Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0456 | 1 Netbsd | 1 Netbsd | 2008-09-10 | 2.1 LOW | N/A |
| NetBSD 1.4.2 and earlier allows local users to cause a denial of service by repeatedly running certain system calls in the kernel which do not yield the CPU, aka "cpu-hog". | |||||
| CVE-2000-0353 | 1 University Of Washington | 1 Pine | 2008-09-10 | 10.0 HIGH | N/A |
| Pine 4.x allows a remote attacker to execute arbitrary commands via an index.html file which executes lynx and obtains a uudecoded file from a malicious web server, which is then executed by Pine. | |||||
| CVE-2000-0345 | 1 Cisco | 7 Ios, Router 2500, Router 2600 and 4 more | 2008-09-10 | 2.1 LOW | N/A |
| The on-line help system options in Cisco routers allows non-privileged users without "enabled" access to obtain sensitive information via the show command. | |||||
| CVE-2000-0324 | 1 Symantec | 1 Pcanywhere | 2008-09-10 | 5.0 MEDIUM | N/A |
| pcAnywhere 8.x and 9.0 allows remote attackers to cause a denial of service via a TCP SYN scan, e.g. by nmap. | |||||
| CVE-2000-0397 | 1 Seattle Lab Software | 1 Emurl | 2008-09-10 | 5.0 MEDIUM | N/A |
| The EMURL web-based email account software encodes predictable identifiers in user session URLs, which allows a remote attacker to access a user's email account. | |||||
| CVE-2000-0336 | 4 Mandrakesoft, Openldap, Redhat and 1 more | 4 Mandrake Linux, Openldap, Linux and 1 more | 2008-09-10 | 2.1 LOW | N/A |
| Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack. | |||||
| CVE-2000-0452 | 1 Lotus | 2 Domino Enterprise Server, Domino Mail Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in the ESMTP service of Lotus Domino Server 5.0.1 allows remote attackers to cause a denial of service via a long MAIL FROM command. | |||||
| CVE-2000-0463 | 1 Be | 1 Beos | 2008-09-10 | 5.0 MEDIUM | N/A |
| BeOS 5.0 allows remote attackers to cause a denial of service via fragmented TCP packets. | |||||
| CVE-2000-0396 | 1 Pacific Software | 1 Carello | 2008-09-10 | 5.0 MEDIUM | N/A |
| The add.exe program in the Carello shopping cart software allows remote attackers to duplicate files on the server, which could allow the attacker to read source code for web scripts such as .ASP files. | |||||
| CVE-2000-0435 | 1 Matthew Redman | 1 Allmanage | 2008-09-10 | 7.5 HIGH | N/A |
| The allmanageup.pl file upload CGI script in the Allmanage Website administration software 2.6 can be called directly by remote attackers, which allows them to modify user accounts or web pages. | |||||
| CVE-2000-0431 | 1 Sun | 2 Cobalt Raq 2, Cobalt Raq 3i | 2008-09-10 | 7.5 HIGH | N/A |
| Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files. | |||||
| CVE-2000-0467 | 1 Sam Lantinga | 1 Splitvt | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in Linux splitvt 1.6.3 and earlier allows local users to gain root privileges via a long password in the screen locking function. | |||||
| CVE-2000-0395 | 1 Computalynx | 1 Cproxy Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in CProxy 3.3 allows remote users to cause a denial of service via a long HTTP request. | |||||
| CVE-2000-0425 | 1 Lsoft | 1 Listserv | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in the Web Archives component of L-Soft LISTSERV 1.8 allows remote attackers to execute arbitrary commands. | |||||
| CVE-2000-0420 | 1 Microsoft | 1 Windows 2000 | 2008-09-10 | 7.2 HIGH | N/A |
| The default configuration of SYSKEY in Windows 2000 stores the startup key in the registry, which could allow an attacker tor ecover it and use it to decrypt Encrypted File System (EFS) data. | |||||
| CVE-2000-0383 | 1 Aol | 1 Instant Messenger | 2008-09-10 | 5.0 MEDIUM | N/A |
| The file transfer component of AOL Instant Messenger (AIM) reveals the physical path of the transferred file to the remote recipient. | |||||
| CVE-2000-0382 | 1 Allaire | 1 Clustercats | 2008-09-10 | 2.6 LOW | N/A |
| ColdFusion ClusterCATS appends stale query string arguments to a URL during HTML redirection, which may provide sensitive information to the redirected site. | |||||
| CVE-2000-0381 | 1 Gossamer Threads | 1 Dbman | 2008-09-10 | 6.4 MEDIUM | N/A |
| The Gossamer Threads DBMan db.cgi CGI script allows remote attackers to view environmental variables and setup information by referencing a non-existing database in the db parameter. | |||||
| CVE-2000-0436 | 1 Metaproducts | 1 Offline Explorer | 2008-09-10 | 5.0 MEDIUM | N/A |
| MetaProducts Offline Explorer 1.2 and earlier allows remote attackers to access arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0437 | 1 Network Associates | 3 Gauntlet Firewall, Webshield, Webshield E-ppliance | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in the CyberPatrol daemon "cyberdaemon" used in gauntlet and WebShield allows remote attackers to cause a denial of service or execute arbitrary commands. | |||||
| CVE-2000-0418 | 1 Cayman | 2 3220-h Dsl Router, Gatorsurf | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Cayman 3220-H DSL router allows remote attackers to cause a denial of service via oversized ICMP echo (ping) requests. | |||||
| CVE-2000-0417 | 1 Cayman | 2 3220-h Dsl Router, Gatorsurf | 2008-09-10 | 5.0 MEDIUM | N/A |
| The HTTP administration interface to the Cayman 3220-H DSL router allows remote attackers to cause a denial of service via a long username or password. | |||||
| CVE-2000-0433 | 1 Suse | 1 Suse Linux | 2008-09-10 | 4.6 MEDIUM | N/A |
| The SuSE aaa_base package installs some system accounts with home directories set to /tmp, which allows local users to gain privileges to those accounts by creating standard user startup scripts such as profiles. | |||||
| CVE-2000-0378 | 1 Redhat | 1 Linux | 2008-09-10 | 7.2 HIGH | N/A |
| The pam_console PAM module in Linux systems performs a chown on various devices upon a user login, but an open file descriptor for those devices can be maintained after the user logs out, which allows that user to sniff activity on these devices when subsequent users log in. | |||||
| CVE-2000-0363 | 1 Suse | 1 Suse Linux | 2008-09-10 | 6.2 MEDIUM | N/A |
| Linux cdwtools 093 and earlier allows local users to gain root privileges via the /tmp directory. | |||||
| CVE-2000-0434 | 1 Matthew Redman | 1 Allmanage | 2008-09-10 | 7.5 HIGH | N/A |
| The administrative password for the Allmanage web site administration software is stored in plaintext in a file which could be accessed by remote attackers. | |||||
| CVE-2000-0497 | 1 Ibm | 1 Websphere Application Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| IBM WebSphere server 3.0.2 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case. | |||||
| CVE-2000-0379 | 1 Netopia | 1 R-series Routers | 2008-09-10 | 3.6 LOW | N/A |
| The Netopia R9100 router does not prevent authenticated users from modifying SNMP tables, even if the administrator has configured it to do so. | |||||
| CVE-2000-0362 | 1 Suse | 1 Suse Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflows in Linux cdwtools 093 and earlier allows local users to gain root privileges. | |||||
| CVE-2000-0449 | 1 Omnis | 1 Studio | 2008-09-10 | 10.0 HIGH | N/A |
| Omnis Studio 2.4 uses weak encryption (trivial encoding) for encrypting database fields. | |||||
| CVE-2000-0432 | 1 Matt Kruse | 1 Calendar Script | 2008-09-10 | 7.5 HIGH | N/A |
| The calender.pl and the calendar_admin.pl calendar scripts by Matt Kruse allow remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0361 | 1 Suse | 1 Suse Linux | 2008-09-10 | 2.1 LOW | N/A |
| The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a .config file with world readable permissions, which allows a local attacker in the dialout group to access login and password information. | |||||
| CVE-2000-0360 | 1 Isc | 1 Inn | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in INN 2.2.1 and earlier allows remote attackers to cause a denial of service via a maliciously formatted article. | |||||
| CVE-2000-0416 | 1 Microsoft | 1 Windows 2000 | 2008-09-10 | 5.0 MEDIUM | N/A |
| NTMail 5.x allows network users to bypass the NTMail proxy restrictions by redirecting their requests to NTMail's web configuration server. | |||||
| CVE-2000-0411 | 1 Matt Wright | 1 Formmail | 2008-09-10 | 5.0 MEDIUM | N/A |
| Matt Wright's FormMail CGI script allows remote attackers to obtain environmental variables via the env_report parameter. | |||||
| CVE-2000-0350 | 1 Networkice | 1 Icecap Manager | 2008-09-10 | 5.0 MEDIUM | N/A |
| A debugging feature in NetworkICE ICEcap 2.0.23 and earlier is enabled, which allows a remote attacker to bypass the weak authentication and post unencrypted events. | |||||
| CVE-2000-0371 | 1 Kde | 1 Kde | 2008-09-10 | 1.2 LOW | N/A |
| The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack. | |||||
| CVE-2000-0340 | 1 Suse | 1 Suse Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in Gnomelib in SuSE Linux 6.3 allows local users to execute arbitrary commands via the DISPLAY environmental variable. | |||||
| CVE-2000-0450 | 1 Sean Macguire | 1 Big Brother | 2008-09-10 | 7.5 HIGH | N/A |
| Vulnerability in bbd server in Big Brother System and Network Monitor allows an attacker to execute arbitrary commands. | |||||
| CVE-2000-0299 | 1 Apple | 1 Webobjects | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in WebObjects.exe in the WebObjects Developer 4.5 package allows remote attackers to cause a denial of service via an HTTP request with long headers such as Accept. | |||||
| CVE-2000-0300 | 1 Symantec | 1 Pcanywhere | 2008-09-10 | 10.0 HIGH | N/A |
| The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts. | |||||
| CVE-2000-0410 | 1 Allaire | 1 Coldfusion Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| ColdFusion Server 4.5.1 allows remote attackers to cause a denial of service by making repeated requests to a CFCACHE tagged cache file that is not stored in memory. | |||||
| CVE-2000-0409 | 1 Netscape | 1 Communicator | 2008-09-10 | 3.7 LOW | N/A |
| Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate. | |||||
| CVE-2000-0339 | 1 Zonelabs | 1 Zonealarm | 2008-09-10 | 7.5 HIGH | N/A |
| ZoneAlarm 2.1.10 and earlier does not filter UDP packets with a source port of 67, which allows remote attackers to bypass the firewall rules. | |||||
| CVE-2000-0451 | 1 Intel | 1 Express 8100 | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Intel express 8100 ISDN router allows remote attackers to cause a denial of service via oversized or fragmented ICMP packets. | |||||
| CVE-2000-0309 | 1 Openbsd | 1 Openbsd | 2008-09-10 | 2.1 LOW | N/A |
| The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service. | |||||
| CVE-2000-0310 | 1 Openbsd | 1 Openbsd | 2008-09-10 | 5.0 MEDIUM | N/A |
| IP fragment assembly in OpenBSD 2.4 allows a remote attacker to cause a denial of service by sending a large number of fragmented packets. | |||||
| CVE-2000-0338 | 1 Cvs | 1 Cvs | 2008-09-10 | 5.0 MEDIUM | N/A |
| Concurrent Versions Software (CVS) uses predictable temporary file names for locking, which allows local users to cause a denial of service by creating the lock directory before it is created for use by a legitimate CVS user. | |||||
| CVE-2000-0321 | 1 Icradius | 1 Icradius | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in IC Radius package allows a remote attacker to cause a denial of service via a long user name. | |||||
| CVE-2000-0399 | 1 Alt-n | 1 Mdaemon | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in MDaemon POP server allows remote attackers to cause a denial of service via a long user name. | |||||