Search
Total
27796 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0264 | 1 Panda | 1 Panda Security | 2008-09-10 | 2.1 LOW | N/A |
| Panda Security 3.0 with registry editing disabled allows users to edit the registry and gain privileges by directly executing a .reg file or using other methods. | |||||
| CVE-2000-0136 | 1 Mcmurtrey Whitaker And Associates | 1 Cart32 | 2008-09-10 | 7.5 HIGH | N/A |
| The Cart32 shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0263 | 1 Redhat | 1 Linux | 2008-09-10 | 2.1 LOW | N/A |
| The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a malformed request. | |||||
| CVE-2000-0137 | 1 Cartit | 1 Cartit | 2008-09-10 | 7.5 HIGH | N/A |
| The CartIt shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0262 | 1 Avm | 1 Ken | 2008-09-10 | 5.0 MEDIUM | N/A |
| The AVM KEN! ISDN Proxy server allows remote attackers to cause a denial of service via a malformed request. | |||||
| CVE-2000-0261 | 1 Avm | 1 Ken | 2008-09-10 | 5.0 MEDIUM | N/A |
| The AVM KEN! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0257 | 1 Novell | 1 Netware | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in the NetWare remote web administration utility allows remote attackers to cause a denial of service or execute commands via a long URL. | |||||
| CVE-2000-0255 | 1 Nbase-xyplex | 1 Edgeblaster | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Nbase-Xyplex EdgeBlaster router allows remote attackers to cause a denial of service via a scan for the FormMail CGI program. | |||||
| CVE-2000-0129 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2008-09-10 | 2.1 LOW | N/A |
| Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file. | |||||
| CVE-2000-0251 | 1 Hp | 2 Hp-ux, Vvos | 2008-09-10 | 5.0 MEDIUM | N/A |
| HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes via an interface that has multiple aliased IP addresses. | |||||
| CVE-2000-0250 | 1 Qnx | 1 Qnx | 2008-09-10 | 7.2 HIGH | N/A |
| The crypt function in QNX uses weak encryption, which allows local users to decrypt passwords. | |||||
| CVE-2000-0249 | 1 Ibm | 1 Aix | 2008-09-10 | 7.2 HIGH | N/A |
| The AIX Fast Response Cache Accelerator (FRCA) allows local users to modify arbitrary files via the configuration capability in the frcactrl program. | |||||
| CVE-2000-0248 | 1 Redhat | 1 Linux | 2008-09-10 | 10.0 HIGH | N/A |
| The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote attackers to execute arbitrary commands. | |||||
| CVE-2000-0141 | 1 Infopop | 1 Ultimate Bulletin Board | 2008-09-10 | 10.0 HIGH | N/A |
| Infopop Ultimate Bulletin Board (UBB) allows remote attackers to execute commands via shell metacharacters in the topic hidden field. | |||||
| CVE-2000-0244 | 1 Citrix | 2 Metaframe, Winframe | 2008-09-10 | 10.0 HIGH | N/A |
| The Citrix ICA (Independent Computing Architecture) protocol uses weak encryption (XOR) for user authentication. | |||||
| CVE-2000-0241 | 1 Vqsoft | 1 Vqserver | 2008-09-10 | 5.0 MEDIUM | N/A |
| vqSoft vqServer stores sensitive information such as passwords in cleartext in the server.cfg file, which allows attackers to gain privileges. | |||||
| CVE-2000-0240 | 1 Vqsoft | 1 Vqserver | 2008-09-10 | 5.0 MEDIUM | N/A |
| vqSoft vqServer program allows remote attackers to read arbitrary files via a /........../ in the URL, a variation of a .. (dot dot) attack. | |||||
| CVE-2000-0238 | 1 Symantec | 1 Norton Antivirus | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in the web server for Norton AntiVirus for Internet Email Gateways allows remote attackers to cause a denial of service via a long URL. | |||||
| CVE-2000-0237 | 1 Netscape | 1 Enterprise Server | 2008-09-10 | 6.4 MEDIUM | N/A |
| Netscape Enterprise Server with Web Publishing enabled allows remote attackers to list arbitrary directories via a GET request for the /publisher directory, which provides a Java applet that allows the attacker to browse the directories. | |||||
| CVE-2000-0236 | 1 Netscape | 1 Enterprise Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Netscape Enterprise Server with Directory Indexing enabled allows remote attackers to list server directories via web publishing tags such as ?wp-ver-info and ?wp-cs-dump. | |||||
| CVE-2000-0234 | 1 Sun | 2 Cobalt Raq 2, Cobalt Raq 3i | 2008-09-10 | 5.0 MEDIUM | N/A |
| The default configuration of Cobalt RaQ2 and RaQ3 as specified in access.conf allows remote attackers to view sensitive contents of a .htaccess file. | |||||
| CVE-2000-0233 | 1 Suse | 1 Suse Linux Imap Server | 2008-09-10 | 10.0 HIGH | N/A |
| SuSE Linux IMAP server allows remote attackers to bypass IMAP authentication and gain privileges. | |||||
| CVE-2000-0231 | 2 Halloween, Suse | 2 Halloween Linux, Suse Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Linux kreatecd trusts a user-supplied path that is used to find the cdrecord program, allowing local users to gain root privileges. | |||||
| CVE-2000-0230 | 2 Halloween, Redhat | 2 Halloween Linux, Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable. | |||||
| CVE-2000-0142 | 1 Netopia | 1 Timbuktu Pro | 2008-09-10 | 5.0 MEDIUM | N/A |
| The authentication protocol in Timbuktu Pro 2.0b650 allows remote attackers to cause a denial of service via connections to port 407 and 1417. | |||||
| CVE-2000-0229 | 4 Alessandro Rubini, Debian, Redhat and 1 more | 4 Gpm, Debian Linux, Linux and 1 more | 2008-09-10 | 7.2 HIGH | N/A |
| gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root. | |||||
| CVE-2000-0224 | 1 Sco | 1 Unixware | 2008-09-10 | 1.2 LOW | N/A |
| ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root privileges via a symlink attack. | |||||
| CVE-2000-0223 | 1 Sam Hawker | 1 Wmcdplay | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in the wmcdplay CD player program for the WindowMaker desktop allows local users to gain root privileges via a long parameter. | |||||
| CVE-2000-0143 | 2 Openbsd, Ssh | 2 Openssh, Ssh | 2008-09-10 | 4.6 MEDIUM | N/A |
| The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP. | |||||
| CVE-2000-0221 | 1 Nortel | 1 Nautica Marlin | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Nautica Marlin bridge allows remote attackers to cause a denial of service via a zero length UDP packet to the SNMP port. | |||||
| CVE-2000-0220 | 1 Zonelabs | 1 Zonealarm | 2008-09-10 | 5.0 MEDIUM | N/A |
| ZoneAlarm sends sensitive system and network information in cleartext to the Zone Labs server if a user requests more information about an event. | |||||
| CVE-2000-0218 | 2 Caldera, Suse | 2 Openlinux, Suse Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative pathname. | |||||
| CVE-2000-0217 | 2 Openbsd, Ssh | 3 Openssh, Ssh, Ssh2 | 2008-09-10 | 5.1 MEDIUM | N/A |
| The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious xauth program. | |||||
| CVE-2000-0216 | 1 Microsoft | 3 Exchange Server, Outlook, Windows Messaging | 2008-09-10 | 5.0 MEDIUM | N/A |
| Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Receipt and Delivery Receipt tags, which could allow an attacker to flood a mail system with responses by forging a Read Receipt request that is redirected to a large distribution list. | |||||
| CVE-2000-0215 | 1 Sco | 1 Unixware | 2008-09-10 | 7.2 HIGH | N/A |
| Vulnerability in SCO cu program in UnixWare 7.x allows local users to gain privileges. | |||||
| CVE-2000-0214 | 1 Ftpx | 1 Ftp Explorer | 2008-09-10 | 4.6 MEDIUM | N/A |
| FTP Explorer uses weak encryption for storing the username, password, and profile of FTP sites. | |||||
| CVE-2000-0213 | 1 Sambar | 1 Sambar Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Sambar server includes batch files ECHO.BAT and HELLO.BAT in the CGI directory, which allow remote attackers to execute commands via shell metacharacters. | |||||
| CVE-2000-0242 | 1 Geocel | 1 Windmail | 2008-09-10 | 5.0 MEDIUM | N/A |
| WindMail allows remote attackers to read arbitrary files or execute commands via shell metacharacters. | |||||
| CVE-2000-0210 | 1 Sun | 1 Workshop | 2008-09-10 | 1.2 LOW | N/A |
| The lit program in Sun Flex License Manager (FlexLM) follows symlinks, which allows local users to modify arbitrary files. | |||||
| CVE-2000-0209 | 1 University Of Kansas | 1 Lynx | 2008-09-10 | 7.6 HIGH | N/A |
| Buffer overflow in Lynx 2.x allows remote attackers to crash Lynx and possibly execute commands via a long URL in a malicious web page. | |||||
| CVE-2000-0208 | 1 Htdig | 1 Htdig | 2008-09-10 | 5.0 MEDIUM | N/A |
| The htdig (ht://Dig) CGI program htsearch allows remote attackers to read arbitrary files by enclosing the file name with backticks (`) in parameters to htsearch. | |||||
| CVE-2000-0207 | 1 Sgi | 2 Infosearch, Irix | 2008-09-10 | 7.5 HIGH | N/A |
| SGI InfoSearch CGI program infosrch.cgi allows remote attackers to execute commands via shell metacharacters. | |||||
| CVE-2000-0206 | 1 Oracle | 1 Oracle8i | 2008-09-10 | 6.2 MEDIUM | N/A |
| The installation of Oracle 8.1.5.x on Linux follows symlinks and creates the orainstRoot.sh file with world-writeable permissions, which allows local users to gain privileges. | |||||
| CVE-2000-0205 | 1 Trend Micro | 1 Officescan | 2008-09-10 | 6.4 MEDIUM | N/A |
| Trend Micro OfficeScan allows remote attackers to replay administrative commands and modify the configuration of OfficeScan clients. | |||||
| CVE-2000-0204 | 1 Trend Micro | 1 Officescan | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Trend Micro OfficeScan client allows remote attackers to cause a denial of service by making 5 connections to port 12345, which raises CPU utilization to 100%. | |||||
| CVE-2000-0203 | 1 Trend Micro | 1 Officescan | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Trend Micro OfficeScan client tmlisten.exe allows remote attackers to cause a denial of service via malformed data to port 12345. | |||||
| CVE-2000-0225 | 1 Deti Fliegl | 1 Poc32 | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Pocsag POC32 program does not properly prevent remote users from accessing its server port, even if the option has been disabled. | |||||
| CVE-2000-0199 | 1 Microsoft | 1 Sql Server | 2008-09-10 | 7.2 HIGH | N/A |
| When a new SQL Server is registered in Enterprise Manager for Microsoft SQL Server 7.0 and the "Always prompt for login name and password" option is not set, then the Enterprise Manager uses weak encryption to store the login ID and password. | |||||
| CVE-2000-0198 | 1 Atrium Software | 3 Mercur Imap4 Server, Mercur Mailserver, Mercur Pop3 Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in POP3 and IMAP servers in the MERCUR mail server suite allows remote attackers to cause a denial of service. | |||||
| CVE-2000-0144 | 1 Axis | 1 700 Network Document Server | 2008-09-10 | 7.5 HIGH | N/A |
| Axis 700 Network Scanner does not properly restrict access to administrator URLs, which allows users to bypass the password protection via a .. (dot dot) attack. | |||||