Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0721 | 1 Multisoft | 1 Flagship | 2008-09-05 | 6.2 MEDIUM | N/A |
| The FSserial, FlagShip_c, and FlagShip_p programs in the FlagShip package are installed world-writeable, which allows local users to replace them with Trojan horses. | |||||
| CVE-2000-0719 | 1 Varicad | 1 Varicad | 2008-09-05 | 6.2 MEDIUM | N/A |
| VariCAD 7.0 is installed with world-writeable files, which allows local users to replace the VariCAD programs with a Trojan horse program. | |||||
| CVE-2000-0718 | 1 Mandrakesoft | 1 Mandrake Linux | 2008-09-05 | 1.2 LOW | N/A |
| A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed. | |||||
| CVE-2000-0700 | 1 Cisco | 4 Gigabit Switch Router 12008, Gigabit Switch Router 12012, Gigabit Switch Router 12016 and 1 more | 2008-09-05 | 5.0 MEDIUM | N/A |
| Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit Ethernet cards, from IOS versions 11.2(15)GS1A up to 11.2(19)GS0.2 and some versions of 12.0, do not properly handle line card failures, which allows remote attackers to bypass ACLs or force the interface to stop forwarding packets. | |||||
| CVE-2000-0657 | 1 Analogx | 1 Proxy | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long HELO command in the SMTP protocol. | |||||
| CVE-2000-0466 | 1 Ibm | 1 Aix | 2008-09-05 | 7.2 HIGH | N/A |
| AIX cdmount allows local users to gain root privileges via shell metacharacters. | |||||
| CVE-2000-0563 | 1 Apple | 1 Mac Os Runtime For Java | 2008-09-05 | 10.0 HIGH | N/A |
| The URLConnection function in MacOS Runtime Java (MRJ) 2.1 and earlier and the Microsoft virtual machine (VM) for MacOS allows a malicious web site operator to connect to arbitrary hosts using a HTTP redirection, in violation of the Java security model. | |||||
| CVE-2000-0693 | 1 Tech-source | 1 Raptor Gfx Pgx32 | 2008-09-05 | 7.2 HIGH | N/A |
| pgxconfig in the Raptor GFX configuration tool uses a relative path name for a system call to the "cp" program, which allows local users to execute arbitrary commands by modifying their path to point to an alternate "cp" program. | |||||
| CVE-2000-0306 | 1 Sco | 1 Openserver | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in calserver in SCO OpenServer allows remote attackers to gain root access via a long message. | |||||
| CVE-2000-0281 | 1 Napster | 1 Napster Client | 2008-09-05 | 2.1 LOW | N/A |
| Buffer overflow in the Napster client beta 5 allows remote attackers to cause a denial of service via a long message. | |||||
| CVE-2000-0280 | 1 Realnetworks | 1 Realplayer | 2008-09-05 | 2.6 LOW | N/A |
| Buffer overflow in the RealNetworks RealPlayer client versions 6 and 7 allows remote attackers to cause a denial of service via a long Location URL. | |||||
| CVE-2000-0415 | 1 Microsoft | 2 Outlook, Outlook Express | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in Outlook Express 4.x allows attackers to cause a denial of service via a mail or news message that has a .jpg or .bmp attachment with a long file name. | |||||
| CVE-2000-0384 | 1 Intel | 2 Netstructure 7110, Netstructure 7180 | 2008-09-05 | 10.0 HIGH | N/A |
| NetStructure 7110 and 7180 have undocumented accounts (servnow, root, and wizard) whose passwords are easily guessable from the NetStructure's MAC address, which could allow remote attackers to gain root access. | |||||
| CVE-2000-0349 | 1 Sco | 1 Unixware | 2008-09-05 | 5.0 MEDIUM | N/A |
| Vulnerability in the passthru driver in SCO UnixWare 7.1.0 allows an attacker to cause a denial of service. | |||||
| CVE-2000-0348 | 1 Sco | 1 Unixware | 2008-09-05 | 10.0 HIGH | N/A |
| A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 and earlier allows an attacker to gain root privileges. | |||||
| CVE-2000-0147 | 1 Sco | 1 Openserver | 2008-09-05 | 2.1 LOW | N/A |
| snmpd in SCO OpenServer has an SNMP community string that is writable by default, which allows local attackers to modify the host's configuration. | |||||
| CVE-2000-0081 | 1 Microsoft | 1 Hotmail | 2008-09-05 | 10.0 HIGH | N/A |
| Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute the code by using hexadecimal codes to specify the javascript: protocol, e.g. jAvascript. | |||||
| CVE-2000-0082 | 1 Microsoft | 1 Webtv | 2008-09-05 | 5.0 MEDIUM | N/A |
| WebTV email client allows remote attackers to force the client to send email without the user's knowledge via HTML. | |||||
| CVE-2000-0312 | 1 Openbsd | 1 Openbsd | 2008-09-05 | 7.2 HIGH | N/A |
| cron in OpenBSD 2.5 allows local users to gain root privileges via an argv[] that is not NULL terminated, which is passed to cron's fake popen function. | |||||
| CVE-2000-0308 | 2 Netscape, Sco | 4 Enterprise Server, Fasttrack Server, Proxy Server and 1 more | 2008-09-05 | 10.0 HIGH | N/A |
| Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges. | |||||
| CVE-2000-0307 | 1 Sco | 3 Open Desktop, Openserver, Unixware | 2008-09-05 | 5.0 MEDIUM | N/A |
| Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service which prevents access to reserved port numbers below 1024. | |||||
| CVE-1999-1482 | 1 Svgalib | 1 Zgv | 2008-09-05 | 7.2 HIGH | N/A |
| SVGAlib zgv 3.0-7 and earlier allows local users to gain root access via a privilege leak of the iopl(3) privileges to child processes. | |||||
| CVE-1999-1498 | 1 Slackware | 1 Slackware Linux | 2008-09-05 | 3.6 LOW | N/A |
| Slackware Linux 3.4 pkgtool allows local attacker to read and write to arbitrary files via a symlink attack on the reply file. | |||||
| CVE-1999-1396 | 1 Sun | 1 Sunos | 2008-09-05 | 7.2 HIGH | N/A |
| Vulnerability in integer multiplication emulation code on SPARC architectures for SunOS 4.1 through 4.1.2 allows local users to gain root access or cause a denial of service (crash). | |||||
| CVE-1999-1475 | 1 Proftpd Project | 1 Proftpd | 2008-09-05 | 4.6 MEDIUM | N/A |
| ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command. | |||||
| CVE-1999-1483 | 1 Svgalib | 1 Svgalib | 2008-09-05 | 4.6 MEDIUM | N/A |
| Buffer overflow in zgv in svgalib 1.2.10 and earlier allows local users to execute arbitrary code via a long HOME environment variable. | |||||
| CVE-1999-1301 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 7.5 HIGH | N/A |
| A design flaw in the Z-Modem protocol allows the remote sender of a file to execute arbitrary programs on the client, as implemented in rz in the rzsz module of FreeBSD before 2.1.5, and possibly other programs. | |||||
| CVE-1999-1300 | 1 Cray | 1 Unicos | 2008-09-05 | 3.6 LOW | N/A |
| Vulnerability in accton in Cray UNICOS 6.1 and 6.0 allows local users to read arbitrary files and modify system accounting configuration. | |||||
| CVE-1999-1320 | 1 Novell | 1 Netware | 2008-09-05 | 4.6 MEDIUM | N/A |
| Vulnerability in Novell NetWare 3.x and earlier allows local users to gain privileges via packet spoofing. | |||||
| CVE-1999-1321 | 1 Mit | 1 Kerberos | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in ssh 1.2.26 client with Kerberos V enabled could allow remote attackers to cause a denial of service or execute arbitrary commands via a long DNS hostname that is not properly handled during TGT ticket passing. | |||||
| CVE-1999-1377 | 1 Matt Wright | 1 Download.cgi | 2008-09-05 | 5.0 MEDIUM | N/A |
| Matt Wright's download.cgi 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter. | |||||
| CVE-1999-1480 | 1 Ibm | 1 Aix | 2008-09-05 | 1.2 LOW | N/A |
| (1) acledit and (2) aclput in AIX 4.3 allow local users to create or modify files via a symlink attack. | |||||
| CVE-1999-1591 | 1 Microsoft | 2 Internet Information Server, Visual Interdev | 2008-09-05 | 7.5 HIGH | N/A |
| Microsoft Internet Information Services (IIS) server 4.0 SP4, without certain hotfixes released for SP4, does not require authentication credentials under certain conditions, which allows remote attackers to bypass authentication requirements, as demonstrated by connecting via Microsoft Visual InterDev 6.0. | |||||
| CVE-1999-1497 | 1 Ipswitch | 1 Imail | 2008-09-05 | 7.2 HIGH | N/A |
| Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in registry keys, which allows local attackers to read passwords for e-mail accounts. | |||||
| CVE-1999-1488 | 1 Ibm | 1 System Data Repository | 2008-09-05 | 5.0 MEDIUM | N/A |
| sdrd daemon in IBM SP2 System Data Repository (SDR) allows remote attackers to read files without authentication. | |||||
| CVE-1999-1566 | 1 Intel | 1 Iparty | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in iParty server 1.2 and earlier allows remote attackers to cause a denial of service (crash) by connecting to default port 6004 and sending repeated extended characters. | |||||
| CVE-1999-1392 | 1 Next | 2 Nex, Next | 2008-09-05 | 7.2 HIGH | N/A |
| Vulnerability in restore0.9 installation script in NeXT 1.0a and 1.0 allows local users to gain root privileges. | |||||
| CVE-1999-1315 | 1 Dec | 1 Dec Openvms | 2008-09-05 | 4.6 MEDIUM | N/A |
| Vulnerabilities in DECnet/OSI for OpenVMS before 5.8 on DEC Alpha AXP and VAX/VMS systems allow local users to gain privileges or cause a denial of service. | |||||
| CVE-1999-1438 | 1 Sun | 1 Sunos | 2008-09-05 | 7.2 HIGH | N/A |
| Vulnerability in /bin/mail in SunOS 4.1.1 and earlier allows local users to gain root privileges via certain command line arguments. | |||||
| CVE-1999-1391 | 1 Next | 1 Next | 2008-09-05 | 7.2 HIGH | N/A |
| Vulnerability in NeXT 1.0a and 1.0 with publicly accessible printers allows local users to gain privileges via a combination of the npd program and weak directory permissions. | |||||
| CVE-1999-1563 | 1 Nachuatec | 2 D435, D445 | 2008-09-05 | 5.0 MEDIUM | N/A |
| Nachuatec D435 and D445 printer allows remote attackers to cause a denial of service via ICMP redirect storm. | |||||
| CVE-1999-1592 | 2 Sendmail, Sun | 2 Sendmail, Sunos | 2008-09-05 | 7.5 HIGH | N/A |
| Multiple unspecified vulnerabilities in sendmail 5, as installed on Sun SunOS 4.1.3_U1 and 4.1.4, have unspecified attack vectors and impact. NOTE: this might overlap CVE-1999-0129. | |||||
| CVE-1999-1418 | 1 Mirabilis | 1 Icq Web Front | 2008-09-05 | 5.0 MEDIUM | N/A |
| ICQ99 ICQ web server build 1701 with "Active Homepage" enabled generates allows remote attackers to determine the existence of files on the server by comparing server responses when a file exists ("404 Forbidden") versus when a file does not exist ("404 not found"). | |||||
| CVE-1999-1390 | 1 Debian | 1 Debian Linux | 2008-09-05 | 7.2 HIGH | N/A |
| suidexec in suidmanager 0.18 on Debian 2.0 allows local users to gain root privileges by specifying a malicious program on the command line. | |||||
| CVE-1999-1562 | 1 Gftp | 1 Ftp Client | 2008-09-05 | 4.6 MEDIUM | N/A |
| gFTP FTP client 1.13, and other versions before 2.0.0, records a password in plaintext in (1) the log window, or (2) in a log file. | |||||
| CVE-1999-1561 | 1 Nullsoft | 1 Shoutcast Server | 2008-09-05 | 7.2 HIGH | N/A |
| Nullsoft SHOUTcast server stores the administrative password in plaintext in a configuration file (sc_serv.conf), which could allow a local user to gain administrative privileges on the server. | |||||
| CVE-1999-1426 | 1 Sun | 1 Solstice Adminsuite | 2008-09-05 | 6.2 MEDIUM | N/A |
| Solaris Solstice AdminSuite (AdminSuite) 2.1 follows symbolic links when updating an NIS database, which allows local users to overwrite arbitrary files. | |||||
| CVE-1999-1415 | 1 Digital | 1 Ultrix | 2008-09-05 | 4.6 MEDIUM | N/A |
| Vulnerability in /usr/bin/mail in DEC ULTRIX before 4.2 allows local users to gain privileges. | |||||
| CVE-1999-1564 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 2.1 LOW | N/A |
| FreeBSD 3.2 and possibly other versions allows a local user to cause a denial of service (panic) with a large number accesses of an NFS v3 mounted directory from a large number of processes. | |||||
| CVE-1999-1427 | 1 Sun | 1 Solstice Adminsuite | 2008-09-05 | 6.2 MEDIUM | N/A |
| Solaris Solstice AdminSuite (AdminSuite) 2.1 and 2.2 create lock files insecurely, which allows local users to gain root privileges. | |||||