search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-05-08 2002-05-08 2003-01-13 VU#854315 ISC DHCPD contains format string vulnerability when logging DNS-update requests
2002-05-06 2002-05-05 2002-05-14 VU#635811 Sun Solaris cachefsd vulnerable to heap overflow in cfsd_calloc() function via long string of characters
2002-04-30 2002-04-29 2002-05-02 VU#638099 rpc.rwalld contains remotely exploitable format string vulnerability
2002-04-29 1999-02-01 2003-03-26 VU#2558 File Transfer Protocol allows data connection hijacking via PASV mode race condition
2002-04-26 2002-04-25 2002-04-26 VU#820083 sudo vulnerable to heap corruption via -p parameter
2002-04-11 2002-03-21 2002-05-28 VU#124003 Apache HTTP Server on Win32 systems does not securely handle input passed to CGI programs
2002-04-10 2002-04-10 2004-02-23 VU#363715 Microsoft Internet Information Server (IIS) vulnerable to heap overflow during processing of crafted ".htr" request by "ISM.DLL" ISAPI filter
2002-04-10 2002-04-10 2002-04-10 VU#883091 Microsoft Internet Information Server (IIS) contains cross-site scripting vulnerability in IIS Help Files search facility
2002-04-10 2002-04-10 2004-02-23 VU#886699 Microsoft Internet Information Server (IIS) contains cross-site scripting vulnerability in HTTP error page results
2002-04-10 2002-04-10 2002-04-10 VU#520707 0 Microsoft Internet Information Server (IIS) contains cross-site scripting vulnerability in redirect response messages
2002-04-10 2002-04-10 2002-04-10 VU#412203 Microsoft Internet Information Server (IIS) vulnerable to DoS via malformed FTP connection status request
2002-04-10 2002-04-10 2002-04-10 VU#454091 Microsoft Internet Information Server (IIS) vulnerable to buffer overflow via inaccurate checking of delimiters in HTTP header fields
2002-04-10 2002-04-10 2002-04-10 VU#721963 Microsoft Internet Information Server (IIS) buffer overflow in server-side includes (SSI) containing long invalid file name
2002-04-10 2002-04-10 2002-04-10 VU#521059 Microsoft Internet Information Server (IIS) vulnerable to DoS when URL request exceeds maximum allowed length
2002-04-10 2002-04-10 2002-06-13 VU#610291 Microsoft Internet Information Server (IIS) 4.0 and 5.0 buffer overflow in chunked encoding transfer mechanism for ASP

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis