Search
Total
25555 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0188 | 1 Alex Heiphetz Group | 1 Ezshopper | 2008-09-10 | 7.5 HIGH | N/A |
| EZShopper 3.0 search.cgi CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack or execute commands via shell metacharacters. | |||||
| CVE-2000-0187 | 1 Alex Heiphetz Group | 1 Ezshopper | 2008-09-10 | 7.5 HIGH | N/A |
| EZShopper 3.0 loadpage.cgi CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack or execute commands via shell metacharacters. | |||||
| CVE-2000-0186 | 4 Freebsd, Mandrakesoft, Redhat and 1 more | 4 Freebsd, Mandrake Linux, Linux and 1 more | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument. | |||||
| CVE-2000-0185 | 1 Realnetworks | 2 Realserver, Realserver G2 | 2008-09-10 | 5.0 MEDIUM | N/A |
| RealMedia RealServer reveals the real IP address of a Real Server, even if the address is supposed to be private. | |||||
| CVE-2000-0184 | 2 Mandrakesoft, Redhat | 2 Mandrake Linux, Linux | 2008-09-10 | 2.1 LOW | N/A |
| Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords. | |||||
| CVE-2000-0183 | 1 Michael Sandrof | 1 Ircii | 2008-09-10 | 5.1 MEDIUM | N/A |
| Buffer overflow in ircII 4.4 IRC client allows remote attackers to execute commands via the DCC chat capability. | |||||
| CVE-2000-0182 | 1 Iplanet | 1 Iplanet Web Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| iPlanet Web Server 4.1 allows remote attackers to cause a denial of service via a large number of GET commands, which consumes memory and causes a kernel panic. | |||||
| CVE-2000-0181 | 1 Checkpoint | 1 Firewall-1 | 2008-09-10 | 5.0 MEDIUM | N/A |
| Firewall-1 3.0 and 4.0 leaks packets with private IP address information, which could allow remote attackers to determine the real IP address of the host that is making the connection. | |||||
| CVE-2000-0179 | 1 Hp | 1 Openview Omniback Ii | 2008-09-10 | 5.0 MEDIUM | N/A |
| HP OpenView OmniBack 2.55 allows remote attackers to cause a denial of service via a large number of connections to port 5555. | |||||
| CVE-2000-0129 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2008-09-10 | 2.1 LOW | N/A |
| Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file. | |||||
| CVE-2000-0178 | 1 Foundrynet | 1 Serveriron | 2008-09-10 | 7.5 HIGH | N/A |
| ServerIron switches by Foundry Networks have predictable TCP/IP sequence numbers, which allows remote attackers to spoof or hijack sessions. | |||||
| CVE-2000-0177 | 1 Dnstools Software | 1 Dnstools | 2008-09-10 | 10.0 HIGH | N/A |
| DNSTools CGI applications allow remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0176 | 1 Cat Soft | 1 Serv-u | 2008-09-10 | 5.0 MEDIUM | N/A |
| The default configuration of Serv-U 2.5d and earlier allows remote attackers to determine the real pathname of the server by requesting a URL for a directory or file that does not exist. | |||||
| CVE-2000-0175 | 1 Sun | 1 Staroffice | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command. | |||||
| CVE-2000-0174 | 1 Sun | 1 Staroffice | 2008-09-10 | 5.0 MEDIUM | N/A |
| StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0173 | 1 Sco | 1 Unixware | 2008-09-10 | 5.0 MEDIUM | N/A |
| Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote attackers to cause a denial of service. | |||||
| CVE-2000-0172 | 2 Matt Kimball And Roger Wolff, Turbolinux | 2 Mtr, Turbolinux | 2008-09-10 | 7.2 HIGH | N/A |
| The mtr program only uses a seteuid call when attempting to drop privileges, which could allow local users to gain root privileges. | |||||
| CVE-2000-0171 | 1 At Computing | 1 Atsar Linux | 2008-09-10 | 7.2 HIGH | N/A |
| atsadc in the atsar package for Linux does not properly check the permissions of an output file, which allows local users to gain root privileges. | |||||
| CVE-2000-0170 | 2 Redhat, Turbolinux | 2 Linux, Turbolinux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable. | |||||
| CVE-2000-0169 | 1 Oracle | 1 Application Server | 2008-09-10 | 7.5 HIGH | N/A |
| Batch files in the Oracle web listener ows-bin directory allow remote attackers to execute commands via a malformed URL that includes '?&'. | |||||
| CVE-2000-0168 | 1 Microsoft | 3 Windows 95, Windows 98, Windows 98se | 2008-09-10 | 5.0 MEDIUM | N/A |
| Microsoft Windows 9x operating systems allow an attacker to cause a denial of service via a pathname that includes file device names, aka the "DOS Device in Path Name" vulnerability. | |||||
| CVE-2000-0167 | 1 Microsoft | 1 Internet Information Server | 2008-09-10 | 2.1 LOW | N/A |
| IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a long name and a .txt.eml extension in the pickup directory. | |||||
| CVE-2000-0164 | 1 Sun | 1 Solaris Isp Server | 2008-09-10 | 7.2 HIGH | N/A |
| The installation of Sun Internet Mail Server (SIMS) creates a world-readable file that allows local users to obtain passwords. | |||||
| CVE-2000-0163 | 1 Freebsd | 1 Freebsd | 2008-09-10 | 4.6 MEDIUM | N/A |
| asmon and ascpu in FreeBSD allow local users to gain root privileges via a configuration file. | |||||
| CVE-2000-0159 | 1 Hp | 1 Hp-ux | 2008-09-10 | 7.5 HIGH | N/A |
| HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges. | |||||
| CVE-2000-0158 | 1 Sco | 1 Openserver | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in MMDF server allows remote attackers to gain privileges via a long MAIL FROM command to the SMTP daemon. | |||||
| CVE-2000-0157 | 1 Netbsd | 1 Netbsd | 2008-09-10 | 7.2 HIGH | N/A |
| NetBSD ptrace call on VAX allows local users to gain privileges by modifying the PSL contents in the debugging process. | |||||
| CVE-2000-0154 | 1 Sco | 1 Unixware | 2008-09-10 | 1.2 LOW | N/A |
| The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack. | |||||
| CVE-2000-0133 | 1 H. Nomura | 1 Tiny Ftpdaemon | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflows in Tiny FTPd 0.52 beta3 FTP server allows users to execute commands via the STOR, RNTO, MKD, XMKD, RMD, XRMD, APPE, SIZE, and RNFR commands. | |||||
| CVE-2000-0153 | 1 Microsoft | 2 Frontpage, Personal Web Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack. | |||||
| CVE-2000-0134 | 1 Adgrafix Corporation | 1 Check It Out | 2008-09-10 | 7.5 HIGH | N/A |
| The Check It Out shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0152 | 1 Novell | 1 Bordermanager | 2008-09-10 | 5.0 MEDIUM | N/A |
| Remote attackers can cause a denial of service in Novell BorderManager 3.5 by pressing the enter key in a telnet connection to port 2000. | |||||
| CVE-2000-0151 | 1 Gnu | 1 Make | 2008-09-10 | 6.2 MEDIUM | N/A |
| GNU make follows symlinks when it reads a Makefile from stdin, which allows other local users to execute commands. | |||||
| CVE-2000-0146 | 1 Novell | 1 Groupwise | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Java Server in the Novell GroupWise Web Access Enhancement Pack allows remote attackers to cause a denial of service via a long URL to the servlet. | |||||
| CVE-2000-0135 | 1 Atretail | 1 Atretail | 2008-09-10 | 7.5 HIGH | N/A |
| The @Retail shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0145 | 1 Debian | 1 Debian Linux | 2008-09-10 | 7.5 HIGH | N/A |
| The libguile.so library file used by gnucash in Debian GNU/Linux is installed with world-writable permissions. | |||||
| CVE-2000-0144 | 1 Axis | 1 700 Network Document Server | 2008-09-10 | 7.5 HIGH | N/A |
| Axis 700 Network Scanner does not properly restrict access to administrator URLs, which allows users to bypass the password protection via a .. (dot dot) attack. | |||||
| CVE-2000-0143 | 2 Openbsd, Ssh | 2 Openssh, Ssh | 2008-09-10 | 4.6 MEDIUM | N/A |
| The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP. | |||||
| CVE-2000-0142 | 1 Netopia | 1 Timbuktu Pro | 2008-09-10 | 5.0 MEDIUM | N/A |
| The authentication protocol in Timbuktu Pro 2.0b650 allows remote attackers to cause a denial of service via connections to port 407 and 1417. | |||||
| CVE-2000-0141 | 1 Infopop | 1 Ultimate Bulletin Board | 2008-09-10 | 10.0 HIGH | N/A |
| Infopop Ultimate Bulletin Board (UBB) allows remote attackers to execute commands via shell metacharacters in the topic hidden field. | |||||
| CVE-2000-0136 | 1 Mcmurtrey Whitaker And Associates | 1 Cart32 | 2008-09-10 | 7.5 HIGH | N/A |
| The Cart32 shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0137 | 1 Cartit | 1 Cartit | 2008-09-10 | 7.5 HIGH | N/A |
| The CartIt shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0110 | 1 Baron Consulting Group | 1 Websitetool | 2008-09-10 | 7.5 HIGH | N/A |
| The WebSiteTool shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0109 | 1 Comstock | 1 Multicsp | 2008-09-10 | 10.0 HIGH | N/A |
| The mcsp Client Site Processor system (MultiCSP) in Standard and Poor's ComStock is installed with several accounts that have no passwords or easily guessable default passwords. | |||||
| CVE-2000-0054 | 1 Solution Scripts | 1 Home Free | 2008-09-10 | 5.0 MEDIUM | N/A |
| search.cgi in the SolutionScripts Home Free package allows remote attackers to view directories via a .. (dot dot) attack. | |||||
| CVE-2000-0091 | 1 Inter7 | 1 Vpopmail | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in vchkpw/vpopmail POP authentication package allows remote attackers to gain root privileges via a long username or password. | |||||
| CVE-2000-0056 | 1 Ipswitch | 1 Imail | 2008-09-10 | 5.0 MEDIUM | N/A |
| IMail IMONITOR status.cgi CGI script allows remote attackers to cause a denial of service with many calls to status.cgi. | |||||
| CVE-2000-0057 | 1 Allaire | 1 Coldfusion Server | 2008-09-10 | 7.5 HIGH | N/A |
| Cold Fusion CFCACHE tag places temporary cache files within the web document root, allowing remote attackers to obtain sensitive system information. | |||||
| CVE-2000-0058 | 1 Handspring | 1 Visor Network Hotsync | 2008-09-10 | 5.0 MEDIUM | N/A |
| Network HotSync program in Handspring Visor does not have authentication, which allows remote attackers to retrieve email and files. | |||||
| CVE-2000-0039 | 1 Altavista | 1 Search Intranet | 2008-09-10 | 5.0 MEDIUM | N/A |
| AltaVista search engine allows remote attackers to read files above the document root via a .. (dot dot) in the query.cgi CGI program. | |||||