| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Buffer overflow in xlock program allows local users to execute commands as root. |
| Local user gains root privileges via buffer overflow in rdist, via lookup() function. |
| rpc.ypupdated (NIS) allows remote users to execute arbitrary commands. |
| Local user gains root privileges via buffer overflow in rdist, via expstr() function. |
| Delete or create a file via rpc.statd, due to invalid information. |
| Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems. |
| Buffer overflow in statd allows root privileges. |
| IBM Informix Dynamic Server (IDS) before 9.40.xC3 allows local users to (1) create or overwrite files via the /001 log file to onedcu or (2) read arbitrary files via a symlink attack on a file in /tmp to onshowaudit. |
| FTP servers can allow an attacker to connect to arbitrary ports on machines other than the FTP client, aka FTP bounce. |
| Inverse query buffer overflow in BIND 4.9 and BIND 8 Releases. |
| webdriver in IBM Informix Web DataBlade 4.12 allows remote attackers to bypass user access levels or read arbitrary files via a SQL injection attack in an HTTP request. |
| Command execution in Sun systems via buffer overflow in the at program. |
| Stack-based buffer overflow in ontape for IBM Informix Dynamic Server (IDS) 9.40.xC3 and earlier allows local users, with DSA privileges, to execute arbitrary code via a long ONCONFIG environment variable. |
| The default installation of Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, does not require authentication, which allows remote attackers to gain administrator privileges by connecting to TCP port 14247. |
| ICMP information such as (1) netmask and (2) timestamp is allowed from arbitrary hosts. |
| Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen. |
| Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin. |
| Directory traversal vulnerability in ifx CGI program in Informix Web DataBlade allows remote attackers to read arbitrary files via a .. (dot dot) in the LO parameter. |
| Cisco voice products, when running the IBM Director Agent on IBM servers before OS 2000.2.6, allows remote attackers to cause a denial of service (CPU consumption) via arbitrary packets to TCP port 14247, as demonstrated using port scanning. |
| mod_digest_apple for Apache 1.3.31 and 1.3.32 on Mac OS X Server does not properly verify the nonce of a client response, which allows remote attackers to replay credentials. |
