| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A URL for a WWW directory allows auto-indexing, which provides a list of all files in that directory if it does not contain an index.html file. |
| A router's configuration service or management interface (such as a web server or telnet) is configured to allow connections from arbitrary hosts. |
| .reg files are associated with the Windows NT registry editor (regedit), making the registry susceptible to Trojan Horse attacks. |
| A Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories. |
| Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding (CEF) enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet's length is less than the IP level packet length. |
| A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys. |
| The HKEY_LOCAL_MACHINE key in a Windows NT system has inappropriate, system-critical permissions. |
| The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate, system-critical permissions. |
| There is a one-way or two-way trust relationship between Windows NT domains. |
| A Windows NT administrator account has the default name of Administrator. |
| A network service is running on a nonstandard port. |
| Buffer overflow in Solaris kcms_configure command allows local users to gain root access. |
| A Windows NT system does not restrict access to removable media drives such as a floppy disk drive or CDROM drive. |
| An event log in Windows NT has inappropriate access permissions. |
| The default setting for the Winlogon key entry ShutdownWithoutLogon in Windows NT allows users with physical access to shut down a Windows NT system without logging in. |
| A Windows NT system does not clear the system page file during shutdown, which might allow sensitive information to be recorded. |
| A Windows NT log file has an inappropriate maximum size or retention period. |
| FreeBSD mmap function allows users to modify append-only or immutable files. |
| A network intrusion detection system (IDS) does not properly handle packets with improper sequence numbers. |
| A network intrusion detection system (IDS) does not verify the checksum on a packet. |