Search
Total
27796 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0156 | 1 Van Dyke Technologies | 1 Vshell | 2017-10-10 | 2.1 LOW | N/A |
| VShell SSH gateway 1.0.1 and earlier has a default port forwarding rule of 0.0.0.0/0.0.0.0, which could allow local users to conduct arbitrary port forwarding to other systems. | |||||
| CVE-2001-0157 | 1 Palm | 1 Palm Os | 2017-10-10 | 4.6 MEDIUM | N/A |
| Debugging utility in the backdoor mode of Palm OS 3.5.2 and earlier allows attackers with physical access to a Palm device to bypass access restrictions and obtain passwords, even if the system lockout mechanism is enabled. | |||||
| CVE-2001-0164 | 1 Netscape | 1 Directory Server | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in Netscape Directory Server 4.12 and earlier allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed recipient field. | |||||
| CVE-2001-0166 | 1 Macromedia | 1 Shockwave Flash Plugin | 2017-10-10 | 7.6 HIGH | N/A |
| Macromedia Shockwave Flash plugin version 8 and earlier allows remote attackers to cause a denial of service via malformed tag length specifiers in a SWF file. | |||||
| CVE-2001-0169 | 4 Mandrakesoft, Redhat, Trustix and 1 more | 5 Mandrake Linux, Mandrake Linux Corporate Server, Linux and 2 more | 2017-10-10 | 2.1 LOW | N/A |
| When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib. | |||||
| CVE-2001-0170 | 4 Conectiva, Debian, Immunix and 1 more | 4 Linux, Debian Linux, Immunix and 1 more | 2017-10-10 | 2.1 LOW | N/A |
| glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files. | |||||
| CVE-2001-0174 | 1 Trend Micro | 1 Virus Buster 2001 | 2017-10-10 | 7.6 HIGH | N/A |
| Buffer overflow in Trend Micro Virus Buster 2001 8.00 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a large "To" address. | |||||
| CVE-2001-0175 | 1 Netscape | 1 Fasttrack Server | 2017-10-10 | 5.0 MEDIUM | N/A |
| The caching module in Netscape Fasttrack Server 4.1 allows remote attackers to cause a denial of service (resource exhaustion) by requesting a large number of non-existent URLs. | |||||
| CVE-2001-0176 | 1 Voyant Technologies | 1 Sonata | 2017-10-10 | 7.2 HIGH | N/A |
| The setuid doroot program in Voyant Sonata 3.x executes arbitrary command line arguments, which allows local users to gain root privileges. | |||||
| CVE-2001-0178 | 4 Caldera, Conectiva, Mandrakesoft and 1 more | 5 Openlinux Edesktop, Linux, Mandrake Linux and 2 more | 2017-10-10 | 2.1 LOW | N/A |
| kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal passwords and gain privileges. | |||||
| CVE-2001-0179 | 1 Macromedia | 1 Jrun | 2017-10-10 | 5.0 MEDIUM | N/A |
| Allaire JRun 3.0 allows remote attackers to list contents of the WEB-INF directory, and the web.xml file in the WEB-INF directory, via a malformed URL that contains a "." | |||||
| CVE-2001-0182 | 1 Checkpoint | 1 Firewall-1 | 2017-10-10 | 5.0 MEDIUM | N/A |
| FireWall-1 4.1 with a limited-IP license allows remote attackers to cause a denial of service by sending a large number of spoofed IP packets with various source addresses to the inside interface, which floods the console with warning messages and consumes CPU resources. | |||||
| CVE-2001-0183 | 1 Freebsd | 1 Freebsd | 2017-10-10 | 7.5 HIGH | N/A |
| ipfw and ip6fw in FreeBSD 4.2 and earlier allows remote attackers to bypass access restrictions by setting the ECE flag in a TCP packet, which makes the packet appear to be part of an established connection. | |||||
| CVE-2001-0185 | 1 Netopia | 1 R9100 Router | 2017-10-10 | 5.0 MEDIUM | N/A |
| Netopia R9100 router version 4.6 allows authenticated users to cause a denial of service by using the router's telnet program to connect to the router's IP address, which causes a crash. | |||||
| CVE-2001-0187 | 1 Washington University | 1 Wu-ftpd | 2017-10-10 | 10.0 HIGH | N/A |
| Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment. | |||||
| CVE-2001-0189 | 1 Intranet-server | 1 Localweb2000 | 2017-10-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in LocalWEB2000 HTTP server allows remote attackers to read arbitrary commands via a .. (dot dot) attack in an HTTP GET request. | |||||
| CVE-2001-0191 | 1 Andy Norman | 1 Gnuserv | 2017-10-10 | 10.0 HIGH | N/A |
| gnuserv before 3.12, as shipped with XEmacs, does not properly check the specified length of an X Windows MIT-MAGIC-COOKIE cookie, which allows remote attackers to execute arbitrary commands via a buffer overflow, or brute force authentication by using a short cookie length. | |||||
| CVE-2001-0193 | 2 Debian, Suse | 2 Debian Linux, Suse Linux | 2017-10-10 | 7.2 HIGH | N/A |
| Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter. | |||||
| CVE-2001-0194 | 1 Easy Software Products | 1 Cups | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in httpGets function in CUPS 1.1.5 allows remote attackers to execute arbitrary commands via a long input line. | |||||
| CVE-2001-0195 | 1 Debian | 1 Debian Linux | 2017-10-10 | 2.1 LOW | N/A |
| sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking. | |||||
| CVE-2001-0196 | 1 Freebsd | 1 Freebsd | 2017-10-10 | 5.0 MEDIUM | N/A |
| inetd ident server in FreeBSD 4.x and earlier does not properly set group permissions, which allows remote attackers to read the first 16 bytes of files that are accessible by the wheel group. | |||||
| CVE-2001-0197 | 2 Icecast, Redhat | 2 Icecast, Linux | 2017-10-10 | 10.0 HIGH | N/A |
| Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands. | |||||
| CVE-2001-0215 | 1 Martin Hamilton | 1 Roads | 2017-10-10 | 5.0 MEDIUM | N/A |
| ROADS search.pl program allows remote attackers to read arbitrary files by specifying the file name in the form parameter and terminating the filename with a null byte. | |||||
| CVE-2001-0203 | 1 Watchguard | 1 Firebox Ii | 2017-10-10 | 10.0 HIGH | N/A |
| Watchguard Firebox II firewall allows users with read-only access to gain read-write access, and administrative privileges, by accessing a file that contains hashed passphrases, and using the hashes during authentication. | |||||
| CVE-2001-0204 | 1 Watchguard | 1 Firebox Ii | 2017-10-10 | 5.0 MEDIUM | N/A |
| Watchguard Firebox II allows remote attackers to cause a denial of service by establishing multiple connections and sending malformed PPTP packets. | |||||
| CVE-2001-0218 | 1 Martin Stover | 1 Mars Nwe | 2017-10-10 | 10.0 HIGH | N/A |
| Format string vulnerability in mars_nwe 0.99.pl19 allows remote attackers to execute arbitrary commands. | |||||
| CVE-2001-0219 | 1 Hp | 1 Hp-ux | 2017-10-10 | 2.1 LOW | N/A |
| Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 and earlier allows local users to cause a denial of service. | |||||
| CVE-2001-0221 | 1 Freebsd | 1 Ja-xklock | 2017-10-10 | 7.2 HIGH | N/A |
| Buffer overflow in ja-xklock 2.7.1 and earlier allows local users to gain root privileges. | |||||
| CVE-2001-0222 | 1 Webmin | 1 Webmin | 2017-10-10 | 1.2 LOW | N/A |
| webmin 0.84 and earlier allows local users to overwrite and create arbitrary files via a symlink attack. | |||||
| CVE-2001-0233 | 3 Debian, Matthew Smith, Redhat | 3 Debian Linux, Micq, Linux | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Description field. | |||||
| CVE-2001-0234 | 1 Sourceforge | 1 Newsdaemon | 2017-10-10 | 7.5 HIGH | N/A |
| NewsDaemon before 0.21b allows remote attackers to execute arbitrary SQL queries and gain privileges via a malformed user_username parameter. | |||||
| CVE-2001-0235 | 1 Debian | 1 Debian Linux | 2017-10-10 | 2.1 LOW | N/A |
| Vulnerability in crontab allows local users to read crontab files of other users by replacing the temporary file that is being edited while crontab is running. | |||||
| CVE-2001-0252 | 1 Iplanet | 1 Iplanet Enterprise Server | 2017-10-10 | 5.0 MEDIUM | N/A |
| iPlanet (formerly Netscape) Enterprise Server 4.1 allows remote attackers to cause a denial of service via a long HTTP GET request that contains many "/../" (dot dot) sequences. | |||||
| CVE-2001-0259 | 1 Ssh | 1 Ssh | 2017-10-10 | 3.6 LOW | N/A |
| ssh-keygen in ssh 1.2.27 - 1.2.30 with Secure-RPC can allow local attackers to recover a SUN-DES-1 magic phrase generated by another user, which the attacker can use to decrypt that user's private key file. | |||||
| CVE-2001-0260 | 1 Lotus | 1 Domino Mail Server | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in Lotus Domino Mail Server 5.0.5 and earlier allows a remote attacker to crash the server or execute arbitrary code via a long "RCPT TO" command. | |||||
| CVE-2001-0265 | 1 Pgp | 1 Pgp | 2017-10-10 | 2.1 LOW | N/A |
| ASCII Armor parser in Windows PGP 7.0.3 and earlier allows attackers to create files in arbitrary locations via a malformed ASCII armored file. | |||||
| CVE-2001-0267 | 1 Hp | 1 Mpe Ix | 2017-10-10 | 7.2 HIGH | N/A |
| NM debug in HP MPE/iX 6.5 and earlier does not properly handle breakpoints, which allows local users to gain privileges. | |||||
| CVE-2001-0268 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2017-10-10 | 7.2 HIGH | N/A |
| The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address. | |||||
| CVE-2001-0274 | 1 Kicq | 1 Kicq | 2017-10-10 | 7.5 HIGH | N/A |
| kicq IRC client 1.0.0, and possibly later versions, allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. | |||||
| CVE-2001-0276 | 1 Working Resources Inc. | 1 Badblue | 2017-10-10 | 6.4 MEDIUM | N/A |
| ext.dll in BadBlue 1.02.07 Personal Edition web server allows remote attackers to determine the physical path of the server by directly calling ext.dll without any arguments, which produces an error message that contains the path. | |||||
| CVE-2001-0278 | 1 Hp | 1 Mpe Ix | 2017-10-10 | 4.6 MEDIUM | N/A |
| Vulnerability in linkeditor in HP MPE/iX 6.5 and earlier allows local users to gain privileges. | |||||
| CVE-2001-0280 | 1 Atrium Software | 1 Mercur | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in MERCUR SMTP server 3.30 allows remote attackers to execute arbitrary commands via a long EXPN command. | |||||
| CVE-2001-0377 | 1 Infradig | 1 Inframail | 2017-10-10 | 5.0 MEDIUM | N/A |
| Infradig Inframail prior to 3.98a allows a remote attacker to create a denial of service via a malformed POST request which includes a space followed by a large string. | |||||
| CVE-2001-0299 | 1 Nokia | 1 Ip440 Firewall Vpn Appliance | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in Voyager web administration server for Nokia IP440 allows local users to cause a denial of service, and possibly execute arbitrary commands, via a long URL. | |||||
| CVE-2001-0301 | 1 Stephen Turner | 1 Analog | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in Analog before 4.16 allows remote attackers to execute arbitrary commands by using the ALIAS command to construct large strings. | |||||
| CVE-2001-0309 | 1 Redhat | 1 Linux | 2017-10-10 | 5.0 MEDIUM | N/A |
| inetd in Red Hat 6.2 does not properly close sockets for internal services such as chargen, daytime, echo, etc., which allows remote attackers to cause a denial of service via a series of connections to the internal services. | |||||
| CVE-2001-0310 | 1 Freebsd | 1 Freebsd | 2017-10-10 | 2.1 LOW | N/A |
| sort in FreeBSD 4.1.1 and earlier, and possibly other operating systems, uses predictable temporary file names and does not properly handle when the temporary file already exists, which causes sort to crash and possibly impacts security-sensitive scripts. | |||||
| CVE-2001-0311 | 1 Hp | 2 Hp-ux, Omniback Ii | 2017-10-10 | 4.6 MEDIUM | N/A |
| Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized access to an OmniBack client. | |||||
| CVE-2001-0316 | 1 Linux | 1 Linux Kernel | 2017-10-10 | 4.6 MEDIUM | N/A |
| Linux kernel 2.4 and 2.2 allows local users to read kernel memory and possibly gain privileges via a negative argument to the sysctl call. | |||||
| CVE-2001-0317 | 1 Linux | 1 Linux Kernel | 2017-10-10 | 3.7 LOW | N/A |
| Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local users to gain privileges by using ptrace to track and modify a running setuid process. | |||||