| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| When compiled with the -DALLOW_UPDATES option, bind allows dynamic updates to the DNS server, allowing for malicious modification of DNS records. |
| In SunOS or Solaris, a remote user could connect from an FTP server's data port to an rlogin server on a host that trusts the FTP server, allowing remote command execution. |
| In Solaris, an SNMP subagent has a default community string that allows remote attackers to execute arbitrary commands as root, or modify system parameters. |
| The passwd command in Solaris can be subjected to a denial of service. |
| Solaris rpcbind listens on a high numbered UDP port, which may not be filtered since the standard port number is 111. |
| Solaris rpcbind can be exploited to overwrite arbitrary files and gain root access. |
| IIS newdsn.exe CGI script allows remote users to overwrite files. |
| Buffer overflow in telnet daemon tgetent routing allows remote attackers to gain root access via the TERMCAP environmental variable. |
| Denial of service in Ascend and 3com routers, which can be rebooted by sending a zero length TCP option. |
| Denial of service in in.comsat allows attackers to generate messages. |
| Denial of service in RPC portmapper allows attackers to register or unregister RPC services or spoof RPC services using a spoofed source IP address such as 127.0.0.1. |
| websendmail in Webgais 1.0 allows a remote user to access arbitrary files and execute arbitrary code via the receiver parameter ($VAR_receiver variable). |
| finger 0@host on some systems may print information on some user accounts. |
| finger .@host on some systems may print information on some user accounts. |
| Windows NT FTP server (WFTP) with the guest account enabled without a password allows an attacker to log into the FTP server using any username and password. |
| A quote cwd command on FTP servers can reveal the full path of the home directory of the "ftp" user. |
| The GNU tar command, when used in FTP sessions, may allow an attacker to execute arbitrary commands. |
| In Sendmail, attackers can gain root privileges via SMTP by specifying an improper "mail from" address and an invalid "rcpt to" address that would cause the mail to bounce to a program. |
| Sendmail 8.6.9 allows remote attackers to execute root commands, using ident. |
| Denial of service in Sendmail 8.6.11 and 8.6.12. |