| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
96201 |
CVE-2006-2449 |
|
|
|
2006-06-15 |
2018-10-18 |
4.0 |
None |
Local |
High |
Not required |
Complete |
None |
None |
|
KDE Display Manager (KDM) in KDE 3.2.0 up to 3.5.3 allows local users to read arbitrary files via a symlink attack related to the session type for login. |
|
96202 |
CVE-2006-2448 |
|
|
DoS |
2006-06-23 |
2018-10-18 |
5.6 |
None |
Local |
High |
Not required |
Complete |
None |
Complete |
|
Linux kernel before 2.6.16.21 and 2.6.17, when running on PowerPC, does not perform certain required access_ok checks, which allows local users to read arbitrary kernel memory on 64-bit systems (signal_64.c) and cause a denial of service (crash) and possibly read kernel memory on 32-bit systems (signal_32.c). |
|
96203 |
CVE-2006-2447 |
|
|
Exec Code |
2006-06-06 |
2018-10-18 |
5.1 |
User |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
SpamAssassin before 3.1.3, when running with vpopmail and the paranoid (-P) switch, allows remote attackers to execute arbitrary commands via a crafted message that is not properly handled when invoking spamd with the virtual pop username. |
|
96204 |
CVE-2006-2446 |
|
|
DoS |
2006-08-15 |
2017-10-10 |
5.4 |
None |
Remote |
High |
Not required |
None |
None |
Complete |
|
Race condition between the kfree_skb and __skb_unlink functions in the socket buffer handling in Linux kernel 2.6.9, and possibly other versions, allows remote attackers to cause a denial of service (crash), as demonstrated using the TCP stress tests from the LTP test suite. |
|
96205 |
CVE-2006-2445 |
|
|
DoS |
2006-06-23 |
2018-10-18 |
4.0 |
None |
Local |
High |
Not required |
None |
None |
Complete |
|
Race condition in run_posix_cpu_timers in Linux kernel before 2.6.16.21 allows local users to cause a denial of service (BUG_ON crash) by causing one CPU to attach a timer to a process that is exiting. |
|
96206 |
CVE-2006-2444 |
|
|
DoS |
2006-05-25 |
2018-10-30 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The snmp_trap_decode function in the SNMP NAT helper for Linux kernel before 2.6.16.18 allows remote attackers to cause a denial of service (crash) via unspecified remote attack vectors that cause failures in snmp_trap_decode that trigger (1) frees of random memory or (2) frees of previously-freed memory (double-free) by snmp_trap_decode as well as its calling function, as demonstrated via certain test cases of the PROTOS SNMP test suite. |
|
96207 |
CVE-2006-2443 |
|
|
+Info |
2006-05-18 |
2008-09-05 |
4.6 |
User |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
The Debian package of knowledgetree 2.0.7 creates environment.php with world-readable permissions, which allows local users to obtain sensitive information such as the username and password for the KnowledgeTree database. |
|
96208 |
CVE-2006-2442 |
|
|
|
2006-05-18 |
2010-04-02 |
4.6 |
User |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
kphone 4.2 creates .qt/kphonerc with world-readable permissions, which allows local users to read usernames and SIP passwords. |
|
96209 |
CVE-2006-2441 |
|
|
DoS |
2006-05-18 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Pioneers meta-server before 0.9.55, when the server-console is not installed, allows remote attackers to cause a denial of service (crash) via certain requests from an older gnocatan client to create a new game. |
|
96210 |
CVE-2006-2440 |
|
|
Exec Code Overflow |
2006-05-18 |
2017-10-11 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Heap-based buffer overflow in the libMagick component of ImageMagick 6.0.6.2 might allow attackers to execute arbitrary code via an image index array that triggers the overflow during filename glob expansion by the ExpandFilenames function. |
|
96211 |
CVE-2006-2439 |
119 |
|
Exec Code Overflow |
2006-06-01 |
2018-10-18 |
7.6 |
Admin |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
Stack-based buffer overflow in ZipCentral 4.01 allows remote user-assisted attackers to execute arbitrary code via a ZIP archive containing a long filename. |
|
96212 |
CVE-2006-2438 |
|
|
Dir. Trav. |
2006-05-17 |
2017-07-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in the viewfile servlet in the documentation package (resin-doc) for Caucho Resin 3.0.17 and 3.0.18 allows remote attackers to read arbitrary files under other web roots via the contextpath parameter. NOTE: this issue can produce resultant path disclosure when the parameter is invalid. |
|
96213 |
CVE-2006-2437 |
|
|
|
2006-05-17 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The viewfile servlet in the documentation package (resin-doc) for Caucho Resin 3.0.17 and 3.0.18 allows remote attackers to obtain the source code for file under the web root via the file parameter. |
|
96214 |
CVE-2006-2436 |
|
|
+Priv |
2006-05-17 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
WebSphere Application Server 5.0.2 (or any earlier cumulative fix) stores admin and LDAP passwords in plaintext in the FFDC logs when a login to WebSphere fails, which allows attackers to gain privileges. |
|
96215 |
CVE-2006-2435 |
|
|
|
2006-05-17 |
2009-06-17 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
Unspecified vulnerability in IBM WebSphere Application Server 5.0.2 and earlier, and 5.1.1 and earlier, has unknown impact and attack vectors related to "Inserting certain script tags in urls [that] may allow unintended execution of scripts." |
|
96216 |
CVE-2006-2434 |
|
|
+Info |
2006-05-17 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Unspecified vulnerability in WebSphere 5.1.1 (or any earlier cumulative fix) Common Configuration Mode + CommonArchive and J2EE Models might allow attackers to obtain sensitive information via the trace. |
|
96217 |
CVE-2006-2433 |
|
|
|
2006-05-17 |
2009-06-17 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in IBM WebSphere Application Server 6.0.2, 6.0.2.1, 6.0.2.3, 6.0.2.5, and 6.0.2.7 has unknown impact and attack vectors related to the "administrative console". |
|
96218 |
CVE-2006-2432 |
|
|
|
2006-05-17 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
IBM WebSphere Application Server 5.0.2 (or any earlier cumulative fix) and 5.1.1 (or any earlier cumulative fix) allows EJB access on Solaris systems via a crafted LTPA token. |
|
96219 |
CVE-2006-2431 |
79 |
|
XSS |
2006-05-17 |
2018-10-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the 500 Internal Server Error page on the SOAP port (8880/tcp) in IBM WebSphere Application Server 5.0.2 and earlier, 5.1.x before 5.1.1.12, and 6.0.2 up to 6.0.2.7, allows remote attackers to inject arbitrary web script or HTML via the URI, which is contained in a FAULTACTOR element on this page. NOTE: some sources have reported the element as "faultfactor," but this is likely erroneous. |
|
96220 |
CVE-2006-2430 |
|
|
+Priv |
2006-05-17 |
2008-09-05 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
IBM WebSphere Application Server 5.0.2 and earlier, 5.1.1 and earlier, and 6.0.2 up to 6.0.2.7 records user credentials in plaintext in addNode.log, which allows attackers to gain privileges. |
|
96221 |
CVE-2006-2429 |
|
|
|
2006-05-17 |
2009-06-17 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in IBM WebSphere Application Server 6.0.2, 6.0.2.1, 6.0.2.3, 6.0.2.5, and 6.0.2.7 has unknown impact and remote attack vectors related to "HTTP request handlers". |
|
96222 |
CVE-2006-2428 |
|
|
Exec Code Bypass |
2006-05-17 |
2018-10-18 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
add.asp in DUware DUbanner 3.1 allows remote attackers to execute arbitrary code by uploading files with arbitrary extensions, such as ASP files, probably due to client-side enforcement that can be bypassed. NOTE: some of these details are obtained from third party information, since the raw source is vague. |
|
96223 |
CVE-2006-2427 |
|
|
|
2006-05-17 |
2018-10-18 |
7.2 |
Admin |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
freshclam in (1) Clam Antivirus (ClamAV) 0.88 and (2) ClamXav 1.0.3h and earlier does not drop privileges before processing the config-file command line option, which allows local users to read portions of arbitrary files when an error message displays the first line of the target file. |
|
96224 |
CVE-2006-2426 |
|
|
DoS |
2006-05-17 |
2018-10-18 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
|
Sun Java Runtime Environment (JRE) 1.5.0_6 and earlier, JDK 1.5.0_6 and earlier, and SDK 1.5.0_6 and earlier allows remote attackers to cause a denial of service (disk consumption) by using the Font.createFont function to create temporary files of arbitrary size in the %temp% directory. |
|
96225 |
CVE-2006-2425 |
|
|
XSS |
2006-05-17 |
2018-10-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in PRV.php in PhpRemoteView, possibly 2003-10-23 and earlier, allow remote attackers to inject arbitrary web script or HTML via the (1) f, (2) d, and (3) ref parameters, and the (4) "MAKE DIR" and (5) "Full file name" fields. |
|
96226 |
CVE-2006-2424 |
|
|
Exec Code File Inclusion |
2006-05-17 |
2017-10-18 |
5.1 |
User |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
PHP remote file inclusion vulnerability in ezUserManager 1.6 and earlier, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the ezUserManager_Path parameter to ezusermanager_pwd_forgott.php, possibly due to an issue in ezusermanager_core.inc.php. |
|
96227 |
CVE-2006-2423 |
|
|
XSS |
2006-05-17 |
2018-10-18 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in ftplogin/index.php in Confixx 3.1.2 allows remote attackers to inject arbitrary web script or HTML via the login parameter. |
|
96228 |
CVE-2006-2422 |
|
|
|
2006-05-17 |
2017-07-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
phpCOIN 1.2.3 and earlier stores messages based upon e-mail addresses, which allows remote authenticated users to read messages for other users by adding the sender's e-mail address as an "additional contact". |
|
96229 |
CVE-2006-2421 |
|
|
Exec Code Overflow |
2006-05-17 |
2017-07-19 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Stack-based buffer overflow in Pragma FortressSSH 4.0.7.20 allows remote attackers to execute arbitrary code via long SSH_MSG_KEXINIT messages, which may cause an overflow when being logged. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
|
96230 |
CVE-2006-2420 |
79 |
|
XSS |
2006-05-16 |
2017-07-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Bugzilla 2.20rc1 through 2.20 and 2.21.1, when using RSS 1.0, allows remote attackers to conduct cross-site scripting (XSS) attacks via a title element with HTML encoded sequences such as ">", which are automatically decoded by some RSS readers. NOTE: this issue is not in Bugzilla itself, but rather due to design or documentation inconsistencies within RSS, or implementation vulnerabilities in RSS readers. While this issue normally would not be included in CVE, it is being identified since the Bugzilla developers have addressed it. |
|
96231 |
CVE-2006-2419 |
|
|
XSS |
2006-05-16 |
2008-09-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in index.php in Directory Listing Script allows remote attackers to inject arbitrary web script or HTML via the dir parameter. |
|
96232 |
CVE-2006-2418 |
|
|
XSS |
2006-05-16 |
2017-07-19 |
6.8 |
User |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Cross-site scripting (XSS) vulnerabilities in certain versions of phpMyAdmin before 2.8.0.4 allow remote attackers to inject arbitrary web script or HTML via the db parameter in unknown scripts. |
|
96233 |
CVE-2006-2417 |
79 |
|
XSS |
2006-05-16 |
2017-07-19 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in phpMyAdmin 2.8.0.x before 2.8.0.4 allows remote attackers to inject arbitrary web script or HTML via the theme parameter in unknown scripts. NOTE: the lang parameter is already covered by CVE-2006-2031. |
|
96234 |
CVE-2006-2416 |
89 |
|
Exec Code Sql |
2006-05-16 |
2018-10-18 |
5.1 |
User |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
SQL injection vulnerability in class2.php in e107 0.7.2 and earlier allows remote attackers to execute arbitrary SQL commands via a cookie as defined in $pref['cookie_name']. |
|
96235 |
CVE-2006-2415 |
|
|
XSS |
2006-05-16 |
2017-07-19 |
5.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in FlexChat 2.0 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) username and (2) CFTOKEN parameter in (a) index.cfm and (3) CFTOKEN and (4) CFID parameter in (b) chat.cfm. |
|
96236 |
CVE-2006-2414 |
|
|
Dir. Trav. |
2006-05-16 |
2018-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in Dovecot 1.0 beta and 1.0 allows remote attackers to list files and directories under the mbox parent directory and obtain mailbox names via ".." sequences in the (1) LIST or (2) DELETE IMAP command. |
|
96237 |
CVE-2006-2413 |
|
|
DoS |
2006-05-16 |
2018-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
GNUnet before SVN revision 2781 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an empty UDP datagram, possibly involving FIONREAD errors. |
|
96238 |
CVE-2006-2412 |
|
|
DoS |
2006-05-16 |
2018-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The raydium_network_read function in network.c in Raydium SVN revision 312 and earlier allows remote attackers to cause a denial of service (application crash) via a large ID, which causes an invalid memory access (buffer over-read). |
|
96239 |
CVE-2006-2411 |
|
|
Exec Code Overflow |
2006-05-16 |
2018-10-18 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in raydium_network_read function in network.c in Raydium SVN revision 312 and earlier allows remote attackers to execute arbitrary code by sending packets with long global variables to the client. |
|
96240 |
CVE-2006-2410 |
|
|
DoS |
2006-05-16 |
2018-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
raydium_network_netcall_exec function in network.c in Raydium SVN revision 312 and earlier allows remote attackers to cause a denial of service (application crash) via a packet of type 0xFF, which causes a null dereference. |
|
96241 |
CVE-2006-2409 |
134 |
|
Exec Code |
2006-05-16 |
2018-10-18 |
4.6 |
User |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Format string vulnerability in the raydium_log function in console.c in Raydium before SVN revision 310 allows local users to execute arbitrary code via format string specifiers in the format parameter, which are not properly handled in a call to raydium_console_line_add. |
|
96242 |
CVE-2006-2408 |
119 |
|
Exec Code Overflow |
2006-05-16 |
2018-10-18 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple buffer overflows in Raydium before SVN revision 310 allow remote attackers to execute arbitrary code via a large packet when logged via (1) the raydium_log function in log.c or (2) the raydium_console_line_add function in console.c, possibly from a long player name. |
|
96243 |
CVE-2006-2407 |
119 |
|
Exec Code Overflow |
2006-05-16 |
2018-10-18 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Stack-based buffer overflow in (1) WeOnlyDo wodSSHServer ActiveX Component 1.2.7 and 1.3.3 DEMO, as used in other products including (2) FreeSSHd 1.0.9 and (3) freeFTPd 1.0.10, allows remote attackers to execute arbitrary code via a long key exchange algorithm string. |
|
96244 |
CVE-2006-2405 |
|
|
Dir. Trav. |
2006-05-16 |
2018-10-18 |
6.8 |
User |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Directory traversal vulnerability in unb_lib/abbc.conf.php in Unclassified NewsBoard (UNB) 1.6.1 patch 1 and earlier, when register_globals is enabled, allows remote attackers to include arbitrary files via .. (dot dot) sequences and a trailing null byte (%00) in the ABBC[Config][smileset] parameter to unb_lib/abbc.css.php. |
|
96245 |
CVE-2006-2404 |
|
|
Dir. Trav. |
2006-05-15 |
2018-10-18 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
Directory traversal vulnerability in popup.php in RadScripts RadLance Gold 7.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the read parameter. |
|
96246 |
CVE-2006-2403 |
|
|
Exec Code Overflow |
2006-05-15 |
2017-07-19 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in FileZilla before 2.2.23 allows remote attackers to execute arbitrary commands via unknown attack vectors. |
|
96247 |
CVE-2006-2402 |
|
|
Overflow |
2006-05-15 |
2018-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Buffer overflow in the changeRegistration function in servernet.cpp for Outgun 1.0.3 bot 2 and earlier allows remote attackers to change the registration information of other players via a long string. |
|
96248 |
CVE-2006-2401 |
|
|
DoS |
2006-05-15 |
2018-10-18 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The leetnet functions (leetnet/rudp.cpp) in Outgun 1.0.3 bot 2 and earlier allow remote attackers to cause a denial of service (application crash) via packets with incorrect message sizes, which triggers a buffer over-read. |
|
96249 |
CVE-2006-2400 |
|
|
DoS |
2006-05-15 |
2018-10-18 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The leetnet functions (leetnet/rudp.cpp) in Outgun 1.0.3 bot 2 and earlier allow remote attackers to cause a denial of service (game interruption) via large packets, which cause an exception to be thrown. |
|
96250 |
CVE-2006-2399 |
119 |
|
DoS Exec Code Overflow |
2006-05-15 |
2018-10-18 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Stack-based buffer overflow in the ServerNetworking::incoming_client_data function in servnet.cpp in Outgun 1.0.3 bot 2 and earlier allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a data_file_request command with a long (1) type or (2) name string. |
