Search
Total
25555 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0191 | 1 Andy Norman | 1 Gnuserv | 2017-10-10 | 10.0 HIGH | N/A |
| gnuserv before 3.12, as shipped with XEmacs, does not properly check the specified length of an X Windows MIT-MAGIC-COOKIE cookie, which allows remote attackers to execute arbitrary commands via a buffer overflow, or brute force authentication by using a short cookie length. | |||||
| CVE-2001-0193 | 2 Debian, Suse | 2 Debian Linux, Suse Linux | 2017-10-10 | 7.2 HIGH | N/A |
| Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter. | |||||
| CVE-2001-0194 | 1 Easy Software Products | 1 Cups | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in httpGets function in CUPS 1.1.5 allows remote attackers to execute arbitrary commands via a long input line. | |||||
| CVE-2001-0195 | 1 Debian | 1 Debian Linux | 2017-10-10 | 2.1 LOW | N/A |
| sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking. | |||||
| CVE-2001-0196 | 1 Freebsd | 1 Freebsd | 2017-10-10 | 5.0 MEDIUM | N/A |
| inetd ident server in FreeBSD 4.x and earlier does not properly set group permissions, which allows remote attackers to read the first 16 bytes of files that are accessible by the wheel group. | |||||
| CVE-2001-0197 | 2 Icecast, Redhat | 2 Icecast, Linux | 2017-10-10 | 10.0 HIGH | N/A |
| Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands. | |||||
| CVE-2001-0215 | 1 Martin Hamilton | 1 Roads | 2017-10-10 | 5.0 MEDIUM | N/A |
| ROADS search.pl program allows remote attackers to read arbitrary files by specifying the file name in the form parameter and terminating the filename with a null byte. | |||||
| CVE-2001-0203 | 1 Watchguard | 1 Firebox Ii | 2017-10-10 | 10.0 HIGH | N/A |
| Watchguard Firebox II firewall allows users with read-only access to gain read-write access, and administrative privileges, by accessing a file that contains hashed passphrases, and using the hashes during authentication. | |||||
| CVE-2001-0204 | 1 Watchguard | 1 Firebox Ii | 2017-10-10 | 5.0 MEDIUM | N/A |
| Watchguard Firebox II allows remote attackers to cause a denial of service by establishing multiple connections and sending malformed PPTP packets. | |||||
| CVE-2001-0218 | 1 Martin Stover | 1 Mars Nwe | 2017-10-10 | 10.0 HIGH | N/A |
| Format string vulnerability in mars_nwe 0.99.pl19 allows remote attackers to execute arbitrary commands. | |||||
| CVE-2001-0219 | 1 Hp | 1 Hp-ux | 2017-10-10 | 2.1 LOW | N/A |
| Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 and earlier allows local users to cause a denial of service. | |||||
| CVE-2001-0221 | 1 Freebsd | 1 Ja-xklock | 2017-10-10 | 7.2 HIGH | N/A |
| Buffer overflow in ja-xklock 2.7.1 and earlier allows local users to gain root privileges. | |||||
| CVE-2001-0222 | 1 Webmin | 1 Webmin | 2017-10-10 | 1.2 LOW | N/A |
| webmin 0.84 and earlier allows local users to overwrite and create arbitrary files via a symlink attack. | |||||
| CVE-2001-0233 | 3 Debian, Matthew Smith, Redhat | 3 Debian Linux, Micq, Linux | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Description field. | |||||
| CVE-2001-0234 | 1 Sourceforge | 1 Newsdaemon | 2017-10-10 | 7.5 HIGH | N/A |
| NewsDaemon before 0.21b allows remote attackers to execute arbitrary SQL queries and gain privileges via a malformed user_username parameter. | |||||
| CVE-2001-0235 | 1 Debian | 1 Debian Linux | 2017-10-10 | 2.1 LOW | N/A |
| Vulnerability in crontab allows local users to read crontab files of other users by replacing the temporary file that is being edited while crontab is running. | |||||
| CVE-2001-0252 | 1 Iplanet | 1 Iplanet Enterprise Server | 2017-10-10 | 5.0 MEDIUM | N/A |
| iPlanet (formerly Netscape) Enterprise Server 4.1 allows remote attackers to cause a denial of service via a long HTTP GET request that contains many "/../" (dot dot) sequences. | |||||
| CVE-2001-0259 | 1 Ssh | 1 Ssh | 2017-10-10 | 3.6 LOW | N/A |
| ssh-keygen in ssh 1.2.27 - 1.2.30 with Secure-RPC can allow local attackers to recover a SUN-DES-1 magic phrase generated by another user, which the attacker can use to decrypt that user's private key file. | |||||
| CVE-2001-0260 | 1 Lotus | 1 Domino Mail Server | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in Lotus Domino Mail Server 5.0.5 and earlier allows a remote attacker to crash the server or execute arbitrary code via a long "RCPT TO" command. | |||||
| CVE-2001-0265 | 1 Pgp | 1 Pgp | 2017-10-10 | 2.1 LOW | N/A |
| ASCII Armor parser in Windows PGP 7.0.3 and earlier allows attackers to create files in arbitrary locations via a malformed ASCII armored file. | |||||
| CVE-2001-0267 | 1 Hp | 1 Mpe Ix | 2017-10-10 | 7.2 HIGH | N/A |
| NM debug in HP MPE/iX 6.5 and earlier does not properly handle breakpoints, which allows local users to gain privileges. | |||||
| CVE-2001-0268 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2017-10-10 | 7.2 HIGH | N/A |
| The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address. | |||||
| CVE-2001-0274 | 1 Kicq | 1 Kicq | 2017-10-10 | 7.5 HIGH | N/A |
| kicq IRC client 1.0.0, and possibly later versions, allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. | |||||
| CVE-2001-0276 | 1 Working Resources Inc. | 1 Badblue | 2017-10-10 | 6.4 MEDIUM | N/A |
| ext.dll in BadBlue 1.02.07 Personal Edition web server allows remote attackers to determine the physical path of the server by directly calling ext.dll without any arguments, which produces an error message that contains the path. | |||||
| CVE-2001-0278 | 1 Hp | 1 Mpe Ix | 2017-10-10 | 4.6 MEDIUM | N/A |
| Vulnerability in linkeditor in HP MPE/iX 6.5 and earlier allows local users to gain privileges. | |||||
| CVE-2001-0280 | 1 Atrium Software | 1 Mercur | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in MERCUR SMTP server 3.30 allows remote attackers to execute arbitrary commands via a long EXPN command. | |||||
| CVE-2001-0377 | 1 Infradig | 1 Inframail | 2017-10-10 | 5.0 MEDIUM | N/A |
| Infradig Inframail prior to 3.98a allows a remote attacker to create a denial of service via a malformed POST request which includes a space followed by a large string. | |||||
| CVE-2001-0299 | 1 Nokia | 1 Ip440 Firewall Vpn Appliance | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in Voyager web administration server for Nokia IP440 allows local users to cause a denial of service, and possibly execute arbitrary commands, via a long URL. | |||||
| CVE-2001-0301 | 1 Stephen Turner | 1 Analog | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in Analog before 4.16 allows remote attackers to execute arbitrary commands by using the ALIAS command to construct large strings. | |||||
| CVE-2001-0309 | 1 Redhat | 1 Linux | 2017-10-10 | 5.0 MEDIUM | N/A |
| inetd in Red Hat 6.2 does not properly close sockets for internal services such as chargen, daytime, echo, etc., which allows remote attackers to cause a denial of service via a series of connections to the internal services. | |||||
| CVE-2001-0310 | 1 Freebsd | 1 Freebsd | 2017-10-10 | 2.1 LOW | N/A |
| sort in FreeBSD 4.1.1 and earlier, and possibly other operating systems, uses predictable temporary file names and does not properly handle when the temporary file already exists, which causes sort to crash and possibly impacts security-sensitive scripts. | |||||
| CVE-2001-0311 | 1 Hp | 2 Hp-ux, Omniback Ii | 2017-10-10 | 4.6 MEDIUM | N/A |
| Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized access to an OmniBack client. | |||||
| CVE-2001-0316 | 1 Linux | 1 Linux Kernel | 2017-10-10 | 4.6 MEDIUM | N/A |
| Linux kernel 2.4 and 2.2 allows local users to read kernel memory and possibly gain privileges via a negative argument to the sysctl call. | |||||
| CVE-2001-0317 | 1 Linux | 1 Linux Kernel | 2017-10-10 | 3.7 LOW | N/A |
| Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local users to gain privileges by using ptrace to track and modify a running setuid process. | |||||
| CVE-2001-0318 | 1 Proftpd Project | 1 Proftpd | 2017-10-10 | 7.5 HIGH | N/A |
| Format string vulnerability in ProFTPD 1.2.0rc2 may allow attackers to execute arbitrary commands by shutting down the FTP server while using a malformed working directory (cwd). | |||||
| CVE-2001-0319 | 1 Ibm | 3 Net.commerce, Net.commerce Hosting Server, Websphere Commerce Suite | 2017-10-10 | 7.5 HIGH | N/A |
| orderdspc.d2w macro in IBM Net.Commerce 3.x allows remote attackers to execute arbitrary SQL queries by inserting them into the order_rn option of the report capability. | |||||
| CVE-2001-0321 | 1 Francisco Burzi | 1 Php-nuke | 2017-10-10 | 5.0 MEDIUM | N/A |
| opendir.php script in PHP-Nuke allows remote attackers to read arbitrary files by specifying the filename as an argument to the requesturl parameter. | |||||
| CVE-2001-0326 | 1 Oracle | 2 Application Server, Oracle8i | 2017-10-10 | 7.5 HIGH | N/A |
| Oracle Java Virtual Machine (JVM ) for Oracle 8.1.7 and Oracle Application Server 9iAS Release 1.0.2.0.1 allows remote attackers to read arbitrary files via the .jsp and .sqljsp file extensions when the server is configured to use the <<ALL FILES>> FilePermission. | |||||
| CVE-2001-0330 | 1 Mozilla | 1 Bugzilla | 2017-10-10 | 7.5 HIGH | N/A |
| Bugzilla 2.10 allows remote attackers to access sensitive information, including the database username and password, via an HTTP request for the globals.pl file, which is normally returned by the web server without being executed. | |||||
| CVE-2001-0331 | 1 Sgi | 1 Irix | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in Embedded Support Partner (ESP) daemon (rpc.espd) in IRIX 6.5.8 and earlier allows remote attackers to execute arbitrary commands. | |||||
| CVE-2001-0364 | 1 Ssh | 1 Ssh2 | 2017-10-10 | 5.0 MEDIUM | N/A |
| SSH Communications Security sshd 2.4 for Windows allows remote attackers to create a denial of service via a large number of simultaneous connections. | |||||
| CVE-2001-0365 | 1 Qualcomm | 1 Eudora | 2017-10-10 | 7.5 HIGH | N/A |
| Eudora before 5.1 allows a remote attacker to execute arbitrary code, when the 'Use Microsoft Viewer' and 'allow executables in HTML content' options are enabled, via an HTML email message containing Javascript, with ActiveX controls and malicious code within IMG tags. | |||||
| CVE-2001-0366 | 1 Sap | 2 Sap R 3 Web Application Server Demo, Saposcol | 2017-10-10 | 7.2 HIGH | N/A |
| saposcol in SAP R/3 Web Application Server Demo before 1.5 trusts the PATH environmental variable to find and execute the expand program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse expand program. | |||||
| CVE-2001-0368 | 1 Free Peers | 1 Bearshare | 2017-10-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in BearShare 2.2.2 and earlier allows a remote attacker to read certain files via a URL containing a series of . characters, a variation of the .. (dot dot) attack. | |||||
| CVE-2001-0371 | 1 Freebsd | 1 Freebsd | 2017-10-10 | 6.2 MEDIUM | N/A |
| Race condition in the UFS and EXT2FS file systems in FreeBSD 4.2 and earlier, and possibly other operating systems, makes deleted data available to user processes before it is zeroed out, which allows a local user to access otherwise restricted information. | |||||
| CVE-2001-0373 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2017-10-10 | 2.1 LOW | N/A |
| The default configuration of the Dr. Watson program in Windows NT and Windows 2000 generates user.dmp crash dump files with world-readable permissions, which could allow a local user to gain access to sensitive information. | |||||
| CVE-2001-0375 | 1 Cisco | 2 Pix Firewall 515, Pix Firewall 520 | 2017-10-10 | 5.0 MEDIUM | N/A |
| Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authentication to a TACACS+ server allows remote attackers to cause a denial of service via a large number of authentication requests. | |||||
| CVE-2001-0378 | 1 Openbsd | 1 Openbsd | 2017-10-10 | 2.1 LOW | N/A |
| readline prior to 4.1, in OpenBSD 2.8 and earlier, creates history files with insecure permissions, which allows a local attacker to recover potentially sensitive information via readline history files. | |||||
| CVE-2001-0379 | 1 Hp | 1 Hp-ux | 2017-10-10 | 4.6 MEDIUM | N/A |
| Vulnerability in the newgrp program included with HP9000 servers running HP-UX 11.11 allows a local attacker to obtain higher access rights. | |||||
| CVE-2001-0383 | 1 Francisco Burzi | 1 Php-nuke | 2017-10-10 | 5.0 MEDIUM | N/A |
| banners.php in PHP-Nuke 4.4 and earlier allows remote attackers to modify banner ad URLs by directly calling the Change operation, which does not require authentication. | |||||