Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-1999-0693 | 3 Hp, Ibm, Sco | 3 Hp-ux, Aix, Unixware | 2018-05-03 | 7.2 HIGH | N/A |
| Buffer overflow in TT_SESSION environment variable in ToolTalk shared library allows local users to gain root privileges. | |||||
| CVE-1999-0710 | 1 Redhat | 1 Linux | 2018-05-03 | 7.5 HIGH | N/A |
| The Squid package in Red Hat Linux 5.2 and 6.0, and other distributions, installs cachemgr.cgi in a public web directory, which allows remote attackers to use it as an intermediary to connect to other systems. | |||||
| CVE-1999-0743 | 1 Debian | 1 Debian Linux | 2018-05-03 | 2.1 LOW | N/A |
| Trn allows local users to overwrite other users' files via symlinks. | |||||
| CVE-1999-0751 | 1 Netscape | 1 Enterprise Server | 2018-05-03 | 5.0 MEDIUM | N/A |
| Buffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch. | |||||
| CVE-1999-0883 | 1 Zeus Technologies | 1 Zeus Web Server | 2018-05-03 | 10.0 HIGH | N/A |
| Zeus web server allows remote attackers to read arbitrary files by specifying the file name in an option to the search engine. | |||||
| CVE-1999-0884 | 1 Zeus Technologies | 1 Zeus Web Server | 2018-05-03 | 5.0 MEDIUM | N/A |
| The Zeus web server administrative interface uses weak encryption for its passwords. | |||||
| CVE-1999-0930 | 1 Matt Wright | 1 Wwwboard | 2018-05-03 | 5.0 MEDIUM | N/A |
| wwwboard allows a remote attacker to delete message board articles via a malformed argument. | |||||
| CVE-1999-0934 | 2018-05-03 | 5.0 MEDIUM | N/A | ||
| classifieds.cgi allows remote attackers to read arbitrary files via shell metacharacters. | |||||
| CVE-1999-0959 | 1 Sgi | 1 Irix | 2018-05-03 | 7.2 HIGH | N/A |
| IRIX startmidi program allows local users to modify arbitrary files via a symlink attack. | |||||
| CVE-1999-1027 | 1 Sun | 1 Solaris | 2018-05-03 | 7.2 HIGH | N/A |
| Solaris 2.6 HW3/98 installs admintool with world-writable permissions, which allows local users to gain privileges by replacing it with a Trojan horse program. | |||||
| CVE-1999-1080 | 1 Sun | 1 Sunos | 2018-05-03 | 7.2 HIGH | N/A |
| rmmount in SunOS 5.7 may mount file systems without the nosuid flag set, contrary to the documentation and its use in previous versions of SunOS, which could allow local users with physical access to gain root privileges by mounting a floppy or CD-ROM that contains a setuid program and running volcheck, when the file systems do not have the nosuid option specified in rmmount.conf. | |||||
| CVE-1999-1088 | 1 Hp | 1 Hp-ux | 2018-05-03 | 7.2 HIGH | N/A |
| Vulnerability in chsh command in HP-UX 9.X through 10.20 allows local users to gain privileges. | |||||
| CVE-1999-1122 | 1 Sun | 1 Sunos | 2018-05-03 | 4.6 MEDIUM | N/A |
| Vulnerability in restore in SunOS 4.0.3 and earlier allows local users to gain privileges. | |||||
| CVE-1999-1147 | 1 Platinum | 1 Policy Compliance Manager | 2018-05-03 | 7.5 HIGH | N/A |
| Buffer overflow in Platinum Policy Compliance Manager (PCM) 7.0 allows remote attackers to execute arbitrary commands via a long string to the Agent port (1827), which is handled by smaxagent.exe. | |||||
| CVE-1999-1156 | 1 Bisonware | 1 Bisonware Ftp Server | 2018-05-03 | 5.0 MEDIUM | N/A |
| BisonWare FTP Server 4.1 and earlier allows remote attackers to cause a denial of service via a malformed PORT command that contains a non-numeric character and a large number of carriage returns. | |||||
| CVE-1999-1205 | 1 Hp | 1 Hp-ux | 2018-05-03 | 2.1 LOW | N/A |
| nettune in HP-UX 10.01 and 10.00 is installed setuid root, which allows local users to cause a denial of service by modifying critical networking configuration information. | |||||
| CVE-1999-1219 | 1 Sgi | 1 Irix | 2018-05-03 | 7.2 HIGH | N/A |
| Vulnerability in sgihelp in the SGI help system and print manager in IRIX 5.2 and earlier allows local users to gain root privileges, possibly through the clogin command. | |||||
| CVE-1999-1265 | 1 Seatle Lab Software | 1 Slmail | 2018-05-03 | 5.0 MEDIUM | N/A |
| SMTP server in SLmail 3.1 and earlier allows remote attackers to cause a denial of service via malformed commands whose arguments begin with a "(" (parenthesis) character, such as (1) SEND, (2) VRFY, (3) EXPN, (4) MAIL FROM, (5) RCPT TO. | |||||
| CVE-2000-0005 | 1 Hp | 3 9000, Aserver, Hp-ux | 2018-05-03 | 7.2 HIGH | N/A |
| HP-UX aserver program allows local users to gain privileges via a symlink attack. | |||||
| CVE-2000-0007 | 1 Trend Micro | 1 Pc-cillin | 2018-05-03 | 5.0 MEDIUM | N/A |
| Trend Micro PC-Cillin does not restrict access to its internal proxy port, allowing remote attackers to conduct a denial of service. | |||||
| CVE-2000-0077 | 1 Hp | 1 Hp-ux | 2018-05-03 | 7.2 HIGH | N/A |
| The October 1998 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the ps and grep commands. | |||||
| CVE-2000-0078 | 1 Hp | 1 Hp-ux | 2018-05-03 | 7.2 HIGH | N/A |
| The June 1999 version of the HP-UX aserver program allows local users to gain privileges by specifying an alternate PATH which aserver uses to find the awk command. | |||||
| CVE-2000-0094 | 1 Netbsd | 1 Netbsd | 2018-05-03 | 7.2 HIGH | N/A |
| procfs in BSD systems allows local users to gain root privileges by modifying the /proc/pid/mem interface via a modified file descriptor for stderr. | |||||
| CVE-2000-0120 | 1 Allaire | 1 Spectra | 2018-05-03 | 7.5 HIGH | N/A |
| The Remote Access Service invoke.cfm template in Allaire Spectra 1.0 allows users to bypass authentication via the bAuthenticated parameter. | |||||
| CVE-2000-0149 | 1 Zeus Technologies | 1 Zeus Web Server | 2018-05-03 | 5.0 MEDIUM | N/A |
| Zeus web server allows remote attackers to view the source code for CGI programs via a null character (%00) at the end of a URL. | |||||
| CVE-2000-0165 | 1 Etl | 1 Delegate | 2018-05-03 | 7.5 HIGH | N/A |
| The Delegate application proxy has several buffer overflows which allow a remote attacker to execute commands. | |||||
| CVE-2000-0212 | 1 Pragma Systems | 1 Interaccess Telnetd Server | 2018-05-03 | 5.0 MEDIUM | N/A |
| InterAccess TelnetD Server 4.0 allows remote attackers to conduct a denial of service via malformed terminal client configuration information. | |||||
| CVE-2000-0253 | 1 Craig Dansie | 1 Dansie Shopping Cart | 2018-05-03 | 10.0 HIGH | N/A |
| The dansie shopping cart application cart.pl allows remote attackers to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0254 | 1 Craig Dansie | 1 Dansie Shopping Cart | 2018-05-03 | 5.0 MEDIUM | N/A |
| The dansie shopping cart application cart.pl allows remote attackers to obtain the shopping cart database and configuration information via a URL that references either the env, db, or vars form variables. | |||||
| CVE-2000-0534 | 1 Aps Filter Development Team | 1 Apsfilter | 2018-05-03 | 4.6 MEDIUM | N/A |
| The apsfilter software in the FreeBSD ports package does not properly read user filter configurations, which allows local users to execute commands as the lpd user. | |||||
| CVE-2000-0566 | 3 Caldera, Mandrakesoft, Redhat | 3 Openlinux, Mandrake Linux, Linux | 2018-05-03 | 7.2 HIGH | N/A |
| makewhatis in Linux man package allows local users to overwrite files via a symlink attack. | |||||
| CVE-2000-0573 | 1 Hp | 1 Hp-ux | 2018-05-03 | 10.0 HIGH | N/A |
| The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command. | |||||
| CVE-2000-0584 | 2 Debian, Freebsd | 2 Debian Linux, Freebsd | 2018-05-03 | 10.0 HIGH | N/A |
| Buffer overflow in Canna input system allows remote attackers to execute arbitrary commands via an SR_INIT command with a long user name or group name. | |||||
| CVE-2000-0585 | 1 Isc | 1 Dhcp Client | 2018-05-03 | 10.0 HIGH | N/A |
| ISC DHCP client program dhclient allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0666 | 5 Conectiva, Debian, Redhat and 2 more | 5 Linux, Debian Linux, Linux and 2 more | 2018-05-03 | 10.0 HIGH | N/A |
| rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges. | |||||
| CVE-2000-0670 | 1 Cvsweb Developer | 1 Cvsweb | 2018-05-03 | 7.2 HIGH | N/A |
| The cvsweb CGI script in CVSWeb 1.80 allows remote attackers with write access to a CVS repository to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0810 | 1 Cgi Script Center | 1 Auction Weaver | 2018-05-03 | 7.5 HIGH | N/A |
| Auction Weaver 1.0 through 1.04 does not properly validate the names of form fields, which allows remote attackers to delete arbitrary files and directories via a .. (dot dot) attack. | |||||
| CVE-2000-0811 | 1 Cgi Script Center | 1 Auction Weaver | 2018-05-03 | 5.0 MEDIUM | N/A |
| Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the username or bidfile form fields. | |||||
| CVE-2000-0867 | 5 Debian, Mandrakesoft, Redhat and 2 more | 5 Debian Linux, Mandrake Linux, Linux and 2 more | 2018-05-03 | 7.2 HIGH | N/A |
| Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages. | |||||
| CVE-2000-0887 | 1 Isc | 1 Bind | 2018-05-03 | 5.0 MEDIUM | N/A |
| named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the "zxfr bug." | |||||
| CVE-2000-0890 | 1 Freebsd | 1 Freebsd | 2018-05-03 | 1.2 LOW | N/A |
| periodic in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2000-0901 | 1 Juergen | 1 Weigert Screen | 2018-05-03 | 4.6 MEDIUM | N/A |
| Format string vulnerability in screen 3.9.5 and earlier allows local users to gain root privileges via format characters in the vbell_msg initialization variable. | |||||
| CVE-2000-0952 | 1 Shigio Yamaguchi | 1 Global | 2018-05-03 | 10.0 HIGH | N/A |
| global.cgi CGI program in Global 3.55 and earlier on NetBSD allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0962 | 1 Openbsd | 1 Openbsd | 2018-05-03 | 5.0 MEDIUM | N/A |
| The IPSEC implementation in OpenBSD 2.7 does not properly handle empty AH/ESP packets, which allows remote attackers to cause a denial of service. | |||||
| CVE-2000-0967 | 1 Php | 1 Php | 2018-05-03 | 10.0 HIGH | N/A |
| PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs. | |||||
| CVE-2000-0973 | 1 Daniel Stenberg | 1 Curl | 2018-05-03 | 10.0 HIGH | N/A |
| Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier than 6.0-1.2, allows remote attackers to execute arbitrary commands by forcing a long error message to be generated. | |||||
| CVE-2000-0974 | 1 Gnu | 1 Privacy Guard | 2018-05-03 | 7.5 HIGH | N/A |
| GnuPG (gpg) 1.0.3 does not properly check all signatures of a file containing multiple documents, which allows an attacker to modify contents of all documents but the first without detection. | |||||
| CVE-2000-0984 | 1 Cisco | 1 Ios | 2018-05-03 | 5.0 MEDIUM | N/A |
| The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string. | |||||
| CVE-2000-0992 | 2 Openbsd, Ssh | 2 Openssh, Ssh | 2018-05-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0994 | 1 Openbsd | 1 Openbsd | 2018-05-03 | 7.2 HIGH | N/A |
| Format string vulnerability in OpenBSD fstat program (and possibly other BSD-based operating systems) allows local users to gain root privileges via the PWD environmental variable. | |||||