Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0544 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2008-09-10 | 5.0 MEDIUM | N/A |
| Windows NT and Windows 2000 hosts allow a remote attacker to cause a denial of service via malformed DCE/RPC SMBwriteX requests that contain an invalid data length. | |||||
| CVE-2000-0669 | 1 Novell | 1 Netware | 2008-09-10 | 5.0 MEDIUM | N/A |
| Novell NetWare 5.0 allows remote attackers to cause a denial of service by flooding port 40193 with random data. | |||||
| CVE-2000-0545 | 1 Sgi | 1 Mailx | 2008-09-10 | 4.6 MEDIUM | N/A |
| Buffer overflow in mailx mail command (aka Mail) on Linux systems allows local users to gain privileges via a long -c (carbon copy) parameter. | |||||
| CVE-2000-0572 | 1 Visible Systems | 1 Razor | 2008-09-10 | 4.6 MEDIUM | N/A |
| The Razor configuration management tool uses weak encryption for its password file, which allows local users to gain privileges. | |||||
| CVE-2000-0568 | 1 Sybergen | 1 Secure Desktop | 2008-09-10 | 5.0 MEDIUM | N/A |
| Sybergen Secure Desktop 2.1 does not properly protect against false router advertisements (ICMP type 9), which allows remote attackers to modify default routes. | |||||
| CVE-2000-0703 | 1 Larry Wall | 1 Perl | 2008-09-10 | 7.2 HIGH | N/A |
| suidperl (aka sperl) does not properly cleanse the escape sequence "~!" before calling /bin/mail to send an error report, which allows local users to gain privileges by setting the "interactive" environmental variable and calling suidperl with a filename that contains the escape sequence. | |||||
| CVE-2000-0667 | 1 Conectiva | 1 Linux | 2008-09-10 | 3.6 LOW | N/A |
| Vulnerability in gpm in Caldera Linux allows local users to delete arbitrary files or conduct a denial of service. | |||||
| CVE-2000-0574 | 2 Openbsd, Washington University | 2 Ftpd, Wu-ftpd | 2008-09-10 | 5.0 MEDIUM | N/A |
| FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands. | |||||
| CVE-2000-0586 | 1 Dalnet | 1 Ircd | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in Dalnet IRC server 4.6.5 allows remote attackers to cause a denial of service or execute arbitrary commands via the SUMMON command. | |||||
| CVE-2000-0387 | 1 Alexander Siegel | 1 Golddig | 2008-09-10 | 2.1 LOW | N/A |
| The makelev program in the golddig game from the FreeBSD ports collection allows local users to overwrite arbitrary files. | |||||
| CVE-2000-0409 | 1 Netscape | 1 Communicator | 2008-09-10 | 3.7 LOW | N/A |
| Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate. | |||||
| CVE-2000-0410 | 1 Allaire | 1 Coldfusion Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| ColdFusion Server 4.5.1 allows remote attackers to cause a denial of service by making repeated requests to a CFCACHE tagged cache file that is not stored in memory. | |||||
| CVE-2000-0411 | 1 Matt Wright | 1 Formmail | 2008-09-10 | 5.0 MEDIUM | N/A |
| Matt Wright's FormMail CGI script allows remote attackers to obtain environmental variables via the env_report parameter. | |||||
| CVE-2000-0450 | 1 Sean Macguire | 1 Big Brother | 2008-09-10 | 7.5 HIGH | N/A |
| Vulnerability in bbd server in Big Brother System and Network Monitor allows an attacker to execute arbitrary commands. | |||||
| CVE-2000-0421 | 1 Mozilla | 1 Bugzilla | 2008-09-10 | 7.5 HIGH | N/A |
| The process_bug.cgi script in Bugzilla allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0449 | 1 Omnis | 1 Studio | 2008-09-10 | 10.0 HIGH | N/A |
| Omnis Studio 2.4 uses weak encryption (trivial encoding) for encrypting database fields. | |||||
| CVE-2000-0437 | 1 Network Associates | 3 Gauntlet Firewall, Webshield, Webshield E-ppliance | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in the CyberPatrol daemon "cyberdaemon" used in gauntlet and WebShield allows remote attackers to cause a denial of service or execute arbitrary commands. | |||||
| CVE-2000-0436 | 1 Metaproducts | 1 Offline Explorer | 2008-09-10 | 5.0 MEDIUM | N/A |
| MetaProducts Offline Explorer 1.2 and earlier allows remote attackers to access arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0435 | 1 Matthew Redman | 1 Allmanage | 2008-09-10 | 7.5 HIGH | N/A |
| The allmanageup.pl file upload CGI script in the Allmanage Website administration software 2.6 can be called directly by remote attackers, which allows them to modify user accounts or web pages. | |||||
| CVE-2000-0424 | 1 George Burgyan | 1 Cgi Counter | 2008-09-10 | 7.5 HIGH | N/A |
| The CGI counter 4.0.7 by George Burgyan allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0426 | 1 Ultrascripts | 1 Ultraboard | 2008-09-10 | 5.0 MEDIUM | N/A |
| UltraBoard 1.6 and other versions allow remote attackers to cause a denial of service by referencing UltraBoard in the Session parameter, which causes UltraBoard to fork copies of itself. | |||||
| CVE-2000-0431 | 1 Sun | 2 Cobalt Raq 2, Cobalt Raq 3i | 2008-09-10 | 7.5 HIGH | N/A |
| Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files. | |||||
| CVE-2000-0432 | 1 Matt Kruse | 1 Calendar Script | 2008-09-10 | 7.5 HIGH | N/A |
| The calender.pl and the calendar_admin.pl calendar scripts by Matt Kruse allow remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0434 | 1 Matthew Redman | 1 Allmanage | 2008-09-10 | 7.5 HIGH | N/A |
| The administrative password for the Allmanage web site administration software is stored in plaintext in a file which could be accessed by remote attackers. | |||||
| CVE-2000-0433 | 1 Suse | 1 Suse Linux | 2008-09-10 | 4.6 MEDIUM | N/A |
| The SuSE aaa_base package installs some system accounts with home directories set to /tmp, which allows local users to gain privileges to those accounts by creating standard user startup scripts such as profiles. | |||||
| CVE-2000-0288 | 2008-09-10 | 5.0 MEDIUM | N/A | ||
| Infonautics getdoc.cgi allows remote attackers to bypass the payment phase for accessing documents via a modified form variable. | |||||
| CVE-2000-0289 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Linux | 2008-09-10 | 5.0 MEDIUM | N/A |
| IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection. | |||||
| CVE-2000-0291 | 1 Sun | 1 Staroffice | 2008-09-10 | 4.6 MEDIUM | N/A |
| Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document. | |||||
| CVE-2000-0292 | 1 Adtran | 1 Mx2800 | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Adtran MX2800 M13 Multiplexer allows remote attackers to cause a denial of service via a ping flood to the Ethernet interface, which causes the device to crash. | |||||
| CVE-2000-0293 | 1 Suse | 1 Suse Linux | 2008-09-10 | 2.1 LOW | N/A |
| aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa_base when it deletes expired files from the /tmp directory. | |||||
| CVE-2000-0294 | 1 Jim Housley | 1 Healthd | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in healthd for FreeBSD allows local users to gain root privileges. | |||||
| CVE-2000-0296 | 1 Michael A. Gumienny | 1 Fcheck | 2008-09-10 | 7.2 HIGH | N/A |
| fcheck allows local users to gain privileges by embedding shell metacharacters into file names that are processed by fcheck. | |||||
| CVE-2000-0297 | 1 Allaire | 1 Forums | 2008-09-10 | 6.4 MEDIUM | N/A |
| Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables. | |||||
| CVE-2000-0309 | 1 Openbsd | 1 Openbsd | 2008-09-10 | 2.1 LOW | N/A |
| The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service. | |||||
| CVE-2000-0310 | 1 Openbsd | 1 Openbsd | 2008-09-10 | 5.0 MEDIUM | N/A |
| IP fragment assembly in OpenBSD 2.4 allows a remote attacker to cause a denial of service by sending a large number of fragmented packets. | |||||
| CVE-2000-0326 | 1 On Technology | 1 Meeting Maker | 2008-09-10 | 5.0 MEDIUM | N/A |
| Meeting Maker uses weak encryption (a polyalphabetic substitution cipher) for passwords, which allows remote attackers to sniff and decrypt passwords for Meeting Maker accounts. | |||||
| CVE-2000-0342 | 1 Qualcomm | 1 Eudora | 2008-09-10 | 5.0 MEDIUM | N/A |
| Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment." | |||||
| CVE-2000-0497 | 1 Ibm | 1 Websphere Application Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| IBM WebSphere server 3.0.2 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case. | |||||
| CVE-2000-0467 | 1 Sam Lantinga | 1 Splitvt | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in Linux splitvt 1.6.3 and earlier allows local users to gain root privileges via a long password in the screen locking function. | |||||
| CVE-2000-0463 | 1 Be | 1 Beos | 2008-09-10 | 5.0 MEDIUM | N/A |
| BeOS 5.0 allows remote attackers to cause a denial of service via fragmented TCP packets. | |||||
| CVE-2000-0343 | 1 Brecht Claerhout | 1 Sniffit | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in Sniffit 0.3.x with the -L logging option enabled allows remote attackers to execute arbitrary commands via a long MAIL FROM mail header. | |||||
| CVE-2000-0452 | 1 Lotus | 2 Domino Enterprise Server, Domino Mail Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in the ESMTP service of Lotus Domino Server 5.0.1 allows remote attackers to cause a denial of service via a long MAIL FROM command. | |||||
| CVE-2000-0451 | 1 Intel | 1 Express 8100 | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Intel express 8100 ISDN router allows remote attackers to cause a denial of service via oversized or fragmented ICMP packets. | |||||
| CVE-2000-0344 | 1 Linux | 1 Linux Kernel | 2008-09-10 | 5.0 MEDIUM | N/A |
| The knfsd NFS server in Linux kernel 2.2.x allows remote attackers to cause a denial of service via a negative size value. | |||||
| CVE-2000-0345 | 1 Cisco | 7 Ios, Router 2500, Router 2600 and 4 more | 2008-09-10 | 2.1 LOW | N/A |
| The on-line help system options in Cisco routers allows non-privileged users without "enabled" access to obtain sensitive information via the show command. | |||||
| CVE-2000-0366 | 1 Debian | 1 Debian Linux | 2008-09-10 | 2.1 LOW | N/A |
| dump in Debian GNU/Linux 2.1 does not properly restore symlinks, which allows a local user to modify the ownership of arbitrary files. | |||||
| CVE-2000-0367 | 1 Michael Jennings | 1 Eterm | 2008-09-10 | 7.2 HIGH | N/A |
| Vulnerability in eterm 0.8.8 in Debian GNU/Linux allows an attacker to gain root privileges. | |||||
| CVE-2000-0369 | 1 Caldera | 1 Openlinux | 2008-09-10 | 5.0 MEDIUM | N/A |
| The IDENT server in Caldera Linux 2.3 creates multiple threads for each IDENT request, which allows remote attackers to cause a denial of service. | |||||
| CVE-2000-0370 | 1 Caldera | 1 Openlinux | 2008-09-10 | 10.0 HIGH | N/A |
| The debug option in Caldera Linux smail allows remote attackers to execute commands via shell metacharacters in the -D option for the rmail command. | |||||
| CVE-2000-0385 | 1 Filemaker | 1 Filemaker | 2008-09-10 | 5.0 MEDIUM | N/A |
| FileMaker Pro 5 Web Companion allows remote attackers to bypass Field-Level database security restrictions via the XML publishing or email capabilities. | |||||