CVSS:5.0(Medium)
WebSite Pro allows remote attackers to determine the real pathname of webdirectories via a malformed URL request.
CVSS:5.0(Medium)
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters.
CVSS:5.0(Medium)
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script.
CVSS:5.0(Medium)
Buffer overflow in aVirt Rover POP3 server 1.1 allows remote attackers to cause a denial of service via a long user name.
CVSS:5.0(Medium)
Network HotSync program in Handspring Visor does not have authentication, which allows remote attackers to retrieve email and files.
CVSS:5.0(Medium)
IMail IMONITOR status.cgi CGI script allows remote attackers to cause a denial of service with many calls to status.cgi.
CVSS:5.0(Medium)
search.cgi in the SolutionScripts Home Free package allows remote attackers to view directories via a .. (dot dot) attack.
CVSS:5.0(Medium)
The Allaire Spectra Configuration Wizard allows remote attackers to cause a denial of service by repeatedly resubmitting data collections for indexing via a URL.
CVSS:4.6(Medium)
The Allaire Spectra Webtop allows authenticated users to access other Webtop sections by specifying explicit URLs.
CVSS:5.0(Medium)
Buffer overflow in Yahoo Pager/Messenger client allows remote attackers to cause a denial of service via a long URL within a message.
CVSS:6.4(Medium)
MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege.
CVSS:5.0(Medium)
Macintosh systems generate large ICMP datagrams in response to malformed datagrams, allowing them to be used as amplifiers in a flood attack.
CVSS:5.0(Medium)
AltaVista search engine allows remote attackers to read files above the document root via a .. (dot dot) in the query.cgi CGI program.
CVSS:4.6(Medium)
Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file.
CVSS:5.0(Medium)
Outlook Express 5 for Macintosh downloads attachments to HTML mail without prompting the user, aka the "HTML Mail Attachment" vulnerability.
CVSS:4.6(Medium)
resend command in Majordomo allows local users to gain privileges via shell metacharacters.
CVSS:5.0(Medium)
Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords."
CVSS:5.0(Medium)
InterScan VirusWall SMTP scanner does not properly scan messages with malformed attachments.
CVSS:6.2(Medium)
The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack.
CVSS:5.0(Medium)
Solaris dmispd dmi_cmd allows local users to fill up restricted disk space by adding files to the /var/dmi/db database.
CVSS:4.6(Medium)
UnixWare pis and mkpis commands allow local users to gain privileges via a symlink attack.
CVSS:6.2(Medium)
IBM Network Station Manager NetStation allows local users to gain privileges via a symlink attack.
CVSS:5.0(Medium)
IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka th...
CVSS:6.4(Medium)
IIS does not properly canonicalize URLs, potentially allowing remote attackers to bypass access restrictions in third-party software via escape characters, aka the "Escape Character Parsing" vulnerabi...