search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2001-07-29 2001-07-12 2004-02-23 VU#656315 Cisco IOS vulnerable to DoS via crafted PPTP packet sent to port 1723/tcp
2002-04-02 2002-04-01 2004-02-23 VU#640827 IBM AIX Parallel Systems Support Program (PSSP) contains vulnerability in File Collections subsystem allowing arbitrary access to sensitive configuration files
2003-05-05 2003-04-24 2004-02-23 VU#443257 Cisco Catalyst switches allow access to "enable mode" without password
2002-09-16 2002-07-27 2004-02-23 VU#377003 Hewlett Packard JetDirect-enabled printers disclose Telnet/HTTP passwords in hex format via "SNMP READ" request
2001-08-10 2000-05-25 2004-02-23 VU#37526 0 Netscape fails to revalidate certificates if a user has previously acknowledged a certificate to be non-matching
2002-04-10 2002-04-10 2004-02-23 VU#363715 Microsoft Internet Information Server (IIS) vulnerable to heap overflow during processing of crafted ".htr" request by "ISM.DLL" ISAPI filter
2002-06-13 2002-06-12 2004-02-23 VU#313819 Microsoft Internet Information Server (IIS) contains remote buffer overflow in chunked encoding data transfer mechanism for HTR
2001-05-01 2001-03-26 2004-02-23 VU#249224 Hewlett-Packard HP-UX newgrp command does not function properly
2003-10-07 2003-07-19 2004-02-23 VU#246409 CGI.pm vulnerable to Cross-site Scripting
2002-09-16 2001-03-31 2004-02-23 VU#229955 Nobreak CrazyWWWBoard contains buffer overflow via User-Agent field
2002-03-29 2001-06-19 2004-02-23 VU#219043 Netwin Surge FTP Server does not adequately validate user input thereby allowing directory traversal
2002-03-03 2002-03-02 2004-02-23 VU#165099 cryptcat does not encrypt data communications when -e command argument is used
2003-07-18 1998-05-21 2004-02-23 VU#12212 Weaknesses in MIT magic cookie and XDM X Windows authorization
2004-02-23 2004-02-10 2004-02-23 VU#445214 Microsoft Windows Internet Naming Service (WINS) fails to properly validate the length of specially crafted packets
2003-12-20 2003-12-09 2004-02-17 VU#652278 Microsoft Internet Explorer does not properly display URLs

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis