Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-1057 | 1 Hp | 1 Openview Network Node Manager | 2017-10-10 | 4.6 MEDIUM | N/A |
| Vulnerabilities in database configuration scripts in HP OpenView Network Node Manager (NNM) 6.1 and earlier allows local users to gain privileges, possibly via insecure permissions. | |||||
| CVE-2000-1058 | 1 Hp | 1 Openview Network Node Manager | 2017-10-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in OverView5 CGI program in HP OpenView Network Node Manager (NNM) 6.1 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, in the SNMP service (snmp.exe), aka the "Java SNMP MIB Browser Object ID parsing problem." | |||||
| CVE-2000-1059 | 1 Mandrakesoft | 1 Mandrake Linux | 2017-10-10 | 7.2 HIGH | N/A |
| The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X Windows events and gain privileges. | |||||
| CVE-2000-1068 | 1 Cgi-world | 2 Poll It, Poll It Pro | 2017-10-10 | 10.0 HIGH | N/A |
| pollit.cgi in Poll It 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the poll_options parameter. | |||||
| CVE-2000-1069 | 1 Cgi-world | 2 Poll It, Poll It Pro | 2017-10-10 | 6.4 MEDIUM | N/A |
| pollit.cgi in Poll It 2.01 and earlier allows remote attackers to access administrative functions without knowing the real password by specifying the same value to the entered_password and admin_password parameters. | |||||
| CVE-2000-1070 | 1 Cgi-world | 2 Poll It, Poll It Pro | 2017-10-10 | 5.0 MEDIUM | N/A |
| pollit.cgi in Poll It 2.01 and earlier uses data files that are located under the web document root, which allows remote attackers to access sensitive or private information. | |||||
| CVE-2000-1071 | 1 Netscape | 1 Iplanet Ical | 2017-10-10 | 10.0 HIGH | N/A |
| The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote attackers to monitor X Windows events and gain privileges. | |||||
| CVE-2000-1072 | 1 Netscape | 1 Iplanet Ical | 2017-10-10 | 7.2 HIGH | N/A |
| iCal 2.1 Patch 2 installs many files with world-writeable permissions, which allows local users to modify the iCal configuration and execute arbitrary commands by replacing the iplncal.sh program with a Trojan horse. | |||||
| CVE-2000-1073 | 1 Netscape | 1 Iplanet Ical | 2017-10-10 | 7.2 HIGH | N/A |
| csstart program in iCal 2.1 Patch 2 searches for the cshttpd program in the current working directory, which allows local users to gain root privileges by creating a Trojan Horse cshttpd program in a directory and calling csstart from that directory. | |||||
| CVE-2000-1074 | 1 Netscape | 1 Iplanet Ical | 2017-10-10 | 10.0 HIGH | N/A |
| csstart program in iCal 2.1 Patch 2 uses relative pathnames to install the libsocket and libnsl libraries, which could allow the icsuser account to gain root privileges by creating a Trojan Horse library in the current or parent directory. | |||||
| CVE-2000-1075 | 2 Netscape, Sun | 2 Directory Server, Iplanet Certificate Management System | 2017-10-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services. | |||||
| CVE-2000-1077 | 1 Iplanet | 1 Iplanet Web Server | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in the SHTML logging functionality of iPlanet Web Server 4.x allows remote attackers to execute arbitrary commands via a long filename with a .shtml extension. | |||||
| CVE-2000-1080 | 2 Id Software, J. P. Grossman | 2 Quake, Proquake | 2017-10-10 | 5.0 MEDIUM | N/A |
| Quake 1 (quake1) and ProQuake 1.01 and earlier allow remote attackers to cause a denial of service via a malformed (empty) UDP packet. | |||||
| CVE-2000-1095 | 5 Conectiva, Immunix, Mandrakesoft and 2 more | 5 Linux, Immunix, Mandrake Linux and 2 more | 2017-10-10 | 7.2 HIGH | N/A |
| modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-1097 | 1 Sonicwall | 1 Soho Firewall | 2017-10-10 | 5.0 MEDIUM | N/A |
| The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via a long username in the authentication page. | |||||
| CVE-2000-1106 | 1 Trend Micro | 1 Interscan Viruswall | 2017-10-10 | 4.6 MEDIUM | N/A |
| Trend Micro InterScan VirusWall creates an "Intscan" share to the "InterScan" directory with permissions that grant Full Control permissions to the Everyone group, which allows attackers to gain privileges by modifying the VirusWall programs. | |||||
| CVE-2000-1107 | 1 Suse | 1 Suse Linux | 2017-10-10 | 5.0 MEDIUM | N/A |
| in.identd ident server in SuSE Linux 6.x and 7.0 allows remote attackers to cause a denial of service via a long request, which causes the server to access a NULL pointer and crash. | |||||
| CVE-2000-1108 | 1 Midnight Commander | 1 Midnight Commander | 2017-10-10 | 4.6 MEDIUM | N/A |
| cons.saver in Midnight Commander (mc) 4.5.42 and earlier does not properly verify if an output file descriptor is a TTY, which allows local users to corrupt files by creating a symbolic link to the target file, calling mc, and specifying that link as a TTY argument. | |||||
| CVE-2000-1109 | 1 Midnight Commander | 1 Midnight Commander | 2017-10-10 | 4.6 MEDIUM | N/A |
| Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the commands to be executed. | |||||
| CVE-2000-1111 | 1 Microsoft | 1 Windows 2000 | 2017-10-10 | 5.0 MEDIUM | N/A |
| Telnet Service for Windows 2000 Professional does not properly terminate incomplete connection attempts, which allows remote attackers to cause a denial of service by connecting to the server and not providing any input. | |||||
| CVE-2000-1115 | 1 Software602 | 1 602pro Lan Suite | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in remote web administration component (webprox.dll) of 602Pro LAN SUITE before 2000.0.1.33 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request. | |||||
| CVE-2000-1119 | 1 Ibm | 1 Aix | 2017-10-10 | 4.6 MEDIUM | N/A |
| Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands via a long "x=" argument. | |||||
| CVE-2000-1120 | 1 Ibm | 1 Aix | 2017-10-10 | 7.2 HIGH | N/A |
| Buffer overflow in digest command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands. | |||||
| CVE-2000-1121 | 1 Ibm | 1 Aix | 2017-10-10 | 7.2 HIGH | N/A |
| Buffer overflow in enq command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands via a long -M argument. | |||||
| CVE-2000-1123 | 1 Ibm | 1 Aix | 2017-10-10 | 7.2 HIGH | N/A |
| Buffer overflow in pioout command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands. | |||||
| CVE-2000-1124 | 1 Ibm | 1 Aix | 2017-10-10 | 7.2 HIGH | N/A |
| Buffer overflow in piobe command in IBM AIX 4.3.x allows local users to gain privileges via long environmental variables. | |||||
| CVE-2000-1131 | 1 Bill Kendrick | 1 Gbook.cgi | 2017-10-10 | 7.5 HIGH | N/A |
| Bill Kendrick web site guestbook (GBook) allows remote attackers to execute arbitrary commands via shell metacharacters in the _MAILTO form variable. | |||||
| CVE-2000-1132 | 1 Dcscripts | 1 Dcforum | 2017-10-10 | 6.4 MEDIUM | N/A |
| DCForum cgforum.cgi CGI script allows remote attackers to read arbitrary files, and delete the program itself, via a malformed "forum" variable. | |||||
| CVE-2000-1135 | 1 Debian | 1 Debian Linux | 2017-10-10 | 4.6 MEDIUM | N/A |
| fshd (fsh daemon) in Debian GNU/Linux allows local users to overwrite files of other users via a symlink attack. | |||||
| CVE-2000-1136 | 1 Debian | 1 Elvis Tiny | 2017-10-10 | 4.6 MEDIUM | N/A |
| elvis-tiny before 1.4-10 in Debian GNU/Linux, and possibly other Linux operating systems, allows local users to overwrite files of other users via a symlink attack. | |||||
| CVE-2000-1140 | 1 Recourse Technologies | 1 Mantrap | 2017-10-10 | 2.1 LOW | N/A |
| Recourse ManTrap 1.6 does not properly hide processes from attackers, which could allow attackers to determine that they are in a honeypot system by comparing the results from kill commands with the process listing in the /proc filesystem. | |||||
| CVE-2000-1141 | 1 Recourse Technologies | 1 Mantrap | 2017-10-10 | 2.1 LOW | N/A |
| Recourse ManTrap 1.6 modifies the kernel so that ".." does not appear in the /proc listing, which allows attackers to determine that they are in a honeypot system. | |||||
| CVE-2000-1142 | 1 Recourse Technologies | 1 Mantrap | 2017-10-10 | 2.1 LOW | N/A |
| Recourse ManTrap 1.6 generates an error when an attacker cd's to /proc/self/cwd and executes the pwd command, which allows attackers to determine that they are in a honeypot system. | |||||
| CVE-2000-1143 | 1 Recourse Technologies | 1 Mantrap | 2017-10-10 | 2.1 LOW | N/A |
| Recourse ManTrap 1.6 hides the first 4 processes that run on a Solaris system, which allows attackers to determine that they are in a honeypot system. | |||||
| CVE-2000-1144 | 1 Recourse Technologies | 1 Mantrap | 2017-10-10 | 2.1 LOW | N/A |
| Recourse ManTrap 1.6 sets up a chroot environment to hide the fact that it is running, but the inode number for the resulting "/" file system is higher than normal, which allows attackers to determine that they are in a chroot environment. | |||||
| CVE-2000-1145 | 1 Recourse Technologies | 1 Mantrap | 2017-10-10 | 4.6 MEDIUM | N/A |
| Recourse ManTrap 1.6 allows attackers who have gained root access to use utilities such as crash or fsdb to read /dev/mem and raw disk devices to identify ManTrap processes or modify arbitrary data files. | |||||
| CVE-2000-1146 | 1 Recourse Technologies | 1 Mantrap | 2017-10-10 | 2.1 LOW | N/A |
| Recourse ManTrap 1.6 allows attackers to cause a denial of service via a sequence of commands that navigate into and out of the /proc/self directory and executing various commands such as ls or pwd. | |||||
| CVE-2000-1148 | 1 Volano Llc | 1 Volanochatpro | 2017-10-10 | 4.6 MEDIUM | N/A |
| The installation of VolanoChatPro chat server sets world-readable permissions for its configuration file and stores the server administrator passwords in plaintext, which allows local users to gain privileges on the server. | |||||
| CVE-2000-1162 | 1 Aladdin Enterprises | 1 Ghostscript | 2017-10-10 | 3.7 LOW | N/A |
| ghostscript before 5.10-16 allows local users to overwrite files of other users via a symlink attack. | |||||
| CVE-2000-1163 | 1 Aladdin Enterprises | 1 Ghostscript | 2017-10-10 | 4.6 MEDIUM | N/A |
| ghostscript before 5.10-16 uses an empty LD_RUN_PATH environmental variable to find libraries in the current directory, which could allow local users to execute commands as other users by placing a Trojan horse library into a directory from which another user executes ghostscript. | |||||
| CVE-2000-1164 | 1 Att | 1 Winvnc | 2017-10-10 | 9.0 HIGH | N/A |
| WinVNC installs the WinVNC3 registry key with permissions that give Special Access (read and modify) to the Everybody group, which allows users to read and modify sensitive information such as passwords and gain access to the system. | |||||
| CVE-2000-1165 | 1 Balabit | 1 Syslog-ng | 2017-10-10 | 5.0 MEDIUM | N/A |
| Balabit syslog-ng allows remote attackers to cause a denial of service (application crash) via a malformed log message that does not have a closing > in the priority specifier. | |||||
| CVE-2000-1166 | 1 Twig Development Team | 1 Twig | 2017-10-10 | 7.5 HIGH | N/A |
| Twig webmail system does not properly set the "vhosts" variable if it is not configured on the site, which allows remote attackers to insert arbitrary PHP (PHP3) code by specifying an alternate vhosts as an argument to the index.php3 program. | |||||
| CVE-2000-1167 | 1 Freebsd | 1 Freebsd | 2017-10-10 | 7.5 HIGH | N/A |
| ppp utility in FreeBSD 4.1.1 and earlier does not properly restrict access as specified by the "nat deny_incoming" command, which allows remote attackers to connect to the target system. | |||||
| CVE-2000-1169 | 1 Openbsd | 1 Openssh | 2017-10-10 | 7.5 HIGH | N/A |
| OpenSSH SSH client before 2.3.0 does not properly disable X11 or agent forwarding, which could allow a malicious SSH server to gain access to the X11 display and sniff X11 events, or gain access to the ssh-agent. | |||||
| CVE-2000-1170 | 1 Pelesoft | 1 Netsnap | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in Netsnap webcam HTTP server before 1.2.9 allows remote attackers to execute arbitrary commands via a long GET request. | |||||
| CVE-2000-1171 | 1 Markus Triska | 1 Cgiforum | 2017-10-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in cgiforum.pl script in CGIForum 1.0 allows remote attackers to ready arbitrary files via a .. (dot dot) attack in the "thesection" parameter. | |||||
| CVE-2000-1174 | 1 Ethereal Group | 1 Ethereal | 2017-10-10 | 7.5 HIGH | N/A |
| Multiple buffer overflows in AFS ACL parser for Ethereal 0.8.13 and earlier allows remote attackers to execute arbitrary commands via a packet with a long username. | |||||
| CVE-2000-1179 | 1 Netopia | 1 650-st Isdn Router | 2017-10-10 | 5.0 MEDIUM | N/A |
| Netopia ISDN Router 650-ST before 4.3.5 allows remote attackers to read system logs without authentication by directly connecting to the login screen and typing certain control characters. | |||||
| CVE-2000-1181 | 1 Realnetworks | 1 Realserver | 2017-10-10 | 5.0 MEDIUM | N/A |
| Real Networks RealServer 7 and earlier allows remote attackers to obtain portions of RealServer's memory contents, possibly including sensitive information, by accessing the /admin/includes/ URL. | |||||