|
313601
|
4.6 |
MEDIUM
|
redhat
|
enterprise_linux
|
The (1) ipq_read and (2) ipulog_read functions in iptables allow local users to cause a denial of service by sending spoofed messages as other users to the kernel netlink interface.
|
CWE-264
認可・権限・アクセス制御
|
CVE-2003-0857
|
2008-09-6 05:35 |
2003-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313602
|
2.1 |
LOW
|
sco
|
openserver
|
Certain scripts in OpenServer before 5.0.6 allow local users to overwrite files and conduct other unauthorized activities via a symlink attack on temporary files.
|
NVD-CWE-Other
|
CVE-2003-0872
|
2008-09-6 05:35 |
2003-11-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313603
|
2.1 |
LOW
|
apple
|
mac_os_x
|
slpd daemon in Mac OS X before 10.3 allows local users to overwrite arbitrary files via a symlink attack on a temporary file, a different vulnerability than CVE-2003-0875.
|
NVD-CWE-Other
|
CVE-2003-0878
|
2008-09-6 05:35 |
2003-11-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313604
|
4.6 |
MEDIUM
|
apple
|
mac_os_x
|
Unknown vulnerability in Mac OS X before 10.3 allows local users to access Dock functions from behind Screen Effects when Full Keyboard Access is enabled using the Keyboard pane in System Preferences.
|
NVD-CWE-Other
|
CVE-2003-0880
|
2008-09-6 05:35 |
2003-11-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313605
|
7.5 |
HIGH
|
apple
|
mac_os_x
|
Mail in Mac OS X before 10.3, when configured to use MD5 Challenge Response, uses plaintext authentication if the CRAM-MD5 hashed login fails, which could allow remote attackers to gain privileges by…
|
NVD-CWE-Other
|
CVE-2003-0881
|
2008-09-6 05:35 |
2003-11-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313606
|
5.0 |
MEDIUM
|
apple
|
mac_os_x
|
Mac OS X before 10.3 initializes the TCP timestamp with a constant number, which allows remote attackers to determine the system's uptime via the ID field in a TCP packet.
|
NVD-CWE-Other
|
CVE-2003-0882
|
2008-09-6 05:35 |
2003-11-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313607
|
4.6 |
MEDIUM
|
apple
|
mac_os_x
|
The System Preferences capability in Mac OS X before 10.3 allows local users to access secure Preference Panes for a short period after an administrator has authenticated to the system.
|
NVD-CWE-Other
|
CVE-2003-0883
|
2008-09-6 05:35 |
2003-11-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313608
|
6.4 |
MEDIUM
|
xscreensaver
|
xscreensaver
|
Xscreensaver 4.14 contains certain debugging code that should have been omitted, which causes Xscreensaver to create temporary files insecurely in the (1) apple2, (2) xanalogtv, and (3) pong screensa…
|
NVD-CWE-Other
|
CVE-2003-0885
|
2008-09-6 05:35 |
2003-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313609
|
2.1 |
LOW
|
angus_mackay
|
ez-ipupdate
|
ez-ipupdate 3.0.11b7 and earlier creates insecure temporary cache files, which allows local users to conduct unauthorized operations via a symlink attack on the ez-ipupdate.cache file.
|
NVD-CWE-Other
|
CVE-2003-0887
|
2008-09-6 05:35 |
2003-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313610
|
5.0 |
MEDIUM
|
larry_wall
|
perl
|
Perl 5.8.1 on Fedora Core does not properly initialize the random number generator when forking, which makes it easier for attackers to predict random numbers.
|
NVD-CWE-Other
|
CVE-2003-0900
|
2008-09-6 05:35 |
2003-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313611
|
7.5 |
HIGH
|
postgresql
|
postgresql
|
Buffer overflow in to_ascii for PostgreSQL 7.2.x, and 7.3.x before 7.3.4, allows remote attackers to execute arbitrary code.
|
NVD-CWE-Other
|
CVE-2003-0901
|
2008-09-6 05:35 |
2003-11-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313612
|
7.5 |
HIGH
|
sap
|
sap_db
|
eo420_GetStringFromVarPart in veo420.c for SAP database server (SAP DB) 7.4.03.27 and earlier may allow remote attackers to execute arbitrary code via a connect packet with a 256 byte segment to the …
|
NVD-CWE-Other
|
CVE-2003-0939
|
2008-09-6 05:35 |
2003-12-15 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313613
|
5.0 |
MEDIUM
|
sap
|
sap_db
|
Directory traversal vulnerability in sqlfopenc for web-tools in SAP DB before 7.4.03.30 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a URL.
|
NVD-CWE-Other
|
CVE-2003-0940
|
2008-09-6 05:35 |
2003-12-15 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313614
|
7.5 |
HIGH
|
sap
|
sap_db
|
web-tools in SAP DB before 7.4.03.30 allows remote attackers to access the Web Agent Administration pages and modify configuration via a direct request to waadmin.wa.
|
NVD-CWE-Other
|
CVE-2003-0941
|
2008-09-6 05:35 |
2003-12-15 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313615
|
7.5 |
HIGH
|
sap
|
sap_db
|
Buffer overflow in Web Agent Administration service in web-tools for SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a long Name parameter to waadmin.wa.
|
NVD-CWE-Other
|
CVE-2003-0942
|
2008-09-6 05:35 |
2003-12-15 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313616
|
7.5 |
HIGH
|
sap
|
sap_db
|
web-tools in SAP DB before 7.4.03.30 installs several services that are enabled by default, which could allow remote attackers to obtain potentially sensitive information or redirect attacks against …
|
NVD-CWE-Other
|
CVE-2003-0943
|
2008-09-6 05:35 |
2003-12-15 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313617
|
7.5 |
HIGH
|
sap
|
sap_db
|
Buffer overflow in the WAECHO default service in web-tools in SAP DB before 7.4.03.30 allows remote attackers to execute arbitrary code via a URL with a long requestURI.
|
NVD-CWE-Other
|
CVE-2003-0944
|
2008-09-6 05:35 |
2003-12-15 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313618
|
7.2 |
HIGH
|
wireless_tools
|
wireless_tools
|
Buffer overflow in iwconfig allows local users to execute arbitrary code via a long HOME environment variable.
|
NVD-CWE-Other
|
CVE-2003-0948
|
2008-09-6 05:35 |
2003-12-15 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313619
|
7.2 |
HIGH
|
ibm
|
aix
|
Buffer overflow in rcp for AIX 4.3.3, 5.1 and 5.2 allows local users to gain privileges.
|
NVD-CWE-Other
|
CVE-2003-0954
|
2008-09-6 05:35 |
2003-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313620
|
5.0 |
MEDIUM
|
sun
|
sun_fire
|
The Network Management Port on Sun Fire B1600 systems allows remote attackers to cause a denial of service (packet loss) via ARP packets, which cause all ports to become temporarily disabled.
|
NVD-CWE-Other
|
CVE-2003-0970
|
2008-09-6 05:35 |
2003-12-15 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313621
|
4.3 |
MEDIUM
|
-
|
-
|
Cross-site scripting (XSS) vulnerability in register.php for vBulletin 3.0 Beta 2 allows remote attackers to inject arbitrary HTML or web script via optional fields such as (1) "Interests-Hobbies", (…
|
NVD-CWE-Other
|
CVE-2003-1031
|
2008-09-6 05:35 |
2004-02-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313622
|
5.0 |
MEDIUM
|
mod_access_referer
|
mod_access_referer
|
mod_access_referer 1.0.2 allows remote attackers to cause a denial of service (crash) via a malformed Referer header that is missing a hostname, as parsed by the ap_parse_uri_components function in A…
|
NVD-CWE-Other
|
CVE-2003-1054
|
2008-09-6 05:35 |
2003-04-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313623
|
5.0 |
MEDIUM
|
fourelle_venturi_wireless
|
venturi_client
|
Venturi Client before 2.2, as used in certain Fourelle and Venturi Wireless products, can be used as an open proxy for various protocols, including an open relay for SMTP, which allows it to be abuse…
|
NVD-CWE-Other
|
CVE-2003-0316
|
2008-09-6 05:34 |
2003-06-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313624
|
5.0 |
MEDIUM
|
colten_edwards
|
bitchx
|
Integer overflow in BitchX IRC client 1.0-0c19 and earlier allows remote malicious IRC servers to cause a denial of service (crash).
|
NVD-CWE-Other
|
CVE-2003-0322
|
2008-09-6 05:34 |
2003-06-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313625
|
7.5 |
HIGH
|
epic
|
epic4
|
EPIC IRC Client (EPIC4) pre2.002, pre2.003, and possibly later versions, allows remote malicious IRC servers to cause a denial of service (crash) and possibly execute arbitrary code via a CTCP reques…
|
NVD-CWE-Other
|
CVE-2003-0328
|
2008-09-6 05:34 |
2003-06-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313626
|
7.5 |
HIGH
|
demarc_security
|
puresecure
|
Demarc Puresecure 1.6 stores authentication information for the logging server in plaintext, which allows attackers to steal login names and passwords to gain privileges.
|
NVD-CWE-Other
|
CVE-2003-0340
|
2008-09-6 05:34 |
2003-05-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313627
|
5.0 |
MEDIUM
|
apple
kde
|
safari
konqueror_embedded
|
Safari 1.0 Beta 2 (v73) and earlier does not validate the Common Name (CN) field for X.509 Certificates, which could allow remote attackers to spoof certificates.
|
NVD-CWE-Other
|
CVE-2003-0355
|
2008-09-6 05:34 |
2003-06-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313628
|
4.6 |
MEDIUM
|
stichting_mathematisch_centrum
|
nethack
|
nethack 3.4.0 and earlier installs certain setgid binaries with insecure permissions, which allows local users to gain privileges by replacing the original binaries with malicious code.
|
NVD-CWE-Other
|
CVE-2003-0359
|
2008-09-6 05:34 |
2003-07-24 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313629
|
7.5 |
HIGH
|
debian
|
debian_linux
|
Multiple buffer overflows in gPS before 1.0.0 allow attackers to cause a denial of service and possibly execute arbitrary code.
|
NVD-CWE-Other
|
CVE-2003-0360
|
2008-09-6 05:34 |
2003-06-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313630
|
7.5 |
HIGH
|
debian
|
debian_linux
|
gPS before 1.1.0 does not properly follow the rgpsp connection source acceptation policy as specified in the rgpsp.conf file, which could allow unauthorized remote attackers to connect to rgpsp.
|
NVD-CWE-Other
|
CVE-2003-0361
|
2008-09-6 05:34 |
2003-06-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313631
|
5.0 |
MEDIUM
|
debian
|
debian_linux
|
Buffer overflow in gPS before 0.10.2 may allow local users to cause a denial of service (SIGSEGV) in rgpsp via long command lines.
|
NVD-CWE-Other
|
CVE-2003-0362
|
2008-09-6 05:34 |
2003-06-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313632
|
7.5 |
HIGH
|
licq
|
licq
|
Format string vulnerability in LICQ 1.2.6, 1.0.3 and possibly other versions allows remote attackers to perform unknown actions via format string specifiers.
|
NVD-CWE-Other
|
CVE-2003-0363
|
2008-09-6 05:34 |
2003-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313633
|
5.0 |
MEDIUM
|
lysator
|
lyskom-server
|
lyskom-server 2.0.7 and earlier allows unauthenticated users to cause a denial of service (CPU consumption) via a large query.
|
NVD-CWE-Other
|
CVE-2003-0366
|
2008-09-6 05:34 |
2003-07-24 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313634
|
7.5 |
HIGH
|
apple
|
mac_os_x
|
The Kerberos login authentication feature in Mac OS X, when used with an LDAPv3 server and LDAP bind authentication, may send cleartext passwords to the LDAP server when the AuthenticationAuthority a…
|
NVD-CWE-Other
|
CVE-2003-0378
|
2008-09-6 05:34 |
2003-06-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313635
|
7.5 |
HIGH
|
atftpd
|
atftpd
|
Buffer overflow in atftp daemon (atftpd) 0.6.1 and earlier, and possibly later versions, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long fi…
|
NVD-CWE-Other
|
CVE-2003-0380
|
2008-09-6 05:34 |
2003-07-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313636
|
2.1 |
LOW
|
norman_ramsey
|
noweb
|
Multiple vulnerabilities in noweb 2.9 and earlier creates temporary files insecurely, which allows local users to overwrite arbitrary files via multiple vectors including the noroff script.
|
NVD-CWE-Other
|
CVE-2003-0381
|
2008-09-6 05:34 |
2003-07-24 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313637
|
4.3 |
MEDIUM
|
rsa
|
ace_agent
|
Cross-site scripting (XSS) vulnerability in the secure redirect function of RSA ACE/Agent 5.0 for Windows, and 5.x for Web, allows remote attackers to insert arbitrary web script and possibly cause u…
|
NVD-CWE-Other
|
CVE-2003-0389
|
2008-09-6 05:34 |
2003-07-24 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313638
|
5.0 |
MEDIUM
|
smc_networks
|
barricade_wireless_cable_dsl_broadband_router
|
SMC Networks Barricade Wireless Cable/DSL Broadband Router SMC7004VWBR allows remote attackers to cause a denial of service via certain packets to PPTP port 1723 on the internal interface.
|
NVD-CWE-Other
|
CVE-2003-0419
|
2008-09-6 05:34 |
2003-07-24 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313639
|
10.0 |
HIGH
|
apple
|
darwin_streaming_server
|
Apple QuickTime / Darwin Streaming Server before 4.1.3f allows remote attackers to cause a denial of service (crash) via an MS-DOS device name (e.g. AUX) in a request to HTTP port 1220, a different v…
|
NVD-CWE-Other
|
CVE-2003-0421
|
2008-09-6 05:34 |
2003-08-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313640
|
10.0 |
HIGH
|
apple
|
darwin_streaming_server
|
The installation of Apple QuickTime / Darwin Streaming Server before 4.1.3f starts the administration server with a "Setup Assistant" page that allows remote attackers to set the administrator passwo…
|
NVD-CWE-Other
|
CVE-2003-0426
|
2008-09-6 05:34 |
2003-08-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313641
|
7.5 |
HIGH
|
gnocatan-develop
|
gnocatan
|
Multiple buffer overflows in gnocatan 0.6.1 and earlier allow attackers to execute arbitrary code.
|
NVD-CWE-Other
|
CVE-2003-0433
|
2008-09-6 05:34 |
2003-07-24 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313642
|
1.2 |
LOW
|
yuuichi_teranishi
|
eldav
|
eldav WebDAV client for Emacs, version 0.7.2 and earlier, allows local users to create or overwrite arbitrary files via a symlink attack on temporary files.
|
NVD-CWE-Other
|
CVE-2003-0438
|
2008-09-6 05:34 |
2003-07-24 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313643
|
7.5 |
HIGH
|
webfs
|
webfs
|
Buffer overflow in webfs before 1.17.1 allows remote attackers to execute arbitrary code via an HTTP request with a long Request-URI.
|
NVD-CWE-Other
|
CVE-2003-0445
|
2008-09-6 05:34 |
2003-07-24 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313644
|
4.6 |
MEDIUM
|
xblockout
|
xbl
|
Multiple buffer overflows in xbl before 1.0k allow local users to gain privileges via certain long command line arguments.
|
NVD-CWE-Other
|
CVE-2003-0451
|
2008-09-6 05:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313645
|
4.6 |
MEDIUM
|
gunnar_ritter
|
osh
|
Buffer overflows in osh before 1.7-11 allow local users to execute arbitrary code and bypass shell restrictions via (1) long environment variables or (2) long "file redirections."
|
NVD-CWE-Other
|
CVE-2003-0452
|
2008-09-6 05:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313646
|
7.2 |
HIGH
|
joe_rumsey
|
xgalaga
|
Multiple buffer overflows in xgalaga 2.0.34 and earlier allow local users to gain privileges via a long HOME environment variable.
|
NVD-CWE-Other
|
CVE-2003-0454
|
2008-09-6 05:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313647
|
4.6 |
MEDIUM
|
hp
|
nonstop_seeview_server_gateway
|
Unknown vulnerability in HP NonStop Server D40.00 through D48.03, and G01.00 through G06.20, allows local users to gain additional privileges.
|
NVD-CWE-Other
|
CVE-2003-0458
|
2008-09-6 05:34 |
2003-08-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313648
|
7.2 |
HIGH
|
michael_c._toren
|
tcptraceroute
|
tcptraceroute 1.4 and earlier does not fully drop privileges after obtaining a file descriptor for capturing packets, which may allow local users to gain access to the descriptor via a separate vulne…
|
NVD-CWE-Other
|
CVE-2003-0489
|
2008-09-6 05:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313649
|
10.0 |
HIGH
|
proftpd_project
|
proftpd
|
SQL injection vulnerability in the PostgreSQL authentication module (mod_sql_postgres) for ProFTPD before 1.2.9rc1 allows remote attackers to execute arbitrary SQL and gain privileges by bypassing au…
|
NVD-CWE-Other
|
CVE-2003-0500
|
2008-09-6 05:34 |
2003-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
313650
|
7.5 |
HIGH
|
apple
|
safari
|
Apple Safari allows remote attackers to bypass intended cookie access restrictions on a web application via "%2e%2e" (encoded dot dot) directory traversal sequences in a URL, which causes Safari to s…
|
NVD-CWE-Other
|
CVE-2003-0514
|
2008-09-6 05:34 |
2004-04-15 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
