Search
Total
86024 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0995 | 1 Openbsd | 1 Openbsd | 2018-05-03 | 7.2 HIGH | N/A |
| Format string vulnerability in OpenBSD yp_passwd program (and possibly other BSD-based operating systems) allows attackers to gain root privileges a malformed name. | |||||
| CVE-2000-0996 | 1 Openbsd | 1 Openbsd | 2018-05-03 | 7.2 HIGH | N/A |
| Format string vulnerability in OpenBSD su program (and possibly other BSD-based operating systems) allows local attackers to gain root privileges via a malformed shell. | |||||
| CVE-2000-0997 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2018-05-03 | 7.2 HIGH | N/A |
| Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges. | |||||
| CVE-2000-1026 | 1 Lbl | 1 Tcpdump | 2018-05-03 | 10.0 HIGH | N/A |
| Multiple buffer overflows in LBNL tcpdump allow remote attackers to execute arbitrary commands. | |||||
| CVE-2000-1031 | 1 Hp | 2 Hp-ux, Tru64 | 2018-05-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through 5.1a allows local users to execute arbitrary code via a long -tn option. | |||||
| CVE-2000-1060 | 1 Xfree86 Project | 1 Xfce | 2018-05-03 | 4.6 MEDIUM | N/A |
| The default configuration of XFCE 3.5.1 bypasses the Xauthority access control mechanism with an "xhost + localhost" command in the xinitrc program, which allows local users to sniff X Windows traffic and gain privileges. | |||||
| CVE-2000-1096 | 1 Paul Vixie | 1 Vixie Cron | 2018-05-03 | 3.7 LOW | N/A |
| crontab by Paul Vixie uses predictable file names for a temporary file and does not properly ensure that the file is owned by the user executing the crontab -e command, which allows local users with write access to the crontab spool directory to execute arbitrary commands by creating world-writeable temporary files and modifying them while the victim is editing the file. | |||||
| CVE-2000-1137 | 1 Gnu | 1 Ed | 2018-05-03 | 4.6 MEDIUM | N/A |
| GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack. | |||||
| CVE-2000-1178 | 1 Joseph Allen | 1 Joe | 2018-05-03 | 2.1 LOW | N/A |
| Joe text editor follows symbolic links when creating a rescue copy called DEADJOE during an abnormal exit, which allows local users to overwrite the files of other users whose joe session crashes. | |||||
| CVE-2000-1180 | 1 Oracle | 1 Oracle8i | 2018-05-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in cmctl program in Oracle 8.1.5 Connection Manager Control allows local users to gain privileges via a long command line argument. | |||||
| CVE-2001-0060 | 1 Stunnel | 1 Stunnel | 2018-05-03 | 10.0 HIGH | N/A |
| Format string vulnerability in stunnel 3.8 and earlier allows attackers to execute arbitrary commands via a malformed ident username. | |||||
| CVE-2001-0066 | 1 Kevin Lindsay | 1 Secure Locate | 2018-05-03 | 7.2 HIGH | N/A |
| Secure Locate (slocate) allows local users to corrupt memory via a malformed database file that specifies an offset value that accesses memory outside of the intended buffer. | |||||
| CVE-2001-0129 | 1 Tinyproxy | 1 Tinyproxy | 2018-05-03 | 10.0 HIGH | N/A |
| Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long connect request. | |||||
| CVE-2001-0144 | 2 Openbsd, Ssh | 2 Openssh, Ssh | 2018-05-03 | 10.0 HIGH | N/A |
| CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow. | |||||
| CVE-2001-0361 | 2 Openbsd, Ssh | 2 Openssh, Ssh | 2018-05-03 | 4.0 MEDIUM | N/A |
| Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote attacker to decrypt and/or alter traffic via a "Bleichenbacher attack" on PKCS#1 version 1.5. | |||||
| CVE-2001-0489 | 1 Gftp | 1 Gftp | 2018-05-03 | 7.5 HIGH | N/A |
| Format string vulnerability in gftp prior to 2.0.8 allows remote malicious FTP servers to execute arbitrary commands. | |||||
| CVE-2001-0522 | 1 Gnu | 1 Privacy Guard | 2018-05-03 | 7.5 HIGH | N/A |
| Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file. | |||||
| CVE-2001-0526 | 1 Sun | 1 Solaris | 2018-05-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in the Xview library as used by mailtool in Solaris 8 and earlier allows a local attacker to gain privileges via the OPENWINHOME environment variable. | |||||
| CVE-2001-0550 | 2 David Madore, Washington University | 2 Ftpd-bsd, Wu-ftpd | 2018-05-03 | 7.5 HIGH | N/A |
| wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob). | |||||
| CVE-2001-0551 | 1 Hp | 1 Hp-ux | 2018-05-03 | 7.2 HIGH | N/A |
| Buffer overflow in CDE Print Viewer (dtprintinfo) allows local users to execute arbitrary code by copying text from the clipboard into the Help window. | |||||
| CVE-2001-0591 | 1 Oracle | 2 Application Server, Jsp | 2018-05-03 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Oracle JSP 1.0.x through 1.1.1 and Oracle 8.1.7 iAS Release 1.0.2 can allow a remote attacker to read or execute arbitrary .jsp files via a '..' (dot dot) attack. | |||||
| CVE-2001-0653 | 1 Sendmail | 1 Sendmail | 2018-05-03 | 4.6 MEDIUM | N/A |
| Sendmail 8.10.0 through 8.11.5, and 8.12.0 beta, allows local users to modify process memory and possibly gain privileges via a large value in the 'category' part of debugger (-d) command line arguments, which is interpreted as a negative number. | |||||
| CVE-2001-0686 | 1 Sun | 1 Solaris | 2018-05-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in mail included with SunOS 5.8 for x86 allows a local user to gain privileges via a long HOME environment variable. | |||||
| CVE-2001-0701 | 1 Sun | 1 Sunvts | 2018-05-03 | 7.2 HIGH | N/A |
| Buffer overflow in ptexec in the Sun Validation Test Suite 4.3 and earlier allows a local user to gain privileges via a long -o argument. | |||||
| CVE-2001-0763 | 2 Debian, Suse | 2 Debian Linux, Suse Linux | 2018-05-03 | 7.5 HIGH | N/A |
| Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow remote attackers to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function. | |||||
| CVE-2001-0825 | 1 Xinetd | 1 Xinetd | 2018-05-03 | 10.0 HIGH | N/A |
| Buffer overflow in internal string handling routines of xinetd before 2.1.8.8 allows remote attackers to execute arbitrary commands via a length argument of zero or less, which disables the length check. | |||||
| CVE-2001-0833 | 1 Oracle | 1 Database Server | 2018-05-03 | 7.2 HIGH | N/A |
| Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable, aka the "Oracle Trace Collection Security Vulnerability." | |||||
| CVE-2001-0852 | 1 Redhat | 1 Linux | 2018-05-03 | 5.0 MEDIUM | N/A |
| TUX HTTP server 2.1.0-2 in Red Hat Linux allows remote attackers to cause a denial of service via a long Host: header. | |||||
| CVE-2001-0869 | 3 Caldera, Redhat, Suse | 5 Openlinux Eserver, Openlinux Workstation, Linux and 2 more | 2018-05-03 | 7.5 HIGH | N/A |
| Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands. | |||||
| CVE-2001-0872 | 3 Openbsd, Redhat, Suse | 3 Openssh, Linux, Suse Linux | 2018-05-03 | 7.2 HIGH | N/A |
| OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges. | |||||
| CVE-2001-0886 | 2 Debian, Redhat | 2 Debian Linux, Linux | 2018-05-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in glob function of glibc allows attackers to cause a denial of service (crash) and possibly execute arbitrary code via a glob pattern that ends in a brace "{" character. | |||||
| CVE-2001-1066 | 1 Sun | 1 Solaris | 2018-05-03 | 2.1 LOW | N/A |
| ns6install installation script for Netscape 6.01 on Solaris, and other versions including 6.2.1 beta, allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2001-1380 | 1 Openbsd | 1 Openssh | 2018-05-03 | 7.5 HIGH | N/A |
| OpenSSH before 2.9.9, while using keypairs and multiple keys of different types in the ~/.ssh/authorized_keys2 file, may not properly handle the "from" option associated with a key, which could allow remote attackers to login from unauthorized IP addresses. | |||||
| CVE-2002-0043 | 1 Todd Miller | 1 Sudo | 2018-05-03 | 7.2 HIGH | N/A |
| sudo 1.6.0 through 1.6.3p7 does not properly clear the environment before calling the mail program, which could allow local users to gain root privileges by modifying environment variables and changing how the mail program is invoked. | |||||
| CVE-2002-0063 | 1 Easy Software Products | 1 Cups | 2018-05-03 | 7.5 HIGH | N/A |
| Buffer overflow in ippRead function of CUPS before 1.1.14 may allow attackers to execute arbitrary code via long attribute names or language values. | |||||
| CVE-2002-0566 | 1 Oracle | 4 Application Server, Application Server Web Cache, Oracle8i and 1 more | 2018-05-03 | 5.0 MEDIUM | N/A |
| PL/SQL module 3.0.9.8.2 in Oracle 9i Application Server 1.0.2.x allows remote attackers to cause a denial of service (crash) via an HTTP Authorization header without an authentication type. | |||||
| CVE-2002-1158 | 1 Canna | 1 Canna | 2018-05-03 | 7.2 HIGH | N/A |
| Buffer overflow in the irw_through function for Canna 3.5b2 and earlier allows local users to execute arbitrary code as the bin user. | |||||
| CVE-2002-1159 | 1 Canna | 1 Canna | 2018-05-03 | 6.4 MEDIUM | N/A |
| Canna 3.6 and earlier does not properly validate requests, which allows remote attackers to cause a denial of service or information leak. | |||||
| CVE-2002-1170 | 1 Net-snmp | 1 Net-snmp | 2018-05-03 | 5.0 MEDIUM | N/A |
| The handle_var_requests function in snmp_agent.c for the SNMP daemon in the Net-SNMP (formerly ucd-snmp) package 5.0.1 through 5.0.5 allows remote attackers to cause a denial of service (crash) via a NULL dereference. | |||||
| CVE-2002-1219 | 3 Freebsd, Isc, Openbsd | 3 Freebsd, Bind, Openbsd | 2018-05-03 | 7.5 HIGH | N/A |
| Buffer overflow in named in BIND 4 versions 4.9.10 and earlier, and 8 versions 8.3.3 and earlier, allows remote attackers to execute arbitrary code via a certain DNS server response containing SIG resource records (RR). | |||||
| CVE-2002-1220 | 3 Freebsd, Isc, Openbsd | 3 Freebsd, Bind, Openbsd | 2018-05-03 | 5.0 MEDIUM | N/A |
| BIND 8.3.x through 8.3.3 allows remote attackers to cause a denial of service (termination due to assertion failure) via a request for a subdomain that does not exist, with an OPT resource record with a large UDP payload size. | |||||
| CVE-2002-1221 | 3 Freebsd, Isc, Openbsd | 3 Freebsd, Bind, Openbsd | 2018-05-03 | 5.0 MEDIUM | N/A |
| BIND 8.x through 8.3.3 allows remote attackers to cause a denial of service (crash) via SIG RR elements with invalid expiry times, which are removed from the internal BIND database and later cause a null dereference. | |||||
| CVE-2002-1318 | 3 Hp, Samba, Sgi | 3 Cifs-9000 Server, Samba, Irix | 2018-05-03 | 10.0 HIGH | N/A |
| Buffer overflow in samba 2.2.2 through 2.2.6 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an encrypted password that causes the overflow during decryption in which a DOS codepage string is converted to a little-endian UCS2 unicode string. | |||||
| CVE-2002-1350 | 1 Lbl | 1 Tcpdump | 2018-05-03 | 7.5 HIGH | N/A |
| The BGP decoding routines in tcpdump 3.6.x before 3.7 do not properly copy data, which allows remote attackers to cause a denial of service (application crash). | |||||
| CVE-2002-1365 | 1 Fetchmail | 1 Fetchmail | 2018-05-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in Fetchmail 6.1.3 and earlier does not account for the "@" character when determining buffer lengths for local addresses, which allows remote attackers to execute arbitrary code via a header with a large number of local addresses. | |||||
| CVE-2002-1380 | 1 Linux | 1 Linux Kernel | 2018-05-03 | 2.1 LOW | N/A |
| Linux kernel 2.2.x allows local users to cause a denial of service (crash) by using the mmap() function with a PROT_READ parameter to access non-readable memory pages through the /proc/pid/mem interface. | |||||
| CVE-2002-1384 | 2 Easy Software Products, Xpdf | 2 Cups, Xpdf | 2018-05-03 | 7.2 HIGH | N/A |
| Integer overflow in pdftops, as used in Xpdf 2.01 and earlier, xpdf-i, and CUPS before 1.1.18, allows local users to execute arbitrary code via a ColorSpace entry with a large number of elements, as demonstrated by cups-pdf. | |||||
| CVE-2002-1396 | 1 Php | 1 Php | 2018-05-03 | 7.5 HIGH | N/A |
| Heap-based buffer overflow in the wordwrap function in PHP after 4.1.2 and before 4.3.0 may allow attackers to cause a denial of service or execute arbitrary code. | |||||
| CVE-2002-1497 | 1 Nulllogic | 1 Null Httpd | 2018-05-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Null HTTP Server 0.5.0 and earlier allows remote attackers to insert arbitrary HTML into a "404 Not Found" response. | |||||
| CVE-2003-0015 | 2 Cvs, Freebsd | 2 Cvs, Freebsd | 2018-05-03 | 7.5 HIGH | N/A |
| Double-free vulnerability in CVS 1.11.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a malformed Directory request, as demonstrated by bypassing write checks to execute Update-prog and Checkin-prog commands. | |||||