2004-0595 SFBID10724 |
Severity: Medium |
| Description: PHP older than 4.3.8 is vulnerable to a remote code execution vulnerability. | ||||
| Applies to: PHP |
Created: 2004-07-14 |
Updated: 2024-09-07 |
||
| ID: MITRE:1027 |
Title: Windows 2000 DirectPlay Denial of Service |
Type: Miscellaneous |
Bulletins:
MITRE:1027 CVE-2004-0202 |
Severity: Medium |
| Description: IDirectPlay4 Application Programming Interface (API) of Microsoft DirectPlay 7.0a thru 9.0b, as used in Windows Server 2003 and earlier allows remote attackers to cause a denial of service (application crash) via a malformed packet. | ||||
| Applies to: Microsoft DirectPlay |
Created: 2004-07-12 |
Updated: 2024-09-07 |
||
| ID: MITRE:958 |
Title: Windows XP RPCSS Service DCOM Activation Denial of Service |
Type: Software |
Bulletins:
MITRE:958 CVE-2004-0116 |
Severity: Medium |
| Description: An Activation function in the RPCSS Service involved with DCOM activation for Microsoft Windows 2000, XP, and 2003 allows remote attackers to cause a denial of service (memory consumption) via an activation request with a large length field. | ||||
| Applies to: |
Created: 2004-06-16 |
Updated: 2024-09-07 |
||
| ID: MITRE:900 |
Title: Windows XP RPCSS DCOM Buffer Overflow |
Type: Software |
Bulletins:
MITRE:900 CVE-2003-0813 |
Severity: Medium |
| Description: A multi-threaded race condition in the Windows RPC DCOM functionality with the MS03-039 patch installed allows remote attackers to cause a denial of service (crash or reboot) by causing two threads to process the same RPC request, which causes one thread to use memory after it has been freed, a different vulnerability than CVE-2003-0352 (Blaster/Nachi), CVE-2003-0715, and CVE-2003-0528, and as demonstrated by certain exploits against those vulnerabilities. | ||||
| Applies to: |
Created: 2004-06-16 |
Updated: 2024-09-07 |
||
| ID: MITRE:925 |
Title: MS IE HTML Directive Buffer Overflow |
Type: Web |
Bulletins:
MITRE:925 CVE-2002-0022 |
Severity: High |
| Description: Buffer overflow in the implementation of an HTML directive in mshtml.dll in Internet Explorer 5.5 and 6.0 allows remote attackers to execute arbitrary code via a web page that specifies embedded ActiveX controls in a way that causes 2 Unicode strings to be concatenated. | ||||
| Applies to: Microsoft Internet Explorer |
Created: 2004-06-16 |
Updated: 2024-09-07 |
||
| ID: MITRE:974 |
Title: IE Frame Domain Verification Vulnerability |
Type: Web |
Bulletins:
MITRE:974 CVE-2002-0027 |
Severity: High |
| Description: Internet Explorer 5.5 and 6.0 allows remote attackers to read certain files and spoof the URL in the address bar by using the Document.open function to pass information between two frames from different domains, a new variant of the "Frame Domain Verification" vulnerability described in MS:MS01-058/CAN-2001-0874. | ||||
| Applies to: Microsoft Internet Explorer |
Created: 2004-06-16 |
Updated: 2024-09-07 |
||
| ID: MITRE:921 |
Title: IE File Execution User-prompt Bypass Vulnerability |
Type: Web |
Bulletins:
MITRE:921 CVE-2001-0727 |
Severity: High |
| Description: Internet Explorer 6.0 allows remote attackers to execute arbitrary code by modifying the Content-Disposition and Content-Type header fields in a way that causes Internet Explorer to believe that the file is safe to open without prompting the user, aka the "File Execution Vulnerability." | ||||
| Applies to: Microsoft Internet Explorer |
Created: 2004-06-16 |
Updated: 2024-09-07 |
||
| ID: MITRE:1014 |
Title: IE File Download Dialog Deception Vulnerability |
Type: Web |
Bulletins:
MITRE:1014 CVE-2001-0875 |
Severity: High |
| Description: Internet Explorer 5.5 and 6.0 allows remote attackers to cause the File Download dialogue box to misrepresent the name of the file in the dialogue in a way that could fool users into thinking that the file type is safe to download. | ||||
| Applies to: Microsoft Internet Explorer |
Created: 2004-06-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-0413 |
Title: Subversion version older than 1.0.5 |
Type: Services |
Bulletins:
CVE-2004-0413 SFBID10519 |
Severity: High |
| Description: Additional Bugtraq IDs: http://www.securityfocus.com/bid/10386 http://www.securityfocus.com/bid/10428 | ||||
| Applies to: Subversion |
Created: 2004-06-11 |
Updated: 2024-09-07 |
||
| ID: MITRE:886 |
Title: Windows XP SSL Library Denial of Service |
Type: Software |
Bulletins:
MITRE:886 CVE-2004-0120 |
Severity: Medium |
| Description: The Microsoft Secure Sockets Layer (SSL) library, as used in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service via malformed SSL messages. | ||||
| Applies to: |
Created: 2004-05-25 |
Updated: 2024-09-07 |
||
| ID: MITRE:898 |
Title: Windows XP LSASS Buffer Overflow |
Type: Software |
Bulletins:
MITRE:898 CVE-2003-0533 |
Severity: High |
| Description: Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm. | ||||
| Applies to: |
Created: 2004-05-25 |
Updated: 2024-09-07 |
||
| ID: MITRE:964 |
Title: Windows XP H.323 Protocol Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
MITRE:964 CVE-2004-0117 |
Severity: High |
| Description: Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code. | ||||
| Applies to: |
Created: 2004-05-25 |
Updated: 2024-09-07 |
||
| ID: MITRE:885 |
Title: Windows Server 2003 SSL Library Denial of Service |
Type: Software |
Bulletins:
MITRE:885 CVE-2004-0120 |
Severity: Medium |
| Description: The Microsoft Secure Sockets Layer (SSL) library, as used in Windows 2000, Windows XP, and Windows Server 2003, allows remote attackers to cause a denial of service via malformed SSL messages. | ||||
| Applies to: |
Created: 2004-05-25 |
Updated: 2024-09-07 |
||
| ID: MITRE:919 |
Title: Windows Server 2003 LSASS Buffer Overflow (Sasser Worm Vulnerability |
Type: Software |
Bulletins:
MITRE:919 CVE-2003-0533 |
Severity: High |
| Description: Stack-based buffer overflow in certain Active Directory service functions in LSASRV.DLL of the Local Security Authority Subsystem Service (LSASS) in Microsoft Windows NT 4.0 SP6a, 2000 SP2 through SP4, XP SP1, Server 2003, NetMeeting, Windows 98, and Windows ME, allows remote attackers to execute arbitrary code via a packet that causes the DsRolerUpgradeDownlevelServer function to create long debug entries for the DCPROMO.LOG log file, as exploited by the Sasser worm. | ||||
| Applies to: |
Created: 2004-05-25 |
Updated: 2024-09-07 |
||
| ID: MITRE:946 |
Title: Windows Server 2003 H.323 Protocol Remote Code Execution Vulnerability |
Type: Software |
Bulletins:
MITRE:946 CVE-2004-0117 |
Severity: High |
| Description: Unknown vulnerability in the H.323 protocol implementation in Windows 98, Windows 2000, Windows XP, and Windows Server 2003 allows remote attackers to execute arbitrary code. | ||||
| Applies to: |
Created: 2004-05-25 |
Updated: 2024-09-07 |
||
| ID: MITRE:968 |
Title: MS Jet Database Buffer Overflow |
Type: Services |
Bulletins:
MITRE:968 CVE-2004-0197 |
Severity: High |
| Description: Buffer overflow in Microsoft Jet Database Engine 4.0 allows remote attackers to execute arbitrary code via a specially-crafted database query. | ||||
| Applies to: Microsoft Jet 4.0 Database Engine |
Created: 2004-05-25 |
Updated: 2024-09-07 |
||
| ID: MITRE:990 |
Title: Microsoft Outlook Express v6.0 MHTML URL Processing Vulnerability |
Type: |
Bulletins:
MITRE:990 CVE-2004-0380 |
Severity: High |
| Description: The MHTML protocol handler in Microsoft Outlook Express 5.5 SP2 through Outlook Express 6 SP1 allows remote attackers to bypass domain restrictions and execute arbitrary code, as demonstrated on Internet Explorer using script in a compiled help (CHM) file that references the InfoTech Storage (ITS) protocol handlers such as (1) ms-its, (2) ms-itss, (3) its, or (4) mk:@MSITStore, aka the "MHTML URL Processing Vulnerability." | ||||
| Applies to: Microsoft Outlook Express |
Created: 2004-05-25 |
Updated: 2024-09-07 |
||
| ID: MITRE:586 |
Title: MS Word 98 Macro Names Buffer Overflow |
Type: Software |
Bulletins:
MITRE:586 CVE-2003-0820 |
Severity: High |
| Description: Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute arbitrary code via a buffer overflow attack. | ||||
| Applies to: Microsoft Word 98 |
Created: 2004-03-25 |
Updated: 2024-09-07 |
||
| ID: MITRE:585 |
Title: MS Word 97 Macro Names Buffer Overflow |
Type: Software |
Bulletins:
MITRE:585 CVE-2003-0820 |
Severity: High |
| Description: Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute arbitrary code via a buffer overflow attack. | ||||
| Applies to: Microsoft Word 97 |
Created: 2004-03-25 |
Updated: 2024-09-07 |
||
| ID: MITRE:675 |
Title: MS Excel 97 Malicious Macro Security Bypass Vulnerability |
Type: Software |
Bulletins:
MITRE:675 CVE-2003-0821 |
Severity: High |
| Description: Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model. | ||||
| Applies to: Microsoft Excel 97 |
Created: 2004-03-25 |
Updated: 2024-09-07 |
||
| ID: MITRE:141 |
Title: Microsoft Internet Explorer MIME Hack |
Type: Web |
Bulletins:
MITRE:141 CVE-2001-0154 |
Severity: High |
| Description: HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly. | ||||
| Applies to: Microsoft Internet Explorer |
Created: 2004-03-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-0054 |
Title: Multiple vulnerabilities in the H.323 protocol implementation for Cisco IOS 11.3T through 12.2T allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the... |
Type: Hardware |
Bulletins:
CVE-2004-0054 SFBID9406 |
Severity: High |
| Description: Multiple vulnerabilities in the H.323 protocol implementation for Cisco IOS 11.3T through 12.2T allow remote attackers to cause a denial of service and possibly execute arbitrary code, as demonstrated by the NISCC/OUSPG PROTOS test suite for the H.225 protocol. | ||||
| Applies to: |
Created: 2004-02-17 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-0129 |
Title: phpMyAdmin mysql web administration tool vulnerability |
Type: Services |
Bulletins:
CVE-2004-0129 SFBID9564 |
Severity: Medium |
| Description: This phpMyAdmin allows remote users to read sensitive files remotely. | ||||
| Applies to: phpMyAdmin |
Created: 2004-02-03 |
Updated: 2024-09-07 |
||
| ID: CVE-2003-0789 |
Title: Apache is older than 2.0.48 |
Type: Miscellaneous |
Bulletins:
CVE-2003-0789 SFBID8926 SFBID9504 |
Severity: High |
| Description: Apache versions older than 2.0.48 have various flaws which need patching. | ||||
| Applies to: Apache |
Created: 2004-01-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2003-1002 |
Title: Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set. |
Type: Hardware |
Bulletins:
CVE-2003-1002 |
Severity: Medium |
| Description: Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via an SNMPv3 message when snmp-server is set. | ||||
| Applies to: Cisco Catalyst 6500 Series Switches |
Created: 2004-01-05 |
Updated: 2024-09-07 |
||
| ID: CVE-2003-1001 |
Title: Buffer overflow in the Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via HTTP auth requests for (1) TACACS+ or (2) RADIUS authentication. |
Type: Hardware |
Bulletins:
CVE-2003-1001 |
Severity: Medium |
| Description: Buffer overflow in the Cisco Firewall Services Module (FWSM) in Cisco Catalyst 6500 and 7600 series devices allows remote attackers to cause a denial of service (crash and reload) via HTTP auth requests for (1) TACACS+ or (2) RADIUS authentication. | ||||
| Applies to: Cisco Catalyst 6500 Series Switches |
Created: 2004-01-05 |
Updated: 2024-09-07 |
||
| ID: CVE-2003-1132 |
Title: The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or "Name Error") instead of response code 0 ("No Error"), which allows remote attackers to... |
Type: Hardware |
Bulletins:
CVE-2003-1132 |
Severity: Medium |
| Description: The DNS server for Cisco Content Service Switch (CSS) 11000 and 11500, when prompted for a nonexistent AAAA record, responds with response code 3 (NXDOMAIN or "Name Error") instead of response code 0 ("No Error"), which allows remote attackers to cause a denial of service (inaccessible domain) by forcing other DNS servers to send and cache a request for a AAAA record to the vulnerable server. | ||||
| Applies to: Cisco CSS 11100 Content Services Switch Series Content Services Switch 11500 |
Created: 2003-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2003-1264 |
Title: TFTP server in Longshine Wireless Access Point (WAP) LCS-883R-AC-B, and in D-Link DI-614+ 2.0 which is based on it, allows remote attackers to obtain the WEP secret and gain administrator privileges by downloading the configuration file (config.img)... |
Type: Hardware |
Bulletins:
CVE-2003-1264 SFBID6533 |
Severity: Medium |
| Description: TFTP server in Longshine Wireless Access Point (WAP) LCS-883R-AC-B, and in D-Link DI-614+ 2.0 which is based on it, allows remote attackers to obtain the WEP secret and gain administrator privileges by downloading the configuration file (config.img) and other files without authentication. | ||||
| Applies to: DI-614+B |
Created: 2003-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2003-1490 |
Title: SonicWall Pro running firmware 6.4.0.1 allows remote attackers to cause a denial of service (device reset) via a long HTTP POST to the internal interface, possibly due to a buffer overflow. |
Type: Hardware |
Bulletins:
CVE-2003-1490 SFBID7435 |
Severity: High |
| Description: SonicWall Pro running firmware 6.4.0.1 allows remote attackers to cause a denial of service (device reset) via a long HTTP POST to the internal interface, possibly due to a buffer overflow. | ||||
| Applies to: SonicWall Firewall Pro 100 SonicWall Firewall Pro 200 SonicWall Firewall Pro 300 |
Created: 2003-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2003-1346 |
Title: D-Link wireless access point DWL-900AP+ 2.2, 2.3 and possibly 2.5 allows remote attackers to set factory default settings by upgrading the firmware using AirPlus Access Point Manager. |
Type: Hardware |
Bulletins:
CVE-2003-1346 SFBID6609 |
Severity: High |
| Description: D-Link wireless access point DWL-900AP+ 2.2, 2.3 and possibly 2.5 allows remote attackers to set factory default settings by upgrading the firmware using AirPlus Access Point Manager. | ||||
| Applies to: DWL-900AP+B |
Created: 2003-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2003-1398 |
Title: Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts false ICMP redirect messages, which allows remote attackers to cause a denial of service (network routing modification). |
Type: Hardware |
Bulletins:
CVE-2003-1398 SFBID6823 |
Severity: High |
| Description: Cisco IOS 12.0 through 12.2, when IP routing is disabled, accepts false ICMP redirect messages, which allows remote attackers to cause a denial of service (network routing modification). | ||||
| Applies to: |
Created: 2003-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2003-1497 |
Title: Buffer overflow in the system log viewer of Linksys BEFSX41 1.44.3 allows remote attackers to cause a denial of service via an HTTP request with a long Log_Page_Num variable. |
Type: Hardware |
Bulletins:
CVE-2003-1497 SFBID8834 |
Severity: Medium |
| Description: Buffer overflow in the system log viewer of Linksys BEFSX41 1.44.3 allows remote attackers to cause a denial of service via an HTTP request with a long Log_Page_Num variable. | ||||
| Applies to: BEFSX41 |
Created: 2003-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2003-0795 |
Title: zebra/Quagga versions older than 0.96.4 |
Type: Services |
Bulletins:
CVE-2003-0795 SFBID9029 |
Severity: Medium |
| Description: zebra/Quagga versions older than 0.96.4 are vulnerable to a denial of service. | ||||
| Applies to: |
Created: 2003-11-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2003-0511 |
Title: The web server for Cisco Aironet AP1x00 Series Wireless devices running certain versions of IOS 12.2 allow remote attackers to cause a denial of service (reload) via a malformed URL. |
Type: Hardware |
Bulletins:
CVE-2003-0511 |
Severity: Medium |
| Description: The web server for Cisco Aironet AP1x00 Series Wireless devices running certain versions of IOS 12.2 allow remote attackers to cause a denial of service (reload) via a malformed URL. | ||||
| Applies to: |
Created: 2003-08-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2003-0512 |
Title: Cisco IOS 12.2 and earlier generates a "% Login invalid" message instead of prompting for a password when an invalid username is provided, which allows remote attackers to identify valid usernames on the system and conduct brute force password... |
Type: Hardware |
Bulletins:
CVE-2003-0512 |
Severity: Medium |
| Description: Cisco IOS 12.2 and earlier generates a "% Login invalid" message instead of prompting for a password when an invalid username is provided, which allows remote attackers to identify valid usernames on the system and conduct brute force password guessing, as reported for the Aironet Bridge. | ||||
| Applies to: |
Created: 2003-08-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2003-0647 |
Title: Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET request. |
Type: Hardware |
Bulletins:
CVE-2003-0647 |
Severity: High |
| Description: Buffer overflow in the HTTP server for Cisco IOS 12.2 and earlier allows remote attackers to execute arbitrary code via an extremely long (2GB) HTTP GET request. | ||||
| Applies to: |
Created: 2003-08-27 |
Updated: 2024-09-07 |
||
| ID: SFBID8062 |
Title: Abyss Web server Bufferoverflow |
Type: Miscellaneous |
Bulletins:
SFBID8062 |
Severity: High |
| Description: A security vulnerability exists in Abyss Web Server. A heap overrun takes place due to insufficient bounds checking of data supplied via client HTTP GET requests. In such case random code can be executed with the privileges of the web server. This vulnerability affects Abyss Web Server version 1.1.2. Later versions may also be affected. Abyss Web Server version 1.1.6 does is not prone to such a vulnerability thus users are advised to upgrade to such a version. | ||||
| Applies to: Abyss Web Server |
Created: 2003-06-30 |
Updated: 2010-08-21 |
||
| ID: CVE-2003-0305 |
Title: The Service Assurance Agent (SAA) in Cisco IOS 12.0 through 12.2, aka Response Time Reporter (RTR), allows remote attackers to cause a denial of service (crash) via malformed RTR packets to port 1967. |
Type: Hardware |
Bulletins:
CVE-2003-0305 |
Severity: Medium |
| Description: The Service Assurance Agent (SAA) in Cisco IOS 12.0 through 12.2, aka Response Time Reporter (RTR), allows remote attackers to cause a denial of service (crash) via malformed RTR packets to port 1967. | ||||
| Applies to: |
Created: 2003-06-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2003-0216 |
Title: Unknown vulnerability in Cisco Catalyst 7.5(1) allows local users to bypass authentication and gain access to the enable mode without a password. |
Type: Hardware |
Bulletins:
CVE-2003-0216 |
Severity: High |
| Description: Unknown vulnerability in Cisco Catalyst 7.5(1) allows local users to bypass authentication and gain access to the enable mode without a password. | ||||
| Applies to: |
Created: 2003-05-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-1426 |
Title: HP ProCurve Switch 4000M C.07.23 allows remote attackers to cause a denial of service (crash) via an SNMP write request containing 85 characters, possibly triggering a buffer overflow. |
Type: Hardware |
Bulletins:
CVE-2002-1426 SFBID5336 |
Severity: High |
| Description: HP ProCurve Switch 4000M C.07.23 allows remote attackers to cause a denial of service (crash) via an SNMP write request containing 85 characters, possibly triggering a buffer overflow. | ||||
| Applies to: Procurve Switch 4000m |
Created: 2003-04-11 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-1547 |
Title: Netscreen running ScreenOS 4.0.0r6 and earlier allows remote attackers to cause a denial of service via a malformed SSH packet to the Secure Command Shell (SCS) management interface, as demonstrated via certain CRC32 exploits, a different... |
Type: Hardware |
Bulletins:
CVE-2002-1547 |
Severity: Medium |
| Description: Netscreen running ScreenOS 4.0.0r6 and earlier allows remote attackers to cause a denial of service via a malformed SSH packet to the Secure Command Shell (SCS) management interface, as demonstrated via certain CRC32 exploits, a different vulnerability than CVE-2001-0144. | ||||
| Applies to: |
Created: 2003-03-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2003-0161 |
Title: Sendmail is older than 8.12.9 |
Type: |
Bulletins:
CVE-2003-0161 |
Severity: High |
| Description: Sendmail is a Mail Transport Agent included in all the Red Hat Linux distributions. A security flaw was discovered in the handling of DNS maps in Sendmail 8.12 versions before 8.12.9. A remote attacker will be able to crash the instance of Sendmail dealing with the request.In case version 8.12.9 is not available, a patch should be installed. The patch and PGP signature can be downloaded from a link given in: http://www.sendmail.org/patchps.html. Check the PGP signature using either: gpg -verify prescan.tar.gz.uu.asc prescan.tar.gz.uuorpgp prescan.tar.gz.uu.asc prescan.tar.gz.uuThen unpack the patches using the following command:uudecode -p < prescan.tar.gz.uu | gunzip -c | tar -xf -Then apply the appropriate patch to your version of the Sendmail source code:cd sendmail-8.12.8/sendmailpatch < prescan.VERSION.patchIf version older than 8.12.8 was installed, make sure you install the previous patches. Recompile sendmail and install the new binary. | ||||
| Applies to: Sendmail |
Created: 2003-03-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2003-0100 |
Title: Buffer overflow in Cisco IOS 11.2.x to 12.0.x allows remote attackers to cause a denial of service and possibly execute commands via a large number of OSPF neighbor announcements. |
Type: Hardware |
Bulletins:
CVE-2003-0100 SFBID6895 |
Severity: High |
| Description: Buffer overflow in Cisco IOS 11.2.x to 12.0.x allows remote attackers to cause a denial of service and possibly execute commands via a large number of OSPF neighbor announcements. | ||||
| Applies to: |
Created: 2003-03-03 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-1337 |
Title: Remote Buffer Overflow in Sendmail |
Type: |
Bulletins:
CVE-2002-1337 SFBID6991 |
Severity: High |
| Description: Sendmail version 5.79 to 8.12.7 are vulnerable to a buffer overflow, allowing attackers to execute their own code on the target via certain formatted address fields, related to sender and recipient header comments as processed by the crackaddr function, which is found in headers.c. A newer version of Sendmail 8.12.8 exists, which contains a fix for this critical security problem. | ||||
| Applies to: Sendmail |
Created: 2003-03-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-2053 |
Title: The design of the Hot Standby Routing Protocol (HSRP), as implemented on Cisco IOS 12.1, when using IRPAS, allows remote attackers to cause a denial of service (CPU consumption) via a router with the same IP address as the interface on which HSRP is... |
Type: Hardware |
Bulletins:
CVE-2002-2053 SFBID4949 |
Severity: Medium |
| Description: The design of the Hot Standby Routing Protocol (HSRP), as implemented on Cisco IOS 12.1, when using IRPAS, allows remote attackers to cause a denial of service (CPU consumption) via a router with the same IP address as the interface on which HSRP is running, which causes a loop. | ||||
| Applies to: |
Created: 2002-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-2239 |
Title: The Cisco Optical Service Module (OSM) for the Catalyst 6500 and 7600 series running Cisco IOS 12.1(8)E through 12.1(13.4)E allows remote attackers to cause a denial of service (hang) via a malformed packet. |
Type: Hardware |
Bulletins:
CVE-2002-2239 SFBID6358 |
Severity: High |
| Description: The Cisco Optical Service Module (OSM) for the Catalyst 6500 and 7600 series running Cisco IOS 12.1(8)E through 12.1(13.4)E allows remote attackers to cause a denial of service (hang) via a malformed packet. | ||||
| Applies to: |
Created: 2002-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-1892 |
Title: NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information. |
Type: Hardware |
Bulletins:
CVE-2002-1892 SFBID5830 |
Severity: Low |
| Description: NETGEAR FVS318 running firmware 1.1 stores the username and password in a readable format when a backup of the configuration file is made, which allows local users to obtain sensitive information. | ||||
| Applies to: FVS318v3 Firewall |
Created: 2002-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-2371 |
Title: Linksys WET11 firmware 1.31 and 1.32 allows remote attackers to cause a denial of service (crash) via a packet containing the device's hardware address as the source MAC address in the DLC header. |
Type: Hardware |
Bulletins:
CVE-2002-2371 SFBID6046 |
Severity: High |
| Description: Linksys WET11 firmware 1.31 and 1.32 allows remote attackers to cause a denial of service (crash) via a packet containing the device's hardware address as the source MAC address in the DLC header. | ||||
| Applies to: wet11 |
Created: 2002-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-2159 |
Title: Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the "Block WAN" and "Remote Admin" options are disabled, which allows remote attackers to... |
Type: Hardware |
Bulletins:
CVE-2002-2159 SFBID4987 |
Severity: High |
| Description: Linksys EtherFast Cable/DSL BEFSR11, BEFSR41 and BEFSRU31 with the firmware 1.42.7 upgrade installed opens TCP port 5678 for remote administration even when the "Block WAN" and "Remote Admin" options are disabled, which allows remote attackers to gain access. | ||||
| Applies to: BEFSR41 befsr11 befsru31 |
Created: 2002-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-2137 |
Title: GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) D-Link DWL-900AP+ B1 2.1 and 2.2, (3) ALLOY GL-2422AP-S, (4) EUSSO GL2422-AP, and (5) LINKSYS WAP11-V2.2, allow remote attackers to obtain sensitive... |
Type: Hardware |
Bulletins:
CVE-2002-2137 SFBID6100 |
Severity: Medium |
| Description: GlobalSunTech Wireless Access Points (1) WISECOM GL2422AP-0T, and possibly OEM products such as (2) D-Link DWL-900AP+ B1 2.1 and 2.2, (3) ALLOY GL-2422AP-S, (4) EUSSO GL2422-AP, and (5) LINKSYS WAP11-V2.2, allow remote attackers to obtain sensitive information like WEP keys, the administrator password, and the MAC filter via a "getsearch" request to UDP port 27155. | ||||
| Applies to: DWL-900AP+B wap11 |
Created: 2002-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-2150 |
Title: Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as (1) TCP SYN flood, (2) UDP flood, or (3) Crikey CRC Flood, which causes the... |
Type: Hardware |
Bulletins:
CVE-2002-2150 SFBID6023 |
Severity: Medium |
| Description: Firewalls from multiple vendors empty state tables more slowly than they are filled, which allows remote attackers to flood state tables with packet flooding attacks such as (1) TCP SYN flood, (2) UDP flood, or (3) Crikey CRC Flood, which causes the firewall to refuse any new connections. | ||||
| Applies to: |
Created: 2002-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-2208 |
Title: Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements,... |
Type: Hardware |
Bulletins:
CVE-2002-2208 SFBID6443 |
Severity: High |
| Description: Extended Interior Gateway Routing Protocol (EIGRP), as implemented in Cisco IOS 11.3 through 12.2 and other products, allows remote attackers to cause a denial of service (flood) by sending a large number of spoofed EIGRP neighbor announcements, which results in an ARP storm on the local network. | ||||
| Applies to: |
Created: 2002-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-1810 |
Title: D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to access the TFTP server without authentication and read the config.img file, which contains sensitive information such as the administrative password, the WEP encryption keys, and... |
Type: Hardware |
Bulletins:
CVE-2002-1810 SFBID6015 |
Severity: High |
| Description: D-Link DWL-900AP+ Access Point 2.1 and 2.2 allows remote attackers to access the TFTP server without authentication and read the config.img file, which contains sensitive information such as the administrative password, the WEP encryption keys, and network configuration information. | ||||
| Applies to: DWL-900AP+B |
Created: 2002-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-2341 |
Title: Cross-site scripting (XSS) vulnerability in content blocking in SonicWALL SOHO3 6.3.0.0 allows remote attackers to inject arbitrary web script or HTML via a blocked URL. |
Type: Hardware |
Bulletins:
CVE-2002-2341 SFBID4755 |
Severity: Medium |
| Description: Cross-site scripting (XSS) vulnerability in content blocking in SonicWALL SOHO3 6.3.0.0 allows remote attackers to inject arbitrary web script or HTML via a blocked URL. | ||||
| Applies to: SonicWall Firewall SoHo 3 |
Created: 2002-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-1706 |
Title: Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message... |
Type: Hardware |
Bulletins:
CVE-2002-1706 SFBID5041 |
Severity: Medium |
| Description: Cisco IOS software 11.3 through 12.2 running on Cisco uBR7200 and uBR7100 series Universal Broadband Routers allows remote attackers to modify Data Over Cable Service Interface Specification (DOCSIS) settings via a DOCSIS file without a Message Integrity Check (MIC) signature, which is approved by the router. | ||||
| Applies to: |
Created: 2002-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-2315 |
Title: Cisco IOS 11.2.x and 12.0.x does not limit the size of its redirect table, which allows remote attackers to cause a denial of service (memory consumption) via spoofed ICMP redirect packets to the router. |
Type: Hardware |
Bulletins:
CVE-2002-2315 SFBID4786 |
Severity: High |
| Description: Cisco IOS 11.2.x and 12.0.x does not limit the size of its redirect table, which allows remote attackers to cause a denial of service (memory consumption) via spoofed ICMP redirect packets to the router. | ||||
| Applies to: |
Created: 2002-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-1768 |
Title: Cisco IOS 11.1 through 12.2, when HSRP support is not enabled, allows remote attackers to cause a denial of service (CPU consumption) via randomly sized UDP packets to the Hot Standby Routing Protocol (HSRP) port 1985. |
Type: Hardware |
Bulletins:
CVE-2002-1768 SFBID4948 |
Severity: Medium |
| Description: Cisco IOS 11.1 through 12.2, when HSRP support is not enabled, allows remote attackers to cause a denial of service (CPU consumption) via randomly sized UDP packets to the Hot Standby Routing Protocol (HSRP) port 1985. | ||||
| Applies to: |
Created: 2002-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-2316 |
Title: Cisco Catalyst 4000 series switches running CatOS 5.5.5, 6.3.5, and 7.1.2 do not always learn MAC addresses from a single initial packet, which causes unicast traffic to be broadcast across the switch and allows remote attackers to obtain sensitive... |
Type: Hardware |
Bulletins:
CVE-2002-2316 SFBID4790 |
Severity: Medium |
| Description: Cisco Catalyst 4000 series switches running CatOS 5.5.5, 6.3.5, and 7.1.2 do not always learn MAC addresses from a single initial packet, which causes unicast traffic to be broadcast across the switch and allows remote attackers to obtain sensitive network information by sniffing. | ||||
| Applies to: |
Created: 2002-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-2052 |
Title: Cisco 2611 router running IOS 12.1(6.5), possibly an interim release, allows remote attackers to cause a denial of service via port scans such as (1) scanning all ports on a single host and (2) scanning a network of hosts for a single open port... |
Type: Hardware |
Bulletins:
CVE-2002-2052 SFBID4947 |
Severity: Medium |
| Description: Cisco 2611 router running IOS 12.1(6.5), possibly an interim release, allows remote attackers to cause a denial of service via port scans such as (1) scanning all ports on a single host and (2) scanning a network of hosts for a single open port through the router. NOTE: the vendor could not reproduce this issue, saying that the original reporter was using an interim release of the software. | ||||
| Applies to: |
Created: 2002-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-1865 |
Title: Buffer overflow in the Embedded HTTP server, as used in (1) D-Link DI-804 4.68, Dl-704 V2.56b6, and Dl-704 V2.56b5 and (2) Linksys Etherfast BEFW11S4 Wireless AP + Cable/DSL Router 1.37.2 through 1.42.7 and Linksys WAP11 1.3 and 1.4, allows remote... |
Type: Hardware |
Bulletins:
CVE-2002-1865 SFBID6090 |
Severity: Medium |
| Description: Buffer overflow in the Embedded HTTP server, as used in (1) D-Link DI-804 4.68, Dl-704 V2.56b6, and Dl-704 V2.56b5 and (2) Linksys Etherfast BEFW11S4 Wireless AP + Cable/DSL Router 1.37.2 through 1.42.7 and Linksys WAP11 1.3 and 1.4, allows remote attackers to cause a denial of service (crash) via a long header, as demonstrated using the Host header. | ||||
| Applies to: BEFW11S4 DI-704 DI-804 wap11 |
Created: 2002-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-2379 |
Title: ** DISPUTED ** Cisco AS5350 IOS 12.2(11)T with access control lists (ACLs) applied and possibly with ssh running allows remote attackers to cause a denial of service (crash) via a port scan, possibly due to an ssh bug. NOTE: this issue could not be... |
Type: Hardware |
Bulletins:
CVE-2002-2379 SFBID6059 |
Severity: High |
| Description: ** DISPUTED ** Cisco AS5350 IOS 12.2(11)T with access control lists (ACLs) applied and possibly with ssh running allows remote attackers to cause a denial of service (crash) via a port scan, possibly due to an ssh bug. NOTE: this issue could not be reproduced by the vendor. | ||||
| Applies to: Cisco AS5350 Universal Gateway |
Created: 2002-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-1360 |
Title: Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code... |
Type: Hardware |
Bulletins:
CVE-2002-1360 |
Severity: High |
| Description: Multiple SSH2 servers and clients do not properly handle strings with null characters in them when the string length is specified by a length field, which could allow remote attackers to cause a denial of service or possibly execute arbitrary code due to interactions with the use of null-terminated strings as implemented using languages such as C, as demonstrated by the SSHredder SSH protocol test suite. | ||||
| Applies to: |
Created: 2002-12-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-1357 |
Title: Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder... |
Type: Hardware |
Bulletins:
CVE-2002-1357 SFBID6405 |
Severity: High |
| Description: Multiple SSH2 servers and clients do not properly handle packets or data elements with incorrect length specifiers, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. | ||||
| Applies to: |
Created: 2002-12-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-1358 |
Title: Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. |
Type: Hardware |
Bulletins:
CVE-2002-1358 |
Severity: High |
| Description: Multiple SSH2 servers and clients do not properly handle lists with empty elements or strings, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code, as demonstrated by the SSHredder SSH protocol test suite. | ||||
| Applies to: |
Created: 2002-12-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-1359 |
Title: Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder... |
Type: Hardware |
Bulletins:
CVE-2002-1359 SFBID6407 |
Severity: High |
| Description: Multiple SSH2 servers and clients do not properly handle large packets or large fields, which may allow remote attackers to cause a denial of service or possibly execute arbitrary code via buffer overflow attacks, as demonstrated by the SSHredder SSH protocol test suite. | ||||
| Applies to: |
Created: 2002-12-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-1354 |
Title: TYPSoft FTP Server 0-99-8 Arbitrary Dir Listing |
Type: FTP |
Bulletins:
CVE-2002-1354 |
Severity: Medium |
| Description: TYPSoft version 0.99.8 is prone to a vulnerability where a remote user can view directory listings for directories located outside of the FTP document directory. The character sequence ‘...’ is not properly filtered, thus leading to such a vulnerability. The vulnerability issue was fixed in version 0.99.13 or later, which is available at: http://www.idefense.com/advisory/12.16.02a.txt. | ||||
| Applies to: TYPSoft FTP Server |
Created: 2002-12-13 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-1272 |
Title: Alcatel OmniSwitch 7700/7800 switches running AOS 5.1.1 contains a back door telnet server that was intended for development but not removed before distribution, which allows remote attackers to gain administrative privileges. |
Type: Hardware |
Bulletins:
CVE-2002-1272 SFBID6220 |
Severity: High |
| Description: Alcatel OmniSwitch 7700/7800 switches running AOS 5.1.1 contains a back door telnet server that was intended for development but not removed before distribution, which allows remote attackers to gain administrative privileges. | ||||
| Applies to: |
Created: 2002-12-11 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-1312 |
Title: Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to... |
Type: Hardware |
Bulletins:
CVE-2002-1312 SFBID6208 |
Severity: Medium |
| Description: Buffer overflow in the Web management interface in Linksys BEFW11S4 wireless access point router 2 and BEFSR11, BEFSR41, and BEFSRU31 EtherFast Cable/DSL routers with firmware before 1.43.3 with remote management enabled allows remote attackers to cause a denial of service (router crash) via a long password. | ||||
| Applies to: BEFSR41 BEFSR81 BEFSX41 BEFVP41 BEFW11S4 befsr11 befsru31 |
Created: 2002-11-20 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-1236 |
Title: The remote management web server for Linksys BEFSR41 EtherFast Cable/DSL Router before firmware 1.42.7 allows remote attackers to cause a denial of service (crash) via an HTTP request to Gozila.cgi without any arguments. |
Type: Hardware |
Bulletins:
CVE-2002-1236 SFBID6086 |
Severity: Medium |
| Description: The remote management web server for Linksys BEFSR41 EtherFast Cable/DSL Router before firmware 1.42.7 allows remote attackers to cause a denial of service (crash) via an HTTP request to Gozila.cgi without any arguments. | ||||
| Applies to: BEFSR41 |
Created: 2002-11-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-1222 |
Title: Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request. |
Type: Hardware |
Bulletins:
CVE-2002-1222 SFBID5976 |
Severity: High |
| Description: Buffer overflow in the embedded HTTP server for Cisco Catalyst switches running CatOS 5.4 through 7.3 allows remote attackers to cause a denial of service (reset) via a long HTTP request. | ||||
| Applies to: |
Created: 2002-10-28 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-1147 |
Title: The HTTP administration interface for HP Procurve 4000M Switch firmware before C.09.16, with stacking features and remote administration enabled, does not authenticate requests to reset the device, which allows remote attackers to cause a denial of... |
Type: Hardware |
Bulletins:
CVE-2002-1147 SFBID5784 |
Severity: High |
| Description: The HTTP administration interface for HP Procurve 4000M Switch firmware before C.09.16, with stacking features and remote administration enabled, does not authenticate requests to reset the device, which allows remote attackers to cause a denial of service via a direct request to the device_reset CGI program. | ||||
| Applies to: Procurve Switch 4000m |
Created: 2002-10-11 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-1068 |
Title: The web server for D-Link DP-300 print server allows remote attackers to cause a denial of service (hang) via a large HTTP POST request. |
Type: Hardware |
Bulletins:
CVE-2002-1068 SFBID5330 |
Severity: Medium |
| Description: The web server for D-Link DP-300 print server allows remote attackers to cause a denial of service (hang) via a large HTTP POST request. | ||||
| Applies to: DP-303 |
Created: 2002-10-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0891 |
Title: The web interface (WebUI) of NetScreen ScreenOS before 2.6.1r8, and certain 2.8.x and 3.0.x versions before 3.0.3r1, allows remote attackers to cause a denial of service (crash) via a long user name. |
Type: Hardware |
Bulletins:
CVE-2002-0891 SFBID4842 |
Severity: Medium |
| Description: The web interface (WebUI) of NetScreen ScreenOS before 2.6.1r8, and certain 2.8.x and 3.0.x versions before 3.0.3r1, allows remote attackers to cause a denial of service (crash) via a long user name. | ||||
| Applies to: |
Created: 2002-10-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-1069 |
Title: The remote administration capability for the D-Link DI-804 router 4.68 allows remote attackers to bypass authentication and release DHCP addresses or obtain sensitive information via a direct web request to the pages (1) release.htm, (2) Device... |
Type: Hardware |
Bulletins:
CVE-2002-1069 SFBID5544 |
Severity: Medium |
| Description: The remote administration capability for the D-Link DI-804 router 4.68 allows remote attackers to bypass authentication and release DHCP addresses or obtain sensitive information via a direct web request to the pages (1) release.htm, (2) Device Status, or (3) Device Information. | ||||
| Applies to: DI-804 |
Created: 2002-10-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0954 |
Title: The encryption algorithms for enable and passwd commands on Cisco PIX Firewall can be executed quickly due to a limited number of rounds, which make it easier for an attacker to decrypt the passwords using brute force techniques. |
Type: Hardware |
Bulletins:
CVE-2002-0954 |
Severity: High |
| Description: The encryption algorithms for enable and passwd commands on Cisco PIX Firewall can be executed quickly due to a limited number of rounds, which make it easier for an attacker to decrypt the passwords using brute force techniques. | ||||
| Applies to: |
Created: 2002-10-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0886 |
Title: Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to... |
Type: Hardware |
Bulletins:
CVE-2002-0886 SFBID4813 |
Severity: Medium |
| Description: Cisco DSL CPE devices running CBOS 2.4.4 and earlier allows remote attackers to cause a denial of service (hang or memory consumption) via (1) a large packet to the DHCP port, (2) a large packet to the Telnet port, or (3) a flood of large packets to the CPE, which causes the TCP/IP stack to consume large amounts of memory. | ||||
| Applies to: |
Created: 2002-10-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0870 |
Title: The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL... |
Type: Hardware |
Bulletins:
CVE-2002-0870 |
Severity: High |
| Description: The original patch for the Cisco Content Service Switch 11000 Series authentication bypass vulnerability (CVE-2001-0622) was incomplete, which still allows remote attackers to gain additional privileges by directly requesting the web management URL instead of navigating through the interface, possibly via a variant of the original attack, as identified by Cisco bug ID CSCdw08549. | ||||
| Applies to: Cisco CSS 11100 Content Services Switch Series |
Created: 2002-09-05 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0426 |
Title: VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys. |
Type: Hardware |
Bulletins:
CVE-2002-0426 SFBID4250 |
Severity: High |
| Description: VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys. | ||||
| Applies to: BEFVP41 |
Created: 2002-08-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0792 |
Title: The web management interface for Cisco Content Service Switch (CSS) 11000 switches allows remote attackers to cause a denial of service (soft reset) via (1) an HTTPS POST request, or (2) malformed XML data. |
Type: Hardware |
Bulletins:
CVE-2002-0792 SFBID4747 |
Severity: Medium |
| Description: The web management interface for Cisco Content Service Switch (CSS) 11000 switches allows remote attackers to cause a denial of service (soft reset) via (1) an HTTPS POST request, or (2) malformed XML data. | ||||
| Applies to: Cisco CSS 11100 Content Services Switch Series |
Created: 2002-08-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0505 |
Title: Memory leak in the Call Telephony Integration (CTI) Framework authentication for Cisco CallManager 3.0 and 3.1 before 3.1(3) allows remote attackers to cause a denial of service (crash and reload) via a series of authentication failures, e.g. via... |
Type: Hardware |
Bulletins:
CVE-2002-0505 SFBID4370 |
Severity: Medium |
| Description: Memory leak in the Call Telephony Integration (CTI) Framework authentication for Cisco CallManager 3.0 and 3.1 before 3.1(3) allows remote attackers to cause a denial of service (crash and reload) via a series of authentication failures, e.g. via incorrect passwords. | ||||
| Applies to: Cisco Call Manager |
Created: 2002-08-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0813 |
Title: Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename. |
Type: Hardware |
Bulletins:
CVE-2002-0813 SFBID5328 |
Severity: High |
| Description: Heap-based buffer overflow in the TFTP server capability in Cisco IOS 11.1, 11.2, and 11.3 allows remote attackers to cause a denial of service (reset) or modify configuration via a long filename. | ||||
| Applies to: |
Created: 2002-08-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0661 |
Title: Apache: Apache 2.0.39 directory traversal and path disclosure bug |
Type: Web |
Bulletins:
CVE-2002-0661 SFBID5434 |
Severity: High |
| Description: Directory traversal and path disclosure. | ||||
| Applies to: Apache |
Created: 2002-08-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0826 |
Title: Ipswitch WS_FTP Server 3-1-1 Buffer Overflow in SITE CPWD Command Processing |
Type: FTP |
Bulletins:
CVE-2002-0826 SFBID5427 |
Severity: High |
| Description: Ipswitch WS_FTP server is prone to a vulnerability, where a remote authenticated user can cause a buffer overflow and execute arbitrary code while having system level privileges. A patch has been released by the vendor, which is available at: ftp://ftp.ipswitch.com/ipswitch/product_support/WS_FTP_Server/ifs312.exe. For more information on how to apply patches, see: http://www.ipswitch.com/Support/WS_FTP-Server/patch-upgrades.html. The buffer overflow can be generated by sending a special SITE CPWD command, which overwrites the EIP register, causing arbitrary code to be executed. | ||||
| Applies to: Ipswitch WS_FTP Server |
Created: 2002-08-08 |
Updated: 2024-09-07 |
||
| ID: REF000107 |
Title: All Servers: Tomcat source.jsp directory listing and webroot location display |
Type: Web |
Bulletins: | Severity: Medium |
| Description: Remote attackers can obtain listings of web directories. For more information, visit: http://www.cgisecurity.com/archive/webservers/tomcat_3.23_and_3.24_source.jsp_dir_listing_path_disclose.txt | ||||
| Applies to: Apache Tomcat |
Created: 2002-08-01 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-0655 |
Title: OpenSSL versions older than 0.9.7e and 0.9.6m |
Type: Miscellaneous |
Bulletins:
CVE-2002-0655 CVE-2002-0656 CVE-2002-0657 CVE-2002-0659 SFBID5361 SFBID5362 SFBID5363 SFBID5364 SFBID5366 |
Severity: High |
| Description: The OpenSSL library provides cryptographic support to applications that communicate over the network such as the Apache web server, POP3, IMAP, SMTP and LDAP servers. Any vulnerability within the library can be exploited via these applications. Multiple vulnerabilities have been found in the OpenSSL library, allowing remote users to execute arbitrary code with root privileges. Version prior to 0.9.7d and 0.9.6m are affected, thus one is advised to upgrade to a newer version. | ||||
| Applies to: OpenSSL |
Created: 2002-07-30 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0713 |
Title: Multiple Squid vulnerabilities |
Type: Services |
Bulletins:
CVE-2002-0713 CVE-2002-0714 CVE-2002-0715 SFBID5154 SFBID5155 SFBID5156 SFBID5157 SFBID5158 |
Severity: High |
| Description: Remote code execution and/or denial of service. | ||||
| Applies to: |
Created: 2002-07-03 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0545 |
Title: Cisco Aironet before 11.21 with Telnet enabled allows remote attackers to cause a denial of service (reboot) via a series of login attempts with invalid usernames and passwords. |
Type: Hardware |
Bulletins:
CVE-2002-0545 SFBID4461 |
Severity: Medium |
| Description: Cisco Aironet before 11.21 with Telnet enabled allows remote attackers to cause a denial of service (reboot) via a series of login attempts with invalid usernames and passwords. | ||||
| Applies to: Cisco Aironet Ap340 Cisco Aironet Ap350 |
Created: 2002-07-03 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0350 |
Title: HP Procurve Switch 4000M running firmware C.08.22 and C.09.09 allows remote attackers to cause a denial of service via a port scan of the management IP address, which disables the telnet service. |
Type: Hardware |
Bulletins:
CVE-2002-0350 SFBID4212 |
Severity: High |
| Description: HP Procurve Switch 4000M running firmware C.08.22 and C.09.09 allows remote attackers to cause a denial of service via a port scan of the management IP address, which disables the telnet service. | ||||
| Applies to: Procurve Switch 4000m |
Created: 2002-06-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0339 |
Title: Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding (CEF) enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet's length is less than the IP level packet length. |
Type: Hardware |
Bulletins:
CVE-2002-0339 SFBID4191 |
Severity: Medium |
| Description: Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding (CEF) enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet's length is less than the IP level packet length. | ||||
| Applies to: |
Created: 2002-06-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0640 |
Title: Remote OpenSSH Vulnerability |
Type: Miscellaneous |
Bulletins:
CVE-2002-0640 SFBID5093 |
Severity: High |
| Description: A remotely exploitable vulnerability exists in OpenSSH prior to version 3.3 (Version 3.3 is affected only if UsePrivilegeSeparation is disabled). | ||||
| Applies to: OpenSSH |
Created: 2002-06-24 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0392 |
Title: Apache Chunked-Encoding Memory Corruption Vulnerability |
Type: Miscellaneous |
Bulletins:
CVE-2002-0392 SFBID5033 |
Severity: High |
| Description: This version is vulnerable to a bug which may be remotely exploitable. Download the latest version of Apache from httpd.apache.org. | ||||
| Applies to: Apache |
Created: 2002-06-17 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0234 |
Title: NetScreen ScreenOS before 2.6.1 does not support a maximum number of concurrent sessions for a system, which allows an attacker on the trusted network to cause a denial of service (resource exhaustion) via a port scan to an external network, which... |
Type: Hardware |
Bulletins:
CVE-2002-0234 SFBID4015 |
Severity: Low |
| Description: NetScreen ScreenOS before 2.6.1 does not support a maximum number of concurrent sessions for a system, which allows an attacker on the trusted network to cause a denial of service (resource exhaustion) via a port scan to an external network, which consumes all available connections. | ||||
| Applies to: |
Created: 2002-05-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-1634 |
Title: All Servers: Netware default programs display server information |
Type: Web |
Bulletins:
CVE-2002-1634 SFBID4874 |
Severity: Medium |
| Description: Possible sensitive information disclosure. | ||||
| Applies to: Netware |
Created: 2002-05-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-1634 |
Title: All Servers: Netware default programs display server information |
Type: Web |
Bulletins:
CVE-2002-1634 SFBID4874 |
Severity: Medium |
| Description: Possible sensitive information disclosure. | ||||
| Applies to: Netware |
Created: 2002-05-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0893 |
Title: IIS: ServletExec 4.1 ISAPI File Reading |
Type: Web |
Bulletins:
CVE-2002-0893 SFBID4795 |
Severity: Medium |
| Description: View the contents of files normally inaccessible. | ||||
| Applies to: IIS |
Created: 2002-05-22 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0379 |
Title: IMAP4 server |
Type: Services |
Bulletins:
CVE-2002-0379 SFBID4713 |
Severity: High |
| Description: Wu-imapd is vulnerable to a buffer overflow condition. This has been reported to occur when a valid user requests partial mailbox attributes. Exploitation may result in the execution of arbitrary code. | ||||
| Applies to: |
Created: 2002-05-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0889 |
Title: Qualcomm QPopper Bulletin Name Buffer Overflow Vulnerability |
Type: |
Bulletins:
CVE-2002-0889 SFBID4614 |
Severity: Medium |
| Description: QUALCOMM’s QPopper is freely available, and is designed to work on various operating systems, however, a vulnerability exists which affects only the UNIX and Linux platforms. When a user supplies a bulletin with a name longer than 256 bytes, a buffer overflow will occur, resulting in overwriting of the process memory, and also arbitrary code execution. Caldera has issued some fixes. The upgrade is available at: ftp://stage.caldera.com/pub/security/openserver/CSSA-2002-SCO.20/ | ||||
| Applies to: Qualcomm Qpopper |
Created: 2002-04-28 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0575 |
Title: AFS-Kerberos Support in OpenSSH Poses a Security Threat |
Type: Miscellaneous |
Bulletins:
CVE-2002-0575 SFBID4560 |
Severity: High |
| Description: See webpage for more information. | ||||
| Applies to: OpenSSH |
Created: 2002-04-19 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-1744 |
Title: IIS: Microsoft IIS CodeBrws.ASP Source Code Disclosure Vulnerability |
Type: Web |
Bulletins:
CVE-2002-1744 SFBID4525 |
Severity: Medium |
| Description: Source code disclosure. | ||||
| Applies to: IIS |
Created: 2002-04-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0109 |
Title: Linksys EtherFast BEFN2PS4, BEFSR41, and BEFSR81 Routers, and possibly other products, allow remote attackers to gain sensitive information and cause a denial of service via an SNMP query for the default community string "public," which causes the... |
Type: Hardware |
Bulletins:
CVE-2002-0109 SFBID3795 |
Severity: Medium |
| Description: Linksys EtherFast BEFN2PS4, BEFSR41, and BEFSR81 Routers, and possibly other products, allow remote attackers to gain sensitive information and cause a denial of service via an SNMP query for the default community string "public," which causes the router to change its configuration and send SNMP trap information back to the system that initiated the query. | ||||
| Applies to: BEFSR41 BEFSR81 |
Created: 2002-03-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0061 |
Title: Apache: Apache Win32 Batch File Remote Command Execution Vulnerability |
Type: Web |
Bulletins:
CVE-2002-0061 SFBID4335 |
Severity: High |
| Description: Remote Command Execution. | ||||
| Applies to: Apache |
Created: 2002-03-21 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0434 |
Title: All Servers: Directory.php Allows Arbitrary Code Execution |
Type: Web |
Bulletins:
CVE-2002-0434 SFBID4278 |
Severity: High |
| Description: Arbitrary Code Execution. | ||||
| Applies to: |
Created: 2002-03-12 |
Updated: 2024-09-07 |
||
| ID: SFBID4261 |
Title: Web server 404 path disclosure |
Type: Miscellaneous |
Bulletins:
SFBID4261 |
Severity: Medium |
| Description: Some web servers disclose the webroot path when asked for a non existant page. This should not be allowed on production servers. | ||||
| Applies to: |
Created: 2002-03-09 |
Updated: 2010-08-21 |
||
| ID: CVE-2000-1196 |
Title: Netscape: Netscape PSCOErrPage |
Type: Web |
Bulletins:
CVE-2000-1196 |
Severity: Medium |
| Description: View any file on the remote computer. | ||||
| Applies to: Netscape |
Created: 2002-03-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0461 |
Title: All Servers: Free On-line Dictionary |
Type: Web |
Bulletins:
CVE-2001-0461 |
Severity: High |
| Description: Possible Remote command execution. | ||||
| Applies to: |
Created: 2002-03-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0083 |
Title: OpenSSH Channel Code Off-By-One Vulnerability |
Type: Miscellaneous |
Bulletins:
CVE-2002-0083 SFBID4241 |
Severity: High |
| Description: Exploitation of this vulnerability may give the attacker the ability to execute arbitrary code on the vulnerable system. | ||||
| Applies to: OpenSSH |
Created: 2002-03-07 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0082 |
Title: Apache Mod_SSL-Apache-SSL Buffer Overflow Vulnerability |
Type: Miscellaneous |
Bulletins:
CVE-2002-0082 SFBID4189 |
Severity: High |
| Description: May allow for attackers to execute arbitrary code. | ||||
| Applies to: Apache |
Created: 2002-02-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0081 |
Title: PHP Post File Upload Buffer Overflow Vulnerabilities |
Type: Miscellaneous |
Bulletins:
CVE-2002-0081 SFBID4183 |
Severity: High |
| Description: Possibly run arbitrary code (read the advisory for more info). | ||||
| Applies to: PHP |
Created: 2002-02-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0232 |
Title: All Servers: MRTG CGI Arbitrary File Display Vulnerability |
Type: Web |
Bulletins:
CVE-2002-0232 SFBID4017 |
Severity: Medium |
| Description: View arbitrary files. | ||||
| Applies to: MRTG |
Created: 2002-02-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0232 |
Title: All Servers: MRTG CGI Arbitrary File Display Vulnerability |
Type: Web |
Bulletins:
CVE-2002-0232 SFBID4017 |
Severity: Medium |
| Description: View arbitrary files. | ||||
| Applies to: MRTG |
Created: 2002-02-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0232 |
Title: All Servers: MRTG CGI Arbitrary File Display Vulnerability |
Type: Web |
Bulletins:
CVE-2002-0232 SFBID4017 |
Severity: Medium |
| Description: View arbitrary files. | ||||
| Applies to: MRTG |
Created: 2002-02-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0232 |
Title: All Servers: MRTG CGI Arbitrary File Display Vulnerability |
Type: Web |
Bulletins:
CVE-2002-0232 SFBID4017 |
Severity: Medium |
| Description: View arbitrary files. | ||||
| Applies to: MRTG |
Created: 2002-02-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0232 |
Title: All Servers: MRTG CGI Arbitrary File Display Vulnerability |
Type: Web |
Bulletins:
CVE-2002-0232 SFBID4017 |
Severity: Medium |
| Description: View arbitrary files. | ||||
| Applies to: MRTG |
Created: 2002-02-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-2113 |
Title: All Servers: AHG's 'search.cgi' Search Engine Input Validation Flaw |
Type: Web |
Bulletins:
CVE-2002-2113 SFBID3985 |
Severity: High |
| Description: Remote users can execute arbitrary commands on the web server. | ||||
| Applies to: AHG |
Created: 2002-01-29 |
Updated: 2024-09-07 |
||
| ID: SFBID3915 |
Title: All Servers: COWS CGI Online Worldweb Shopping Information Disclosure Vulnerability |
Type: Web |
Bulletins:
SFBID3915 |
Severity: Medium |
| Description: Sensitive information disclosure. | ||||
| Applies to: COWS |
Created: 2002-01-21 |
Updated: 2010-08-21 |
||
| ID: CVE-2002-2032 |
Title: All Servers: Possible PHPNuke SQL_Debug Information Disclosure Vulnerability |
Type: Web |
Bulletins:
CVE-2002-2032 SFBID3906 |
Severity: Medium |
| Description: Information disclosure. | ||||
| Applies to: |
Created: 2002-01-18 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-2033 |
Title: Apache: Faqmanager.cgi file read vulnerability |
Type: Web |
Bulletins:
CVE-2002-2033 SFBID3810 |
Severity: Medium |
| Description: Faqmanager can be used to read files on the server the httpd has access to. | ||||
| Applies to: Apache |
Created: 2002-01-07 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-2029 |
Title: Apache: Security Risk When Using the CGI Binary (PHP.EXE) Under Apache |
Type: Web |
Bulletins:
CVE-2002-2029 SFBID3786 |
Severity: High |
| Description: Read arbitrary files from remote server. | ||||
| Applies to: Apache |
Created: 2002-01-04 |
Updated: 2024-09-07 |
||
| ID: REF000323 |
Title: yppasswdd service running |
Type: RPC |
Bulletins: | Severity: High |
| Description: Some versions of this service are vulnerable (Run arbitrary commands as root). | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000308 |
Title: Windows AutoUpdate is not enabled |
Type: Registry |
Bulletins: | Severity: High |
| Description: Windows AutoUpdate is not enabled, therefore it is recommended to look into this issue unless LANguard is used for network-wide patch management. | ||||
| Applies to: Windows |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000307 |
Title: Windows AutoUpdate is enabled but requires user interaction to install patches |
Type: Registry |
Bulletins: | Severity: Low |
| Description: While AutoUpdate is enabled, the end user must approve the installation. This could lead to a delay in patches installation should the user select not install patches promptly. | ||||
| Applies to: Windows |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000306 |
Title: Windows AutoUpdate is enabled but require user intervention for both patch download and installation |
Type: Registry |
Bulletins: | Severity: Low |
| Description: Although windows AutoUpdate is enabled, the system relies on the end user to approve both patch download and installation.This could lead to a delay in patch installation or no installation at all. | ||||
| Applies to: Windows |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000322 |
Title: walld message spoofing |
Type: RPC |
Bulletins: | Severity: Low |
| Description: An attacker can use this service for spoofing console messages. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000256 |
Title: Vulnerable Linux/Unix application package |
Type: Miscellaneous |
Bulletins: | Severity: High |
| Description: Checks installed application versions for known security updates issued in newer versions. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000319 |
Title: This computer is a NIS server |
Type: RPC |
Bulletins: | Severity: Low |
| Description: NIS has a reputation of being extremely insecure. Read the following document for detalied information. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0660 |
Title: Telecomando trojan |
Type: Registry |
Bulletins:
CVE-1999-0660 |
Severity: Medium |
| Description: A trojan horse is likely to be installed on this computer. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000189 |
Title: Systems Management Server |
Type: Information |
Bulletins: | Severity: Information |
| Description: Systems Management Server is running on this computer. | ||||
| Applies to: SMS |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0660 |
Title: Syphillis 1-18 trojan |
Type: Registry |
Bulletins:
CVE-1999-0660 |
Severity: Medium |
| Description: A trojan horse is likely to be installed on this computer. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0660 |
Title: Subseven 2-x trojan |
Type: Registry |
Bulletins:
CVE-1999-0660 |
Severity: Medium |
| Description: A trojan horse is likely to be installed on this computer. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000187 |
Title: SSL module running |
Type: Information |
Bulletins: | Severity: Information |
| Description: SSL is designed to encrypt and thus secure data in transit between a client and a server. However SSL does not eradicate vulnerabilities on the web server. These servers are vulnerable to the same attacks that compromise other non-SSL web servers. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000186 |
Title: SSL enabled |
Type: Information |
Bulletins: | Severity: Information |
| Description: SSL is designed to encrypt and thus secure data in transit between a client and a server. However SSL does not eradicate vulnerabilities on the web server. These servers are vulnerable to the same attacks that compromise other non-SSL web servers. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000295 |
Title: Shutdown without logon |
Type: Registry |
Bulletins: | Severity: Low |
| Description: Anybody is allowed to shutdown this computer. For more information, visit: http://support.microsoft.com/kb/816569 | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2018-05-02 |
||
| ID: CVE-1999-0660 |
Title: Psychward trojan |
Type: Registry |
Bulletins:
CVE-1999-0660 |
Severity: Medium |
| Description: A trojan horse is likely to be installed on this computer. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0660 |
Title: Prosiak 0-70 trojan |
Type: Registry |
Bulletins:
CVE-1999-0660 |
Severity: Medium |
| Description: A trojan horse is likely to be installed on this computer. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0660 |
Title: Priority BETA trojan |
Type: Registry |
Bulletins:
CVE-1999-0660 |
Severity: Medium |
| Description: A trojan horse is likely to be installed on this computer. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000184 |
Title: PHP module running |
Type: Information |
Bulletins: | Severity: Information |
| Description: PHP is installed on this web server. | ||||
| Applies to: PHP |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000183 |
Title: Perl module running |
Type: Information |
Bulletins: | Severity: Information |
| Description: mod_perl is installed on this web server. | ||||
| Applies to: Perl |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000081 |
Title: Netscape: Netscape Administration Server admin password |
Type: Web |
Bulletins: | Severity: Medium |
| Description: Read encrypted password for Netscape Administration server. | ||||
| Applies to: Netscape |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0660 |
Title: NetbusPro2 trojan |
Type: Registry |
Bulletins:
CVE-1999-0660 |
Severity: Medium |
| Description: A trojan horse is likely to be installed on this computer. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0660 |
Title: Ncw trojan |
Type: Registry |
Bulletins:
CVE-1999-0660 |
Severity: Medium |
| Description: A trojan horse is likely to be installed on this computer. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000304 |
Title: Nachi Worm |
Type: Registry |
Bulletins: | Severity: High |
| Description: A trojan horse is likely to be installed on this computer. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000283 |
Title: LM Hash |
Type: Registry |
Bulletins: | Severity: Medium |
| Description: It is recommended to use NTLM authentication instead of LM. For more information, visit: http://support.microsoft.com/kb/147706 | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000198 |
Title: Linux/Unix application package(s) version check |
Type: Information |
Bulletins: | Severity: Information |
| Description: This check lists all application that are older than latest recorded release. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000282 |
Title: Last logged-on username visible |
Type: Registry |
Bulletins: | Severity: Low |
| Description: By default, Windows displays the last logged-on user. For more information, visit: http://support.microsoft.com/kb/114463 | ||||
| Applies to: Windows |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0660 |
Title: Kuang trojan |
Type: Registry |
Bulletins:
CVE-1999-0660 |
Severity: Medium |
| Description: A trojan horse is likely to be installed on this computer. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0660 |
Title: Indoctrination trojan |
Type: Registry |
Bulletins:
CVE-1999-0660 |
Severity: Medium |
| Description: A trojan horse is likely to be installed on this computer. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000124 |
Title: IIS: Terminal Services |
Type: Web |
Bulletins: | Severity: Low |
| Description: Terminal Services are installed on this computer. | ||||
| Applies to: IIS |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000062 |
Title: IIS: IIS Global.asa Retrieval |
Type: Web |
Bulletins: | Severity: Low |
| Description: Possible sensitive information disclosure. | ||||
| Applies to: IIS |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000060 |
Title: IIS: IIS ASP.NET Application Trace Enabled |
Type: Web |
Bulletins: | Severity: Low |
| Description: Possible sensitive information disclosure. | ||||
| Applies to: IIS |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000275 |
Title: Guest users have access to the system log |
Type: Registry |
Bulletins: | Severity: Medium |
| Description: You should disable guest access by creating a DWORD key named "RestrictGuestAccess" with value of "1" (HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/EventLog/System) | ||||
| Applies to: Windows |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000273 |
Title: Guest users have access to the security log |
Type: Registry |
Bulletins: | Severity: Medium |
| Description: You should disable guest access by creating a DWORD key named "RestrictGuestAccess" with value of "1" (HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/EventLog/Security). | ||||
| Applies to: Windows |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000271 |
Title: Guest users have access to the application log |
Type: Registry |
Bulletins: | Severity: Medium |
| Description: You should disable guest access by creating a DWORD key named "RestrictGuestAccess" with value of "1" (HKEY_LOCAL_MACHINE/System/CurrentControlSet/Services/EventLog/Application) | ||||
| Applies to: Windows |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000179 |
Title: Frontpage extensions enabled |
Type: Information |
Bulletins: | Severity: Information |
| Description: Frontpage extensions are enabled on this web server. | ||||
| Applies to: Frontpage extensions |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000311 |
Title: fam service running |
Type: RPC |
Bulletins: | Severity: Medium |
| Description: Some versions of this service are vulnerable (Run arbitrary commands as root). | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0660 |
Title: CrazyNet trojan |
Type: Registry |
Bulletins:
CVE-1999-0660 |
Severity: Medium |
| Description: CrazyNet Trojan inserts itself into a computer and runs in the background, allowing an attacker to gain full control over this computer. Such trojan is installed in %windir%\Registry32.exe, where %windir% is a variable, and is the folder where Windows is installed. The following lines in System.ini are set:run=Registry32.exeshell=Explorer.exe Registry32.exeIt also created the valueReg32With the string “Registry32.exe”in the registry keyHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunIn order to solve this problem, delete the value Reg32 in the registry. One should also delete the two mentioned lines above from the System.ini file. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000178 |
Title: ClearCase running |
Type: Information |
Bulletins: | Severity: Information |
| Description: ClearCase is running on this computer. | ||||
| Applies to: ClearCase |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000265 |
Title: Cached Logon Credentials |
Type: Registry |
Bulletins: | Severity: Low |
| Description: Microsoft Windows NT caches the logon information of users who would have logged on, so that they would be able to logon when the server is unavailable. When a domain controller is unavailable and a user’s logon information is cached, the user will still be allowed to logon. The cache can hold up from 0 to 50 logon attempts, with the value of 0 disabling logon caching. If the value is set to a high value and an administrator logs in to computers to solve specific problems, an attacker might obtain the credentials of the administrator at a later stage, and logon with such an account, having powerful privileges. The registry value for setting this type of caching is: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\CachedLogonsCount. Ideally it should be set to either 0 to disable caching, or else it should be set to 1 to provide for functionality (allowing the last user to logon immediately next time) and security. | ||||
| Applies to: Windows NT |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000303 |
Title: Blaster Worm |
Type: Registry |
Bulletins: | Severity: High |
| Description: Blaster Worm was a computer worm that spread through Microsoft Windows XP and Windows 2000 operating systems. The worm was programmed to start a SYN flood on August 2003 against port 80 of windowsupdate.com, creating a denial of service attack against such site. However, Microsoft immediately shut down the targeted site creating minimal effects. The worm can be detected because it adds the value: "windows auto update"="msblast.exe"To the registry key:HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunThe worm spread by exploiting a buffer overflow in the DCOM RPC service on the affected operating system. Computers infected with such worm will become unstable and will restart. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0660 |
Title: Back Orifice 2000 (BO2K) trojan |
Type: Registry |
Bulletins:
CVE-1999-0660 |
Severity: Medium |
| Description: Back Orifice 2000 is a backdoor trojan horse, which when installed on Microsoft Windows system it allows attackers to gain full access to the system through a network connection. In consists of a client and a server, where the client runs on one machine and is used to monitor and control a second machine running the server application. To remove Back Orifice manually one needs to restart the machine in MS_DOS mode and delete the Back Orifice server from the Windows system directory using the following command:DEL C:\WINDOWS\SYSTEM\EXE~1Back Orifice will also add a key to the registry: HKEY_LOCAL_MACHINE\SOFTWARE\Cult Of The Dead Cow\Back Orifice 2000So by checking the registry, such trojan can be detected.When the trojan horse is executed it opens connections from the computer where it is installed, to the Internet. An intruder will be able to control the computer. The trojan horse is invisible and will restart itself automatically when Windows is rebooted. Through Back Orifice, an attacker can view and modify files, create a log file of the computer users’ actions, crash a computer, and take screen shots of the computer screen. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000262 |
Title: AutoShareWKS |
Type: Registry |
Bulletins: | Severity: Low |
| Description: The administrative shares (C$,D$,ADMIN$,etc) are available on this machine. For Internal networks these are normally turned on for administrative purposes. For Web server(s) these are normally turned off in order to solidify the possible entry points (since it is more exposed to attacks.). If you don't use them set HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters\AutoShareWks to 0 to prevent creation of these shares. For more information, visit: http://support.microsoft.com/kb/245117 | ||||
| Applies to: Windows |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000260 |
Title: AutoShareServer |
Type: Registry |
Bulletins: | Severity: Low |
| Description: The administrative shares (C$,D$,ADMIN$,etc) are available on this machine. For Internal networks these are normally turned on for administrative purposes. For Web server(s) these are normally turned off in order to solidify the possible entry points (since it is more exposed to attacks.). If you don't use them set HKLM\SYSTEM\CurrentControlSet\Services\lanmanserver\parameters\AutoShareServer to 0 to prevent creation of these shares. For more information, visit: http://support.microsoft.com/kb/245117 | ||||
| Applies to: Windows |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000305 |
Title: Auto Logon |
Type: Registry |
Bulletins: | Severity: High |
| Description: Automatic logon uses the domain, user name, and password stored in the registry to log users on to the computer when the system starts. The problem with automatic logon is the fact that any user can start your computer and log on using your account. Automatic logon proceeds differently from authenticated logon, and can cause timing conflicts. For example if one is loading several network transport protocols, automatic logon might cause Windows 2000 to attempt to connect to some network resources before the protocols’ network transports are completely loaded. In order to solve this vulnerability one should set AutoAdminLogon to 0, and delete the value of DefaultPassword. The latter is stored and displayed in the registry editor in plain, unencrypted text. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: CVE-2000-0628 |
Title: Apache: Apache source.asp |
Type: Web |
Bulletins:
CVE-2000-0628 |
Severity: High |
| Description: Create files in the directory where source.asp is located. An attacker can upload his own scripts and run them. | ||||
| Applies to: Apache |
Created: 2002-01-01 |
Updated: 2024-09-07 |
||
| ID: REF000016 |
Title: Apache: Apache server-status |
Type: Web |
Bulletins: | Severity: Low |
| Description: Information such as server version and type should be hidden/omitted or changed to something more generic where possible so that such information is hidden from potential intruders. | ||||
| Applies to: Apache |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000015 |
Title: Apache: Apache server-info |
Type: Web |
Bulletins: | Severity: Low |
| Description: Information such as server version and type should be hidden/omitted or changed to something more generic where possible so that such information is hidden from potential intruders. | ||||
| Applies to: Apache |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000013 |
Title: Apache: Apache manual |
Type: Web |
Bulletins: | Severity: Low |
| Description: Apache online manual has not been removed. | ||||
| Applies to: Apache |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000309 |
Title: amd service running |
Type: RPC |
Bulletins: | Severity: High |
| Description: Some versions of this service are vulnerable (Run arbitrary commands). | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000090 |
Title: All Servers: Perl.exe |
Type: Web |
Bulletins: | Severity: Medium |
| Description: Possible to run perl commands (web server level privileges). | ||||
| Applies to: Perl |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000040 |
Title: All Servers: Directory Manager Execution bug |
Type: Web |
Bulletins: | Severity: Medium |
| Description: Allows an attacker to execute commands as webserver-user. | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: REF000191 |
Title: A modem is installed on this computer |
Type: Information |
Bulletins: | Severity: Information |
| Description: Modems can be a network security threats because they allow insiders to make unfiltered connections using the telephone system | ||||
| Applies to: |
Created: 2002-01-01 |
Updated: 2010-08-21 |
||
| ID: CVE-2001-1209 |
Title: All Servers: Abe Timmerman zml.cgi File Disclosure Vulnerability |
Type: Web |
Bulletins:
CVE-2001-1209 SFBID3759 |
Severity: Medium |
| Description: Remote file retrieving. | ||||
| Applies to: |
Created: 2001-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-1210 |
Title: Cisco ubr900 series routers that conform to the Data-over-Cable Service Interface Specifications (DOCSIS) standard must ship without SNMP access restrictions, which can allow remote attackers to read and write information to the MIB using arbitrary... |
Type: Hardware |
Bulletins:
CVE-2001-1210 SFBID3758 |
Severity: Medium |
| Description: Cisco ubr900 series routers that conform to the Data-over-Cable Service Interface Specifications (DOCSIS) standard must ship without SNMP access restrictions, which can allow remote attackers to read and write information to the MIB using arbitrary community strings. | ||||
| Applies to: Cisco uBR 924 Cable Access Router Cisco uBR 925 Cable Access Router |
Created: 2001-12-30 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-1221 |
Title: D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point uses a default SNMP community string of 'public' which allows remote attackers to gain sensitive information. |
Type: Hardware |
Bulletins:
CVE-2001-1221 SFBID3736 |
Severity: Medium |
| Description: D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point uses a default SNMP community string of 'public' which allows remote attackers to gain sensitive information. | ||||
| Applies to: DWL-1000AP |
Created: 2001-12-21 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-1220 |
Title: D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point stores the administrative password in plaintext in the default Management Information Base (MIB), which allows remote attackers to gain administrative privileges. |
Type: Hardware |
Bulletins:
CVE-2001-1220 SFBID3735 |
Severity: High |
| Description: D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point stores the administrative password in plaintext in the default Management Information Base (MIB), which allows remote attackers to gain administrative privileges. | ||||
| Applies to: DWL-1000AP |
Created: 2001-12-21 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0866 |
Title: Cisco 12000 with IOS 12.0 and lines card based on Engine 2 does not properly handle an outbound ACL when an input ACL is not configured on all the interfaces of a multi port line card, which could allow remote attackers to bypass the intended access... |
Type: Hardware |
Bulletins:
CVE-2001-0866 SFBID3537 |
Severity: High |
| Description: Cisco 12000 with IOS 12.0 and lines card based on Engine 2 does not properly handle an outbound ACL when an input ACL is not configured on all the interfaces of a multi port line card, which could allow remote attackers to bypass the intended access controls. | ||||
| Applies to: Cisco 12000 Router Series |
Created: 2001-12-06 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0865 |
Title: Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not support the "fragment" keyword in an outgoing ACL, which could allow fragmented packets in violation of the intended access. |
Type: Hardware |
Bulletins:
CVE-2001-0865 SFBID3540 |
Severity: High |
| Description: Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not support the "fragment" keyword in an outgoing ACL, which could allow fragmented packets in violation of the intended access. | ||||
| Applies to: Cisco 12000 Router Series |
Created: 2001-12-06 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0864 |
Title: Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly handle the implicit "deny ip any any" rule in an outgoing ACL when the ACL contains exactly 448 entries, which can allow some outgoing packets to bypass access restrictions. |
Type: Hardware |
Bulletins:
CVE-2001-0864 SFBID3536 |
Severity: High |
| Description: Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly handle the implicit "deny ip any any" rule in an outgoing ACL when the ACL contains exactly 448 entries, which can allow some outgoing packets to bypass access restrictions. | ||||
| Applies to: Cisco 12000 Router Series |
Created: 2001-12-06 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0867 |
Title: Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly filter does not properly filter packet fragments even when the "fragment" keyword is used in an ACL, which allows remote attackers to bypass the intended access controls. |
Type: Hardware |
Bulletins:
CVE-2001-0867 SFBID3538 |
Severity: High |
| Description: Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly filter does not properly filter packet fragments even when the "fragment" keyword is used in an ACL, which allows remote attackers to bypass the intended access controls. | ||||
| Applies to: Cisco 12000 Router Series |
Created: 2001-12-06 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0863 |
Title: Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not handle the "fragment" keyword in a compiled ACL (Turbo ACL) for packets that are sent to the router, which allows remote attackers to cause a denial of service via a flood of fragments. |
Type: Hardware |
Bulletins:
CVE-2001-0863 SFBID3539 |
Severity: Medium |
| Description: Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not handle the "fragment" keyword in a compiled ACL (Turbo ACL) for packets that are sent to the router, which allows remote attackers to cause a denial of service via a flood of fragments. | ||||
| Applies to: Cisco 12000 Router Series |
Created: 2001-12-06 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0862 |
Title: Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not block non-initial packet fragments, which allows remote attackers to bypass the ACL. |
Type: Hardware |
Bulletins:
CVE-2001-0862 SFBID3535 |
Severity: High |
| Description: Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not block non-initial packet fragments, which allows remote attackers to bypass the ACL. | ||||
| Applies to: Cisco 12000 Router Series |
Created: 2001-12-06 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0861 |
Title: Cisco 12000 with IOS 12.0 and line cards based on Engine 2 and earlier allows remote attackers to cause a denial of service (CPU consumption) by flooding the router with traffic that generates a large number of ICMP Unreachable replies. |
Type: Hardware |
Bulletins:
CVE-2001-0861 SFBID3534 |
Severity: Medium |
| Description: Cisco 12000 with IOS 12.0 and line cards based on Engine 2 and earlier allows remote attackers to cause a denial of service (CPU consumption) by flooding the router with traffic that generates a large number of ICMP Unreachable replies. | ||||
| Applies to: Cisco 12000 Router Series |
Created: 2001-12-06 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0929 |
Title: Cisco IOS Firewall Feature set, aka Context Based Access Control (CBAC) or Cisco Secure Integrated Software, for IOS 11.2P through 12.2T does not properly check the IP protocol type, which could allow remote attackers to bypass access control lists. |
Type: Hardware |
Bulletins:
CVE-2001-0929 SFBID3588 |
Severity: High |
| Description: Cisco IOS Firewall Feature set, aka Context Based Access Control (CBAC) or Cisco Secure Integrated Software, for IOS 11.2P through 12.2T does not properly check the IP protocol type, which could allow remote attackers to bypass access control lists. | ||||
| Applies to: |
Created: 2001-11-28 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0550 |
Title: WU-FTPD glob() function error handling heap corruption |
Type: FTP |
Bulletins:
CVE-2001-0550 SFBID3581 |
Severity: High |
| Description: All versions of WU-FTPD alows an attacker to cause a heap corruption, caused by a vulnerability in the glob function. Such function fails to properly signal an error to its caller, and the ftpglob function fails to set the globerr variable under certain situations. The attacker can send a command followed by a tilde and open bracket characters to the FTP server causing a corruption of the process memory space. This allows the execution of arbitrary code on the system with root privileges. In order to detect the vulnerability, the following checks should be enable in the ISS Protection Platform:WuftpGlobHeapCorruptionwuftp-glob-heap-corruptionFor a virtual patch enable the following check in the ISS Protection Platform:FTP_Glob_TildeBrace_VulnsBlock or restrict port 21 in the ISS Protection Platform.For more information on how to do manual protection see: http://xforce.iss.net/xforce/xfdb/7611 | ||||
| Applies to: wu-ftpd |
Created: 2001-11-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0895 |
Title: Multiple Cisco networking products allow remote attackers to cause a denial of service on the local network via a series of ARP packets sent to the router's interface that contains a different MAC address for the router, which eventually causes the... |
Type: Hardware |
Bulletins:
CVE-2001-0895 SFBID3547 |
Severity: Medium |
| Description: Multiple Cisco networking products allow remote attackers to cause a denial of service on the local network via a series of ARP packets sent to the router's interface that contains a different MAC address for the router, which eventually causes the router to overwrite the MAC address in its ARP table. | ||||
| Applies to: Cisco Catalyst 2900 Series XL Switches Cisco Catalyst 2950 Series Switches Cisco Catalyst 3500 Series XL Switches Cisco Catalyst 3550 Series Switches Cisco Catalyst 4000 Series Switches Cisco Catalyst C2948G-L3 Ethernet Switch Cisco Catalyst... |
Created: 2001-11-15 |
Updated: 2024-09-07 |
||
| ID: REF000251 |
Title: SSH server accepts Version 1.x connections |
Type: Miscellaneous |
Bulletins: | Severity: Medium |
| Description: SSH protocol Version 1 has various vulnerabilities, this should be disabled and only version 2 clients should be allowed to connect. For more information, visit: http://www.ssh.com/company/newsroom/article/210/ | ||||
| Applies to: |
Created: 2001-11-07 |
Updated: 2010-08-21 |
||
| ID: CVE-2001-1503 |
Title: Solaris Fingerd Discloses Complete User List |
Type: Miscellaneous |
Bulletins:
CVE-2001-1503 SFBID3457 |
Severity: Low |
| Description: Sensitive information disclosure. | ||||
| Applies to: Solaris SunOS |
Created: 2001-10-22 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0751 |
Title: Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers (ISN), which allows remote attackers to spoof or hijack TCP connections. |
Type: Hardware |
Bulletins:
CVE-2001-0751 |
Severity: High |
| Description: Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers (ISN), which allows remote attackers to spoof or hijack TCP connections. | ||||
| Applies to: |
Created: 2001-10-18 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0750 |
Title: Cisco IOS 12.1(2)T, 12.1(3)T allow remote attackers to cause a denial of service (reload) via a connection to TCP ports 3100-3999, 5100-5999, 7100-7999 and 10100-10999. |
Type: Hardware |
Bulletins:
CVE-2001-0750 SFBID2804 |
Severity: Medium |
| Description: Cisco IOS 12.1(2)T, 12.1(3)T allow remote attackers to cause a denial of service (reload) via a connection to TCP ports 3100-3999, 5100-5999, 7100-7999 and 10100-10999. | ||||
| Applies to: |
Created: 2001-10-18 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0753 |
Title: Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) enable in cleartext in the NVRAM and a configuration file, which could allow unauthorized users to obtain the passwords and gain privileges. |
Type: Hardware |
Bulletins:
CVE-2001-0753 |
Severity: High |
| Description: Cisco CBOS 2.3.8 and earlier stores the passwords for (1) exec and (2) enable in cleartext in the NVRAM and a configuration file, which could allow unauthorized users to obtain the passwords and gain privileges. | ||||
| Applies to: |
Created: 2001-10-18 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0752 |
Title: Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via an ICMP ECHO REQUEST (ping) with the IP Record Route option set. |
Type: Hardware |
Bulletins:
CVE-2001-0752 |
Severity: Medium |
| Description: Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via an ICMP ECHO REQUEST (ping) with the IP Record Route option set. | ||||
| Applies to: |
Created: 2001-10-18 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0754 |
Title: Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via a series of large ICMP ECHO REPLY (ping) packets, which cause it to enter ROMMON mode and stop forwarding packets. |
Type: Hardware |
Bulletins:
CVE-2001-0754 |
Severity: Medium |
| Description: Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via a series of large ICMP ECHO REPLY (ping) packets, which cause it to enter ROMMON mode and stop forwarding packets. | ||||
| Applies to: |
Created: 2001-10-18 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0757 |
Title: Cisco 6400 Access Concentrator Node Route Processor 2 (NRP2) 12.1DC card does not properly disable access when a password has not been set for vtys, which allows remote attackers to obtain access via telnet. |
Type: Hardware |
Bulletins:
CVE-2001-0757 SFBID2874 |
Severity: High |
| Description: Cisco 6400 Access Concentrator Node Route Processor 2 (NRP2) 12.1DC card does not properly disable access when a password has not been set for vtys, which allows remote attackers to obtain access via telnet. | ||||
| Applies to: Cisco 6400 Universal Access Concentrator |
Created: 2001-10-18 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-1156 |
Title: TYPSoft FTP Server 0-95-1 and possibly prior for Microsoft Windows Can Be Crashed by Remote Users |
Type: FTP |
Bulletins:
CVE-2001-1156 SFBID3409 |
Severity: Medium |
| Description: A vulnerability was reported in TYPSoft’s FTP Server, where remote users can cause the server to crash. There is currently no solution to the vulnerability at the moment. If a remote user accesses the FTP service and sends a STOR or RETR command as shown below, the FTP server goes into a denial of service condition since it will consume nearly all CPU resources.RETR ../../*STOR ../../* | ||||
| Applies to: TYPSoft FTP Server |
Created: 2001-10-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-1071 |
Title: Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements. |
Type: Hardware |
Bulletins:
CVE-2001-1071 SFBID3412 |
Severity: Medium |
| Description: Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements. | ||||
| Applies to: |
Created: 2001-10-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0650 |
Title: Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute. |
Type: Hardware |
Bulletins:
CVE-2001-0650 SFBID2733 |
Severity: Medium |
| Description: Cisco devices IOS 12.0 and earlier allow a remote attacker to cause a crash, or bad route updates, via malformed BGP updates with unrecognized transitive attribute. | ||||
| Applies to: |
Created: 2001-09-20 |
Updated: 2024-09-07 |
||
| ID: REF000106 |
Title: IIS: This computer seems to be infected with Nimda |
Type: Web |
Bulletins: | Severity: High |
| Description: This system seems to be compromised. For more information, visit: http://www.cert.org/advisories/CA-2001-26.html | ||||
| Applies to: IIS |
Created: 2001-09-18 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0756 |
Title: IIS: Cold Fusion check |
Type: Web |
Bulletins:
CVE-1999-0756 |
Severity: Medium |
| Description: Related links: www.isummation.com/securing_coldfusion_pages_through_iis.htmlwww.sans.org/rr/papers/index.php?id=300 | ||||
| Applies to: IIS |
Created: 2001-09-18 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-1014 |
Title: All Servers: (e)shop Online-Shop System |
Type: Web |
Bulletins:
CVE-2001-1014 SFBID3340 |
Severity: High |
| Description: Allows attackers to execute commands (web server privilege). | ||||
| Applies to: |
Created: 2001-09-15 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-1137 |
Title: D-Link DI-704 Internet Gateway firmware earlier than V2.56b6 allows remote attackers to cause a denial of service (reboot) via malformed IP datagram fragments. |
Type: Hardware |
Bulletins:
CVE-2001-1137 SFBID3306 |
Severity: Medium |
| Description: D-Link DI-704 Internet Gateway firmware earlier than V2.56b6 allows remote attackers to cause a denial of service (reboot) via malformed IP datagram fragments. | ||||
| Applies to: DI-704 |
Created: 2001-09-06 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0992 |
Title: All Servers: ShopPlus Cart |
Type: Web |
Bulletins:
CVE-2001-0992 |
Severity: High |
| Description: Script doesn't check symbols. any user can execute commands on webserver. | ||||
| Applies to: ShopPlus Cart |
Created: 2001-09-05 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-1065 |
Title: Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack. |
Type: Hardware |
Bulletins:
CVE-2001-1065 |
Severity: Medium |
| Description: Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack. | ||||
| Applies to: |
Created: 2001-08-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0711 |
Title: Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a denial of service via the undocumented Interim Local Management Interface (ILMI) SNMP community string. |
Type: Hardware |
Bulletins:
CVE-2001-0711 |
Severity: Medium |
| Description: Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a denial of service via the undocumented Interim Local Management Interface (ILMI) SNMP community string. | ||||
| Applies to: |
Created: 2001-08-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-1064 |
Title: Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denial of service via multiple connections to the router on the (1) HTTP or (2) telnet service, which causes the router to become unresponsive and stop... |
Type: Hardware |
Bulletins:
CVE-2001-1064 SFBID3236 |
Severity: Medium |
| Description: Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denial of service via multiple connections to the router on the (1) HTTP or (2) telnet service, which causes the router to become unresponsive and stop forwarding packets. | ||||
| Applies to: |
Created: 2001-08-31 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-1168 |
Title: All Servers: PhpMyExplorer Vulnerable to Directory Traversal |
Type: Web |
Bulletins:
CVE-2001-1168 |
Severity: Medium |
| Description: Allows attackers to view and read files that reside outside the normal bound directory. | ||||
| Applies to: PhpMyExplorer |
Created: 2001-08-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0589 |
Title: NetScreen ScreenOS prior to 2.5r6 on the NetScreen-10 and Netscreen-100 can allow a local attacker to bypass the DMZ 'denial' policy via specific traffic patterns. |
Type: Hardware |
Bulletins:
CVE-2001-0589 SFBID2523 |
Severity: Low |
| Description: NetScreen ScreenOS prior to 2.5r6 on the NetScreen-10 and Netscreen-100 can allow a local attacker to bypass the DMZ 'denial' policy via specific traffic patterns. | ||||
| Applies to: |
Created: 2001-08-22 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0622 |
Title: The web management service on Cisco Content Service series 11000 switches (CSS) before WebNS 4.01B29s or WebNS 4.10B17s allows a remote attacker to gain additional privileges by directly requesting the web management URL instead of navigating... |
Type: Hardware |
Bulletins:
CVE-2001-0622 SFBID2806 |
Severity: High |
| Description: The web management service on Cisco Content Service series 11000 switches (CSS) before WebNS 4.01B29s or WebNS 4.10B17s allows a remote attacker to gain additional privileges by directly requesting the web management URL instead of navigating through the interface. | ||||
| Applies to: Cisco CSS 11100 Content Services Switch Series |
Created: 2001-08-14 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0621 |
Title: The FTP server on Cisco Content Service 11000 series switches (CSS) before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands. |
Type: Hardware |
Bulletins:
CVE-2001-0621 SFBID2745 |
Severity: High |
| Description: The FTP server on Cisco Content Service 11000 series switches (CSS) before WebNS 4.01B23s and WebNS 4.10B13s allows an attacker who is an FTP user to read and write arbitrary files via GET or PUT commands. | ||||
| Applies to: Cisco CSS 11100 Content Services Switch Series |
Created: 2001-08-14 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0566 |
Title: Cisco Catalyst 2900XL switch allows a remote attacker to create a denial of service via an empty UDP packet sent to port 161 (SNMP) when SNMP is disabled. |
Type: Hardware |
Bulletins:
CVE-2001-0566 |
Severity: Medium |
| Description: Cisco Catalyst 2900XL switch allows a remote attacker to create a denial of service via an empty UDP packet sent to port 161 (SNMP) when SNMP is disabled. | ||||
| Applies to: Cisco Catalyst 2900 Series XL Switches |
Created: 2001-08-14 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-1117 |
Title: LinkSys EtherFast BEFSR41 Cable/DSL routers running firmware before 1.39.3 Beta allows a remote attacker to view administration and user passwords by connecting to the router and viewing the HTML source for (1) index.htm and (2) Password.htm. |
Type: Hardware |
Bulletins:
CVE-2001-1117 SFBID3141 |
Severity: Medium |
| Description: LinkSys EtherFast BEFSR41 Cable/DSL routers running firmware before 1.39.3 Beta allows a remote attacker to view administration and user passwords by connecting to the router and viewing the HTML source for (1) index.htm and (2) Password.htm. | ||||
| Applies to: BEFSR41 |
Created: 2001-08-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-1021 |
Title: Ipswitch WS_FTP Server 2-0-2 Will Execute Remotely-Supplied Arbitrary Code |
Type: FTP |
Bulletins:
CVE-2001-1021 |
Severity: High |
| Description: There exists a vulnerability in WS_FTP server, allowing a remote user to execute arbitrary code on the server with system privileges. This is due to a buffer overflow triggered by a valid remote user or an anonymous user. A patch has been release by the vendor, which is available at: http://www.ipswitch.com/support/ws_ftp-server/patch-upgrades.asp. The commands used to create a buffer overflow are: DELE, MDTM, MLST, MKD, RMD, RNFR, RNTO, SIZE, STAT, XMKD, and XRMD. Executing one of these commands with an argument longer than 478 bytes will cause such a buffer overflow. A remote user may also send several NULL characters, causing the WS_FTP to consume 100% of the CPU resources, thus causing it to crash. | ||||
| Applies to: Ipswitch WS_FTP Server |
Created: 2001-07-26 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-1104 |
Title: SonicWALL SOHO uses easily predictable TCP sequence numbers, which allows remote attackers to spoof or hijack sessions. |
Type: Hardware |
Bulletins:
CVE-2001-1104 SFBID3098 |
Severity: High |
| Description: SonicWALL SOHO uses easily predictable TCP sequence numbers, which allows remote attackers to spoof or hijack sessions. | ||||
| Applies to: SonicWall Firewall SoHo |
Created: 2001-07-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-1097 |
Title: Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets. |
Type: Hardware |
Bulletins:
CVE-2001-1097 SFBID3096 |
Severity: Medium |
| Description: Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets. | ||||
| Applies to: |
Created: 2001-07-24 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0514 |
Title: SNMP service in Atmel 802.11b VNET-B Access Point 1.3 and earlier, as used in Netgear ME102 and Linksys WAP11, accepts arbitrary community strings with requested MIB modifications, which allows remote attackers to obtain sensitive information such... |
Type: Hardware |
Bulletins:
CVE-2001-0514 SFBID2896 |
Severity: High |
| Description: SNMP service in Atmel 802.11b VNET-B Access Point 1.3 and earlier, as used in Netgear ME102 and Linksys WAP11, accepts arbitrary community strings with requested MIB modifications, which allows remote attackers to obtain sensitive information such as WEP keys, cause a denial of service, or gain access to the network. | ||||
| Applies to: wap11 |
Created: 2001-07-21 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0537 |
Title: HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL. |
Type: Hardware |
Bulletins:
CVE-2001-0537 SFBID2936 |
Severity: High |
| Description: HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL. | ||||
| Applies to: |
Created: 2001-07-21 |
Updated: 2024-09-07 |
||
| ID: REF000105 |
Title: IIS: This computer is infected with CodeRed |
Type: Web |
Bulletins: | Severity: High |
| Description: This system seems to be compromised. For more information, visit: http://www.securiteam.com/windowsntfocus/5WP0L004US.html | ||||
| Applies to: IIS |
Created: 2001-07-20 |
Updated: 2010-08-21 |
||
| ID: CVE-2001-0804 |
Title: All Servers: Directory traversal vulnerability in story.pl |
Type: Web |
Bulletins:
CVE-2001-0804 SFBID3028 |
Severity: Medium |
| Description: Directory traversal. | ||||
| Applies to: |
Created: 2001-07-15 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-1183 |
Title: PPTP implementation in Cisco IOS 12.1 and 12.2 allows remote attackers to cause a denial of service (crash) via a malformed packet. |
Type: Hardware |
Bulletins:
CVE-2001-1183 SFBID3022 |
Severity: Medium |
| Description: PPTP implementation in Cisco IOS 12.1 and 12.2 allows remote attackers to cause a denial of service (crash) via a malformed packet. | ||||
| Applies to: |
Created: 2001-07-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0444 |
Title: Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information. |
Type: Hardware |
Bulletins:
CVE-2001-0444 SFBID2635 |
Severity: Low |
| Description: Cisco CBOS 2.3.0.053 sends output of the "sh nat" (aka "show nat") command to the terminal of the next user who attempts to connect to the router via telnet, which could allow that user to obtain sensitive information. | ||||
| Applies to: |
Created: 2001-07-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0429 |
Title: Cisco Catalyst 5000 series switches 6.1(2) and earlier will forward an 802.1x frame on a Spanning Tree Protocol (STP) blocked port, which causes a network storm and a denial of service. |
Type: Hardware |
Bulletins:
CVE-2001-0429 SFBID2604 |
Severity: Medium |
| Description: Cisco Catalyst 5000 series switches 6.1(2) and earlier will forward an 802.1x frame on a Spanning Tree Protocol (STP) blocked port, which causes a network storm and a denial of service. | ||||
| Applies to: |
Created: 2001-07-02 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0455 |
Title: Cisco Aironet 340 Series wireless bridge before 8.55 does not properly disable access to the web interface, which allows remote attackers to modify its configuration. |
Type: Hardware |
Bulletins:
CVE-2001-0455 |
Severity: High |
| Description: Cisco Aironet 340 Series wireless bridge before 8.55 does not properly disable access to the web interface, which allows remote attackers to modify its configuration. | ||||
| Applies to: Cisco Aironet Ap340 |
Created: 2001-06-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0698 |
Title: SurgeFTP nlist directory traversal |
Type: FTP |
Bulletins:
CVE-2001-0698 SFBID2892 |
Severity: Medium |
| Description: SurgeFTP Server version 2.0a is prone to a vulnerability where a remote attacker can traverse directories, if the attacker issues an NLIST command followed by a ‘dot dot’ (/../) sequence. The attacker will be able to view any file on the server. This vulnerability issue can be solved by upgrading to the latest version i.e. 20.b or later, which can be found at: http://www.netwinsite.com/surgeftp/ | ||||
| Applies to: SurgeFTP |
Created: 2001-06-19 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0376 |
Title: SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC with IKE pre-shared keys do not allow for the use of full 128 byte IKE pre-shared keys, which is the intended design of the IKE pre-shared key, and only support 48 byte keys. This... |
Type: Hardware |
Bulletins:
CVE-2001-0376 |
Severity: High |
| Description: SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC with IKE pre-shared keys do not allow for the use of full 128 byte IKE pre-shared keys, which is the intended design of the IKE pre-shared key, and only support 48 byte keys. This allows a remote attacker to brute force attack the pre-shared keys with significantly less resources than if the full 128 byte IKE pre-shared keys were used. | ||||
| Applies to: SonicWall Firewall SoHo 2 SonicWall Firewall Tele 2 |
Created: 2001-06-18 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0427 |
Title: Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via a flood of invalid login requests to (1) the SSL service, or (2) the telnet service, which do not properly disconnect the user after several... |
Type: Hardware |
Bulletins:
CVE-2001-0427 |
Severity: High |
| Description: Cisco VPN 3000 series concentrators before 2.5.2(F) allow remote attackers to cause a denial of service via a flood of invalid login requests to (1) the SSL service, or (2) the telnet service, which do not properly disconnect the user after several failed login attempts. | ||||
| Applies to: Cisco VPN 3015 Concentrator Cisco VPN 3030 Concentrator Cisco VPN 3060 Concentrator Cisco VPN 3080 Concentrator Cisco Vpn 3005 Concentrator |
Created: 2001-06-18 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0375 |
Title: Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authentication to a TACACS+ server allows remote attackers to cause a denial of service via a large number of authentication requests. |
Type: Hardware |
Bulletins:
CVE-2001-0375 SFBID2551 |
Severity: Medium |
| Description: Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authentication to a TACACS+ server allows remote attackers to cause a denial of service via a large number of authentication requests. | ||||
| Applies to: Cisco PIX 515 Firewall Cisco PIX 520 Firewall |
Created: 2001-06-18 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0412 |
Title: Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode. |
Type: Hardware |
Bulletins:
CVE-2001-0412 SFBID2559 |
Severity: High |
| Description: Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode. | ||||
| Applies to: Cisco CSS 11050 Content Services Switch Cisco CSS 11150 Content Services Switch Cisco CSS 11800 Content Services Switch |
Created: 2001-06-18 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0821 |
Title: All Servers: DCShop vulnerability |
Type: Web |
Bulletins:
CVE-2001-0821 SFBID2889 |
Severity: Medium |
| Description: Possible retrieval of sensitive information. | ||||
| Applies to: DCShop |
Created: 2001-06-18 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0820 |
Title: Possible Gaztek HTTP Daemon (ghttpd) buffer overflow |
Type: Miscellaneous |
Bulletins:
CVE-2001-0820 SFBID2879 |
Severity: High |
| Description: Run arbitrary code (ghttpd privileges). | ||||
| Applies to: ghttpd |
Created: 2001-06-17 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0688 |
Title: Broker FTP server 5.9.5.0 |
Type: FTP |
Bulletins:
CVE-2001-0688 SFBID2851 |
Severity: Medium |
| Description: Broker FTP Server 5.9.5.0 is prone to two vulnerabilities, one being a Buffer Overflow, which may cause a Denial of Service (DoS) condition, while the other one leads to a Directory Traversal, where an attacker will be able to look through the files and folders of a system. There is currently no solution for any of the above vulnerabilities. The buffer overflow can be generated by repeatedly sending the following command:CWD . . orCD . . (for an FTP client). An attacker could also add some more spaces between the dots for a worse effect. The server will add these directory paths to the current path, causing a DoS condition after a certain bound has been reached. One can go through the contents of a drive available on the system, by first going to the home directory when typing the following command:CD C: or CD C:\One can then use the LS command to go through the available files. Although one will be able to go through the files available, it is not possible to send or receive files. | ||||
| Applies to: Broker FTP server |
Created: 2001-06-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0767 |
Title: GuildFTPD FTP |
Type: FTP |
Bulletins:
CVE-2001-0767 SFBID2789 |
Severity: Medium |
| Description: There exists a vulnerability in GuildFTPd version 0.97 known as a directory traversal. This allows anyone with a valid FTP login to read arbitrary files on the system. In order to resolve this problem one will have to upgrade the FTP server to a later version. The commands which cause the directory traversal are:CD ../CD .../CD /.../CD C:\ and others. All of these commands give the ‘550 Access denied’ error. | ||||
| Applies to: GuildFTPD |
Created: 2001-05-26 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0922 |
Title: IIS: Cold Fusion check |
Type: Web |
Bulletins:
CVE-1999-0922 |
Severity: Medium |
| Description: Related links: www.macromedia.com/devnet/coldfusion/security.html www.isummation.com/securing_coldfusion_pages_through_iis.html www.sans.org/rr/papers/index.php?id=300 | ||||
| Applies to: IIS |
Created: 2001-05-07 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0561 |
Title: All Servers: A1Stats |
Type: Web |
Bulletins:
CVE-2001-0561 CVE-2001-0562 SFBID2705 |
Severity: High |
| Description: Remote file retrieving. | ||||
| Applies to: A1Stats |
Created: 2001-05-07 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0288 |
Title: Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. |
Type: Hardware |
Bulletins:
CVE-2001-0288 |
Severity: High |
| Description: Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. | ||||
| Applies to: |
Created: 2001-05-03 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0463 |
Title: All Servers: PerlCal allows remote file retrieving |
Type: Web |
Bulletins:
CVE-2001-0463 SFBID2663 |
Severity: Medium |
| Description: Remove file retrieving. | ||||
| Applies to: PerlCal |
Created: 2001-04-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0272 |
Title: All Servers: sendtemp.pl |
Type: Web |
Bulletins:
CVE-2001-0272 |
Severity: Medium |
| Description: Remote file retrieving. | ||||
| Applies to: |
Created: 2001-04-04 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0466 |
Title: All Servers: uStorekeeper allows remote file retrieving |
Type: Web |
Bulletins:
CVE-2001-0466 |
Severity: Medium |
| Description: Remote file retrieving. | ||||
| Applies to: uStorekeeper |
Created: 2001-04-03 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0236 |
Title: Possible snmpXdmid SunOS buffer overflow |
Type: RPC |
Bulletins:
CVE-2001-0236 SFBID2417 |
Severity: High |
| Description: Some versions of this service are vulnerable (Run arbitrary commands as root). | ||||
| Applies to: |
Created: 2001-03-15 |
Updated: 2024-09-07 |
||
| ID: CVE-2000-0368 |
Title: Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data. |
Type: Hardware |
Bulletins:
CVE-2000-0368 |
Severity: Low |
| Description: Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data. | ||||
| Applies to: |
Created: 2001-03-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0360 |
Title: All Servers: Ikonboard allows remote file retrieving |
Type: Web |
Bulletins:
CVE-2001-0360 SFBID2471 |
Severity: Medium |
| Description: Remote file retrieving. | ||||
| Applies to: Ikonboard |
Created: 2001-03-11 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0558 |
Title: TYPSoft FTP Server 0-97-1 and prior Discloses Listing of Directory Contents for Any Directory on the |
Type: FTP |
Bulletins:
CVE-2002-0558 SFBID2489 |
Severity: Medium |
| Description: TYPSoft’s FTP server is prone to a vulnerability, where a remote user can obtain a listing of the files located on the same drive as the FTP server. This vulnerability has been solved with the new fixed version 0.97.5, which is available at the vendor’s web site at: http://www.typsoft.com/Some example of FTP commands which cause the crash are:ls ../../*.*ls "../../My%20files/*.*" | ||||
| Applies to: TYPSoft FTP Server |
Created: 2001-02-28 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0293 |
Title: FtpXQ FTP Server |
Type: FTP |
Bulletins:
CVE-2001-0293 SFBID2426 |
Severity: Medium |
| Description: FTPXQ FTP Server 2.0.93 is prone to a vulnerability known as directory traversal, where remote attackers read arbitrary files via a .. (dot dot) in the GET command. An attacker will thus have the ability to view any file on a remote computer. There is currently a fix available for such a vulnerability. | ||||
| Applies to: FtpXQ FTP Server |
Created: 2001-02-28 |
Updated: 2024-09-07 |
||
| ID: CVE-2004-1776 |
Title: Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification (DOCSIS) standard. |
Type: Hardware |
Bulletins:
CVE-2004-1776 |
Severity: High |
| Description: Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification (DOCSIS) standard. | ||||
| Applies to: |
Created: 2001-02-28 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-1434 |
Title: Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created. |
Type: Hardware |
Bulletins:
CVE-2001-1434 |
Severity: Medium |
| Description: Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topology information via an "snmp-server host" command, which creates a readable "community" community string if one has not been previously created. | ||||
| Applies to: |
Created: 2001-02-28 |
Updated: 2024-09-07 |
||
| ID: SFBID2698 |
Title: Multiple WarFTPd (1-71) DoS |
Type: FTP |
Bulletins:
SFBID2698 |
Severity: Medium |
| Description: A vulnerability exists in the following FTP servers: Serv-U FTP Server, G6 FTP Server and WarFTPd Server. Submitting an ‘a:/’ with the GET or RETR command appended with arbitrary data repeatedly, will cause a denial of service, since the CPU usage will go up to 100%.There are no solutions or vendor-supplied patches for this vulnerability. | ||||
| Applies to: WarFTPd |
Created: 2001-02-17 |
Updated: 2010-08-21 |
||
| ID: CVE-2001-0058 |
Title: The Web interface to Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a URL that does not end in a space character. |
Type: Hardware |
Bulletins:
CVE-2001-0058 |
Severity: Medium |
| Description: The Web interface to Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a URL that does not end in a space character. | ||||
| Applies to: Cisco 600 Routers |
Created: 2001-02-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0056 |
Title: The Cisco Web Management interface in routers running CBOS 2.4.1 and earlier does not log invalid logins, which allows remote attackers to guess passwords without detection. |
Type: Hardware |
Bulletins:
CVE-2001-0056 |
Severity: High |
| Description: The Cisco Web Management interface in routers running CBOS 2.4.1 and earlier does not log invalid logins, which allows remote attackers to guess passwords without detection. | ||||
| Applies to: |
Created: 2001-02-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0041 |
Title: Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches allows remote attackers to cause a denial of service via a series of failed telnet authentication attempts. |
Type: Hardware |
Bulletins:
CVE-2001-0041 SFBID2072 |
Severity: High |
| Description: Memory leak in Cisco Catalyst 4000, 5000, and 6000 series switches allows remote attackers to cause a denial of service via a series of failed telnet authentication attempts. | ||||
| Applies to: |
Created: 2001-02-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0057 |
Title: Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a large ICMP echo (ping) packet. |
Type: Hardware |
Bulletins:
CVE-2001-0057 |
Severity: Medium |
| Description: Cisco 600 routers running CBOS 2.4.1 and earlier allow remote attackers to cause a denial of service via a large ICMP echo (ping) packet. | ||||
| Applies to: Cisco 600 Routers |
Created: 2001-02-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0055 |
Title: CBOS 2.4.1 and earlier in Cisco 600 routers allows remote attackers to cause a denial of service via a slow stream of TCP SYN packets. |
Type: Hardware |
Bulletins:
CVE-2001-0055 |
Severity: Medium |
| Description: CBOS 2.4.1 and earlier in Cisco 600 routers allows remote attackers to cause a denial of service via a slow stream of TCP SYN packets. | ||||
| Applies to: Cisco 600 Routers |
Created: 2001-02-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0305 |
Title: All Servers: Arts Store.cgi |
Type: Web |
Bulletins:
CVE-2001-0305 SFBID2385 |
Severity: Medium |
| Description: Remote file retrieving. | ||||
| Applies to: |
Created: 2001-02-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0080 |
Title: Cisco Catalyst 6000, 5000, or 4000 switches allow remote attackers to cause a denial of service by connecting to the SSH service with a non-SSH client, which generates a protocol mismatch error. |
Type: Hardware |
Bulletins:
CVE-2001-0080 SFBID2117 |
Severity: Medium |
| Description: Cisco Catalyst 6000, 5000, or 4000 switches allow remote attackers to cause a denial of service by connecting to the SSH service with a non-SSH client, which generates a protocol mismatch error. | ||||
| Applies to: Cisco Catalyst 4000 Series Switches Cisco Catalyst 6000 |
Created: 2001-02-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0211 |
Title: All Servers: WebSPIRS |
Type: Web |
Bulletins:
CVE-2001-0211 SFBID2362 |
Severity: Medium |
| Description: Remote file retrieving. | ||||
| Applies to: WebSPIRS |
Created: 2001-02-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0214 |
Title: All Servers: Way-board |
Type: Web |
Bulletins:
CVE-2001-0214 SFBID2370 |
Severity: Medium |
| Description: Remote file retrieving. | ||||
| Applies to: Way-board |
Created: 2001-02-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0215 |
Title: All Servers: Roads search system |
Type: Web |
Bulletins:
CVE-2001-0215 SFBID2371 |
Severity: Medium |
| Description: Remote file retrieving. | ||||
| Applies to: |
Created: 2001-02-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0212 |
Title: All Servers: HIS Aktion |
Type: Web |
Bulletins:
CVE-2001-0212 SFBID2367 |
Severity: High |
| Description: Remote file retrieving. | ||||
| Applies to: |
Created: 2001-02-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0210 |
Title: All Servers: Commerce.cgi |
Type: Web |
Bulletins:
CVE-2001-0210 SFBID2361 |
Severity: Medium |
| Description: Remote file retrieving. | ||||
| Applies to: |
Created: 2001-02-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0212 |
Title: All Servers: Auktion.cgi |
Type: Web |
Bulletins:
CVE-2001-0212 SFBID2367 |
Severity: High |
| Description: Remote command execution. | ||||
| Applies to: |
Created: 2001-02-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0144 |
Title: SSH1 CRC-32 compensation attack |
Type: Miscellaneous |
Bulletins:
CVE-2001-0144 SFBID2347 |
Severity: High |
| Description: Possible remote root. | ||||
| Applies to: |
Created: 2001-02-08 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0015 |
Title: Network Dynamic Data Exchange (DDE) vulnerability |
Type: Registry |
Bulletins:
CVE-2001-0015 MS01-007 |
Severity: High |
| Description: An malicious user can elevate his privileges. | ||||
| Applies to: Windows 2000 |
Created: 2001-02-05 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0010 |
Title: BIND 8-2-1, 8-2-2 |
Type: DNS |
Bulletins:
CVE-2001-0010 SFBID2302 |
Severity: High |
| Description: BIND is a server program which uses the domain name service protocol, and is used by many DNS servers. BIND version 8 contains an overflow, allowing remote attackers to execute code with root privileges. An upgrade to BIND version 9.1.0 or installing vendor-supplied fixes is recommended. These are available at http://www.securityfocus.com/bid/2302/solution. The overflow allows some memory locations to be overwritten by known values when invalid transaction signatures are being handled. When using UDP a stack frame in BIND can be overwritten, while when using TCP the heap can be overwritten. | ||||
| Applies to: BIND |
Created: 2001-01-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0400 |
Title: BIND - Prior to Version 9 |
Type: DNS |
Bulletins:
CVE-2002-0400 SFBID4936 |
Severity: Medium |
| Description: BIND is a Domain Name Service (DNS) used for converting hostnames into the corresponding IP addresses. Since they are used for Internet purposes, DNSs are a popular target for attackers. A number of servers currently in production are outdated, miss-configured and/or vulnerable, hence making them more prone to attacks such as denial of service, buffer flows etc. Outdated and/or un-patched versions of BIND are most likely vulnerable, thus if one is running a version of BIND, one should ensure that it is the latest version. The current three main version of BIND are 4, 8, and 9. In order to solve such a vulnerability, one should apply all vendor patches or else upgrade to the latest version. | ||||
| Applies to: BIND |
Created: 2001-01-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0253 |
Title: All Servers: Hyperseek |
Type: Web |
Bulletins:
CVE-2001-0253 SFBID2314 |
Severity: Medium |
| Description: Remote file retrieving. | ||||
| Applies to: |
Created: 2001-01-28 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0113 |
Title: OmniHTTPd v2.07 |
Type: Miscellaneous |
Bulletins:
CVE-2001-0113 CAN-2001-0114 SFBID2211 |
Severity: High |
| Description: Insecure cgi scripts. | ||||
| Applies to: OmniHTTPd |
Created: 2001-01-15 |
Updated: 2024-09-07 |
||
| ID: CVE-2000-1098 |
Title: The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via an empty GET or POST request. |
Type: Hardware |
Bulletins:
CVE-2000-1098 |
Severity: Medium |
| Description: The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via an empty GET or POST request. | ||||
| Applies to: SonicWall Firewall SoHo |
Created: 2001-01-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2000-1097 |
Title: The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via a long username in the authentication page. |
Type: Hardware |
Bulletins:
CVE-2000-1097 SFBID2013 |
Severity: Medium |
| Description: The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via a long username in the authentication page. | ||||
| Applies to: SonicWall Firewall SoHo |
Created: 2001-01-09 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0163 |
Title: Cisco AP340 base station produces predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. |
Type: Hardware |
Bulletins:
CVE-2001-0163 |
Severity: Medium |
| Description: Cisco AP340 base station produces predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. | ||||
| Applies to: Cisco Aironet Ap340 |
Created: 2001-01-01 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0161 |
Title: Cisco 340-series Aironet access point using firmware 11.01 does not use 6 of the 24 available IV bits for WEP encryption, which makes it easier for remote attackers to mount brute force attacks. |
Type: Hardware |
Bulletins:
CVE-2001-0161 |
Severity: Medium |
| Description: Cisco 340-series Aironet access point using firmware 11.01 does not use 6 of the 24 available IV bits for WEP encryption, which makes it easier for remote attackers to mount brute force attacks. | ||||
| Applies to: Cisco Aironet Ap340 |
Created: 2001-01-01 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0074 |
Title: All Servers: Talkback vulnerability |
Type: Web |
Bulletins:
CVE-2001-0074 SFBID2155 |
Severity: Medium |
| Description: Remote file retrieving. | ||||
| Applies to: |
Created: 2000-12-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0100 |
Title: All Servers: Brian Stanback bslist.cgi |
Type: Web |
Bulletins:
CVE-2001-0100 SFBID2160 |
Severity: High |
| Description: Possible to run arbitrary commands (web server level privileges). | ||||
| Applies to: |
Created: 2000-12-20 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0099 |
Title: All Servers: Brian Stanback bsguest.cgi |
Type: Web |
Bulletins:
CVE-2001-0099 SFBID2159 |
Severity: High |
| Description: Possible to run arbitrary commands (web server level privileges). | ||||
| Applies to: |
Created: 2000-12-20 |
Updated: 2024-09-07 |
||
| ID: CVE-2000-0945 |
Title: The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the /exec/ directory. |
Type: Hardware |
Bulletins:
CVE-2000-0945 SFBID1846 |
Severity: High |
| Description: The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arbitrary commands without authentication when the enable password is not set, via a URL containing the /exec/ directory. | ||||
| Applies to: Cisco Catalyst 3500 XL Series |
Created: 2000-12-19 |
Updated: 2024-09-07 |
||
| ID: CVE-2000-0984 |
Title: The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string. |
Type: Hardware |
Bulletins:
CVE-2000-0984 SFBID1838 |
Severity: Medium |
| Description: The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string. | ||||
| Applies to: |
Created: 2000-12-19 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0065 |
Title: bftpd 1.0.13 |
Type: FTP |
Bulletins:
CVE-2001-0065 |
Severity: High |
| Description: BFTPD version 1.0.13 is prone to a vulnerability, where if a very long string of characters follows the SITE CHOWN command, a buffer overflow will emerge. An attacker can take advantage of this exploit by executing his/her commands to gain root privileges on the system. There is no solution currently available, but as a workaround one could configure the /etc/bftpd.conf file and replace ENABLE_SITE=yes with ENABLE_SITE=no. | ||||
| Applies to: bftpd |
Created: 2000-12-13 |
Updated: 2024-09-07 |
||
| ID: CVE-2000-1092 |
Title: All Servers: Alex Heiphetz Group EZShopper Directory Disclosure |
Type: Web |
Bulletins:
CVE-2000-1092 SFBID2109 |
Severity: Medium |
| Description: Possible directory listing, probably view arbitrary files. | ||||
| Applies to: EZShopper |
Created: 2000-12-13 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0025 |
Title: Leif M. Wright ad.cgi |
Type: Web |
Bulletins:
CVE-2001-0025 SFBID2103 |
Severity: High |
| Description: Possible to run arbitrary commands (web server level privileges). | ||||
| Applies to: |
Created: 2000-12-11 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0045 |
Title: Windows 2000 SNMP parameters |
Type: Registry |
Bulletins:
CVE-2001-0045 MS00-095 SFBID2064 SFBID2066 |
Severity: High |
| Description: Access/modify sensitive information (on network devices). | ||||
| Applies to: Windows 2000 |
Created: 2000-12-06 |
Updated: 2024-09-07 |
||
| ID: CVE-2001-0054 |
Title: Serv-U FTP-Server v2.2 to 2.5 |
Type: FTP |
Bulletins:
CVE-2001-0054 SFBID2052 |
Severity: Medium |
| Description: Serv-U FTP server is prone to a vulnerability where authenticated users can gain access to the ftproot of the driver where the FTP server is installed. If the users have read, write, execute and list access in the home directory, they will have the same persmissions to every file residing on the same partition as ftproot. The user will be able to transfer any files using the GET command. All hidden files will also be shown. This was the attacker will be able to access systems files, password files. etc. An upgrade to version 2.5i is available at:http://ftpserv-u.deerfield.com/download/getftpservu.cfm | ||||
| Applies to: Serv-U FTP-Server |
Created: 2000-12-05 |
Updated: 2024-09-07 |
||
| ID: CVE-2000-1161 |
Title: All Servers: Adcycle - build.cgi |
Type: Web |
Bulletins:
CVE-2000-1161 SFBID1969 |
Severity: High |
| Description: Build.cgi if it has execute permission and is in the cgi directory, passwords can be compromised and remote users can delete your data. | ||||
| Applies to: Adcycle |
Created: 2000-11-20 |
Updated: 2024-09-07 |
||
| ID: SFBID1872 |
Title: SWAT - Samba Web Administration Tool enabled |
Type: Services |
Bulletins:
SFBID1872 |
Severity: High |
| Description: The SWAT service is listening on port 901. It is not recommended to allow access from outside to this service as remote intruders may get some account passwords. Also the traffic is not encrypted. | ||||
| Applies to: SWAT |
Created: 2000-11-01 |
Updated: 2010-08-21 |
||
| ID: CVE-2000-0700 |
Title: Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit Ethernet cards, from IOS versions 11.2(15)GS1A up to 11.2(19)GS0.2 and some versions of 12.0, do not properly handle line card failures, which allows remote attackers to bypass ACLs or... |
Type: Hardware |
Bulletins:
CVE-2000-0700 SFBID1541 |
Severity: Medium |
| Description: Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit Ethernet cards, from IOS versions 11.2(15)GS1A up to 11.2(19)GS0.2 and some versions of 12.0, do not properly handle line card failures, which allows remote attackers to bypass ACLs or force the interface to stop forwarding packets. | ||||
| Applies to: Cisco 12008 Router Cisco 12012 Router Cisco 12016 Router |
Created: 2000-10-20 |
Updated: 2024-09-07 |
||
| ID: CVE-2000-1016 |
Title: Apache: Apache doc packages directory |
Type: Web |
Bulletins:
CVE-2000-1016 SFBID1707 |
Severity: Medium |
| Description: An attacker can read the contents of /doc/packages directory. | ||||
| Applies to: Apache |
Created: 2000-09-21 |
Updated: 2024-09-07 |
||
| ID: CVE-2000-1016 |
Title: Apache: Apache doc directory |
Type: Web |
Bulletins:
CVE-2000-1016 SFBID1707 |
Severity: Medium |
| Description: An attacker can read the contents of /usr/doc directory. | ||||
| Applies to: Apache |
Created: 2000-09-21 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0511 |
Title: IP forwarding enabled |
Type: Registry |
Bulletins:
CVE-1999-0511 SFBID1620 |
Severity: High |
| Description: If not used should be disabled. | ||||
| Applies to: |
Created: 2000-08-29 |
Updated: 2024-09-07 |
||
| ID: CVE-2000-0709 |
Title: IIS: Frontpage check |
Type: Web |
Bulletins:
CVE-2000-0709 SFBID1608 |
Severity: Medium |
| Description: Frontpage extensions are installed on this computer. | ||||
| Applies to: IIS |
Created: 2000-08-23 |
Updated: 2024-09-07 |
||
| ID: CVE-2000-0663 |
Title: Windows 2000 Relative Shell Path |
Type: Registry |
Bulletins:
CVE-2000-0663 MS00-052 |
Severity: Medium |
| Description: A malicious user can elevate his privileges. | ||||
| Applies to: Windows 2000 |
Created: 2000-07-28 |
Updated: 2024-09-07 |
||
| ID: CVE-2000-0673 |
Title: NetBIOS Name Server Protocol Spoofing |
Type: Registry |
Bulletins:
CVE-2000-0673 MS00-047 |
Severity: Medium |
| Description: Custom crafted packets can cause NETBIOS Name Service to stop responding. | ||||
| Applies to: Windows 2000 |
Created: 2000-07-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2000-0673 |
Title: NetBIOS Name Server Protocol Spoofing |
Type: Registry |
Bulletins:
CVE-2000-0673 MS00-047 |
Severity: Medium |
| Description: Custom crafted packets can cause NETBIOS Name Service to stop responding. | ||||
| Applies to: Windows NT |
Created: 2000-07-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2000-0666 |
Title: Possible statd format string attack |
Type: RPC |
Bulletins:
CVE-2000-0666 SFBID1480 |
Severity: High |
| Description: Some versions of this service are vulnerable (Run arbitrary commands as root). | ||||
| Applies to: |
Created: 2000-07-16 |
Updated: 2024-09-07 |
||
| ID: CVE-2000-0674 |
Title: All Servers: Virtual Vision FTP Browser Vulnerability |
Type: Web |
Bulletins:
CVE-2000-0674 SFBID1471 |
Severity: Medium |
| Description: Possible Remote file retrieving. | ||||
| Applies to: Virtual Vision FTP Browser |
Created: 2000-07-12 |
Updated: 2024-09-07 |
||
| ID: CVE-2000-0573 |
Title: wu-ftpd SITE EXEC format |
Type: FTP |
Bulletins:
CVE-2000-0573 SFBID1387 |
Severity: High |
| Description: Wu-ftpd is vulnerable to a remote attack in the SITE EXEC or SITE INDEX implementation. User input goes directly into a format string for a *printf function, and it is possible to overwrite important data. This way the function can jump inot shellcode pointed to by the overwritten eip and execute arbitrary commands as root. This is an input validation problem. Anonymous ftp incurs a more serious problem since attacks can come anonymously from anywhere on the internet. Patches for various Linux distributions are listed in: http://www.securityfocus.com/bid/1387/solution | ||||
| Applies to: wu-ftpd |
Created: 2000-06-22 |
Updated: 2024-09-07 |
||
| ID: CVE-2000-0345 |
Title: The on-line help system options in Cisco routers allows non-privileged users without "enabled" access to obtain sensitive information via the show command. |
Type: Hardware |
Bulletins:
CVE-2000-0345 SFBID1161 |
Severity: Low |
| Description: The on-line help system options in Cisco routers allows non-privileged users without "enabled" access to obtain sensitive information via the show command. | ||||
| Applies to: Cisco 2500 Router Cisco 7500 Series Routers Cisco Router 2600 Cisco Router 3600 Cisco Router 4000 Cisco Router 7200 |
Created: 2000-05-03 |
Updated: 2024-09-07 |
||
| ID: CVE-2000-0380 |
Title: The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string. |
Type: Hardware |
Bulletins:
CVE-2000-0380 SFBID1154 |
Severity: High |
| Description: The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string. | ||||
| Applies to: |
Created: 2000-04-26 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0203 |
Title: Sendmail 8-6 |
Type: |
Bulletins:
CVE-1999-0203 |
Severity: High |
| Description: Sendmail version 5 contains a vulnerability, which allows intruders to create files, append to existing files, or execute programs. Exploitation of such a vulnerability can lead to root access. This is achieved via SMTP when the user specifies an improper “mail from” address and an invalid “rcpt to” address. In order to solve such problem, one should upgrade to version 8.6.12, which is available at: ftp://ftp.cert.org/pub/tools/sendmail/sendmail.8.6.12 | ||||
| Applies to: Sendmail |
Created: 2000-04-25 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0203 |
Title: Sendmail 8-5 |
Type: |
Bulletins:
CVE-1999-0203 |
Severity: High |
| Description: Sendmail version 5 contains a vulnerability, which allows intruders to create files, append to existing files, or execute programs. Exploitation of such a vulnerability can lead to root access. This is achieved via SMTP when the user specifies an improper “mail from” address and an invalid “rcpt to” address. In order to solve such problem, one should upgrade to version 8.6.12, which is available at: ftp://ftp.cert.org/pub/tools/sendmail/sendmail.8.6.12 | ||||
| Applies to: Sendmail |
Created: 2000-04-25 |
Updated: 2024-09-07 |
||
| ID: CVE-2000-0268 |
Title: Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of service by sending the ENVIRON option to the Telnet daemon before it is ready to accept it, which causes the system to reboot. |
Type: Hardware |
Bulletins:
CVE-2000-0268 SFBID1123 |
Severity: Medium |
| Description: Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of service by sending the ENVIRON option to the Telnet daemon before it is ready to accept it, which causes the system to reboot. | ||||
| Applies to: Cisco 3660 Router Cisco 7100 Series VPN Routers Cisco 7500 Series Routers Cisco Router 7200 Cisco uBR7200 Series Universal Broadband Routers |
Created: 2000-04-20 |
Updated: 2024-09-07 |
||
| ID: CVE-2000-0267 |
Title: Cisco Catalyst 5.4.x allows a user to gain access to the "enable" mode without a password. |
Type: Hardware |
Bulletins:
CVE-2000-0267 SFBID1122 |
Severity: Medium |
| Description: Cisco Catalyst 5.4.x allows a user to gain access to the "enable" mode without a password. | ||||
| Applies to: |
Created: 2000-04-20 |
Updated: 2024-09-07 |
||
| ID: CVE-2000-0613 |
Title: Cisco Secure PIX Firewall does not properly identify forged TCP Reset (RST) packets, which allows remote attackers to force the firewall to close legitimate connections. |
Type: Hardware |
Bulletins:
CVE-2000-0613 SFBID1454 |
Severity: Medium |
| Description: Cisco Secure PIX Firewall does not properly identify forged TCP Reset (RST) packets, which allows remote attackers to force the firewall to close legitimate connections. | ||||
| Applies to: |
Created: 2000-03-20 |
Updated: 2024-09-07 |
||
| ID: CVE-2000-0070 |
Title: Spoofed LPC Port Request |
Type: Registry |
Bulletins:
CVE-2000-0070 MS00-003 |
Severity: High |
| Description: A malicious user can gain SYSTEM privileges. | ||||
| Applies to: Windows NT |
Created: 2000-01-12 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-1175 |
Title: Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048. |
Type: Hardware |
Bulletins:
CVE-1999-1175 |
Severity: High |
| Description: Web Cache Control Protocol (WCCP) in Cisco Cache Engine for Cisco IOS 11.2 and earlier does not use authentication, which allows remote attackers to redirect HTTP traffic to arbitrary hosts via WCCP packets to UDP port 2048. | ||||
| Applies to: |
Created: 1999-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-1464 |
Title: Vulnerability in Cisco IOS 11.1CC and 11.1CT with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled interface to an interface that does not... |
Type: Hardware |
Bulletins:
CVE-1999-1464 |
Severity: High |
| Description: Vulnerability in Cisco IOS 11.1CC and 11.1CT with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled interface to an interface that does not have DFS enabled, as described by Cisco bug CSCdk35564. | ||||
| Applies to: |
Created: 1999-12-31 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-1465 |
Title: Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled input interface to an output interface with... |
Type: Hardware |
Bulletins:
CVE-1999-1465 |
Severity: High |
| Description: Vulnerability in Cisco IOS 11.1 through 11.3 with distributed fast switching (DFS) enabled allows remote attackers to bypass certain access control lists when the router switches traffic from a DFS-enabled input interface to an output interface with a logical subinterface, as described by Cisco bug CSCdk43862. | ||||
| Applies to: |
Created: 1999-12-31 |
Updated: 2024-09-07 |
||
| ID: SFBID894 |
Title: POP3 server might be vulnerable to a remote buffer overflow exploit |
Type: Services |
Bulletins:
SFBID894 |
Severity: High |
| Description: Additional BugtraqIDs: http://www.securityfocus.com/bid/942 http://www.securityfocus.com/bid/1965 http://www.securityfocus.com/bid/2781 http://www.securityfocus.com/bid/4055 http://www.securityfocus.com/bid/4295 http://www.securityfocus.com/bid/4614 | ||||
| Applies to: |
Created: 1999-12-27 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0977 |
Title: sadmin service running |
Type: RPC |
Bulletins:
CVE-1999-0977 SFBID866 |
Severity: High |
| Description: Some versions of this service are vulnerable (Run arbitrary commands as root). | ||||
| Applies to: |
Created: 1999-12-10 |
Updated: 2024-09-07 |
||
| ID: SFBID789 |
Title: Imail Pop3 5.0 |
Type: |
Bulletins:
SFBID789 |
Severity: High |
| Description: There exists a vulnerability in IMail POP3, which causes a buffer flow, when the username entered is between 200 and 500 characters. A buffer overflow will allow an attacker to execute his/her code on the vulnerable server, however the current exploits only cause a denial of service on the remote machine. A patch has been created by the vendors themselves, i.e. Ipswitch, and is available on their website at: ftp://ftp.ipswitch.com/Ipswitch/Product_Support/IMail/imail508.exe | ||||
| Applies to: Imail |
Created: 1999-11-08 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0885 |
Title: All Servers: get32.exe |
Type: Web |
Bulletins:
CVE-1999-0885 SFBID770 |
Severity: Low |
| Description: Possible Remote command execution. | ||||
| Applies to: |
Created: 1999-11-03 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0526 |
Title: X server accepts connections from any host |
Type: Miscellaneous |
Bulletins:
CVE-1999-0526 |
Severity: High |
| Description: Allows a cracker to connect to it and record any of your keystrokes. Use xauth to filter connections. | ||||
| Applies to: X server |
Created: 1999-09-29 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0204 |
Title: Sendmail 8-6-9 ident vulnerability |
Type: |
Bulletins:
CVE-1999-0204 |
Severity: High |
| Description: Sendmail version 8.6.9 is prone to a vulnerability. It connects back to the ident service to obtain some user information. The information returned is not validated by the client, and if such a response is longer than a specified bound, a buffer overflow is generated. This may allow a remote attacker to execute some code on the host system and gain root access on the system. In order to solve such a vulnerability one should upgrade to the latest version, i.e. 8.11.2 or later. This is available form Sendmail’s website at: http://www.sendmail.org | ||||
| Applies to: Sendmail |
Created: 1999-09-29 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0626 |
Title: rusers service running |
Type: RPC |
Bulletins:
CVE-1999-0626 |
Severity: Low |
| Description: Provide information as name of users. | ||||
| Applies to: |
Created: 1999-09-29 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0071 |
Title: Apache 1-1-1 |
Type: Miscellaneous |
Bulletins:
CVE-1999-0071 |
Severity: High |
| Description: Run arbitrary commands (web server privilege). | ||||
| Applies to: Apache |
Created: 1999-09-11 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-1129 |
Title: Cisco Catalyst 2900 Virtual LAN (VLAN) switches allow remote attackers to inject 802.1q frames into another VLAN by forging the VLAN identifier in the trunking tag. |
Type: Hardware |
Bulletins:
CVE-1999-1129 SFBID615 |
Severity: High |
| Description: Cisco Catalyst 2900 Virtual LAN (VLAN) switches allow remote attackers to inject 802.1q frames into another VLAN by forging the VLAN identifier in the trunking tag. | ||||
| Applies to: |
Created: 1999-09-01 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0687 |
Title: ttsession service running |
Type: RPC |
Bulletins:
CVE-1999-0687 SFBID737 |
Severity: High |
| Description: Some versions of this service are vulnerable (Run arbitrary commands as root). | ||||
| Applies to: |
Created: 1999-08-21 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0197 |
Title: Finger service is running |
Type: Services |
Bulletins:
CVE-1999-0197 CVE-1999-0198 |
Severity: High |
| Description: Finger can give an attacker useful information, such as logon accounts and trusted hosts. | ||||
| Applies to: |
Created: 1999-07-26 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0320 |
Title: cmsd service running |
Type: RPC |
Bulletins:
CVE-1999-0320 SFBID524 |
Severity: High |
| Description: Some versions of this service are vulnerable (Run arbitrary commands as root). | ||||
| Applies to: |
Created: 1999-07-13 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0345 |
Title: Fragmented IGMP Packet |
Type: Registry |
Bulletins:
CVE-1999-0345 SFBID514 |
Severity: Medium |
| Description: Windows 98 and Windows 2000 are prone to a vulnerability in their TCP/IP stacks. When a malformed IGMP header is received the stack may fail resulting in a Blue Screen or immediate reboot, amongst others. Patches exist for the operating systems mentioned above. More information can be obtained from: http://www.securityfocus.com/bid/514/solution | ||||
| Applies to: Windows |
Created: 1999-07-03 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0345 |
Title: Fragmented ICMP Packet |
Type: Registry |
Bulletins:
CVE-1999-0345 SFBID514 |
Severity: Medium |
| Description: Windows NT and Windows 95 may hang when they receive corrupted ICMP datagram fragments. This problem was corrected by updating the TCP/IP protocol stack. Instructions on how to install it are available from Microsoft support channels. More information can be obtained from:http://support.microsoft.com/kb/q154174/ | ||||
| Applies to: Windows |
Created: 1999-07-03 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0889 |
Title: Cisco 675 routers running CBOS allow remote attackers to establish telnet sessions if an exec or superuser password has not been set. |
Type: Hardware |
Bulletins:
CVE-1999-0889 |
Severity: High |
| Description: Cisco 675 routers running CBOS allow remote attackers to establish telnet sessions if an exec or superuser password has not been set. | ||||
| Applies to: Cisco 600 Series DSL Customer Premises Equipment Routers |
Created: 1999-07-01 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0721 |
Title: Malformed LSA Request |
Type: Registry |
Bulletins:
CVE-1999-0721 MS99-020 |
Severity: High |
| Description: A malformed LSA request can cause the system to stop responding. | ||||
| Applies to: Windows NT |
Created: 1999-06-23 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0775 |
Title: Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list. |
Type: Hardware |
Bulletins:
CVE-1999-0775 |
Severity: High |
| Description: Cisco Gigabit Switch routers running IOS allow remote attackers to forward unauthorized packets due to improper handling of the "established" keyword in an access list. | ||||
| Applies to: |
Created: 1999-06-10 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0616 |
Title: Trivial FTP service running |
Type: Services |
Bulletins:
CVE-1999-0616 |
Severity: Low |
| Description: Unrestricted tftp access allows remote sites to retrieve a copy of any world-readable file. You should remove this service, unless you really need it. | ||||
| Applies to: |
Created: 1999-06-07 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0512 |
Title: SMTP server allows relaying |
Type: |
Bulletins:
CVE-1999-0512 |
Severity: High |
| Description: The mail server on this machine is configured to allow email relaying (which allows remote possibly unauthorized users to send emails through it). This configuration is often abused by spammers and hackers to avoid email protection systems. You can configure your server to disable Email Relaying. Consult your mail server manual on how to disable it. | ||||
| Applies to: |
Created: 1999-06-07 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0651 |
Title: RSH service enabled |
Type: Services |
Bulletins:
CVE-1999-0651 |
Severity: High |
| Description: This service is vulnerable to TCP spoofing attacks. If possible use SSH instead. | ||||
| Applies to: |
Created: 1999-06-07 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0651 |
Title: RLOGIN service enabled |
Type: Services |
Bulletins:
CVE-1999-0651 |
Severity: High |
| Description: This service is vulnerable to TCP spoofing attacks. If possible use SSH instead. | ||||
| Applies to: |
Created: 1999-06-07 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0618 |
Title: REXEC service enabled |
Type: Services |
Bulletins:
CVE-1999-0618 |
Severity: High |
| Description: This service is vulnerable to TCP spoofing attacks. If possible use SSH instead. | ||||
| Applies to: |
Created: 1999-06-07 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0253 |
Title: IIS: ASP source using $2e trick |
Type: Web |
Bulletins:
CVE-1999-0253 |
Severity: High |
| Description: Retrieve the source code of remote ASP scripts. | ||||
| Applies to: IIS |
Created: 1999-06-07 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0497 |
Title: Ftp Anonymous Upload |
Type: FTP |
Bulletins:
CVE-1999-0497 |
Severity: Medium |
| Description: Anonymous uploading can open up your ftp server to be abused by intruders to upload malicious content such as pirated software / music / movies, viruses and Trojans. Apart from the obvious dangers viruses and Trojan might pose, if pirates start using the ftp server a distribution site, anti-piracy groups might target the company for legal action as hosting illegal software is a felony. Thus Ideally an FTP Server should only allow uploading and downloading privileges authenticated users. | ||||
| Applies to: |
Created: 1999-06-07 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0531 |
Title: EXPN,VRFY commands enabled on mail server |
Type: |
Bulletins:
CVE-1999-0531 |
Severity: Low |
| Description: The VRFY command allows someone to telnet to a Sendmail server and asks to verify that an address is valid. In such a case spammers will be able to decide who to send mail to. Such a command allows an attacker to keep trying email addresses until s/he finds one that works. The EXPN command is used in a similar manner by spammers, but it is more dangerous because one will be able to obtain a list of address instead of just one. In order to disable EXPN and VRFY perform the following steps:Find ‘PrivacyOptions=’ in /etc/sendmail.cfChange the line to ‘PrivacyOptions=noexpn novrfy’ or to ‘PrivacyOptions=goaway’Force sendmail to reload the configuration. | ||||
| Applies to: Sendmail |
Created: 1999-06-07 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0605 |
Title: All Servers: Merchant Order Form 1.2 Order Log Permissions |
Type: Web |
Bulletins:
CVE-1999-0605 SFBID2021 |
Severity: Medium |
| Description: Possible to view shopping orders. | ||||
| Applies to: |
Created: 1999-04-20 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0445 |
Title: In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters. |
Type: Hardware |
Bulletins:
CVE-1999-0445 |
Severity: Medium |
| Description: In Cisco routers under some versions of IOS 12.0 running NAT, some packets may not be filtered by input access list filters. | ||||
| Applies to: |
Created: 1999-04-01 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0382 |
Title: NT Screen Saver Vulnerability |
Type: Registry |
Bulletins:
CVE-1999-0382 MS99-008 |
Severity: High |
| Description: An attacker can replace the screen server with a trojaned executable gaining administrative level privileges. | ||||
| Applies to: Windows NT |
Created: 1999-03-12 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0416 |
Title: Vulnerability in Cisco 7xx series routers allows a remote attacker to cause a system reload via a TCP connection to the router's TELNET port. |
Type: Hardware |
Bulletins:
CVE-1999-0416 |
Severity: Medium |
| Description: Vulnerability in Cisco 7xx series routers allows a remote attacker to cause a system reload via a TCP connection to the router's TELNET port. | ||||
| Applies to: Ciscoo 7xx Routers |
Created: 1999-03-11 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0415 |
Title: The HTTP server in Cisco 7xx series routers 3.2 through 4.2 is enabled by default, which allows remote attackers to change the router's configuration. |
Type: Hardware |
Bulletins:
CVE-1999-0415 |
Severity: High |
| Description: The HTTP server in Cisco 7xx series routers 3.2 through 4.2 is enabled by default, which allows remote attackers to change the router's configuration. | ||||
| Applies to: Ciscoo 7xx Routers |
Created: 1999-03-11 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0376 |
Title: KnownDLLs List Vulnerability |
Type: Registry |
Bulletins:
CVE-1999-0376 MS99-006 |
Severity: Medium |
| Description: An attacker can replace system dll's with trojaned ones. | ||||
| Applies to: Windows NT |
Created: 1999-02-20 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0800 |
Title: IIS: Cold Fusion check |
Type: Web |
Bulletins:
CVE-1999-0800 |
Severity: Medium |
| Description: Related links: www.macromedia.com/devnet/coldfusion/security.html www.isummation.com/securing_coldfusion_pages_through_iis.html www.sans.org/rr/papers/index.php?id=300 | ||||
| Applies to: IIS |
Created: 1999-02-11 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0362 |
Title: WS FTP Server 1-0-2 |
Type: FTP |
Bulletins:
CVE-1999-0362 SFBID217 |
Severity: Medium |
| Description: WS_FTP Server is vulnerable to a Denial of Service vulnerability. When issuing a CWD command with more than 876 characters, the server will stop responding to FTP requests. In order to solve this vulnerability one should install the patch released by Ipswitch. | ||||
| Applies to: WS FTP Server |
Created: 1999-02-04 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-1538 |
Title: IIS: iisadmin is accesible |
Type: Web |
Bulletins:
CVE-1999-1538 SFBID189 |
Severity: Low |
| Description: /iisadmin should be limited to localhost only because can be used for server configure. | ||||
| Applies to: IIS |
Created: 1999-01-14 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0063 |
Title: Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port. |
Type: Hardware |
Bulletins:
CVE-1999-0063 |
Severity: Medium |
| Description: Cisco IOS 12.0 and other versions can be crashed by malicious UDP packets to the syslog port. | ||||
| Applies to: |
Created: 1999-01-11 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0162 |
Title: The "established" keyword in some Cisco IOS software allowed an attacker to bypass filtering. |
Type: Hardware |
Bulletins:
CVE-1999-0162 |
Severity: Medium |
| Description: The "established" keyword in some Cisco IOS software allowed an attacker to bypass filtering. | ||||
| Applies to: |
Created: 1998-09-01 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0003 |
Title: ttdbserver service running |
Type: RPC |
Bulletins:
CVE-1999-0003 SFBID122 |
Severity: High |
| Description: Some versions of this service are vulnerable (Run arbitrary commands as root). | ||||
| Applies to: |
Created: 1998-08-31 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0002 |
Title: Linux mountd running |
Type: RPC |
Bulletins:
CVE-1999-0002 SFBID121 |
Severity: High |
| Description: Some versions of this service are vulnerable (Run arbitrary commands as root). | ||||
| Applies to: |
Created: 1998-08-28 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0159 |
Title: Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login). This applies to some IOS 9.x, 10.x, and 11.x releases. |
Type: Hardware |
Bulletins:
CVE-1999-0159 |
Severity: Medium |
| Description: Attackers can crash a Cisco IOS router or device, provided they can get to an interactive prompt (such as a login). This applies to some IOS 9.x, 10.x, and 11.x releases. | ||||
| Applies to: |
Created: 1998-08-12 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-1582 |
Title: By design, the "established" command on the Cisco PIX firewall allows connections from one host to arbitrary ports of a target host if an alternative conduit has already been allowed, which can cause administrators to configure less restrictive... |
Type: Hardware |
Bulletins:
CVE-1999-1582 |
Severity: High |
| Description: By design, the "established" command on the Cisco PIX firewall allows connections from one host to arbitrary ports of a target host if an alternative conduit has already been allowed, which can cause administrators to configure less restrictive access controls than intended if they do not understand this functionality. | ||||
| Applies to: |
Created: 1998-07-15 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0006 |
Title: QPOP 2-2 to 2.4 |
Type: |
Bulletins:
CVE-1999-0006 SFBID133 |
Severity: High |
| Description: A vulnerability exists in QUALCOMM’s QPOP with versions earlier than 2.5. QPOP is prone to a buffer overflow, and in such case remote users will be able to gain privileged access to the systems running such POP servers. If the POP server installed on the system is vulnerable, a patch available from the vendor should be installed, otherwise such POP server should be disabled. In order to determine whether the POP server installed on the system is vulnerable, one should telnet to port 110 on such host, and check the version number from the banner. If the version is vulnerable, the patch should be installed, otherwise the POP server should be disabled. | ||||
| Applies to: QPOP |
Created: 1998-06-27 |
Updated: 2024-09-07 |
||
| ID: CVE-2002-0421 |
Title: IIS: Microsoft IIS 4.0 IISADMPWD Proxied Password Attack |
Type: Web |
Bulletins:
CVE-2002-0421 SFBID2110 |
Severity: Medium |
| Description: Possible to gain Unauthorized access to your computer. | ||||
| Applies to: IIS |
Created: 1998-02-09 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-1293 |
Title: Apache 1-2-5 |
Type: Miscellaneous |
Bulletins:
CVE-1999-1293 |
Severity: High |
| Description: Run arbitrary commands (web server privilege). | ||||
| Applies to: Apache |
Created: 1998-01-06 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0293 |
Title: AAA authentication on Cisco systems allows attackers to execute commands without authorization. |
Type: Hardware |
Bulletins:
CVE-1999-0293 |
Severity: High |
| Description: AAA authentication on Cisco systems allows attackers to execute commands without authorization. | ||||
| Applies to: |
Created: 1998-01-01 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0230 |
Title: Buffer overflow in Cisco 7xx routers through the telnet service. |
Type: Hardware |
Bulletins:
CVE-1999-0230 |
Severity: Medium |
| Description: Buffer overflow in Cisco 7xx routers through the telnet service. | ||||
| Applies to: |
Created: 1997-12-15 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0016 |
Title: Land IP denial of service. |
Type: Hardware |
Bulletins:
CVE-1999-0016 |
Severity: Medium |
| Description: Land IP denial of service. | ||||
| Applies to: |
Created: 1997-12-01 |
Updated: 2024-09-07 |
||
| ID: REF000326 |
Title: Alerter service enabled |
Type: Services |
Bulletins: | Severity: Low |
| Description: This service could be use in social engineering attacks. It is recommended to disable this service. | ||||
| Applies to: |
Created: 1997-12-01 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-1061 |
Title: HP JetDirect password is not set |
Type: Miscellaneous |
Bulletins:
CVE-1999-1061 |
Severity: High |
| Description: Users can manipulate Device Settings through (Web)JetAdmin. | ||||
| Applies to: HP JetDirect |
Created: 1997-10-04 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-0160 |
Title: Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections. |
Type: Hardware |
Bulletins:
CVE-1999-0160 |
Severity: High |
| Description: Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections. | ||||
| Applies to: |
Created: 1997-10-01 |
Updated: 2024-09-07 |
||
| ID: SFBID688 |
Title: Denial of service on port 135 |
Type: Registry |
Bulletins:
SFBID688 |
Severity: Low |
| Description: A vulnerability exists when connecting to TCP port 135. Entering 10 or more random characters will cause the CPU of the target host to jump to 100% CPU utilization, leading to a denial of service. The target host should be restarted to eliminate the problem. A fix has been issued by Microsoft and is available at:ftp://ftp.microsoft.com/bussys/winnt/winnt-public/fixes/usa/NT40/hotfixes-postSP2/rpc-fix/It has also been included with Service Pack 3. | ||||
| Applies to: Windows NT |
Created: 1997-02-07 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0047 |
Title: Sendmail privilege escalation |
Type: |
Bulletins:
CVE-1999-0047 SFBID685 |
Severity: High |
| Description: Sendmail is prone to a vulnerability, where if a attacker sends a carefully crafted email message to a system running this version of Sendmail, the attacker will be able to execute random commands with root privileges on the system the vulnerable Sendmail is running. In order to solve such problem it is advisable to upgrade to version 8.8.5 or later. | ||||
| Applies to: Sendmail |
Created: 1997-01-20 |
Updated: 2024-09-07 |
||
| ID: SFBID2026 |
Title: All Servers: Aglimpse |
Type: Web |
Bulletins:
SFBID2026 |
Severity: Medium |
| Description: It is possible to force the web server to send the password file back to the attacker. | ||||
| Applies to: Aglimpse |
Created: 1996-07-03 |
Updated: 2010-08-21 |
||
| ID: SFBID1749 |
Title: ypupdated service running |
Type: RPC |
Bulletins:
SFBID1749 |
Severity: High |
| Description: Some versions of this service are vulnerable (Run arbitrary commands as root). | ||||
| Applies to: |
Created: 1995-12-19 |
Updated: 2010-08-21 |
||
| ID: CVE-1999-0161 |
Title: In Cisco IOS 10.3, with the tacacs-ds or tacacs keyword, an extended IP access control list could bypass filtering. |
Type: Hardware |
Bulletins:
CVE-1999-0161 |
Severity: High |
| Description: In Cisco IOS 10.3, with the tacacs-ds or tacacs keyword, an extended IP access control list could bypass filtering. | ||||
| Applies to: |
Created: 1995-07-31 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-1466 |
Title: Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enabled, and the access list uses the "established" keyword. |
Type: Hardware |
Bulletins:
CVE-1999-1466 SFBID53 |
Severity: High |
| Description: Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache is enabled, and the access list uses the "established" keyword. | ||||
| Applies to: |
Created: 1992-12-10 |
Updated: 2024-09-07 |
||
| ID: CVE-1999-1306 |
Title: Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters. |
Type: Hardware |
Bulletins:
CVE-1999-1306 |
Severity: High |
| Description: Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters. | ||||
| Applies to: |
Created: 1992-12-10 |
Updated: 2024-09-07 |
||
| ID: CVE-2023-4581 |
Title: XLL file extensions were downloadable without warnings |
Type: Software |
Bulletins:
CVE-2023-4581 |
Severity: Medium |
| Description: DOCUMENTATION: No description is available for this CVE. STATEMENT: Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-4387 |
Title: use-after-free in vmxnet3_rq_alloc_rx_buf |
Type: Software |
Bulletins:
CVE-2023-4387 |
Severity: High |
| Description: DOCUMENTATION: A use-after-free flaw was found in vmxnet3_rq_alloc_rx_buf in drivers/net/vmxnet3/vmxnet3_drv.c in VMware's vmxnet3 ethernet NIC driver in the Linux Kernel. This issue could allow a local attacker to crash the system due to a double-free while cleaning up vmxnet3_rq_cleanup_all, which could also lead to a kernel information leak problem. MITIGATION: Mitigation for this issue is to skip loading the affected module " vmxnet3 " onto the system until the fix is available, this can be done by a blacklist mechanism which will ensure the driver is not loaded at the boot time. ~~~ How do I blacklist a kernel module to prevent it from loading automatically? https://access.redhat.com/solutions/41278 ~~~ | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-4563 |
Title: Use-after-free in nft_verdict_dump due to a race between set GC and transaction |
Type: Software |
Bulletins:
CVE-2023-4563 |
Severity: Medium |
| Description: DOCUMENTATION: A use-after-free flaw was found in the nftables sub-component due to a race problem between the set GC and transaction in the Linux Kernel. This flaw allows a local attacker to crash the system due to a missing call to `nft_set_elem_mark_busy`, causing double deactivation of the element and possibly leading to a kernel information leak problem. MITIGATION: Mitigation for this issue is to skip loading the affected module " nftables " onto the system till we have a fix available, this can be done by a blacklist mechanism, this will ensure the driver is not loaded at the boot time. ~~~ How do I blacklist a kernel module to prevent it from loading automatically? https://access.redhat.com/solutions/41278 ~~~ | ||||
| Applies to: |
Created: |
Updated: 2023-08-28 |
||
| ID: CVE-2023-4133 |
Title: use-after-free in ch_flower_stats_cb |
Type: Software |
Bulletins:
CVE-2023-4133 |
Severity: Medium |
| Description: DOCUMENTATION: A use-after-free vulnerability was found in the cxgb4 driver in the Linux kernel. The bug occurs when the cxgb4 device is detaching due to a possible rearming of the flower_stats_timer from the work queue. This flaw allows a local user to crash the system, causing a denial of service condition. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-4273 |
Title: stack overflow in exfat_get_uniname_from_ext_entry |
Type: Software |
Bulletins:
CVE-2023-4273 |
Severity: Medium |
| Description: DOCUMENTATION: A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this flaw to overflow the kernel stack. STATEMENT: Red Hat Enterprise Linux 6, 7 and 8 are not affected by this flaw as they did not include exFAT filesystem support (introduced upstream in kernel v5.7). | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-4155 |
Title: SEV-ES / SEV-SNP VMGEXIT double fetch vulnerability |
Type: Software |
Bulletins:
CVE-2023-4155 |
Severity: Medium |
| Description: DOCUMENTATION: A flaw was found in KVM AMD Secure Encrypted Virtualization (SEV) in the Linux kernel. A KVM guest using SEV-ES or SEV-SNP with multiple vCPUs can trigger a double fetch race condition vulnerability and invoke the `VMGEXIT` handler recursively. If an attacker manages to call the handler multiple times, they can trigger a stack overflow and cause a denial of service or potentially guest-to-host escape in kernel configurations without stack guard pages (`CONFIG_VMAP_STACK`). STATEMENT: Red Hat Enterprise Linux 6 and 7 are not affected by this flaw, as they did not include support for KVM AMD Secure Encrypted Virtualization (SEV). Note: AMD SEV is currently provided as a Technology Preview in RHEL 8, therefore, it is unsupported for production use. For additional details see https://access.redhat.com/articles/4491591 and https://access.redhat.com/support/offerings/techpreview. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-4580 |
Title: Push notifications saved to disk unencrypted |
Type: Software |
Bulletins:
CVE-2023-4580 |
Severity: Medium |
| Description: DOCUMENTATION: No description is available for this CVE. STATEMENT: Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-41358 |
Title: processes invalid NLRIs if attribute length is zero |
Type: Software |
Bulletins:
CVE-2023-41358 |
Severity: High |
| Description: DOCUMENTATION: A vulnerability was found in FRRouting (FRR) in bgpd/bgp_packet.c, where the Network Layer Reachability Information (NLRI) is processed even when the attribute length is zero. The flaw causes a crash due to a NULL pointer dereference issue. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-41175 |
Title: potential integer overflow in raw2tiff.c |
Type: Software |
Bulletins:
CVE-2023-41175 |
Severity: Medium |
| Description: DOCUMENTATION: No description is available for this CVE. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-4641 |
Title: possible password leak during passwd |
Type: Software |
Bulletins:
CVE-2023-4641 |
Severity: Medium |
| Description: DOCUMENTATION: A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-41359 |
Title: out of bounds read in bgp_attr_aigp_valid |
Type: Software |
Bulletins:
CVE-2023-41359 |
Severity: High |
| Description: DOCUMENTATION: The MITRE CVE dictionary describes this issue as: An issue was discovered in FRRouting FRR through 9.0. There is an out-of-bounds read in bgp_attr_aigp_valid in bgpd/bgp_attr.c because there is no check for the availability of two bytes during AIGP validation. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-41080 |
Title: Open Redirect vulnerability in FORM authentication |
Type: Software |
Bulletins:
CVE-2023-41080 |
Severity: Medium |
| Description: DOCUMENTATION: The MITRE CVE dictionary describes this issue as: URL Redirection to Untrusted Site ('Open Redirect') vulnerability in FORM authentication feature Apache Tomcat.This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.0-M10, from 10.1.0-M1 through 10.0.12, from 9.0.0-M1 through 9.0.79 and from 8.5.0 through 8.5.92. The vulnerability is limited to the ROOT (default) web application. STATEMENT: The pki-servlet-engine package has been obsoleted by the tomcat package, and therefore this issue will be fixed in the tomcat package rather than the pki-serlvet-engine package. Please follow the RHEL tomcat trackers instead for the updates. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-4459 |
Title: NULL pointer dereference in vmxnet3_rq_cleanup |
Type: Software |
Bulletins:
CVE-2023-4459 |
Severity: Medium |
| Description: DOCUMENTATION: A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in vmxnet3 in the Linux Kernel. This issue may allow a local attacker with normal user privilege to cause a denial of service due to a missing sanity check during cleanup. MITIGATION: In order to mitigate this issue, prevent the affected code from being loaded by blacklisting the kernel module " vmxnet3 " . For instructions relating to how to blacklist a kernel module refer to: https://access.redhat.com/solutions/41278 ~~~ Exploiting this flaw will require CAP_NET_ADMIN access privilege in any user or network namespace. ~~~ | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-4147 |
Title: nf_tables_newrule when adding a rule with NFTA_RULE_CHAIN_ID leads to use-after-free |
Type: Software |
Bulletins:
CVE-2023-4147 |
Severity: High |
| Description: DOCUMENTATION: A use-after-free flaw was found in the Linux kernel’s Netfilter functionality when adding a rule with NFTA_RULE_CHAIN_ID. This flaw allows a local user to crash or escalate their privileges on the system. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-4585 |
Title: Memory safety bugs fixed in Firefox 117, Firefox ESR 115.2, and Thunderbird 115.2 |
Type: Software |
Bulletins:
CVE-2023-4585 |
Severity: High |
| Description: DOCUMENTATION: No description is available for this CVE. STATEMENT: Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-4584 |
Title: Memory safety bugs fixed in Firefox 117, Firefox ESR 102.15, Firefox ESR 115.2, Thunderbird 102.15, and Thunderbird 115.2 |
Type: Software |
Bulletins:
CVE-2023-4584 |
Severity: High |
| Description: DOCUMENTATION: No description is available for this CVE. STATEMENT: Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-4577 |
Title: Memory corruption in JIT UpdateRegExpStatics |
Type: Software |
Bulletins:
CVE-2023-4577 |
Severity: Medium |
| Description: DOCUMENTATION: No description is available for this CVE. STATEMENT: Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-4575 |
Title: Memory corruption in IPC FilePickerShownCallback |
Type: Software |
Bulletins:
CVE-2023-4575 |
Severity: Medium |
| Description: DOCUMENTATION: No description is available for this CVE. STATEMENT: Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-4574 |
Title: Memory corruption in IPC ColorPickerShownCallback |
Type: Software |
Bulletins:
CVE-2023-4574 |
Severity: Medium |
| Description: DOCUMENTATION: No description is available for this CVE. STATEMENT: Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-4573 |
Title: Memory corruption in IPC CanvasTranslator |
Type: Software |
Bulletins:
CVE-2023-4573 |
Severity: Medium |
| Description: DOCUMENTATION: No description is available for this CVE. STATEMENT: Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-40745 |
Title: integer overflow in tiffcp.c |
Type: Software |
Bulletins:
CVE-2023-40745 |
Severity: Medium |
| Description: DOCUMENTATION: No description is available for this CVE. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-4569 |
Title: information leak in nft_set_catchall_flush in net/netfilter/nf_tables_api.c |
Type: Software |
Bulletins:
CVE-2023-4569 |
Severity: Medium |
| Description: DOCUMENTATION: A memory leak flaw was found in nft_set_catchall_flush in net/netfilter/nf_tables_api.c in the Linux Kernel. This issue may allow a local attacker to cause a double-deactivations of catchall elements, which results in a memory leak. MITIGATION: Mitigation for this issue is to skip loading the affected module " nftables " onto the system until we have a fix available. This can be done by a blacklist mechanism that will ensure the driver is not loaded at boot time. ~~~ How do I blacklist a kernel module to prevent it from loading automatically? https://access.redhat.com/solutions/41278 ~~~ | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-4156 |
Title: heap out of bound read in builtin.c |
Type: Software |
Bulletins:
CVE-2023-4156 |
Severity: High |
| Description: DOCUMENTATION: A heap out-of-bounds read flaw was found in builtin.c in the gawk package. This issue may lead to a crash and could be used to read sensitive information. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-4051 |
Title: Full screen notification obscured by file open dialog |
Type: Software |
Bulletins:
CVE-2023-4051 |
Severity: High |
| Description: DOCUMENTATION: The MITRE CVE dictionary describes this issue as: A website could have obscured the full screen notification by using the file open dialog. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116. STATEMENT: Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-4053 |
Title: Full screen notification obscured by external program |
Type: Software |
Bulletins:
CVE-2023-4053 |
Severity: Medium |
| Description: DOCUMENTATION: The MITRE CVE dictionary describes this issue as: A website could have obscured the full screen notification by using a URL with a scheme handled by an external program, such as a mailto URL. This could have led to user confusion and possible spoofing attacks. This vulnerability affects Firefox < 116. STATEMENT: Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-41105 |
Title: file path truncation at \0 characters |
Type: Software |
Bulletins:
CVE-2023-41105 |
Severity: High |
| Description: DOCUMENTATION: Python 3.11 os.path.normpath() function is vulnerable to path truncation if a null byte is inserted in the middle of passed path. This may result in bypass of allow lists if implemented before the verification of the path. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-4578 |
Title: Error reporting methods in SpiderMonkey could have triggered an Out of Memory Exception |
Type: Software |
Bulletins:
CVE-2023-4578 |
Severity: Medium |
| Description: DOCUMENTATION: No description is available for this CVE. STATEMENT: Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-4511 |
Title: DoS |
Type: Software |
Bulletins:
CVE-2023-4511 |
Severity: High |
| Description: DOCUMENTATION: The MITRE CVE dictionary describes this issue as: BT SDP dissector infinite loop in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-4512 |
Title: DoS |
Type: Software |
Bulletins:
CVE-2023-4512 |
Severity: High |
| Description: DOCUMENTATION: The MITRE CVE dictionary describes this issue as: CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-4513 |
Title: DoS |
Type: Software |
Bulletins:
CVE-2023-4513 |
Severity: High |
| Description: DOCUMENTATION: The MITRE CVE dictionary describes this issue as: BT SDP dissector memory leak in Wireshark 4.0.0 to 4.0.7 and 3.6.0 to 3.6.15 allows denial of service via packet injection or crafted capture file | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-41361 |
Title: does not check for an overly large length of the rcv software version |
Type: Software |
Bulletins:
CVE-2023-41361 |
Severity: High |
| Description: DOCUMENTATION: The MITRE CVE dictionary describes this issue as: An issue was discovered in FRRouting FRR 9.0. bgpd/bgp_open.c does not check for an overly large length of the rcv software version. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-4194 |
Title: correctly initialize socket uid next fix of i_uid to current_fsuid |
Type: Software |
Bulletins:
CVE-2023-4194 |
Severity: Medium |
| Description: DOCUMENTATION: A flaw was found in the Linux kernel's TUN/TAP functionality. This issue could allow a local user to bypass network filters and gain unauthorized access to some resources. The original patches fixing CVE-2023-1076 are incorrect or incomplete. The problem is that the following upstream commits - a096ccca6e50 ( " tun: tun_chr_open(): correctly initialize socket uid " ), - 66b2c338adce ( " tap: tap_open(): correctly initialize socket uid " ), pass " inode- > i_uid " to sock_init_data_uid() as the last parameter and that turns out to not be accurate. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-4128 |
Title: cls_fw, cls_u32 and cls_route |
Type: Software |
Bulletins:
CVE-2023-4128 |
Severity: High |
| Description: DOCUMENTATION: A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak issue. MITIGATION: Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability. | ||||
| Applies to: |
Created: |
Updated: 2023-08-29 |
||
| ID: CVE-2023-40857 |
Title: buffer overflow that allows a remote attacker to execute arbtirary code via the yr_execute_cod function |
Type: Software |
Bulletins:
CVE-2023-40857 |
Severity: High |
| Description: DOCUMENTATION: A flaw was found in the yara library. This issue occurs due to a buffer overflow vulnerability in the exe.c component that allows a remote attacker to execute arbtirary code via the yr_execute_cod function. MITIGATION: Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-4583 |
Title: Browsing Context potentially not cleared when closing Private Window |
Type: Software |
Bulletins:
CVE-2023-4583 |
Severity: High |
| Description: DOCUMENTATION: No description is available for this CVE. STATEMENT: Red Hat Product Security rates the severity of this flaw as determined by the Mozilla Foundation Security Advisory. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
| ID: CVE-2023-41360 |
Title: ahead-of-stream read of ORF header |
Type: Software |
Bulletins:
CVE-2023-41360 |
Severity: High |
| Description: DOCUMENTATION: The MITRE CVE dictionary describes this issue as: An issue was discovered in FRRouting FRR through 9.0. bgpd/bgp_packet.c can read the initial byte of the ORF header in an ahead-of-stream situation. | ||||
| Applies to: |
Created: |
Updated: 2024-09-07 |
||
