| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A weak encryption algorithm is used for passwords in Novell Remote.NLM, allowing them to be easily decrypted. |
| The remote proxy server in Winroute allows a remote attacker to reconfigure the proxy without authentication through the "cancel" button. |
| The rsync command before rsync 2.3.1 may inadvertently change the permissions of the client's working directory to the permissions of the directory being transferred. |
| The ICQ Webserver allows remote attackers to use .. to access arbitrary files outside of the user's personal directory. |
| A race condition in how procmail handles .procmailrc files allows a local user to read arbitrary files available to the user who is running procmail. |
| A weak encryption algorithm is used for passwords in SCO TermVision, allowing them to be easily decrypted by a local user. |
| The ffingerd 1.19 allows remote attackers to identify users on the target system based on its responses. |
| rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd. |
| Denial of service in WinGate proxy through a buffer overflow in POP3. |
| A remote attacker can gain access to a file system using .. (dot dot) when accessing SMB shares. |
| Anonymous FTP is enabled. |
| TFTP is not running in a restricted directory, allowing a remote attacker to access sensitive information such as password files. |
| A Windows NT 4.0 user can gain administrative rights by forcing NtOpenProcessToken to succeed regardless of the user's permissions, aka GetAdmin. |
| A Unix account has a guessable password. |
| A Windows NT local user or administrator account has a guessable password. |
| A Windows NT local user or administrator account has a default, null, blank, or missing password. |
| A Windows NT domain user or administrator account has a guessable password. |
| An account on a router, firewall, or other network device has a guessable password. |
| An account on a router, firewall, or other network device has a default, null, blank, or missing password. |
| Perl, sh, csh, or other shell interpreters are installed in the cgi-bin directory on a WWW site, which allows remote attackers to execute arbitrary commands. |
