The default configurations for DocuTech 6110 and DocuTech 6115 have a default administrative password of (1) "service!" on Solaris 8.0 or (2) "administ" on Windows NT, which allows remote attackers to...

Buffer overflow in the HttpGetRequest function in Zeroo HTTP server 1.5 allows remote attackers to execute arbitrary code via a long HTTP request.

Unknown vulnerability in Veritas Cluster Server (VCS) 1.2 for WindowsNT, Cluster Server 1.3.0 for Solaris, and Cluster Server 1.3.1 for HP-UX allows attackers to gain privileges via unknown attack vec...

Buffer overflow in gdam123 0.933 and 0.942 allows local users to execute arbitrary code via a long filename parameter.

The default configuration of the Windows binary release of MySQL 3.23.2 through 3.23.52 has a NULL root password, which could allow remote attackers to gain unauthorized root access to the MySQL datab...

Unknown vulnerability in pam_authz in the LDAP-UX Integration product on HP-UX 11.00 and 11.11 allows remote attackers to execute r-commands with privileges of other users.

Buffer overflow in Fake Identd 0.9 through 1.4 allows remote attackers to execute arbitrary code as root via a long request that is split into multiple packets.

Format string vulnerability in newsx NNTP client before 1.4.8 allows local users to execute arbitrary code via format string specifiers that are not properly handled in a call to the syslog function.

Format string vulnerability in the nn_exitmsg function in nn 6.6.0 through 6.6.3 allows remote NNTP servers to execute arbitrary code via format strings in server responses.

Multiple buffer overflows in DeleGate 7.7.0 through 7.8.1 allow remote attackers to execute arbitrary code, as demonstrated using a long USER command to the POP proxy.

The "block fragmented IP Packets" option in Symantec Norton Personal Firewall 2002 (NPW) does not properly protect against certain attacks on Windows vulnerabilities such as jolt2 (CVE-2000-0305).

Symantec Norton Personal Firewall 2002 allows remote attackers to bypass the portscan protection by using a (1) SYN/FIN, (2) SYN/FIN/URG, (3) SYN/FIN/PUSH, or (4) SYN/FIN/URG/PUSH scan.

NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus (NAV) 2002 allows remote attackers to bypass e-mail scanning via a filename in the Content-Type field with an excluded exten...

NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus 2002 allows remote attackers to bypass virus protection via a Word Macro virus with a .nch or .dbx extension, which is autom...

NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus (NAV) 2002 allows remote attackers to bypass the initial virus scan and cause NAV to prematurely stop scanning by using a no...

NOTE: this issue has been disputed by the vendor. Symantec Norton AntiVirus 2002 allows remote attackers to send viruses that bypass the e-mail scanning via a NULL character in the MIME header before ...

Buffer overflow in ICQ 2.6x for MacOS X 10.0 through 10.1.2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long request.

Microsoft Site Server 3.0 prior to SP4 installs a default user, LDAP_Anonymous, with a default password of LdapPassword_1, which allows remote attackers the "Log on locally" privilege.

Buffer overflow in tnslsnr of Oracle 8i Database Server 8.1.5 for Linux allows local users to execute arbitrary code as the oracle user via a long command line argument.

Multiple SQL injection vulnerabilities in PHProjekt 2.0 through 3.1 allow remote attackers to execute arbitrary SQL commands via the unknown attack vectors.

PHProjekt 2.0 through 3.1 relies on the $PHP_SELF variable for authentication, which allows remote attackers to bypass authentication for scripts via a request to a .php file with "sms" in the URL, wh...

csNewsPro.cgi in CGIScript.net csNews Professional (csNewsPro) allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.

csChatRBox.cgi in CGIScript.net csChat-R-Box allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.

csGuestbook.cgi in CGISCRIPT.NET csGuestbook 1.0 allows remote attackers to execute arbitrary Perl code via the setup parameter, which is processed by the Perl eval function.