Jetbox One 2.0.8 and possibly other versions allow remote attackers with Author privileges in the IMAGES module to upload PHP files and execute arbitrary code. Date published : 2005-02-13 http://www.securityfocus.com/bid/10859 http://www.securityfocus.com/archive/1/370852
Jetbox One 2.0.8 and possibly other versions stores passwords in the database in plaintext, which could allow attackers to gain sensitive information. Date published : 2005-02-13 http://www.securityfocus.com/bid/10858 http://www.securityfocus.com/archive/1/370852
Unknown vulnerability in ScreenOS in Juniper Networks NetScreen firewall 3.x through 5.x allows remote attackers to cause a denial of service (device reboot or hang) via a crafted SSH v1 packet. Date published :...
A race condition in nessus-adduser in Nessus 2.0.11 and possibly earlier versions, if the TMPDIR environment variable is not set, allows local users to gain privileges. Date published : 2005-02-13 http://www.securityfocus.com/bid/10784 http://www.nessus.org/nessus_2_0.html
Directory traversal vulnerability in Roundup 0.6.4 and earlier allows remote attackers to view arbitrary files via .. (dot dot) sequences in an @@ command in an HTTP GET request. Date published : 2005-02-13 http://www.securityfocus.com/bid/10495...
Cross-site scripting (XSS) vulnerability in the inline MIME viewer in Horde-IMP (Internet Messaging Program) 3.2.4 and earlier, when used with Internet Explorer, allows remote attackers to inject arbitrary web script or HTML via an...
Cross-site scripting (XSS) vulnerability in db2www CGI interpreter in IBM Net.Data 7 and 7.2 allows remote attackers to inject arbitrary web script or HTML via a macro filename, which is not properly handled by...
Cross-site scripting (XSS) vulnerability in icq.cgi in Board Power 2.04PF allows remote attackers to inject arbitrary web script or HTML via the action parameter. Date published : 2005-02-13 http://www.securityfocus.com/bid/10734 http://www.kb.cert.org/vuls/id/744590
Multiple heap-based buffer overflows in the modpow function in PuTTY before 0.55 allow (1) remote attackers to execute arbitrary code via an SSH2 packet with a base argument that is larger than the mod...
Buffer overflow in BlackJumboDog 3.x allows remote attackers to execute arbitrary code via long FTP commands such as (1) USER, (2) PASS, (3) RETR,(4) CWD, (5) XMKD, and (6) XRMD. Date published : 2005-02-13...
The mod_authz_svn Apache module for Subversion 1.0.4-r1 and earlier allows remote authenticated users, with write access to the repository, to read unauthorized parts of the repository via the svn copy command. Date published :...
Multiple buffer overflows in the digest authentication functionality in Pavuk 0.9.28-r2 and earlier allow remote attackers to execute arbitrary code. Date published : 2005-02-13 http://www.securityfocus.com/bid/10797 http://www.gentoo.org/security/en/glsa/glsa-200407-19.xml
The Transaction Language 1 (TL1) login interface in Cisco ONS 15327 4.6(0) and 4.6(1) and 15454 and 15454 SDH 4.6(0) and 4.6(1), when a user account is configured with a blank password, allows remote...
Multiple versions of Cisco ONS 15327, ONS 15454, and ONS 15454 SDH, including 4.6(0) and 4.6(1), 4.5(x), 4.1(0) to 4.1(3), 4.0(0) to 4.0(2), and earlier versions, allows remote attackers to cause a denial of...