Search
Total
25555 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-1131 | 1 Bill Kendrick | 1 Gbook.cgi | 2017-10-10 | 7.5 HIGH | N/A |
| Bill Kendrick web site guestbook (GBook) allows remote attackers to execute arbitrary commands via shell metacharacters in the _MAILTO form variable. | |||||
| CVE-2000-1018 | 1 Mendel Cooper | 1 Shred | 2017-10-10 | 2.1 LOW | N/A |
| shred 1.0 file wiping utility does not properly open a file for overwriting or flush its buffers, which prevents shred from properly replacing the file's data and allows local users to recover the file. | |||||
| CVE-2000-1019 | 1 Inktomi | 1 Search Software | 2017-10-10 | 5.0 MEDIUM | N/A |
| Search engine in Ultraseek 3.1 and 3.1.10 (aka Inktomi Search) allows remote attackers to cause a denial of service via a malformed URL. | |||||
| CVE-2000-1024 | 1 Unify | 1 Ewave Servletexec | 2017-10-10 | 10.0 HIGH | N/A |
| eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attackers to upload files and execute arbitrary commands. | |||||
| CVE-2000-1165 | 1 Balabit | 1 Syslog-ng | 2017-10-10 | 5.0 MEDIUM | N/A |
| Balabit syslog-ng allows remote attackers to cause a denial of service (application crash) via a malformed log message that does not have a closing > in the priority specifier. | |||||
| CVE-2000-1032 | 1 Checkpoint | 1 Firewall-1 | 2017-10-10 | 5.0 MEDIUM | N/A |
| The client authentication interface for Check Point Firewall-1 4.0 and earlier generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to identify valid usernames on the firewall. | |||||
| CVE-2000-1036 | 1 Extent Technologies | 1 Rbs Isp | 2017-10-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Extent RBS ISP web server allows remote attackers to read sensitive information via a .. (dot dot) attack on the Image parameter. | |||||
| CVE-2000-1038 | 1 Ibm | 1 As400 Firewall | 2017-10-10 | 5.0 MEDIUM | N/A |
| The web administration interface for IBM AS/400 Firewall allows remote attackers to cause a denial of service via an empty GET request. | |||||
| CVE-2000-1040 | 1 Suse | 1 Suse Linux | 2017-10-10 | 10.0 HIGH | N/A |
| Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service. | |||||
| CVE-2000-1041 | 1 Swen Thuemmler | 1 Ypbind | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in ypbind 3.3 possibly allows an attacker to gain root privileges. | |||||
| CVE-2000-1166 | 1 Twig Development Team | 1 Twig | 2017-10-10 | 7.5 HIGH | N/A |
| Twig webmail system does not properly set the "vhosts" variable if it is not configured on the site, which allows remote attackers to insert arbitrary PHP (PHP3) code by specifying an alternate vhosts as an argument to the index.php3 program. | |||||
| CVE-2000-1042 | 1 Mandrakesoft | 1 Mandrake Linux | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function. | |||||
| CVE-2000-1043 | 1 Mandrakesoft | 1 Mandrake Linux | 2017-10-10 | 10.0 HIGH | N/A |
| Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function. | |||||
| CVE-2000-1044 | 1 Suse | 1 Suse Linux | 2017-10-10 | 10.0 HIGH | N/A |
| Format string vulnerability in ypbind-mt in SuSE SuSE-6.2, and possibly other Linux operating systems, allows an attacker to gain root privileges. | |||||
| CVE-2000-1045 | 1 Padl Software | 1 Nss Ldap | 2017-10-10 | 1.2 LOW | N/A |
| nss_ldap earlier than 121, when run with nscd (name service caching daemon), allows remote attackers to cause a denial of service via a flood of LDAP requests. | |||||
| CVE-2000-1049 | 1 Macromedia | 1 Jrun | 2017-10-10 | 5.0 MEDIUM | N/A |
| Allaire JRun 3.0 http servlet server allows remote attackers to cause a denial of service via a URL that contains a long string of "." characters. | |||||
| CVE-2000-1050 | 1 Macromedia | 1 Jrun | 2017-10-10 | 5.0 MEDIUM | N/A |
| Allaire JRun 3.0 http servlet server allows remote attackers to directly access the WEB-INF directory via a URL request that contains an extra "/" in the beginning of the request (aka the "extra leading slash"). | |||||
| CVE-2000-1051 | 1 Macromedia | 1 Jrun | 2017-10-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Allaire JRun 2.3 server allows remote attackers to read arbitrary files via the SSIFilter servlet. | |||||
| CVE-2000-1187 | 1 Netscape | 2 Communicator, Navigator | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field. | |||||
| CVE-2000-1054 | 1 Cisco | 1 Secure Access Control Server | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in CSAdmin module in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large packet. | |||||
| CVE-2000-1055 | 1 Cisco | 1 Secure Access Control Server | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large TACACS+ packet. | |||||
| CVE-2000-1056 | 1 Cisco | 1 Secure Access Control Server | 2017-10-10 | 7.5 HIGH | N/A |
| CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to bypass LDAP authentication on the server if the LDAP server allows null passwords. | |||||
| CVE-2000-1057 | 1 Hp | 1 Openview Network Node Manager | 2017-10-10 | 4.6 MEDIUM | N/A |
| Vulnerabilities in database configuration scripts in HP OpenView Network Node Manager (NNM) 6.1 and earlier allows local users to gain privileges, possibly via insecure permissions. | |||||
| CVE-2000-1059 | 1 Mandrakesoft | 1 Mandrake Linux | 2017-10-10 | 7.2 HIGH | N/A |
| The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X Windows events and gain privileges. | |||||
| CVE-2000-1068 | 1 Cgi-world | 2 Poll It, Poll It Pro | 2017-10-10 | 10.0 HIGH | N/A |
| pollit.cgi in Poll It 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the poll_options parameter. | |||||
| CVE-2000-1069 | 1 Cgi-world | 2 Poll It, Poll It Pro | 2017-10-10 | 6.4 MEDIUM | N/A |
| pollit.cgi in Poll It 2.01 and earlier allows remote attackers to access administrative functions without knowing the real password by specifying the same value to the entered_password and admin_password parameters. | |||||
| CVE-2000-1070 | 1 Cgi-world | 2 Poll It, Poll It Pro | 2017-10-10 | 5.0 MEDIUM | N/A |
| pollit.cgi in Poll It 2.01 and earlier uses data files that are located under the web document root, which allows remote attackers to access sensitive or private information. | |||||
| CVE-2000-1071 | 1 Netscape | 1 Iplanet Ical | 2017-10-10 | 10.0 HIGH | N/A |
| The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote attackers to monitor X Windows events and gain privileges. | |||||
| CVE-2000-1072 | 1 Netscape | 1 Iplanet Ical | 2017-10-10 | 7.2 HIGH | N/A |
| iCal 2.1 Patch 2 installs many files with world-writeable permissions, which allows local users to modify the iCal configuration and execute arbitrary commands by replacing the iplncal.sh program with a Trojan horse. | |||||
| CVE-2000-1073 | 1 Netscape | 1 Iplanet Ical | 2017-10-10 | 7.2 HIGH | N/A |
| csstart program in iCal 2.1 Patch 2 searches for the cshttpd program in the current working directory, which allows local users to gain root privileges by creating a Trojan Horse cshttpd program in a directory and calling csstart from that directory. | |||||
| CVE-2000-1074 | 1 Netscape | 1 Iplanet Ical | 2017-10-10 | 10.0 HIGH | N/A |
| csstart program in iCal 2.1 Patch 2 uses relative pathnames to install the libsocket and libnsl libraries, which could allow the icsuser account to gain root privileges by creating a Trojan Horse library in the current or parent directory. | |||||
| CVE-2000-1075 | 2 Netscape, Sun | 2 Directory Server, Iplanet Certificate Management System | 2017-10-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services. | |||||
| CVE-2000-1077 | 1 Iplanet | 1 Iplanet Web Server | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in the SHTML logging functionality of iPlanet Web Server 4.x allows remote attackers to execute arbitrary commands via a long filename with a .shtml extension. | |||||
| CVE-2000-1080 | 2 Id Software, J. P. Grossman | 2 Quake, Proquake | 2017-10-10 | 5.0 MEDIUM | N/A |
| Quake 1 (quake1) and ProQuake 1.01 and earlier allow remote attackers to cause a denial of service via a malformed (empty) UDP packet. | |||||
| CVE-2000-1095 | 5 Conectiva, Immunix, Mandrakesoft and 2 more | 5 Linux, Immunix, Mandrake Linux and 2 more | 2017-10-10 | 7.2 HIGH | N/A |
| modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-1097 | 1 Sonicwall | 1 Soho Firewall | 2017-10-10 | 5.0 MEDIUM | N/A |
| The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via a long username in the authentication page. | |||||
| CVE-2000-1107 | 1 Suse | 1 Suse Linux | 2017-10-10 | 5.0 MEDIUM | N/A |
| in.identd ident server in SuSE Linux 6.x and 7.0 allows remote attackers to cause a denial of service via a long request, which causes the server to access a NULL pointer and crash. | |||||
| CVE-2000-1108 | 1 Midnight Commander | 1 Midnight Commander | 2017-10-10 | 4.6 MEDIUM | N/A |
| cons.saver in Midnight Commander (mc) 4.5.42 and earlier does not properly verify if an output file descriptor is a TTY, which allows local users to corrupt files by creating a symbolic link to the target file, calling mc, and specifying that link as a TTY argument. | |||||
| CVE-2000-1109 | 1 Midnight Commander | 1 Midnight Commander | 2017-10-10 | 4.6 MEDIUM | N/A |
| Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the commands to be executed. | |||||
| CVE-2000-1111 | 1 Microsoft | 1 Windows 2000 | 2017-10-10 | 5.0 MEDIUM | N/A |
| Telnet Service for Windows 2000 Professional does not properly terminate incomplete connection attempts, which allows remote attackers to cause a denial of service by connecting to the server and not providing any input. | |||||
| CVE-2000-1115 | 1 Software602 | 1 602pro Lan Suite | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in remote web administration component (webprox.dll) of 602Pro LAN SUITE before 2000.0.1.33 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request. | |||||
| CVE-2000-1119 | 1 Ibm | 1 Aix | 2017-10-10 | 4.6 MEDIUM | N/A |
| Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands via a long "x=" argument. | |||||
| CVE-2000-1120 | 1 Ibm | 1 Aix | 2017-10-10 | 7.2 HIGH | N/A |
| Buffer overflow in digest command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands. | |||||
| CVE-2000-1121 | 1 Ibm | 1 Aix | 2017-10-10 | 7.2 HIGH | N/A |
| Buffer overflow in enq command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands via a long -M argument. | |||||
| CVE-2000-1123 | 1 Ibm | 1 Aix | 2017-10-10 | 7.2 HIGH | N/A |
| Buffer overflow in pioout command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands. | |||||
| CVE-2000-1124 | 1 Ibm | 1 Aix | 2017-10-10 | 7.2 HIGH | N/A |
| Buffer overflow in piobe command in IBM AIX 4.3.x allows local users to gain privileges via long environmental variables. | |||||
| CVE-2000-1132 | 1 Dcscripts | 1 Dcforum | 2017-10-10 | 6.4 MEDIUM | N/A |
| DCForum cgforum.cgi CGI script allows remote attackers to read arbitrary files, and delete the program itself, via a malformed "forum" variable. | |||||
| CVE-2000-1135 | 1 Debian | 1 Debian Linux | 2017-10-10 | 4.6 MEDIUM | N/A |
| fshd (fsh daemon) in Debian GNU/Linux allows local users to overwrite files of other users via a symlink attack. | |||||
| CVE-2000-1136 | 1 Debian | 1 Elvis Tiny | 2017-10-10 | 4.6 MEDIUM | N/A |
| elvis-tiny before 1.4-10 in Debian GNU/Linux, and possibly other Linux operating systems, allows local users to overwrite files of other users via a symlink attack. | |||||
| CVE-2000-1140 | 1 Recourse Technologies | 1 Mantrap | 2017-10-10 | 2.1 LOW | N/A |
| Recourse ManTrap 1.6 does not properly hide processes from attackers, which could allow attackers to determine that they are in a honeypot system by comparing the results from kill commands with the process listing in the /proc filesystem. | |||||