Unknown vulnerability in Compaq WEBES Service Tools 2.0 through WEBES 4.0 (Service Pack 5) allows local users to read privileged files. Date published : 2002-09-24 http://www.securityfocus.com/bid/5773 http://marc.info/?l=bugtraq&m=103280973718587&w=2
Encoded directory traversal vulnerability in Dino’s web server 2.1 allows remote attackers to read arbitrary files via ".." (dot dot) sequences with URL-encoded (1) "/" (%2f") or (2) "" (%5c) characters. Date published :...
Cross-site scripting vulnerabilities in SquirrelMail 1.2.7 and earlier allows remote attackers to execute script as other web users via (1) addressbook.php, (2) options.php, (3) search.php, or (4) help.php. Date published : 2002-09-24 http://www.securityfocus.com/bid/5763 http://archives.neohapsis.com/archives/bugtraq/2002-09/0246.html
Buffer overflow in dxterm allows local users to execute arbitrary code via a long -xrm argument. Date published : 2002-09-24 http://www.securityfocus.com/bid/5746 http://marc.info/?l=bugtraq&m=103248659816294&w=2
Buffer overflow in inc mail utility for Compaq Tru64/OSF1 3.x allows local users to execute arbitrary code via a long MH environment variable. Date published : 2002-09-24 http://www.securityfocus.com/bid/5747 http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0122.html
Buffer overflow in uucp in Compaq Tru64/OSF1 3.x allows local users to execute arbitrary code via a long source (-s) command line parameter. Date published : 2002-09-24 http://www.securityfocus.com/bid/5745 http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0122.html
FreeBSD port programs that use libkvm for FreeBSD 4.6.2-RELEASE and earlier, including (1) asmon, (2) ascpu, (3) bubblemon, (4) wmmon, and (5) wmnet2, leave open file descriptors for /dev/mem and /dev/kmem, which allows local...
Multiple buffer overflows in purity 1-16 allow local users to gain privileges and modify high scores tables. Date published : 2002-09-17 http://www.securityfocus.com/bid/5702 http://www.debian.org/security/2002/dsa-166
SMTP content filter engines, including (1) GFI MailSecurity for Exchange/SMTP before 7.2, (2) InterScan VirusWall before 3.52 build 1494, (3) the default configuration of MIMEDefang before 2.21, and possibly other products, do not detect...
Buffer overflow in Savant Web Server 3.1 and earlier allows remote attackers to execute arbitrary code via a long HTTP GET request. Date published : 2002-09-12 http://www.securityfocus.com/bid/5686 https://www.exploit-db.com/exploits/16770/
Mantis 0.17.4a and earlier allows remote attackers to view private bugs by modifying the f_id bug ID parameter to (1) bug_update_advanced_page.php, (2) bug_update_page.php, (3) view_bug_advanced_page.php, or (4) view_bug_page.php. Date published : 2002-09-10 http://www.securityfocus.com/bid/5563 http://marc.info/?l=bugtraq&m=103013249211164&w=2
config_inc2.php in Mantis before 0.17.4 allows remote attackers to execute arbitrary code or read arbitrary files via the parameters (1) g_bottom_include_page, (2) g_top_include_page, (3) g_css_include_file, (4) g_meta_include_file, or (5) a cookie. Date published :...
Multiple SQL injection vulnerabilities in Mantis 0.17.2 and earlier, when running without magic_quotes_gpc enabled, allows remote attackers to gain privileges or perform unauthorized database operations via modified form fields, e.g. to account_update.php. Date published...
Cisco VPN 3000 Concentrator 2.2.x, 3.6(Rel), and 3.x before 3.5.5, allows remote attackers to cause a denial of service via (1) malformed or (2) large ISAKMP packets. Date published : 2002-09-10 http://www.kb.cert.org/vuls/id/761651 http://www.cisco.com/warp/public/707/vpn3k-multiple-vuln-pub.shtml