search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-11-19 2002-11-01 2002-12-10 VU#930161 NetScreen Secure Command Shell (SCS) denial-of-service vulnerability
2002-12-09 2002-12-06 2002-12-09 VU#961489 University of Washington IMAP Server vulnerable to buffer overflow after login
2002-06-05 2002-05-29 2002-12-06 VU#779163 Microsoft Exchange 2000 exhausts server resources while attempting to process malformed mail attributes
2002-06-26 2002-06-24 2002-12-06 VU#369347 OpenSSH vulnerabilities in challenge response handling
2001-01-29 2001-01-29 2002-12-06 VU#868916 ISC BIND 4 contains input validation error in nslookupComplain()
2002-12-06 2002-09-18 2002-12-06 VU#865833 Microsoft Windows Remote Desktop Protocol (RDP) uses weak algorithm for encrypting packets
2001-11-20 2001-11-20 2002-12-06 VU#898480 MandrakeSoft Mandrake Linux Apache default configuration sample programs disclose server information
2001-11-21 2001-11-20 2002-12-06 VU#913704 MandrakeSoft Mandrake Linux Apache default configuration enables directory indexing
2002-12-05 2002-11-27 2002-12-06 VU#683673 Sun Solaris priocntl(2) does not adequately validate path to kernel modules that implement lightweight process (LWP) scheduling policy
2002-12-03 2002-12-03 2002-12-05 VU#740169 Cyrus IMAP Server contains a buffer overflow vulnerability
2002-11-20 2002-11-20 2002-11-21 VU#181721 Alcatel Operating System (AOS) does not require a password for accessing the telnet server
2002-10-29 2002-09-26 2002-11-19 VU#910713 Apache discloses source code via POST requests to a location with WebDAV and CGI enabled
2002-11-19 2002-10-30 2002-11-19 VU#361065 The default NTFS permissions are not applied to a converted boot partition on Microsoft Windows 2000 and Windows XP systems when CONVERT.EXE is used
2001-11-19 2001-11-19 2002-11-15 VU#279763 RhinoSoft Serv-U remote administration client transmits password in plaintext
2002-06-04 2002-05-27 2002-11-15 VU#997403 Oracle Reports Server Reports Web Cartridge (RWCGI60) vulnerable to buffer overflow via database name parameter

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis