Search
Total
27796 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0796 | 1 Sgi | 1 Irix | 2017-10-10 | 7.2 HIGH | N/A |
| Buffer overflow in dmplay in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long command line option. | |||||
| CVE-2000-0797 | 1 Sgi | 1 Irix | 2017-10-10 | 7.2 HIGH | N/A |
| Buffer overflow in gr_osview in IRIX 6.2 and 6.3 allows local users to gain privileges via a long -D option. | |||||
| CVE-2000-0799 | 1 Sgi | 1 Irix | 2017-10-10 | 3.7 LOW | N/A |
| inpview in InPerson in SGI IRIX 5.3 through IRIX 6.5.10 allows local users to gain privileges via a symlink attack on the .ilmpAAA temporary file. | |||||
| CVE-2000-0920 | 1 Boa | 1 Boa Webserver | 2017-10-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in BOA web server 0.94.8.2 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack in the GET HTTP request that uses a "%2E" instead of a "." | |||||
| CVE-2000-0804 | 1 Checkpoint | 1 Firewall-1 | 2017-10-10 | 7.5 HIGH | N/A |
| Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass the directionality check via fragmented TCP connection requests or reopening closed TCP connection requests, aka "One-way Connection Enforcement Bypass." | |||||
| CVE-2000-0805 | 1 Checkpoint | 1 Firewall-1 | 2017-10-10 | 7.5 HIGH | N/A |
| Check Point VPN-1/FireWall-1 4.1 and earlier improperly retransmits encapsulated FWS packets, even if they do not come from a valid FWZ client, aka "Retransmission of Encapsulated Packets." | |||||
| CVE-2000-0806 | 1 Checkpoint | 1 Firewall-1 | 2017-10-10 | 5.0 MEDIUM | N/A |
| The inter-module authentication mechanism (fwa1) in Check Point VPN-1/FireWall-1 4.1 and earlier may allow remote attackers to conduct a denial of service, aka "Inter-module Communications Bypass." | |||||
| CVE-2000-0807 | 1 Checkpoint | 1 Firewall-1 | 2017-10-10 | 7.5 HIGH | N/A |
| The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to spoof connections, aka the "OPSEC Authentication Vulnerability." | |||||
| CVE-2000-0808 | 1 Checkpoint | 1 Firewall-1 | 2017-10-10 | 7.5 HIGH | N/A |
| The seed generation mechanism in the inter-module S/Key authentication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass authentication via a brute force attack, aka "One-time (s/key) Password Authentication." | |||||
| CVE-2000-0809 | 1 Checkpoint | 1 Firewall-1 | 2017-10-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in Getkey in the protocol checker in the inter-module communication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to cause a denial of service. | |||||
| CVE-2000-0813 | 1 Checkpoint | 1 Firewall-1 | 2017-10-10 | 5.0 MEDIUM | N/A |
| Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to redirect FTP connections to other servers ("FTP Bounce") via invalid FTP commands that are processed improperly by FireWall-1, aka "FTP Connection Enforcement Bypass." | |||||
| CVE-2000-0816 | 1 Redhat | 1 Linux | 2017-10-10 | 2.1 LOW | N/A |
| Linux tmpwatch --fuser option allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters. | |||||
| CVE-2000-0818 | 1 Oracle | 1 Listener | 2017-10-10 | 10.0 HIGH | N/A |
| The default installation for the Oracle listener program 7.3.4, 8.0.6, and 8.1.6 allows an attacker to cause logging information to be appended to arbitrary files and execute commands via the SET TRC_FILE or SET LOG_FILE commands. | |||||
| CVE-2000-0824 | 1 Gnu | 1 Glibc | 2017-10-10 | 7.2 HIGH | N/A |
| The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH. | |||||
| CVE-2000-0825 | 1 Ipswitch | 1 Imail | 2017-10-10 | 5.0 MEDIUM | N/A |
| Ipswitch Imail 6.0 allows remote attackers to cause a denial of service via a large number of connections in which a long Host: header is sent, which causes a thread to crash. | |||||
| CVE-2000-0829 | 1 Redhat | 2 Linux, Tmpwatch | 2017-10-10 | 2.1 LOW | N/A |
| The tmpwatch utility in Red Hat Linux forks a new process for each directory level, which allows local users to cause a denial of service by creating deeply nested directories in /tmp or /var/tmp/. | |||||
| CVE-2000-0837 | 1 Deerfield | 1 Ftp Serv-u | 2017-10-10 | 5.0 MEDIUM | N/A |
| FTP Serv-U 2.5e allows remote attackers to cause a denial of service by sending a large number of null bytes. | |||||
| CVE-2000-0838 | 1 Fastream | 1 Fur Http Server | 2017-10-10 | 5.0 MEDIUM | N/A |
| Fastream FUR HTTP server 1.0b allows remote attackers to cause a denial of service via a long GET request. | |||||
| CVE-2000-0839 | 1 Ipswitch | 1 Wincom Lpd | 2017-10-10 | 5.0 MEDIUM | N/A |
| WinCOM LPD 1.00.90 allows remote attackers to cause a denial of service via a large number of LPD options to the LPD port (515). | |||||
| CVE-2000-0846 | 1 Ashley Montanaro | 1 Darxite | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in Darxite 0.4 and earlier allows a remote attacker to execute arbitrary commands via a long username or password. | |||||
| CVE-2000-0847 | 1 University Of Washington | 2 Imap, Pine | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in University of Washington c-client library (used by pine and other programs) allows remote attackers to execute arbitrary commands via a long X-Keywords header. | |||||
| CVE-2000-0848 | 1 Ibm | 1 Websphere Application Server | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in IBM WebSphere web application server (WAS) allows remote attackers to execute arbitrary commands via a long Host: request header. | |||||
| CVE-2000-0850 | 1 Netegrity | 1 Siteminder | 2017-10-10 | 7.5 HIGH | N/A |
| Netegrity SiteMinder before 4.11 allows remote attackers to bypass its authentication mechanism by appending "$/FILENAME.ext" (where ext is .ccc, .class, or .jpg) to the requested URL. | |||||
| CVE-2000-0852 | 1 Freebsd | 1 Freebsd | 2017-10-10 | 7.2 HIGH | N/A |
| Multiple buffer overflows in eject on FreeBSD and possibly other OSes allows local users to gain root privileges. | |||||
| CVE-2000-0853 | 1 Yabb | 1 Yabb | 2017-10-10 | 5.0 MEDIUM | N/A |
| YaBB Bulletin Board 9.1.2000 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0854 | 1 Microsoft | 1 Office | 2017-10-10 | 10.0 HIGH | N/A |
| When a Microsoft Office 2000 document is launched, the directory of that document is first used to locate DLL's such as riched20.dll and msi.dll, which could allow an attacker to execute arbitrary commands by inserting a Trojan Horse DLL into the same directory as the document. | |||||
| CVE-2000-0858 | 1 Microsoft | 2 Internet Information Server, Windows Nt | 2017-10-10 | 5.0 MEDIUM | N/A |
| Vulnerability in Microsoft Windows NT 4.0 allows remote attackers to cause a denial of service in IIS by sending it a series of malformed requests which cause INETINFO.EXE to fail, aka the "Invalid URL" vulnerability. | |||||
| CVE-2000-0859 | 1 Gordano | 1 Ntmail | 2017-10-10 | 5.0 MEDIUM | N/A |
| The web configuration server for NTMail V5 and V6 allows remote attackers to cause a denial of service via a series of partial HTTP requests. | |||||
| CVE-2000-0860 | 1 Php | 1 Php | 2017-10-10 | 5.0 MEDIUM | N/A |
| The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables. | |||||
| CVE-2000-0861 | 1 Gnu | 1 Mailman | 2017-10-10 | 7.2 HIGH | N/A |
| Mailman 1.1 allows list administrators to execute arbitrary commands via shell metacharacters in the %(listname) macro expansion. | |||||
| CVE-2000-0862 | 1 Allaire | 1 Spectra | 2017-10-10 | 6.4 MEDIUM | N/A |
| Vulnerability in an administrative interface utility for Allaire Spectra 1.0.1 allows remote attackers to read and modify sensitive configuration information. | |||||
| CVE-2000-0863 | 1 Listmanager | 1 Linux | 2017-10-10 | 7.2 HIGH | N/A |
| Buffer overflow in listmanager earlier than 2.105.1 allows local users to gain additional privileges. | |||||
| CVE-2000-0865 | 1 Tridia | 1 Doublevision | 2017-10-10 | 7.2 HIGH | N/A |
| Buffer overflow in dvtermtype in Tridia Double Vision 3.07.00 allows local users to gain root privileges via a long terminal type argument. | |||||
| CVE-2000-0868 | 2 Apache, Suse | 2 Http Server, Suse Linux | 2017-10-10 | 5.0 MEDIUM | N/A |
| The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source code for CGI scripts by replacing the /cgi-bin/ in the requested URL with /cgi-bin-sdb/. | |||||
| CVE-2000-0869 | 2 Apache, Suse | 2 Http Server, Suse Linux | 2017-10-10 | 5.0 MEDIUM | N/A |
| The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method. | |||||
| CVE-2000-0870 | 1 Khamil Landross And Zack Jones | 1 Eftp | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in EFTP allows remote attackers to cause a denial of service via a long string. | |||||
| CVE-2000-0871 | 1 Khamil Landross And Zack Jones | 1 Eftp | 2017-10-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in EFTP allows remote attackers to cause a denial of service by sending a string that does not contain a newline, then disconnecting from the server. | |||||
| CVE-2000-0873 | 1 Ibm | 1 Aix | 2017-10-10 | 2.1 LOW | N/A |
| netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities. | |||||
| CVE-2000-0874 | 1 Qualcomm | 1 Eudora | 2017-10-10 | 5.0 MEDIUM | N/A |
| Eudora mail client includes the absolute path of the sender's host within a virtual card (VCF). | |||||
| CVE-2000-0875 | 1 Texas Imperial Software | 2 Wftpd, Wftpd Pro | 2017-10-10 | 5.0 MEDIUM | N/A |
| WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to cause a denial of service by sending a long string of unprintable characters. | |||||
| CVE-2000-0878 | 1 Ranson Johnson | 1 Mailto Cgi Script | 2017-10-10 | 7.5 HIGH | N/A |
| The mailto CGI script allows remote attacker to execute arbitrary commands via shell metacharacters in the emailadd form field. | |||||
| CVE-2000-0883 | 1 Mandrakesoft | 1 Mandrake Linux | 2017-10-10 | 5.0 MEDIUM | N/A |
| The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory. | |||||
| CVE-2000-0892 | 2 Caldera, U Win | 2 Openlinux, U Win | 2017-10-10 | 2.6 LOW | N/A |
| Some telnet clients allow remote telnet servers to request environment variables from the client that may contain sensitive information, or remote web servers to obtain the information via a telnet: URL. | |||||
| CVE-2000-0894 | 1 Watchguard | 1 Soho Firewall | 2017-10-10 | 10.0 HIGH | N/A |
| HTTP server on the WatchGuard SOHO firewall does not properly restrict access to administrative functions such as password resets or rebooting, which allows attackers to cause a denial of service or conduct unauthorized activities. | |||||
| CVE-2000-0895 | 1 Watchguard | 1 Soho Firewall | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in HTTP server on the WatchGuard SOHO firewall allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long GET request. | |||||
| CVE-2000-0896 | 1 Watchguard | 1 Soho Firewall | 2017-10-10 | 5.0 MEDIUM | N/A |
| WatchGuard SOHO firewall allows remote attackers to cause a denial of service via a flood of fragmented IP packets, which causes the firewall to drop connections and stop forwarding packets. | |||||
| CVE-2000-0897 | 1 Max Feoktistov | 1 Small Http Server | 2017-10-10 | 5.0 MEDIUM | N/A |
| Small HTTP Server 2.03 and earlier allows remote attackers to cause a denial of service by repeatedly requesting a URL that references a directory that does not contain an index.html file, which consumes memory that is not released after the request is completed. | |||||
| CVE-2000-0900 | 1 Acme Labs | 1 Thttpd | 2017-10-10 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in ssi CGI program in thttpd 2.19 and earlier allows remote attackers to read arbitrary files via a "%2e%2e" string, a variation of the .. (dot dot) attack. | |||||
| CVE-2000-0908 | 1 Netcplus | 1 Browsegate | 2017-10-10 | 5.0 MEDIUM | N/A |
| BrowseGate 2.80 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via long Authorization or Referer MIME headers in the HTTP request. | |||||
| CVE-2000-0909 | 1 University Of Washington | 1 Pine | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in the automatic mail checking component of Pine 4.21 and earlier allows remote attackers to execute arbitrary commands via a long From: header. | |||||