search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-11-13 2002-11-12 2003-05-30 VU#229595 Overly large OPT record assertion
2002-11-04 2002-11-04 2003-04-09 VU#266817 Multiple Sun RPC-based libc implementations fails to provide time-out mechanism when reading data from TCP connections
2002-10-29 2002-09-26 2002-11-19 VU#910713 Apache discloses source code via POST requests to a location with WebDAV and CGI enabled
2002-10-29 2001-08-24 2002-10-29 VU#837419 Netegrity SiteMinder does not adequately validate user input thereby allowing user to bypass filters via crafted URL
2002-10-28 2002-04-15 2002-10-28 VU#582923 webalizer vulnerable to buffer overflow when performing reverse DNS lookups
2002-10-24 2001-04-20 2002-11-07 VU#887393 Microsoft Windows 2000 SNMP service leaks memory when querying printer objects if spooler service is stopped
2002-10-23 2002-09-30 2003-02-26 VU#875073 Kerberos administration daemon vulnerable to buffer overflow
2002-10-18 2002-10-11 2002-10-18 VU#482241 Avaya switches contains multiple undocumented accounts allowing full administrative access to the device
2002-10-17 2002-10-17 2003-01-06 VU#459371 Multiple IPsec implementations do not adequately validate authentication data
2002-10-17 2002-08-27 2002-10-28 VU#899713 Microsoft Word and Excel documents allow local file reading by via embedded fields
2002-10-17 2002-09-26 2002-10-17 VU#600777 gv contains buffer overflow in sscanf() function
2002-10-16 2002-10-15 2002-12-12 VU#169841 dvips uses system() function insecurely thereby allowing arbitrary command execution
2002-10-15 2002-10-15 2003-01-06 VU#539363 State-based firewalls fail to effectively manage session table resource exhaustion
2002-10-15 2002-02-22 2002-10-16 VU#868219 Multiple vendors' HTTP content/virus scanners do not check data tunneled via HTTP CONNECT method
2002-10-11 2002-09-09 2003-08-13 VU#140898 Microsoft Java implementation allows execution of malicious code

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis