Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1121 | 1 Macromedia | 1 Jrun | 2008-09-10 | 7.5 HIGH | N/A |
| DEPRECATED. This entry has been deprecated. It is a duplicate of CVE-2001-1084. | |||||
| CVE-2001-1228 | 1 Gnu | 1 Gzip | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow attackers to execute code via a long file name, possibly remotely if gzip is run on an FTP server. | |||||
| CVE-2001-1212 | 1 Aktivate | 1 Aktivate | 2008-09-10 | 5.0 MEDIUM | N/A |
| Cross-site scripting vulnerability in catgy.cgi for Aktivate 1.03 allows remote attackers to execute arbitrary Javascript via the desc parameter. | |||||
| CVE-2001-1235 | 1 Derek Leung | 1 Pslash | 2008-09-10 | 7.5 HIGH | N/A |
| pSlash PHP script 0.7 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the includedir variable. | |||||
| CVE-2001-1236 | 1 Sebastian Bunka | 1 Myphppagetool | 2008-09-10 | 7.5 HIGH | N/A |
| myphpPagetool PHP script 0.4.3-1 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the includedir variable. | |||||
| CVE-2001-1210 | 1 Cisco | 3 Ubr920, Ubr924, Ubr925 | 2008-09-10 | 6.4 MEDIUM | N/A |
| Cisco ubr900 series routers that conform to the Data-over-Cable Service Interface Specifications (DOCSIS) standard must ship without SNMP access restrictions, which can allow remote attackers to read and write information to the MIB using arbitrary community strings. | |||||
| CVE-2001-1167 | 2008-09-10 | N/A | N/A | ||
| ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2001-0976. Reason: This candidate is a duplicate of CVE-2001-0976. Notes: CVE-2001-0976 should be used instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage. | |||||
| CVE-2001-1145 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2008-09-10 | 6.2 MEDIUM | N/A |
| fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories. | |||||
| CVE-2001-1195 | 1 Novell | 1 Groupwise | 2008-09-10 | 7.5 HIGH | N/A |
| Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a default username and password for the servlet manager, which allows remote attackers to gain privileges. | |||||
| CVE-2001-1054 | 1 Phpadsnew | 1 Phpadsnew | 2008-09-10 | 7.5 HIGH | N/A |
| PHPAdsNew PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | |||||
| CVE-2001-0516 | 1 Oracle | 2 Oracle8i, Oracle9i | 2008-09-10 | 5.0 MEDIUM | N/A |
| Oracle listener between Oracle 9i and Oracle 8.0 allows remote attackers to cause a denial of service via a malformed connection packet that contains an incorrect requester_version value that does not match an expected offset to the data. | |||||
| CVE-2001-0580 | 1 Hughes Technologies | 1 Dsl Vdns | 2008-09-10 | 5.0 MEDIUM | N/A |
| Hughes Technologies Virtual DNS (VDNS) Server 1.0 allows a remote attacker to create a denial of service by connecting to port 6070, sending some data, and closing the connection. | |||||
| CVE-2001-0619 | 1 Lucent | 1 Orinoco | 2008-09-10 | 7.5 HIGH | N/A |
| The Lucent Closed Network protocol can allow remote attackers to join Closed Network networks which they do not have access to. The 'Network Name' or SSID, which is used as a shared secret to join the network, is transmitted in the clear. | |||||
| CVE-2001-0515 | 1 Oracle | 2 Database Server, Oracle8i | 2008-09-10 | 5.0 MEDIUM | N/A |
| Oracle Listener in Oracle 7.3 and 8i allows remote attackers to cause a denial of service via a malformed connection packet with a large offset_to_data value. | |||||
| CVE-2001-0744 | 1 Horde | 1 Imp | 2008-09-10 | 2.1 LOW | N/A |
| Horde IMP 2.2.4 and earlier allows local users to overwrite files via a symlink attack on a temporary file. | |||||
| CVE-2001-0588 | 1 Sco | 1 Openserver | 2008-09-10 | 4.6 MEDIUM | N/A |
| sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO OpenServer 5.0.6, can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command. | |||||
| CVE-2001-0556 | 1 Nedit | 1 Nedit | 2008-09-10 | 7.2 HIGH | N/A |
| The Nirvana Editor (NEdit) 5.1.1 and earlier allows a local attacker to overwrite other users' files via a symlink attack on (1) backup files or (2) temporary files used when nedit prints a file or portions of a file. | |||||
| CVE-2001-0534 | 2 Lucent, Merit | 2 Radius, Radius | 2008-09-10 | 10.0 HIGH | N/A |
| Multiple buffer overflows in RADIUS daemon radiusd in (1) Merit 3.6b and (2) Lucent 2.1-2 RADIUS allow remote attackers to cause a denial of service or execute arbitrary commands. | |||||
| CVE-2001-0487 | 1 Ibm | 1 Aix Snmp | 2008-09-10 | 5.0 MEDIUM | N/A |
| AIX SNMP server snmpd allows remote attackers to cause a denial of service via a RST during the TCP connection. | |||||
| CVE-2001-0498 | 1 Oracle | 1 Oracle8i | 2008-09-10 | 5.0 MEDIUM | N/A |
| Transparent Network Substrate (TNS) over Net8 (SQLNet) in Oracle 8i 8.1.7 and earlier allows remote attackers to cause a denial of service via a malformed SQLNet connection request with a large offset in the header extension. | |||||
| CVE-2001-0391 | 1 Imatix | 1 Xitami | 2008-09-10 | 5.0 MEDIUM | N/A |
| Xitami 2.5d4 and earlier allows remote attackers to crash the server via an HTTP request to the /aux directory. | |||||
| CVE-2001-0282 | 1 Guido Frassetto | 1 Sedum | 2008-09-10 | 10.0 HIGH | N/A |
| SEDUM 2.1 HTTP server allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP request. | |||||
| CVE-2001-0443 | 1 Qpc Software | 2 Qvt Net, Qvt Term Plus | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in QPC QVT/Net Popd 4.20 in QVT/Net 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via (1) a long username, or (2) a long password. | |||||
| CVE-2001-0329 | 1 Mozilla | 1 Bugzilla | 2008-09-10 | 7.5 HIGH | N/A |
| Bugzilla 2.10 allows remote attackers to execute arbitrary commands via shell metacharacters in a username that is then processed by (1) the Bugzilla_login cookie in post_bug.cgi, or (2) the who parameter in process_bug.cgi. | |||||
| CVE-2001-0352 | 2 3com, Symbol | 2 3crwe747a, 41x1 Access Point | 2008-09-10 | 5.0 MEDIUM | N/A |
| SNMP agents in 3Com AirConnect AP-4111 and Symbol 41X1 Access Point allow remote attackers to obtain the WEP encryption key by reading it from a MIB when the value should be write-only, via (1) dot11WEPDefaultKeyValue in the dot11WEPDefaultKeysTable of the IEEE 802.11b MIB, or (2) ap128bWepKeyValue in the ap128bWEPKeyTable in the Symbol MIB. | |||||
| CVE-2001-0010 | 1 Isc | 1 Bind | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges. | |||||
| CVE-2001-0011 | 1 Isc | 1 Bind | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | |||||
| CVE-2001-0012 | 1 Isc | 1 Bind | 2008-09-10 | 5.0 MEDIUM | N/A |
| BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables. | |||||
| CVE-2001-0284 | 1 Openbsd | 1 Openbsd | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option. | |||||
| CVE-2001-0013 | 1 Isc | 1 Bind | 2008-09-10 | 10.0 HIGH | N/A |
| Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | |||||
| CVE-2000-1188 | 1 I-soft | 1 Quikstore | 2008-09-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Quikstore shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "page" parameter. | |||||
| CVE-2000-1117 | 1 Ibm | 1 Lotus Notes | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring delays in the execution of the getSystemResource method. | |||||
| CVE-2000-1150 | 1 Xavier Ducrohet | 1 Felix | 2008-09-10 | 5.0 MEDIUM | N/A |
| Felix IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL. | |||||
| CVE-2000-1151 | 1 Abisoft | 1 Baxter | 2008-09-10 | 5.0 MEDIUM | N/A |
| Baxter IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL. | |||||
| CVE-2000-1192 | 1 Btt Software | 1 Snmp Trap Watcher | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in BTT Software SNMP Trap Watcher 1.16 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string trap. | |||||
| CVE-2000-1154 | 1 Joe Kloss | 1 Robinhood | 2008-09-10 | 5.0 MEDIUM | N/A |
| RHConsole in RobinHood 1.1 web server in BeOS r5 pro and earlier allows remote attackers to cause a denial of service via long HTTP request. | |||||
| CVE-2000-1153 | 1 Kenny Carruthers | 1 Postmaster | 2008-09-10 | 5.0 MEDIUM | N/A |
| PostMaster 1.0 in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL. | |||||
| CVE-2000-1155 | 1 Joe Kloss | 1 Robinhood | 2008-09-10 | 5.0 MEDIUM | N/A |
| RHDaemon in RobinHood 1.1 web server in BeOS r5 pro and earlier allows remote attackers to cause a denial of service via long HTTP request. | |||||
| CVE-2000-1236 | 1 Oracle | 1 Application Server | 2008-09-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mod_sql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the query string of the URL. | |||||
| CVE-2000-1183 | 1 Nec | 1 Socks 5 | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in socks5 server on Linux allows attackers to execute arbitrary commands via a long connection request. | |||||
| CVE-2000-0655 | 2 Mozilla, Netscape | 2 Mozilla, Communicator | 2008-09-10 | 5.0 MEDIUM | N/A |
| Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a JPEG image containing a comment with an illegal field length of 1. | |||||
| CVE-2000-0576 | 1 Oracle | 1 Web Listener | 2008-09-10 | 5.0 MEDIUM | N/A |
| Oracle Web Listener for AIX versions 4.0.7.0.0 and 4.0.8.1.0 allows remote attackers to cause a denial of service via a malformed URL. | |||||
| CVE-2000-0574 | 2 Openbsd, Washington University | 2 Ftpd, Wu-ftpd | 2008-09-10 | 5.0 MEDIUM | N/A |
| FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands. | |||||
| CVE-2000-0572 | 1 Visible Systems | 1 Razor | 2008-09-10 | 4.6 MEDIUM | N/A |
| The Razor configuration management tool uses weak encryption for its password file, which allows local users to gain privileges. | |||||
| CVE-2000-0599 | 1 Imesh.com | 1 Imesh | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in iMesh 1.02 allows remote attackers to execute arbitrary commands via a long string to the iMesh port. | |||||
| CVE-2000-0601 | 1 Leafdigital | 1 Leafchat | 2008-09-10 | 5.0 MEDIUM | N/A |
| LeafChat 1.7 IRC client allows a remote IRC server to cause a denial of service by rapidly sending a large amount of error messages. | |||||
| CVE-2000-0568 | 1 Sybergen | 1 Secure Desktop | 2008-09-10 | 5.0 MEDIUM | N/A |
| Sybergen Secure Desktop 2.1 does not properly protect against false router advertisements (ICMP type 9), which allows remote attackers to modify default routes. | |||||
| CVE-2000-0612 | 1 Microsoft | 2 Windows 95, Windows 98 | 2008-09-10 | 5.0 MEDIUM | N/A |
| Windows 95 and Windows 98 do not properly process spoofed ARP packets, which allows remote attackers to overwrite static entries in the cache table. | |||||
| CVE-2000-0598 | 1 Fortech | 1 Proxy\+ | 2008-09-10 | 5.0 MEDIUM | N/A |
| Fortech Proxy+ allows remote attackers to bypass access restrictions for to the administration service by redirecting their connections through the telnet proxy. | |||||
| CVE-2000-0656 | 1 Analogx | 1 Proxy | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long USER command in the FTP protocol. | |||||