Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0222 | 1 Webmin | 1 Webmin | 2017-10-10 | 1.2 LOW | N/A |
| webmin 0.84 and earlier allows local users to overwrite and create arbitrary files via a symlink attack. | |||||
| CVE-2001-0230 | 1 Freebsd | 1 Freebsd | 2017-10-10 | 4.6 MEDIUM | N/A |
| Buffer overflow in dc20ctrl before 0.4_1 in FreeBSD, and possibly other operating systems, allows local users to gain privileges. | |||||
| CVE-2001-0233 | 3 Debian, Matthew Smith, Redhat | 3 Debian Linux, Micq, Linux | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Description field. | |||||
| CVE-2001-0234 | 1 Sourceforge | 1 Newsdaemon | 2017-10-10 | 7.5 HIGH | N/A |
| NewsDaemon before 0.21b allows remote attackers to execute arbitrary SQL queries and gain privileges via a malformed user_username parameter. | |||||
| CVE-2001-0235 | 1 Debian | 1 Debian Linux | 2017-10-10 | 2.1 LOW | N/A |
| Vulnerability in crontab allows local users to read crontab files of other users by replacing the temporary file that is being edited while crontab is running. | |||||
| CVE-2001-0252 | 1 Iplanet | 1 Iplanet Enterprise Server | 2017-10-10 | 5.0 MEDIUM | N/A |
| iPlanet (formerly Netscape) Enterprise Server 4.1 allows remote attackers to cause a denial of service via a long HTTP GET request that contains many "/../" (dot dot) sequences. | |||||
| CVE-2001-0259 | 1 Ssh | 1 Ssh | 2017-10-10 | 3.6 LOW | N/A |
| ssh-keygen in ssh 1.2.27 - 1.2.30 with Secure-RPC can allow local attackers to recover a SUN-DES-1 magic phrase generated by another user, which the attacker can use to decrypt that user's private key file. | |||||
| CVE-2001-0260 | 1 Lotus | 1 Domino Mail Server | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in Lotus Domino Mail Server 5.0.5 and earlier allows a remote attacker to crash the server or execute arbitrary code via a long "RCPT TO" command. | |||||
| CVE-2001-0265 | 1 Pgp | 1 Pgp | 2017-10-10 | 2.1 LOW | N/A |
| ASCII Armor parser in Windows PGP 7.0.3 and earlier allows attackers to create files in arbitrary locations via a malformed ASCII armored file. | |||||
| CVE-2001-0267 | 1 Hp | 1 Mpe Ix | 2017-10-10 | 7.2 HIGH | N/A |
| NM debug in HP MPE/iX 6.5 and earlier does not properly handle breakpoints, which allows local users to gain privileges. | |||||
| CVE-2001-0268 | 2 Netbsd, Openbsd | 2 Netbsd, Openbsd | 2017-10-10 | 7.2 HIGH | N/A |
| The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows local users to gain root privileges by creating a segment call gate in the Local Descriptor Table (LDT) with a target that specifies an arbitrary kernel address. | |||||
| CVE-2001-0274 | 1 Kicq | 1 Kicq | 2017-10-10 | 7.5 HIGH | N/A |
| kicq IRC client 1.0.0, and possibly later versions, allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. | |||||
| CVE-2001-0276 | 1 Working Resources Inc. | 1 Badblue | 2017-10-10 | 6.4 MEDIUM | N/A |
| ext.dll in BadBlue 1.02.07 Personal Edition web server allows remote attackers to determine the physical path of the server by directly calling ext.dll without any arguments, which produces an error message that contains the path. | |||||
| CVE-2001-0278 | 1 Hp | 1 Mpe Ix | 2017-10-10 | 4.6 MEDIUM | N/A |
| Vulnerability in linkeditor in HP MPE/iX 6.5 and earlier allows local users to gain privileges. | |||||
| CVE-2001-0280 | 1 Atrium Software | 1 Mercur | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in MERCUR SMTP server 3.30 allows remote attackers to execute arbitrary commands via a long EXPN command. | |||||
| CVE-2001-0299 | 1 Nokia | 1 Ip440 Firewall Vpn Appliance | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in Voyager web administration server for Nokia IP440 allows local users to cause a denial of service, and possibly execute arbitrary commands, via a long URL. | |||||
| CVE-2001-0301 | 1 Stephen Turner | 1 Analog | 2017-10-10 | 10.0 HIGH | N/A |
| Buffer overflow in Analog before 4.16 allows remote attackers to execute arbitrary commands by using the ALIAS command to construct large strings. | |||||
| CVE-2001-0309 | 1 Redhat | 1 Linux | 2017-10-10 | 5.0 MEDIUM | N/A |
| inetd in Red Hat 6.2 does not properly close sockets for internal services such as chargen, daytime, echo, etc., which allows remote attackers to cause a denial of service via a series of connections to the internal services. | |||||
| CVE-2001-0310 | 1 Freebsd | 1 Freebsd | 2017-10-10 | 2.1 LOW | N/A |
| sort in FreeBSD 4.1.1 and earlier, and possibly other operating systems, uses predictable temporary file names and does not properly handle when the temporary file already exists, which causes sort to crash and possibly impacts security-sensitive scripts. | |||||
| CVE-2001-0311 | 1 Hp | 2 Hp-ux, Omniback Ii | 2017-10-10 | 4.6 MEDIUM | N/A |
| Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized access to an OmniBack client. | |||||
| CVE-2001-1089 | 2 Alessandro Gardich, Joerg Wendland | 2 Nss Postgresql, Libnss-pgsql | 2017-10-10 | 7.5 HIGH | N/A |
| libnss-pgsql in nss-pgsql 0.9.0 and earlier allows remote attackers to execute arbitrary SQL queries by inserting SQL code into an HTTP request. | |||||
| CVE-2001-0316 | 1 Linux | 1 Linux Kernel | 2017-10-10 | 4.6 MEDIUM | N/A |
| Linux kernel 2.4 and 2.2 allows local users to read kernel memory and possibly gain privileges via a negative argument to the sysctl call. | |||||
| CVE-2001-0317 | 1 Linux | 1 Linux Kernel | 2017-10-10 | 3.7 LOW | N/A |
| Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local users to gain privileges by using ptrace to track and modify a running setuid process. | |||||
| CVE-2001-0318 | 1 Proftpd Project | 1 Proftpd | 2017-10-10 | 7.5 HIGH | N/A |
| Format string vulnerability in ProFTPD 1.2.0rc2 may allow attackers to execute arbitrary commands by shutting down the FTP server while using a malformed working directory (cwd). | |||||
| CVE-2001-0319 | 1 Ibm | 3 Net.commerce, Net.commerce Hosting Server, Websphere Commerce Suite | 2017-10-10 | 7.5 HIGH | N/A |
| orderdspc.d2w macro in IBM Net.Commerce 3.x allows remote attackers to execute arbitrary SQL queries by inserting them into the order_rn option of the report capability. | |||||
| CVE-2001-0321 | 1 Francisco Burzi | 1 Php-nuke | 2017-10-10 | 5.0 MEDIUM | N/A |
| opendir.php script in PHP-Nuke allows remote attackers to read arbitrary files by specifying the filename as an argument to the requesturl parameter. | |||||
| CVE-2001-0326 | 1 Oracle | 2 Application Server, Oracle8i | 2017-10-10 | 7.5 HIGH | N/A |
| Oracle Java Virtual Machine (JVM ) for Oracle 8.1.7 and Oracle Application Server 9iAS Release 1.0.2.0.1 allows remote attackers to read arbitrary files via the .jsp and .sqljsp file extensions when the server is configured to use the <<ALL FILES>> FilePermission. | |||||
| CVE-2001-0330 | 1 Mozilla | 1 Bugzilla | 2017-10-10 | 7.5 HIGH | N/A |
| Bugzilla 2.10 allows remote attackers to access sensitive information, including the database username and password, via an HTTP request for the globals.pl file, which is normally returned by the web server without being executed. | |||||
| CVE-2001-0331 | 1 Sgi | 1 Irix | 2017-10-10 | 7.5 HIGH | N/A |
| Buffer overflow in Embedded Support Partner (ESP) daemon (rpc.espd) in IRIX 6.5.8 and earlier allows remote attackers to execute arbitrary commands. | |||||
| CVE-2001-0364 | 1 Ssh | 1 Ssh2 | 2017-10-10 | 5.0 MEDIUM | N/A |
| SSH Communications Security sshd 2.4 for Windows allows remote attackers to create a denial of service via a large number of simultaneous connections. | |||||
| CVE-2001-0365 | 1 Qualcomm | 1 Eudora | 2017-10-10 | 7.5 HIGH | N/A |
| Eudora before 5.1 allows a remote attacker to execute arbitrary code, when the 'Use Microsoft Viewer' and 'allow executables in HTML content' options are enabled, via an HTML email message containing Javascript, with ActiveX controls and malicious code within IMG tags. | |||||
| CVE-2001-0366 | 1 Sap | 2 Sap R 3 Web Application Server Demo, Saposcol | 2017-10-10 | 7.2 HIGH | N/A |
| saposcol in SAP R/3 Web Application Server Demo before 1.5 trusts the PATH environmental variable to find and execute the expand program, which allows local users to obtain root access by modifying the PATH to point to a Trojan horse expand program. | |||||
| CVE-2001-0368 | 1 Free Peers | 1 Bearshare | 2017-10-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in BearShare 2.2.2 and earlier allows a remote attacker to read certain files via a URL containing a series of . characters, a variation of the .. (dot dot) attack. | |||||
| CVE-2001-0371 | 1 Freebsd | 1 Freebsd | 2017-10-10 | 6.2 MEDIUM | N/A |
| Race condition in the UFS and EXT2FS file systems in FreeBSD 4.2 and earlier, and possibly other operating systems, makes deleted data available to user processes before it is zeroed out, which allows a local user to access otherwise restricted information. | |||||
| CVE-2001-0373 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2017-10-10 | 2.1 LOW | N/A |
| The default configuration of the Dr. Watson program in Windows NT and Windows 2000 generates user.dmp crash dump files with world-readable permissions, which could allow a local user to gain access to sensitive information. | |||||
| CVE-2001-0375 | 1 Cisco | 2 Pix Firewall 515, Pix Firewall 520 | 2017-10-10 | 5.0 MEDIUM | N/A |
| Cisco PIX Firewall 515 and 520 with 5.1.4 OS running aaa authentication to a TACACS+ server allows remote attackers to cause a denial of service via a large number of authentication requests. | |||||
| CVE-2001-0377 | 1 Infradig | 1 Inframail | 2017-10-10 | 5.0 MEDIUM | N/A |
| Infradig Inframail prior to 3.98a allows a remote attacker to create a denial of service via a malformed POST request which includes a space followed by a large string. | |||||
| CVE-2001-0378 | 1 Openbsd | 1 Openbsd | 2017-10-10 | 2.1 LOW | N/A |
| readline prior to 4.1, in OpenBSD 2.8 and earlier, creates history files with insecure permissions, which allows a local attacker to recover potentially sensitive information via readline history files. | |||||
| CVE-2001-0379 | 1 Hp | 1 Hp-ux | 2017-10-10 | 4.6 MEDIUM | N/A |
| Vulnerability in the newgrp program included with HP9000 servers running HP-UX 11.11 allows a local attacker to obtain higher access rights. | |||||
| CVE-2001-0383 | 1 Francisco Burzi | 1 Php-nuke | 2017-10-10 | 5.0 MEDIUM | N/A |
| banners.php in PHP-Nuke 4.4 and earlier allows remote attackers to modify banner ad URLs by directly calling the Change operation, which does not require authentication. | |||||
| CVE-2001-0386 | 1 Analogx | 1 Simpleserver Www | 2017-10-10 | 5.0 MEDIUM | N/A |
| AnalogX SimpleServer:WWW 1.08 allows remote attackers to cause a denial of service via an HTTP request to the /aux directory. | |||||
| CVE-2001-0387 | 1 Hylafax | 1 Hylafax | 2017-10-10 | 7.2 HIGH | N/A |
| Format string vulnerability in hfaxd in HylaFAX before 4.1.b2_2 allows local users to gain privileges via the -q command line argument. | |||||
| CVE-2001-0388 | 3 Freebsd, Mandrakesoft, Suse | 3 Freebsd, Mandrake Linux, Suse Linux | 2017-10-10 | 10.0 HIGH | N/A |
| time server daemon timed allows remote attackers to cause a denial of service via malformed packets. | |||||
| CVE-2001-0394 | 1 Oreilly | 1 Website Pro | 2017-10-10 | 5.0 MEDIUM | N/A |
| Remote manager service in Website Pro 3.0.37 allows remote attackers to cause a denial of service via a series of malformed HTTP requests to the /dyn directory. | |||||
| CVE-2001-0402 | 3 Darren Reed, Freebsd, Openbsd | 3 Ipfilter, Freebsd, Openbsd | 2017-10-10 | 7.5 HIGH | N/A |
| IPFilter 3.4.16 and earlier does not include sufficient session information in its cache, which allows remote attackers to bypass access restrictions by sending fragmented packets to a restricted port after sending unfragmented packets to an unrestricted port. | |||||
| CVE-2001-0405 | 1 Linux | 1 Linux Kernel | 2017-10-10 | 7.5 HIGH | N/A |
| ip_conntrack_ftp in the IPTables firewall for Linux 2.4 allows remote attackers to bypass access restrictions for an FTP server via a PORT command that lists an arbitrary IP address and port number, which is added to the RELATED table and allowed by the firewall. | |||||
| CVE-2001-0408 | 1 Vim Development Group | 1 Vim | 2017-10-10 | 5.1 MEDIUM | N/A |
| vim (aka gvim) processes VIM control codes that are embedded in a file, which could allow attackers to execute arbitrary commands when another user opens a file containing malicious VIM control codes. | |||||
| CVE-2001-0409 | 1 Vim Development Group | 1 Vim | 2017-10-10 | 2.1 LOW | N/A |
| vim (aka gvim) allows local users to modify files being edited by other users via a symlink attack on the backup and swap files, when the victim is editing the file in a world writable directory. | |||||
| CVE-2001-0412 | 1 Cisco | 3 Content Services Switch 11050, Content Services Switch 11150, Content Services Switch 11800 | 2017-10-10 | 7.2 HIGH | N/A |
| Cisco Content Services (CSS) switch products 11800 and earlier, aka Arrowpoint, allows local users to gain privileges by entering debug mode. | |||||
| CVE-2001-0413 | 1 Bintec | 3 X1000, X1200, X4000 | 2017-10-10 | 5.0 MEDIUM | N/A |
| BinTec X4000 Access router, and possibly other versions, allows remote attackers to cause a denial of service via a SYN port scan, which causes the router to hang. | |||||