L-Forum 2.40 and earlier does not properly verify whether a file was uploaded or if the associated variables were set by POST (attachment, attachment_name, attachment_size and attachment_type), which allows remote attackers to read arbitrary files.

Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when the "Enable HTML in messages" option is off, allows remote attackers to insert arbitrary script or HTML via message fields including (1) From, (2) E-Mail, and (3) Subject.

Cross-site scripting vulnerability in L-Forum 2.40 and earlier, when the "Enable HTML in messages" option is on, allows remote attackers to insert arbitrary script or HTML via message fields including (1) From, (2) E-Mail, (3) Subject and (4) Body.

SQL injection vulnerability in search.php for L-Forum 2.40 allows remote attackers to execute arbitrary SQL statements via the search parameter.

Buffer overflow in mIRC 6.0.2 and earlier allows remote attackers to execute arbitrary code via a long $asctime value.

Multiple cross-site scripting (XSS) vulnerabilities in OmniHTTPd allow remote attackers to insert script or HTML into web pages via (1) test.php, (2) test.shtml, or (3) redir.exe.

MyWebServer 1.0.2 allows remote attackers to determine the absolute path of the web document root via a request for a directory that does not exist, which leaks the pathname in an error message.

Buffer overflow in utmp_update for Solaris 2.6 through 9 allows local users to gain root privileges, as identified by Sun BugID 4659277, a different vulnerability than CVE-2003-1082.

Format string vulnerability in Crob FTP Server 2.60.1 allows remote attackers to cause a denial of service (crash) via "%s" or "%n" sequences in (1) the username during login, or other FTP commands such as (2) dir.

The Telnet daemon (in.telnetd) for Solaris 2.6 through 9 allows remote attackers to cause a denial of service (CPU consumption by infinite loop).

Buffer overflow in catmail for ListProc 8.2.09 and earlier allows remote attackers to execute arbitrary code via a long ULISTPROC_UMASK value.

Cross-site scripting (XSS) vulnerability in the web interface for Request Tracker (RT) 1.0 through 1.0.7 allows remote attackers to execute script via message bodies.

admin.php in miniPortail allows remote attackers to gain administrative privileges by setting the miniPortailAdmin cookie to an "adminok" value.

Buffer overflow in Personal FTP Server allows remote attackers to execute arbitrary code via a long USER argument.

Buffer overflow in youbin allows local users to gain privileges via a long HOME environment variable.

SLWebMail 3 on Windows systems allows remote attackers to identify the full path of the server via invalid requests to DLLs such as WebMailReq.dll, which reveals the path in an error message.

ShowGodLog.dll in SLWebMail 3 on Windows systems allows remote attackers to read arbitrary files by directly calling ShowGodLog.dll with an argument specifying the full path of the target file.

Multiple buffer overflows in SLWebMail 3 on Windows systems allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long Language parameter to showlogin.dll, (2) a long CompanyID parameter to recman.dll, (3) a long CompanyID parameter to admin.dll, or (4) a long CompanyID parameter to globallogin.dll.

Race condition in SDBINST for SAP database 7.3.0.29 creates critical files with world-writable permissions before initializing the setuid bits, which allows local attackers to gain root privileges by modifying the files before the permissions are changed.

Multiple buffer overflows in SLMail 5.1.0.4420 allows remote attackers to execute arbitrary code via (1) a long EHLO argument to slmail.exe, (2) a long XTRN argument to slmail.exe, (3) a long string to POPPASSWD, or (4) a long password to the POP3 server.

Multiple buffer overflows in Floosietek FTGate Pro Mail Server (FTGatePro) 1.22 allow remote attackers to execute arbitrary code via long (1) MAIL FROM or (2) RCPT TO commands.

leksbot 1.2.3 in Debian GNU/Linux installs the KATAXWR as setuid root, which allows local users to gain root privileges by exploiting unknown vulnerabilities related to the escalated privileges, which KATAXWR is not designed to have.

fuzz 0.6 and earlier creates temporary files insecurely, which could allow local users to gain root privileges.

Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7A allow remote attackers to cause a denial of service (slowdown and possibly reload) via a flood of malformed ICMP packets.

Cisco VPN 3000 series concentrators and Cisco VPN 3002 Hardware Client 2.x.x through 3.6.7 allows remote attackers to cause a denial of service (reload) via a malformed SSH initialization packet.