Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0008 | 1 1st Choice Software | 1 Ftppro | 2008-09-10 | 2.1 LOW | N/A |
| FTPPro allows local users to read sensitive information, which is stored in plain text. | |||||
| CVE-2000-0018 | 1 Windowmaker | 1 Wmmon | 2008-09-10 | 7.2 HIGH | N/A |
| wmmon in FreeBSD allows local users to gain privileges via the .wmmonrc configuration file. | |||||
| CVE-2000-0019 | 1 Ipswitch | 1 Imail | 2008-09-10 | 2.1 LOW | N/A |
| IMail POP3 daemon uses weak encryption, which allows local users to read files. | |||||
| CVE-2000-0020 | 1 Man And Mice | 1 Dns Pro | 2008-09-10 | 5.0 MEDIUM | N/A |
| DNS PRO allows remote attackers to conduct a denial of service via a large number of connections. | |||||
| CVE-2000-0021 | 1 Lotus | 1 Domino Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Lotus Domino HTTP server allows remote attackers to determine the real path of the server via a request to a non-existent script in /cgi-bin. | |||||
| CVE-2000-0027 | 1 Ibm | 1 Network Station Manager | 2008-09-10 | 6.2 MEDIUM | N/A |
| IBM Network Station Manager NetStation allows local users to gain privileges via a symlink attack. | |||||
| CVE-2000-0031 | 1 Redhat | 1 Linux | 2008-09-10 | 6.2 MEDIUM | N/A |
| The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack. | |||||
| CVE-2000-0033 | 1 Trend Micro | 1 Interscan Viruswall | 2008-09-10 | 5.0 MEDIUM | N/A |
| InterScan VirusWall SMTP scanner does not properly scan messages with malformed attachments. | |||||
| CVE-2000-0043 | 1 Camshot | 1 Webcam Http Server | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in CamShot WebCam HTTP server allows remote attackers to execute commands via a long GET request. | |||||
| CVE-2000-0044 | 1 Jgaa | 1 Warftpd | 2008-09-10 | 10.0 HIGH | N/A |
| Macros in War FTP 1.70 and 1.67b2 allow local or remote attackers to read arbitrary files or execute commands. | |||||
| CVE-2000-0046 | 1 Mirabilis | 1 Icq | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in ICQ 99b 1.1.1.1 client allows remote attackers to execute commands via a malformed URL within an ICQ message. | |||||
| CVE-2000-0047 | 1 Yahoo | 1 Pager | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in Yahoo Pager/Messenger client allows remote attackers to cause a denial of service via a long URL within a message. | |||||
| CVE-2000-0048 | 1 Corel | 1 Linux | 2008-09-10 | 7.2 HIGH | N/A |
| get_it program in Corel Linux Update allows local users to gain root access by specifying an alternate PATH for the cp program. | |||||
| CVE-2000-0049 | 1 Nullsoft | 1 Winamp | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in Winamp client allows remote attackers to execute commands via a long entry in a .pls file. | |||||
| CVE-2000-0050 | 1 Allaire | 1 Spectra | 2008-09-10 | 4.6 MEDIUM | N/A |
| The Allaire Spectra Webtop allows authenticated users to access other Webtop sections by specifying explicit URLs. | |||||
| CVE-2000-0051 | 1 Allaire | 1 Spectra | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Allaire Spectra Configuration Wizard allows remote attackers to cause a denial of service by repeatedly resubmitting data collections for indexing via a URL. | |||||
| CVE-2000-0056 | 1 Ipswitch | 1 Imail | 2008-09-10 | 5.0 MEDIUM | N/A |
| IMail IMONITOR status.cgi CGI script allows remote attackers to cause a denial of service with many calls to status.cgi. | |||||
| CVE-2000-0057 | 1 Allaire | 1 Coldfusion Server | 2008-09-10 | 7.5 HIGH | N/A |
| Cold Fusion CFCACHE tag places temporary cache files within the web document root, allowing remote attackers to obtain sensitive system information. | |||||
| CVE-2000-0058 | 1 Handspring | 1 Visor Network Hotsync | 2008-09-10 | 5.0 MEDIUM | N/A |
| Network HotSync program in Handspring Visor does not have authentication, which allows remote attackers to retrieve email and files. | |||||
| CVE-2000-0066 | 1 Oreilly | 1 Website Professional | 2008-09-10 | 5.0 MEDIUM | N/A |
| WebSite Pro allows remote attackers to determine the real pathname of webdirectories via a malformed URL request. | |||||
| CVE-2000-0067 | 1 Cybercash | 1 Merchant Connection Kit | 2008-09-10 | 2.1 LOW | N/A |
| CyberCash Merchant Connection Kit (MCK) allows local users to modify files via a symlink attack. | |||||
| CVE-2000-0069 | 1 Sun | 1 Solstice Backup | 2008-09-10 | 2.1 LOW | N/A |
| The recover program in Solstice Backup allows local users to restore sensitive files. | |||||
| CVE-2000-0084 | 1 Globalscape | 1 Cuteftp | 2008-09-10 | 5.0 MEDIUM | N/A |
| CuteFTP uses weak encryption to store password information in its tree.dat file. | |||||
| CVE-2000-0085 | 1 Microsoft | 1 Hotmail | 2008-09-10 | 7.5 HIGH | N/A |
| Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute code via the LOWSRC or DYNRC parameters in the IMG tag. | |||||
| CVE-2000-0086 | 1 Netopia | 1 Timbuktu Pro | 2008-09-10 | 5.0 MEDIUM | N/A |
| Netopia Timbuktu Pro sends user IDs and passwords in cleartext, which allows remote attackers to obtain them via sniffing. | |||||
| CVE-2000-0093 | 1 Redhat | 1 Linux | 2008-09-10 | 10.0 HIGH | N/A |
| An installation of Red Hat uses DES password encryption with crypt() for the initial password, instead of md5. | |||||
| CVE-2000-0095 | 1 Hp | 1 Hp-ux | 2008-09-10 | 5.0 MEDIUM | N/A |
| The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for determining the optimum MTU generates large amounts of traffic in response to small packets, allowing remote attackers to cause the system to be used as a packet amplifier. | |||||
| CVE-2000-0096 | 1 Qualcomm | 1 Qpopper | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in qpopper 3.0 beta versions allows local users to gain privileges via a long LIST command. | |||||
| CVE-2000-0103 | 1 Netsmart | 1 Smartcart | 2008-09-10 | 7.5 HIGH | N/A |
| The SmartCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0104 | 1 Web Express | 1 Shoptron | 2008-09-10 | 7.5 HIGH | N/A |
| The Shoptron shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0105 | 1 Microsoft | 1 Outlook Express | 2008-09-10 | 5.0 MEDIUM | N/A |
| Outlook Express 5.01 and Internet Explorer 5.01 allow remote attackers to view a user's email messages via a script that accesses a variable that references subsequent email messages that are read by the client. | |||||
| CVE-2000-0106 | 1 Easycart | 1 Easycart | 2008-09-10 | 7.5 HIGH | N/A |
| The EasyCart shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0115 | 1 Microsoft | 1 Internet Information Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| IIS allows local users to cause a denial of service via invalid regular expressions in a Visual Basic script in an ASP page. | |||||
| CVE-2000-0116 | 1 Checkpoint | 1 Firewall-1 | 2008-09-10 | 7.5 HIGH | N/A |
| Firewall-1 does not properly filter script tags, which allows remote attackers to bypass the "Strip Script Tags" restriction by including an extra < in front of the SCRIPT tag. | |||||
| CVE-2000-0117 | 1 Sun | 3 Cobalt Raq, Cobalt Raq 2, Cobalt Raq 3i | 2008-09-10 | 7.2 HIGH | N/A |
| The siteUserMod.cgi program in Cobalt RaQ2 servers allows any Site Administrator to modify passwords for other users, site administrators, and possibly admin (root). | |||||
| CVE-2000-0126 | 1 Microsoft | 1 Internet Information Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote attackers to read files via a .. (dot dot) attack. | |||||
| CVE-2000-0127 | 1 Progress | 1 Webspeed | 2008-09-10 | 7.5 HIGH | N/A |
| The Webspeed configuration program does not properly disable access to the WSMadmin utility, which allows remote attackers to gain privileges via wsisa.dll. | |||||
| CVE-2000-0128 | 1 Daniel Beckham | 1 The Finger Server | 2008-09-10 | 10.0 HIGH | N/A |
| The Finger Server 0.82 allows remote attackers to execute commands via shell metacharacters. | |||||
| CVE-2000-0091 | 1 Inter7 | 1 Vpopmail | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in vchkpw/vpopmail POP authentication package allows remote attackers to gain root privileges via a long username or password. | |||||
| CVE-2000-0017 | 1 Redhat | 1 Linux | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter. | |||||
| CVE-2000-0022 | 1 Lotus | 1 Domino Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Lotus Domino HTTP server does not properly disable anonymous access for the cgi-bin directory. | |||||
| CVE-2000-0023 | 1 Lotus | 1 Domino Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in Lotus Domino HTTP server allows remote attackers to cause a denial of service via a long URL. | |||||
| CVE-2000-0034 | 1 Netscape | 1 Communicator | 2008-09-10 | 5.0 MEDIUM | N/A |
| Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords." | |||||
| CVE-2000-0052 | 3 Mandrakesoft, Redhat, Turbolinux | 3 Mandrake Linux, Linux, Turbolinux | 2008-09-10 | 7.2 HIGH | N/A |
| Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack. | |||||
| CVE-2000-0054 | 1 Solution Scripts | 1 Home Free | 2008-09-10 | 5.0 MEDIUM | N/A |
| search.cgi in the SolutionScripts Home Free package allows remote attackers to view directories via a .. (dot dot) attack. | |||||
| CVE-2000-0074 | 1 Powerscripts | 1 Plusmail | 2008-09-10 | 7.5 HIGH | N/A |
| PowerScripts PlusMail CGI program allows remote attackers to execute commands via a password file with improper permissions. | |||||
| CVE-2000-0075 | 1 Nosque | 1 Msgcore | 2008-09-10 | 5.0 MEDIUM | N/A |
| Super Mail Transfer Package (SMTP), later called MsgCore, has a memory leak which allows remote attackers to cause a denial of service by repeating multiple HELO, MAIL FROM, RCPT TO, and DATA commands in the same session. | |||||
| CVE-2000-0079 | 1 W3c | 1 Cern Httpd | 2008-09-10 | 7.5 HIGH | N/A |
| The W3C CERN httpd HTTP server allows remote attackers to determine the real pathnames of some commands via a request for a nonexistent URL. | |||||
| CVE-2000-0090 | 1 Vmware | 1 Workstation | 2008-09-10 | 3.6 LOW | N/A |
| VMWare 1.1.2 allows local users to cause a denial of service via a symlink attack. | |||||
| CVE-2000-0125 | 1 Wired Community Software | 1 Wwwthreads | 2008-09-10 | 7.5 HIGH | N/A |
| wwwthreads does not properly cleanse numeric data or table names that are passed to SQL queries, which allows remote attackers to gain privileges for wwwthreads forums. | |||||