Search
Total
25555 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0484 | 1 Tek | 1 Phaserlink | 2017-12-19 | 6.4 MEDIUM | N/A |
| Tektronix PhaserLink 850 does not require authentication for access to configuration pages such as _ncl_subjects.shtml and _ncl_items.shtml, which allows remote attackers to modify configuration information and cause a denial of service by accessing the pages. | |||||
| CVE-2000-1062 | 1 Hp | 1 Jetdirect | 2017-12-19 | 5.0 MEDIUM | N/A |
| Buffer overflow in the FTP service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service. | |||||
| CVE-2001-0209 | 1 Shoutcast | 1 Dnas | 2017-12-19 | 10.0 HIGH | N/A |
| Buffer overflow in Shoutcast Distributed Network Audio Server (DNAS) 1.7.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long description. | |||||
| CVE-2000-1063 | 1 Hp | 1 Jetdirect | 2017-12-19 | 5.0 MEDIUM | N/A |
| Buffer overflow in the Telnet service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service. | |||||
| CVE-2000-1064 | 1 Hp | 1 Jetdirect | 2017-12-19 | 5.0 MEDIUM | N/A |
| Buffer overflow in the LPD service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service. | |||||
| CVE-2000-1065 | 1 Hp | 1 Jetdirect | 2017-12-19 | 5.0 MEDIUM | N/A |
| Vulnerability in IP implementation of HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service (printer crash) via a malformed packet. | |||||
| CVE-2000-0879 | 1 Plus Technologies | 1 Lpplus | 2017-12-19 | 2.1 LOW | N/A |
| LPPlus programs dccsched, dcclpdser, dccbkst, dccshut, dcclpdshut, and dccbkstshut are installed setuid root and world executable, which allows arbitrary local users to start and stop various LPD services. | |||||
| CVE-2001-0213 | 1 Planet Intra | 1 Planet Intra | 2017-12-19 | 10.0 HIGH | N/A |
| Buffer overflow in pi program in PlanetIntra 2.5 allows remote attackers to execute arbitrary commands. | |||||
| CVE-2001-0167 | 1 Att | 1 Winvnc | 2017-12-19 | 7.6 HIGH | N/A |
| Buffer overflow in AT&T WinVNC (Virtual Network Computing) client 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long rfbConnFailed packet with a long reason string. | |||||
| CVE-2001-0168 | 1 Att | 1 Winvnc | 2017-12-19 | 10.0 HIGH | N/A |
| Buffer overflow in AT&T WinVNC (Virtual Network Computing) server 3.3.3r7 and earlier allows remote attackers to execute arbitrary commands via a long HTTP GET request when the DebugLevel registry key is greater than 0. | |||||
| CVE-2001-0171 | 1 Whitsoft | 1 Slimserve | 2017-12-19 | 10.0 HIGH | N/A |
| Buffer overflow in SlimServe HTTPd 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long GET request. | |||||
| CVE-2001-0172 | 2 Hans Reiser, Suse | 2 Reiserfs, Suse Linux | 2017-12-19 | 7.2 HIGH | N/A |
| Buffer overflow in ReiserFS 3.5.28 in SuSE Linux allows local users to cause a denial of service and possibly execute arbitrary commands by via a long directory name. | |||||
| CVE-2001-0173 | 2 Nobreak Technologies, Qdecoder | 2 Crazywwwboard, Qdecoder | 2017-12-19 | 10.0 HIGH | N/A |
| Buffer overflow in qDecoder library 5.08 and earlier, as used in CrazyWWWBoard, CrazySearch, and other CGI programs, allows remote attackers to execute arbitrary commands via a long MIME Content-Type header. | |||||
| CVE-2000-1076 | 2 Netscape, Sun | 2 Directory Server, Iplanet Certificate Management System | 2017-12-19 | 10.0 HIGH | N/A |
| Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server. | |||||
| CVE-2001-0177 | 1 Webmaster | 1 Conferenceroom | 2017-12-19 | 5.0 MEDIUM | N/A |
| WebMaster ConferenceRoom 1.8.1 allows remote attackers to cause a denial of service via a buddy relationship between the IRC server and a server clone. | |||||
| CVE-2000-1078 | 1 Mirabilis | 1 Icq Web Front | 2017-12-19 | 5.0 MEDIUM | N/A |
| ICQ Web Front HTTPd allows remote attackers to cause a denial of service by requesting a URL that contains a "?" character. | |||||
| CVE-2001-0180 | 1 Lars Ellingsen | 1 Guestserver | 2017-12-19 | 10.0 HIGH | N/A |
| Lars Ellingsen guestserver.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the "email" parameter. | |||||
| CVE-2001-0181 | 1 Caldera | 3 Openlinux Desktop, Openlinux Edesktop, Openlinux Eserver | 2017-12-19 | 10.0 HIGH | N/A |
| Format string vulnerability in the error logging code of DHCP server and client in Caldera Linux allows remote attackers to execute arbitrary commands. | |||||
| CVE-2000-1079 | 1 Microsoft | 4 Windows 2000, Windows 95, Windows 98 and 1 more | 2017-12-19 | 7.5 HIGH | N/A |
| Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 98, NT, and 2000 allow remote attackers to modify dynamic NetBIOS name cache entries via a spoofed Browse Frame Request in a unicast or UDP broadcast datagram. | |||||
| CVE-2001-0184 | 1 Eeye Digital Security | 1 Iris | 2017-12-19 | 2.6 LOW | N/A |
| eEye Iris 1.01 beta allows remote attackers to cause a denial of service via a malformed packet, which causes Iris to crash when a user views the packet. | |||||
| CVE-2001-0188 | 1 Goodtech | 2 Ftp Server 95 98, Ftp Server Nt 2000 | 2017-12-19 | 5.0 MEDIUM | N/A |
| GoodTech FTP server 3.0.1.2.1.0 and earlier allows remote attackers to cause a denial of service via a flood of connections to the server, which causes it to crash. | |||||
| CVE-2001-0198 | 1 Apple | 1 Quicktime | 2017-12-19 | 7.6 HIGH | N/A |
| Buffer overflow in QuickTime Player plugin 4.1.2 (Japanese) allows remote attackers to execute arbitrary commands via a long HREF parameter in an EMBED tag. | |||||
| CVE-2001-1508 | 1 Sco | 1 Openserver | 2017-12-19 | 4.6 MEDIUM | N/A |
| Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows local users to execute arbitrary code as group bin via a long command line argument. | |||||
| CVE-2001-1500 | 1 Proftpd Project | 1 Proftpd | 2017-12-19 | 7.5 HIGH | N/A |
| ProFTPD 1.2.2rc2, and possibly other versions, does not properly verify reverse-resolved hostnames by performing forward resolution, which allows remote attackers to bypass ACLs or cause an incorrect client hostname to be logged. | |||||
| CVE-2001-1498 | 1 Markus Kliegl | 1 Mod Bf | 2017-12-19 | 7.2 HIGH | N/A |
| Buffer overflow in mod_bf 0.2 allows local users to execute arbitrary commands via a long script. | |||||
| CVE-2001-1580 | 2 Nombas, Novell | 2 Scriptease Webserver, Netware | 2017-12-19 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in ScriptEase viewcode.jse for Netware 5.1 before 5.1 SP3 allows remote attackers to read arbitrary files via ".." sequences in the query string. | |||||
| CVE-2000-1092 | 1 Alex Heiphetz Group | 1 Ezshopper | 2017-12-19 | 5.0 MEDIUM | N/A |
| loadpage.cgi CGI program in EZshopper 3.0 and 2.0 allows remote attackers to list and read files in the EZshopper data directory by inserting a "/" in front of the target filename in the "file" parameter. | |||||
| CVE-2001-0223 | 1 Spawar.navy.mil | 1 Wwwwais.25.c | 2017-12-19 | 10.0 HIGH | N/A |
| Buffer overflow in wwwwais allows remote attackers to execute arbitrary commands via a long QUERY_STRING (HTTP GET request). | |||||
| CVE-2001-1482 | 1 Phpbb Group | 1 Phpbb | 2017-12-19 | 7.5 HIGH | N/A |
| SQL injection vulnerability in bb_memberlist.php for phpBB 1.4.2 allows remote attackers to execute arbitrary SQL queries via the $sortby variable. | |||||
| CVE-2001-0231 | 1 Ibrow | 1 News Desk | 2017-12-19 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in newsdesk.cgi in News Desk 1.2 allows remote attackers to read arbitrary files via a .. in the "t" parameter. | |||||
| CVE-2001-0248 | 1 Hp | 1 Hp-ux | 2017-12-19 | 10.0 HIGH | N/A |
| Buffer overflow in FTP server in HPUX 11 allows remote attackers to execute arbitrary commands by creating a long pathname and calling the STAT command, which uses glob to generate long strings. | |||||
| CVE-2001-0250 | 1 Netscape | 1 Enterprise Server | 2017-12-19 | 5.0 MEDIUM | N/A |
| The Web Publishing feature in Netscape Enterprise Server 4.x and earlier allows remote attackers to list arbitrary directories under the web server root via the INDEX command. | |||||
| CVE-2001-0251 | 1 Netscape | 1 Enterprise Server | 2017-12-19 | 5.0 MEDIUM | N/A |
| The Web Publishing feature in Netscape Enterprise Server 3.x allows remote attackers to cause a denial of service via the REVLOG command. | |||||
| CVE-2001-0253 | 1 Iweb Systems | 1 Hyperseek | 2017-12-19 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in hsx.cgi program in iWeb Hyperseek 2000 allows remote attackers to read arbitrary files and directories via a .. (dot dot) attack in the show parameter. | |||||
| CVE-2001-0255 | 1 Fastream | 2 Fastream Ftp\+\+ Server, Fastream Ftp Server | 2017-12-19 | 5.0 MEDIUM | N/A |
| FaSTream FTP++ Server 2.0 allows remote attackers to list arbitrary directories by using the "ls" command and including the drive letter name (e.g. C:) in the requested pathname. | |||||
| CVE-2001-0256 | 1 Fastream | 1 Ftp\+\+ Server | 2017-12-19 | 7.5 HIGH | N/A |
| FaSTream FTP++ Server 2.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long username. | |||||
| CVE-2001-0257 | 1 I-data International | 1 Easycom Safecom Print Server | 2017-12-19 | 7.5 HIGH | N/A |
| Buffer overflow in Easycom/Safecom Print Server Web service, version 404.590 and earlier, allows remote attackers to execute arbitrary commands via (1) a long URL or (2) a long HTTP header field such as "Host:". | |||||
| CVE-2001-0258 | 1 I-data International | 1 Easycom Safecom Print Server | 2017-12-19 | 5.0 MEDIUM | N/A |
| The Easycom/Safecom Print Server (firmware 404.590) PrintGuide server allows remote attackers to cause a denial of service via a large number of connections that send null characters. | |||||
| CVE-2001-0261 | 1 Microsoft | 1 Windows 2000 | 2017-12-19 | 2.1 LOW | N/A |
| Microsoft Windows 2000 Encrypted File System does not properly destroy backups of files that are encrypted, which allows a local attacker to recover the text of encrypted files. | |||||
| CVE-2001-0263 | 1 Gene6 | 1 G6 Ftp Server | 2017-12-19 | 7.5 HIGH | N/A |
| Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows attackers to read file attributes outside of the web root via the (1) SIZE and (2) MDTM commands when the "show relative paths" option is not enabled. | |||||
| CVE-2001-1408 | 1 Cobalt | 2 Qube, Webmail | 2017-12-19 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in readmsg.php in WebMail 2.0.1 in Cobalt Qube 3 allows remote attackers to read arbitrary files via a .. (dot dot) in the mailbox parameter. | |||||
| CVE-2002-0570 | 1 Linux | 1 Linux Kernel | 2017-12-19 | 2.1 LOW | N/A |
| The encrypted loop device in Linux kernel 2.4.10 and earlier does not authenticate the entity that is encrypting data, which allows local users to modify encrypted data without knowing the key. | |||||
| CVE-2001-1368 | 1 Iplanet | 1 Iplanet Web Server | 2017-12-19 | 5.0 MEDIUM | N/A |
| Vulnerability in iPlanet Web Server 4 included in Virtualvault Operating System (VVOS) 4.0 running HP-UX 11.04 could allow attackers to corrupt data. | |||||
| CVE-2001-1355 | 1 Netwin | 2 Dmail, Surgeftp | 2017-12-19 | 10.0 HIGH | N/A |
| Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail, SurgeFTP, and possibly other packages, could allow attackers to execute arbitrary code via long arguments to (1) the -del command or (2) the -lookup command. | |||||
| CVE-2001-1354 | 1 Netwin | 2 Dmail, Surgeftp | 2017-12-19 | 4.6 MEDIUM | N/A |
| NetWin Authentication module (NWAuth) 2.0 and 3.0b, as implemented in SurgeFTP, DMail, and possibly other packages, uses weak password hashing, which could allow local users to decrypt passwords or use a different password that has the same hash value as the correct password. | |||||
| CVE-2002-0565 | 1 Oracle | 3 Application Server, Application Server Web Cache, Oracle9i | 2017-12-19 | 5.0 MEDIUM | N/A |
| Oracle 9iAS 1.0.2.x compiles JSP files in the _pages directory with world-readable permissions under the web root, which allows remote attackers to obtain sensitive information derived from the JSP code, including usernames and passwords, via a direct HTTP request to _pages. | |||||
| CVE-2001-1344 | 1 Cgicentral | 2 Webstore 400, Webstore 400cs | 2017-12-19 | 7.5 HIGH | N/A |
| WSSecurity.pl in WebStore allows remote attackers to bypass authentication by providing the program with a filename that exists, which is made easier by (1) inserting a null character or (2) .. (dot dot). | |||||
| CVE-2001-1343 | 1 Cgicentral | 2 Webstore 400, Webstore 400cs | 2017-12-19 | 7.5 HIGH | N/A |
| ws_mail.cgi in WebStore 400/400CS 4.14 allows remote authenticated WebStore administrators to execute arbitrary code via shell metacharacters in the kill parameter. | |||||
| CVE-2001-0376 | 1 Sonicwall | 2 Soho2, Tele2 | 2017-12-19 | 7.5 HIGH | N/A |
| SonicWALL Tele2 and SOHO firewalls with 6.0.0.0 firmware using IPSEC with IKE pre-shared keys do not allow for the use of full 128 byte IKE pre-shared keys, which is the intended design of the IKE pre-shared key, and only support 48 byte keys. This allows a remote attacker to brute force attack the pre-shared keys with significantly less resources than if the full 128 byte IKE pre-shared keys were used. | |||||
| CVE-2000-0986 | 1 Oracle | 1 Oracle8i | 2017-12-19 | 4.6 MEDIUM | N/A |
| Buffer overflow in Oracle 8.1.5 applications such as names, namesctl, onrsd, osslogin, tnslsnr, tnsping, trcasst, and trcroute possibly allow local users to gain privileges via a long ORACLE_HOME environmental variable. | |||||