Search
Total
25555 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0706 | 1 Maxum Development Corporation | 1 Rumpus Ftp Server | 2017-10-10 | 2.1 LOW | N/A |
| Maximum Rumpus FTP Server 2.0.3 dev and before allows an attacker to cause a denial of service (crash) via a mkdir command that specifies a large number of sub-folders. | |||||
| CVE-2001-0710 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2017-10-10 | 5.0 MEDIUM | N/A |
| NetBSD 1.5 and earlier and FreeBSD 4.3 and earlier allows a remote attacker to cause a denial of service by sending a large number of IP fragments to the machine, exhausting the mbuf pool. | |||||
| CVE-2001-0716 | 1 Citrix | 1 Metaframe | 2017-10-10 | 5.0 MEDIUM | N/A |
| Citrix MetaFrame 1.8 Server with Service Pack 3, and XP Server Service Pack 1 and earlier, allows remote attackers to cause a denial of service (crash) via a large number of incomplete connections to the server. | |||||
| CVE-2001-0728 | 1 Compaq | 1 Management Agents | 2017-10-10 | 4.6 MEDIUM | N/A |
| Buffer overflow in Compaq Management Agents before 5.2, included in Compaq Web-enabled Management Software, allows local users to gain privileges. | |||||
| CVE-2001-0733 | 1 Ralf S. Engelschall | 1 Eperl | 2017-10-10 | 7.5 HIGH | N/A |
| The #sinclude directive in Embedded Perl (ePerl) 2.2.14 and earlier allows a remote attacker to execute arbitrary code by modifying the 'sinclude' file to point to another file that contains a #include directive that references a file that contains the code. | |||||
| CVE-2001-0749 | 1 Beck Ipc Gmbh | 1 Ipc At Chip Embedded-webserver | 2017-10-10 | 7.5 HIGH | N/A |
| Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to read arbitrary files via a webserver root directory set to system root. | |||||
| CVE-2001-0738 | 2 Debian, Immunix | 2 Debian Linux, Immunix | 2017-10-10 | 5.0 MEDIUM | N/A |
| LogLine function in klogd in sysklogd 1.3 in various Linux distributions allows an attacker to cause a denial of service (hang) by causing null bytes to be placed in log messages. | |||||
| CVE-2001-0739 | 1 Engardelinux | 1 Secure Linux | 2017-10-10 | 7.2 HIGH | N/A |
| Guardian Digital WebTool in EnGarde Secure Linux 1.0.1 allows restarted services to inherit some environmental variables, which could allow local users to gain root privileges. | |||||
| CVE-2001-0740 | 1 3com | 2 3c840-us, 3cp4144 | 2017-10-10 | 5.0 MEDIUM | N/A |
| 3COM OfficeConnect 812 and 840 ADSL Router 4.2, running OCR812 router software 1.1.9 and earlier, allows remote attackers to cause a denial of service via a long string containing a large number of "%s" strings, possibly triggering a format string vulnerability. | |||||
| CVE-2001-0745 | 1 Netscape | 1 Messanger | 2017-10-10 | 5.0 MEDIUM | N/A |
| Netscape 4.7x allows remote attackers to obtain sensitive information such as the user's login, mailbox location and installation path via Javascript that accesses the mailbox: URL in the document.referrer property. | |||||
| CVE-2001-0750 | 1 Cisco | 1 Ios | 2017-10-10 | 5.0 MEDIUM | N/A |
| Cisco IOS 12.1(2)T, 12.1(3)T allow remote attackers to cause a denial of service (reload) via a connection to TCP ports 3100-3999, 5100-5999, 7100-7999 and 10100-10999. | |||||
| CVE-2001-0751 | 1 Cisco | 1 Cbos | 2017-10-10 | 7.5 HIGH | N/A |
| Cisco switches and routers running CBOS 2.3.8 and earlier use predictable TCP Initial Sequence Numbers (ISN), which allows remote attackers to spoof or hijack TCP connections. | |||||
| CVE-2001-0752 | 1 Cisco | 1 Cbos | 2017-10-10 | 5.0 MEDIUM | N/A |
| Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via an ICMP ECHO REQUEST (ping) with the IP Record Route option set. | |||||
| CVE-2001-0754 | 1 Cisco | 1 Cbos | 2017-10-10 | 5.0 MEDIUM | N/A |
| Cisco CBOS 2.3.8 and earlier allows remote attackers to cause a denial of service via a series of large ICMP ECHO REPLY (ping) packets, which cause it to enter ROMMON mode and stop forwarding packets. | |||||
| CVE-2001-0757 | 1 Cisco | 1 6400 Nrp 2 | 2017-10-10 | 7.5 HIGH | N/A |
| Cisco 6400 Access Concentrator Node Route Processor 2 (NRP2) 12.1DC card does not properly disable access when a password has not been set for vtys, which allows remote attackers to obtain access via telnet. | |||||
| CVE-2001-0760 | 1 Citrix | 1 Nfuse | 2017-10-10 | 5.0 MEDIUM | N/A |
| Citrix Nfuse 1.51 allows remote attackers to obtain the absolute path of the web root via a malformed request to launch.asp that does not provide the session field. | |||||
| CVE-2001-0912 | 1 Mandrakesoft | 1 Mandrake Linux | 2017-10-10 | 7.2 HIGH | N/A |
| Packaging error for expect 8.3.3 in Mandrake Linux 8.1 causes expect to search for its libraries in the /home/snailtalk directory before other directories, which could allow a local user to gain root privileges. | |||||
| CVE-2001-0764 | 1 Juergen Schoenwaelder | 1 Scotty | 2017-10-10 | 7.2 HIGH | N/A |
| Buffer overflow in ntping in scotty 2.1.0 allows local users to execute arbitrary code via a long hostname as a command line argument. | |||||
| CVE-2001-0765 | 1 Bisonware | 1 Bison Ftp Server | 2017-10-10 | 4.6 MEDIUM | N/A |
| BisonFTP V4R1 allows local users to access directories outside of their home directory by uploading .bdl files, which can then be linked to other directories. | |||||
| CVE-2001-0769 | 1 Steve Poulsen | 1 Guildftpd | 2017-10-10 | 5.0 MEDIUM | N/A |
| Memory leak in GuildFTPd Server 0.97 allows remote attackers to cause a denial of service via a request containing a null character. | |||||
| CVE-2001-0770 | 1 Steve Poulsen | 1 Guildftpd | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in GuildFTPd Server 0.97 allows remote attacker to execute arbitrary code via a long SITE command. | |||||
| CVE-2001-0773 | 1 Cayman | 1 3220-h Dsl Router | 2017-10-10 | 5.0 MEDIUM | N/A |
| Cayman 3220-H DSL Router 1.0 allows remote attacker to cause a denial of service (crash) via a series of SYN or TCP connect requests. | |||||
| CVE-2001-0774 | 1 Tripwire | 1 Tripwire | 2017-10-10 | 4.6 MEDIUM | N/A |
| Tripwire 1.3.1, 2.2.1 and 2.3.0 allows local users to overwrite arbitrary files and possible gain privileges via a symbolic link attack on temporary files. | |||||
| CVE-2001-0784 | 1 Icecast | 1 Icecast | 2017-10-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Icecast 1.3.10 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack using encoded URL characters. | |||||
| CVE-2001-0787 | 1 Redhat | 1 Linux | 2017-10-10 | 4.6 MEDIUM | N/A |
| LPRng in Red Hat Linux 7.0 and 7.1 does not properly drop memberships in supplemental groups when lowering privileges, which could allow a local user to elevate privileges. | |||||
| CVE-2001-0796 | 2 Freebsd, Sgi | 2 Freebsd, Irix | 2017-10-10 | 5.0 MEDIUM | N/A |
| SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and FreeBSD 3.0, allows remote attackers to cause a denial of service via a malformed IGMP multicast packet with a small response delay. | |||||
| CVE-2001-0801 | 1 Sgi | 1 Irix | 2017-10-10 | 7.2 HIGH | N/A |
| lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library. | |||||
| CVE-2001-0804 | 1 Valerie Mates | 1 Interactive Story | 2017-10-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in story.pl in Interactive Story 1.3 allows a remote attacker to read arbitrary files via a .. (dot dot) attack on the "next" parameter. | |||||
| CVE-2001-0805 | 1 Tarantella | 1 Tarantella Enterprise | 2017-10-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in ttawebtop.cgi in Tarantella Enterprise 3.00 and 3.01 allows remote attackers to read arbitrary files via a .. (dot dot) in the pg parameter. | |||||
| CVE-2001-0806 | 1 Apple | 1 Mac Os X | 2017-10-10 | 3.6 LOW | N/A |
| Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a user's desktop folder via insecure default permissions for the Desktop when it is created in some languages. | |||||
| CVE-2001-0815 | 1 Activestate | 1 Activeperl | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in PerlIS.dll in Activestate ActivePerl 5.6.1.629 and earlier allows remote attackers to execute arbitrary code via an HTTP request for a long filename that ends in a .pl extension. | |||||
| CVE-2001-0822 | 1 Packet Knights | 1 Fpf Linux Kernel Module | 2017-10-10 | 5.0 MEDIUM | N/A |
| FPF kernel module 1.0 allows a remote attacker to cause a denial of service via fragmented packets. | |||||
| CVE-2001-0828 | 1 Caucho Technology | 1 Resin | 2017-10-10 | 5.1 MEDIUM | N/A |
| A cross-site scripting vulnerability in Caucho Technology Resin before 1.2.4 allows a malicious webmaster to embed Javascript in a hyperlink that ends in a .jsp extension, which causes an error message that does not properly quote the Javascript. | |||||
| CVE-2001-0830 | 1 Pld | 1 6tunnel | 2017-10-10 | 5.0 MEDIUM | N/A |
| 6tunnel 0.08 and earlier does not properly close sockets that were initiated by a client, which allows remote attackers to cause a denial of service (resource exhaustion) by repeatedly connecting to and disconnecting from the server. | |||||
| CVE-2001-0834 | 4 Conectiva, Debian, Htdig and 1 more | 4 Linux, Debian Linux, Htdig and 1 more | 2017-10-10 | 6.4 MEDIUM | N/A |
| htsearch CGI program in htdig (ht://Dig) 3.1.5 and earlier allows remote attackers to use the -c option to specify an alternate configuration file, which could be used to (1) cause a denial of service (CPU consumption) by specifying a large file such as /dev/zero, or (2) read arbitrary files by uploading an alternate configuration file that specifies the target file. | |||||
| CVE-2001-0836 | 1 Oracle | 1 Application Server Web Cache | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in Oracle9iAS Web Cache 2.0.0.1 allows remote attackers to execute arbitrary code via a long HTTP GET request. | |||||
| CVE-2001-0837 | 1 Deltathree | 1 Pc-to-phone | 2017-10-10 | 2.1 LOW | N/A |
| DeltaThree Pc-To-Phone 3.0.3 places sensitive data in world-readable locations in the installation directory, which allows local users to read the information in (1) temp.html, (2) the log folder, and (3) the PhoneBook folder. | |||||
| CVE-2001-0918 | 1 Suse | 1 Suse Linux | 2017-10-10 | 5.1 MEDIUM | N/A |
| Vulnerabilities in CGI scripts in susehelp in SuSE 7.2 and 7.3 allow remote attackers to execute arbitrary commands by not opening files securely. | |||||
| CVE-2001-0846 | 1 Lotus | 1 Domino | 2017-10-10 | 10.0 HIGH | N/A |
| Lotus Domino 5.x allows remote attackers to read files or execute arbitrary code by requesting the ReplicaID of the Web Administrator template file (webadmin.ntf). | |||||
| CVE-2001-0850 | 1 Caldera | 1 Openlinux | 2017-10-10 | 10.0 HIGH | N/A |
| A configuration error in the libdb1 package in OpenLinux 3.1 uses insecure versions of the snprintf and vsnprintf functions, which could allow local or remote users to exploit those functions with a buffer overflow. | |||||
| CVE-2001-0851 | 3 Caldera, Linux, Suse | 7 Openlinux, Openlinux Edesktop, Openlinux Eserver and 4 more | 2017-10-10 | 5.0 MEDIUM | N/A |
| Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled allows remote attackers to bypass firewall rules by brute force guessing the cookie. | |||||
| CVE-2001-0857 | 1 Imp | 1 Webmail | 2017-10-10 | 7.5 HIGH | N/A |
| Cross-site scripting vulnerability in status.php3 in Imp Webmail 2.2.6 and earlier allows remote attackers to gain access to the e-mail of other users by hijacking session cookies via the message parameter. | |||||
| CVE-2001-0859 | 1 Redhat | 1 Linux | 2017-10-10 | 5.0 MEDIUM | N/A |
| 2.4.3-12 kernel in Red Hat Linux 7.1 Korean installation program sets the setting default umask for init to 000, which installs files with world-writeable permissions. | |||||
| CVE-2001-0860 | 1 Microsoft | 2 Windows 2000, Windows Xp | 2017-10-10 | 7.5 HIGH | N/A |
| Terminal Services Manager MMC in Windows 2000 and XP trusts the Client Address (IP address) that is provided by the client instead of obtaining it from the packet headers, which allows clients to spoof their public IP address, e.g. through a Network Address Translation (NAT). | |||||
| CVE-2001-0861 | 1 Cisco | 1 12000 Router | 2017-10-10 | 5.0 MEDIUM | N/A |
| Cisco 12000 with IOS 12.0 and line cards based on Engine 2 and earlier allows remote attackers to cause a denial of service (CPU consumption) by flooding the router with traffic that generates a large number of ICMP Unreachable replies. | |||||
| CVE-2001-0862 | 1 Cisco | 1 12000 Router | 2017-10-10 | 7.5 HIGH | N/A |
| Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not block non-initial packet fragments, which allows remote attackers to bypass the ACL. | |||||
| CVE-2001-0863 | 1 Cisco | 1 12000 Router | 2017-10-10 | 5.0 MEDIUM | N/A |
| Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not handle the "fragment" keyword in a compiled ACL (Turbo ACL) for packets that are sent to the router, which allows remote attackers to cause a denial of service via a flood of fragments. | |||||
| CVE-2001-0864 | 1 Cisco | 1 12000 Router | 2017-10-10 | 7.5 HIGH | N/A |
| Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly handle the implicit "deny ip any any" rule in an outgoing ACL when the ACL contains exactly 448 entries, which can allow some outgoing packets to bypass access restrictions. | |||||
| CVE-2001-0865 | 1 Cisco | 1 12000 Router | 2017-10-10 | 7.5 HIGH | N/A |
| Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not support the "fragment" keyword in an outgoing ACL, which could allow fragmented packets in violation of the intended access. | |||||
| CVE-2001-0867 | 1 Cisco | 1 12000 Router | 2017-10-10 | 7.5 HIGH | N/A |
| Cisco 12000 with IOS 12.0 and line cards based on Engine 2 does not properly filter does not properly filter packet fragments even when the "fragment" keyword is used in an ACL, which allows remote attackers to bypass the intended access controls. | |||||