search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2003-03-20 2002-10-18 2012-02-03 VU#464113 TCP/IP implementations handle unusual flag combinations inconsistently
2002-10-17 2002-10-17 2003-01-06 VU#459371 Multiple IPsec implementations do not adequately validate authentication data
2002-10-16 2002-10-15 2002-12-12 VU#169841 dvips uses system() function insecurely thereby allowing arbitrary command execution
2002-10-15 2002-10-15 2003-01-06 VU#539363 State-based firewalls fail to effectively manage session table resource exhaustion
2003-06-13 2002-10-14 2003-06-13 VU#248337 HP-UX fails to apply standard UNIX filesystem security measures when using OnLineJFS
2002-10-18 2002-10-11 2002-10-18 VU#482241 Avaya switches contains multiple undocumented accounts allowing full administrative access to the device
2002-10-10 2002-10-09 2003-04-09 VU#538033 ypxfrd daemon fails to properly validate user supplied arguments in "getdbm" procedure
2003-06-12 2002-10-09 2003-06-12 VU#102345 IBM AIX vulnerable to DoS
2002-10-08 2002-10-07 2003-03-07 VU#328867 Multiple vendors' firewalls do not adequately keep state of FTP traffic
2002-10-04 2002-10-02 2002-10-04 VU#840137 Microsoft Services for Unix 3.0 Interix SDK vulnerable to buffer overrun via RPC request containing improper parameter size check
2002-10-02 2002-10-02 2003-01-06 VU#383779 ZIP archives containing files with large filenames can cause buffer overflows
2002-10-03 2002-10-02 2002-10-03 VU#240329 Apache HTTPD server vulnerable to cross site scripting on error page when using wildcard DNS
2004-01-15 2002-10-01 2004-01-15 VU#891177 PostgreSQL VACUUM command allows unprivileged user to remove database transaction log data
2002-10-01 2002-10-01 2003-04-15 VU#738331 Domain Name System (DNS) resolver libraries vulnerable to read buffer overflow
2002-10-23 2002-09-30 2003-02-26 VU#875073 Kerberos administration daemon vulnerable to buffer overflow

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis