| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| TFTP is not running in a restricted directory, allowing a remote attacker to access sensitive information such as password files. |
| Denial of service in WinGate proxy through a buffer overflow in POP3. |
| rpc.statd allows remote attackers to forward RPC calls to the local operating system via the SM_MON and SM_NOTIFY commands, which in turn could be used to remotely exploit other bugs such as in automountd. |
| The ffingerd 1.19 allows remote attackers to identify users on the target system based on its responses. |
| ControlIT 4.5 and earlier (aka Remotely Possible) has weak password encryption. |
| rpc.pcnfsd in HP gives remote root access by changing the permissions on the main printer spool directory. |
| Local or remote users can force ControlIT 4.5 to reboot or force a user to log out, resulting in a denial of service. |
| ControlIT v4.5 and earlier uses weak encryption to store usernames and passwords in an address book. |
| Digital Unix 4.0 has a buffer overflow in the inc program of the mh package. |
| ptylogin in Unix systems allows users to perform a denial of service by locking out modems, dial out with that modem, or obtain passwords. |
| WS_FTP server remote denial of service through cwd command. |
| Microsoft Access 97 stores a database password as plaintext in a foreign mdb, allowing access to data. |
| The metamail package allows remote command execution using shell metacharacters that are not quoted in a mailcap entry. |
| In some cases, Service Pack 4 for Windows NT 4.0 can allow access to network shares using a blank password, through a problem with a null NT hash value. |
| NetBSD netstat command allows local users to access kernel memory. |
| Linux ftpwatch program allows local users to gain root privileges. |
| Lynx allows a local user to overwrite sensitive files through /tmp symlinks. |
| Buffer overflow in the "Super" utility in Debian GNU/Linux, and other operating systems, allows local users to execute commands as root. |
| Debian GNU/Linux cfengine package is susceptible to a symlink attack. |
| Buffer overflow in webd in Network Flight Recorder (NFR) 2.0.2-Research allows remote attackers to execute commands. |