search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-03-12 2002-01-10 2003-04-09 VU#168795 Oracle 9iAS allows anonymous remote users to view sensitive Apache services by default
2002-03-12 2002-01-10 2002-03-12 VU#736923 Oracle 9iAS SOAP components allow anonymous users to deploy applications by default
2002-03-11 2002-01-10 2002-11-15 VU#307835 Oracle9i Application Server OWA_UTIL procedures expose sensitive information
2002-03-11 2002-03-11 2005-07-08 VU#368819 Double Free Bug in zlib Compression Library Corrupts malloc's Internal Data Structures
2002-03-07 2002-03-07 2002-04-02 VU#408419 OpenSSH contains a one-off overflow of an array in the channel handling code
2002-03-06 2002-02-06 2002-03-06 VU#798611 Oracle 9iAS contains cross-site scripting vulnerability in "htp.print"
2002-03-06 2002-02-06 2002-03-06 VU#476619 Oracle 9iAS default configuration allows arbitrary users to view sensitive configuration files
2002-03-06 2002-02-06 2002-03-06 VU#977251 Oracle 9iAS XSQL Servlet ignores file permissions allowing arbitrary users to view sensitive configuration files
2002-03-06 2001-09-17 2002-03-06 VU#278971 Oracle 9i Application Server does not adequately handle requests for nonexistent JSP files thereby disclosing web folder path information
2002-03-04 2001-11-12 2002-04-16 VU#589523 Multiple implementations of the RADIUS protocol contain a digest calculation buffer overflow
2002-03-04 2001-11-29 2002-04-16 VU#936683 Multiple implementations of the RADIUS protocol do not adequately validate the vendor-length of the vendor-specific attributes
2002-03-04 2002-02-21 2002-03-06 VU#613459 Squid Proxy Server contains buffer overflow in parsing of the authentication portion of FTP URLs
2002-03-04 2002-02-27 2002-03-05 VU#310387 Cisco IOS discloses fragments of previous packets when Express Forwarding is enabled
2002-03-03 2002-03-02 2004-02-23 VU#165099 cryptcat does not encrypt data communications when -e command argument is used
2002-03-01 2002-02-27 2002-04-22 VU#234971 mod_ssl and Apache_SSL modules contain a buffer overflow in the implementation of the OpenSSL "i2d_SSL_SESSION" routine

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis