| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A router's routing tables can be obtained from arbitrary hosts. |
| A Unix account with a name other than "root" has UID 0, i.e. root privileges. |
| Two or more Unix accounts have the same UID. |
| A system-critical Unix file or directory has inappropriate permissions. |
| IIS has the #exec function enabled for Server Side Include (SSI) files. |
| LetterMerger 1.2 stores user information in Access database files with insecure permissions, which allows local users to obtain sensitive information. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
| SunOS rpc.cmsd allows attackers to obtain root access by overwriting arbitrary files. |
| An attacker can write to syslog files from any location, causing a denial of service by filling up the logs, and hiding activities. |
| rpc.admind in Solaris is not running in a secure mode. |
| A URL for a WWW directory allows auto-indexing, which provides a list of all files in that directory if it does not contain an index.html file. |
| A router's configuration service or management interface (such as a web server or telnet) is configured to allow connections from arbitrary hosts. |
| .reg files are associated with the Windows NT registry editor (regedit), making the registry susceptible to Trojan Horse attacks. |
| A Windows NT system's file audit policy does not log an event success or failure for security-critical files or directories. |
| Cisco IOS 11.1CC through 12.2 with Cisco Express Forwarding (CEF) enabled includes portions of previous packets in the padding of a MAC level packet when the MAC packet's length is less than the IP level packet length. |
| A Windows NT system's registry audit policy does not log an event success or failure for non-critical registry keys. |
| The HKEY_LOCAL_MACHINE key in a Windows NT system has inappropriate, system-critical permissions. |
| The HKEY_CLASSES_ROOT key in a Windows NT system has inappropriate, system-critical permissions. |
| There is a one-way or two-way trust relationship between Windows NT domains. |
| A Windows NT administrator account has the default name of Administrator. |
| A network service is running on a nonstandard port. |