Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0382 | 1 Allaire | 1 Clustercats | 2008-09-10 | 2.6 LOW | N/A |
| ColdFusion ClusterCATS appends stale query string arguments to a URL during HTML redirection, which may provide sensitive information to the redirected site. | |||||
| CVE-2000-0383 | 1 Aol | 1 Instant Messenger | 2008-09-10 | 5.0 MEDIUM | N/A |
| The file transfer component of AOL Instant Messenger (AIM) reveals the physical path of the transferred file to the remote recipient. | |||||
| CVE-2000-0443 | 1 Hp | 1 Jetadmin | 2008-09-10 | 7.5 HIGH | N/A |
| The web interface server in HP Web JetAdmin 5.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0395 | 1 Computalynx | 1 Cproxy Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in CProxy 3.3 allows remote users to cause a denial of service via a long HTTP request. | |||||
| CVE-2000-0396 | 1 Pacific Software | 1 Carello | 2008-09-10 | 5.0 MEDIUM | N/A |
| The add.exe program in the Carello shopping cart software allows remote attackers to duplicate files on the server, which could allow the attacker to read source code for web scripts such as .ASP files. | |||||
| CVE-2000-0397 | 1 Seattle Lab Software | 1 Emurl | 2008-09-10 | 5.0 MEDIUM | N/A |
| The EMURL web-based email account software encodes predictable identifiers in user session URLs, which allows a remote attacker to access a user's email account. | |||||
| CVE-2000-0398 | 1 Rockliffe | 1 Mailsite | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in wconsole.dll in Rockliffe MailSite Management Agent allows remote attackers to execute arbitrary commands via a long query_string parameter in the HTTP GET request. | |||||
| CVE-2000-0326 | 1 On Technology | 1 Meeting Maker | 2008-09-10 | 5.0 MEDIUM | N/A |
| Meeting Maker uses weak encryption (a polyalphabetic substitution cipher) for passwords, which allows remote attackers to sniff and decrypt passwords for Meeting Maker accounts. | |||||
| CVE-2000-0399 | 1 Alt-n | 1 Mdaemon | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in MDaemon POP server allows remote attackers to cause a denial of service via a long user name. | |||||
| CVE-2000-0412 | 1 Napster | 1 Knapster | 2008-09-10 | 7.5 HIGH | N/A |
| The gnapster and knapster clients for Napster do not properly restrict access only to MP3 files, which allows remote attackers to read arbitrary files from the client by specifying the full pathname for the file. | |||||
| CVE-2000-0379 | 1 Netopia | 1 R-series Routers | 2008-09-10 | 3.6 LOW | N/A |
| The Netopia R9100 router does not prevent authenticated users from modifying SNMP tables, even if the administrator has configured it to do so. | |||||
| CVE-2000-0444 | 1 Hp | 1 Jetadmin | 2008-09-10 | 5.0 MEDIUM | N/A |
| HP Web JetAdmin 6.0 allows remote attackers to cause a denial of service via a malformed URL to port 8000. | |||||
| CVE-2000-0414 | 1 Hp | 2 Hp-ux, Vvos | 2008-09-10 | 4.6 MEDIUM | N/A |
| Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows local users to gain privileges via malformed input variables. | |||||
| CVE-2000-0421 | 1 Mozilla | 1 Bugzilla | 2008-09-10 | 7.5 HIGH | N/A |
| The process_bug.cgi script in Bugzilla allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0288 | 2008-09-10 | 5.0 MEDIUM | N/A | ||
| Infonautics getdoc.cgi allows remote attackers to bypass the payment phase for accessing documents via a modified form variable. | |||||
| CVE-2000-0424 | 1 George Burgyan | 1 Cgi Counter | 2008-09-10 | 7.5 HIGH | N/A |
| The CGI counter 4.0.7 by George Burgyan allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0310 | 1 Openbsd | 1 Openbsd | 2008-09-10 | 5.0 MEDIUM | N/A |
| IP fragment assembly in OpenBSD 2.4 allows a remote attacker to cause a denial of service by sending a large number of fragmented packets. | |||||
| CVE-2000-0309 | 1 Openbsd | 1 Openbsd | 2008-09-10 | 2.1 LOW | N/A |
| The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service. | |||||
| CVE-2000-0445 | 1 Pgp | 1 Pgp | 2008-09-10 | 2.1 LOW | N/A |
| The pgpk command in PGP 5.x on Unix systems uses an insufficiently random data source for non-interactive key pair generation, which may produce predictable keys. | |||||
| CVE-2000-0297 | 1 Allaire | 1 Forums | 2008-09-10 | 6.4 MEDIUM | N/A |
| Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables. | |||||
| CVE-2000-0446 | 1 Marty Bochane | 1 Mdbms | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in MDBMS database server allows remote attackers to execute arbitrary commands via a long string. | |||||
| CVE-2000-0447 | 1 Network Associates | 1 Webshield | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in WebShield SMTP 4.5.44 allows remote attackers to execute arbitrary commands via a long configuration parameter to the WebShield remote management service. | |||||
| CVE-2000-0296 | 1 Michael A. Gumienny | 1 Fcheck | 2008-09-10 | 7.2 HIGH | N/A |
| fcheck allows local users to gain privileges by embedding shell metacharacters into file names that are processed by fcheck. | |||||
| CVE-2000-0460 | 1 Kde | 1 Kde | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable. | |||||
| CVE-2000-0461 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2008-09-10 | 2.1 LOW | N/A |
| The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call. | |||||
| CVE-2000-0462 | 1 Netbsd | 1 Netbsd | 2008-09-10 | 2.1 LOW | N/A |
| ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory. | |||||
| CVE-2000-0476 | 4 Michael Jennings, Putty, Rxvt and 1 more | 4 Eterm, Putty, Rxvt and 1 more | 2008-09-10 | 5.0 MEDIUM | N/A |
| xterm, Eterm, and rxvt allow an attacker to cause a denial of service by embedding certain escape characters which force the window to be resized. | |||||
| CVE-2000-0491 | 3 Caldera, Gnome, Suse | 3 Openlinux, Gdm, Suse Linux | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request. | |||||
| CVE-2000-0294 | 1 Jim Housley | 1 Healthd | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in healthd for FreeBSD allows local users to gain root privileges. | |||||
| CVE-2000-0293 | 1 Suse | 1 Suse Linux | 2008-09-10 | 2.1 LOW | N/A |
| aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa_base when it deletes expired files from the /tmp directory. | |||||
| CVE-2000-0492 | 1 Passwd | 1 Passwd | 2008-09-10 | 5.0 MEDIUM | N/A |
| PassWD 1.2 uses weak encryption (trivial encoding) to store passwords, which allows an attacker who can read the password file to easliy decrypt the passwords. | |||||
| CVE-2000-0494 | 1 Symantec Veritas | 1 Volume Manager | 2008-09-10 | 7.2 HIGH | N/A |
| Veritas Volume Manager creates a world writable .server_pids file, which allows local users to add arbitrary commands into the file, which is then executed by the vmsa_server script. | |||||
| CVE-2000-0360 | 1 Isc | 1 Inn | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in INN 2.2.1 and earlier allows remote attackers to cause a denial of service via a maliciously formatted article. | |||||
| CVE-2000-0292 | 1 Adtran | 1 Mx2800 | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Adtran MX2800 M13 Multiplexer allows remote attackers to cause a denial of service via a ping flood to the Ethernet interface, which causes the device to crash. | |||||
| CVE-2000-0361 | 1 Suse | 1 Suse Linux | 2008-09-10 | 2.1 LOW | N/A |
| The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a .config file with world readable permissions, which allows a local attacker in the dialout group to access login and password information. | |||||
| CVE-2000-0362 | 1 Suse | 1 Suse Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflows in Linux cdwtools 093 and earlier allows local users to gain root privileges. | |||||
| CVE-2000-0363 | 1 Suse | 1 Suse Linux | 2008-09-10 | 6.2 MEDIUM | N/A |
| Linux cdwtools 093 and earlier allows local users to gain root privileges via the /tmp directory. | |||||
| CVE-2000-0381 | 1 Gossamer Threads | 1 Dbman | 2008-09-10 | 6.4 MEDIUM | N/A |
| The Gossamer Threads DBMan db.cgi CGI script allows remote attackers to view environmental variables and setup information by referencing a non-existing database in the db parameter. | |||||
| CVE-2000-0378 | 1 Redhat | 1 Linux | 2008-09-10 | 7.2 HIGH | N/A |
| The pam_console PAM module in Linux systems performs a chown on various devices upon a user login, but an open file descriptor for those devices can be maintained after the user logs out, which allows that user to sniff activity on these devices when subsequent users log in. | |||||
| CVE-2000-0291 | 1 Sun | 1 Staroffice | 2008-09-10 | 4.6 MEDIUM | N/A |
| Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document. | |||||
| CVE-2000-0153 | 1 Microsoft | 2 Frontpage, Personal Web Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack. | |||||
| CVE-2000-0276 | 1 Be | 1 Beos | 2008-09-10 | 2.1 LOW | N/A |
| BeOS 4.5 and 5.0 allow local users to cause a denial of service via malformed direct system calls using interrupt 37. | |||||
| CVE-2000-0275 | 1 Cryptocard | 1 Cryptoadmin | 2008-09-10 | 2.1 LOW | N/A |
| CRYPTOCard CryptoAdmin for PalmOS uses weak encryption to store a user's PIN number, which allows an attacker with access to the .PDB file to generate valid PT-1 tokens after cracking the PIN. | |||||
| CVE-2000-0274 | 1 Bray Systems | 1 Linux Trustees | 2008-09-10 | 2.1 LOW | N/A |
| The Linux trustees kernel patch allows attackers to cause a denial of service by accessing a file or directory with a long name. | |||||
| CVE-2000-0273 | 1 Symantec | 1 Pcanywhere | 2008-09-10 | 5.0 MEDIUM | N/A |
| PCAnywhere allows remote attackers to cause a denial of service by terminating the connection before PCAnywhere provides a login prompt. | |||||
| CVE-2000-0257 | 1 Novell | 1 Netware | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in the NetWare remote web administration utility allows remote attackers to cause a denial of service or execute commands via a long URL. | |||||
| CVE-2000-0255 | 1 Nbase-xyplex | 1 Edgeblaster | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Nbase-Xyplex EdgeBlaster router allows remote attackers to cause a denial of service via a scan for the FormMail CGI program. | |||||
| CVE-2000-0241 | 1 Vqsoft | 1 Vqserver | 2008-09-10 | 5.0 MEDIUM | N/A |
| vqSoft vqServer stores sensitive information such as passwords in cleartext in the server.cfg file, which allows attackers to gain privileges. | |||||
| CVE-2000-0240 | 1 Vqsoft | 1 Vqserver | 2008-09-10 | 5.0 MEDIUM | N/A |
| vqSoft vqServer program allows remote attackers to read arbitrary files via a /........../ in the URL, a variation of a .. (dot dot) attack. | |||||
| CVE-2000-0238 | 1 Symantec | 1 Norton Antivirus | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in the web server for Norton AntiVirus for Internet Email Gateways allows remote attackers to cause a denial of service via a long URL. | |||||