Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0230 | 2 Halloween, Redhat | 2 Halloween Linux, Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable. | |||||
| CVE-2000-0229 | 4 Alessandro Rubini, Debian, Redhat and 1 more | 4 Gpm, Debian Linux, Linux and 1 more | 2008-09-10 | 7.2 HIGH | N/A |
| gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root. | |||||
| CVE-2000-0218 | 2 Caldera, Suse | 2 Openlinux, Suse Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative pathname. | |||||
| CVE-2000-0217 | 2 Openbsd, Ssh | 3 Openssh, Ssh, Ssh2 | 2008-09-10 | 5.1 MEDIUM | N/A |
| The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious xauth program. | |||||
| CVE-2000-0216 | 1 Microsoft | 3 Exchange Server, Outlook, Windows Messaging | 2008-09-10 | 5.0 MEDIUM | N/A |
| Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Receipt and Delivery Receipt tags, which could allow an attacker to flood a mail system with responses by forging a Read Receipt request that is redirected to a large distribution list. | |||||
| CVE-2000-0215 | 1 Sco | 1 Unixware | 2008-09-10 | 7.2 HIGH | N/A |
| Vulnerability in SCO cu program in UnixWare 7.x allows local users to gain privileges. | |||||
| CVE-2000-0213 | 1 Sambar | 1 Sambar Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Sambar server includes batch files ECHO.BAT and HELLO.BAT in the CGI directory, which allow remote attackers to execute commands via shell metacharacters. | |||||
| CVE-2000-0225 | 1 Deti Fliegl | 1 Poc32 | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Pocsag POC32 program does not properly prevent remote users from accessing its server port, even if the option has been disabled. | |||||
| CVE-2000-0199 | 1 Microsoft | 1 Sql Server | 2008-09-10 | 7.2 HIGH | N/A |
| When a new SQL Server is registered in Enterprise Manager for Microsoft SQL Server 7.0 and the "Always prompt for login name and password" option is not set, then the Enterprise Manager uses weak encryption to store the login ID and password. | |||||
| CVE-2000-0198 | 1 Atrium Software | 3 Mercur Imap4 Server, Mercur Mailserver, Mercur Pop3 Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in POP3 and IMAP servers in the MERCUR mail server suite allows remote attackers to cause a denial of service. | |||||
| CVE-2000-0197 | 1 Microsoft | 1 Windows Nt | 2008-09-10 | 4.6 MEDIUM | N/A |
| The Windows NT scheduler uses the drive mapping of the interactive user who is currently logged onto the system, which allows the local user to gain privileges by providing a Trojan horse batch file in place of the original batch file. | |||||
| CVE-2000-0196 | 3 Nmh, Redhat, Turbolinux | 3 Nmh, Linux, Turbolinux | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message. | |||||
| CVE-2000-0184 | 2 Mandrakesoft, Redhat | 2 Mandrake Linux, Linux | 2008-09-10 | 2.1 LOW | N/A |
| Linux printtool sets the permissions of printer configuration files to be world-readable, which allows local attackers to obtain printer share passwords. | |||||
| CVE-2000-0183 | 1 Michael Sandrof | 1 Ircii | 2008-09-10 | 5.1 MEDIUM | N/A |
| Buffer overflow in ircII 4.4 IRC client allows remote attackers to execute commands via the DCC chat capability. | |||||
| CVE-2000-0182 | 1 Iplanet | 1 Iplanet Web Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| iPlanet Web Server 4.1 allows remote attackers to cause a denial of service via a large number of GET commands, which consumes memory and causes a kernel panic. | |||||
| CVE-2000-0181 | 1 Checkpoint | 1 Firewall-1 | 2008-09-10 | 5.0 MEDIUM | N/A |
| Firewall-1 3.0 and 4.0 leaks packets with private IP address information, which could allow remote attackers to determine the real IP address of the host that is making the connection. | |||||
| CVE-2000-0179 | 1 Hp | 1 Openview Omniback Ii | 2008-09-10 | 5.0 MEDIUM | N/A |
| HP OpenView OmniBack 2.55 allows remote attackers to cause a denial of service via a large number of connections to port 5555. | |||||
| CVE-2000-0159 | 1 Hp | 1 Hp-ux | 2008-09-10 | 7.5 HIGH | N/A |
| HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges. | |||||
| CVE-2000-0158 | 1 Sco | 1 Openserver | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in MMDF server allows remote attackers to gain privileges via a long MAIL FROM command to the SMTP daemon. | |||||
| CVE-2000-0143 | 2 Openbsd, Ssh | 2 Openssh, Ssh | 2008-09-10 | 4.6 MEDIUM | N/A |
| The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP. | |||||
| CVE-2000-0142 | 1 Netopia | 1 Timbuktu Pro | 2008-09-10 | 5.0 MEDIUM | N/A |
| The authentication protocol in Timbuktu Pro 2.0b650 allows remote attackers to cause a denial of service via connections to port 407 and 1417. | |||||
| CVE-2000-0141 | 1 Infopop | 1 Ultimate Bulletin Board | 2008-09-10 | 10.0 HIGH | N/A |
| Infopop Ultimate Bulletin Board (UBB) allows remote attackers to execute commands via shell metacharacters in the topic hidden field. | |||||
| CVE-2000-0129 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2008-09-10 | 2.1 LOW | N/A |
| Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file. | |||||
| CVE-2000-0276 | 1 Be | 1 Beos | 2008-09-10 | 2.1 LOW | N/A |
| BeOS 4.5 and 5.0 allow local users to cause a denial of service via malformed direct system calls using interrupt 37. | |||||
| CVE-2000-0275 | 1 Cryptocard | 1 Cryptoadmin | 2008-09-10 | 2.1 LOW | N/A |
| CRYPTOCard CryptoAdmin for PalmOS uses weak encryption to store a user's PIN number, which allows an attacker with access to the .PDB file to generate valid PT-1 tokens after cracking the PIN. | |||||
| CVE-2000-0263 | 1 Redhat | 1 Linux | 2008-09-10 | 2.1 LOW | N/A |
| The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a malformed request. | |||||
| CVE-2000-0135 | 1 Atretail | 1 Atretail | 2008-09-10 | 7.5 HIGH | N/A |
| The @Retail shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0136 | 1 Mcmurtrey Whitaker And Associates | 1 Cart32 | 2008-09-10 | 7.5 HIGH | N/A |
| The Cart32 shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0137 | 1 Cartit | 1 Cartit | 2008-09-10 | 7.5 HIGH | N/A |
| The CartIt shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0154 | 1 Sco | 1 Unixware | 2008-09-10 | 1.2 LOW | N/A |
| The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack. | |||||
| CVE-2000-0157 | 1 Netbsd | 1 Netbsd | 2008-09-10 | 7.2 HIGH | N/A |
| NetBSD ptrace call on VAX allows local users to gain privileges by modifying the PSL contents in the debugging process. | |||||
| CVE-2000-0185 | 1 Realnetworks | 2 Realserver, Realserver G2 | 2008-09-10 | 5.0 MEDIUM | N/A |
| RealMedia RealServer reveals the real IP address of a Real Server, even if the address is supposed to be private. | |||||
| CVE-2000-0186 | 4 Freebsd, Mandrakesoft, Redhat and 1 more | 4 Freebsd, Mandrake Linux, Linux and 1 more | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument. | |||||
| CVE-2000-0187 | 1 Alex Heiphetz Group | 1 Ezshopper | 2008-09-10 | 7.5 HIGH | N/A |
| EZShopper 3.0 loadpage.cgi CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack or execute commands via shell metacharacters. | |||||
| CVE-2000-0188 | 1 Alex Heiphetz Group | 1 Ezshopper | 2008-09-10 | 7.5 HIGH | N/A |
| EZShopper 3.0 search.cgi CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack or execute commands via shell metacharacters. | |||||
| CVE-2000-0189 | 1 Allaire | 1 Coldfusion Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| ColdFusion Server 4.x allows remote attackers to determine the real pathname of the server via an HTTP request to the application.cfm or onrequestend.cfm files. | |||||
| CVE-2000-0190 | 1 Aol | 1 Instant Messenger | 2008-09-10 | 5.0 MEDIUM | N/A |
| AOL Instant Messenger (AIM) client allows remote attackers to cause a denial of service via a message with a malformed ASCII value. | |||||
| CVE-2000-0220 | 1 Zonelabs | 1 Zonealarm | 2008-09-10 | 5.0 MEDIUM | N/A |
| ZoneAlarm sends sensitive system and network information in cleartext to the Zone Labs server if a user requests more information about an event. | |||||
| CVE-2000-0221 | 1 Nortel | 1 Nautica Marlin | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Nautica Marlin bridge allows remote attackers to cause a denial of service via a zero length UDP packet to the SNMP port. | |||||
| CVE-2000-0223 | 1 Sam Hawker | 1 Wmcdplay | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in the wmcdplay CD player program for the WindowMaker desktop allows local users to gain root privileges via a long parameter. | |||||
| CVE-2000-0224 | 1 Sco | 1 Unixware | 2008-09-10 | 1.2 LOW | N/A |
| ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root privileges via a symlink attack. | |||||
| CVE-2000-0236 | 1 Netscape | 1 Enterprise Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Netscape Enterprise Server with Directory Indexing enabled allows remote attackers to list server directories via web publishing tags such as ?wp-ver-info and ?wp-cs-dump. | |||||
| CVE-2000-0237 | 1 Netscape | 1 Enterprise Server | 2008-09-10 | 6.4 MEDIUM | N/A |
| Netscape Enterprise Server with Web Publishing enabled allows remote attackers to list arbitrary directories via a GET request for the /publisher directory, which provides a Java applet that allows the attacker to browse the directories. | |||||
| CVE-2000-0238 | 1 Symantec | 1 Norton Antivirus | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in the web server for Norton AntiVirus for Internet Email Gateways allows remote attackers to cause a denial of service via a long URL. | |||||
| CVE-2000-0240 | 1 Vqsoft | 1 Vqserver | 2008-09-10 | 5.0 MEDIUM | N/A |
| vqSoft vqServer program allows remote attackers to read arbitrary files via a /........../ in the URL, a variation of a .. (dot dot) attack. | |||||
| CVE-2000-0241 | 1 Vqsoft | 1 Vqserver | 2008-09-10 | 5.0 MEDIUM | N/A |
| vqSoft vqServer stores sensitive information such as passwords in cleartext in the server.cfg file, which allows attackers to gain privileges. | |||||
| CVE-2000-0261 | 1 Avm | 1 Ken | 2008-09-10 | 5.0 MEDIUM | N/A |
| The AVM KEN! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0262 | 1 Avm | 1 Ken | 2008-09-10 | 5.0 MEDIUM | N/A |
| The AVM KEN! ISDN Proxy server allows remote attackers to cause a denial of service via a malformed request. | |||||
| CVE-2000-0123 | 1 Filemaker | 1 Filemaker | 2008-09-10 | 7.5 HIGH | N/A |
| The shopping cart application provided with Filemaker allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0125 | 1 Wired Community Software | 1 Wwwthreads | 2008-09-10 | 7.5 HIGH | N/A |
| wwwthreads does not properly cleanse numeric data or table names that are passed to SQL queries, which allows remote attackers to gain privileges for wwwthreads forums. | |||||