Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

openpkg openpkg 1.3 vulnerabilities and exploits

(subscribe to this query)
5
CVSSv2
CVE-2003-0190
OpenSSH-portable (OpenSSH) 3.6.1p1 and previous versions with PAM support enabled immediately sends an error message when a user does not exist, which allows remote malicious users to determine valid usernames via a timing attack.
Openbsd OpensshOpenbsd Openssh 3.6.1Openpkg Openpkg 1.3Openpkg Openpkg 1.2Siemens Scalance X204rna Ecc FirmwareSiemens Scalance X204rna Firmware
4.3
CVSSv2
CVE-2003-0615
Cross-site scripting (XSS) vulnerability in start_form() of CGI.pm allows remote malicious users to insert web script via a URL that is fed into the form's action parameter.
Cgi.pm Cgi.pm 2.75Cgi.pm Cgi.pm 2.751Openpkg Openpkg 1.3Openpkg Openpkg CurrentCgi.pm Cgi.pm 2.753Cgi.pm Cgi.pm 2.76Cgi.pm Cgi.pm 2.73Cgi.pm Cgi.pm 2.74Cgi.pm Cgi.pm 2.93Openpkg Openpkg 1.2Cgi.pm Cgi.pm 2.78Cgi.pm Cgi.pm 2.79Debian Debian Linux 3.0
6.9
CVSSv2
CVE-2004-0940
Buffer overflow in the get_tag function in mod_include for Apache 1.3.x to 1.3.32 allows local users who can create SSI documents to execute arbitrary code as the apache user via SSI (XSSI) documents that trigger a length calculation error.
Openpkg Openpkg 2.0Openpkg Openpkg 2.1Openpkg Openpkg 2.2Apache Http ServerSlackware Slackware Linux 9.0Slackware Slackware Linux 8.1Slackware Slackware Linux 10.0Hp Hp-ux 11.11Suse Suse Linux 9.2Suse Suse Linux 9.0Slackware Slackware Linux 8.0Suse Suse Linux 8.2Slackware Slackware Linux 9.1Slackware Slackware Linux CurrentSuse Suse Linux 8.0Trustix Secure Linux 1.5Hp Hp-ux 11.00Hp Hp-ux 11.22Suse Suse Linux 9.1Hp Hp-ux 11.20Suse Suse Linux 8.1
10
CVSSv2
CVE-2004-0414
CVS 1.12.x up to and including 1.12.8, and 1.11.x up to and including 1.11.16, does not properly handle malformed "Entry" lines, which prevents a NULL terminator from being used and may lead to a denial of service (crash), modification of critical program data, or arbit...
Cvs Cvs 1.11.14Cvs Cvs 1.11.15Cvs Cvs 1.12.1Cvs Cvs 1.12.2Sgi Propack 2.4Sgi Propack 3.0Cvs Cvs 1.11Cvs Cvs 1.11.1Cvs Cvs 1.11.1 P1Cvs Cvs 1.11.3Cvs Cvs 1.11.4Cvs Cvs 1.12.8Openpkg OpenpkgCvs Cvs 1.10.7Cvs Cvs 1.10.8Cvs Cvs 1.11.16Cvs Cvs 1.11.2Cvs Cvs 1.12.5Cvs Cvs 1.12.7Cvs Cvs 1.11.10Cvs Cvs 1.11.11Cvs Cvs 1.11.5
10
CVSSv2
CVE-2004-0418
serve_notify in CVS 1.12.x up to and including 1.12.8, and 1.11.x up to and including 1.11.16, does not properly handle empty data lines, which may allow remote malicious users to perform an "out-of-bounds" write for a single byte to execute arbitrary code or modify cri...
Cvs Cvs 1.11.10Cvs Cvs 1.11.11Cvs Cvs 1.11.6Cvs Cvs 1.12.1Openpkg Openpkg 2.0Sgi Propack 2.4Cvs Cvs 1.10.8Cvs Cvs 1.11Cvs Cvs 1.11.16Cvs Cvs 1.11.2Cvs Cvs 1.11.3Cvs Cvs 1.12.7Cvs Cvs 1.12.8Cvs Cvs 1.11.1Cvs Cvs 1.11.1 P1Cvs Cvs 1.11.4Cvs Cvs 1.11.5Openpkg OpenpkgOpenpkg Openpkg 1.3Cvs Cvs 1.10.7Cvs Cvs 1.11.14Cvs Cvs 1.11.15
10
CVSSv2
CVE-2004-0416
Double free vulnerability for the error_prog_name string in CVS 1.12.x up to and including 1.12.8, and 1.11.x up to and including 1.11.16, may allow remote malicious users to execute arbitrary code.
Cvs Cvs 1.10.7Cvs Cvs 1.10.8Cvs Cvs 1.11Cvs Cvs 1.11.16Cvs Cvs 1.11.2Cvs Cvs 1.12.5Cvs Cvs 1.12.7Cvs Cvs 1.11.10Cvs Cvs 1.11.11Cvs Cvs 1.11.5Cvs Cvs 1.11.6Openpkg Openpkg 1.3Openpkg Openpkg 2.0Cvs Cvs 1.11.14Cvs Cvs 1.11.15Cvs Cvs 1.12.1Cvs Cvs 1.12.2Sgi Propack 2.4Sgi Propack 3.0Cvs Cvs 1.11.1Cvs Cvs 1.11.1 P1Cvs Cvs 1.11.3
5
CVSSv2
CVE-2004-0417
Integer overflow in the "Max-dotdot" CVS protocol command (serve_max_dotdot) for CVS 1.12.x up to and including 1.12.8, and 1.11.x up to and including 1.11.16, may allow remote malicious users to cause a server crash, which could cause temporary data to remain undeleted...
Cvs Cvs 1.11.1Cvs Cvs 1.11.1 P1Cvs Cvs 1.11.3Cvs Cvs 1.11.4Openpkg OpenpkgOpenpkg Openpkg 1.3Cvs Cvs 1.10.7Cvs Cvs 1.11.14Cvs Cvs 1.11.15Cvs Cvs 1.12.1Cvs Cvs 1.12.2Sgi Propack 3.0Cvs Cvs 1.10.8Cvs Cvs 1.11Cvs Cvs 1.11.16Cvs Cvs 1.11.2Cvs Cvs 1.12.5Cvs Cvs 1.12.7Cvs Cvs 1.12.8Cvs Cvs 1.11.10Cvs Cvs 1.11.11Cvs Cvs 1.11.5
5
CVSSv2
CVE-2004-0421
The Portable Network Graphics library (libpng) 1.0.15 and previous versions allows malicious users to cause a denial of service (crash) via a malformed PNG image file that triggers an error that causes an out-of-bounds read when creating the error message.
Openpkg Openpkg 2.0Libpng Libpng 1.2.2Libpng Libpng 1.0.8Libpng Libpng 1.2.4Libpng Libpng 1.0.14Libpng Libpng 1.2.0Openpkg Openpkg 1.3Libpng Libpng 1.0.11Libpng Libpng 1.0.9Libpng Libpng 1.0.13Libpng Libpng 1.0.6Libpng Libpng 1.0.7Libpng Libpng 1.2.3Libpng Libpng 1.0.5Libpng Libpng 1.2.1Redhat Libpng 1.2.2-16Libpng Libpng 1.0.12Libpng Libpng 1.2.5Libpng Libpng 1.0.0Redhat Libpng 1.2.2-20Libpng Libpng 1.0.10Trustix Secure Linux 2.0
7.1
CVSSv2
CVE-2004-1471
Format string vulnerability in wrapper.c in CVS 1.12.x up to and including 1.12.8, and 1.11.x up to and including 1.11.16 allows remote attackers with CVSROOT commit access to cause a denial of service (application crash) and possibly execute arbitrary code via format string spec...
Cvs Cvs 1.11.10Cvs Cvs 1.11.11Cvs Cvs 1.11.5Cvs Cvs 1.11.6Openpkg Openpkg 2.0Openpkg Openpkg CurrentCvs Cvs 1.10.7Cvs Cvs 1.10.8Cvs Cvs 1.11Cvs Cvs 1.11.16Cvs Cvs 1.11.2Cvs Cvs 1.12.5Cvs Cvs 1.12.7Cvs Cvs 1.11.14Cvs Cvs 1.11.15Cvs Cvs 1.12.1Cvs Cvs 1.12.2Sgi Propack 2.4Sgi Propack 3.0Cvs Cvs 1.11.1Cvs Cvs 1.11.1 P1Cvs Cvs 1.11.3
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversalCVE-2024-26978CVE-2024-26982wirelessCVE-2023-6949CVE-2024-26980CVE-2024-32766CVE-2024-26939cache poisoning
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook