Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0037 | 1 Great Circle Associates | 1 Majordomo | 2016-10-18 | 4.6 MEDIUM | N/A |
| Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file. | |||||
| CVE-2000-0060 | 1 Avirt | 1 Rover | 2016-10-18 | 5.0 MEDIUM | N/A |
| Buffer overflow in aVirt Rover POP3 server 1.1 allows remote attackers to cause a denial of service via a long user name. | |||||
| CVE-2000-0068 | 1 Intel | 1 Inbusiness Email Station | 2016-10-18 | 7.5 HIGH | N/A |
| daynad program in Intel InBusiness E-mail Station does not require authentication, which allows remote attackers to modify its configuration, delete files, or read mail. | |||||
| CVE-2000-0072 | 1 Computer Power Solutions | 1 Visual Casel | 2016-10-18 | 4.6 MEDIUM | N/A |
| Visual Casel (Vcasel) does not properly prevent users from executing files, which allows local users to use a relative pathname to specify an alternate file which has an approved name and possibly gain privileges. | |||||
| CVE-2000-0076 | 2 Berkeley, Debian | 2 Nvi, Debian Linux | 2016-10-18 | 2.1 LOW | N/A |
| nviboot boot script in the Debian nvi package allows local users to delete files via malformed entries in vi.recover. | |||||
| CVE-2000-0080 | 1 Ibm | 1 Aix | 2016-10-18 | 2.1 LOW | N/A |
| AIX techlibss allows local users to overwrite files via a symlink attack. | |||||
| CVE-2000-0087 | 1 Netscape | 2 Communicator, Navigator | 2016-10-18 | 5.0 MEDIUM | N/A |
| Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even if the user has set a preference for Communicator to use an SSL connection, allowing a remote attacker to sniff usernames and passwords in plaintext. | |||||
| CVE-2000-0099 | 1 Sco | 1 Unixware | 2016-10-18 | 7.2 HIGH | N/A |
| Buffer overflow in UnixWare ppptalk command allows local users to gain privileges via a long prompt argument. | |||||
| CVE-2000-0112 | 1 Debian | 1 Debian Linux | 2016-10-18 | 7.2 HIGH | N/A |
| The default installation of Debian GNU/Linux uses an insecure Master Boot Record (MBR) which allows a local user to boot from a floppy disk during the installation. | |||||
| CVE-2000-0113 | 1 Sybergen | 1 Sygate | 2016-10-18 | 7.5 HIGH | N/A |
| The SyGate Remote Management program does not properly restrict access to its administration service, which allows remote attackers to cause a denial of service, or access network traffic statistics. | |||||
| CVE-2000-0119 | 2 Mcafee, Symantec | 2 Virusscan, Norton Antivirus | 2016-10-18 | 7.2 HIGH | N/A |
| The default configurations for McAfee Virus Scan and Norton Anti-Virus virus checkers do not check files in the RECYCLED folder that is used by the Windows Recycle Bin utility, which allows attackers to store malicious code without detection. | |||||
| CVE-2000-0130 | 1 Sco | 1 Unixware | 2016-10-18 | 7.2 HIGH | N/A |
| Buffer overflow in SCO scohelp program allows remote attackers to execute commands. | |||||
| CVE-2000-0131 | 1 Jgaa | 1 Warftpd | 2016-10-18 | 5.0 MEDIUM | N/A |
| Buffer overflow in War FTPd 1.6x allows users to cause a denial of service via long MKD and CWD commands. | |||||
| CVE-2000-0138 | 2016-10-18 | 5.0 MEDIUM | N/A | ||
| A system has a distributed denial of service (DDOS) attack master, agent, or zombie installed, such as (1) Trinoo, (2) Tribe Flood Network (TFN), (3) Tribe Flood Network 2000 (TFN2K), (4) stacheldraht, (5) mstream, or (6) shaft. | |||||
| CVE-2000-0139 | 1 True North | 1 Internet Anywhere Mail Server | 2016-10-18 | 2.1 LOW | N/A |
| Internet Anywhere POP3 Mail Server allows local users to cause a denial of service via a malformed RETR command. | |||||
| CVE-2000-0140 | 1 True North | 1 Internet Anywhere Mail Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service via a large number of connections. | |||||
| CVE-2000-0239 | 1 Atrium Software | 3 Mercur Imap4 Server, Mercur Mailserver, Mercur Pop3 Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| Buffer overflow in the MERCUR WebView WebMail server allows remote attackers to cause a denial of service via a long mail_user parameter in the GET request. | |||||
| CVE-2000-0272 | 1 Realnetworks | 1 Realserver | 2016-10-18 | 7.8 HIGH | N/A |
| RealNetworks RealServer allows remote attackers to cause a denial of service by sending malformed input to the server at port 7070. | |||||
| CVE-2000-0301 | 1 Ipswitch | 1 Imail | 2016-10-18 | 5.0 MEDIUM | N/A |
| Ipswitch IMAIL server 6.02 and earlier allows remote attackers to cause a denial of service via the AUTH CRAM-MD5 command. | |||||
| CVE-2000-0314 | 5 Debian, Digital, Netbsd and 2 more | 5 Debian Linux, Unix, Netbsd and 2 more | 2016-10-18 | 5.0 MEDIUM | N/A |
| traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero. | |||||
| CVE-2000-0315 | 5 Debian, Digital, Netbsd and 2 more | 5 Debian Linux, Unix, Netbsd and 2 more | 2016-10-18 | 5.0 MEDIUM | N/A |
| traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks. | |||||
| CVE-2000-0341 | 1 Atrium Software | 1 Cassandra Nntp Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| ATRIUM Cassandra NNTP Server 1.10 allows remote attackers to cause a denial of service via a long login name. | |||||
| CVE-2000-0347 | 1 Microsoft | 2 Windows 95, Windows 98 | 2016-10-18 | 5.0 MEDIUM | N/A |
| Windows 95 and Windows 98 allow a remote attacker to cause a denial of service via a NetBIOS session request packet with a NULL source name. | |||||
| CVE-2000-0364 | 1 Redhat | 1 Linux | 2016-10-18 | 4.6 MEDIUM | N/A |
| screen and rxvt in Red Hat Linux 6.0 do not properly set the modes of tty devices, which allows local users to write to other ttys. | |||||
| CVE-2000-0365 | 1 Redhat | 1 Linux | 2016-10-18 | 4.6 MEDIUM | N/A |
| Red Hat Linux 6.0 installs the /dev/pts file system with insecure modes, which allows local users to write to other tty devices. | |||||
| CVE-2000-0394 | 1 Axent | 1 Netprowler | 2016-10-18 | 5.0 MEDIUM | N/A |
| NetProwler 3.0 allows remote attackers to cause a denial of service by sending malformed IP packets that trigger NetProwler's Man-in-the-Middle signature. | |||||
| CVE-2000-0401 | 1 Pdgsoft | 1 Pdg Shopping Cart | 2016-10-18 | 7.5 HIGH | N/A |
| Buffer overflows in redirect.exe and changepw.exe in PDGSoft shopping cart allow remote attackers to execute arbitrary commands via a long query string. | |||||
| CVE-2000-0422 | 1 Netwin | 1 Dmail | 2016-10-18 | 7.5 HIGH | N/A |
| Buffer overflow in Netwin DMailWeb CGI program allows remote attackers to execute arbitrary commands via a long utoken parameter. | |||||
| CVE-1999-1500 | 1 True North | 1 Internet Anywhere Mail Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| Internet Anywhere POP3 Mail Server 2.3.1 allows remote attackers to cause a denial of service (crash) via (1) LIST, (2) TOP, or (3) UIDL commands using letters as arguments. | |||||
| CVE-1999-1501 | 1 Sgi | 1 Irix | 2016-10-18 | 4.6 MEDIUM | N/A |
| (1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands. | |||||
| CVE-1999-1502 | 1 Id Software | 1 Quake | 2016-10-18 | 7.5 HIGH | N/A |
| Buffer overflows in Quake 1.9 client allows remote malicious servers to execute arbitrary commands via long (1) precache paths, (2) server name, (3) server address, or (4) argument to the map console command. | |||||
| CVE-1999-1505 | 1 Id Software | 1 Quakeworld | 2016-10-18 | 7.5 HIGH | N/A |
| Buffer overflow in QuakeWorld 2.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary commands via a long initial connect packet. | |||||
| CVE-1999-1508 | 1 Tek | 5 Phaser Network Printer 740, Phaser Network Printer 750, Phaser Network Printer 750dp and 2 more | 2016-10-18 | 10.0 HIGH | N/A |
| Web server in Tektronix PhaserLink Printer 840.0 and earlier allows a remote attacker to gain administrator access by directly calling undocumented URLs such as ncl_items.html and ncl_subjects.html. | |||||
| CVE-1999-1509 | 1 Etype | 1 Eserv | 2016-10-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Etype Eserv 2.50 web server allows a remote attacker to read any file in the file system via a .. (dot dot) in a URL. | |||||
| CVE-1999-1513 | 1 3com | 1 Superstack Ii Hub | 2016-10-18 | 7.5 HIGH | N/A |
| Management information base (MIB) for a 3Com SuperStack II hub running software version 2.10 contains an object identifier (.1.3.6.1.4.1.43.10.4.2) that is accessible by a read-only community string, but lists the entire table of community strings, which could allow attackers to conduct unauthorized activities. | |||||
| CVE-1999-1516 | 1 Tenfour | 1 Tfs Gateway Smtp | 2016-10-18 | 7.5 HIGH | N/A |
| A buffer overflow in TenFour TFS Gateway SMTP mail server 3.2 allows an attacker to crash the mail server and possibly execute arbitrary code by offering more than 128 bytes in a MAIL FROM string. | |||||
| CVE-1999-1517 | 1 Freebsd | 1 Freebsd | 2016-10-18 | 7.2 HIGH | N/A |
| runtar in the Amanda backup system used in various UNIX operating systems executes tar with root privileges, which allows a user to overwrite or read arbitrary files by providing the target files to runtar. | |||||
| CVE-1999-1522 | 1 Roxen | 1 Roxen Web Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| Vulnerability in htmlparse.pike in Roxen Web Server 1.3.11 and earlier, possibly related to recursive parsing and referer tags in RXML. | |||||
| CVE-1999-1524 | 1 Flowpoint | 1 Flowpoint Dsl Router | 2016-10-18 | 5.0 MEDIUM | N/A |
| FlowPoint DSL router firmware versions prior to 3.0.8 allows a remote attacker to exploit a password recovery feature from the network and conduct brute force password guessing, instead of limiting the feature to the serial console port. | |||||
| CVE-1999-1527 | 1 Sun | 2 Forte, Netbeans Developer | 2016-10-18 | 7.5 HIGH | N/A |
| Internal HTTP server in Sun Netbeans Java IDE in Netbeans Developer 3.0 Beta and Forte Community Edition 1.0 Beta does not properly restrict access to IP addresses as specified in its configuration, which allows arbitrary remote attackers to access the server. | |||||
| CVE-1999-1528 | 1 Prosoft Engineering | 1 Netware Client | 2016-10-18 | 4.6 MEDIUM | N/A |
| ProSoft Netware Client 5.12 on Macintosh MacOS 9 does not automatically log a user out of the NDS tree when the user logs off the system, which allows other users of the same system access to the unprotected NDS session. | |||||
| CVE-1999-1530 | 1 Sun | 2 Cobalt Raq 2, Cobalt Raq 3i | 2016-10-18 | 3.6 LOW | N/A |
| cgiwrap as used on Cobalt RaQ 2.0 and RaQ 3i does not properly identify the user for running certain scripts, which allows a malicious site administrator to view or modify data located at another virtual site on the same system. | |||||
| CVE-1999-1531 | 1 Ibm | 1 Homepageprint | 2016-10-18 | 7.5 HIGH | N/A |
| Buffer overflow in IBM HomePagePrint 1.0.7 for Windows98J allows a malicious Web site to execute arbitrary code on a viewer's system via a long IMG_SRC HTML tag. | |||||
| CVE-1999-1532 | 1 Netscape | 1 Messaging Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker to cause a denial of service (memory exhaustion) via a series of long RCPT TO commands. | |||||
| CVE-1999-1534 | 1 Knox Software | 1 Arkeia | 2016-10-18 | 7.2 HIGH | N/A |
| Buffer overflow in (1) nlservd and (2) rnavc in Knox Software Arkeia backup product allows local users to obtain root access via a long HOME environmental variable. | |||||
| CVE-1999-1536 | 1 Acushop | 1 Salesbuilder | 2016-10-18 | 7.2 HIGH | N/A |
| .sbstart startup script in AcuShop Salesbuilder is world writable, which allows local users to gain privileges by appending commands to the file. | |||||
| CVE-1999-1538 | 1 Microsoft | 1 Internet Information Server | 2016-10-18 | 2.1 LOW | N/A |
| When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in /scripts/iisadmin, which does not restrict access to the local machine and allows an unauthorized user to gain access to sensitive server information, including the Administrator's password. | |||||
| CVE-1999-1544 | 1 Microsoft | 1 Internet Information Server | 2016-10-18 | 5.0 MEDIUM | N/A |
| Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows local and sometimes remote attackers to cause a denial of service via a long NLST (ls) command. | |||||
| CVE-1999-1545 | 1 Joes Own Editor | 1 Joe | 2016-10-18 | 2.1 LOW | N/A |
| Joe's Own Editor (joe) 2.8 sets the world-readable permission on its crash-save file, DEADJOE, which could allow local users to read files that were being edited by other users. | |||||
| CVE-1999-1547 | 1 Oracle | 1 Web Listener | 2016-10-18 | 7.5 HIGH | N/A |
| Oracle Web Listener 2.1 allows remote attackers to bypass access restrictions by replacing a character in the URL with its HTTP-encoded (hex) equivalent. | |||||