Search
Total
25555 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0826 | 1 Aclogic | 1 Cesarftp | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflows in CesarFTPD 0.98b allows remote attackers to execute arbitrary commands via long arguments to (1) HELP, (2) USER, (3) PASS, (4) PORT, (5) DELE, (6) REST, (7) RMD, or (8) MKD. | |||||
| CVE-2001-1153 | 1 Caldera | 1 Openunix | 2008-09-10 | 7.2 HIGH | N/A |
| lpsystem in OpenUnix 8.0.0 allows local users to cause a denial of service and possibly execute arbitrary code via a long command line argument. | |||||
| CVE-2001-1187 | 1 Mutasem Abudahab | 2 Csvform, Csvform Plus | 2008-09-10 | 7.5 HIGH | N/A |
| csvform.pl 0.1 allows remote attackers to execute arbitrary commands via metacharacters in the file parameter. | |||||
| CVE-2001-1134 | 1 Xerox | 1 Docuprint N40 | 2008-09-10 | 5.0 MEDIUM | N/A |
| Xerox DocuPrint N40 Printers allow remote attackers to cause a denial of service via malformed data, such as that produced by the Code Red worm. | |||||
| CVE-2001-1195 | 1 Novell | 1 Groupwise | 2008-09-10 | 7.5 HIGH | N/A |
| Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a default username and password for the servlet manager, which allows remote attackers to gain privileges. | |||||
| CVE-2001-1210 | 1 Cisco | 3 Ubr920, Ubr924, Ubr925 | 2008-09-10 | 6.4 MEDIUM | N/A |
| Cisco ubr900 series routers that conform to the Data-over-Cable Service Interface Specifications (DOCSIS) standard must ship without SNMP access restrictions, which can allow remote attackers to read and write information to the MIB using arbitrary community strings. | |||||
| CVE-2001-0580 | 1 Hughes Technologies | 1 Dsl Vdns | 2008-09-10 | 5.0 MEDIUM | N/A |
| Hughes Technologies Virtual DNS (VDNS) Server 1.0 allows a remote attacker to create a denial of service by connecting to port 6070, sending some data, and closing the connection. | |||||
| CVE-2001-0588 | 1 Sco | 1 Openserver | 2008-09-10 | 4.6 MEDIUM | N/A |
| sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO OpenServer 5.0.6, can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command. | |||||
| CVE-2001-0619 | 1 Lucent | 1 Orinoco | 2008-09-10 | 7.5 HIGH | N/A |
| The Lucent Closed Network protocol can allow remote attackers to join Closed Network networks which they do not have access to. The 'Network Name' or SSID, which is used as a shared secret to join the network, is transmitted in the clear. | |||||
| CVE-2001-0515 | 1 Oracle | 2 Database Server, Oracle8i | 2008-09-10 | 5.0 MEDIUM | N/A |
| Oracle Listener in Oracle 7.3 and 8i allows remote attackers to cause a denial of service via a malformed connection packet with a large offset_to_data value. | |||||
| CVE-2001-0516 | 1 Oracle | 2 Oracle8i, Oracle9i | 2008-09-10 | 5.0 MEDIUM | N/A |
| Oracle listener between Oracle 9i and Oracle 8.0 allows remote attackers to cause a denial of service via a malformed connection packet that contains an incorrect requester_version value that does not match an expected offset to the data. | |||||
| CVE-2001-0556 | 1 Nedit | 1 Nedit | 2008-09-10 | 7.2 HIGH | N/A |
| The Nirvana Editor (NEdit) 5.1.1 and earlier allows a local attacker to overwrite other users' files via a symlink attack on (1) backup files or (2) temporary files used when nedit prints a file or portions of a file. | |||||
| CVE-2001-0498 | 1 Oracle | 1 Oracle8i | 2008-09-10 | 5.0 MEDIUM | N/A |
| Transparent Network Substrate (TNS) over Net8 (SQLNet) in Oracle 8i 8.1.7 and earlier allows remote attackers to cause a denial of service via a malformed SQLNet connection request with a large offset in the header extension. | |||||
| CVE-2001-0744 | 1 Horde | 1 Imp | 2008-09-10 | 2.1 LOW | N/A |
| Horde IMP 2.2.4 and earlier allows local users to overwrite files via a symlink attack on a temporary file. | |||||
| CVE-2001-0534 | 2 Lucent, Merit | 2 Radius, Radius | 2008-09-10 | 10.0 HIGH | N/A |
| Multiple buffer overflows in RADIUS daemon radiusd in (1) Merit 3.6b and (2) Lucent 2.1-2 RADIUS allow remote attackers to cause a denial of service or execute arbitrary commands. | |||||
| CVE-2001-0487 | 1 Ibm | 1 Aix Snmp | 2008-09-10 | 5.0 MEDIUM | N/A |
| AIX SNMP server snmpd allows remote attackers to cause a denial of service via a RST during the TCP connection. | |||||
| CVE-2001-0352 | 2 3com, Symbol | 2 3crwe747a, 41x1 Access Point | 2008-09-10 | 5.0 MEDIUM | N/A |
| SNMP agents in 3Com AirConnect AP-4111 and Symbol 41X1 Access Point allow remote attackers to obtain the WEP encryption key by reading it from a MIB when the value should be write-only, via (1) dot11WEPDefaultKeyValue in the dot11WEPDefaultKeysTable of the IEEE 802.11b MIB, or (2) ap128bWepKeyValue in the ap128bWEPKeyTable in the Symbol MIB. | |||||
| CVE-2001-0282 | 1 Guido Frassetto | 1 Sedum | 2008-09-10 | 10.0 HIGH | N/A |
| SEDUM 2.1 HTTP server allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP request. | |||||
| CVE-2001-0329 | 1 Mozilla | 1 Bugzilla | 2008-09-10 | 7.5 HIGH | N/A |
| Bugzilla 2.10 allows remote attackers to execute arbitrary commands via shell metacharacters in a username that is then processed by (1) the Bugzilla_login cookie in post_bug.cgi, or (2) the who parameter in process_bug.cgi. | |||||
| CVE-2001-0284 | 1 Openbsd | 1 Openbsd | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option. | |||||
| CVE-2001-0013 | 1 Isc | 1 Bind | 2008-09-10 | 10.0 HIGH | N/A |
| Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | |||||
| CVE-2001-0443 | 1 Qpc Software | 2 Qvt Net, Qvt Term Plus | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in QPC QVT/Net Popd 4.20 in QVT/Net 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via (1) a long username, or (2) a long password. | |||||
| CVE-2001-0012 | 1 Isc | 1 Bind | 2008-09-10 | 5.0 MEDIUM | N/A |
| BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables. | |||||
| CVE-2001-0391 | 1 Imatix | 1 Xitami | 2008-09-10 | 5.0 MEDIUM | N/A |
| Xitami 2.5d4 and earlier allows remote attackers to crash the server via an HTTP request to the /aux directory. | |||||
| CVE-2001-0011 | 1 Isc | 1 Bind | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | |||||
| CVE-2001-0010 | 1 Isc | 1 Bind | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges. | |||||
| CVE-2000-1153 | 1 Kenny Carruthers | 1 Postmaster | 2008-09-10 | 5.0 MEDIUM | N/A |
| PostMaster 1.0 in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL. | |||||
| CVE-2000-1117 | 1 Ibm | 1 Lotus Notes | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring delays in the execution of the getSystemResource method. | |||||
| CVE-2000-1183 | 1 Nec | 1 Socks 5 | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in socks5 server on Linux allows attackers to execute arbitrary commands via a long connection request. | |||||
| CVE-2000-1236 | 1 Oracle | 1 Application Server | 2008-09-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mod_sql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the query string of the URL. | |||||
| CVE-2000-1155 | 1 Joe Kloss | 1 Robinhood | 2008-09-10 | 5.0 MEDIUM | N/A |
| RHDaemon in RobinHood 1.1 web server in BeOS r5 pro and earlier allows remote attackers to cause a denial of service via long HTTP request. | |||||
| CVE-2000-1154 | 1 Joe Kloss | 1 Robinhood | 2008-09-10 | 5.0 MEDIUM | N/A |
| RHConsole in RobinHood 1.1 web server in BeOS r5 pro and earlier allows remote attackers to cause a denial of service via long HTTP request. | |||||
| CVE-2000-1151 | 1 Abisoft | 1 Baxter | 2008-09-10 | 5.0 MEDIUM | N/A |
| Baxter IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL. | |||||
| CVE-2000-1192 | 1 Btt Software | 1 Snmp Trap Watcher | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in BTT Software SNMP Trap Watcher 1.16 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string trap. | |||||
| CVE-2000-1150 | 1 Xavier Ducrohet | 1 Felix | 2008-09-10 | 5.0 MEDIUM | N/A |
| Felix IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL. | |||||
| CVE-2000-1188 | 1 I-soft | 1 Quikstore | 2008-09-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Quikstore shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "page" parameter. | |||||
| CVE-2000-0581 | 1 Microsoft | 1 Windows 2000 | 2008-09-10 | 5.0 MEDIUM | N/A |
| Windows 2000 Telnet Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros, which causes the server to crash. | |||||
| CVE-2000-0582 | 1 Checkpoint | 1 Firewall-1 | 2008-09-10 | 5.0 MEDIUM | N/A |
| Check Point FireWall-1 4.0 and 4.1 allows remote attackers to cause a denial of service by sending a stream of invalid commands (such as binary zeros) to the SMTP Security Server proxy. | |||||
| CVE-2000-0583 | 1 Inter7 | 1 Vpopmail Vchkpw | 2008-09-10 | 5.0 MEDIUM | N/A |
| vchkpw program in vpopmail before version 4.8 does not properly cleanse an untrusted format string used in a call to syslog, which allows remote attackers to cause a denial of service via a USER or PASS command that contains arbitrary formatting directives. | |||||
| CVE-2000-0701 | 3 Conectiva, Gnu, Redhat | 3 Linux, Mailman, Linux | 2008-09-10 | 4.6 MEDIUM | N/A |
| The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges. | |||||
| CVE-2000-0629 | 1 Sun | 1 Java System Web Server | 2008-09-10 | 7.5 HIGH | N/A |
| The default configuration of the Sun Java web server 2.0 and earlier allows remote attackers to execute arbitrary commands by uploading Java code to the server via board.html, then directly calling the JSP compiler servlet. | |||||
| CVE-2000-0623 | 1 Oreilly | 1 Website Professional | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in O'Reilly WebSite Professional web server 2.4 and earlier allows remote attackers to execute arbitrary commands via a long GET request or Referrer header. | |||||
| CVE-2000-0787 | 1 Xchat | 1 Xchat | 2008-09-10 | 7.5 HIGH | N/A |
| IRC Xchat client versions 1.4.2 and earlier allows remote attackers to execute arbitrary commands by encoding shell metacharacters into a URL which XChat uses to launch a web browser. | |||||
| CVE-2000-0714 | 1 University Of Massachusetts | 1 Scheme | 2008-09-10 | 7.2 HIGH | N/A |
| umb-scheme 3.2-11 for Red Hat Linux is installed with world-writeable files. | |||||
| CVE-2000-0616 | 1 Hp | 1 Mpe Ix | 2008-09-10 | 4.6 MEDIUM | N/A |
| Vulnerability in HP TurboIMAGE DBUTIL allows local users to gain additional privileges via DBUTIL.PUB.SYS. | |||||
| CVE-2000-0602 | 1 Kevin Lindsay | 1 Secure Locate | 2008-09-10 | 4.6 MEDIUM | N/A |
| Secure Locate (slocate) in Red Hat Linux allows local users to gain privileges via a malformed configuration file that is specified in the LOCATE_PATH environmental variable. | |||||
| CVE-2000-0580 | 1 Microsoft | 1 Windows 2000 | 2008-09-10 | 5.0 MEDIUM | N/A |
| Windows 2000 Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros to various TCP and UDP ports, which significantly increases the CPU utilization. | |||||
| CVE-2000-0744 | 1 University Of Minnesota | 1 Gopherd | 2008-09-10 | 10.0 HIGH | N/A |
| DEPRECATED. This entry has been deprecated. It is a duplicate of CVE-2000-0743. | |||||
| CVE-2000-0703 | 1 Larry Wall | 1 Perl | 2008-09-10 | 7.2 HIGH | N/A |
| suidperl (aka sperl) does not properly cleanse the escape sequence "~!" before calling /bin/mail to send an error report, which allows local users to gain privileges by setting the "interactive" environmental variable and calling suidperl with a filename that contains the escape sequence. | |||||
| CVE-2000-0646 | 1 Texas Imperial Software | 1 Wftpd | 2008-09-10 | 5.0 MEDIUM | N/A |
| WFTPD and WFTPD Pro 2.41 allows remote attackers to obtain the real pathname for a file by executing a STATUS (STAT) command while the file is being transferred. | |||||