Page 4 of 26 results (0.003 seconds)

CVSS: 5.0EPSS: 3%CPEs: 2EXPL: 0

Unknown vulnerability in an ISAPI plugin for ISS Server Sensor 7.0 XPU 20.16, 20.18, and possibly other versions before 20.19, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code in Internet Information Server (IIS) via a certain URL through SSL. • http://marc.info/?l=bugtraq&m=106278164225389&w=2 http://www.enteredge.com/research/CAN-2003-0702.asp https://exchange.xforce.ibmcloud.com/vulnerabilities/13088 •

CVSS: 7.5EPSS: 4%CPEs: 1EXPL: 0

Buffer overflow in the parsing mechanism for ISS Internet Scanner 6.2.1, when using the license banner HTTP check, allows remote attackers to execute arbitrary code via a long web server response. • http://bvlive01.iss.net/issEn/delivery/xforce/alertdetail.jsp?oid=21165 http://www.iss.net/security_center/static/10130.php http://www.osvdb.org/3150 http://www.securityfocus.com/bid/5738 •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

BlackICE Agent 3.1.eal does not always reactivate after a system standby, which could allow remote attackers and local users to bypass intended firewall restrictions. • http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0090.html http://online.securityfocus.com/archive/1/275710 http://www.iss.net/security_center/static/9275.php http://www.securityfocus.com/bid/4950 •

CVSS: 5.0EPSS: 0%CPEs: 2EXPL: 0

The default configuration of BlackICE Agent 3.1.eal and 3.1.ebh has a high tcp.maxconnections setting, which could allow remote attackers to cause a denial of service (memory consumption) via a large number of connections to the BlackICE system that consumes more resources than intended by the user. • http://archives.neohapsis.com/archives/vulnwatch/2002-q2/0114.html http://www.iss.net/security_center/static/9405.php •

CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 0

ISS RealSecure for Nokia devices before IPSO build 6.0.2001.141d is configured to allow a user "skank" on a machine "starscream" to become a key manager when the "first time connection" feature is enabled and before any legitimate administrators have connected, which could allow remote attackers to gain access to the device during installation. • http://marc.info/?l=bugtraq&m=101666833321138&w=2 http://marc.info/?l=bugtraq&m=101675086010051&w=2 http://marc.info/?l=bugtraq&m=101684141308876&w=2 http://www.securityfocus.com/bid/4331 •