Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0534 | 1 Aps Filter Development Team | 1 Apsfilter | 2018-05-03 | 4.6 MEDIUM | N/A |
| The apsfilter software in the FreeBSD ports package does not properly read user filter configurations, which allows local users to execute commands as the lpd user. | |||||
| CVE-2000-0566 | 3 Caldera, Mandrakesoft, Redhat | 3 Openlinux, Mandrake Linux, Linux | 2018-05-03 | 7.2 HIGH | N/A |
| makewhatis in Linux man package allows local users to overwrite files via a symlink attack. | |||||
| CVE-2000-0573 | 1 Hp | 1 Hp-ux | 2018-05-03 | 10.0 HIGH | N/A |
| The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command. | |||||
| CVE-2000-0584 | 2 Debian, Freebsd | 2 Debian Linux, Freebsd | 2018-05-03 | 10.0 HIGH | N/A |
| Buffer overflow in Canna input system allows remote attackers to execute arbitrary commands via an SR_INIT command with a long user name or group name. | |||||
| CVE-2000-0585 | 1 Isc | 1 Dhcp Client | 2018-05-03 | 10.0 HIGH | N/A |
| ISC DHCP client program dhclient allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0666 | 5 Conectiva, Debian, Redhat and 2 more | 5 Linux, Debian Linux, Linux and 2 more | 2018-05-03 | 10.0 HIGH | N/A |
| rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untrusted format strings, which allows remote attackers to gain root privileges. | |||||
| CVE-2000-0670 | 1 Cvsweb Developer | 1 Cvsweb | 2018-05-03 | 7.2 HIGH | N/A |
| The cvsweb CGI script in CVSWeb 1.80 allows remote attackers with write access to a CVS repository to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0810 | 1 Cgi Script Center | 1 Auction Weaver | 2018-05-03 | 7.5 HIGH | N/A |
| Auction Weaver 1.0 through 1.04 does not properly validate the names of form fields, which allows remote attackers to delete arbitrary files and directories via a .. (dot dot) attack. | |||||
| CVE-2000-0811 | 1 Cgi Script Center | 1 Auction Weaver | 2018-05-03 | 5.0 MEDIUM | N/A |
| Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the username or bidfile form fields. | |||||
| CVE-2000-0867 | 5 Debian, Mandrakesoft, Redhat and 2 more | 5 Debian Linux, Mandrake Linux, Linux and 2 more | 2018-05-03 | 7.2 HIGH | N/A |
| Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages. | |||||
| CVE-2000-0887 | 1 Isc | 1 Bind | 2018-05-03 | 5.0 MEDIUM | N/A |
| named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the "zxfr bug." | |||||
| CVE-2000-0890 | 1 Freebsd | 1 Freebsd | 2018-05-03 | 1.2 LOW | N/A |
| periodic in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2000-0901 | 1 Juergen | 1 Weigert Screen | 2018-05-03 | 4.6 MEDIUM | N/A |
| Format string vulnerability in screen 3.9.5 and earlier allows local users to gain root privileges via format characters in the vbell_msg initialization variable. | |||||
| CVE-2000-0952 | 1 Shigio Yamaguchi | 1 Global | 2018-05-03 | 10.0 HIGH | N/A |
| global.cgi CGI program in Global 3.55 and earlier on NetBSD allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0962 | 1 Openbsd | 1 Openbsd | 2018-05-03 | 5.0 MEDIUM | N/A |
| The IPSEC implementation in OpenBSD 2.7 does not properly handle empty AH/ESP packets, which allows remote attackers to cause a denial of service. | |||||
| CVE-2000-0967 | 1 Php | 1 Php | 2018-05-03 | 10.0 HIGH | N/A |
| PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands by triggering error messages that are improperly written to the error logs. | |||||
| CVE-2000-0973 | 1 Daniel Stenberg | 1 Curl | 2018-05-03 | 10.0 HIGH | N/A |
| Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier than 6.0-1.2, allows remote attackers to execute arbitrary commands by forcing a long error message to be generated. | |||||
| CVE-2000-0974 | 1 Gnu | 1 Privacy Guard | 2018-05-03 | 7.5 HIGH | N/A |
| GnuPG (gpg) 1.0.3 does not properly check all signatures of a file containing multiple documents, which allows an attacker to modify contents of all documents but the first without detection. | |||||
| CVE-2000-0984 | 1 Cisco | 1 Ios | 2018-05-03 | 5.0 MEDIUM | N/A |
| The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string. | |||||
| CVE-2000-0992 | 2 Openbsd, Ssh | 2 Openssh, Ssh | 2018-05-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0994 | 1 Openbsd | 1 Openbsd | 2018-05-03 | 7.2 HIGH | N/A |
| Format string vulnerability in OpenBSD fstat program (and possibly other BSD-based operating systems) allows local users to gain root privileges via the PWD environmental variable. | |||||
| CVE-2000-0995 | 1 Openbsd | 1 Openbsd | 2018-05-03 | 7.2 HIGH | N/A |
| Format string vulnerability in OpenBSD yp_passwd program (and possibly other BSD-based operating systems) allows attackers to gain root privileges a malformed name. | |||||
| CVE-2000-0996 | 1 Openbsd | 1 Openbsd | 2018-05-03 | 7.2 HIGH | N/A |
| Format string vulnerability in OpenBSD su program (and possibly other BSD-based operating systems) allows local attackers to gain root privileges via a malformed shell. | |||||
| CVE-2000-0997 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2018-05-03 | 7.2 HIGH | N/A |
| Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating systems allows local attackers to gain root privileges. | |||||
| CVE-2000-1026 | 1 Lbl | 1 Tcpdump | 2018-05-03 | 10.0 HIGH | N/A |
| Multiple buffer overflows in LBNL tcpdump allow remote attackers to execute arbitrary commands. | |||||
| CVE-2000-1031 | 1 Hp | 2 Hp-ux, Tru64 | 2018-05-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through 5.1a allows local users to execute arbitrary code via a long -tn option. | |||||
| CVE-2000-1060 | 1 Xfree86 Project | 1 Xfce | 2018-05-03 | 4.6 MEDIUM | N/A |
| The default configuration of XFCE 3.5.1 bypasses the Xauthority access control mechanism with an "xhost + localhost" command in the xinitrc program, which allows local users to sniff X Windows traffic and gain privileges. | |||||
| CVE-2000-1096 | 1 Paul Vixie | 1 Vixie Cron | 2018-05-03 | 3.7 LOW | N/A |
| crontab by Paul Vixie uses predictable file names for a temporary file and does not properly ensure that the file is owned by the user executing the crontab -e command, which allows local users with write access to the crontab spool directory to execute arbitrary commands by creating world-writeable temporary files and modifying them while the victim is editing the file. | |||||
| CVE-2000-1137 | 1 Gnu | 1 Ed | 2018-05-03 | 4.6 MEDIUM | N/A |
| GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack. | |||||
| CVE-2000-1178 | 1 Joseph Allen | 1 Joe | 2018-05-03 | 2.1 LOW | N/A |
| Joe text editor follows symbolic links when creating a rescue copy called DEADJOE during an abnormal exit, which allows local users to overwrite the files of other users whose joe session crashes. | |||||
| CVE-2000-1180 | 1 Oracle | 1 Oracle8i | 2018-05-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in cmctl program in Oracle 8.1.5 Connection Manager Control allows local users to gain privileges via a long command line argument. | |||||
| CVE-2001-0060 | 1 Stunnel | 1 Stunnel | 2018-05-03 | 10.0 HIGH | N/A |
| Format string vulnerability in stunnel 3.8 and earlier allows attackers to execute arbitrary commands via a malformed ident username. | |||||
| CVE-2001-0066 | 1 Kevin Lindsay | 1 Secure Locate | 2018-05-03 | 7.2 HIGH | N/A |
| Secure Locate (slocate) allows local users to corrupt memory via a malformed database file that specifies an offset value that accesses memory outside of the intended buffer. | |||||
| CVE-2001-0129 | 1 Tinyproxy | 1 Tinyproxy | 2018-05-03 | 10.0 HIGH | N/A |
| Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long connect request. | |||||
| CVE-2001-0144 | 2 Openbsd, Ssh | 2 Openssh, Ssh | 2018-05-03 | 10.0 HIGH | N/A |
| CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow. | |||||
| CVE-2001-0361 | 2 Openbsd, Ssh | 2 Openssh, Ssh | 2018-05-03 | 4.0 MEDIUM | N/A |
| Implementations of SSH version 1.5, including (1) OpenSSH up to version 2.3.0, (2) AppGate, and (3) ssh-1 up to version 1.2.31, in certain configurations, allow a remote attacker to decrypt and/or alter traffic via a "Bleichenbacher attack" on PKCS#1 version 1.5. | |||||
| CVE-2001-0489 | 1 Gftp | 1 Gftp | 2018-05-03 | 7.5 HIGH | N/A |
| Format string vulnerability in gftp prior to 2.0.8 allows remote malicious FTP servers to execute arbitrary commands. | |||||
| CVE-2001-0522 | 1 Gnu | 1 Privacy Guard | 2018-05-03 | 7.5 HIGH | N/A |
| Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file. | |||||
| CVE-2001-0526 | 1 Sun | 1 Solaris | 2018-05-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in the Xview library as used by mailtool in Solaris 8 and earlier allows a local attacker to gain privileges via the OPENWINHOME environment variable. | |||||
| CVE-2001-0550 | 2 David Madore, Washington University | 2 Ftpd-bsd, Wu-ftpd | 2018-05-03 | 7.5 HIGH | N/A |
| wu-ftpd 2.6.1 allows remote attackers to execute arbitrary commands via a "~{" argument to commands such as CWD, which is not properly handled by the glob function (ftpglob). | |||||
| CVE-2001-0551 | 1 Hp | 1 Hp-ux | 2018-05-03 | 7.2 HIGH | N/A |
| Buffer overflow in CDE Print Viewer (dtprintinfo) allows local users to execute arbitrary code by copying text from the clipboard into the Help window. | |||||
| CVE-2001-0591 | 1 Oracle | 2 Application Server, Jsp | 2018-05-03 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Oracle JSP 1.0.x through 1.1.1 and Oracle 8.1.7 iAS Release 1.0.2 can allow a remote attacker to read or execute arbitrary .jsp files via a '..' (dot dot) attack. | |||||
| CVE-2001-0653 | 1 Sendmail | 1 Sendmail | 2018-05-03 | 4.6 MEDIUM | N/A |
| Sendmail 8.10.0 through 8.11.5, and 8.12.0 beta, allows local users to modify process memory and possibly gain privileges via a large value in the 'category' part of debugger (-d) command line arguments, which is interpreted as a negative number. | |||||
| CVE-2001-0686 | 1 Sun | 1 Solaris | 2018-05-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in mail included with SunOS 5.8 for x86 allows a local user to gain privileges via a long HOME environment variable. | |||||
| CVE-2001-0701 | 1 Sun | 1 Sunvts | 2018-05-03 | 7.2 HIGH | N/A |
| Buffer overflow in ptexec in the Sun Validation Test Suite 4.3 and earlier allows a local user to gain privileges via a long -o argument. | |||||
| CVE-2001-0763 | 2 Debian, Suse | 2 Debian Linux, Suse Linux | 2018-05-03 | 7.5 HIGH | N/A |
| Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow remote attackers to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function. | |||||
| CVE-2001-0825 | 1 Xinetd | 1 Xinetd | 2018-05-03 | 10.0 HIGH | N/A |
| Buffer overflow in internal string handling routines of xinetd before 2.1.8.8 allows remote attackers to execute arbitrary commands via a length argument of zero or less, which disables the length check. | |||||
| CVE-2001-0833 | 1 Oracle | 1 Database Server | 2018-05-03 | 7.2 HIGH | N/A |
| Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable, aka the "Oracle Trace Collection Security Vulnerability." | |||||
| CVE-2001-0852 | 1 Redhat | 1 Linux | 2018-05-03 | 5.0 MEDIUM | N/A |
| TUX HTTP server 2.1.0-2 in Red Hat Linux allows remote attackers to cause a denial of service via a long Host: header. | |||||
| CVE-2001-0869 | 3 Caldera, Redhat, Suse | 5 Openlinux Eserver, Openlinux Workstation, Linux and 2 more | 2018-05-03 | 7.5 HIGH | N/A |
| Format string vulnerability in the default logging callback function _sasl_syslog in common.c in Cyrus SASL library (cyrus-sasl) may allow remote attackers to execute arbitrary commands. | |||||