Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0339 | 1 Zonelabs | 1 Zonealarm | 2008-09-10 | 7.5 HIGH | N/A |
| ZoneAlarm 2.1.10 and earlier does not filter UDP packets with a source port of 67, which allows remote attackers to bypass the firewall rules. | |||||
| CVE-2000-0340 | 1 Suse | 1 Suse Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in Gnomelib in SuSE Linux 6.3 allows local users to execute arbitrary commands via the DISPLAY environmental variable. | |||||
| CVE-2000-0371 | 1 Kde | 1 Kde | 2008-09-10 | 1.2 LOW | N/A |
| The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack. | |||||
| CVE-2000-0350 | 1 Networkice | 1 Icecap Manager | 2008-09-10 | 5.0 MEDIUM | N/A |
| A debugging feature in NetworkICE ICEcap 2.0.23 and earlier is enabled, which allows a remote attacker to bypass the weak authentication and post unencrypted events. | |||||
| CVE-2000-0360 | 1 Isc | 1 Inn | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in INN 2.2.1 and earlier allows remote attackers to cause a denial of service via a maliciously formatted article. | |||||
| CVE-2000-0361 | 1 Suse | 1 Suse Linux | 2008-09-10 | 2.1 LOW | N/A |
| The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a .config file with world readable permissions, which allows a local attacker in the dialout group to access login and password information. | |||||
| CVE-2000-0362 | 1 Suse | 1 Suse Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflows in Linux cdwtools 093 and earlier allows local users to gain root privileges. | |||||
| CVE-2000-0363 | 1 Suse | 1 Suse Linux | 2008-09-10 | 6.2 MEDIUM | N/A |
| Linux cdwtools 093 and earlier allows local users to gain root privileges via the /tmp directory. | |||||
| CVE-2000-0378 | 1 Redhat | 1 Linux | 2008-09-10 | 7.2 HIGH | N/A |
| The pam_console PAM module in Linux systems performs a chown on various devices upon a user login, but an open file descriptor for those devices can be maintained after the user logs out, which allows that user to sniff activity on these devices when subsequent users log in. | |||||
| CVE-2000-0379 | 1 Netopia | 1 R-series Routers | 2008-09-10 | 3.6 LOW | N/A |
| The Netopia R9100 router does not prevent authenticated users from modifying SNMP tables, even if the administrator has configured it to do so. | |||||
| CVE-2000-0381 | 1 Gossamer Threads | 1 Dbman | 2008-09-10 | 6.4 MEDIUM | N/A |
| The Gossamer Threads DBMan db.cgi CGI script allows remote attackers to view environmental variables and setup information by referencing a non-existing database in the db parameter. | |||||
| CVE-2000-0382 | 1 Allaire | 1 Clustercats | 2008-09-10 | 2.6 LOW | N/A |
| ColdFusion ClusterCATS appends stale query string arguments to a URL during HTML redirection, which may provide sensitive information to the redirected site. | |||||
| CVE-2000-0383 | 1 Aol | 1 Instant Messenger | 2008-09-10 | 5.0 MEDIUM | N/A |
| The file transfer component of AOL Instant Messenger (AIM) reveals the physical path of the transferred file to the remote recipient. | |||||
| CVE-2000-0395 | 1 Computalynx | 1 Cproxy Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in CProxy 3.3 allows remote users to cause a denial of service via a long HTTP request. | |||||
| CVE-2000-0396 | 1 Pacific Software | 1 Carello | 2008-09-10 | 5.0 MEDIUM | N/A |
| The add.exe program in the Carello shopping cart software allows remote attackers to duplicate files on the server, which could allow the attacker to read source code for web scripts such as .ASP files. | |||||
| CVE-2000-0397 | 1 Seattle Lab Software | 1 Emurl | 2008-09-10 | 5.0 MEDIUM | N/A |
| The EMURL web-based email account software encodes predictable identifiers in user session URLs, which allows a remote attacker to access a user's email account. | |||||
| CVE-2000-0398 | 1 Rockliffe | 1 Mailsite | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in wconsole.dll in Rockliffe MailSite Management Agent allows remote attackers to execute arbitrary commands via a long query_string parameter in the HTTP GET request. | |||||
| CVE-2000-0399 | 1 Alt-n | 1 Mdaemon | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in MDaemon POP server allows remote attackers to cause a denial of service via a long user name. | |||||
| CVE-2000-0412 | 1 Napster | 1 Knapster | 2008-09-10 | 7.5 HIGH | N/A |
| The gnapster and knapster clients for Napster do not properly restrict access only to MP3 files, which allows remote attackers to read arbitrary files from the client by specifying the full pathname for the file. | |||||
| CVE-2000-0414 | 1 Hp | 2 Hp-ux, Vvos | 2008-09-10 | 4.6 MEDIUM | N/A |
| Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows local users to gain privileges via malformed input variables. | |||||
| CVE-2000-0421 | 1 Mozilla | 1 Bugzilla | 2008-09-10 | 7.5 HIGH | N/A |
| The process_bug.cgi script in Bugzilla allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0424 | 1 George Burgyan | 1 Cgi Counter | 2008-09-10 | 7.5 HIGH | N/A |
| The CGI counter 4.0.7 by George Burgyan allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0426 | 1 Ultrascripts | 1 Ultraboard | 2008-09-10 | 5.0 MEDIUM | N/A |
| UltraBoard 1.6 and other versions allow remote attackers to cause a denial of service by referencing UltraBoard in the Session parameter, which causes UltraBoard to fork copies of itself. | |||||
| CVE-2000-0438 | 4 Caldera, Slackware, Suse and 1 more | 4 Openlinux, Slackware Linux, Suse Linux and 1 more | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter. | |||||
| CVE-2000-0440 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2008-09-10 | 5.0 MEDIUM | N/A |
| NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet with an unaligned IP timestamp option. | |||||
| CVE-2000-0441 | 1 Ibm | 1 Aix | 2008-09-10 | 5.0 MEDIUM | N/A |
| Vulnerability in AIX 3.2.x and 4.x allows local users to gain write access to files on locally or remotely mounted AIX filesystems. | |||||
| CVE-2000-0442 | 2 Qualcomm, Sun | 3 Qpopper, Cobalt Raq 2, Cobalt Raq 3i | 2008-09-10 | 7.5 HIGH | N/A |
| Qpopper 2.53 and earlier allows local users to gain privileges via a formatting string in the From: header, which is processed by the euidl command. | |||||
| CVE-2000-0453 | 1 Xfree86 Project | 1 X11r6 | 2008-09-10 | 5.0 MEDIUM | N/A |
| XFree86 3.3.x and 4.0 allows a user to cause a denial of service via a negative counter value in a malformed TCP packet that is sent to port 6000. | |||||
| CVE-2000-0454 | 1 Mandrakesoft | 1 Mandrake Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter. | |||||
| CVE-2000-0455 | 1 David Bagley | 1 Xlock | 2008-09-10 | 2.1 LOW | N/A |
| Buffer overflow in xlockmore xlock program version 4.16 and earlier allows local users to read sensitive data from memory via a long -mode option. | |||||
| CVE-2000-0463 | 1 Be | 1 Beos | 2008-09-10 | 5.0 MEDIUM | N/A |
| BeOS 5.0 allows remote attackers to cause a denial of service via fragmented TCP packets. | |||||
| CVE-2000-0467 | 1 Sam Lantinga | 1 Splitvt | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in Linux splitvt 1.6.3 and earlier allows local users to gain root privileges via a long password in the screen locking function. | |||||
| CVE-2000-0468 | 1 Hp | 1 Hp-ux | 2008-09-10 | 4.6 MEDIUM | N/A |
| man in HP-UX 10.20 and 11 allows local attackers to overwrite files via a symlink attack. | |||||
| CVE-2000-0469 | 1 Selena Sol | 1 Webbanner | 2008-09-10 | 5.1 MEDIUM | N/A |
| Selena Sol WebBanner 4.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0473 | 1 Analogx | 1 Simpleserver Www | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in AnalogX SimpleServer 1.05 allows a remote attacker to cause a denial of service via a long GET request for a program in the cgi-bin directory. | |||||
| CVE-2000-0491 | 3 Caldera, Gnome, Suse | 3 Openlinux, Gdm, Suse Linux | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request. | |||||
| CVE-2000-0492 | 1 Passwd | 1 Passwd | 2008-09-10 | 5.0 MEDIUM | N/A |
| PassWD 1.2 uses weak encryption (trivial encoding) to store passwords, which allows an attacker who can read the password file to easliy decrypt the passwords. | |||||
| CVE-2000-0494 | 1 Symantec Veritas | 1 Volume Manager | 2008-09-10 | 7.2 HIGH | N/A |
| Veritas Volume Manager creates a world writable .server_pids file, which allows local users to add arbitrary commands into the file, which is then executed by the vmsa_server script. | |||||
| CVE-2000-0526 | 1 3r Soft | 1 Mailstudio 2000 | 2008-09-10 | 5.0 MEDIUM | N/A |
| mailview.cgi CGI program in MailStudio 2000 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0527 | 1 3r Soft | 1 Mailstudio 2000 | 2008-09-10 | 10.0 HIGH | N/A |
| userreg.cgi CGI program in MailStudio 2000 2.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0267 | 1 Cisco | 1 Catos | 2008-09-10 | 4.6 MEDIUM | N/A |
| Cisco Catalyst 5.4.x allows a user to gain access to the "enable" mode without a password. | |||||
| CVE-2000-0171 | 1 At Computing | 1 Atsar Linux | 2008-09-10 | 7.2 HIGH | N/A |
| atsadc in the atsar package for Linux does not properly check the permissions of an output file, which allows local users to gain root privileges. | |||||
| CVE-2000-0172 | 2 Matt Kimball And Roger Wolff, Turbolinux | 2 Mtr, Turbolinux | 2008-09-10 | 7.2 HIGH | N/A |
| The mtr program only uses a seteuid call when attempting to drop privileges, which could allow local users to gain root privileges. | |||||
| CVE-2000-0173 | 1 Sco | 1 Unixware | 2008-09-10 | 5.0 MEDIUM | N/A |
| Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote attackers to cause a denial of service. | |||||
| CVE-2000-0174 | 1 Sun | 1 Staroffice | 2008-09-10 | 5.0 MEDIUM | N/A |
| StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0175 | 1 Sun | 1 Staroffice | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command. | |||||
| CVE-2000-0176 | 1 Cat Soft | 1 Serv-u | 2008-09-10 | 5.0 MEDIUM | N/A |
| The default configuration of Serv-U 2.5d and earlier allows remote attackers to determine the real pathname of the server by requesting a URL for a directory or file that does not exist. | |||||
| CVE-2000-0177 | 1 Dnstools Software | 1 Dnstools | 2008-09-10 | 10.0 HIGH | N/A |
| DNSTools CGI applications allow remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0178 | 1 Foundrynet | 1 Serveriron | 2008-09-10 | 7.5 HIGH | N/A |
| ServerIron switches by Foundry Networks have predictable TCP/IP sequence numbers, which allows remote attackers to spoof or hijack sessions. | |||||
| CVE-2000-0208 | 1 Htdig | 1 Htdig | 2008-09-10 | 5.0 MEDIUM | N/A |
| The htdig (ht://Dig) CGI program htsearch allows remote attackers to read arbitrary files by enclosing the file name with backticks (`) in parameters to htsearch. | |||||