Search
Total
25555 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0638 | 1 Sean Macguire | 1 Big Brother | 2017-10-10 | 10.0 HIGH | N/A |
| bb-hostsvc.sh in Big Brother 1.4h1 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the HOSTSVC parameter. | |||||
| CVE-2000-0639 | 1 Sean Macguire | 1 Big Brother | 2017-10-10 | 7.5 HIGH | N/A |
| The default configuration of Big Brother 1.4h2 and earlier does not include proper access restrictions, which allows remote attackers to execute arbitrary commands by using bbd to upload a file whose extension will cause it to be executed as a CGI script by the web server. | |||||
| CVE-2000-0640 | 1 Steve Poulsen | 1 Guildftpd | 2017-10-10 | 7.5 HIGH | N/A |
| Guild FTPd allows remote attackers to determine the existence of files outside the FTP root via a .. (dot dot) attack, which provides different error messages depending on whether the file exists or not. | |||||
| CVE-2000-0641 | 1 Michael Lamont | 1 Savant Webserver | 2017-10-10 | 7.5 HIGH | N/A |
| Savant web server allows remote attackers to execute arbitrary commands via a long GET request. | |||||
| CVE-2000-0642 | 1 Itafrica | 1 Webactive | 2017-10-10 | 5.0 MEDIUM | N/A |
| The default configuration of WebActive HTTP Server 1.00 stores the web access log active.log in the document root, which allows remote attackers to view the logs by directly requesting the page. | |||||
| CVE-2000-0643 | 1 Itafrica | 1 Webactive | 2017-10-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in WebActive HTTP Server 1.00 allows remote attackers to cause a denial of service via a long URL. | |||||
| CVE-2000-0644 | 1 Texas Imperial Software | 1 Wftpd | 2017-10-10 | 5.0 MEDIUM | N/A |
| WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by executing a STAT command while the LIST command is still executing. | |||||
| CVE-2000-0652 | 1 Ibm | 1 Websphere Application Server | 2017-10-10 | 5.0 MEDIUM | N/A |
| IBM WebSphere allows remote attackers to read source code for executable web files by directly calling the default InvokerServlet using a URL which contains the "/servlet/file" string. | |||||
| CVE-2000-0660 | 1 Alt-n | 1 Worldclient | 2017-10-10 | 5.0 MEDIUM | N/A |
| The WDaemon web server for WorldClient 2.1 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0661 | 1 Wircsrv | 1 Irc Server | 2017-10-10 | 5.0 MEDIUM | N/A |
| WircSrv IRC Server 5.07s allows remote attackers to cause a denial of service via a long string to the server port. | |||||
| CVE-2000-0664 | 1 Analogx | 1 Simpleserver Www | 2017-10-10 | 5.0 MEDIUM | N/A |
| AnalogX SimpleServer:WWW 1.06 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack that uses the %2E URL encoding for the dots. | |||||
| CVE-2000-0665 | 1 Gamsoft | 1 Telsrv | 2017-10-10 | 5.0 MEDIUM | N/A |
| GAMSoft TelSrv telnet server 1.5 and earlier allows remote attackers to cause a denial of service via a long username. | |||||
| CVE-2000-0668 | 3 Conectiva, Michael K. Johnson, Redhat | 3 Linux, Pam Console, Linux | 2017-10-10 | 5.0 MEDIUM | N/A |
| pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled. | |||||
| CVE-2000-0671 | 1 Roxen | 1 Webserver | 2017-10-10 | 5.0 MEDIUM | N/A |
| Roxen web server earlier than 2.0.69 allows allows remote attackers to bypass access restrictions, list directory contents, and read source code by inserting a null character (%00) to the URL. | |||||
| CVE-2000-0674 | 1 Virtual Vision | 1 Ftp Browser | 2017-10-10 | 5.0 MEDIUM | N/A |
| ftp.pl CGI program for Virtual Visions FTP browser allows remote attackers to read directories outside of the document root via a .. (dot dot) attack. | |||||
| CVE-2000-0675 | 1 Infopulse | 1 Gatekeeper | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in Infopulse Gatekeeper 3.5 and earlier allows remote attackers to execute arbitrary commands via a long string. | |||||
| CVE-2000-0677 | 1 Ibm | 1 Net.data | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in IBM Net.Data db2www CGI program allows remote attackers to execute arbitrary commands via a long PATH_INFO environmental variable. | |||||
| CVE-2000-0698 | 1 Minicom | 1 Minicom | 2017-10-10 | 5.0 MEDIUM | N/A |
| Minicom 1.82.1 and earlier on some Linux systems allows local users to create arbitrary files owned by the uucp user via a symlink attack. | |||||
| CVE-2000-0702 | 1 Hp | 1 Hp-ux | 2017-10-10 | 7.2 HIGH | N/A |
| The net.init rc script in HP-UX 11.00 (S008net.init) allows local users to overwrite arbitrary files via a symlink attack that points from /tmp/stcp.conf to the targeted file. | |||||
| CVE-2000-0716 | 1 Alt-n | 1 Mdaemon | 2017-10-10 | 2.6 LOW | N/A |
| WorldClient email client in MDaemon 2.8 includes the session ID in the referer field of an HTTP request when the user clicks on a URL, which allows the visited web site to hijack the session ID and read the user's email. | |||||
| CVE-2000-0717 | 1 Goodtech | 2 Ftp Server 95 98, Ftp Server Nt 2000 | 2017-10-10 | 5.0 MEDIUM | N/A |
| GoodTech FTP server allows remote attackers to cause a denial of service via a large number of RNTO commands. | |||||
| CVE-2000-0720 | 1 Gwscripts | 1 Gwscripts News Publisher | 2017-10-10 | 5.0 MEDIUM | N/A |
| news.cgi in GWScripts News Publisher does not properly authenticate requests to add an author to the author index, which allows remote attackers to add new authors by directly posting an HTTP request to the new.cgi program with an addAuthor parameter, and setting the Referer to the news.cgi program. | |||||
| CVE-2000-0726 | 1 Stalkerlab | 1 Mailers | 2017-10-10 | 2.6 LOW | N/A |
| CGIMail.exe CGI program in Stalkerlab Mailers 1.1.2 allows remote attackers to read arbitrary files by specifying the file in the $Attach$ hidden form variable. | |||||
| CVE-2000-0729 | 1 Freebsd | 1 Freebsd | 2017-10-10 | 2.1 LOW | N/A |
| FreeBSD 5.x, 4.x, and 3.x allows local users to cause a denial of service by executing a program with a malformed ELF image header. | |||||
| CVE-2000-0731 | 1 Jeremy Arnold | 1 Worm Webserver | 2017-10-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Worm HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0732 | 1 Jeremy Arnold | 1 Worm Webserver | 2017-10-10 | 5.0 MEDIUM | N/A |
| Worm HTTP server allows remote attackers to cause a denial of service via a long URL. | |||||
| CVE-2000-0738 | 1 Network Associates | 1 Webshield Smtp | 2017-10-10 | 5.0 MEDIUM | N/A |
| WebShield SMTP 4.5 allows remote attackers to cause a denial of service by sending e-mail with a From: address that has a . (period) at the end, which causes WebShield to continuously send itself copies of the e-mail. | |||||
| CVE-2000-0739 | 1 Network Associates | 1 Net Tools Pki Server | 2017-10-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to read arbitrary files via a .. (dot dot) attack in an HTTPS request to the enrollment server. | |||||
| CVE-2000-0740 | 1 Network Associates | 1 Net Tools Pki Server | 2017-10-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary commands via a long URL in the HTTPS port. | |||||
| CVE-2000-0747 | 1 Conectiva | 1 Linux | 2017-10-10 | 10.0 HIGH | N/A |
| The logrotate script for OpenLDAP before 1.2.11 in Conectiva Linux sends an improper signal to the kernel log daemon (klogd) and kills it. | |||||
| CVE-2000-0749 | 1 Freebsd | 1 Freebsd | 2017-10-10 | 7.2 HIGH | N/A |
| Buffer overflow in the Linux binary compatibility module in FreeBSD 3.x through 5.x allows local users to gain root privileges via long filenames in the linux shadow file system. | |||||
| CVE-2000-0753 | 1 Microsoft | 1 Outlook | 2017-10-10 | 5.0 MEDIUM | N/A |
| The Microsoft Outlook mail client identifies the physical path of the sender's machine within a winmail.dat attachment to Rich Text Format (RTF) files. | |||||
| CVE-2000-0764 | 1 Intel | 1 Express 8100 | 2017-10-10 | 5.0 MEDIUM | N/A |
| Intel Express 500 series switches allow a remote attacker to cause a denial of service via a malformed IP packet. | |||||
| CVE-2000-0766 | 1 Vqsoft | 1 Vqserver | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in vqSoft vqServer 1.4.49 allows remote attackers to cause a denial of service or possibly gain privileges via a long HTTP GET request. | |||||
| CVE-2000-0773 | 1 Bajie | 1 Java Http Server | 2017-10-10 | 5.0 MEDIUM | N/A |
| Bajie HTTP web server 0.30a allows remote attackers to read arbitrary files via a URL that contains a "....", a variant of the dot dot directory traversal attack. | |||||
| CVE-2000-0776 | 1 Mediahouse Software | 1 Statistics Server Livestats | 2017-10-10 | 7.5 HIGH | N/A |
| Mediahouse Statistics Server 5.02x allows remote attackers to execute arbitrary commands via a long HTTP GET request. | |||||
| CVE-2000-0781 | 1 Ca | 1 Arcserve Backup | 2017-10-10 | 7.2 HIGH | N/A |
| uagentsetup in ARCServeIT Client Agent 6.62 does not properly check for the existence or ownership of a temporary file which is moved to the agent.cfg configuration file, which allows local users to execute arbitrary commands by modifying the temporary file before it is moved. | |||||
| CVE-2000-0782 | 1 Netwin | 1 Netauth | 2017-10-10 | 5.0 MEDIUM | N/A |
| netauth.cgi program in Netwin Netauth 4.2e and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0783 | 1 Watchguard | 1 Firebox | 2017-10-10 | 5.0 MEDIUM | N/A |
| Watchguard Firebox II allows remote attackers to cause a denial of service by sending a malformed URL to the authentication service on port 4100. | |||||
| CVE-2000-0790 | 1 Microsoft | 3 Windows 2000, Windows 98, Windows 98se | 2017-10-10 | 4.6 MEDIUM | N/A |
| The web-based folder display capability in Microsoft Internet Explorer 5.5 on Windows 98 allows local users to insert Trojan horse programs by modifying the Folder.htt file and using the InvokeVerb method in the ShellDefView ActiveX control to specify a default execute option for the first file that is listed in the folder. | |||||
| CVE-2000-0796 | 1 Sgi | 1 Irix | 2017-10-10 | 7.2 HIGH | N/A |
| Buffer overflow in dmplay in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long command line option. | |||||
| CVE-2000-0797 | 1 Sgi | 1 Irix | 2017-10-10 | 7.2 HIGH | N/A |
| Buffer overflow in gr_osview in IRIX 6.2 and 6.3 allows local users to gain privileges via a long -D option. | |||||
| CVE-2000-0799 | 1 Sgi | 1 Irix | 2017-10-10 | 3.7 LOW | N/A |
| inpview in InPerson in SGI IRIX 5.3 through IRIX 6.5.10 allows local users to gain privileges via a symlink attack on the .ilmpAAA temporary file. | |||||
| CVE-2000-0920 | 1 Boa | 1 Boa Webserver | 2017-10-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in BOA web server 0.94.8.2 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack in the GET HTTP request that uses a "%2E" instead of a "." | |||||
| CVE-2000-0804 | 1 Checkpoint | 1 Firewall-1 | 2017-10-10 | 7.5 HIGH | N/A |
| Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass the directionality check via fragmented TCP connection requests or reopening closed TCP connection requests, aka "One-way Connection Enforcement Bypass." | |||||
| CVE-2000-0805 | 1 Checkpoint | 1 Firewall-1 | 2017-10-10 | 7.5 HIGH | N/A |
| Check Point VPN-1/FireWall-1 4.1 and earlier improperly retransmits encapsulated FWS packets, even if they do not come from a valid FWZ client, aka "Retransmission of Encapsulated Packets." | |||||
| CVE-2000-0806 | 1 Checkpoint | 1 Firewall-1 | 2017-10-10 | 5.0 MEDIUM | N/A |
| The inter-module authentication mechanism (fwa1) in Check Point VPN-1/FireWall-1 4.1 and earlier may allow remote attackers to conduct a denial of service, aka "Inter-module Communications Bypass." | |||||
| CVE-2000-0807 | 1 Checkpoint | 1 Firewall-1 | 2017-10-10 | 7.5 HIGH | N/A |
| The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to spoof connections, aka the "OPSEC Authentication Vulnerability." | |||||
| CVE-2000-0808 | 1 Checkpoint | 1 Firewall-1 | 2017-10-10 | 7.5 HIGH | N/A |
| The seed generation mechanism in the inter-module S/Key authentication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass authentication via a brute force attack, aka "One-time (s/key) Password Authentication." | |||||
| CVE-2000-0809 | 1 Checkpoint | 1 Firewall-1 | 2017-10-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in Getkey in the protocol checker in the inter-module communication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to cause a denial of service. | |||||