search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2000-10-05 2001-01-18 2002-03-05 VU#665372 SSH connections using RC4 and password authentication can be replayed
2000-09-26 2001-01-18 2002-03-05 VU#25309 Weak CRC allows RC4 encrypted SSH1 packets to be modified without notice
2000-10-27 2000-10-27 2002-03-05 VU#28027 Distributed GL Daemon (DGLD) allows attackers to identify IRIX systems
2000-09-26 2001-01-18 2002-03-05 VU#786900 SSH host key authentication can be bypassed when DNS is used to resolve localhost
2002-02-27 2002-02-27 2002-02-27 VU#297363 PHP contains vulnerability in "php_mime_split" function allowing arbitrary code execution
2002-02-27 2002-02-06 2002-02-27 VU#698467 Oracle 9iAS default configuration allows access to "globals.jsa" file
2002-02-27 2002-01-10 2002-02-27 VU#712723 Oracle 9iAS default configuration uses well-known default passwords
2002-02-04 2001-09-12 2002-02-25 VU#774587 Kerberos Telnet protocol does not adequately protect authentication and encryption options
2002-02-09 2001-07-18 2002-02-09 VU#116875 Adobe PhotoDeluxe does not adequately restrict Java execution
2001-09-25 2001-09-08 2002-02-08 VU#798263 Taylor UUCP Package fails to properly filter command line arguments
2002-01-16 2000-03-15 2002-01-31 VU#41301 AOL Instant Messenger buffer overflow in screename
2002-01-31 2001-08-14 2002-01-31 VU#726891 Novell Groupwise contains protocol implementation vulnerability allowing email to be viewed by unauthorized user
2002-01-31 2000-05-08 2002-01-31 VU#24447 AOL Instant Messenger exposes local file path during file transfers
2002-01-31 2001-10-01 2002-01-31 VU#507771 AOL Instant Messenger vulnerable to DoS via crafted packets
2001-12-12 2001-11-13 2002-01-31 VU#880624 Compaq Tru64 Unix inetd vulnerable to DoS

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis