CVE-2002-2393
Serv-U FTP server 3.0, 3.1 and 4.0.0.4 does not accept new connections while validating user folder access rights, which allows remote attackers to cause a denial of service (no new connections) via a series...
Serv-U FTP server 3.0, 3.1 and 4.0.0.4 does not accept new connections while validating user folder access rights, which allows remote attackers to cause a denial of service (no new connections) via a series...
Winamp 2.65 through 3.0 stores skin files in a predictable file location, which allows remote attackers to execute arbitrary code via a URL reference to (1) wsz and (2) wal files that contain embedded...
SQL injection vulnerability in index.php of WebChat 1.5 included in XOOPS 1.0 allows remote attackers to execute arbitrary SQL commands via the roomid parameter. Date published : 2007-10-31 http://www.securityfocus.com/bid/6165 http://archives.neohapsis.com/archives/bugtraq/2002-11/0136.html
Buffer overflow in the IDENT daemon (identd) in Trillian 0.6351, 0.725, 0.73, 0.74 and 1.0 pro allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long...
TheServer 1.74 web server stores server.ini under the web document root with insufficient access control, which allows remote attackers to obtain cleartext passwords and gain access to server log files. Date published : 2007-10-31...
Buffer overflow in INweb POP3 mail server 2.01 allows remote attackers to cause a denial of service (crash) via a long HELO command. Date published : 2007-10-31 http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0070.html http://www.iss.net/security_center/static/10601.php
Directory traversal vulnerability in Hyperion FTP server 2.8.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the LS command. Date published : 2007-10-31 http://www.mollensoft.com/news.htm http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0069.html
Cross-site scripting (XSS) vulnerability in the Quizz module for XOOPS 1.0, when allowing on-line question development, allows remote attackers to inject arbitrary web script or HTML via a javascript: URL in the SRC attribute...
Buffer overflow in hotfoon4.exe in Hotfoon 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL containing a long voice phone number. Date published :...
hotfoon4.exe in Hotfoon 4.00 stores user names and passwords in cleartext in the hotfoon2 registry key, which allows local users to gain access to user accounts and steal phone service. Date published : 2007-10-31...
SQL injection vulnerability in f2html.pl 0.1 through 0.4 allows remote attackers to execute arbitrary SQL commands via file names. Date published : 2007-10-31 http://www.securityfocus.com/bid/5123 https://exchange.xforce.ibmcloud.com/vulnerabilities/9596
cvsupd.sh in CVSup 1.2 allows local users to overwrite arbitrary files and gain privileges via a symlink attack on /var/tmp/cvsupd.out. Date published : 2007-10-31 http://www.securityfocus.com/bid/6150 http://archives.neohapsis.com/archives/freebsd/2002-11/0011.html
Multiple buffer overflows in (1) tetrinet_inmessage, (2) speclist_add and (3) config-getthemeinfo of GTetrinet 0.4.3 and earlier allow remote attackers to casue a denial of service and possibly execute arbitrary code. Date published : 2007-10-31...
NetDSL ADSL Modem 800 with Microsoft Network firmware 5.5.11 allows remote attackers to gain access to configuration menus by sniffing undocumented usernames and passwords from network traffic. Date published : 2007-10-31 http://www.securityfocus.com/bid/6064 http://cert.uni-stuttgart.de/archive/bugtraq/2002/10/msg00416.html