Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1218 | 1 Microsoft | 1 Ie | 2008-09-10 | 2.1 LOW | N/A |
| Microsoft Internet Explorer for Unix 5.0SP1 allows local users to possibly cause a denial of service (crash) in CDE or the X server on Solaris 2.6 by rapidly scrolling Chinese characters or maximizing the window. | |||||
| CVE-2001-1228 | 1 Gnu | 1 Gzip | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow attackers to execute code via a long file name, possibly remotely if gzip is run on an FTP server. | |||||
| CVE-2001-1235 | 1 Derek Leung | 1 Pslash | 2008-09-10 | 7.5 HIGH | N/A |
| pSlash PHP script 0.7 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the includedir variable. | |||||
| CVE-2001-1236 | 1 Sebastian Bunka | 1 Myphppagetool | 2008-09-10 | 7.5 HIGH | N/A |
| myphpPagetool PHP script 0.4.3-1 and earlier allows remote attackers to execute arbitrary code by including files from remote web sites, using an HTTP request that modifies the includedir variable. | |||||
| CVE-2001-0487 | 1 Ibm | 1 Aix Snmp | 2008-09-10 | 5.0 MEDIUM | N/A |
| AIX SNMP server snmpd allows remote attackers to cause a denial of service via a RST during the TCP connection. | |||||
| CVE-2001-0498 | 1 Oracle | 1 Oracle8i | 2008-09-10 | 5.0 MEDIUM | N/A |
| Transparent Network Substrate (TNS) over Net8 (SQLNet) in Oracle 8i 8.1.7 and earlier allows remote attackers to cause a denial of service via a malformed SQLNet connection request with a large offset in the header extension. | |||||
| CVE-2001-0515 | 1 Oracle | 2 Database Server, Oracle8i | 2008-09-10 | 5.0 MEDIUM | N/A |
| Oracle Listener in Oracle 7.3 and 8i allows remote attackers to cause a denial of service via a malformed connection packet with a large offset_to_data value. | |||||
| CVE-2001-0516 | 1 Oracle | 2 Oracle8i, Oracle9i | 2008-09-10 | 5.0 MEDIUM | N/A |
| Oracle listener between Oracle 9i and Oracle 8.0 allows remote attackers to cause a denial of service via a malformed connection packet that contains an incorrect requester_version value that does not match an expected offset to the data. | |||||
| CVE-2001-0534 | 2 Lucent, Merit | 2 Radius, Radius | 2008-09-10 | 10.0 HIGH | N/A |
| Multiple buffer overflows in RADIUS daemon radiusd in (1) Merit 3.6b and (2) Lucent 2.1-2 RADIUS allow remote attackers to cause a denial of service or execute arbitrary commands. | |||||
| CVE-2001-0556 | 1 Nedit | 1 Nedit | 2008-09-10 | 7.2 HIGH | N/A |
| The Nirvana Editor (NEdit) 5.1.1 and earlier allows a local attacker to overwrite other users' files via a symlink attack on (1) backup files or (2) temporary files used when nedit prints a file or portions of a file. | |||||
| CVE-2001-0580 | 1 Hughes Technologies | 1 Dsl Vdns | 2008-09-10 | 5.0 MEDIUM | N/A |
| Hughes Technologies Virtual DNS (VDNS) Server 1.0 allows a remote attacker to create a denial of service by connecting to port 6070, sending some data, and closing the connection. | |||||
| CVE-2001-0588 | 1 Sco | 1 Openserver | 2008-09-10 | 4.6 MEDIUM | N/A |
| sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO OpenServer 5.0.6, can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command. | |||||
| CVE-2001-0619 | 1 Lucent | 1 Orinoco | 2008-09-10 | 7.5 HIGH | N/A |
| The Lucent Closed Network protocol can allow remote attackers to join Closed Network networks which they do not have access to. The 'Network Name' or SSID, which is used as a shared secret to join the network, is transmitted in the clear. | |||||
| CVE-2001-0744 | 1 Horde | 1 Imp | 2008-09-10 | 2.1 LOW | N/A |
| Horde IMP 2.2.4 and earlier allows local users to overwrite files via a symlink attack on a temporary file. | |||||
| CVE-2001-0010 | 1 Isc | 1 Bind | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in transaction signature (TSIG) handling code in BIND 8 allows remote attackers to gain root privileges. | |||||
| CVE-2001-0011 | 1 Isc | 1 Bind | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | |||||
| CVE-2001-0012 | 1 Isc | 1 Bind | 2008-09-10 | 5.0 MEDIUM | N/A |
| BIND 4 and BIND 8 allow remote attackers to access sensitive information such as environment variables. | |||||
| CVE-2001-0013 | 1 Isc | 1 Bind | 2008-09-10 | 10.0 HIGH | N/A |
| Format string vulnerability in nslookupComplain function in BIND 4 allows remote attackers to gain root privileges. | |||||
| CVE-2001-0282 | 1 Guido Frassetto | 1 Sedum | 2008-09-10 | 10.0 HIGH | N/A |
| SEDUM 2.1 HTTP server allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP request. | |||||
| CVE-2001-0284 | 1 Openbsd | 1 Openbsd | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header (AH) IPv4 option. | |||||
| CVE-2001-0329 | 1 Mozilla | 1 Bugzilla | 2008-09-10 | 7.5 HIGH | N/A |
| Bugzilla 2.10 allows remote attackers to execute arbitrary commands via shell metacharacters in a username that is then processed by (1) the Bugzilla_login cookie in post_bug.cgi, or (2) the who parameter in process_bug.cgi. | |||||
| CVE-2001-0352 | 2 3com, Symbol | 2 3crwe747a, 41x1 Access Point | 2008-09-10 | 5.0 MEDIUM | N/A |
| SNMP agents in 3Com AirConnect AP-4111 and Symbol 41X1 Access Point allow remote attackers to obtain the WEP encryption key by reading it from a MIB when the value should be write-only, via (1) dot11WEPDefaultKeyValue in the dot11WEPDefaultKeysTable of the IEEE 802.11b MIB, or (2) ap128bWepKeyValue in the ap128bWEPKeyTable in the Symbol MIB. | |||||
| CVE-2001-0391 | 1 Imatix | 1 Xitami | 2008-09-10 | 5.0 MEDIUM | N/A |
| Xitami 2.5d4 and earlier allows remote attackers to crash the server via an HTTP request to the /aux directory. | |||||
| CVE-2001-0443 | 1 Qpc Software | 2 Qvt Net, Qvt Term Plus | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in QPC QVT/Net Popd 4.20 in QVT/Net 5.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via (1) a long username, or (2) a long password. | |||||
| CVE-2000-1117 | 1 Ibm | 1 Lotus Notes | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 allows malicious web site operators to determine the existence of files on the client by measuring delays in the execution of the getSystemResource method. | |||||
| CVE-2000-1150 | 1 Xavier Ducrohet | 1 Felix | 2008-09-10 | 5.0 MEDIUM | N/A |
| Felix IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL. | |||||
| CVE-2000-1151 | 1 Abisoft | 1 Baxter | 2008-09-10 | 5.0 MEDIUM | N/A |
| Baxter IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL. | |||||
| CVE-2000-1153 | 1 Kenny Carruthers | 1 Postmaster | 2008-09-10 | 5.0 MEDIUM | N/A |
| PostMaster 1.0 in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL. | |||||
| CVE-2000-1154 | 1 Joe Kloss | 1 Robinhood | 2008-09-10 | 5.0 MEDIUM | N/A |
| RHConsole in RobinHood 1.1 web server in BeOS r5 pro and earlier allows remote attackers to cause a denial of service via long HTTP request. | |||||
| CVE-2000-1155 | 1 Joe Kloss | 1 Robinhood | 2008-09-10 | 5.0 MEDIUM | N/A |
| RHDaemon in RobinHood 1.1 web server in BeOS r5 pro and earlier allows remote attackers to cause a denial of service via long HTTP request. | |||||
| CVE-2000-1183 | 1 Nec | 1 Socks 5 | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in socks5 server on Linux allows attackers to execute arbitrary commands via a long connection request. | |||||
| CVE-2000-1188 | 1 I-soft | 1 Quikstore | 2008-09-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Quikstore shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "page" parameter. | |||||
| CVE-2000-1192 | 1 Btt Software | 1 Snmp Trap Watcher | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in BTT Software SNMP Trap Watcher 1.16 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string trap. | |||||
| CVE-2000-1236 | 1 Oracle | 1 Application Server | 2008-09-10 | 7.5 HIGH | N/A |
| SQL injection vulnerability in mod_sql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allows remote attackers to execute arbitrary SQL commands via the query string of the URL. | |||||
| CVE-2000-0535 | 2 Freebsd, Openssl | 2 Freebsd, Openssl | 2008-09-10 | 5.0 MEDIUM | N/A |
| OpenSSL 0.9.4 and OpenSSH for FreeBSD do not properly check for the existence of the /dev/random or /dev/urandom devices, which are absent on FreeBSD Alpha systems, which causes them to produce weak keys which may be more easily broken. | |||||
| CVE-2000-0544 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2008-09-10 | 5.0 MEDIUM | N/A |
| Windows NT and Windows 2000 hosts allow a remote attacker to cause a denial of service via malformed DCE/RPC SMBwriteX requests that contain an invalid data length. | |||||
| CVE-2000-0545 | 1 Sgi | 1 Mailx | 2008-09-10 | 4.6 MEDIUM | N/A |
| Buffer overflow in mailx mail command (aka Mail) on Linux systems allows local users to gain privileges via a long -c (carbon copy) parameter. | |||||
| CVE-2000-0554 | 1 Lilikoi | 1 Ceilidh | 2008-09-10 | 5.0 MEDIUM | N/A |
| Ceilidh allows remote attackers to obtain the real path of the Ceilidh directory via the translated_path hidden form field. | |||||
| CVE-2000-0558 | 1 Hp | 1 Openview Network Node Manager | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in HP Openview Network Node Manager 6.1 allows remote attackers to execute arbitrary commands via the Alarm service (OVALARMSRV) on port 2345. | |||||
| CVE-2000-0562 | 1 Iss | 2 Blackice Agent, Blackice Defender | 2008-09-10 | 7.5 HIGH | N/A |
| BlackIce Defender 2.1 and earlier, and BlackIce Pro 2.0.23 and earlier, do not properly block Back Orifice traffic when the security setting is Nervous or lower. | |||||
| CVE-2000-0564 | 1 Mirabilis | 1 Icq | 2008-09-10 | 5.0 MEDIUM | N/A |
| The guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, and others allows remote attackers to cause a denial of service via a URL with a long name parameter. | |||||
| CVE-2000-0568 | 1 Sybergen | 1 Secure Desktop | 2008-09-10 | 5.0 MEDIUM | N/A |
| Sybergen Secure Desktop 2.1 does not properly protect against false router advertisements (ICMP type 9), which allows remote attackers to modify default routes. | |||||
| CVE-2000-0572 | 1 Visible Systems | 1 Razor | 2008-09-10 | 4.6 MEDIUM | N/A |
| The Razor configuration management tool uses weak encryption for its password file, which allows local users to gain privileges. | |||||
| CVE-2000-0574 | 2 Openbsd, Washington University | 2 Ftpd, Wu-ftpd | 2008-09-10 | 5.0 MEDIUM | N/A |
| FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untrusted format strings that are used in the setproctitle function (sometimes called by set_proc_title), which allows remote attackers to cause a denial of service or execute arbitrary commands. | |||||
| CVE-2000-0576 | 1 Oracle | 1 Web Listener | 2008-09-10 | 5.0 MEDIUM | N/A |
| Oracle Web Listener for AIX versions 4.0.7.0.0 and 4.0.8.1.0 allows remote attackers to cause a denial of service via a malformed URL. | |||||
| CVE-2000-0577 | 1 Netscape | 1 Professional Services Ftpserver | 2008-09-10 | 10.0 HIGH | N/A |
| Netscape Professional Services FTP Server 1.3.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0578 | 1 Sgi | 1 Mipspro Compilers | 2008-09-10 | 3.7 LOW | N/A |
| SGI MIPSPro compilers C, C++, F77 and F90 generate temporary files in /tmp with predictable file names, which could allow local users to insert malicious contents into these files as they are being compiled by another user. | |||||
| CVE-2000-0579 | 1 Sgi | 1 Irix | 2008-09-10 | 3.7 LOW | N/A |
| IRIX crontab creates temporary files with predictable file names and with the umask of the user, which could allow local users to modify another user's crontab file as it is being edited. | |||||
| CVE-2000-0580 | 1 Microsoft | 1 Windows 2000 | 2008-09-10 | 5.0 MEDIUM | N/A |
| Windows 2000 Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros to various TCP and UDP ports, which significantly increases the CPU utilization. | |||||
| CVE-2000-0581 | 1 Microsoft | 1 Windows 2000 | 2008-09-10 | 5.0 MEDIUM | N/A |
| Windows 2000 Telnet Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros, which causes the server to crash. | |||||