Cross-site scripting vulnerability in TDForum 1.2 CGI script (tdforum12.cgi) allows remote attackers to execute arbitrary script on other clients via a forum message that contains the script. Date published : 2002-02-02 http://www.securityfocus.com/bid/3207 http://archives.neohapsis.com/archives/bugtraq/2001-08/0281.html
Knox Arkeia server 4.2, and possibly other versions, installs its root user with a null password by default, which allows local and remote users to gain privileges. Date published : 2002-02-02 http://www.securityfocus.com/bid/3203 http://archives.neohapsis.com/archives/bugtraq/2001-08/0228.html
Knox Arkeia server 4.2, and possibly other versions, uses a constant salt when encrypting passwords using the crypt() function, which makes it easier for an attacker to conduct brute force password guessing. Date published...
Directory traversal vulnerability in Nudester 1.10 and earlier allows remote attackers to read or write arbitrary files via a .. (dot dot) in the CD (CWD) command. Date published : 2002-02-02 http://www.securityfocus.com/bid/3202 http://archives.neohapsis.com/archives/bugtraq/2001-08/0232.html
Buffer overflow in client for Half-Life 1.1.0.8 and earlier allows malicious remote servers to execute arbitrary code via a long console command. Date published : 2002-02-02 http://archives.neohapsis.com/archives/bugtraq/2001-09/0178.html https://exchange.xforce.ibmcloud.com/vulnerabilities/7148
Buffer overflows in eManager plugin for Trend Micro InterScan VirusWall for NT 3.51 and 3.51J allow remote attackers to execute arbitrary code via long arguments to the CGI programs (1) register.dll, (2) ContentFilter.dll, (3)...
speechd 0.54 and earlier, with the Festival or rsynth speech synthesis package, allows attackers to execute arbitrary commands via shell metacharacters. Date published : 2002-02-02 http://www.securityfocus.com/bid/3326 http://archives.neohapsis.com/archives/bugtraq/2001-09/0089.html
Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph clipping for large origins, allows attackers to cause a denial of service and possibly gain privileges via a large number of characters, possibly...
Kebi WebMail allows remote attackers to access the administrator menu and gain privileges via the /a/ hidden directory, which is installed under the web document root. Date published : 2002-02-02 http://www.securityfocus.com/bid/3655 http://marc.info/?l=bugtraq&m=100780264902037&w=2:1
THQ Volition Red Faction Game allows remote attackers to cause a denial of service (hang) of a client or server via packets to UDP port 7755. Date published : 2002-02-02 http://www.securityfocus.com/bid/3651 http://marc.info/?l=bugtraq&m=100774266027774&w=2
ValiCert Enterprise Validation Authority (EVA) Administration Server 3.3 through 4.2.1 uses insufficiently random data to (1) generate session tokens for HSMs using the C rand function, or (2) generate certificates or keys using /dev/urandom...
Buffer overflows in forms.exe CGI program in ValiCert Enterprise Validation Authority (EVA) Administration Server 3.3 through 4.2.1 allows remote attackers to execute arbitrary code via long arguments to the parameters (1) Mode, (2) Certificate_File,...
Cross-site scripting (CSS) vulnerability in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to execute arbitrary code or display false information by including HTML or script in the certificate’s description, which...
Forms.exe CGI program in ValiCert Enterprise Validation Authority (EVA) 3.3 through 4.2.1 allows remote attackers to determine the real pathname of the server by requesting an invalid extension, which produces an error page that...