| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2005-3624 |
189 |
|
Overflow |
2005-12-31 |
2010-11-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The CCITTFaxStream::CCITTFaxStream function in Stream.cc for xpdf, gpdf, kpdf, pdftohtml, poppler, teTeX, CUPS, libextractor, and others allows attackers to corrupt the heap via negative or large integers in a CCITTFaxDecode stream, which lead to integer overflows and integer underflows. |
|
2 |
CVE-2004-1039 |
|
|
DoS |
2005-01-11 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The NFS mountd service on SCO UnixWare 7.1.1, 7.1.3, 7.1.4, and 7.0.1, and possibly other versions, when run from inetd, allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests, which causes inetd to launch a separate process for each request. |
|
3 |
CVE-2004-0112 |
|
|
DoS |
2004-11-23 |
2010-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The SSL/TLS handshaking code in OpenSSL 0.9.7a, 0.9.7b, and 0.9.7c, when using Kerberos ciphersuites, does not properly check the length of Kerberos tickets during a handshake, which allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that causes an out-of-bounds read. |
|
4 |
CVE-2004-0081 |
|
|
DoS |
2004-11-23 |
2010-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. |
|
5 |
CVE-2004-0079 |
|
|
DoS |
2004-11-23 |
2010-08-21 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference. |
|
6 |
CVE-2003-0658 |
|
|
|
2003-10-20 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Docview before 1.1-18 in Caldera OpenLinux 3.1.1, SCO Linux 4.0, OpenServer 5.0.7, configures the Apache web server in a way that allows remote attackers to read arbitrary publicly readable files via a certain URL, possibly related to rewrite rules. |
|
7 |
CVE-2002-1199 |
|
|
Dir. Trav. |
2002-10-28 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The getdbm procedure in ypxfrd allows local users to read arbitrary files, and remote attackers to read databases outside /var/yp, via a directory traversal and symlink attack on the domain and map arguments. |
|
8 |
CVE-2001-1579 |
|
|
DoS |
2001-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service. |
|
9 |
CVE-2001-0896 |
|
|
DoS |
2001-11-30 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Inetd in OpenServer 5.0.5 allows remote attackers to cause a denial of service (crash) via a port scan, e.g. with nmap -PO. |
|
10 |
CVE-2000-0842 |
|
|
|
2000-11-14 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
|
11 |
CVE-2000-0349 |
|
|
DoS |
2001-03-12 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Vulnerability in the passthru driver in SCO UnixWare 7.1.0 allows an attacker to cause a denial of service. |
|
12 |
CVE-2000-0307 |
|
|
DoS |
2001-03-12 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service which prevents access to reserved port numbers below 1024. |
|
13 |
CVE-2000-0173 |
|
|
DoS |
2000-03-10 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote attackers to cause a denial of service. |
|
14 |
CVE-1999-0345 |
|
|
DoS |
1997-01-01 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Jolt ICMP attack causes a denial of service in Windows 95 and Windows NT systems. |
|
15 |
CVE-1999-0153 |
|
|
DoS |
1997-07-01 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Windows 95/NT out of band (OOB) data denial of service through NETBIOS port, aka WinNuke. |
|
16 |
CVE-1999-0128 |
|
|
DoS |
1996-12-18 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Oversized ICMP ping packets can result in a denial of service, aka Ping o' Death. |
|
17 |
CVE-1999-0096 |
|
|
|
1996-12-10 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Sendmail decode alias can be used to overwrite sensitive files. |
|
18 |
CVE-1999-0024 |
|
|
|
1997-08-13 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
DNS cache poisoning via BIND, by predictable query IDs. |
|
19 |
CVE-1999-0019 |
|
|
|
1996-04-24 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Delete or create a file via rpc.statd, due to invalid information. |
|
20 |
CVE-1999-0010 |
|
|
DoS |
1998-04-08 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Denial of Service vulnerability in BIND 8 Releases via maliciously formatted DNS messages. |
|
21 |
CVE-1999-0004 |
|
|
Overflow |
1997-12-16 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
MIME buffer overflow in email clients, e.g. Solaris mailtool and Outlook. |
