Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0693 | 1 Tech-source | 1 Raptor Gfx Pgx32 | 2008-09-05 | 7.2 HIGH | N/A |
| pgxconfig in the Raptor GFX configuration tool uses a relative path name for a system call to the "cp" program, which allows local users to execute arbitrary commands by modifying their path to point to an alternate "cp" program. | |||||
| CVE-2000-0657 | 1 Analogx | 1 Proxy | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long HELO command in the SMTP protocol. | |||||
| CVE-2000-0748 | 1 Openldap | 1 Openldap | 2008-09-05 | 4.6 MEDIUM | N/A |
| OpenLDAP 1.2.11 and earlier improperly installs the ud binary with group write permissions, which could allow any user in that group to replace the binary with a Trojan horse. | |||||
| CVE-2000-0722 | 1 Helix Code | 1 Gnome Updater | 2008-09-05 | 6.2 MEDIUM | N/A |
| Helix GNOME Updater helix-update 0.5 and earlier allows local users to install arbitrary RPM packages by creating the /tmp/helix-install installation directory before root has begun installing packages. | |||||
| CVE-2000-0723 | 1 Helix Code | 1 Gnome Installer | 2008-09-05 | 1.2 LOW | N/A |
| Helix GNOME Updater helix-update 0.5 and earlier does not properly create /tmp directories, which allows local users to create empty system configuration files such as /etc/config.d/bashrc, /etc/config.d/csh.cshrc, and /etc/rc.config. | |||||
| CVE-2000-0751 | 3 Netbsd, Openbsd, Redhat | 3 Netbsd, Openbsd, Linux | 2008-09-05 | 7.5 HIGH | N/A |
| mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands. | |||||
| CVE-2000-0724 | 1 Helix Code | 1 Go-gnome Pre-installer | 2008-09-05 | 6.2 MEDIUM | N/A |
| The go-gnome Helix GNOME pre-installer allows local users to overwrite arbitrary files via a symlink attack on various files in /tmp, including uudecode, snarf, and some installer files. | |||||
| CVE-2000-0752 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflows in brouted in FreeBSD and possibly other OSes allows local users to gain root privileges via long command line arguments. | |||||
| CVE-2000-0763 | 1 David Bagley | 1 Xlock | 2008-09-05 | 7.2 HIGH | N/A |
| xlockmore and xlockf do not properly cleanse user-injected format strings, which allows local users to gain root privileges via the -d option. | |||||
| CVE-2000-0784 | 1 Rapidstream | 1 Rapidstream | 2008-09-05 | 10.0 HIGH | N/A |
| sshd program in the Rapidstream 2.1 Beta VPN appliance has a hard-coded "rsadmin" account with a null password, which allows remote attackers to execute arbitrary commands via ssh. | |||||
| CVE-2000-0831 | 1 Fastream | 1 Ftp\+\+ Server | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in Fastream FTP++ 2.0 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long username. | |||||
| CVE-2000-0795 | 1 Sgi | 1 Irix | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflow in lpstat in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long -n option. | |||||
| CVE-2000-0794 | 1 Sgi | 1 Irix | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflow in IRIX libgl.so library allows local users to gain root privileges via a long HOME variable to programs such as (1) gmemusage and (2) gr_osview. | |||||
| CVE-2000-0775 | 1 Robtex | 1 Viking Server | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in RobTex Viking server earlier than 1.06-370 allows remote attackers to cause a denial of service or execute arbitrary commands via a long HTTP GET request, or long Unless-Modified-Since, If-Range, or If-Modified-Since headers. | |||||
| CVE-2000-0774 | 1 Bajie | 1 Java Http Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| The sample Java servlet "test" in Bajie HTTP web server 0.30a reveals the real pathname of the web document root. | |||||
| CVE-2000-0745 | 1 Francisco Burzi | 1 Php-nuke | 2008-09-05 | 7.5 HIGH | N/A |
| admin.php3 in PHP-Nuke does not properly verify the PHP-Nuke administrator password, which allows remote attackers to gain privileges by requesting a URL that does not specify the aid or pwd parameter. | |||||
| CVE-2000-0743 | 1 University Of Minnesota | 1 Gopherd | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in University of Minnesota (UMN) gopherd 2.x allows remote attackers to execute arbitrary commands via a DES key generation request (GDESkey) that contains a long ticket value. | |||||
| CVE-2000-0733 | 1 Sgi | 1 Irix | 2008-09-05 | 10.0 HIGH | N/A |
| Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-TELOPT_ENVIRON request. | |||||
| CVE-2000-0730 | 1 Hp | 1 Hp-ux | 2008-09-05 | 4.6 MEDIUM | N/A |
| Vulnerability in newgrp command in HP-UX 11.0 allows local users to gain privileges. | |||||
| CVE-2000-0713 | 1 Adobe | 3 Acrobat, Acrobat Business Tools, Acrobat Reader | 2008-09-05 | 7.6 HIGH | N/A |
| Buffer overflow in Adobe Acrobat 4.05, Reader, Business Tools, and Fill In products that handle PDF files allows attackers to execute arbitrary commands via a long /Registry or /Ordering specifier. | |||||
| CVE-2000-0712 | 1 Lids | 1 Lids | 2008-09-05 | 7.2 HIGH | N/A |
| Linux Intrusion Detection System (LIDS) 0.9.7 allows local users to gain root privileges when LIDS is disabled via the security=0 boot option. | |||||
| CVE-2000-0711 | 2 Microsoft, Netscape | 2 Virtual Machine, Communicator | 2008-09-05 | 7.5 HIGH | N/A |
| Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice. | |||||
| CVE-2000-0709 | 1 Microsoft | 1 Frontpage | 2008-09-05 | 5.0 MEDIUM | N/A |
| The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to cause a denial of service in some components by requesting a URL whose name includes a standard DOS device name. | |||||
| CVE-2000-0708 | 1 Pragma Systems | 1 Telnetserver | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in Pragma Systems TelnetServer 2000 version 4.0 allows remote attackers to cause a denial of service via a long series of null characters to the rexec port. | |||||
| CVE-2000-0707 | 1 Pccs-linux | 1 Mysqldatabase Admin Tool | 2008-09-05 | 7.5 HIGH | N/A |
| PCCS MySQLDatabase Admin Tool Manager 1.2.4 and earlier installs the file dbconnect.inc within the web root, which allows remote attackers to obtain sensitive information such as the administrative password. | |||||
| CVE-2000-0695 | 1 Tech-source | 1 Raptor Gfx Pgx32 | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflows in pgxconfig in the Raptor GFX configuration tool allow local users to gain privileges via command line options. | |||||
| CVE-2000-0694 | 1 Tech-source | 1 Raptor Gfx Pgx32 | 2008-09-05 | 7.2 HIGH | N/A |
| pgxconfig in the Raptor GFX configuration tool allows local users to gain privileges via a symlink attack. | |||||
| CVE-2000-0682 | 1 Bea | 1 Weblogic Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /ConsoleHelp/ into the URL, which invokes the FileServlet. | |||||
| CVE-2000-0681 | 1 Bea | 1 Weblogic Server | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in BEA WebLogic server proxy plugin allows remote attackers to execute arbitrary commands via a long URL with a .JSP extension. | |||||
| CVE-2000-0680 | 1 Cvs | 1 Cvs | 2008-09-05 | 7.2 HIGH | N/A |
| The CVS 1.10.8 server does not properly restrict users from creating arbitrary Checkin.prog or Update.prog programs, which allows remote CVS committers to modify or create Trojan horse programs with the Checkin.prog or Update.prog names, then performing a CVS commit action. | |||||
| CVE-2000-0679 | 1 Cvs | 1 Cvs | 2008-09-05 | 2.1 LOW | N/A |
| The CVS 1.10.8 client trusts pathnames that are provided by the CVS server, which allows the server to force the client to create arbitrary files. | |||||
| CVE-2000-0563 | 1 Apple | 1 Mac Os Runtime For Java | 2008-09-05 | 10.0 HIGH | N/A |
| The URLConnection function in MacOS Runtime Java (MRJ) 2.1 and earlier and the Microsoft virtual machine (VM) for MacOS allows a malicious web site operator to connect to arbitrary hosts using a HTTP redirection, in violation of the Java security model. | |||||
| CVE-2000-0792 | 1 Alan Cox | 1 Gnome-lokkit | 2008-09-05 | 7.5 HIGH | N/A |
| Gnome Lokkit firewall package before 0.41 does not properly restrict access to some ports, even if a user does not make any services available. | |||||
| CVE-2000-0686 | 1 Cgi Script Center | 1 Auction Weaver | 2008-09-05 | 5.0 MEDIUM | N/A |
| Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the fromfile parameter. | |||||
| CVE-2000-0683 | 1 Bea | 1 Weblogic Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /*.shtml/ into the URL, which invokes the SSIServlet. | |||||
| CVE-2000-0466 | 1 Ibm | 1 Aix | 2008-09-05 | 7.2 HIGH | N/A |
| AIX cdmount allows local users to gain root privileges via shell metacharacters. | |||||
| CVE-2000-0798 | 1 Sgi | 1 Irix | 2008-09-05 | 10.0 HIGH | N/A |
| The truncate function in IRIX 6.x does not properly check for privileges when the file is in the xfs file system, which allows local users to delete the contents of arbitrary files. | |||||
| CVE-2000-0789 | 1 Bardon Data Systems | 1 Winu | 2008-09-05 | 4.6 MEDIUM | N/A |
| WinU 5.x and earlier uses weak encryption to store its configuration password, which allows local users to decrypt the password and gain privileges. | |||||
| CVE-2000-0791 | 1 Trustix | 1 Secure Linux | 2008-09-05 | 4.6 MEDIUM | N/A |
| Trustix installs the httpsd program for Apache-SSL with world-writeable permissions, which allows local users to replace it with a Trojan horse. | |||||
| CVE-2000-0793 | 2 Novell, Symantec | 2 Client, Norton Antivirus | 2008-09-05 | 10.0 HIGH | N/A |
| Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protection service after the first user has logged off of the system. | |||||
| CVE-2000-0756 | 1 Microsoft | 1 Outlook | 2008-09-05 | 5.0 MEDIUM | N/A |
| Microsoft Outlook 2000 does not properly process long or malformed fields in vCard (.vcf) files, which allows attackers to cause a denial of service. | |||||
| CVE-2000-0755 | 1 Hp | 1 Openview Network Node Manager | 2008-09-05 | 4.6 MEDIUM | N/A |
| Vulnerability in the newgrp command in HP-UX 11.00 allows local users to gain privileges. | |||||
| CVE-2000-0754 | 1 Hp | 1 Openview Network Node Manager | 2008-09-05 | 2.1 LOW | N/A |
| Vulnerability in HP OpenView Network Node Manager (NMM) version 6.1 related to passwords. | |||||
| CVE-2000-0759 | 1 Apache | 1 Tomcat | 2008-09-05 | 6.4 MEDIUM | N/A |
| Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path. | |||||
| CVE-2000-0741 | 1 Network Associates | 1 Net Tools Pki Server | 2008-09-05 | 7.5 HIGH | N/A |
| Format string vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary code via format strings in a URL with a .XUDA extension. | |||||
| CVE-2000-0736 | 1 Rimarts Inc. | 1 Becky Internet Mail | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in Becky! Internet Mail client 1.26.04 and earlier allows remote attackers to cause a denial of service via a long Content-type: MIME header when the user forwards a message. | |||||
| CVE-2000-0735 | 1 Rimarts Inc. | 1 Becky Internet Mail | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in Becky! Internet Mail client 1.26.03 and earlier allows remote attackers to cause a denial of service via a long Content-type: MIME header when the user replies to a message. | |||||
| CVE-2000-0761 | 1 Ibm | 1 Os2 Ftp Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| OS2/Warp 4.5 FTP server allows remote attackers to cause a denial of service via a long username. | |||||
| CVE-2000-0760 | 1 Apache | 1 Tomcat | 2008-09-05 | 6.4 MEDIUM | N/A |
| The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension. | |||||
| CVE-2000-0801 | 1 Hp | 1 Hp-ux | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflow in bdf program in HP-UX 11.00 may allow local users to gain root privileges via a long -t option. | |||||