Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1579 | 1 Sco | 2 Open Unix, Unixware | 2008-09-05 | 5.0 MEDIUM | N/A |
| The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service. | |||||
| CVE-2001-1571 | 1 Microsoft | 1 Windows Xp | 2008-09-05 | 5.0 MEDIUM | N/A |
| The Remote Desktop client in Windows XP sends the most recent user account name in cleartext, which could allow remote attackers to obtain terminal server user account names via sniffing. | |||||
| CVE-2001-1572 | 1 Linux | 1 Linux Kernel | 2008-09-05 | 7.5 HIGH | N/A |
| The MAC module in Netfilter in Linux kernel 2.4.1 through 2.4.11, when configured to filter based on MAC addresses, allows remote attackers to bypass packet filters via small packets. | |||||
| CVE-2001-1573 | 1 Trend Micro | 1 Interscan Viruswall | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in smtpscan.dll for Trend Micro InterScan VirusWall 3.51 for Windows NT has allows remote attackers to execute arbitrary code via a certain configuration parameter. | |||||
| CVE-2001-1578 | 1 Sco | 1 Openserver | 2008-09-05 | 2.1 LOW | N/A |
| Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors. | |||||
| CVE-2001-1574 | 1 Trend Micro | 1 Interscan Viruswall | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in (1) HttpSaveCVP.dll and (2) HttpSaveCSP.dll in Trend Micro InterScan VirusWall 3.5.1 allows remote attackers to execute arbitrary code. | |||||
| CVE-2001-1576 | 1 Caldera | 1 Unixware | 2008-09-05 | 4.6 MEDIUM | N/A |
| Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument. | |||||
| CVE-2001-1292 | 1 Sambar | 1 Sambar Server | 2008-09-05 | 7.5 HIGH | N/A |
| Sambar Telnet Proxy/Server allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long password. | |||||
| CVE-2001-1295 | 1 Grant Averett | 1 Cerberus Ftp Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Cerberus FTP Server 1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the CD command. | |||||
| CVE-2001-1299 | 1 Zorbat | 1 Zorbstats | 2008-09-05 | 5.0 MEDIUM | N/A |
| Zorbat Zorbstats PHP script before 0.9 allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | |||||
| CVE-2001-1300 | 1 Dynu Systems Inc. | 1 Dynu Ftp Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Dynu FTP server 1.05 and earlier allows remote attackers to read arbitrary files via a .. in the CD (CWD) command. | |||||
| CVE-2001-1301 | 2 Gnu, Xemacs | 2 Emacs, Xemacs | 2008-09-05 | 1.2 LOW | N/A |
| rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file. | |||||
| CVE-2001-1304 | 1 Nullsoft | 1 Shoutcast Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in SHOUTcast Server 1.8.2 allows remote attackers to cause a denial of service (crash) via several HTTP requests with a long (1) user-agent or (2) host HTTP header. | |||||
| CVE-2001-1306 | 1 Sun | 1 Iplanet Directory Server | 2008-09-05 | 7.5 HIGH | N/A |
| iPlanet Directory Server 4.1.4 and earlier (LDAP) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via invalid BER length of length fields, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
| CVE-2001-1314 | 1 Critical Path | 2 Injoin Directory Server, Livecontent Directory | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflows in Critical Path (1) InJoin Directory Server or (2) LiveContent Directory allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
| CVE-2001-1315 | 1 Critical Path | 2 Injoin Directory Server, Livecontent Directory | 2008-09-05 | 7.5 HIGH | N/A |
| Critical Path (1) InJoin Directory Server or (2) LiveContent Directory allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed BER encodings, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
| CVE-2001-1317 | 1 Teamware | 1 Teamware Office | 2008-09-05 | 7.5 HIGH | N/A |
| Teamware Office Enterprise Directory allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, via invalid encodings for certain BER object types, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
| CVE-2001-1318 | 1 Qualcomm | 1 Eudora Worldmail Server | 2008-09-05 | 7.5 HIGH | N/A |
| Vulnerabilities in Qualcomm Eudora WorldMail Server may allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
| CVE-2001-1326 | 1 Qualcomm | 1 Eudora | 2008-09-05 | 7.5 HIGH | N/A |
| Eudora 5.1 allows remote attackers to execute arbitrary code when the "Use Microsoft Viewer" option is enabled and the "allow executables in HTML content" option is disabled, via an HTML email with a form that is activated from an image that the attacker spoofs as a link, which causes the user to execute the form and access embedded attachments. | |||||
| CVE-2001-1327 | 1 Berkeley Softworks | 1 Pmake | 2008-09-05 | 4.6 MEDIUM | N/A |
| pmake before 2.1.35 in Turbolinux 6.05 and earlier is installed with setuid root privileges, which could allow local users to gain privileges by exploiting vulnerabilities in pmake or programs that are used by pmake. | |||||
| CVE-2001-1330 | 1 Ibm | 1 Aix | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain root privileges via a long command line argument. | |||||
| CVE-2001-1332 | 1 Easy Software Products | 1 Cups | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflows in Linux CUPS before 1.1.6 may allow remote attackers to execute arbitrary code. | |||||
| CVE-2001-1333 | 1 Easy Software Products | 1 Cups | 2008-09-05 | 1.2 LOW | N/A |
| Linux CUPS before 1.1.6 does not securely handle temporary files, possibly due to a symlink vulnerability that could allow local users to overwrite files. | |||||
| CVE-2001-1338 | 1 Beck Ipc Gmbh | 1 Ipc At Chip Telnetd Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Beck IPC GmbH IPC@CHIP TelnetD server generates different responses when given valid and invalid login names, which allows remote attackers to determine accounts on the system. | |||||
| CVE-2001-1339 | 1 Beck Ipc Gmbh | 1 Ipc At Chip Embedded-webserver | 2008-09-05 | 7.5 HIGH | N/A |
| Beck IPC GmbH IPC@CHIP telnet service does not delay or disconnect users from the service when bad passwords are entered, which makes it easier for remote attackers to conduct brute force password guessing attacks. | |||||
| CVE-2001-1348 | 1 Twig Development Team | 1 Twig | 2008-09-05 | 7.5 HIGH | N/A |
| TWIG 2.6.2 and earlier allows remote attackers to perform unauthorized database operations via a SQL injection attack on the id parameter. | |||||
| CVE-2001-1349 | 1 Sendmail | 1 Sendmail | 2008-09-05 | 3.7 LOW | N/A |
| Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local users to cause a denial of service and possibly corrupt the heap and gain privileges via race conditions in signal handlers. | |||||
| CVE-2001-1356 | 1 Netwin | 1 Surgeftp | 2008-09-05 | 10.0 HIGH | N/A |
| NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allows remote attackers to conduct brute force password guessing attacks against the administrator account on port 7021. | |||||
| CVE-2001-1357 | 1 Phpheaven | 1 Phpmychat | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple vulnerabilities in phpMyChat before 0.14.5 exist in (1) input.php3, (2) handle_inputH.php3, or (3) index.lib.php3 with unknown consequences, possibly related to user spoofing or improperly initialized variables. | |||||
| CVE-2001-1358 | 1 Phpheaven | 1 Phpmychat | 2008-09-05 | 7.2 HIGH | N/A |
| Vulnerabilities in phpMyChat before 0.14.4 allow local and possibly remote attackers to gain privileges by specifying an alternate library file in the L (localization) parameter. | |||||
| CVE-2001-1360 | 1 Mostang | 1 Sane | 2008-09-05 | 7.2 HIGH | N/A |
| Vulnerability in Scanner Access Now Easy (SANE) before 1.0.5, related to pnm and saned. | |||||
| CVE-2001-1361 | 1 Twig Development Team | 1 Twig | 2008-09-05 | 7.5 HIGH | N/A |
| Vulnerability in The Web Information Gateway (TWIG) 2.7.1, possibly related to incorrect security rights and/or the generation of mailto links. | |||||
| CVE-2001-1362 | 1 Horsburgh | 1 Npulse | 2008-09-05 | 7.5 HIGH | N/A |
| Vulnerability in the server for nPULSE before 0.53p4. | |||||
| CVE-2001-1363 | 1 Phpwebsite Development Team | 1 Phpwebsite | 2008-09-05 | 10.0 HIGH | N/A |
| Vulnerability in phpWebSite before 0.7.9 related to running multiple instances in the same domain, which may allow attackers to gain administrative privileges. | |||||
| CVE-2001-1364 | 1 Project Purple | 1 Autodns | 2008-09-05 | 7.5 HIGH | N/A |
| Vulnerability in autodns.pl for AutoDNS before 0.0.4 related to domain names that are not fully qualified. | |||||
| CVE-2001-1365 | 1 Osi Codes Inc. | 1 Intragnat | 2008-09-05 | 7.5 HIGH | N/A |
| Vulnerability in IntraGnat before 1.4. | |||||
| CVE-2001-1366 | 1 Netscript Project | 1 Netscript | 2008-09-05 | 5.0 MEDIUM | N/A |
| netscript before 1.6.3 parses dynamic variables, which could allow remote attackers to alter program behavior or obtain sensitive information. | |||||
| CVE-2001-1375 | 2 Conectiva, Redhat | 2 Linux, Linux | 2008-09-05 | 4.6 MEDIUM | N/A |
| tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code via a Trojan horse library that is under a user-controlled directory. | |||||
| CVE-2001-1259 | 1 Avaya | 1 Argent Office | 2008-09-05 | 5.0 MEDIUM | N/A |
| Avaya Argent Office allows remote attackers to cause a denial of service by sending UDP packets to port 53 with no payload. | |||||
| CVE-2001-1224 | 1 Les Vanbrunt | 1 Adrotate Pro | 2008-09-05 | 7.5 HIGH | N/A |
| get_input in adrotate.pm for Les VanBrunt AdRotate Pro 2.0 allows remote attackers to modify the database and possibly execute arbitrary commands via a SQL code injection attack. | |||||
| CVE-2001-1382 | 1 Openbsd | 1 Openssh | 2008-09-05 | 5.0 MEDIUM | N/A |
| The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers to determine that the countermeasure is being used. | |||||
| CVE-2001-1416 | 1 Aol | 1 Instant Messenger | 2008-09-05 | 5.1 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the log messages in certain Alpha versions of AOL Instant Messenger (AIM) 4.4 allow remote attackers to execute arbitrary web script or HTML via an image in the (1) DATA, (2) STYLE, or (3) BINARY tags. | |||||
| CVE-2001-1225 | 1 Hughes | 1 Msql | 2008-09-05 | 2.1 LOW | N/A |
| Hughes Technology Mini SQL 2.0.10 through 2.0.12 allows local users to cause a denial of service by creating a very large array in a table, which causes miniSQL to crash when the table is queried. | |||||
| CVE-2001-1260 | 1 Avaya | 1 Argent Office | 2008-09-05 | 10.0 HIGH | N/A |
| Avaya Argent Office uses weak encryption (trivial encoding) for passwords, which allows remote attackers to gain administrator privileges by sniffing and decrypting the sniffing the passwords during a system reboot. | |||||
| CVE-2001-1261 | 1 Avaya | 1 Argent Office | 2008-09-05 | 5.0 MEDIUM | N/A |
| Avaya Argent Office 2.1 may allow remote attackers to change hold music by spoofing a legitimate server's response to a TFTP broadcast and providing an alternate HoldMusic file. | |||||
| CVE-2001-1226 | 1 Adcycle | 1 Adcycle | 2008-09-05 | 5.0 MEDIUM | N/A |
| AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, which are not properly sanitized before being passed to the MySQL database. | |||||
| CVE-2001-1234 | 1 Gallery Project | 1 Gallery | 2008-09-05 | 7.5 HIGH | N/A |
| Bharat Mediratta Gallery PHP script before 1.2.1 allows remote attackers to execute arbitrary code by including files from remote web sites via an HTTP request that modifies the includedir variable. | |||||
| CVE-2001-1465 | 1 Surfcontrol | 1 Superscout Web Filter | 2008-09-05 | 4.6 MEDIUM | N/A |
| SurfControl SuperScout only filters packets containing both an HTTP GET request and a Host header, which allows local users to bypass filtering by fragmenting packets so that no packet contains both data elements. | |||||
| CVE-2001-1510 | 1 Macromedia | 1 Jrun | 2008-09-05 | 5.0 MEDIUM | N/A |
| Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by appending (1) "%3f.jsp", (2) "?.jsp" or (3) "?" to the requested URL. | |||||
| CVE-2001-1240 | 1 Engardelinux | 1 Secure Linux | 2008-09-05 | 10.0 HIGH | N/A |
| The default configuration of sudo in Engarde Secure Linux 1.0.1 allows any user in the admin group to run certain commands that could be leveraged to gain full root access. | |||||