The Windows NT RPC service allows remote attackers to conduct a denial of service using spoofed malformed RPC packets which generate an error message that is sent to the spoofed host, potentially sett...

Race condition in xterm allows local users to modify arbitrary files via the logging option.

HPUX sysdiag allows local users to gain root privileges via a symlink attack during log file creation.

Buffer overflow in Yamaha MidiPlug via a Text variable in an EMBED tag.

Buffer overflow in Internet Mail Service (IMS) for Microsoft Exchange 5.5 and 5.0 allows remote attackers to conduct a denial of service via AUTH or AUTHINFO commands.

Denial of service in Debian IRC Epic/epic4 client via a long string.

classifieds.cgi allows remote attackers to read arbitrary files via shell metacharacters.

TeamTrack web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.

Buffer overflow in Mediahouse Statistics Server allows remote attackers to execute commands.

wwwboard allows a remote attacker to delete message board articles via a malformed argument.

Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remote attackers to conduct a denial of service via a large number of HTTP GET requests.

Buffer overflow in SmartDesk WebSuite allows remote attackers to cause a denial of service via a long URL.

NTMail allows remote attackers to read arbitrary files via a .. (dot dot) attack.

UnityMail allows remote attackers to conduct a denial of service via a large number of MIME headers.

The Syntax Checker in ColdFusion Server 4.0 allows remote attackers to conduct a denial of service.

An example application in ColdFusion Server 4.0 allows remote attackers to view source code via the sourcewindow.cfm file.

BMC Patrol allows any remote attacker to flood its UDP port, causing a denial of service.

The Preloader ActiveX control used by Internet Explorer allows remote attackers to read arbitrary files.

URL Live! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.

Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, which could then be cached by a proxy and inadvertently used by a different user.

Denial of service in Solaris TCP streams driver via a malicious connection that causes the server to panic as a result of recursive calls to mutex_enter.

Denial of service in Axent Raptor firewall via malformed zero-length IP options.

Buffer overflow in BFTelnet allows remote attackers to cause a denial of service via a long username.

iChat ROOMS Webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack.