search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-09-26 2001-09-20 2002-09-26 VU#794211 Pi-Soft SpoonFTP does not adequately validate user input thereby allowing directory traversal
2002-03-06 2001-09-17 2002-03-06 VU#278971 Oracle 9i Application Server does not adequately handle requests for nonexistent JSP files thereby disclosing web folder path information
2002-04-01 2001-09-17 2002-05-03 VU#657899 Lotus Notes does not adequately secure databases thereby permitting arbitrary user to extract file attachments via NSFDbReadObject function call
2001-09-27 2001-09-14 2001-09-27 VU#914859 Microsoft Windows Index Server discloses sensitive configuration information via crafted request to SQLQHit.asp sample application
2002-09-24 2001-09-13 2002-09-24 VU#711491 Textor Webmasters Ltd listrec.pl does not adequately validate user input thereby allowing arbitrary commands to be executed
2002-02-11 2001-09-12 2002-04-15 VU#390280 KTH Kerberos Telnet implementations do not strictly enforce client encryption request
2002-02-04 2001-09-12 2002-02-25 VU#774587 Kerberos Telnet protocol does not adequately protect authentication and encryption options
2001-09-13 2001-09-12 2001-09-13 VU#167739 Trend Micro InterScan eManager vulnerable to remotely exploitable buffer overflow
2001-10-16 2001-09-11 2002-01-03 VU#466239 IBM AIX line printer daemon contains a buffer overflow in chk_fhost()
2001-10-16 2001-09-11 2001-11-09 VU#722143 IBM AIX line printer daemon contains a buffer overflow in send_status()
2001-10-16 2001-09-11 2002-01-03 VU#388183 IBM AIX line printer daemon contains a buffer overflow in kill_print()
2002-08-05 2001-09-10 2005-03-28 VU#177243 Mac OS X Finder creates world-readable ".FBCIndex" file thereby disclosing sensitive information
2001-11-15 2001-09-10 2002-09-10 VU#916443 HP Tru64 UNIX "msgchk" contains buffer overflow (SSRT2275)
2001-11-15 2001-09-10 2001-11-15 VU#440539 Digital Unix msgchk vulnerable to file contents disclosure via symlink redirection of profile
2001-09-25 2001-09-08 2002-02-08 VU#798263 Taylor UUCP Package fails to properly filter command line arguments

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis