| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Information leaks in IIS 4 through 5.1 allow remote attackers to obtain potentially sensitive information or more easily conduct brute force attacks via responses from the server in which (2) in certain configurations, the server IP address is provided as the realm for Basic authentication, which could reveal real IP addresses that were obscured by NAT, or (3) when NTLM authentication is used, the NetBIOS name of the server and its Windows NT domain are revealed in response to an Authorization request. NOTE: this entry originally contained a vector (1) in which the server reveals whether it supports Basic or NTLM authentication through 401 Access Denied error messages. CVE has REJECTED this vector; it is not a vulnerability because the information is already available through legitimate use, since authentication cannot proceed without specifying a scheme that is supported by both the client and the server. |
| Denial of service in Windows NT messenger service through a long username. |
| Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed SMB logon request in which the actual data size does not match the specified size. |
| Windows NT TCP/IP processes fragmented IP packets improperly, causing a denial of service. |
| Denial of service in Windows NT IIS server using ..\.. |
| IIS 4.0 allows local users to bypass the "User cannot change password" policy for Windows NT by directly calling .htr password changing programs in the /iisadmpwd directory, including (1) aexp2.htr, (2) aexp2b.htr, (3) aexp3.htr , or (4) aexp4.htr. |
| Buffer overflow in Cisco 7xx routers through the telnet service. |
| Buffer overflow in IP-Switch IMail and Seattle Labs Slmail 2.6 packages using a long VRFY command, causing a denial of service and possibly remote access. |
| ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs. |
| Remote execution of arbitrary commands through Guestbook CGI program. |
| Some filters or firewalls allow fragmented SYN packets with IP reserved bits in violation of their implemented policy. |
| Guessable magic cookies in X Windows allows remote attackers to execute commands, e.g. through xterm. |
| Remote attackers can access mail files via POP3 in some Linux systems that are using shadow passwords. |
| Linux cfingerd could be exploited to gain root access. |
| HP Remote Watch allows a remote user to gain root access. |
| Buffer overflow in nnrpd program in INN up to version 1.6 allows remote users to execute arbitrary commands. |
| A race condition in the authentication agent mechanism of sshd 1.2.17 allows an attacker to steal another user's credentials. |
| VPN Server module in Linksys EtherFast BEFVP41 Cable/DSL VPN Router before 1.40.1 reduces the key lengths for keys that are supplied via manual key entry, which makes it easier for attackers to crack the keys. |
| Cross-site scripting vulnerability in Splatt Forum 3.0 allows remote attackers to execute arbitrary script as other users via an [img] tag with a closing quote followed by the script. |
| Buffer overflow in listserv allows arbitrary command execution. |