Total
12142 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2002-2444 | 1 Snoopy Project | 1 Snoopy | 2024-11-20 | 9.8 Critical |
| Snoopy before 2.0.0 has a security hole in exec cURL | ||||
| CVE-2002-2443 | 6 Canonical, Debian, Fedoraproject and 3 more | 11 Ubuntu Linux, Debian Linux, Fedora and 8 more | 2024-11-20 | N/A |
| schpw.c in the kpasswd service in kadmind in MIT Kerberos 5 (aka krb5) before 1.11.3 does not properly validate UDP packets before sending responses, which allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged packet that triggers a communication loop, as demonstrated by krb_pingpong.nasl, a related issue to CVE-1999-0103. | ||||
| CVE-2002-2433 | 1 Novell | 2 Netware, Netware Ftp Server | 2024-11-20 | N/A |
| NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote authenticated users to cause a denial of service (abend) via a crafted ABOR command. | ||||
| CVE-2002-2429 | 1 Goahead | 1 Goahead Webserver | 2024-11-20 | N/A |
| webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to cause a denial of service (daemon crash) via an HTTP POST request that contains a negative integer in the Content-Length header. | ||||
| CVE-2002-2428 | 1 Goahead | 1 Goahead Webserver | 2024-11-20 | N/A |
| webs.c in GoAhead WebServer before 2.1.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an HTTP POST request that contains a Content-Length header but no body data. | ||||
| CVE-2002-2423 | 1 Sendmail | 1 Sendmail | 2024-11-20 | N/A |
| Sendmail 8.12.0 through 8.12.6 truncates log messages longer than 100 characters, which allows remote attackers to prevent the IP address from being logged via a long IDENT response. | ||||
| CVE-2002-2421 | 1 Andrey Cherezov | 1 Acweb | 2024-11-20 | N/A |
| acWEB 1.14 allows remote attackers to cause a denial of service (crash) via an HTTP request for a MS-DOS device name such as COM2. | ||||
| CVE-2002-2420 | 1 Independent Solution | 2 Simple Site Searcher, Super Site Searcher | 2024-11-20 | N/A |
| site_searcher.cgi in Super Site Searcher allows remote attackers to execute arbitrary commands via shell metacharacters in the page parameter. | ||||
| CVE-2002-2415 | 1 Alliedtelesyn | 2 At-8024, Rapier 24 | 2024-11-20 | N/A |
| Allied Telesyn AT-8024 1.3.1 and Rapier 24 switches allow remote authenticated users to cause a denial of service in the management interface via a stream of zero (null) bytes sent via UDP to a running service. | ||||
| CVE-2002-2406 | 1 Perception | 1 Liteserve | 2024-11-20 | N/A |
| Buffer overflow in HTTP server in LiteServe 2.0, 2.0.1 and 2.0.2 allows remote attackers to cause a denial of service (hang) via a large number of percent characters (%) in an HTTP GET request. | ||||
| CVE-2002-2393 | 1 Solarwinds | 1 Serv-u File Server | 2024-11-20 | N/A |
| Serv-U FTP server 3.0, 3.1 and 4.0.0.4 does not accept new connections while validating user folder access rights, which allows remote attackers to cause a denial of service (no new connections) via a series of MKD commands. | ||||
| CVE-2002-2371 | 1 Linksys | 1 Wet11 | 2024-11-20 | N/A |
| Linksys WET11 firmware 1.31 and 1.32 allows remote attackers to cause a denial of service (crash) via a packet containing the device's hardware address as the source MAC address in the DLC header. | ||||
| CVE-2002-2365 | 1 Springer Verlag Berlin Heidelberg | 1 Simple Wais | 2024-11-20 | N/A |
| Simple WAIS (SWAIS) 1.11 allows remote attackers to execute arbitrary commands via the shell metacharacters in the search field, as demonstrated using the "|" (pipe) character. | ||||
| CVE-2002-2354 | 1 Netgear | 1 Fm114p | 2024-11-20 | N/A |
| Netgear FM114P firmware 1.3 wireless firewall allows remote attackers to cause a denial of service (crash or hang) via a large number of TCP connection requests. | ||||
| CVE-2002-2338 | 2 Mozilla, Netscape | 3 Mozilla, Communicator, Navigator | 2024-11-20 | N/A |
| The POP3 mail client in Mozilla 1.0 and earlier, and Netscape Communicator 4.7 and earlier, allows remote attackers to cause a denial of service (no new mail) via a mail message containing a dot (.) at a newline, which is interpreted as the end of the message. | ||||
| CVE-2002-2329 | 1 Mirabilis | 1 Icq | 2024-11-20 | N/A |
| ICQ client 2001b, 2002a and 2002b allows remote attackers to cause a denial of service (CPU consumption or crash) via a message with a large number of emoticons. | ||||
| CVE-2002-2328 | 1 Microsoft | 1 Windows 2000 | 2024-11-20 | N/A |
| Active Directory in Windows 2000, when supporting Kerberos V authentication and GSSAPI, allows remote attackers to cause a denial of service (hang) via an LDAP client that sets the page length to zero during a large request. | ||||
| CVE-2002-2325 | 1 University Of Washington | 1 Pine | 2024-11-20 | N/A |
| The c-client library in Internet Message Access Protocol (IMAP) dated before 2002 RC2, as used by Pine 4.20 through 4.44, allows remote attackers to cause a denial of service (client crash) via a MIME-encoded email with Content-Type header containing an empty boundary field. | ||||
| CVE-2002-2322 | 1 Ultimate Php Board | 1 Ultimate Php Board | 2024-11-20 | N/A |
| Ultimate PHP Board (UPB) 1.0b stores the users.dat data file under the web root with insufficient access control, which allows remote attackers to obtain usernames and passwords. | ||||
| CVE-2002-2314 | 1 Mozilla | 1 Mozilla | 2024-11-20 | N/A |
| Mozilla 1.0 allows remote attackers to steal cookies from other domains via a javascript: URL with a leading "//" and ending in a newline, which causes the host/path check to fail. | ||||