Cisco VPN 5000 series concentrator hardware 6.0.21.0002 and earlier, and 5.2.23.0003 and earlier, when using RADIUS with a challenge type of Password Authentication Protocol (PAP) or Challenge, sends the user password in cleartext in...
tinyproxy HTTP proxy 1.5.0, 1.4.3, and earlier allows remote attackers to execute arbitrary code via memory that is freed twice (double-free). Date published : 2003-04-02 http://www.securityfocus.com/bid/4731 http://sourceforge.net/project/shownotes.php?release_id=88790
The decoder for Macromedia Shockwave Flash allows remote attackers to execute arbitrary code via a malformed SWF header that contains more data than the specified length. Date published : 2003-04-02 http://www.securityfocus.com/bid/5430
Buffer overflow in Sun ONE / iPlanet Web Server 4.1 and 6.0 allows remote attackers to execute arbitrary code via an HTTP request using chunked transfer encoding. Date published : 2003-04-02 http://www.securityfocus.com/bid/5433 http://marc.info/?l=bugtraq&m=102890933623192&w=2
The kqueue mechanism in FreeBSD 4.3 through 4.6 STABLE allows local users to cause a denial of service (kernel panic) via a pipe call in which one end is terminated and an EVFILT_WRITE filter...
Network File System (NFS) in FreeBSD 4.6.1 RELEASE-p7 and earlier, NetBSD 1.5.3 and earlier, and possibly other operating systems, allows remote attackers to cause a denial of service (hang) via an RPC message with...
Integer overflow in the Berkeley Fast File System (FFS) in FreeBSD 4.6.1 RELEASE-p4 and earlier allows local users to access arbitrary file contents within FFS to gain privileges by creating a file that is...
Buffer overflow in WS_FTP FTP Server 3.1.1 allows remote authenticated users to execute arbitrary code via a long SITE CPWD command. Date published : 2003-04-02 http://www.atstake.com/research/advisories/2002/a080802-1.txt http://www.securityfocus.com/bid/5427
BSD pppd allows local users to change the permissions of arbitrary files via a symlink attack on a file that is specified as a tty device. Date published : 2003-04-02 http://www.securityfocus.com/bid/5355 http://marc.info/?l=bugtraq&m=102812546815606&w=2
Buffer overflow in Winhlp32.exe allows remote attackers to execute arbitrary code via an HTML document that calls the HTML Help ActiveX control (HHCtrl.ocx) with a long pathname in the Item parameter. Date published :...
wwwoffled in World Wide Web Offline Explorer (WWWOFFLE) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a negative Content-Length value. Date published : 2003-04-02 http://www.securityfocus.com/bid/5260 http://archives.neohapsis.com/archives/bugtraq/2002-07/0194.html
Format string vulnerability in super for Linux allows local users to gain root privileges via a long command line argument. Date published : 2003-04-02 http://www.securityfocus.com/bid/5367 http://marc.info/?l=bugtraq&m=102812622416695&w=2
Buffer overflow in su in Tru64 Unix 5.x allows local users to gain root privileges via a long username and argument. Date published : 2003-04-02 http://www.securityfocus.com/bid/5272 http://marc.info/?l=bugtraq&m=102709593117171&w=2
Buffer overflow in VMware Authorization Service for VMware GSX Server 2.0.0 build-2050 allows remote authenticated users to execute arbitrary code via a long GLOBAL argument. Date published : 2003-04-02 http://www.securityfocus.com/bid/5294 http://marc.info/?l=bugtraq&m=102752511030425&w=2