| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| ipfw and ip6fw in FreeBSD 4.2 and earlier allows remote attackers to bypass access restrictions by setting the ECE flag in a TCP packet, which makes the packet appear to be part of an established connection. |
| The administration module for Oracle Web Cache in Oracle9iAS (9i Application Suite) 9.0.2 allows remote attackers to cause a denial of service (crash) via (1) an HTTP GET request containing a ".." (dot dot) sequence, or (2) a malformed HTTP GET request with a chunked Transfer-Encoding with missing data. |
| Netopia R9100 router version 4.6 allows authenticated users to cause a denial of service by using the router's telnet program to connect to the router's IP address, which causes a crash. |
| Buffer overflow in gxnsapi6.dll NSAPI plugin of the Connector Module for Sun ONE Application Server before 6.5 allows remote attackers to execute arbitrary code via a long HTTP request URL. |
| Directory traversal vulnerability in Free Java Web Server 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
| Buffer overflow in Red-M 1050 (Bluetooth Access Point) management web interface allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long administration password. |
| GoodTech FTP server 3.0.1.2.1.0 and earlier allows remote attackers to cause a denial of service via a flood of connections to the server, which causes it to crash. |
| Red-M 1050 (Bluetooth Access Point) uses case insensitive passwords, which makes it easier for attackers to conduct a brute force guessing attack due to the smaller space of possible passwords. |
| Directory traversal vulnerability in LocalWEB2000 HTTP server allows remote attackers to read arbitrary commands via a .. (dot dot) attack in an HTTP GET request. |
| Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0). |
| The TFTP server for Red-M 1050 (Bluetooth Access Point) can not be disabled and makes it easier for remote attackers to crack the administration password via brute force methods. |
| The web management server for Red-M 1050 (Bluetooth Access Point) does not use session-based credentials to authenticate users, which allows attackers to connect to the server from the same IP address as a user who has already established a session. |
| Red-M 1050 (Bluetooth Access Point) publicizes its name, IP address, and other information in UDP packets to a broadcast address, which allows any system on the network to obtain potentially sensitive information about the Access Point device by monitoring UDP port 8887. |
| gnuserv before 3.12, as shipped with XEmacs, does not properly check the specified length of an X Windows MIT-MAGIC-COOKIE cookie, which allows remote attackers to execute arbitrary commands via a buffer overflow, or brute force authentication by using a short cookie length. |
| Buffer overflows in CTRLServer in XMail allows attackers to execute arbitrary commands via the cfgfileget or domaindel functions. |
| Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter. |
| The Orinoco driver (orinoco.c) in Linux kernel 2.6.13 and earlier does not properly clear memory from a previously used packet whose length is increased, which allows remote attackers to obtain sensitive information. |
| Buffer overflow in httpGets function in CUPS 1.1.5 allows remote attackers to execute arbitrary commands via a long input line. |
| Red-M 1050 (Bluetooth Access Point) PPP server allows bonded users to cause a denial of service and possibly execute arbitrary code via a long user name. |
| sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking. |
