| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The Logon box of a Windows NT system displays the name of the last user who logged in. |
| A network intrusion detection system (IDS) does not properly handle packets with improper sequence numbers. |
| quikstore.cgi in QuikStore shopping cart stores quikstore.cfg under the web document root with insufficient access control, which allows remote attackers to obtain the cleartext administrator password and gain privileges. |
| Buffer overflows in forms.exe CGI program in ValiCert Enterprise Validation Authority (EVA) Administration Server 3.3 through 4.2.1 allows remote attackers to execute arbitrary code via long arguments to the parameters (1) Mode, (2) Certificate_File, (3) useExpiredCRLs, (4) listenLength, (5) maxThread, (6) maxConnPerSite, (7) maxMsgLen, (8) exitTime, (9) blockTime, (10) nextUpdatePeriod, (11) buildLocal, (12) maxOCSPValidityPeriod, (13) extension, and (14) a particular combination of parameters associated with private key generation that form a string of a certain length. |
| An incorrect configuration of the Webcart CGI program could disclose private information. |
| The rpc.rquotad service is running. |
| The NT Alerter and Messenger services are running. |
| The systat service is running. |
| The daytime service is running. |
| A component service related to NIS+ is running. |
| The OS/2 or POSIX subsystem in NT is enabled. |
| An application-critical Windows NT registry key has inappropriate permissions. |
| The WebRamp web administration utility has a default password. |
| The default "basic" security setting' in config.php for TWIG webmail 2.7.4 and earlier stores cleartext usernames and passwords in cookies, which could allow attackers to obtain authentication information and gain privileges. |
| Denial of service in IP protocol logger (ippl) on Red Hat and Debian Linux. |
| The pt_chown command in Linux allows local users to modify TTY terminal devices that belong to other users. |
| speechd 0.54 and earlier, with the Festival or rsynth speech synthesis package, allows attackers to execute arbitrary commands via shell metacharacters. |
| Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 creates a hidden share named ARCSERVE$, which allows remote attackers to obtain sensitive information and overwrite critical files. |
| The default configuration of Cobalt RaQ2 servers allows remote users to install arbitrary software packages. |
| Buffer overflow in OpenBSD procfs and fdescfs file systems via uio_offset in the readdir() function. |
