Buffer overflow in CodeBlue 4 and earlier, and possibly other versions, allows remote attackers to execute arbitrary code via a long string in an SMTP reply. Date published : 2002-05-03 http://marc.info/?l=bugtraq&m=101392671306875&w=2 http://freshmeat.net/releases/71514/
The kernel in HP-UX 11.11 does not properly provide arguments for setrlimit, which could allow local attackers to cause a denial of service (kernel panic) and possibly gain privileges. Date published : 2002-05-03 http://www.securityfocus.com/bid/4094...
Directory traversal vulnerability in Add2it Mailman Free 1.73 and earlier allows remote attackers to modify arbitrary files via a .. (dot dot) in the list parameter. Date published : 2002-05-03 http://marc.info/?l=bugtraq&m=101371994219708&w=2 http://www.add2it.com/scripts/mailman-free-history.shtml
Add2it Mailman Free 1.73 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the list parameter. Date published : 2002-05-03 http://www.securityfocus.com/bid/4105 http://marc.info/?l=bugtraq&m=101371994219708&w=2
Buffer overflow in CWMail.exe in NetWin before 2.8a allows remote authenticated users to execute arbitrary code via a long item parameter. Date published : 2002-05-03 http://www.securityfocus.com/bid/4093 http://marc.info/?l=bugtraq&m=101362100602008&w=2
Buffer overflows in mpg321 before 0.2.9 allows local and possibly remote attackers to execute arbitrary code via a long URL to (1) a command line option, (2) an HTTP request, or (3) an FTP...
Runtime library in GNU Ada compiler (GNAT) 3.12p through 3.14p allows local users to modify files of other users via a symlink attack on temporary files. Date published : 2002-05-03 http://www.securityfocus.com/bid/4086 http://marc.info/?l=bugtraq&m=101353440624007&w=2
Opera, when configured with the "Determine action by MIME type" option disabled, interprets an object as an HTML document even when its MIME Content-Type is text/plain, which could allow remote attackers to execute arbitrary...
Internet Explorer 5.x and 6 interprets an object as an HTML document even when its MIME Content-Type is text/plain, which could allow remote attackers to execute arbitrary script in documents that the user does...
Identix BioLogon 3 allows users with physical access to the system to gain administrative privileges by using CTRL-ALT-DEL and running a "Browse" function, which runs Explorer with SYSTEM privileges. Date published : 2002-05-03 http://www.securityfocus.com/bid/4101...
Thunderstone Texis CGI script allows remote attackers to obtain the full path of the web root via a request for a nonexistent file, which generates an error message that includes the full pathname. Date...
PowerFTP Personal FTP Server 2.03 through 2.10 stores sensitive account information in plaintext in the ftpserver.ini file, which allows attackers with access to the file to gain privileges. Date published : 2002-05-03 http://www.securityfocus.com/bid/4074 http://marc.info/?l=bugtraq&m=101361745222207&w=2
Buffer overflow in EasyBoard 2000 1.27 (aka EZboard) allows remote attackers to execute arbitrary code via a long boundary value in a multipart Content-Type header to (1) ezboard.cgi, (2) ezman.cgi, or (3) ezadmin.cgi. Date...
Directory traversal vulnerability in netget for Sybex E-Trainer web server allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. Date published : 2002-05-03 http://www.securityfocus.com/bid/4071 http://marc.info/?l=bugtraq&m=101344812311216&w=2