Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0759 | 1 Apache | 1 Tomcat | 2008-09-05 | 6.4 MEDIUM | N/A |
| Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a URL that does not exist, which generates an error message that includes the physical path. | |||||
| CVE-2000-0760 | 1 Apache | 1 Tomcat | 2008-09-05 | 6.4 MEDIUM | N/A |
| The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information when a remote attacker requests a nonexistent URL with a .snp extension. | |||||
| CVE-2000-0774 | 1 Bajie | 1 Java Http Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| The sample Java servlet "test" in Bajie HTTP web server 0.30a reveals the real pathname of the web document root. | |||||
| CVE-2000-0775 | 1 Robtex | 1 Viking Server | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in RobTex Viking server earlier than 1.06-370 allows remote attackers to cause a denial of service or execute arbitrary commands via a long HTTP GET request, or long Unless-Modified-Since, If-Range, or If-Modified-Since headers. | |||||
| CVE-2000-0784 | 1 Rapidstream | 1 Rapidstream | 2008-09-05 | 10.0 HIGH | N/A |
| sshd program in the Rapidstream 2.1 Beta VPN appliance has a hard-coded "rsadmin" account with a null password, which allows remote attackers to execute arbitrary commands via ssh. | |||||
| CVE-2000-0798 | 1 Sgi | 1 Irix | 2008-09-05 | 10.0 HIGH | N/A |
| The truncate function in IRIX 6.x does not properly check for privileges when the file is in the xfs file system, which allows local users to delete the contents of arbitrary files. | |||||
| CVE-2000-0801 | 1 Hp | 1 Hp-ux | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflow in bdf program in HP-UX 11.00 may allow local users to gain root privileges via a long -t option. | |||||
| CVE-2000-0693 | 1 Tech-source | 1 Raptor Gfx Pgx32 | 2008-09-05 | 7.2 HIGH | N/A |
| pgxconfig in the Raptor GFX configuration tool uses a relative path name for a system call to the "cp" program, which allows local users to execute arbitrary commands by modifying their path to point to an alternate "cp" program. | |||||
| CVE-2000-0384 | 1 Intel | 2 Netstructure 7110, Netstructure 7180 | 2008-09-05 | 10.0 HIGH | N/A |
| NetStructure 7110 and 7180 have undocumented accounts (servnow, root, and wizard) whose passwords are easily guessable from the NetStructure's MAC address, which could allow remote attackers to gain root access. | |||||
| CVE-2000-0280 | 1 Realnetworks | 1 Realplayer | 2008-09-05 | 2.6 LOW | N/A |
| Buffer overflow in the RealNetworks RealPlayer client versions 6 and 7 allows remote attackers to cause a denial of service via a long Location URL. | |||||
| CVE-2000-0281 | 1 Napster | 1 Napster Client | 2008-09-05 | 2.1 LOW | N/A |
| Buffer overflow in the Napster client beta 5 allows remote attackers to cause a denial of service via a long message. | |||||
| CVE-2000-0307 | 1 Sco | 3 Open Desktop, Openserver, Unixware | 2008-09-05 | 5.0 MEDIUM | N/A |
| Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service which prevents access to reserved port numbers below 1024. | |||||
| CVE-2000-0348 | 1 Sco | 1 Unixware | 2008-09-05 | 10.0 HIGH | N/A |
| A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 and earlier allows an attacker to gain root privileges. | |||||
| CVE-2000-0306 | 1 Sco | 1 Openserver | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in calserver in SCO OpenServer allows remote attackers to gain root access via a long message. | |||||
| CVE-2000-0349 | 1 Sco | 1 Unixware | 2008-09-05 | 5.0 MEDIUM | N/A |
| Vulnerability in the passthru driver in SCO UnixWare 7.1.0 allows an attacker to cause a denial of service. | |||||
| CVE-2000-0147 | 1 Sco | 1 Openserver | 2008-09-05 | 2.1 LOW | N/A |
| snmpd in SCO OpenServer has an SNMP community string that is writable by default, which allows local attackers to modify the host's configuration. | |||||
| CVE-2000-0312 | 1 Openbsd | 1 Openbsd | 2008-09-05 | 7.2 HIGH | N/A |
| cron in OpenBSD 2.5 allows local users to gain root privileges via an argv[] that is not NULL terminated, which is passed to cron's fake popen function. | |||||
| CVE-2000-0082 | 1 Microsoft | 1 Webtv | 2008-09-05 | 5.0 MEDIUM | N/A |
| WebTV email client allows remote attackers to force the client to send email without the user's knowledge via HTML. | |||||
| CVE-2000-0308 | 2 Netscape, Sco | 4 Enterprise Server, Fasttrack Server, Proxy Server and 1 more | 2008-09-05 | 10.0 HIGH | N/A |
| Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges. | |||||
| CVE-2000-0081 | 1 Microsoft | 1 Hotmail | 2008-09-05 | 10.0 HIGH | N/A |
| Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute the code by using hexadecimal codes to specify the javascript: protocol, e.g. jAvascript. | |||||
| CVE-2000-0415 | 1 Microsoft | 2 Outlook, Outlook Express | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in Outlook Express 4.x allows attackers to cause a denial of service via a mail or news message that has a .jpg or .bmp attachment with a long file name. | |||||
| CVE-1999-1438 | 1 Sun | 1 Sunos | 2008-09-05 | 7.2 HIGH | N/A |
| Vulnerability in /bin/mail in SunOS 4.1.1 and earlier allows local users to gain root privileges via certain command line arguments. | |||||
| CVE-1999-1306 | 1 Cisco | 1 Ios | 2008-09-05 | 7.5 HIGH | N/A |
| Cisco IOS 9.1 and earlier does not properly handle extended IP access lists when the IP route cache is enabled and the "established" keyword is set, which could allow attackers to bypass filters. | |||||
| CVE-1999-1449 | 1 Sun | 1 Sunos | 2008-09-05 | 2.1 LOW | N/A |
| SunOS 4.1.4 on a Sparc 20 machine allows local users to cause a denial of service (kernel panic) by reading from the /dev/tcx0 TCX device. | |||||
| CVE-1999-1415 | 1 Digital | 1 Ultrix | 2008-09-05 | 4.6 MEDIUM | N/A |
| Vulnerability in /usr/bin/mail in DEC ULTRIX before 4.2 allows local users to gain privileges. | |||||
| CVE-1999-1483 | 1 Svgalib | 1 Svgalib | 2008-09-05 | 4.6 MEDIUM | N/A |
| Buffer overflow in zgv in svgalib 1.2.10 and earlier allows local users to execute arbitrary code via a long HOME environment variable. | |||||
| CVE-1999-1499 | 1 Isc | 1 Bind | 2008-09-05 | 2.1 LOW | N/A |
| named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2) named.stats when SIGIOT is used. | |||||
| CVE-1999-1418 | 1 Mirabilis | 1 Icq Web Front | 2008-09-05 | 5.0 MEDIUM | N/A |
| ICQ99 ICQ web server build 1701 with "Active Homepage" enabled generates allows remote attackers to determine the existence of files on the server by comparing server responses when a file exists ("404 Forbidden") versus when a file does not exist ("404 not found"). | |||||
| CVE-1999-1482 | 1 Svgalib | 1 Zgv | 2008-09-05 | 7.2 HIGH | N/A |
| SVGAlib zgv 3.0-7 and earlier allows local users to gain root access via a privilege leak of the iopl(3) privileges to child processes. | |||||
| CVE-1999-1480 | 1 Ibm | 1 Aix | 2008-09-05 | 1.2 LOW | N/A |
| (1) acledit and (2) aclput in AIX 4.3 allow local users to create or modify files via a symlink attack. | |||||
| CVE-1999-1475 | 1 Proftpd Project | 1 Proftpd | 2008-09-05 | 4.6 MEDIUM | N/A |
| ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g. via the last command. | |||||
| CVE-1999-1300 | 1 Cray | 1 Unicos | 2008-09-05 | 3.6 LOW | N/A |
| Vulnerability in accton in Cray UNICOS 6.1 and 6.0 allows local users to read arbitrary files and modify system accounting configuration. | |||||
| CVE-1999-1488 | 1 Ibm | 1 System Data Repository | 2008-09-05 | 5.0 MEDIUM | N/A |
| sdrd daemon in IBM SP2 System Data Repository (SDR) allows remote attackers to read files without authentication. | |||||
| CVE-1999-1362 | 1 Microsoft | 1 Windows Nt | 2008-09-05 | 2.1 LOW | N/A |
| Win32k.sys in Windows NT 4.0 before SP2 allows local users to cause a denial of service (crash) by calling certain WIN32K functions with incorrect parameters. | |||||
| CVE-1999-1364 | 1 Microsoft | 1 Windows Nt | 2008-09-05 | 2.1 LOW | N/A |
| Windows NT 4.0 allows local users to cause a denial of service (crash) via an illegal kernel mode address to the functions (1) GetThreadContext or (2) SetThreadContext. | |||||
| CVE-1999-1487 | 1 Ibm | 1 Aix | 2008-09-05 | 7.2 HIGH | N/A |
| Vulnerability in digest in AIX 4.3 allows printq users to gain root privileges by creating and/or modifing any file on the system. | |||||
| CVE-1999-1307 | 1 Novell | 1 Unixware | 2008-09-05 | 7.2 HIGH | N/A |
| Vulnerability in urestore in Novell UnixWare 1.1 allows local users to gain root privileges. | |||||
| CVE-1999-1301 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 7.5 HIGH | N/A |
| A design flaw in the Z-Modem protocol allows the remote sender of a file to execute arbitrary programs on the client, as implemented in rz in the rzsz module of FreeBSD before 2.1.5, and possibly other programs. | |||||
| CVE-1999-1377 | 1 Matt Wright | 1 Download.cgi | 2008-09-05 | 5.0 MEDIUM | N/A |
| Matt Wright's download.cgi 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) in the f parameter. | |||||
| CVE-1999-1380 | 1 Symantec | 1 Norton Utilities | 2008-09-05 | 5.1 MEDIUM | N/A |
| Symantec Norton Utilities 2.0 for Windows 95 marks the TUNEOCX.OCX ActiveX control as safe for scripting, which allows remote attackers to execute arbitrary commands via the run option through malicious web pages that are accessed by browsers such as Internet Explorer 3.0. | |||||
| CVE-1999-1424 | 1 Sun | 1 Solstice Adminsuite | 2008-09-05 | 6.2 MEDIUM | N/A |
| Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions when adding new users to the NIS+ password table, which allows local users to gain root access by modifying their password table entries. | |||||
| CVE-1999-1554 | 1 Sgi | 1 Irix | 2008-09-05 | 2.1 LOW | N/A |
| /usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read the mail of other users. | |||||
| CVE-1999-1401 | 1 Sgi | 1 Irix | 2008-09-05 | 4.6 MEDIUM | N/A |
| Vulnerability in Desktop searchbook program in IRIX 5.0.x through 6.2 sets insecure permissions for certain user files (iconbook and searchbook). | |||||
| CVE-1999-1359 | 1 Microsoft | 1 Windows Nt | 2008-09-05 | 7.5 HIGH | N/A |
| When the Ntconfig.pol file is used on a server whose name is longer than 13 characters, Windows NT does not properly enforce policies for global groups, which could allow users to bypass restrictions that were intended by those policies. | |||||
| CVE-1999-1489 | 1 Slackware | 1 Slackware Linux | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflow in TestChip function in XFree86 SuperProbe in Slackware Linux 3.1 allows local users to gain root privileges via a long -nopr argument. | |||||
| CVE-1999-1360 | 1 Microsoft | 1 Windows Nt | 2008-09-05 | 2.1 LOW | N/A |
| Windows NT 4.0 allows local users to cause a denial of service via a user mode application that closes a handle that was opened in kernel mode, which causes a crash when the kernel attempts to close the handle. | |||||
| CVE-1999-1358 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2008-09-05 | 4.6 MEDIUM | N/A |
| When an administrator in Windows NT or Windows 2000 changes a user policy, the policy is not properly updated if the local ntconfig.pol is not writable by the user, which could allow local users to bypass restrictions that would otherwise be enforced by the policy, possibly by changing the policy file to be read-only. | |||||
| CVE-1999-1388 | 1 Sun | 1 Sunos | 2008-09-05 | 6.2 MEDIUM | N/A |
| passwd in SunOS 4.1.x allows local users to overwrite arbitrary files via a symlink attack and the -F command line argument. | |||||
| CVE-1999-1363 | 1 Microsoft | 1 Windows Nt | 2008-09-05 | 2.1 LOW | N/A |
| Windows NT 3.51 and 4.0 allow local users to cause a denial of service (crash) by running a program that creates a large number of locks on a file, which exhausts the NonPagedPool. | |||||
| CVE-1999-1390 | 1 Debian | 1 Debian Linux | 2008-09-05 | 7.2 HIGH | N/A |
| suidexec in suidmanager 0.18 on Debian 2.0 allows local users to gain root privileges by specifying a malicious program on the command line. | |||||