CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities (CVSS score between 9 and 10)

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1151 CVE-2005-0065 DoS 2005-05-02 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
The original design of TCP does not check that the TCP sequence number in an ICMP error message is within the range of sequence numbers for data that has been sent but not acknowledged (aka "TCP sequence number checking"), which makes it easier for attackers to forge ICMP error messages for specific TCP connections and cause a denial of service, as demonstrated using (1) blind connection-reset attacks with forged "Destination Unreachable" messages, (2) blind throughput-reduction attacks with forged "Source Quench" messages, or (3) blind throughput-reduction attacks with forged ICMP messages that cause the Path MTU to be reduced. NOTE: CVE-2004-0790, CVE-2004-0791, and CVE-2004-1060 have been SPLIT based on different attacks; CVE-2005-0065, CVE-2005-0066, CVE-2005-0067, and CVE-2005-0068 are related identifiers that are SPLIT based on the underlying vulnerability. While CVE normally SPLITs based on vulnerability, the attack-based identifiers exist due to the variety and number of affected implementations and solutions that address the attacks instead of the underlying vulnerabilities.
1152 CVE-2005-0194 Bypass 2005-05-02 2016-10-17
10.0
Admin Remote Low Not required Complete Complete Complete
Squid 2.5, when processing the configuration file, parses empty Access Control Lists (ACLs), including proxy_auth ACLs without defined auth schemes, in a way that effectively removes arguments, which could allow remote attackers to bypass intended ACLs if the administrator ignores the parser warnings.
1153 CVE-2005-0260 Exec Code Overflow 2005-05-02 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in the Discovery Service for BrightStor ARCserve Backup 11.1 and earlier allows remote attackers to execute arbitrary code via a long packet to UDP port 41524, which is not properly handled in a recvfrom call.
1154 CVE-2005-0339 DoS Exec Code Overflow 2005-05-02 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Foxmail 2.0 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long MAIL FROM command.
1155 CVE-2005-0353 Exec Code Overflow 2005-05-02 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the Sentinel LM (Lservnt) service in the Sentinel License Manager 7.2.0.2 allows remote attackers to execute arbitrary code by sending a large amount of data to UDP port 5093.
1156 CVE-2005-0417 2005-04-27 2016-10-17
10.0
None Remote Low Not required Complete Complete Complete
Unknown "high risk" vulnerability in DB2 Universal Database 8.1 and earlier has unknown impact and attack vectors. NOTE: due to the delayed disclosure of details for this issue, this candidate may be SPLIT in the future. In addition, this may be a duplicate of other issues as reported by the vendor.
1157 CVE-2005-0441 Exec Code Overflow 2004-12-22 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple stack-based buffer overflows in Sybase Adaptive Server Enterprise (ASE) 12.x before 12.5.3 ESD#1 allow remote authenticated users to execute arbitrary code via the (1) attrib_valid function, (2) covert function, (3) declare statement, or (4) a crafted query plan, or remote authenticated users with database owner or "sa" role privileges to execute arbitrary code via (5) a crafted install java statement.
1158 CVE-2005-0491 Exec Code Overflow 2005-05-02 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in Knox Arkeia Server Backup 5.3.x allows remote attackers to execute arbitrary code via a long type 77 request.
1159 CVE-2005-0519 2005-02-18 2017-07-10
10.0
None Remote Low Not required Complete Complete Complete
ArGoSoft FTP Server before 1.4.2.7 allows remote attackers to read arbitrary files by uploading a ZIP file containing a shortcut (.LNK) file, using SITE UNZIP to extract the .LNK file onto the server, then accessing the file, a different vulnerability than CVE-2005-0520.
1160 CVE-2005-0520 2005-02-23 2017-07-10
10.0
None Remote Low Not required Complete Complete Complete
ArGoSoft FTP Server before 1.4.2.8 allows remote attackers to read arbitrary files via shortcut (.LNK) files in the SITE COPY command, a different vulnerability than CVE-2005-0519.
1161 CVE-2005-0551 Overflow +Priv 2005-05-02 2018-10-12
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in WINSRV.DLL in the Client Server Runtime System (CSRSS) process of Microsoft Windows 2000, Windows XP SP1 and SP2, and Windows Server 2003 allows local users to gain privileges via a specially-designed application that provides console window information with a long FaceName value.
1162 CVE-2005-0582 Exec Code Overflow 2005-05-02 2016-10-17
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Computer Associates (CA) License Client 0.1.0.15 allows remote attackers to execute arbitrary code via a long filename in a PUTOLF request.
1163 CVE-2005-0635 Exec Code Overflow 2005-05-02 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Foxmail Server 2.0 allows remote attackers to execute arbitrary code via a long USER command.
1164 CVE-2005-0636 DoS Exec Code 2005-03-02 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Format string vulnerability in Foxmail Server 2.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via format strings in the USER command.
1165 CVE-2005-0684 Exec Code Overflow 2005-04-25 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple buffer overflows in the web tool for MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via (1) an HTTP GET request with a long file parameter after a percent ("%") sign or (2) a long Lock-Token string to the WebDAV functionality, which is not properly handled by the getLockTokenHeader function in WDVHandler_CommonUtils.c.
1166 CVE-2005-0708 +Info 2005-05-02 2017-10-11
10.0
None Remote Low Not required Complete Complete Complete
The sendfile system call in FreeBSD 4.8 through 4.11 and 5 through 5.4 can transfer portions of kernel memory if a file is truncated while it is being sent, which could allow remote attackers to obtain sensitive information.
1167 CVE-2005-0735 264 +Priv 2005-05-02 2009-04-03
10.0
Admin Remote Low Not required Complete Complete Complete
newsscript.pl for NewsScript allows remote attackers to gain privileges by setting the mode parameter to admin.
1168 CVE-2005-0744 +Priv +Info 2005-05-02 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
The web GUI for Novell iChain 2.2 and 2.3 SP2 and SP3 allows attackers to hijack sessions and gain administrator privileges by (1) sniffing the connection on TCP port 51100 and replaying the authentication information or (2) obtaining and replaying the PCZQX02 authentication cookie from the browser.
1169 CVE-2005-0768 Exec Code Overflow 2005-05-02 2016-10-17
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the administration web server for GoodTech Telnet Server 4.0 and 5.0, and possibly all versions before 5.0.7, allows remote attackers to execute arbitrary code via a long string to port 2380.
1170 CVE-2005-0771 2005-06-23 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
VERITAS Backup Exec Server (beserver.exe) 9.0 through 10.0 for Windows allows remote unauthenticated attackers to modify the registry by calling methods to the RPC interface on TCP port 6106.
1171 CVE-2005-0836 +Priv 2005-05-02 2016-10-17
10.0
Admin Remote Low Not required Complete Complete Complete
Argument injection vulnerability in Java Web Start for J2SE 1.4.2 up to 1.4.2_06 allows untrusted applications to gain privileges via the value parameter of a property tag in a JNLP file.
1172 CVE-2005-0855 +Info 2005-05-02 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
CoolForum 0.8.1 beta and earlier allows remote attackers to obtain sensitive path information via direct requests to (1) entete.php, (2) profile_accueil.php, (3) profile_mdp.php, (4) profile_notify.php, (5) profile_options.php, (6) profile_perso.php, (7) profile_pm.php, or (8) readannonce.php, which leaks the full pathname in a PHP error message.
1173 CVE-2005-0892 Exec Code Overflow 2005-03-28 2016-10-17
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in smail 3.2.0.120 allows remote attackers or local users to execute arbitrary code via a long string in the MAIL FROM command and possibly other SMTP commands.
1174 CVE-2005-0927 2005-05-02 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Unknown vulnerability in subs.pl for WebAPP 0.9.9 through 0.9.9.2 has unknown impact and attack vectors, probably involving shell metacharacters or .. sequences.
1175 CVE-2005-1009 Exec Code Overflow 2005-05-02 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple buffer overflows in BakBone NetVault 6.x and 7.x allow (1) remote attackers to execute arbitrary code via a modified computer name and length that leads to a heap-based buffer overflow, or (2) local users to execute arbitrary code via a long Name entry in the configure.cfg file.
1176 CVE-2005-1015 Exec Code Overflow 2005-05-02 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in MailEnable Imapd (MEIMAP.exe) allows remote attackers to execute arbitrary code via a long LOGIN command.
1177 CVE-2005-1037 +Priv 2005-05-02 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Unknown vulnerability in AIX 5.3.0, when configured as an NIS client, allows remote attackers to gain root privileges.
1178 CVE-2005-1069 2005-05-02 2017-07-10
10.0
None Remote Low Not required Complete Complete Complete
Unknown vulnerability in sCssBoard 1.11 and earlier has unknown impact, related to "an exploit on the Profile page."
1179 CVE-2005-1099 Exec Code Overflow 2005-04-12 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple buffer overflows in the HandleChild function in server.c in Greylisting daemon (GLD) 1.3 and 1.4, when GLD is listening on a network interface, allow remote attackers to execute arbitrary code.
1180 CVE-2005-1131 2005-05-02 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Unknown vulnerability in Veritas i3 Focalpoint Server 7.1 and earlier has unknown attack vectors and unknown but "critical" impact.
1181 CVE-2005-1177 2005-05-02 2017-07-10
10.0
None Remote Low Not required Complete Complete Complete
Unknown vulnerability in (1) Webmin and (2) Usermin before 1.200 causes Webmin to change permissions and ownership of configuration files, with unknown impact.
1182 CVE-2005-1208 Exec Code Overflow 2005-06-14 2018-10-12
10.0
Admin Remote Low Not required Complete Complete Complete
Integer overflow in Microsoft Windows 98, 2000, XP SP2 and earlier, and Server 2003 SP1 and earlier allows remote attackers to execute arbitrary code via a crafted compiled Help (.CHM) file with a large size field that triggers a heap-based buffer overflow, as demonstrated using a "ms-its:" URL in Internet Explorer.
1183 CVE-2005-1246 DoS Exec Code 2005-04-24 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Format string vulnerability in the snmppd_log function in snmppd_util.c for snmppd 0.4.5 and earlier may allow remote attackers to cause a denial of service or execute arbitrary code via format string specifiers that are not properly handled in a syslog call.
1184 CVE-2005-1255 Exec Code Overflow 2005-05-25 2008-11-15
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple stack-based buffer overflows in the IMAP server in IMail 8.12 and 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allow remote attackers to execute arbitrary code via a LOGIN command with (1) a long username argument or (2) a long username argument that begins with a special character.
1185 CVE-2005-1256 Exec Code Overflow 2005-05-25 2008-11-15
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in the IMAP daemon (IMAPD32.EXE) in IMail 8.13 in Ipswitch Collaboration Suite (ICS), and other versions before IMail Server 8.2 Hotfix 2, allows remote authenticated users to execute arbitrary code via a STATUS command with a long mailbox name.
1186 CVE-2005-1274 Exec Code Overflow 2005-04-26 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Stack-based buffer overflow in the getIfHeader function in the WebDAV functionality in MySQL MaxDB before 7.5.00.26 allows remote attackers to execute arbitrary code via an HTTP unlock request and a long "If" parameter.
1187 CVE-2005-1299 Exec Code 2005-04-25 2016-10-17
10.0
Admin Remote Low Not required Complete Complete Complete
The inserter.cgi script allows remote attackers to execute arbitrary commands via shell metacharacters in the argument.
1188 CVE-2005-1365 Exec Code 2005-05-16 2016-10-17
10.0
Admin Remote Low Not required Complete Complete Complete
Pico Server (pServ) 3.2 and earlier allows remote attackers to execute arbitrary commands via a URL with multiple leading "/" (slash) characters and ".." sequences.
1189 CVE-2005-1415 Exec Code Overflow 2005-05-03 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in GlobalSCAPE Secure FTP Server 3.0.2 allows remote authenticated users to execute arbitrary code via a long FTP command.
1190 CVE-2005-1449 2005-05-03 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Unknown vulnerability in serendipity_config_local.inc.php for Serendipity before 0.8 has unknown impact.
1191 CVE-2005-1452 2005-05-03 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
Serendipity before 0.8 allows Chief users to "hide plugins installed by other users."
1192 CVE-2005-1559 Exec Code 2005-05-11 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
The web module in Neteyes Nexusway allows remote attackers to execute arbitrary commands via hex-encoded shell metacharacters in the ip parameter for (1) nslookup.cgi or (2) ping.cgi.
1193 CVE-2005-1560 Exec Code 2005-05-11 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
The SSH module in Neteyes Nexusway allows remote attackers to execute arbitrary commands via shell metacharacters in arguments to certain commands, as demonstrated using ping and traceroute.
1194 CVE-2005-1596 Exec Code Bypass 2005-05-16 2017-07-10
10.0
Admin Remote Low Not required Complete Complete Complete
index.php in Fusion SBX 1.2 and earlier does not properly use the extract function, which allows remote attackers to bypass authentication by setting the is_logged parameter or execute arbitrary code via the maxname2 parameter.
1195 CVE-2005-1693 Overflow +Priv 2005-05-24 2016-10-17
10.0
Admin Remote Low Not required Complete Complete Complete
Integer overflow in Computer Associates Vet Antivirus library, as used by CA InoculateIT 6.0, eTrust Antivirus r6.0 through 7.1, eTrust Antivirus for the Gateway r7.0 and r7.1, eTrust Secure Content Manager, eTrust Intrusion Detection, BrightStor ARCserve Backup (BAB) r11.1, Vet Antivirus, Zonelabs ZoneAlarm Security Suite, and ZoneAlarm Antivirus, allows remote attackers to gain privileges via a compressed VBA directory with a project name length of -1, which leads to a heap-based buffer overflow.
1196 CVE-2005-1738 Exec Code 2005-05-24 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Format string vulnerability in the logPrintBadfile function in delbadfiles.c Iron Bars SHell (ibsh) before 0.3d allows users to "access files outside the home directory" and possibly execute arbitrary code via certain inputs that are not properly handled in a syslog call.
1197 CVE-2005-1740 Exec Code 2005-05-24 2017-10-10
10.0
Admin Remote Low Not required Complete Complete Complete
fixproc in Net-snmp 5.x before 5.2.1-r1 creates temporary files insecurely, which allows local users to modify the contents of those files to execute arbitrary commands, or overwrite arbitrary files via a symlink attack.
1198 CVE-2005-1812 119 Exec Code Overflow 2005-06-01 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Multiple stack-based buffer overflows in FutureSoft TFTP Server Evaluation Version 1.0.0.1 allow remote attackers to execute arbitrary code via a long (1) filename or (2) transfer mode string in a Read Request (RRQ) or Write Request (WRQ) packet.
1199 CVE-2005-1850 2005-07-19 2016-10-17
10.0
None Remote Low Not required Complete Complete Complete
Certain contributed scripts for ekg Gadu Gadu client 1.5 and earlier create temporary files insecurely, with unknown impact and attack vectors, a different vulnerability than CVE-2005-1916.
1200 CVE-2005-1851 Exec Code 2005-07-19 2016-10-17
10.0
Admin Remote Low Not required Complete Complete Complete
A certain contributed script for ekg Gadu Gadu client 1.5 and earlier allows attackers to execute shell commands via unknown attack vectors.
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.