|
363401
|
2.1 |
LOW
|
sun
|
solaris
|
Unspecified vulnerability in the "tl" driver in Solaris 10 allows local users to cause a denial of service (panic) via unknown vectors.
|
NVD-CWE-Other
|
CVE-2005-3001
|
2011-03-8 11:25 |
2005-09-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363402
|
5.0 |
MEDIUM
|
xclusive-software
|
mccs
|
Multi-Computer Control System (MCCS) 1.0 allows remote attackers to cause a denial of service via a malformed UDP packet.
|
NVD-CWE-Other
|
CVE-2005-3002
|
2011-03-8 11:25 |
2005-09-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363403
|
7.5 |
HIGH
|
usermin webmin
|
usermin webmin
|
miniserv.pl in Webmin before 1.230 and Usermin before 1.160, when "full PAM conversations" is enabled, allows remote attackers to bypass authentication by spoofing session IDs via certain metacharact…
|
NVD-CWE-Other
|
CVE-2005-3042
|
2011-03-8 11:25 |
2005-09-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363404
|
4.3 |
MEDIUM
|
scriptsolutions
|
perldiver
|
Cross-site scripting (XSS) vulnerability in perldiver.pl in PerlDiver 1.x allows remote attackers to inject arbitrary web script or HTML via the query string. NOTE: this issue was originally dispute…
|
NVD-CWE-Other
|
CVE-2005-3066
|
2011-03-8 11:25 |
2005-09-28 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363405
|
4.3 |
MEDIUM
|
scriptsolutions
|
perldiver
|
Cross-site scripting (XSS) vulnerability in perldiver.cgi in PerlDiver 2.x allows remote attackers to inject arbitrary web script or HTML via the module parameter.
|
NVD-CWE-Other
|
CVE-2005-3067
|
2011-03-8 11:25 |
2005-09-28 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363406
|
4.6 |
MEDIUM
|
qualcomm
|
qpopper
|
poppassd in Qualcomm qpopper 4.0.8 allows local users to modify arbitrary files and gain privileges via the -t (trace file) command line argument.
|
NVD-CWE-Other
|
CVE-2005-3098
|
2011-03-8 11:25 |
2005-09-29 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363407
|
7.5 |
HIGH
|
william_stearns
|
mason
|
Mason before 1.0.0 does not install the init script after the user uses Mason to configure a firewall, which causes the system to run without a firewall after a reboot.
|
NVD-CWE-Other
|
CVE-2005-3118
|
2011-03-8 11:25 |
2005-10-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363408
|
5.0 |
MEDIUM
|
gnu
|
gnump3d
|
Directory traversal vulnerability in GNUMP3D before 2.9.6 allows remote attackers to read arbitrary files via crafted sequences such as "/.//..//////././", which is collapsed into "/.././" after ".."…
|
NVD-CWE-Other
|
CVE-2005-3123
|
2011-03-8 11:25 |
2005-10-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363409
|
2.1 |
LOW
|
acme_labs
|
thttpd
|
syslogtocern in Acme thttpd before 2.23 allows local users to write arbitrary files via a symlink attack on a temporary file.
|
NVD-CWE-Other
|
CVE-2005-3124
|
2011-03-8 11:25 |
2005-11-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363410
|
4.6 |
MEDIUM
|
uim
|
uim
|
Uim 0.4.x before 0.4.9.1 and 0.5.0 and earlier does not properly handle the LIBUIM_VANILLA environment variable when a suid or sgid application is linked to libuim, such as immodule for Qt, which all…
|
NVD-CWE-Other
|
CVE-2005-3149
|
2011-03-8 11:25 |
2005-10-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363411
|
5.0 |
MEDIUM
|
bluecoat
|
winproxy
|
The listening daemon in Blue Coat Systems Inc. WinProxy before 6.1a allows remote attackers to cause a denial of service (crash) via a long HTTP request that causes an out-of-bounds read.
|
NVD-CWE-Other
|
CVE-2005-3187
|
2011-03-8 11:25 |
2005-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363412
|
5.0 |
MEDIUM
|
qualcomm
|
worldmail_imap_server
|
Directory traversal vulnerability in Qualcomm WorldMail IMAP Server allows remote attackers to read arbitrary email messages via ".." sequences in the SELECT command.
|
NVD-CWE-Other
|
CVE-2005-3189
|
2011-03-8 11:25 |
2005-11-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363413
|
9.3 |
HIGH
|
nullsoft
|
winamp
|
Buffer overflow in Winamp 5.03a, 5.09 and 5.091, and other versions before 5.094, allows remote attackers to execute arbitrary code via an MP3 file with a long ID3v2 tag such as (1) ARTIST or (2) TIT…
|
CWE-119
バッファエラー
|
CVE-2005-2310
|
2011-03-8 11:24 |
2005-07-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363414
|
7.5 |
HIGH
|
phpsftpd
|
phpsftpd
|
inc.login.php in PHPsFTPd 0.2 through 0.4 allows remote attackers to obtain the administrator's username and password by setting the do_login parameter and performing an edit action using user.php, w…
|
NVD-CWE-Other
|
CVE-2005-2314
|
2011-03-8 11:24 |
2005-07-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363415
|
7.8 |
HIGH
|
rim
|
blackberry_enterprise_server blackberry_router
|
Research in Motion (RIM) BlackBerry Router allows remote attackers to cause a denial of service (communication disruption) via crafted Server Routing Protocol (SRP) packets.
|
NVD-CWE-Other
|
CVE-2005-2342
|
2011-03-8 11:24 |
2005-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363416
|
2.6 |
LOW
|
rim
|
blackberry_desktop_manager blackberry_device_software blackberry
|
Research in Motion (RIM) BlackBerry Handheld web browser for BlackBerry Handheld before 4.0.2 allows remote attackers to cause a denial of service (hang) via a Java Application Description (JAD) file…
|
NVD-CWE-Other
|
CVE-2005-2343
|
2011-03-8 11:24 |
2005-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363417
|
4.3 |
MEDIUM
|
my_image_gallery
|
my_image_gallery
|
Cross-site scripting (XSS) vulnerability in index.php for My Image Gallery (Mig ) 1.4.1 allows remote attackers to inject arbitrary web script or HTML via the (1) currDir or (2) image parameters.
|
NVD-CWE-Other
|
CVE-2005-2603
|
2011-03-8 11:24 |
2005-08-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363418
|
5.0 |
MEDIUM
|
my_image_gallery
|
my_image_gallery
|
index.php for My Image Gallery (Mig ) 1.4.1 allows remote attackers to obtain the web server path via certain currDir and image arguments, which leaks the path in an error message.
|
NVD-CWE-Other
|
CVE-2005-2604
|
2011-03-8 11:24 |
2005-08-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363419
|
7.5 |
HIGH
|
phlymail
|
phlymail
|
Unknown vulnerability in the "frontend authentication" in PHlyMail 3.02.00 has unknown impact and attack vectors.
|
NVD-CWE-Other
|
CVE-2005-2606
|
2011-03-8 11:24 |
2005-08-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363420
|
7.5 |
HIGH
|
ezupload
|
ezupload
|
Multiple PHP file include vulnerabilities in ezUpload 2.2 allow remote attackers to execute arbitrary code via the path parameter to (1) initialize.php, (2) customize.php, (3) form.php, or (4) index.…
|
NVD-CWE-Other
|
CVE-2005-2616
|
2011-03-8 11:24 |
2005-08-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363421
|
10.0 |
HIGH
|
kismet
|
kismet
|
Unspecified vulnerability in Kismet before 2005-08-R1 allows remote attackers to have an unknown impact via unprintable characters in the SSID.
|
NVD-CWE-Other
|
CVE-2005-2626
|
2011-03-8 11:24 |
2005-08-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363422
|
7.5 |
HIGH
|
kismet
|
kismet
|
Multiple integer underflows in Kismet before 2005-08-R1 allow remote attackers to execute arbitrary code via (1) kernel headers in a pcap file or (2) data frame dissection, which leads to heap-based …
|
NVD-CWE-Other
|
CVE-2005-2627
|
2011-03-8 11:24 |
2005-08-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363423
|
7.5 |
HIGH
|
up-imapproxy
|
up-imapproxy
|
Format string vulnerability in the ParseBannerAndCapability function in main.c for up-imapproxy 1.2.3 and 1.2.4 allows remote IMAP servers to execute arbitrary code via format string specifiers in a …
|
NVD-CWE-Other
|
CVE-2005-2661
|
2011-03-8 11:24 |
2005-10-14 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363424
|
2.1 |
LOW
|
apple
|
mac_os_x mac_os_x_server
|
An unspecified kernel interface in Mac OS X 10.4.2 and earlier does not properly clear memory before reusing it, which could allow attackers to obtain sensitive information, a different vulnerability…
|
CWE-200
情報漏えい
|
CVE-2005-2752
|
2011-03-8 11:24 |
2005-11-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363425
|
7.2 |
HIGH
|
symantec
|
norton_antivirus
|
** SPLIT ** The jlucaller program in LiveUpdate for Symantec Norton AntiVirus 9.0.3 on Macintosh runs setuid when executing Java programs, which allows local users to gain privileges. NOTE: due to a…
|
NVD-CWE-Other
|
CVE-2005-2759
|
2011-03-8 11:24 |
2005-10-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363426
|
5.0 |
MEDIUM
|
-
|
-
|
Directory traversal vulnerability in Dzip before 2.9 allows remote attackers to create arbitrary files via a filename containing a .. (dot dot) in a .dz archive.
|
NVD-CWE-Other
|
CVE-2005-1874
|
2011-03-8 11:23 |
2005-06-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363427
|
5.0 |
MEDIUM
|
sun
|
java_system_web_server
|
Unknown vulnerability in Sun ONE Application Server 6.5 SP1 Maintenance Update 6 and earlier allows attackers to read files.
|
NVD-CWE-Other
|
CVE-2005-1889
|
2011-03-8 11:23 |
2005-06-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363428
|
5.0 |
MEDIUM
|
flatnuke
|
flatnuke
|
FlatNuke 2.5.3 allows remote attackers to obtain sensitive information via invalid parameters to certain scripts, which leaks the web document root in an error message.
|
NVD-CWE-Other
|
CVE-2005-1893
|
2011-03-8 11:23 |
2005-06-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363429
|
4.3 |
MEDIUM
|
flatnuke
|
flatnuke
|
Cross-site scripting (XSS) vulnerability in FlatNuke 2.5.3 allows remote attackers to inject arbitrary web script or HTML via the border or back parameters to (1) help.php or (2) footer.php.
|
NVD-CWE-Other
|
CVE-2005-1895
|
2011-03-8 11:23 |
2005-06-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363430
|
5.0 |
MEDIUM
|
flatnuke
|
flatnuke
|
Directory traversal vulnerability in thumb.php in FlatNuke 2.5.3 allows remote attackers to read arbitrary images or obtain the installation path via the image parameter.
|
NVD-CWE-Other
|
CVE-2005-1896
|
2011-03-8 11:23 |
2005-06-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363431
|
2.1 |
LOW
|
log4sh
|
log4sh
|
The log4sh_readProperties function in log4sh 1.2.5 and earlier allows local users to overwrite arbitrary files via a symlink attack on predictable log4sh.$$ filenames.
|
NVD-CWE-Other
|
CVE-2005-1915
|
2011-03-8 11:23 |
2005-09-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363432
|
5.0 |
MEDIUM
|
trend_micro
|
serverprotect
|
Directory traversal vulnerability in the Crystal Report component (rptserver.asp) in Trend Micro ServerProtect Management Console 5.58, as used in Control Manager 2.5 and 3.0 and Damage Cleanup Serve…
|
NVD-CWE-Other
|
CVE-2005-1930
|
2011-03-8 11:23 |
2005-12-15 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363433
|
5.0 |
MEDIUM
|
3com
|
3c15100d
|
Directory traversal vulnerability in the web server for 3Com Network Supervisor 5.0.2 allows remote attackers to read arbitrary files via ".." sequences in the URL to TCP port 21700.
|
NVD-CWE-Other
|
CVE-2005-2020
|
2011-03-8 11:23 |
2005-09-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363434
|
4.3 |
MEDIUM
|
sun
|
iplanet_messaging_server one_messaging_server
|
Unknown vulnerability in Webmail in iPlanet Messaging Server 5.2 Patch 1 and Sun ONE Messaging Server 6.2 allows remote attackers to execute arbitrary Javascript, possibly due to a cross-site scripti…
|
NVD-CWE-noinfo CWE-79
クロスサイト・スクリプティング(XSS)
|
CVE-2005-2022
|
2011-03-8 11:23 |
2005-06-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363435
|
7.5 |
HIGH
|
-
|
-
|
Multiple SQL injection vulnerabilities in Fortibus CMS 4.0.0 allow remote attackers to execute arbitrary SQL commands via (1) the username or password to logon.asp, (2) WeeklyNotesDisplay.asp, or (3)…
|
NVD-CWE-Other
|
CVE-2005-2037
|
2011-03-8 11:23 |
2005-06-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363436
|
2.1 |
LOW
|
hp
|
version_control_repository_manager
|
HP Version Control Repository Manager (VCRM) before 2.1.1.730 does not properly handle the "@" character in a proxy password, which could allow attackers with physical access to obtain portions of th…
|
NVD-CWE-Other
|
CVE-2005-2076
|
2011-03-8 11:23 |
2005-06-29 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363437
|
5.0 |
MEDIUM
|
pavsta
|
pavsta_auto_site
|
PHP remote file inclusion vulnerability in user_check.php for Pavsta Auto Site allows remote attackers to execute arbitrary PHP code via the sitepath parameter.
|
NVD-CWE-Other
|
CVE-2005-2139
|
2011-03-8 11:23 |
2005-07-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363438
|
10.0 |
HIGH
|
the_cacti_group
|
cacti
|
config.php in Cacti 0.8.6e and earlier allows remote attackers to set the no_http_headers switch, then modify session information to gain privileges and disable the use of addslashes to conduct SQL i…
|
NVD-CWE-Other
|
CVE-2005-2149
|
2011-03-8 11:23 |
2005-07-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363439
|
5.0 |
MEDIUM
|
nabocorp
|
nabopoll
|
PHP remote file inclusion vulnerability in survey.inc.php for nabopoll 1.2 allows remote attackers to execute arbitrary PHP code via the path parameter.
|
NVD-CWE-Other
|
CVE-2005-2157
|
2011-03-8 11:23 |
2005-07-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363440
|
5.0 |
MEDIUM
|
ibm
|
tivoli_management_framework
|
The LCF component (lcfd) in IBM Tivoli Management Framework Endpoint allows remote attackers to cause a denial of service (process exit and connection loss) by connecting to LCF and ending the connec…
|
NVD-CWE-Other
|
CVE-2005-2170
|
2011-03-8 11:23 |
2005-07-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363441
|
6.4 |
MEDIUM
|
novell
|
netmail
|
Novell NetMail automatically processes HTML in an attachment without prompting the user to save or open it, which makes it easier for remote attackers to conduct web-based attacks and steal cookies.
|
NVD-CWE-Other
|
CVE-2005-2176
|
2011-03-8 11:23 |
2005-07-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363442
|
5.0 |
MEDIUM
|
leafnode
|
leafnode
|
fetchnews in leafnode 1.9.48 to 1.11.1 allows remote NNTP servers to cause a denial of service (crash) by closing the connection while fetchnews is reading (1) an article header or (2) an article bod…
|
NVD-CWE-Other
|
CVE-2005-1453
|
2011-03-8 11:22 |
2005-05-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363443
|
7.5 |
HIGH
|
cisco
|
firewall_services_module
|
Unknown vulnerability in Cisco Firewall Services Module (FWSM) 2.3.1 and earlier, when using URL, FTP, or HTTPS filtering exceptions, allows certain TCP packets to bypass access control lists (ACLs).
|
NVD-CWE-Other
|
CVE-2005-1517
|
2011-03-8 11:22 |
2005-05-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363444
|
5.0 |
MEDIUM
|
apple
|
quicktime
|
Apple QuickTime Player 7.0 on Mac OS X 10.4 allows remote attackers to obtain sensitive information via a .mov file with a Quartz Composer composition (.qtz) file that uses certain patches to read lo…
|
NVD-CWE-Other
|
CVE-2005-1579
|
2011-03-8 11:22 |
2005-05-12 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363445
|
5.0 |
MEDIUM
|
niteenterprises
|
remote_file_manager
|
NiteEnterprises Remote File Manager 1.0 allows remote attackers to cause a denial of service (crash) via a crafted string to TCP port 7080.
|
NVD-CWE-Other
|
CVE-2005-1603
|
2011-03-8 11:22 |
2005-05-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363446
|
7.5 |
HIGH
|
woltlab
|
burning_board
|
SQL injection vulnerability in the verify_email function in Woltlab Burning Board 2.x and earlier allows remote attackers to execute arbitrary SQL commands via the $email variable.
|
NVD-CWE-Other
|
CVE-2005-1642
|
2011-03-8 11:22 |
2005-05-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363447
|
7.5 |
HIGH
|
fastream
|
netfile_ftp_web_server
|
The default installation of Fastream NETFile FTP/Web Server 7.4.6, which supports FXP, does not require that the IP address in a PORT command be the same as the IP of the logged in user, which allows…
|
NVD-CWE-Other
|
CVE-2005-1646
|
2011-03-8 11:22 |
2005-05-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363448
|
4.6 |
MEDIUM
|
gentoo
|
linux_webapp-config
|
The fn_show_postinst function in Gentoo webapp-config before 1.10-r14 allows local users to overwrite arbitrary files via a symlink attack on the postinst.txt temporary file.
|
NVD-CWE-Other
|
CVE-2005-1707
|
2011-03-8 11:22 |
2005-05-24 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363449
|
7.5 |
HIGH
|
bluecoat
|
reporter
|
Unknown vulnerability in Blue Coat Reporter before 7.1.2 allows remote unauthenticated attackers to add a license.
|
NVD-CWE-Other
|
CVE-2005-1709
|
2011-03-8 11:22 |
2005-05-24 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
363450
|
4.3 |
MEDIUM
|
netwin
|
surgemail
|
Cross-site scripting (XSS) vulnerability in NetWin SurgeMail 3.0c2 allows remote attackers to inject arbitrary web script or HTML via unknown vectors.
|
NVD-CWE-Other
|
CVE-2005-1714
|
2011-03-8 11:22 |
2005-05-24 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|