Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0645 | 1 Axent | 1 Netprowler | 2017-12-19 | 7.5 HIGH | N/A |
| Symantec/AXENT NetProwler 3.5.x contains several default passwords, which could allow remote attackers to (1) access to the management tier via the "admin" password, or (2) connect to a MySQL ODBC from the management tier using a blank password. | |||||
| CVE-2001-0649 | 1 Apple | 1 Personal Web Sharing | 2017-12-19 | 5.0 MEDIUM | N/A |
| Personal Web Sharing 1.5.5 allows a remote attacker to cause a denial of service via a long HTTP request. | |||||
| CVE-2001-0674 | 1 Robtex | 1 Viking Server | 2017-12-19 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a hexadecimal encoded dot-dot attack (eg. http://www.server.com/%2e%2e/%2e%2e) in an HTTP URL request. | |||||
| CVE-2001-0678 | 1 Trend Micro | 2 Interscan Viruswall, Interscan Webmanager | 2017-12-19 | 4.6 MEDIUM | N/A |
| A buffer overflow in reggo.dll file used by Trend Micro InterScan VirusWall prior to 3.51 build 1349 for Windows NT 3.5 and InterScan WebManager 1.2 allows a local attacker to execute arbitrary code. | |||||
| CVE-2001-0679 | 1 Trend Micro | 1 Interscan Viruswall | 2017-12-19 | 10.0 HIGH | N/A |
| A buffer overflow in InterScan VirusWall 3.23 and 3.3 allows a remote attacker to execute arbitrary code by sending a long HELO command to the server. | |||||
| CVE-2001-0681 | 1 Qpc Software | 2 Qvt Net, Qvt Term | 2017-12-19 | 5.0 MEDIUM | N/A |
| Buffer overflow in ftpd in QPC QVT/Net 5.0 and QVT/Term 5.0 allows a remote attacker to cause a denial of service via a long (1) username or (2) password. | |||||
| CVE-2001-0683 | 1 Netscape | 1 Collabra Server | 2017-12-19 | 5.0 MEDIUM | N/A |
| Memory leak in Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service (memory exhaustion) by repeatedly sending approximately 5K of data to TCP port 5238. | |||||
| CVE-2001-0684 | 1 Netscape | 1 Collabra Server | 2017-12-19 | 5.0 MEDIUM | N/A |
| Netscape Collabra Server 3.5.4 and earlier allows a remote attacker to cause a denial of service by sending seven or more characters to TCP port 5239. | |||||
| CVE-2001-0687 | 1 Transsoft | 1 Broker Ftp Server | 2017-12-19 | 5.0 MEDIUM | N/A |
| Broker FTP server 5.9.5 for Windows NT and 9x allows a remote attacker to retrieve privileged web server system information by (1) issuing a CD command (CD C:) followed by the LS command, (2) specifying arbitrary paths in the UNC format (\\computername\sharename). | |||||
| CVE-2001-0693 | 1 Webtrends | 2 Webtrends Enterprise Reporting Server, Webtrends Enterprise Reporting Server Nt | 2017-12-19 | 5.0 MEDIUM | N/A |
| WebTrends HTTP Server 3.1c and 3.5 allows a remote attacker to view script source code via a filename followed by an encoded space (%20). | |||||
| CVE-2001-0695 | 1 Texas Imperial Software | 1 Wftpd | 2017-12-19 | 5.0 MEDIUM | N/A |
| WFTPD 3.00 R5 allows a remote attacker to cause a denial of service by making repeated requests to cd to the floppy drive (A:\). | |||||
| CVE-2001-0702 | 1 Grant Averett | 1 Ceberus Ftp Server | 2017-12-19 | 7.5 HIGH | N/A |
| Cerberus FTP 1.5 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long (1) username, (2) password, or (3) PASV command. | |||||
| CVE-1999-1097 | 1 Microsoft | 1 Netmeeting | 2017-12-19 | 6.4 MEDIUM | N/A |
| Microsoft NetMeeting 2.1 allows one client to read the contents of another client's clipboard via a CTRL-C in the chat box when the box is empty. | |||||
| CVE-1999-1106 | 1 Kde | 1 Kde | 2017-12-19 | 7.2 HIGH | N/A |
| Buffer overflow in kppp in KDE allows local users to gain root access via a long -c (account_name) command line argument. | |||||
| CVE-1999-1107 | 1 Kde | 1 Kde | 2017-12-19 | 7.2 HIGH | N/A |
| Buffer overflow in kppp in KDE allows local users to gain root access via a long PATH environmental variable. | |||||
| CVE-1999-1112 | 1 Irfanview | 1 Irfanview | 2017-12-19 | 7.5 HIGH | N/A |
| Buffer overflow in IrfanView32 3.07 and earlier allows attackers to execute arbitrary commands via a long string after the "8BPS" image type in a Photo Shop image header. | |||||
| CVE-1999-1123 | 1 Sun | 1 Sunos | 2017-12-19 | 7.2 HIGH | N/A |
| The installation of Sun Source (sunsrc) tapes allows local users to gain root privileges via setuid root programs (1) makeinstall or (2) winstall. | |||||
| CVE-1999-1126 | 1 Cisco | 1 Resource Manager | 2017-12-19 | 2.1 LOW | N/A |
| Cisco Resource Manager (CRM) 1.1 and earlier creates certain files with insecure permissions that allow local users to obtain sensitive configuration information including usernames, passwords, and SNMP community strings, from (1) swim_swd.log, (2) swim_debug.log, (3) dbi_debug.log, and (4) temporary files whose names begin with "DPR_". | |||||
| CVE-1999-1129 | 1 Cisco | 2 Catalyst 2900 Vlan, Ios | 2017-12-19 | 7.5 HIGH | N/A |
| Cisco Catalyst 2900 Virtual LAN (VLAN) switches allow remote attackers to inject 802.1q frames into another VLAN by forging the VLAN identifier in the trunking tag. | |||||
| CVE-1999-1133 | 1 Hp | 1 Hp-ux | 2017-12-19 | 4.6 MEDIUM | N/A |
| HP-UX 9.x and 10.x running X windows may allow local attackers to gain privileges via (1) vuefile, (2) vuepad, (3) dtfile, or (4) dtpad, which do not authenticate users. | |||||
| CVE-1999-1135 | 1 Hp | 1 Hp-ux | 2017-12-19 | 7.2 HIGH | N/A |
| Vulnerability in VUE 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4994 and PHSS_5438. | |||||
| CVE-1999-1141 | 1 Ascom | 1 Timeplex Routers | 2017-12-19 | 7.5 HIGH | N/A |
| Ascom Timeplex router allows remote attackers to obtain sensitive information or conduct unauthorized activities by entering debug mode through a sequence of CTRL-D characters. | |||||
| CVE-1999-1149 | 1 Computer Software Manufaktur | 1 Csm Proxy | 2017-12-19 | 5.0 MEDIUM | N/A |
| Buffer overflow in CSM Proxy 4.1 allows remote attackers to cause a denial of service (crash) via a long string to the FTP port. | |||||
| CVE-1999-1150 | 1 Livingston Portmaster | 1 Portmaster | 2017-12-19 | 7.5 HIGH | N/A |
| Livingston Portmaster routers running ComOS use the same initial sequence number (ISN) for TCP connections, which allows remote attackers to conduct spoofing and hijack TCP sessions. | |||||
| CVE-1999-1151 | 1 Compaq Microcom | 1 Microcom 6000 Access Integrator | 2017-12-19 | 5.0 MEDIUM | N/A |
| Compaq/Microcom 6000 Access Integrator does not cause a session timeout after prompting for a username or password, which allows remote attackers to cause a denial of service by connecting to the integrator without providing a username or password. | |||||
| CVE-1999-1153 | 1 Hamcards Postcard Cgi | 1 Hamcards Postcard Cgi | 2017-12-19 | 7.5 HIGH | N/A |
| HAMcards Postcard CGI script 1.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address. | |||||
| CVE-1999-1154 | 1 Lakeweb | 1 Filemail Cgi Script | 2017-12-19 | 7.5 HIGH | N/A |
| LakeWeb Filemail CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address. | |||||
| CVE-1999-1155 | 1 Lakeweb | 1 Mail List Cgi Script | 2017-12-19 | 7.5 HIGH | N/A |
| LakeWeb Mail List CGI script allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient email address. | |||||
| CVE-1999-1178 | 1 Sambar | 1 Sambar Server | 2017-12-19 | 5.0 MEDIUM | N/A |
| Sambar Server 4.1 beta allows remote attackers to obtain sensitive information about the server via an HTTP request for the dumpenv.pl script. | |||||
| CVE-1999-1187 | 3 Freebsd, Slackware, University Of Washington | 3 Freebsd, Slackware Linux, Pine | 2017-12-19 | 4.6 MEDIUM | N/A |
| Pine before version 3.94 allows local users to gain privileges via a symlink attack on a lockfile that is created when a user receives new mail. | |||||
| CVE-1999-1200 | 1 Vintra Systems | 1 Smtp Mailserver | 2017-12-19 | 5.0 MEDIUM | N/A |
| Vintra SMTP MailServer allows remote attackers to cause a denial of service via a malformed "EXPN *@" command. | |||||
| CVE-1999-1202 | 1 Startech | 2 Pop3 Proxy Server, Telnet Server | 2017-12-19 | 5.0 MEDIUM | N/A |
| StarTech (1) POP3 proxy server and (2) telnet server allows remote attackers to cause a denial of service via a long USER command. | |||||
| CVE-1999-1207 | 1 Network General | 1 Netxray | 2017-12-19 | 7.5 HIGH | N/A |
| Buffer overflow in web-admin tool in NetXRay 2.6 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request. | |||||
| CVE-1999-1210 | 1 Digital | 1 Unix | 2017-12-19 | 7.2 HIGH | N/A |
| xterm in Digital UNIX 4.0B *with* patch kit 5 allows local users to overwrite arbitrary files via a symlink attack on a core dump file, which is created when xterm is called with a DISPLAY environmental variable set to a display that xterm cannot access. | |||||
| CVE-1999-1211 | 1 Sun | 1 Sunos | 2017-12-19 | 7.2 HIGH | N/A |
| Vulnerability in in.telnetd in SunOS 4.1.1 and earlier allows local users to gain root privileges. | |||||
| CVE-1999-1212 | 1 Sun | 1 Sunos | 2017-12-19 | 7.2 HIGH | N/A |
| Vulnerability in in.rlogind in SunOS 4.0.3 and 4.0.3c allows local users to gain root privileges. | |||||
| CVE-1999-1213 | 1 Hp | 1 Hp-ux | 2017-12-19 | 5.0 MEDIUM | N/A |
| Vulnerability in telnet service in HP-UX 10.30 allows attackers to cause a denial of service. | |||||
| CVE-1999-1216 | 1 Cisco | 1 Router | 2017-12-19 | 7.5 HIGH | N/A |
| Cisco routers 9.17 and earlier allow remote attackers to bypass security restrictions via certain IP source routed packets that should normally be denied using the "no ip source-route" command. | |||||
| CVE-1999-1218 | 1 Commodore | 1 Amiga Unix | 2017-12-19 | 2.1 LOW | N/A |
| Vulnerability in finger in Commodore Amiga UNIX 2.1p2a and earlier allows local users to read arbitrary files. | |||||
| CVE-1999-1220 | 1 Great Circle Associates | 1 Majordomo | 2017-12-19 | 7.5 HIGH | N/A |
| Majordomo 1.94.3 and earlier allows remote attackers to execute arbitrary commands when the advertise or noadvertise directive is used in a configuration file, via shell metacharacters in the Reply-To header. | |||||
| CVE-1999-1221 | 1 Digital | 1 Unix | 2017-12-19 | 2.1 LOW | N/A |
| dxchpwd in Digital Unix (OSF/1) 3.x allows local users to modify arbitrary files via a symlink attack on the dxchpwd.log file. | |||||
| CVE-1999-1224 | 1 University Of Washington | 1 Imapd | 2017-12-19 | 3.6 LOW | N/A |
| IMAP 4.1 BETA, and possibly other versions, does not properly handle the SIGABRT (abort) signal, which allows local users to crash the server (imapd) via certain sequences of commands, which causes a core dump that may contain sensitive password information. | |||||
| CVE-1999-1225 | 5 Digital, Linux, Netbsd and 2 more | 5 Ultrix, Linux Kernel, Netbsd and 2 more | 2017-12-19 | 5.0 MEDIUM | N/A |
| rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not. | |||||
| CVE-1999-1227 | 1 Ethereal Group | 1 Ethereal | 2017-12-19 | 7.2 HIGH | N/A |
| Ethereal allows local users to overwrite arbitrary files via a symlink attack on the packet capture file. | |||||
| CVE-1999-1228 | 3 Diamond, Logicode, Us Robotics | 3 Supra, Quicktel, Us Robotics | 2017-12-19 | 7.5 HIGH | N/A |
| Various modems that do not implement a guard time, or are configured with a guard time of 0, can allow remote attackers to execute arbitrary modem commands such as ATH, ATH0, etc., via a "+++" sequence that appears in ICMP packets, the subject of an e-mail message, IRC commands, and others. | |||||
| CVE-1999-1229 | 1 Id Software | 1 Quake 2 Server | 2017-12-19 | 2.1 LOW | N/A |
| Quake 2 server 3.13 on Linux does not properly check file permissions for the config.cfg configuration file, which allows local users to read arbitrary files via a symlink from config.cfg to the target file. | |||||
| CVE-1999-1230 | 1 Id Software | 1 Quake 2 | 2017-12-19 | 5.0 MEDIUM | N/A |
| Quake 2 server allows remote attackers to cause a denial of service via a spoofed UDP packet with a source address of 127.0.0.1, which causes the server to attempt to connect to itself. | |||||
| CVE-1999-1231 | 1 Ssh | 1 Ssh2 | 2017-12-19 | 5.0 MEDIUM | N/A |
| ssh 2.0.12, and possibly other versions, allows valid user names to attempt to enter the correct password multiple times, but only prompts an invalid user name for a password once, which allows remote attackers to determine user account names on the server. | |||||
| CVE-1999-1232 | 1 Sgi | 1 Irix | 2017-12-19 | 7.2 HIGH | N/A |
| Untrusted search path vulnerability in day5datacopier in SGI IRIX 6.2 allows local users to execute arbitrary commands via a modified PATH environment variable that points to a malicious cp program. | |||||
| CVE-1999-1234 | 1 Microsoft | 1 Windows Nt | 2017-12-19 | 5.0 MEDIUM | N/A |
| LSA (LSASS.EXE) in Windows NT 4.0 allows remote attackers to cause a denial of service via a NULL policy handle in a call to (1) SamrOpenDomain, (2) SamrEnumDomainUsers, and (3) SamrQueryDomainInfo. | |||||