| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Some classic Cisco IOS devices have a vulnerability in the PPP CHAP authentication to establish unauthorized PPP connections. |
| The Service Control Manager (SCM) in Windows 2000 creates predictable named pipes, which allows a local user with console access to gain administrator privileges, aka the "Service Control Manager Named Pipe Impersonation" vulnerability. |
| The "established" keyword in some Cisco IOS software allowed an attacker to bypass filtering. |
| A race condition in the Solaris ps command allows an attacker to overwrite critical files. |
| NFS cache poisoning. |
| WebShield SMTP 4.5 allows remote attackers to cause a denial of service by sending e-mail with a From: address that has a . (period) at the end, which causes WebShield to continuously send itself copies of the e-mail. |
| NFS allows users to use a "cd .." command to access other directories besides the exported file system. |
| In SunOS, NFS file handles could be guessed, giving unauthorized access to the exported file system. |
| Remote attackers can mount an NFS file system in Ultrix or OSF, even if it is denied on the access list. |
| Denial of service in syslog by sending it a large number of superfluous messages. |
| FormMail CGI program allows remote execution of commands. |
| FormMail CGI program can be used by web servers other than the host server that the program resides on. |
| The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
| Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections containing malformed data, aka the "Named Pipes Over RPC" vulnerability. |
| The convert.bas program in the Novell web server allows a remote attackers to read any file on the system that is internally accessible by the web server. |
| The Webgais program allows a remote user to execute arbitrary commands. |
| The uploader program in the WebSite web server allows a remote attacker to execute arbitrary programs. |
| Buffer overflow in the win-c-sample program (win-c-sample.exe) in the WebSite web server 1.1e allows remote attackers to execute arbitrary code via a long query string. |
| The wall daemon can be used for denial of service, social engineering attacks, or to execute remote commands. |
| Buffer overflow in OSF Distributed Computing Environment (DCE) security demon (secd) in IRIX 6.4 and earlier allows attackers to cause a denial of service via a long principal, group, or organization. |
