Search
Total
25555 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0642 | 1 Incredimail | 1 Incredimail | 2017-12-19 | 2.1 LOW | N/A |
| Directory traversal vulnerability in IncrediMail version 1400185 and earlier allows local users to overwrite files on the local hard drive by appending .. (dot dot) sequences to filenames listed in the content.ini file. | |||||
| CVE-2001-0645 | 1 Axent | 1 Netprowler | 2017-12-19 | 7.5 HIGH | N/A |
| Symantec/AXENT NetProwler 3.5.x contains several default passwords, which could allow remote attackers to (1) access to the management tier via the "admin" password, or (2) connect to a MySQL ODBC from the management tier using a blank password. | |||||
| CVE-2001-1109 | 1 Khamil Landross And Zack Jones | 1 Eftp | 2017-12-19 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in EFTP 2.0.7.337 allows remote authenticated users to reveal directory contents via a .. (dot dot) in the (1) LIST, (2) QUOTE SIZE, and (3) QUOTE MDTM commands. | |||||
| CVE-2001-0649 | 1 Apple | 1 Personal Web Sharing | 2017-12-19 | 5.0 MEDIUM | N/A |
| Personal Web Sharing 1.5.5 allows a remote attacker to cause a denial of service via a long HTTP request. | |||||
| CVE-2001-0817 | 1 Hp | 1 Hp-ux | 2017-12-19 | 10.0 HIGH | N/A |
| Vulnerability in HP-UX line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to modify arbitrary files and gain root privileges via a certain print request. | |||||
| CVE-2001-1102 | 1 Checkpoint | 1 Firewall-1 | 2017-12-19 | 6.2 MEDIUM | N/A |
| Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable. | |||||
| CVE-2001-1101 | 1 Checkpoint | 1 Firewall-1 | 2017-12-19 | 6.4 MEDIUM | N/A |
| The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b through 4.1 SP2 does not check for the existence of '.log' files when saving files, which allows (1) remote authenticated users to overwrite arbitrary files ending in '.log', or (2) local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2001-1107 | 1 Snapstream | 1 Pvs | 2017-12-19 | 5.0 MEDIUM | N/A |
| SnapStream PVS 1.2a stores its passwords in plaintext in the file SSD.ini, which could allow a remote attacker to gain privileges on the server. | |||||
| CVE-2001-0674 | 1 Robtex | 1 Viking Server | 2017-12-19 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a hexadecimal encoded dot-dot attack (eg. http://www.server.com/%2e%2e/%2e%2e) in an HTTP URL request. | |||||
| CVE-2002-0102 | 1 Oracle | 1 Application Server Web Cache | 2017-12-19 | 5.0 MEDIUM | N/A |
| Oracle9iAS Web Cache 2.0.0.x allows remote attackers to cause a denial of service via (1) a request to TCP ports 1100, 4000, 4001, and 4002 with a large number of null characters, and (2) a request to TCP port 4000 with a large number of "." characters. | |||||
| CVE-2001-0678 | 1 Trend Micro | 2 Interscan Viruswall, Interscan Webmanager | 2017-12-19 | 4.6 MEDIUM | N/A |
| A buffer overflow in reggo.dll file used by Trend Micro InterScan VirusWall prior to 3.51 build 1349 for Windows NT 3.5 and InterScan WebManager 1.2 allows a local attacker to execute arbitrary code. | |||||
| CVE-2001-0679 | 1 Trend Micro | 1 Interscan Viruswall | 2017-12-19 | 10.0 HIGH | N/A |
| A buffer overflow in InterScan VirusWall 3.23 and 3.3 allows a remote attacker to execute arbitrary code by sending a long HELO command to the server. | |||||
| CVE-2001-0681 | 1 Qpc Software | 2 Qvt Net, Qvt Term | 2017-12-19 | 5.0 MEDIUM | N/A |
| Buffer overflow in ftpd in QPC QVT/Net 5.0 and QVT/Term 5.0 allows a remote attacker to cause a denial of service via a long (1) username or (2) password. | |||||
| CVE-2001-0687 | 1 Transsoft | 1 Broker Ftp Server | 2017-12-19 | 5.0 MEDIUM | N/A |
| Broker FTP server 5.9.5 for Windows NT and 9x allows a remote attacker to retrieve privileged web server system information by (1) issuing a CD command (CD C:) followed by the LS command, (2) specifying arbitrary paths in the UNC format (\\computername\sharename). | |||||
| CVE-2001-1097 | 1 Cisco | 1 Ios | 2017-12-19 | 5.0 MEDIUM | N/A |
| Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets. | |||||
| CVE-2001-0870 | 2 Alchemy Lab, Dek Software | 2 Alchemy Eye, Alchemy Network Monitor | 2017-12-19 | 5.0 MEDIUM | N/A |
| HTTP server in Alchemy Eye and Alchemy Network Monitor 1.9x through 2.6.18 is enabled without authentication by default, which allows remote attackers to obtain network monitoring logs with potentially sensitive information by directly requesting the eye.ini file. | |||||
| CVE-2001-0871 | 2 Alchemy Lab, Dek Software | 2 Alchemy Eye, Alchemy Network Monitor | 2017-12-19 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in HTTP server for Alchemy Eye and Alchemy Network Monitor allows remote attackers to execute arbitrary commands via an HTTP request containing (1) a .. in versions 2.0 through 2.6.18, or (2) a DOS device name followed by a .. in versions 2.6.19 through 3.0.10. | |||||
| CVE-2000-0950 | 1 Tis | 1 Internet Firewall Toolkit | 2017-12-19 | 7.2 HIGH | N/A |
| Format string vulnerability in x-gw in TIS Firewall Toolkit (FWTK) allows local users to execute arbitrary commands via a malformed display name. | |||||
| CVE-2001-0693 | 1 Webtrends | 2 Webtrends Enterprise Reporting Server, Webtrends Enterprise Reporting Server Nt | 2017-12-19 | 5.0 MEDIUM | N/A |
| WebTrends HTTP Server 3.1c and 3.5 allows a remote attacker to view script source code via a filename followed by an encoded space (%20). | |||||
| CVE-2001-1094 | 1 Crosstec Corporation | 1 Netop School | 2017-12-19 | 4.6 MEDIUM | N/A |
| NetOp School 1.5 allows local users to bypass access restrictions on the administration version by logging into the student version, closing the student version, then starting the administration version. | |||||
| CVE-2001-0695 | 1 Texas Imperial Software | 1 Wftpd | 2017-12-19 | 5.0 MEDIUM | N/A |
| WFTPD 3.00 R5 allows a remote attacker to cause a denial of service by making repeated requests to cd to the floppy drive (A:\). | |||||
| CVE-2001-1093 | 1 Compaq | 1 Tru64 | 2017-12-19 | 7.2 HIGH | N/A |
| Buffer overflow in msgchk in Digital UNIX 4.0G and earlier allows local users to execute arbitrary code via a long command line argument. | |||||
| CVE-2000-1020 | 1 Alt-n | 1 Mdaemon | 2017-12-19 | 7.5 HIGH | N/A |
| Heap overflow in Worldclient in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long URL. | |||||
| CVE-2000-1021 | 1 Alt-n | 1 Mdaemon | 2017-12-19 | 7.5 HIGH | N/A |
| Heap overflow in WebConfig in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long URL. | |||||
| CVE-2001-0703 | 1 Arcadia | 1 Arcadia Internet Store | 2017-12-19 | 5.0 MEDIUM | N/A |
| tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to cause a denial of service via a URL request with an MS-DOS device name in the template parameter. | |||||
| CVE-2001-0704 | 1 Arcadia | 1 Arcadia Internet Store | 2017-12-19 | 7.5 HIGH | N/A |
| tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to discover the full path to the working directory via a URL with a template argument for a file that does not exist. | |||||
| CVE-2001-0705 | 1 Arcadia | 1 Arcadia Internet Store | 2017-12-19 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to read arbitrary files on the web server via a URL with "dot dot" sequences in the template argument. | |||||
| CVE-2001-0707 | 1 Denicomp | 1 Rshd | 2017-12-19 | 5.0 MEDIUM | N/A |
| Denicomp RSHD 2.18 and earlier allows a remote attacker to cause a denial of service (crash) via a long string to port 514. | |||||
| CVE-2001-0708 | 1 Denicomp | 1 Rexecd | 2017-12-19 | 5.0 MEDIUM | N/A |
| Denicomp REXECD 1.05 and earlier allows a remote attacker to cause a denial of service (crash) via a long string. | |||||
| CVE-2001-0711 | 1 Cisco | 1 Ios | 2017-12-19 | 5.0 MEDIUM | N/A |
| Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a denial of service via the undocumented Interim Local Management Interface (ILMI) SNMP community string. | |||||
| CVE-2001-1092 | 1 Compaq | 1 Tru64 | 2017-12-19 | 2.1 LOW | N/A |
| msgchk in Digital UNIX 4.0G and earlier allows a local user to read the first line of arbitrary files via a symlink attack on the .mh_profile file. | |||||
| CVE-2001-1091 | 1 Netbsd | 1 Netbsd | 2017-12-19 | 7.2 HIGH | N/A |
| The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable. | |||||
| CVE-2001-1090 | 1 Alessandro Gardich | 1 Nss Postgresql | 2017-12-19 | 7.5 HIGH | N/A |
| nss_postgresql 0.6.1 and before allows a remote attacker to execute arbitrary SQL queries by inserting SQL code into an HTTP request. | |||||
| CVE-2001-0734 | 1 Netbsd | 1 Netbsd | 2017-12-19 | 7.2 HIGH | N/A |
| Hitachi Super-H architecture in NetBSD 1.5 and 1.4.1 allows a local user to gain privileges via modified Status Register contents, which are not properly handled by (1) the sigreturn system call or (2) the process_write_regs kernel routine. | |||||
| CVE-2001-0735 | 1 Infodrom | 1 Cfingerd | 2017-12-19 | 7.2 HIGH | N/A |
| Buffer overflow in cfingerd 1.4.3 and earlier with the ALLOW_LINE_PARSING option enabled allows local users to execute arbitrary code via a long line in the .nofinger file. | |||||
| CVE-2001-0736 | 5 Engardelinux, Immunix, Mandrakesoft and 2 more | 6 Secure Linux, Immunix, Mandrake Linux and 3 more | 2017-12-19 | 2.1 LOW | N/A |
| Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2001-0737 | 1 Logitech | 4 Cordless Freedom, Cordless Freedom Navigator, Cordless Freedom Pro and 1 more | 2017-12-19 | 7.5 HIGH | N/A |
| A long 'synch' delay in Logitech wireless mice and keyboard receivers allows a remote attacker to hijack connections via a man-in-the-middle attack. | |||||
| CVE-2001-1087 | 1 Network Appliance | 1 Netcache | 2017-12-19 | 7.5 HIGH | N/A |
| The default configuration of the config.http.tunnel.allow_ports option on NetCache devices is set to +all, which allows remote attackers to connect to arbitrary ports on remote systems behind the device. | |||||
| CVE-2001-1086 | 1 Xfree86 Project | 1 X11r6 | 2017-12-19 | 7.5 HIGH | N/A |
| XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using gettimeofday() when compiled with the HasXdmXauth option, which allows remote attackers to gain unauthorized access to the X display via a brute force attack. | |||||
| CVE-2001-1078 | 1 Extremail | 1 Extremail | 2017-12-19 | 10.0 HIGH | N/A |
| Format string vulnerability in flog function of eXtremail 1.1.9 and earlier allows remote attackers to gain root privileges via format specifiers in the SMTP commands (1) HELO, (2) EHLO, (3) MAIL FROM, or (4) RCPT TO, and the POP3 commands (5) USER and (6) other commands that can be executed after POP3 authentication. | |||||
| CVE-2001-1077 | 1 Rxvt | 1 Rxvt | 2017-12-19 | 4.6 MEDIUM | N/A |
| Buffer overflow in tt_printf function of rxvt 2.6.2 allows local users to gain privileges via a long (1) -T or (2) -name argument. | |||||
| CVE-2001-0746 | 1 Iplanet | 1 Iplanet Web Server | 2017-12-19 | 10.0 HIGH | N/A |
| Buffer overflow in Web Publisher in iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a request for a long URI with (1) GETPROPERTIES, (2) GETATTRIBUTENAMES, or other methods. | |||||
| CVE-2001-1073 | 1 Webridge | 1 Px Application Suite | 2017-12-19 | 5.0 MEDIUM | N/A |
| Webridge PX Application Suite allows remote attackers to obtain sensitive information via a malformed request that generates a server error message, which includes full pathname or internal IP address information in the variables (1) APPL_PHYSICAL_PATH, (2) PATH_TRANSLATED, and (3) LOCAL_ADDR. | |||||
| CVE-2000-1023 | 1 Alabanza | 1 Control Panel | 2017-12-19 | 7.5 HIGH | N/A |
| The Alabanza Control Panel does not require passwords to access administrative commands, which allows remote attackers to modify domain name information via the nsManager.cgi CGI program. | |||||
| CVE-2001-0022 | 1 Leif M. Wright | 1 Simplestguest.cgi | 2017-12-19 | 10.0 HIGH | N/A |
| simplestguest.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the guestbook parameter. | |||||
| CVE-2001-1070 | 1 Sage Software | 1 Mas 200 | 2017-12-19 | 2.1 LOW | N/A |
| Sage Software MAS 200 allows remote attackers to cause a denial of service by connecting to port 10000 and entering a series of control characters. | |||||
| CVE-2001-0023 | 1 Leif M. Wright | 1 Everythingform.cgi | 2017-12-19 | 10.0 HIGH | N/A |
| everythingform.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the config parameter. | |||||
| CVE-2001-1065 | 1 Cisco | 1 Cbos | 2017-12-19 | 5.0 MEDIUM | N/A |
| Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack. | |||||
| CVE-2001-0024 | 1 Leif M. Wright | 1 Simplestmail.cgi | 2017-12-19 | 10.0 HIGH | N/A |
| simplestmail.cgi CGI program by Leif Wright allows remote attackers to execute arbitrary commands via shell metacharacters in the MyEmail parameter. | |||||
| CVE-2001-1064 | 1 Cisco | 1 Cbos | 2017-12-19 | 5.0 MEDIUM | N/A |
| Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denial of service via multiple connections to the router on the (1) HTTP or (2) telnet service, which causes the router to become unresponsive and stop forwarding packets. | |||||