Buffer overflow in Trend Micro Virus Buster 2001 8.02 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long "From" header.

vim (aka gvim) allows local users to modify files being edited by other users via a symlink attack on the backup and swap files, when the victim is editing the file in a world writable directory.

vim (aka gvim) processes VIM control codes that are embedded in a file, which could allow attackers to execute arbitrary commands when another user opens a file containing malicious VIM control codes.

Directory traversal vulnerability in JavaServer Web Dev Kit (JSWDK) 1.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request to the WEB-INF directory.

/opt/JSparm/bin/perfmon program in Solaris allows local users to create arbitrary files as root via the Logging File option in the GUI.

IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port.

Buffer overflow in tip in Solaris 8 and earlier allows local users to execute arbitrary commands via a long HOME environmental variable.

Caucho Resin 1.3b1 and earlier allows remote attackers to read source code for Javabean files by inserting a .jsp before the WEB-INF specifier in an HTTP request.

The BAT! mail client allows remote attackers to bypass user warnings of an executable attachment and execute arbitrary commands via an attachment whose file name contains many spaces, which also causes the BAT! to misrepresent the attachment's type with a different icon.

Buffer overflow in Silent Runner Collector (SRC) 1.6.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long SMTP HELO command.

Navision Financials Server 2.0 allows remote attackers to cause a denial of service via a series of connections to the server without providing a username/password combination, which consumes the license limits.

Navision Financials Server 2.60 and earlier allows remote attackers to cause a denial of service by sending a null character and a long string to the server port (2407), which causes the server to crash.

banners.php in PHP-Nuke 4.4 and earlier allows remote attackers to modify banner ad URLs by directly calling the Change operation, which does not require authentication.

Computer Associates CCC\Harvest 5.0 for Windows NT/2000 uses weak encryption for passwords, which allows a remote attacker to gain privileges on the application.

Crosscom/Olicom XLT-F running XL 80 IM Version 5.5 Build Level 2 allows a remote attacker SNMP read and write access via a default, undocumented community string 'ILMI'.

Vulnerability in the newgrp program included with HP9000 servers running HP-UX 11.11 allows a local attacker to obtain higher access rights.

Infradig Inframail prior to 3.98a allows a remote attacker to create a denial of service via a malformed POST request which includes a space followed by a large string.

SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC with IKE pre-shared keys do not allow for the use of full 128 byte IKE pre-shared keys, which is the intended design of the IKE pre-shared key, and only support 48 byte keys. This allows a remote attacker to brute force attack the pre-shared keys with significantly less resources than if the full 128 byte IKE pre-shared keys were used.

Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authentication to a TACACS+ server allows remote attackers to cause a denial of service via a large number of authentication requests.

The HTTP server in Compaq web-enabled management software for (1) Foundation Agents, (2) Survey, (3) Power Manager, (4) Availability Agents, (5) Intelligent Cluster Administrator, and (6) Insight Manager can be used as a generic proxy server, which allows remote attackers to bypass access restrictions via the management port, 2301.

The default configuration of the Dr. Watson program in Windows NT and Windows 2000 generates user.dmp crash dump files with world-readable permissions, which could allow a local user to gain access to sensitive information.

Akopia Interchange 4.5.3 through 4.6.3 installs demo stores with a default group account :backup with no password, which allows a remote attacker to gain administrative access via the demo stores (1) barry, (2) basic, or (3) construct.

Race condition in the UFS and EXT2FS file systems in FreeBSD 4.2 and earlier, and possibly other operating systems, makes deleted data available to user processes before it is zeroed out, which allows a local user to access otherwise restricted information.

ASCII Armor parser in Windows PGP 7.0.3 and earlier allows attackers to create files in arbitrary locations via a malformed ASCII armored file.

Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection.