| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| FormMail CGI program allows remote execution of commands. |
| FormMail CGI program can be used by web servers other than the host server that the program resides on. |
| The view-source CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
| Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections containing malformed data, aka the "Named Pipes Over RPC" vulnerability. |
| The convert.bas program in the Novell web server allows a remote attackers to read any file on the system that is internally accessible by the web server. |
| The Webgais program allows a remote user to execute arbitrary commands. |
| The uploader program in the WebSite web server allows a remote attacker to execute arbitrary programs. |
| Buffer overflow in the win-c-sample program (win-c-sample.exe) in the WebSite web server 1.1e allows remote attackers to execute arbitrary code via a long query string. |
| The wall daemon can be used for denial of service, social engineering attacks, or to execute remote commands. |
| Buffer overflow in OSF Distributed Computing Environment (DCE) security demon (secd) in IRIX 6.4 and earlier allows attackers to cause a denial of service via a long principal, group, or organization. |
| Samba has a buffer overflow which allows a remote attacker to obtain root access by specifying a long password. |
| Linux implementations of TFTP would allow access to files outside the restricted directory. |
| Windows NT 4.0 allows remote attackers to cause a denial of service (crash) via extra source routing data such as (1) a Routing Information Field (RIF) field with a hop count greater than 7, or (2) a list containing duplicate Token Ring IDs. |
| Directory traversal vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to read arbitrary files via a .. (dot dot) attack in an HTTPS request to the enrollment server. |
| When compiled with the -DALLOW_UPDATES option, bind allows dynamic updates to the DNS server, allowing for malicious modification of DNS records. |
| Vulnerability in VUE 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4994 and PHSS_5438. |
| In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution. |
| In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters. |
| Solaris rpcbind can be exploited to overwrite arbitrary files and gain root access. |
| IIS newdsn.exe CGI script allows remote users to overwrite files. |
