Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0755 | 1 Debian | 1 Debian Linux | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in ftp daemon (ftpd) 6.2 in Debian GNU/Linux allows attackers to cause a denial of service and possibly execute arbitrary code via a long SITE command. | |||||
| CVE-2001-0452 | 1 Brs | 1 Webweaver | 2008-09-05 | 5.0 MEDIUM | N/A |
| BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a "CD *" command followed by an ls command. | |||||
| CVE-2001-0477 | 1 Webcalendar | 1 Webcalendar | 2008-09-05 | 7.5 HIGH | N/A |
| Vulnerability in WebCalendar 0.9.26 allows remote command execution. | |||||
| CVE-2001-0483 | 1 Symantec | 1 Raptor Firewall | 2008-09-05 | 7.5 HIGH | N/A |
| Configuration error in Axent Raptor Firewall 6.5 allows remote attackers to use the firewall as a proxy to access internal web resources when the http.noproxy Rule is not set. | |||||
| CVE-2001-0478 | 1 Phpmyadmin | 1 Phpmyadmin | 2008-09-05 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in phpMyAdmin 2.2.0 and earlier versions allows remote attackers to execute arbitrary code via a .. (dot dot) in an argument to the sql.php script. | |||||
| CVE-2001-0479 | 1 Phppgadmin | 1 Phppgadmin | 2008-09-05 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in phpPgAdmin 2.2.1 and earlier versions allows remote attackers to execute arbitrary code via a .. (dot dot) in an argument to the sql.php script. | |||||
| CVE-2001-0800 | 1 Sgi | 1 Irix | 2008-09-05 | 10.0 HIGH | N/A |
| lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2001-0480 | 1 Alex Linde | 1 Alexs Ftp Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Alex's FTP Server 0.7 allows remote attackers to read arbitrary files via a ... (modified dot dot) in the (1) GET or (2) CD commands. | |||||
| CVE-2001-0636 | 1 Raytheon | 1 Silentrunner | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflows in Raytheon SilentRunner allow remote attackers to (1) cause a denial of service in the collector (cle.exe) component of SilentRunner 2.0 via traffic containing long passwords, or (2) execute arbitrary commands via long HTTP queries in the Knowledge Browser component in SilentRunner 2.0 and 2.0.1. NOTE: It is highly likely that this candidate will be split into multiple candidates. | |||||
| CVE-2001-0568 | 1 Zope | 1 Zope | 2008-09-05 | 2.1 LOW | N/A |
| Digital Creations Zope 2.3.1 b1 and earlier allows a local attacker (Zope user) with through-the-web scripting capabilities to alter ZClasses class attributes. | |||||
| CVE-2001-0432 | 1 Trend Micro | 1 Interscan Viruswall | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflows in various CGI programs in the remote administration service for Trend Micro Interscan VirusWall 3.01 allow remote attackers to execute arbitrary commands. | |||||
| CVE-2001-0671 | 1 Ibm | 1 Aix | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 4.3 and 5.1 allow remote attackers to gain root privileges. | |||||
| CVE-2001-0312 | 1 Ibm | 1 Websphere Plugin | 2008-09-05 | 5.0 MEDIUM | N/A |
| IBM WebSphere plugin for Netscape Enterprise server allows remote attackers to read source code for JSP files via an HTTP request that contains a host header that references a host that is not in WebSphere's host aliases list, which will bypass WebSphere processing. | |||||
| CVE-2001-0302 | 1 Pi3 | 1 Pi3web | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in tstisapi.dll in Pi3Web 1.0.1 web server allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long URL. | |||||
| CVE-2001-0303 | 1 Pi3 | 1 Pi3web | 2008-09-05 | 5.0 MEDIUM | N/A |
| tstisapi.dll in Pi3Web 1.0.1 web server allows remote attackers to determine the physical path of the server via a URL that requests a non-existent file. | |||||
| CVE-2001-0305 | 1 Thinking Arts | 1 Es.one | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in store.cgi in Thinking Arts ES.One package allows remote attackers to read arbitrary files via a .. (dot dot) in the StartID parameter. | |||||
| CVE-2001-0084 | 1 Gtk | 1 Gtk\+ | 2008-09-05 | 7.2 HIGH | N/A |
| GTK+ library allows local users to specify arbitrary modules via the GTK_MODULES environmental variable, which could allow local users to gain privileges if GTK+ is used by a setuid/setgid program. | |||||
| CVE-2001-0113 | 1 Omnicron | 1 Omnihttpd | 2008-09-05 | 10.0 HIGH | N/A |
| statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to execute arbitrary commands via the mostbrowsers parameter, whose value is used as part of a generated Perl script. | |||||
| CVE-2001-0114 | 1 Omnicron | 1 Omnihttpd | 2008-09-05 | 5.0 MEDIUM | N/A |
| statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to overwrite arbitrary files via the cgidir parameter. | |||||
| CVE-2001-0127 | 1 Oliver Debon | 1 Flash | 2008-09-05 | 7.6 HIGH | N/A |
| Buffer overflow in Olivier Debon Flash plugin (not the Macromedia plugin) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long DefineSound tag. | |||||
| CVE-2001-0208 | 1 Microfocus | 1 Cobol | 2008-09-05 | 4.6 MEDIUM | N/A |
| MicroFocus Cobol 4.1, with the AppTrack feature enabled, installs the mfaslmf directory and the nolicense file with insecure permissions, which allows local users to gain privileges by modifying files. | |||||
| CVE-2001-0210 | 1 Carey Internet Service | 1 Commerce.cgi | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in commerce.cgi CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack in the page parameter. | |||||
| CVE-2001-0192 | 1 Davide Libenzi | 1 Xmail | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflows in CTRLServer in XMail allows attackers to execute arbitrary commands via the cfgfileget or domaindel functions. | |||||
| CVE-2001-0200 | 1 Heat-on Software | 1 Hsweb | 2008-09-05 | 5.0 MEDIUM | N/A |
| HSWeb 2.0 HTTP server allows remote attackers to obtain the physical path of the server via a request to the /cgi/ directory, which will list the path if directory browsing is enabled. | |||||
| CVE-2001-0225 | 1 Lenzo | 1 Infobot | 2008-09-05 | 10.0 HIGH | N/A |
| fortran math component in Infobot 0.44.5.3 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2001-0306 | 1 Itafrica | 1 Webactive | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in ITAfrica WEBactive HTTP Server 1.00 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL. | |||||
| CVE-2001-0307 | 1 Bajie | 1 Java Http Server | 2008-09-05 | 7.5 HIGH | N/A |
| Bajie HTTP JServer 0.78, and other versions before 0.80, allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request for a CGI program that does not exist. | |||||
| CVE-2001-0262 | 1 Netscape | 1 Smartdownload | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in Netscape SmartDownload 1.3 allows remote attackers (malicious web pages) to execute arbitrary commands via a long URL. | |||||
| CVE-2001-0264 | 1 Gene6 | 1 G6 Ftp Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection. | |||||
| CVE-2001-0266 | 1 Hp | 1 Hp-ux | 2008-09-05 | 7.2 HIGH | N/A |
| Vulnerability in Software Distributor SD-UX in HP-UX 11.0 and earlier allows local users to gain privileges. | |||||
| CVE-2001-0270 | 1 Marconi | 2 Asx-1000, Forethought | 2008-09-05 | 5.0 MEDIUM | N/A |
| Marconi ASX-1000 ASX switches allow remote attackers to cause a denial of service in the telnet and web management interfaces via a malformed packet with the SYN-FIN and More Fragments attributes set. | |||||
| CVE-2001-0390 | 1 Ibm | 3 Net.commerce, Net.commerce Hosting Server, Websphere Application Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to cause a denial of service by directly calling the macro.d2w macro with a long string of %0a characters. | |||||
| CVE-2001-0320 | 1 Francisco Burzi | 1 Php-nuke | 2008-09-05 | 10.0 HIGH | N/A |
| bb_smilies.php and bbcode_ref.php in PHP-Nuke 4.4 allows remote attackers to read arbitrary files and gain PHP administrator privileges by inserting a null character and .. (dot dot) sequences into a malformed username argument. | |||||
| CVE-2001-0271 | 1 Mailnews.cgi | 1 Mailnews.cgi | 2008-09-05 | 10.0 HIGH | N/A |
| mailnews.cgi 1.3 and earlier allows remote attackers to execute arbitrary commands via a user name that contains shell metacharacters. | |||||
| CVE-2001-0272 | 1 W3.org | 1 Sendtemp.pl | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in sendtemp.pl in W3.org Anaya Web development server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the templ parameter. | |||||
| CVE-2001-0296 | 1 Texas Imperial Software | 1 Wftpd Pro | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in WFTPD Pro 3.00 allows remote attackers to execute arbitrary commands via a long CWD command. | |||||
| CVE-2001-0389 | 1 Ibm | 2 Net.commerce, Websphere Application Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to determine the real path of the server by directly calling the macro.d2w macro with a NOEXISTINGHTMLBLOCK argument. | |||||
| CVE-2001-0297 | 1 Dattaraj Rao | 1 Simple Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Simple Server HTTPd 1.0 (originally Free Java Server) allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | |||||
| CVE-2001-0298 | 1 Sapio Design Ltd | 1 Webreflex | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in WebReflex 1.55 HTTPd allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP GET request. | |||||
| CVE-2001-0354 | 1 Thenet | 1 Checkbo | 2008-09-05 | 5.0 MEDIUM | N/A |
| TheNet CheckBO 1.56 allows remote attackers to cause a denial of service via a flood of characters to the TCP ports which it is listening on. | |||||
| CVE-2001-0327 | 1 Iplanet | 1 Iplanet Web Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to retrieve sensitive data from memory allocation pools, or cause a denial of service, via a URL-encoded Host: header in the HTTP request, which reveals memory in the Location: header that is returned by the server. | |||||
| CVE-2001-0325 | 1 Qnx | 1 Rtp | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in QNX RTP 5.60 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large number of arguments to the stat command. | |||||
| CVE-2001-0324 | 1 Microsoft | 2 Windows 2000, Windows 98 | 2008-09-05 | 2.6 LOW | N/A |
| Windows 98 and Windows 2000 Java clients allow remote attackers to cause a denial of service via a Java applet that opens a large number of UDP sockets, which prevents the host from establishing any additional UDP connections, and possibly causes a crash. | |||||
| CVE-2001-0308 | 1 Bajie | 1 Java Http Server | 2008-09-05 | 7.5 HIGH | N/A |
| UploadServlet in Bajie HTTP JServer 0.78, and possibly other versions before 0.80, allows remote attackers to execute arbitrary commands by calling the servlet to upload a program, then using a ... (modified ..) to access the file that was created for the program. | |||||
| CVE-2001-0019 | 1 Cisco | 2 Arrowpoint, Content Services Switch | 2008-09-05 | 2.1 LOW | N/A |
| Arrowpoint (aka Cisco Content Services, or CSS) allows local users to cause a denial of service via a long argument to the "show script," "clear script," "show archive," "clear archive," "show log," or "clear log" commands. | |||||
| CVE-2001-0064 | 1 Alt-n | 1 Mdaemon | 2008-09-05 | 5.0 MEDIUM | N/A |
| Webconfig, IMAP, and other services in MDaemon 3.5.0 and earlier allows remote attackers to cause a denial of service via a long URL terminated by a "\r\n" string. | |||||
| CVE-2001-0082 | 1 Checkpoint | 1 Firewall-1 | 2008-09-05 | 7.5 HIGH | N/A |
| Check Point VPN-1/FireWall-1 4.1 SP2 with Fastmode enabled allows remote attackers to bypass access restrictions via malformed, fragmented packets. | |||||
| CVE-2000-1242 | 1 Apc | 1 Powerchute | 2008-09-05 | 9.0 HIGH | N/A |
| The HTTP service in American Power Conversion (APC) PowerChute uses a default username and password, which allows remote attackers to gain system access. | |||||
| CVE-2001-0288 | 1 Cisco | 1 Ios | 2008-09-05 | 7.5 HIGH | N/A |
| Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. | |||||
| CVE-2001-0073 | 1 Nsa | 1 Security-enhanced Linux | 2008-09-05 | 2.1 LOW | N/A |
| Buffer overflow in the find_default_type function in libsecure in NSA Security-enhanced Linux, which may allow attackers to modify critical data in memory. | |||||