Search
Total
27796 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0552 | 2 Hp, Ibm | 2 Openview Network Node Manager, Tivoli Netview | 2016-10-18 | 10.0 HIGH | N/A |
| ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli Netview 5.x and 6.x allows remote attackers to execute arbitrary commands via shell metacharacters in a certain SNMP trap message. | |||||
| CVE-2001-0756 | 1 Virtualcart | 1 Virtualcatalog | 2016-10-18 | 7.5 HIGH | N/A |
| CatalogMgr.pl in VirtualCatalog (incorrectly claimed to be in VirtualCart) allows remote attackers to execute arbitrary code via the template parameter. | |||||
| CVE-2001-0419 | 1 Oracle | 1 Application Server | 2016-10-18 | 7.5 HIGH | N/A |
| Buffer overflow in shared library ndwfn4.so for iPlanet Web Server (iWS) 4.1, when used as a web listener for Oracle application server 4.0.8.2, allows remote attackers to execute arbitrary commands via a long HTTP request that is passed to the application server, such as /jsp/. | |||||
| CVE-2001-0464 | 1 Crosswind | 1 Cyberscheduler | 2016-10-18 | 10.0 HIGH | N/A |
| Buffer overflow in websync.exe in Cyberscheduler allows remote attackers to execute arbitrary commands via a long tzs (timezone) parameter. | |||||
| CVE-2001-0410 | 1 Trend Micro | 1 Virus Buster 2001 | 2016-10-18 | 7.5 HIGH | N/A |
| Buffer overflow in Trend Micro Virus Buster 2001 8.02 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long "From" header. | |||||
| CVE-2001-0466 | 1 Microburst | 1 Ustorekeeper Online Shopping System | 2016-10-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in ustorekeeper 1.61 allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter. | |||||
| CVE-2001-0424 | 2 Freebsd, Timecop | 2 Freebsd, Bubblemon | 2016-10-18 | 7.2 HIGH | N/A |
| BubbleMon 1.31 does not properly drop group privileges before executing programs, which allows local users to execute arbitrary commands with the kmem group id. | |||||
| CVE-2001-0446 | 1 Ibm | 1 Websphere Commerce Suite | 2016-10-18 | 5.0 MEDIUM | N/A |
| IBM WCS (WebSphere Commerce Suite) 4.0.1 with Application Server 3.0.2 allows remote attackers to read source code for .jsp files by appending a / to the requested URL. | |||||
| CVE-2001-0435 | 1 Pgp | 1 Pgp | 2016-10-18 | 4.6 MEDIUM | N/A |
| The split key mechanism used by PGP 7.0 allows a key share holder to obtain access to the entire key by setting the "Cache passphrase while logged on" option and capturing the passphrases of other share holders as they authenticate. | |||||
| CVE-2001-0571 | 1 Elron | 2 Im Anti Virus, Im Message Inspector | 2016-10-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the web server for (1) Elron Internet Manager (IM) Message Inspector and (2) Anti-Virus before 3.0.4 allows remote attackers to read arbitrary files via a .. (dot dot) in the requested URL. | |||||
| CVE-2001-0433 | 1 Micheal Lamont | 1 Savant Webserver | 2016-10-18 | 7.5 HIGH | N/A |
| Buffer overflow in Savant 3.0 web server allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Host HTTP header. | |||||
| CVE-2001-0411 | 1 Siemens | 1 Reliant Unix | 2016-10-18 | 5.0 MEDIUM | N/A |
| Reliant Unix 5.44 and earlier allows remote attackers to cause a denial of service via an ICMP port unreachable packet, which causes Reliant to drop all connections to the source address of the packet. | |||||
| CVE-2001-0605 | 1 Headlight Software | 1 Mygetright | 2016-10-18 | 7.5 HIGH | N/A |
| Headlight Software MyGetright prior to 1.0b allows a remote attacker to upload and/or overwrite arbitrary files via a malicious .dld (skins-data) file which contains long strings of random data. | |||||
| CVE-2001-0399 | 1 Caucho Technology | 1 Resin | 2016-10-18 | 5.0 MEDIUM | N/A |
| Caucho Resin 1.3b1 and earlier allows remote attackers to read source code for Javabean files by inserting a .jsp before the WEB-INF specifier in an HTTP request. | |||||
| CVE-2001-0205 | 1 Aol | 1 Aol Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in AOLserver 3.2 and earlier allows remote attackers to read arbitrary files by inserting "..." into the requested pathname, a modified .. (dot dot) attack. | |||||
| CVE-2001-0392 | 1 Navision | 1 Financials Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| Navision Financials Server 2.60 and earlier allows remote attackers to cause a denial of service by sending a null character and a long string to the server port (2407), which causes the server to crash. | |||||
| CVE-2001-0304 | 1 Caucho Technology | 1 Resin | 2016-10-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Caucho Resin 1.2.2 allows remote attackers to read arbitrary files via a "\.." (dot dot) in a URL request. | |||||
| CVE-2001-0393 | 1 Navision | 1 Financials Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| Navision Financials Server 2.0 allows remote attackers to cause a denial of service via a series of connections to the server without providing a username/password combination, which consumes the license limits. | |||||
| CVE-2001-0355 | 1 Novell | 1 Groupwise | 2016-10-18 | 5.0 MEDIUM | N/A |
| Novell Groupwise 5.5 (sp1 and sp2) allows a remote user to access arbitrary files via an implementation error in Groupwise system policies. | |||||
| CVE-2001-0367 | 1 Mirabilis | 1 Icq | 2016-10-18 | 5.0 MEDIUM | N/A |
| Mirabilis ICQ WebFront Plug-in ICQ2000b Build 3278 allows a remote attacker to create a denial of service via HTTP URL requests containing a large number of % characters. | |||||
| CVE-2001-0404 | 1 Sun | 1 Javaserver Web Dev Kit | 2016-10-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in JavaServer Web Dev Kit (JSWDK) 1.0.1 allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP request to the WEB-INF directory. | |||||
| CVE-2001-0277 | 1 Working Resources Inc. | 1 Badblue | 2016-10-18 | 10.0 HIGH | N/A |
| Buffer overflow in ext.dll in BadBlue 1.02.07 Personal Edition allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP GET request. | |||||
| CVE-2001-0295 | 1 Jarle Aase | 1 War Ftpd | 2016-10-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in War FTP 1.67.04 allows remote attackers to list directory contents and possibly read files via a "dir *./../.." command. | |||||
| CVE-2001-0254 | 1 Fastream | 1 Ftp\+\+ Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| FaSTream FTP++ Server 2.0 allows remote attackers to obtain the real pathname of the server via the "pwd" command. | |||||
| CVE-2000-1208 | 4 Immunix, Netbsd, Openbsd and 1 more | 4 Immunix, Netbsd, Openbsd and 1 more | 2016-10-18 | 7.2 HIGH | N/A |
| Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package may allow local users to gain privileges via an improper syslog call that uses format strings from the checkremote() call. | |||||
| CVE-2000-1207 | 1 Redhat | 1 Linux | 2016-10-18 | 7.2 HIGH | N/A |
| userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does not activate the security measures in glibc and allows the programs to be exploited via format string vulnerabilities in glibc via the LANG or LC_ALL environment variables (CVE-2000-0844). | |||||
| CVE-2000-1198 | 1 Qualcomm | 1 Qpopper | 2016-10-18 | 2.1 LOW | N/A |
| qpopper POP server creates lock files with predictable names, which allows local users to cause a denial of service for other users (lack of mail access) by creating lock files for other mail boxes. | |||||
| CVE-2001-0135 | 1 Ultrascripts | 1 Ultraboard | 2016-10-18 | 2.1 LOW | N/A |
| The default installation of Ultraboard 2000 2.11 creates the Skins, Database, and Backups directories with world-writeable permissions, which could allow local users to modify sensitive information or possibly insert and execute CGI programs. | |||||
| CVE-2000-1197 | 1 University Of Washington | 1 Imap | 2016-10-18 | 2.1 LOW | N/A |
| POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and other operating systems creates lock files with predictable names, which allows local users to cause a denial of service (lack of mail access) for other users by creating lock files for other mail boxes. | |||||
| CVE-2000-1210 | 1 Apache | 1 Tomcat | 2016-10-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the argument to source.jsp. | |||||
| CVE-2000-1190 | 1 Jon Atkins | 1 Imwheel | 2016-10-18 | 2.1 LOW | N/A |
| imwheel-solo in imwheel package allows local users to modify arbitrary files via a symlink attack from the .imwheelrc file. | |||||
| CVE-2001-0112 | 2 Debian, Sam Lantinga | 2 Debian Linux, Splitvt | 2016-10-18 | 7.2 HIGH | N/A |
| Multiple buffer overflows in splitvt before 1.6.5 allow local users to execute arbitrary commands. | |||||
| CVE-2000-1168 | 1 Ibm | 1 Http Server | 2016-10-18 | 7.5 HIGH | N/A |
| IBM HTTP Server 1.3.6 (based on Apache) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request. | |||||
| CVE-2001-0134 | 2 Compaq, Digital | 15 Armada Insight Manager, Enterprise Volume Manager-command Scripter, Foundation Agents and 12 more | 2016-10-18 | 10.0 HIGH | N/A |
| Buffer overflow in cpqlogin.htm in web-enabled agents for various Compaq management software products such as Insight Manager and Management Agents allows remote attackers to execute arbitrary commands via a long user name. | |||||
| CVE-2001-0107 | 1 Symantec Veritas | 1 Backup | 2016-10-18 | 5.0 MEDIUM | N/A |
| Veritas Backup agent on Linux allows remote attackers to cause a denial of service by establishing a connection without sending any data, which causes the process to hang. | |||||
| CVE-2000-1213 | 3 Immunix, Iputils, Redhat | 3 Immunix, Iputils, Linux | 2016-10-18 | 7.5 HIGH | N/A |
| ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, does not drop privileges after acquiring a raw socket, which increases ping's exposure to bugs that otherwise would occur at lower privileges. | |||||
| CVE-2000-1214 | 3 Immunix, Iputils, Redhat | 3 Immunix, Iputils, Linux | 2016-10-18 | 4.6 MEDIUM | N/A |
| Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, may allow local users to gain privileges. | |||||
| CVE-2000-1122 | 1 Ibm | 1 Aix | 2016-10-18 | 7.2 HIGH | N/A |
| Buffer overflow in setclock command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands via a long argument. | |||||
| CVE-2000-1138 | 1 Ibm | 1 Lotus Notes | 2016-10-18 | 7.5 HIGH | N/A |
| Lotus Notes R5 client R5.0.5 and earlier does not properly warn users when an S/MIME email message has been modified, which could allow an attacker to modify the email in transit without being detected. | |||||
| CVE-2000-1133 | 1 Flicks Software | 1 Authentix | 2016-10-18 | 5.0 MEDIUM | N/A |
| Authentix Authentix100 allows remote attackers to bypass authentication by inserting a . (dot) into the URL for a protected directory. | |||||
| CVE-2000-1125 | 1 Redhat | 1 Linux | 2016-10-18 | 7.2 HIGH | N/A |
| restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program. | |||||
| CVE-2000-1094 | 1 Aol | 1 Instant Messenger | 2016-10-18 | 7.5 HIGH | N/A |
| Buffer overflow in AOL Instant Messenger (AIM) before 4.3.2229 allows remote attackers to execute arbitrary commands via a "buddyicon" command with a long "src" argument. | |||||
| CVE-2000-1052 | 1 Macromedia | 1 Jrun | 2016-10-18 | 5.0 MEDIUM | N/A |
| Allaire JRun 2.3 server allows remote attackers to obtain source code for executable content by directly calling the SSIFilter servlet. | |||||
| CVE-2000-1035 | 1 Typsoft | 1 Typsoft | 2016-10-18 | 10.0 HIGH | N/A |
| Buffer overflows in TYPSoft FTP Server 0.78 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long USER, PASS, or CWD command. | |||||
| CVE-2000-0899 | 1 Max Feoktistov | 1 Small Http Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| Small HTTP Server 2.01 allows remote attackers to cause a denial of service by connecting to the server and sending out multiple GET, HEAD, or POST requests and closing the connection before the server responds to the requests. | |||||
| CVE-2000-0898 | 1 Max Feoktistov | 1 Small Http Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| Small HTTP Server 2.01 does not properly process Server Side Includes (SSI) tags that contain null values, which allows local users, and possibly remote attackers, to cause the server to crash by inserting the SSI into an HTML file. | |||||
| CVE-2000-0727 | 1 Xpdf | 1 Xpdf | 2016-10-18 | 7.6 HIGH | N/A |
| xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL's, which allows an attacker to execute arbitrary commands via a URL that contains shell metacharacters. | |||||
| CVE-2000-0459 | 1 Imp | 1 Imp | 2016-10-18 | 5.0 MEDIUM | N/A |
| IMP does not remove files properly if the MSWordView application quits, which allows local users to cause a denial of service by filling up the disk space by requesting a large number of documents and prematurely stopping the request. | |||||
| CVE-2000-0458 | 1 Imp | 1 Imp | 2016-10-18 | 2.1 LOW | N/A |
| The MSWordView application in IMP creates world-readable files in the /tmp directory, which allows other local users to read potentially sensitive information. | |||||
| CVE-2000-0430 | 1 Mcmurtrey Whitaker And Associates | 1 Cart32 | 2016-10-18 | 5.0 MEDIUM | N/A |
| Cart32 allows remote attackers to access sensitive debugging information by appending /expdate to the URL request. | |||||