Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0779 | 1 Digium | 1 Asterisk | 2008-09-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the Call Detail Record (CDR) logging functionality for Asterisk allows remote attackers to execute arbitrary SQL via a CallerID string. | |||||
| CVE-2003-0654 | 1 Autorespond | 1 Autorespond | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in autorespond may allow remote attackers to execute arbitrary code as the autorespond user via qmail. | |||||
| CVE-2003-0671 | 1 Jeremy Elson | 1 Tcpflow | 2008-09-10 | 7.2 HIGH | N/A |
| Format string vulnerability in tcpflow, when used in a setuid context, allows local users to execute arbitrary code via the device name argument, as demonstrated in Sustworks IPNetSentryX and IPNetMonitorX the setuid program RunTCPFlow. | |||||
| CVE-2003-0697 | 1 Ibm | 1 Aix | 2008-09-10 | 7.2 HIGH | N/A |
| Format string vulnerability in lpd in the bos.rte.printers fileset for AIX 4.3 through 5.2, with debug enabled, allows local users to cause a denial of service (crash) or gain root privileges. | |||||
| CVE-2003-0776 | 1 Sane | 2 Sane, Sane-backend | 2008-09-10 | 7.5 HIGH | N/A |
| saned in sane-backends 1.0.7 and earlier does not properly "check the validity of the RPC numbers it gets before getting the parameters," with unknown consequences. | |||||
| CVE-2003-0902 | 1 Minimalist | 1 Minimalist | 2008-09-10 | 7.5 HIGH | N/A |
| Unknown vulnerability in minimalist mailing list manager 2.4, 2.2, and possibly other versions, allows remote attackers to execute arbitrary commands. | |||||
| CVE-2003-0933 | 1 Conquest | 1 Conquest | 2008-09-10 | 4.6 MEDIUM | N/A |
| Buffer overflow in conquest 7.2 and earlier may allow a local user to execute arbitrary code via a long environment variable. | |||||
| CVE-2003-0689 | 1 Redhat | 1 Enterprise Linux | 2008-09-10 | 7.5 HIGH | N/A |
| The getgrouplist function in GNU libc (glibc) 2.2.4 and earlier allows attackers to cause a denial of service (segmentation fault) and execute arbitrary code when a user is a member of a large number of groups, which can cause a buffer overflow. | |||||
| CVE-2003-0672 | 1 Leon J Breedt | 1 Pam-pgsql | 2008-09-10 | 7.5 HIGH | N/A |
| Format string vulnerability in pam-pgsql 0.5.2 and earlier allows remote attackers to execute arbitrary code via the username that isp rovided during authentication, which is not properly handled when recording a log message. | |||||
| CVE-2003-0706 | 1 Nicolas Boullis | 1 Mah-jong | 2008-09-10 | 5.0 MEDIUM | N/A |
| Unknown vulnerability in mah-jong 1.5.6 and earlier allows remote attackers to cause a denial of service (tight loop). | |||||
| CVE-2003-0784 | 1 Ibm | 1 Aix | 2008-09-10 | 10.0 HIGH | N/A |
| Format string vulnerability in tsm for the bos.rte.security fileset on AIX 5.2 allows remote attackers to gain root privileges via login, and local users to gain privileges via login, su, or passwd, with a username that contains format string specifiers. | |||||
| CVE-2003-0753 | 1 Newsphp | 1 Newsphp | 2008-09-10 | 5.0 MEDIUM | N/A |
| nphpd.php in newsPHP 216 and earlier allows remote attackers to read arbitrary files via a full pathname to the target file in the nphp_config[LangFile] parameter. | |||||
| CVE-2003-0705 | 1 Nicolas Boullis | 1 Mah-jong | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in mah-jong 1.5.6 and earlier allows remote attackers to execute arbitrary code. | |||||
| CVE-2003-0610 | 1 Mcafee | 1 Epolicy Orchestrator | 2008-09-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in ePO agent for McAfee ePolicy Orchestrator 3.0 allows remote attackers to read arbitrary files via a certain HTTP request. | |||||
| CVE-2003-0516 | 1 Gert Doering | 1 Mgetty | 2008-09-10 | 7.5 HIGH | N/A |
| cnd.c in mgetty 1.1.28 and earlier does not properly filter non-printable characters and quotes, which may allow remote attackers to execute arbitrary commands via shell metacharacters in (1) caller ID or (2) caller name strings. | |||||
| CVE-2003-0606 | 2 Cvsup, Sup | 2 Cvsup-mirror, Sup | 2008-09-10 | 4.6 MEDIUM | N/A |
| sup 1.8 and earlier does not properly create temporary files, which allows local users to overwrite arbitrary files. | |||||
| CVE-2003-0515 | 1 Teapop | 1 Teapop | 2008-09-10 | 7.5 HIGH | N/A |
| SQL injection vulnerabilities in the (1) PostgreSQL or (2) MySQL authentication modules for teapop 0.3.5 and earlier allow attackers to execute arbitrary SQL and possibly gain privileges. | |||||
| CVE-2003-0574 | 1 Sgi | 1 Irix | 2008-09-10 | 7.2 HIGH | N/A |
| Unknown vulnerability in SGI IRIX 6.5.x through 6.5.20, and possibly earlier versions, allows local users to cause a core dump in scheme and possibly gain privileges via certain environment variables, a different vulnerability than CVE-2001-0797 and CVE-1999-0028. | |||||
| CVE-2003-0450 | 1 Cistron | 1 Radius Daemon | 2008-09-10 | 7.5 HIGH | N/A |
| Cistron RADIUS daemon (radiusd-cistron) 1.6.6 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a large value in an NAS-Port attribute, which is interpreted as a negative number and causes a buffer overflow. | |||||
| CVE-2003-0577 | 1 Mpg123 | 1 Mpg123 | 2008-09-10 | 7.5 HIGH | N/A |
| mpg123 0.59r allows remote attackers to cause a denial of service and possibly execute arbitrary code via an MP3 file with a zero bitrate, which creates a negative frame size. | |||||