| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| The daytime service is running. |
| The chargen service is running. |
| The Gopher service is running. |
| The UUCP service is running. |
| The netstat service is running, which provides sensitive information to remote attackers. |
| The rsh/rlogin service is running. |
| A component service related to NIS+ is running. |
| The OS/2 or POSIX subsystem in NT is enabled. |
| The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names. |
| A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6. |
| A system-critical program or library does not have the appropriate patch, hotfix, or service pack installed, or is outdated or obsolete. |
| A system-critical program, library, or file has a checksum or other integrity measurement that indicates that it has been modified. |
| An application-critical Windows NT registry key has inappropriate permissions. |
| An application-critical Windows NT registry key has an inappropriate value. |
| The ARP protocol allows any host to spoof ARP replies and poison the ARP cache to conduct IP address spoofing or a denial of service. |
| SCO Doctor allows local users to gain root privileges through a Tools option. |
| The scriptlet.typelib ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy. |
| The Eyedog ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy. |
| Buffer overflow in the Eyedog ActiveX control allows a remote attacker to execute arbitrary commands. |
| Buffer overflow in ToxSoft NextFTP client through CWD command. |