Search
Total
25555 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0676 | 1 Netscape | 1 Communicator | 2008-09-10 | 5.0 MEDIUM | N/A |
| Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary files by using a Java applet to open a connection to a URL using the "file", "http", "https", and "ftp" protocols, as demonstrated by Brown Orifice. | |||||
| CVE-2000-0750 | 3 Netbsd, Openbsd, Redhat | 3 Netbsd, Openbsd, Linux | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name. | |||||
| CVE-2000-0625 | 1 Netzero | 1 Zeroport | 2008-09-10 | 4.6 MEDIUM | N/A |
| NetZero 3.0 and earlier uses weak encryption for storing a user's login information, which allows a local user to decrypt the password. | |||||
| CVE-2000-0626 | 1 Computer Software Manufaktur | 1 Alibaba | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in Alibaba web server allows remote attackers to cause a denial of service via a long GET request. | |||||
| CVE-2000-0292 | 1 Adtran | 1 Mx2800 | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Adtran MX2800 M13 Multiplexer allows remote attackers to cause a denial of service via a ping flood to the Ethernet interface, which causes the device to crash. | |||||
| CVE-2000-0527 | 1 3r Soft | 1 Mailstudio 2000 | 2008-09-10 | 10.0 HIGH | N/A |
| userreg.cgi CGI program in MailStudio 2000 2.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0526 | 1 3r Soft | 1 Mailstudio 2000 | 2008-09-10 | 5.0 MEDIUM | N/A |
| mailview.cgi CGI program in MailStudio 2000 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0506 | 1 Linux | 1 Linux Kernel | 2008-09-10 | 10.0 HIGH | N/A |
| The "capabilities" feature in Linux before 2.2.16 allows local users to cause a denial of service or gain privileges by setting the capabilities to prevent a setuid program from dropping privileges, aka the "Linux kernel setuid/setcap vulnerability." | |||||
| CVE-2000-0504 | 3 Gnome, Open Group, Xfree86 Project | 3 Gdm, X, X11r6 | 2008-09-10 | 5.0 MEDIUM | N/A |
| libICE in XFree86 allows remote attackers to cause a denial of service by specifying a large value which is not properly checked by the SKIP_STRING macro. | |||||
| CVE-2000-0497 | 1 Ibm | 1 Websphere Application Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| IBM WebSphere server 3.0.2 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case. | |||||
| CVE-2000-0494 | 1 Symantec Veritas | 1 Volume Manager | 2008-09-10 | 7.2 HIGH | N/A |
| Veritas Volume Manager creates a world writable .server_pids file, which allows local users to add arbitrary commands into the file, which is then executed by the vmsa_server script. | |||||
| CVE-2000-0492 | 1 Passwd | 1 Passwd | 2008-09-10 | 5.0 MEDIUM | N/A |
| PassWD 1.2 uses weak encryption (trivial encoding) to store passwords, which allows an attacker who can read the password file to easliy decrypt the passwords. | |||||
| CVE-2000-0491 | 3 Caldera, Gnome, Suse | 3 Openlinux, Gdm, Suse Linux | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request. | |||||
| CVE-2000-0476 | 4 Michael Jennings, Putty, Rxvt and 1 more | 4 Eterm, Putty, Rxvt and 1 more | 2008-09-10 | 5.0 MEDIUM | N/A |
| xterm, Eterm, and rxvt allow an attacker to cause a denial of service by embedding certain escape characters which force the window to be resized. | |||||
| CVE-2000-0473 | 1 Analogx | 1 Simpleserver Www | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in AnalogX SimpleServer 1.05 allows a remote attacker to cause a denial of service via a long GET request for a program in the cgi-bin directory. | |||||
| CVE-2000-0469 | 1 Selena Sol | 1 Webbanner | 2008-09-10 | 5.1 MEDIUM | N/A |
| Selena Sol WebBanner 4.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0468 | 1 Hp | 1 Hp-ux | 2008-09-10 | 4.6 MEDIUM | N/A |
| man in HP-UX 10.20 and 11 allows local attackers to overwrite files via a symlink attack. | |||||
| CVE-2000-0467 | 1 Sam Lantinga | 1 Splitvt | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in Linux splitvt 1.6.3 and earlier allows local users to gain root privileges via a long password in the screen locking function. | |||||
| CVE-2000-0463 | 1 Be | 1 Beos | 2008-09-10 | 5.0 MEDIUM | N/A |
| BeOS 5.0 allows remote attackers to cause a denial of service via fragmented TCP packets. | |||||
| CVE-2000-0462 | 1 Netbsd | 1 Netbsd | 2008-09-10 | 2.1 LOW | N/A |
| ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory. | |||||
| CVE-2000-0461 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2008-09-10 | 2.1 LOW | N/A |
| The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call. | |||||
| CVE-2000-0460 | 1 Kde | 1 Kde | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable. | |||||
| CVE-2000-0456 | 1 Netbsd | 1 Netbsd | 2008-09-10 | 2.1 LOW | N/A |
| NetBSD 1.4.2 and earlier allows local users to cause a denial of service by repeatedly running certain system calls in the kernel which do not yield the CPU, aka "cpu-hog". | |||||
| CVE-2000-0455 | 1 David Bagley | 1 Xlock | 2008-09-10 | 2.1 LOW | N/A |
| Buffer overflow in xlockmore xlock program version 4.16 and earlier allows local users to read sensitive data from memory via a long -mode option. | |||||
| CVE-2000-0454 | 1 Mandrakesoft | 1 Mandrake Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter. | |||||
| CVE-2000-0453 | 1 Xfree86 Project | 1 X11r6 | 2008-09-10 | 5.0 MEDIUM | N/A |
| XFree86 3.3.x and 4.0 allows a user to cause a denial of service via a negative counter value in a malformed TCP packet that is sent to port 6000. | |||||
| CVE-2000-0452 | 1 Lotus | 2 Domino Enterprise Server, Domino Mail Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in the ESMTP service of Lotus Domino Server 5.0.1 allows remote attackers to cause a denial of service via a long MAIL FROM command. | |||||
| CVE-2000-0451 | 1 Intel | 1 Express 8100 | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Intel express 8100 ISDN router allows remote attackers to cause a denial of service via oversized or fragmented ICMP packets. | |||||
| CVE-2000-0450 | 1 Sean Macguire | 1 Big Brother | 2008-09-10 | 7.5 HIGH | N/A |
| Vulnerability in bbd server in Big Brother System and Network Monitor allows an attacker to execute arbitrary commands. | |||||
| CVE-2000-0449 | 1 Omnis | 1 Studio | 2008-09-10 | 10.0 HIGH | N/A |
| Omnis Studio 2.4 uses weak encryption (trivial encoding) for encrypting database fields. | |||||
| CVE-2000-0447 | 1 Network Associates | 1 Webshield | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in WebShield SMTP 4.5.44 allows remote attackers to execute arbitrary commands via a long configuration parameter to the WebShield remote management service. | |||||
| CVE-2000-0446 | 1 Marty Bochane | 1 Mdbms | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in MDBMS database server allows remote attackers to execute arbitrary commands via a long string. | |||||
| CVE-2000-0445 | 1 Pgp | 1 Pgp | 2008-09-10 | 2.1 LOW | N/A |
| The pgpk command in PGP 5.x on Unix systems uses an insufficiently random data source for non-interactive key pair generation, which may produce predictable keys. | |||||
| CVE-2000-0444 | 1 Hp | 1 Jetadmin | 2008-09-10 | 5.0 MEDIUM | N/A |
| HP Web JetAdmin 6.0 allows remote attackers to cause a denial of service via a malformed URL to port 8000. | |||||
| CVE-2000-0443 | 1 Hp | 1 Jetadmin | 2008-09-10 | 7.5 HIGH | N/A |
| The web interface server in HP Web JetAdmin 5.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0442 | 2 Qualcomm, Sun | 3 Qpopper, Cobalt Raq 2, Cobalt Raq 3i | 2008-09-10 | 7.5 HIGH | N/A |
| Qpopper 2.53 and earlier allows local users to gain privileges via a formatting string in the From: header, which is processed by the euidl command. | |||||
| CVE-2000-0441 | 1 Ibm | 1 Aix | 2008-09-10 | 5.0 MEDIUM | N/A |
| Vulnerability in AIX 3.2.x and 4.x allows local users to gain write access to files on locally or remotely mounted AIX filesystems. | |||||
| CVE-2000-0440 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2008-09-10 | 5.0 MEDIUM | N/A |
| NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet with an unaligned IP timestamp option. | |||||
| CVE-2000-0438 | 4 Caldera, Slackware, Suse and 1 more | 4 Openlinux, Slackware Linux, Suse Linux and 1 more | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter. | |||||
| CVE-2000-0437 | 1 Network Associates | 3 Gauntlet Firewall, Webshield, Webshield E-ppliance | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in the CyberPatrol daemon "cyberdaemon" used in gauntlet and WebShield allows remote attackers to cause a denial of service or execute arbitrary commands. | |||||
| CVE-2000-0436 | 1 Metaproducts | 1 Offline Explorer | 2008-09-10 | 5.0 MEDIUM | N/A |
| MetaProducts Offline Explorer 1.2 and earlier allows remote attackers to access arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0435 | 1 Matthew Redman | 1 Allmanage | 2008-09-10 | 7.5 HIGH | N/A |
| The allmanageup.pl file upload CGI script in the Allmanage Website administration software 2.6 can be called directly by remote attackers, which allows them to modify user accounts or web pages. | |||||
| CVE-2000-0434 | 1 Matthew Redman | 1 Allmanage | 2008-09-10 | 7.5 HIGH | N/A |
| The administrative password for the Allmanage web site administration software is stored in plaintext in a file which could be accessed by remote attackers. | |||||
| CVE-2000-0433 | 1 Suse | 1 Suse Linux | 2008-09-10 | 4.6 MEDIUM | N/A |
| The SuSE aaa_base package installs some system accounts with home directories set to /tmp, which allows local users to gain privileges to those accounts by creating standard user startup scripts such as profiles. | |||||
| CVE-2000-0432 | 1 Matt Kruse | 1 Calendar Script | 2008-09-10 | 7.5 HIGH | N/A |
| The calender.pl and the calendar_admin.pl calendar scripts by Matt Kruse allow remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0431 | 1 Sun | 2 Cobalt Raq 2, Cobalt Raq 3i | 2008-09-10 | 7.5 HIGH | N/A |
| Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files. | |||||
| CVE-2000-0448 | 1 Network Associates | 1 Webshield | 2008-09-10 | 5.0 MEDIUM | N/A |
| The WebShield SMTP Management Tool version 4.5.44 does not properly restrict access to the management port when an IP address does not resolve to a hostname, which allows remote attackers to access the configuration via the GET_CONFIG command. | |||||
| CVE-2000-0428 | 1 Trend Micro | 1 Interscan Viruswall | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in the SMTP gateway for InterScan Virus Wall 3.32 and earlier allows a remote attacker to execute arbitrary commands via a long filename for a uuencoded attachment. | |||||
| CVE-2000-0427 | 1 Aladdin Knowledge Systems | 1 Etoken | 2008-09-10 | 4.6 MEDIUM | N/A |
| The Aladdin Knowledge Systems eToken device allows attackers with physical access to the device to obtain sensitive information without knowing the PIN of the owner by resetting the PIN in the EEPROM. | |||||
| CVE-2000-0426 | 1 Ultrascripts | 1 Ultraboard | 2008-09-10 | 5.0 MEDIUM | N/A |
| UltraBoard 1.6 and other versions allow remote attackers to cause a denial of service by referencing UltraBoard in the Session parameter, which causes UltraBoard to fork copies of itself. | |||||