| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| By design, the "established" command on the Cisco PIX firewall allows connections from one host to arbitrary ports of a target host if an alternative conduit has already been allowed, which can cause administrators to configure less restrictive access controls than intended if they do not understand this functionality. |
| Axis 700 Network Scanner does not properly restrict access to administrator URLs, which allows users to bypass the password protection via a .. (dot dot) attack. |
| Ipswitch Imail 6.0 allows remote attackers to cause a denial of service via a large number of connections in which a long Host: header is sent, which causes a thread to crash. |
| snmpd in SCO OpenServer has an SNMP community string that is writable by default, which allows local attackers to modify the host's configuration. |
| Microsoft Internet Security and Acceleration (ISA) Server 2004 allows remote attackers to bypass file extension filters via a request with a trailing "#" character. NOTE: as of 20060715, this could not be reproduced by third parties. |
| Directory traversal vulnerability in WebSPIRS 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the sp.nextform parameter. |
| The BSD profil system call allows a local user to modify the internal data space of a program via profiling and execve. |
| Zeus web server allows remote attackers to view the source code for CGI programs via a null character (%00) at the end of a URL. |
| Buffer overflow in ddicgi.exe program in Mobius DocumentDirect for the Internet 1.2 allows remote attackers to execute arbitrary commands via a long GET request. |
| Unspecified vulnerability in mso.dll in Microsoft PowerPoint 2003 allows user-assisted attackers to execute arbitrary code via a crafted PowerPoint file. NOTE: due to the lack of available details as of 20060717, it is unclear how this is related to CVE-2006-3656, CVE-2006-3660, and CVE-2006-3590, although it is possible that they are all different. |
| Check Point FireWall-1 can be subjected to a denial of service via UDP packets that are sent through VPN-1 to port 0 of a host. |
| sdtcm_convert in Solaris 2.6 allows a local user to overwrite sensitive files via a symlink attack. |
| The WebRamp web administration utility has a default password. |
| The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attacker to install software components without prompting the user by stating that the software's manufacturer is Microsoft. |
| The Delegate application proxy has several buffer overflows which allow a remote attacker to execute commands. |
| Unspecified vulnerability in Microsoft PowerPoint 2003 allows user-assisted attackers to cause memory corruption via a crafted PowerPoint file, which triggers the corruption when the file is closed. NOTE: due to the lack of available details as of 20060717, it is unclear how this is related to CVE-2006-3655, CVE-2006-3660, and CVE-2006-3590, although it is possible that they are all different. |
| Buffer overflow in hybrid-6 IRC server commonly used on EFnet allows remote attackers to execute commands via m_invite invite option. |
| Buffer overflow in the InterAccess telnet server TelnetD allows remote attackers to execute commands via a long login name. |
| Buffer overflow in Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service or execute commands via a long username. |
| IIS does not properly canonicalize URLs, potentially allowing remote attackers to bypass access restrictions in third-party software via escape characters, aka the "Escape Character Parsing" vulnerability. |
