| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2002-2421 |
20 |
|
DoS |
2002-12-31 |
2008-09-05 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
acWEB 1.14 allows remote attackers to cause a denial of service (crash) via an HTTP request for a MS-DOS device name such as COM2. |
|
2 |
CVE-2002-2419 |
189 |
|
DoS |
2002-12-31 |
2008-09-05 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Direct connect text client (DCTC) client 0.83.3 allows remote attackers to cause a denial of service (crash) via a string ending with a NULL byte character. |
|
3 |
CVE-2002-2415 |
20 |
|
DoS |
2002-12-31 |
2008-09-05 |
6.8 |
None |
Remote |
Low |
Single system |
None |
None |
Complete |
|
Allied Telesyn AT-8024 1.3.1 and Rapier 24 switches allow remote authenticated users to cause a denial of service in the management interface via a stream of zero (null) bytes sent via UDP to a running service. |
|
4 |
CVE-2002-2414 |
|
|
DoS |
2002-12-31 |
2016-10-17 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Opera 6.0.3, when using Squid 2.4 for HTTPS proxying, does not properly handle when accepting a non-global certificate authority (CA) certificate from a site and establishing a subsequent HTTPS connection, which allows remote attackers to cause a denial of service (crash). |
|
5 |
CVE-2002-2406 |
20 |
|
DoS Overflow |
2002-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in HTTP server in LiteServe 2.0, 2.0.1 and 2.0.2 allows remote attackers to cause a denial of service (hang) via a large number of percent characters (%) in an HTTP GET request. |
|
6 |
CVE-2002-2404 |
119 |
|
DoS Overflow |
2002-12-31 |
2016-10-17 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in IISPop email server 1.161 and 1.181 allows remote attackers to cause a denial of service (crash) via a long request to the POP3 port (TCP port 110). |
|
7 |
CVE-2002-2400 |
119 |
|
DoS Exec Code Overflow |
2002-12-31 |
2016-10-17 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the httpdProcessRequest function in LibHTTPD 1.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long HTTP POST request. |
|
8 |
CVE-2002-2393 |
20 |
|
DoS |
2002-12-31 |
2010-04-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Serv-U FTP server 3.0, 3.1 and 4.0.0.4 does not accept new connections while validating user folder access rights, which allows remote attackers to cause a denial of service (no new connections) via a series of MKD commands. |
|
9 |
CVE-2002-2390 |
119 |
|
DoS Exec Code Overflow |
2002-12-31 |
2008-09-05 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the IDENT daemon (identd) in Trillian 0.6351, 0.725, 0.73, 0.74 and 1.0 pro allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long request. |
|
10 |
CVE-2002-2388 |
119 |
|
DoS Overflow |
2002-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in INweb POP3 mail server 2.01 allows remote attackers to cause a denial of service (crash) via a long HELO command. |
|
11 |
CVE-2002-2385 |
119 |
|
DoS Exec Code Overflow |
2002-12-31 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in hotfoon4.exe in Hotfoon 4.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a URL containing a long voice phone number. |
|
12 |
CVE-2002-2381 |
119 |
|
DoS Exec Code Overflow |
2002-12-31 |
2008-09-05 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Multiple buffer overflows in (1) tetrinet_inmessage, (2) speclist_add and (3) config-getthemeinfo of GTetrinet 0.4.3 and earlier allow remote attackers to casue a denial of service and possibly execute arbitrary code. |
|
13 |
CVE-2002-2379 |
310 |
|
DoS |
2002-12-31 |
2008-09-05 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
** DISPUTED ** Cisco AS5350 IOS 12.2(11)T with access control lists (ACLs) applied and possibly with ssh running allows remote attackers to cause a denial of service (crash) via a port scan, possibly due to an ssh bug. NOTE: this issue could not be reproduced by the vendor. |
|
14 |
CVE-2002-2372 |
119 |
|
DoS Overflow |
2002-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The telnet server in Infoprint 21 running controller software before 1.056007 allows remote attackers to cause a denial of service (crash) via a long username, possibly due to a buffer overflow. |
|
15 |
CVE-2002-2371 |
20 |
|
DoS |
2002-12-31 |
2008-09-05 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Linksys WET11 firmware 1.31 and 1.32 allows remote attackers to cause a denial of service (crash) via a packet containing the device's hardware address as the source MAC address in the DLC header. |
|
16 |
CVE-2002-2370 |
|
|
DoS |
2002-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
SWS web server 0.0.4, 0.0.3 and 0.1.0 allows remote attackers to cause a denial of service (crash) via a URL request that does not end with a newline. |
|
17 |
CVE-2002-2368 |
119 |
|
DoS Exec Code Overflow |
2002-12-31 |
2008-09-05 |
10.0 |
Admin |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Multiple buffer overflows in NEC SOCKS5 1.0 r11 and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via a long username to (1) the GetString function in proxy.c for the SOCKS5 module or (2) the HandleS4Connection function in proxy.c for the SOCKS4 module. |
|
18 |
CVE-2002-2367 |
119 |
|
DoS Exec Code Overflow |
2002-12-31 |
2008-09-05 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Off-by-one buffer overflow in NEC SOCKS5 1.0 r11 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long hostname. |
|
19 |
CVE-2002-2366 |
119 |
|
DoS Exec Code Overflow |
2002-12-31 |
2008-09-05 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the XML parser of Trillian 0.6351, 0.725 and 0.73 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a skin with a long colors file name in trillian.xml. |
|
20 |
CVE-2002-2357 |
119 |
|
DoS Overflow |
2002-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
MailEnable 1.5 015 through 1.5 018 allows remote attackers to cause a denial of service (crash) via a long USER string, possibly due to a buffer overflow. |
|
21 |
CVE-2002-2354 |
20 |
|
DoS |
2002-12-31 |
2008-09-05 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests. |
|
22 |
CVE-2002-2338 |
20 |
|
DoS |
2002-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message. |
|
23 |
CVE-2002-2337 |
|
|
DoS |
2002-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Kaspersky Anti-Hacker 1.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. |
|
24 |
CVE-2002-2336 |
16 |
|
DoS |
2002-12-31 |
2008-09-05 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
None |
Partial |
|
Norton Personal Firewall 2002 4.0, when configured to automatically block attacks, allows remote attackers to block IP addresses and cause a denial of service via spoofed packets. |
|
25 |
CVE-2002-2333 |
119 |
|
DoS Overflow |
2002-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in konqueror in KDE 2.1 through 3.0 and 3.0.2 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes. |
|
26 |
CVE-2002-2332 |
119 |
|
DoS Overflow |
2002-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in Opera 6.01 allows remote attackers to cause a denial of service (crash) via an IMG tag with large width and height attributes. |
|
27 |
CVE-2002-2329 |
20 |
|
DoS |
2002-12-31 |
2008-09-05 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
ICQ client 2001b, 2002a and 2002b allows remote attackers to cause a denial of service (CPU consumption or crash) via a message with a large number of emoticons. |
|
28 |
CVE-2002-2328 |
20 |
|
DoS |
2002-12-31 |
2008-09-05 |
7.1 |
None |
Remote |
Medium |
Not required |
None |
None |
Complete |
|
Active Directory in Windows 2000, when supporting Kerberos V authentication and GSSAPI, allows remote attackers to cause a denial of service (hang) via an LDAP client that sets the page length to zero during a large request. |
|
29 |
CVE-2002-2327 |
264 |
|
DoS |
2002-12-31 |
2018-10-30 |
4.9 |
None |
Local |
Low |
Not required |
None |
None |
Complete |
|
Unspecified vulnerability in the environmental monitoring subsystem in Solaris 8 running on Sun Fire 280R, V480 and V880 allows local users to cause a denial of service by setting volatile properties. |
|
30 |
CVE-2002-2325 |
20 |
|
DoS |
2002-12-31 |
2008-09-05 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows remote attackers to cause a denial of service (client crash) via a MIME-encoded email with Content-Type header containing an empty boundary field. |
|
31 |
CVE-2002-2317 |
200 |
|
DoS +Info |
2002-12-31 |
2008-09-05 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Memory leak in the (1) httpd, (2) nntpd, and (3) vpn driver in VelociRaptor 1.0 allows remote attackers to cause a denial of service (memory consumption) via an unknown method. |
|
32 |
CVE-2002-2315 |
|
|
DoS |
2002-12-31 |
2008-09-05 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Cisco IOS 11.2.x and 12.0.x does not limit the size of its redirect table, which allows remote attackers to cause a denial of service (memory consumption) via spoofed ICMP redirect packets to the router. |
|
33 |
CVE-2002-2309 |
399 |
|
DoS |
2002-12-31 |
2008-09-05 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
php.exe in PHP 3.0 through 4.2.2, when running on Apache, does not terminate properly, which allows remote attackers to cause a denial of service via a direct request without arguments. |
|
34 |
CVE-2002-2308 |
|
|
DoS |
2002-12-31 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Netscape Communicator 6.2.1 allows remote attackers to cause a denial of service in client browsers via a webpage containing a recursive META refresh tag where the content tag is blank and the URL tag references itself. |
|
35 |
CVE-2002-2306 |
399 |
|
DoS |
2002-12-31 |
2017-07-28 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Sharman Networks KaZaA Media Desktop 1.7.1 allows remote attackers to cause a denial of service (CPU consumption) by sending several large messages. |
|
36 |
CVE-2002-2300 |
119 |
|
DoS Overflow |
2002-12-31 |
2017-07-28 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in ftpd 5.4 in 3Com NBX 4.0.17 or ftpd 5.4.2 in 3Com NBX 4.1.4 allows remote attackers to cause a denial of service (crash) via a long CEL command. |
|
37 |
CVE-2002-2295 |
119 |
|
DoS Exec Code Overflow |
2002-12-31 |
2017-07-28 |
7.5 |
User |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in Pico Server (pServ) 2.0 beta 1 through beta 5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via (1) a 1024-byte TCP stream message, which triggers an off-by-one buffer overflow, or (2) a long method name in an HTTP request, (3) a long version number in an HTTP request, (4) a long User-Agent header, or (5) a long file path. |
|
38 |
CVE-2002-2294 |
119 |
|
DoS Overflow |
2002-12-31 |
2017-07-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Multiple buffer overflows in Symantec Raptor Firewall 6.5 and 6.5.3, Enterprise Firewall 6.5.2 and 7.0, VelociRaptor 500/700/1000 and 1100/1200/1300, and Gateway Security 5110/5200/5300 allow remote attackers to cause a denial of service (service termination) via (1) malformed RealAudio (rad) packets that are not properly handled by the RealAudio Proxy, or (2) crafted packets to the statistics service (statsd). |
|
39 |
CVE-2002-2291 |
119 |
|
DoS Overflow |
2002-12-31 |
2017-07-28 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Calisto Internet Talker 0.04 and earlier allows remote attackers to cause a denial of service (hang) via a long request, possibly triggering a buffer overflow. |
|
40 |
CVE-2002-2286 |
189 |
|
DoS |
2002-12-31 |
2017-07-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The parse-get function in utils.c for apt-www-proxy 0.1 allows remote attackers to cause a denial of service (crash) via an empty HTTP request, which causes a null dereference. |
|
41 |
CVE-2002-2272 |
119 |
|
DoS Overflow |
2002-12-31 |
2017-07-28 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Tomcat 4.0 through 4.1.12, using mod_jk 1.2.1 module on Apache 1.3 through 1.3.27, allows remote attackers to cause a denial of service (desynchronized communications) via an HTTP GET request with a Transfer-Encoding chunked field with invalid values. |
|
42 |
CVE-2002-2271 |
119 |
|
DoS Overflow |
2002-12-31 |
2017-07-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in BigFun 1.51b IRC client, when the Direct Client Connection (DCC) option is used, allows remote attackers to cause a denial of service (crash) via a long string. |
|
43 |
CVE-2002-2266 |
|
|
DoS |
2002-12-31 |
2017-07-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
NetScreen ScreenOS 2.8 through 4.0, when forwarding H.323 or Netmeeting traffic, allows remote attackers to cause a denial of service (firewall session table consumption) by establishing multiple half-open H.323 sessions, which are not cleaned up on garbage removal and do not time out for 36 hours. |
|
44 |
CVE-2002-2264 |
|
|
DoS |
2002-12-31 |
2008-09-05 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Unspecified vulnerability in Internet Group Management Protocol (IGMP) of HP Tru64 4.0F through 5.1A allows remote attackers to cause a denial of service via unknown attack vectors. NOTE: this might be the same issue as CVE-2002-2185, but there are insufficient details to be certain. |
|
45 |
CVE-2002-2262 |
|
|
DoS |
2002-12-31 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Unspecified vulnerability in xntpd of HP-UX 10.20 through 11.11 allows remote attackers to cause a denial of service (hang) via unknown attack vectors. |
|
46 |
CVE-2002-2258 |
119 |
|
DoS Overflow |
2002-12-31 |
2017-07-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Moby NetSuite allows remote attackers to cause a denial of service (crash) via an HTTP POST request with a (1) large integer or (2) non-numeric value in the Content-Length header, which causes an access violation after a failed atoi function call. |
|
47 |
CVE-2002-2244 |
362 |
|
DoS |
2002-12-31 |
2017-07-28 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
Akfingerd 0.5 and earlier versions allow local users to cause a denial of service (crash) via a .plan with a symlink to /dev/urandom or other device, then disconnecting while data is being transferred, which causes a SIGPIPE error that Akfingerd cannot handle. |
|
48 |
CVE-2002-2243 |
|
|
DoS |
2002-12-31 |
2017-07-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Akfingerd 0.5 and possibly earlier versions only allows one connection at a time and does not time out connections, which allows remote attackers to cause a denial of service (refused connections) by opening a connection and not closing it. |
|
49 |
CVE-2002-2241 |
399 |
|
DoS Overflow |
2002-12-31 |
2017-07-28 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in httpd32.exe in Deerfield VisNetic WebSite before 3.5.15 allows remote attackers to cause a denial of service (crash) via a long HTTP OPTIONS request. |
|
50 |
CVE-2002-2239 |
20 |
|
DoS |
2002-12-31 |
2017-07-28 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
The Cisco Optical Service Module (OSM) for the Catalyst 6500 and 7600 series running Cisco IOS 12.1(8)E through 12.1(13.4)E allows remote attackers to cause a denial of service (hang) via a malformed packet. |
