| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Listening TCP ports are sequentially allocated, allowing spoofing attacks. |
| Vacation program allows command execution by remote users through a sendmail command. |
| Buffer overflow in HP-UX newgrp program. |
| Csetup under IRIX allows arbitrary file creation or overwriting. |
| Off-by-one error in Halo Combat Evolved 1.04 and earlier allows remote attackers to cause a denial of service (server crash) via a long client response. |
| Talkd, when given corrupt DNS information, can be used to execute arbitrary commands with root privileges. |
| MIME conversion buffer overflow in sendmail versions 8.8.3 and 8.8.4. |
| Buffer overflow of rlogin program using TERM environmental variable. |
| Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup" control messages, and others. |
| Engenio/LSI Logic storage controllers, as used in products such as Storagetek D280, and IBM DS4100 (formerly FastT 100) and Brocade SilkWorm Switches, allow remote attackers to cause a denial of service (freeze and possible data corruption) via crafted TCP packets. |
| Buffer overflow in Xt library of X Windowing System allows local users to execute commands with root privileges. |
| webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers to execute arbitrary commands via shell metacharacters in the distloc parameter. |
| Arbitrary command execution via metamail package using message headers, when user processes attacker's message using metamail. |
| IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files. |
| Buffer overflow in suidperl (sperl), Perl 4.x and 5.x. |
| JavaScript in Internet Explorer 3.x and 4.x, and Netscape 2.x, 3.x and 4.x, allows remote attackers to monitor a user's web activities, aka the Bell Labs vulnerability. |
| root privileges via buffer overflow in xlock command on SGI IRIX systems. |
| DNS cache poisoning via BIND, by predictable query IDs. |
| Unspecified vulnerability in the POP service in Stalker CommuniGate Pro 5.1c1 and earlier allows remote attackers to cause a denial of service (server crash) via unspecified vectors involving opening an empty inbox. |
| vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local attacker to overwrite arbitrary files via a symlink attack. |
