Search
Total
25555 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0267 | 1 Cisco | 1 Catos | 2008-09-10 | 4.6 MEDIUM | N/A |
| Cisco Catalyst 5.4.x allows a user to gain access to the "enable" mode without a password. | |||||
| CVE-2000-0268 | 1 Cisco | 12 3660 Router, 7100 Router, 7200 Router and 9 more | 2008-09-10 | 5.0 MEDIUM | N/A |
| Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of service by sending the ENVIRON option to the Telnet daemon before it is ready to accept it, which causes the system to reboot. | |||||
| CVE-2000-0269 | 1 Gnu | 1 Emacs | 2008-09-10 | 2.1 LOW | N/A |
| Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess. | |||||
| CVE-2000-0237 | 1 Netscape | 1 Enterprise Server | 2008-09-10 | 6.4 MEDIUM | N/A |
| Netscape Enterprise Server with Web Publishing enabled allows remote attackers to list arbitrary directories via a GET request for the /publisher directory, which provides a Java applet that allows the attacker to browse the directories. | |||||
| CVE-2000-0270 | 1 Gnu | 1 Emacs | 2008-09-10 | 3.6 LOW | N/A |
| The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack. | |||||
| CVE-2000-0236 | 1 Netscape | 1 Enterprise Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Netscape Enterprise Server with Directory Indexing enabled allows remote attackers to list server directories via web publishing tags such as ?wp-ver-info and ?wp-cs-dump. | |||||
| CVE-2000-0271 | 1 Gnu | 1 Emacs | 2008-09-10 | 4.6 MEDIUM | N/A |
| read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords. | |||||
| CVE-2000-0234 | 1 Sun | 2 Cobalt Raq 2, Cobalt Raq 3i | 2008-09-10 | 5.0 MEDIUM | N/A |
| The default configuration of Cobalt RaQ2 and RaQ3 as specified in access.conf allows remote attackers to view sensitive contents of a .htaccess file. | |||||
| CVE-2000-0233 | 1 Suse | 1 Suse Linux Imap Server | 2008-09-10 | 10.0 HIGH | N/A |
| SuSE Linux IMAP server allows remote attackers to bypass IMAP authentication and gain privileges. | |||||
| CVE-2000-0231 | 2 Halloween, Suse | 2 Halloween Linux, Suse Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Linux kreatecd trusts a user-supplied path that is used to find the cdrecord program, allowing local users to gain root privileges. | |||||
| CVE-2000-0273 | 1 Symantec | 1 Pcanywhere | 2008-09-10 | 5.0 MEDIUM | N/A |
| PCAnywhere allows remote attackers to cause a denial of service by terminating the connection before PCAnywhere provides a login prompt. | |||||
| CVE-2000-0274 | 1 Bray Systems | 1 Linux Trustees | 2008-09-10 | 2.1 LOW | N/A |
| The Linux trustees kernel patch allows attackers to cause a denial of service by accessing a file or directory with a long name. | |||||
| CVE-2000-0230 | 2 Halloween, Redhat | 2 Halloween Linux, Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable. | |||||
| CVE-2000-0229 | 4 Alessandro Rubini, Debian, Redhat and 1 more | 4 Gpm, Debian Linux, Linux and 1 more | 2008-09-10 | 7.2 HIGH | N/A |
| gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root. | |||||
| CVE-2000-0275 | 1 Cryptocard | 1 Cryptoadmin | 2008-09-10 | 2.1 LOW | N/A |
| CRYPTOCard CryptoAdmin for PalmOS uses weak encryption to store a user's PIN number, which allows an attacker with access to the .PDB file to generate valid PT-1 tokens after cracking the PIN. | |||||
| CVE-2000-0224 | 1 Sco | 1 Unixware | 2008-09-10 | 1.2 LOW | N/A |
| ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root privileges via a symlink attack. | |||||
| CVE-2000-0276 | 1 Be | 1 Beos | 2008-09-10 | 2.1 LOW | N/A |
| BeOS 4.5 and 5.0 allow local users to cause a denial of service via malformed direct system calls using interrupt 37. | |||||
| CVE-2000-0278 | 1 Saleslogix | 1 Corporation Eviewer | 2008-09-10 | 5.0 MEDIUM | N/A |
| The SalesLogix Eviewer allows remote attackers to cause a denial of service by accessing the URL for the slxweb.dll administration program, which does not authenticate the user. | |||||
| CVE-2000-0223 | 1 Sam Hawker | 1 Wmcdplay | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in the wmcdplay CD player program for the WindowMaker desktop allows local users to gain root privileges via a long parameter. | |||||
| CVE-2000-0221 | 1 Nortel | 1 Nautica Marlin | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Nautica Marlin bridge allows remote attackers to cause a denial of service via a zero length UDP packet to the SNMP port. | |||||
| CVE-2000-0220 | 1 Zonelabs | 1 Zonealarm | 2008-09-10 | 5.0 MEDIUM | N/A |
| ZoneAlarm sends sensitive system and network information in cleartext to the Zone Labs server if a user requests more information about an event. | |||||
| CVE-2000-0279 | 1 Be | 1 Beos | 2008-09-10 | 5.0 MEDIUM | N/A |
| BeOS allows remote attackers to cause a denial of service via malformed packets whose length field is less than the length of the headers. | |||||
| CVE-2000-0282 | 1 Talentsoft | 1 Web\+ | 2008-09-10 | 5.0 MEDIUM | N/A |
| TalentSoft webpsvr daemon in the Web+ shopping cart application allows remote attackers to read arbitrary files via a .. (dot dot) attack on the webplus CGI program. | |||||
| CVE-2000-0218 | 2 Caldera, Suse | 2 Openlinux, Suse Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative pathname. | |||||
| CVE-2000-0217 | 2 Openbsd, Ssh | 3 Openssh, Ssh, Ssh2 | 2008-09-10 | 5.1 MEDIUM | N/A |
| The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious xauth program. | |||||
| CVE-2000-0216 | 1 Microsoft | 3 Exchange Server, Outlook, Windows Messaging | 2008-09-10 | 5.0 MEDIUM | N/A |
| Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Receipt and Delivery Receipt tags, which could allow an attacker to flood a mail system with responses by forging a Read Receipt request that is redirected to a large distribution list. | |||||
| CVE-2000-0215 | 1 Sco | 1 Unixware | 2008-09-10 | 7.2 HIGH | N/A |
| Vulnerability in SCO cu program in UnixWare 7.x allows local users to gain privileges. | |||||
| CVE-2000-0214 | 1 Ftpx | 1 Ftp Explorer | 2008-09-10 | 4.6 MEDIUM | N/A |
| FTP Explorer uses weak encryption for storing the username, password, and profile of FTP sites. | |||||
| CVE-2000-0213 | 1 Sambar | 1 Sambar Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Sambar server includes batch files ECHO.BAT and HELLO.BAT in the CGI directory, which allow remote attackers to execute commands via shell metacharacters. | |||||
| CVE-2000-0257 | 1 Novell | 1 Netware | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in the NetWare remote web administration utility allows remote attackers to cause a denial of service or execute commands via a long URL. | |||||
| CVE-2000-0210 | 1 Sun | 1 Workshop | 2008-09-10 | 1.2 LOW | N/A |
| The lit program in Sun Flex License Manager (FlexLM) follows symlinks, which allows local users to modify arbitrary files. | |||||
| CVE-2000-0209 | 1 University Of Kansas | 1 Lynx | 2008-09-10 | 7.6 HIGH | N/A |
| Buffer overflow in Lynx 2.x allows remote attackers to crash Lynx and possibly execute commands via a long URL in a malicious web page. | |||||
| CVE-2000-0208 | 1 Htdig | 1 Htdig | 2008-09-10 | 5.0 MEDIUM | N/A |
| The htdig (ht://Dig) CGI program htsearch allows remote attackers to read arbitrary files by enclosing the file name with backticks (`) in parameters to htsearch. | |||||
| CVE-2000-0207 | 1 Sgi | 2 Infosearch, Irix | 2008-09-10 | 7.5 HIGH | N/A |
| SGI InfoSearch CGI program infosrch.cgi allows remote attackers to execute commands via shell metacharacters. | |||||
| CVE-2000-0206 | 1 Oracle | 1 Oracle8i | 2008-09-10 | 6.2 MEDIUM | N/A |
| The installation of Oracle 8.1.5.x on Linux follows symlinks and creates the orainstRoot.sh file with world-writeable permissions, which allows local users to gain privileges. | |||||
| CVE-2000-0205 | 1 Trend Micro | 1 Officescan | 2008-09-10 | 6.4 MEDIUM | N/A |
| Trend Micro OfficeScan allows remote attackers to replay administrative commands and modify the configuration of OfficeScan clients. | |||||
| CVE-2000-0204 | 1 Trend Micro | 1 Officescan | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Trend Micro OfficeScan client allows remote attackers to cause a denial of service by making 5 connections to port 12345, which raises CPU utilization to 100%. | |||||
| CVE-2000-0203 | 1 Trend Micro | 1 Officescan | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Trend Micro OfficeScan client tmlisten.exe allows remote attackers to cause a denial of service via malformed data to port 12345. | |||||
| CVE-2000-0225 | 1 Deti Fliegl | 1 Poc32 | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Pocsag POC32 program does not properly prevent remote users from accessing its server port, even if the option has been disabled. | |||||
| CVE-2000-0199 | 1 Microsoft | 1 Sql Server | 2008-09-10 | 7.2 HIGH | N/A |
| When a new SQL Server is registered in Enterprise Manager for Microsoft SQL Server 7.0 and the "Always prompt for login name and password" option is not set, then the Enterprise Manager uses weak encryption to store the login ID and password. | |||||
| CVE-2000-0198 | 1 Atrium Software | 3 Mercur Imap4 Server, Mercur Mailserver, Mercur Pop3 Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in POP3 and IMAP servers in the MERCUR mail server suite allows remote attackers to cause a denial of service. | |||||
| CVE-2000-0197 | 1 Microsoft | 1 Windows Nt | 2008-09-10 | 4.6 MEDIUM | N/A |
| The Windows NT scheduler uses the drive mapping of the interactive user who is currently logged onto the system, which allows the local user to gain privileges by providing a Trojan horse batch file in place of the original batch file. | |||||
| CVE-2000-0196 | 3 Nmh, Redhat, Turbolinux | 3 Nmh, Linux, Turbolinux | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message. | |||||
| CVE-2000-0195 | 1 Corel | 1 Linux | 2008-09-10 | 7.2 HIGH | N/A |
| setxconf in Corel Linux allows local users to gain root access via the -T parameter, which executes the user's .xserverrc file. | |||||
| CVE-2000-0194 | 1 Corel | 1 Linux | 2008-09-10 | 7.2 HIGH | N/A |
| buildxconf in Corel Linux allows local users to modify or create arbitrary files via the -x or -f parameters. | |||||
| CVE-2000-0193 | 1 Corel | 1 Linux | 2008-09-10 | 7.2 HIGH | N/A |
| The default configuration of Dosemu in Corel Linux 1.0 allows local users to execute the system.com program and gain privileges. | |||||
| CVE-2000-0192 | 1 Caldera | 1 Openlinux | 2008-09-10 | 5.0 MEDIUM | N/A |
| The default installation of Caldera OpenLinux 2.3 includes the CGI program rpm_query, which allows remote attackers to determine what packages are installed on the system. | |||||
| CVE-2000-0191 | 1 Axis | 1 Storpoint Cd | 2008-09-10 | 10.0 HIGH | N/A |
| Axis StorPoint CD allows remote attackers to access administrator URLs without authentication via a .. (dot dot) attack. | |||||
| CVE-2000-0190 | 1 Aol | 1 Instant Messenger | 2008-09-10 | 5.0 MEDIUM | N/A |
| AOL Instant Messenger (AIM) client allows remote attackers to cause a denial of service via a message with a malformed ASCII value. | |||||
| CVE-2000-0189 | 1 Allaire | 1 Coldfusion Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| ColdFusion Server 4.x allows remote attackers to determine the real pathname of the server via an HTTP request to the application.cfm or onrequestend.cfm files. | |||||