Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0779 | 1 Checkpoint | 1 Firewall-1 | 2008-09-10 | 7.5 HIGH | N/A |
| Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows remote attackers to bypass access restrictions and connect to a RSH/REXEC client via malformed connection requests. | |||||
| CVE-2000-0787 | 1 Xchat | 1 Xchat | 2008-09-10 | 7.5 HIGH | N/A |
| IRC Xchat client versions 1.4.2 and earlier allows remote attackers to execute arbitrary commands by encoding shell metacharacters into a URL which XChat uses to launch a web browser. | |||||
| CVE-2000-0800 | 1 Suse | 1 Suse Linux | 2008-09-10 | 10.0 HIGH | N/A |
| String parsing error in rpc.kstatd in the linuxnfs or knfsd packages in SuSE and possibly other Linux systems allows remote attackers to gain root privileges. | |||||
| CVE-2000-0283 | 1 Sgi | 1 Irix | 2008-09-10 | 6.4 MEDIUM | N/A |
| The default installation of IRIX Performance Copilot allows remote attackers to access sensitive system information via the pmcd daemon. | |||||
| CVE-2000-0284 | 1 University Of Washington | 1 Imap | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands. | |||||
| CVE-2000-0285 | 1 Xfree86 Project | 1 X11r6 | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in XFree86 3.3.x allows local users to execute arbitrary commands via a long -xkbmap parameter. | |||||
| CVE-2000-0286 | 1 Redhat | 1 Linux | 2008-09-10 | 2.1 LOW | N/A |
| X fontserver xfs allows local users to cause a denial of service via malformed input to the server. | |||||
| CVE-2000-0287 | 1 Cnc | 1 Technology Bizdb | 2008-09-10 | 10.0 HIGH | N/A |
| The BizDB CGI script bizdb-search.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the dbname parameter. | |||||
| CVE-2000-0288 | 2008-09-10 | 5.0 MEDIUM | N/A | ||
| Infonautics getdoc.cgi allows remote attackers to bypass the payment phase for accessing documents via a modified form variable. | |||||
| CVE-2000-0289 | 3 Debian, Linux, Redhat | 3 Debian Linux, Linux Kernel, Linux | 2008-09-10 | 5.0 MEDIUM | N/A |
| IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal interface by modifying the external source IP address and port number to match those of an established connection. | |||||
| CVE-2000-0291 | 1 Sun | 1 Staroffice | 2008-09-10 | 4.6 MEDIUM | N/A |
| Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document. | |||||
| CVE-2000-0292 | 1 Adtran | 1 Mx2800 | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Adtran MX2800 M13 Multiplexer allows remote attackers to cause a denial of service via a ping flood to the Ethernet interface, which causes the device to crash. | |||||
| CVE-2000-0293 | 1 Suse | 1 Suse Linux | 2008-09-10 | 2.1 LOW | N/A |
| aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa_base when it deletes expired files from the /tmp directory. | |||||
| CVE-2000-0294 | 1 Jim Housley | 1 Healthd | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in healthd for FreeBSD allows local users to gain root privileges. | |||||
| CVE-2000-0296 | 1 Michael A. Gumienny | 1 Fcheck | 2008-09-10 | 7.2 HIGH | N/A |
| fcheck allows local users to gain privileges by embedding shell metacharacters into file names that are processed by fcheck. | |||||
| CVE-2000-0297 | 1 Allaire | 1 Forums | 2008-09-10 | 6.4 MEDIUM | N/A |
| Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables. | |||||
| CVE-2000-0299 | 1 Apple | 1 Webobjects | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in WebObjects.exe in the WebObjects Developer 4.5 package allows remote attackers to cause a denial of service via an HTTP request with long headers such as Accept. | |||||
| CVE-2000-0300 | 1 Symantec | 1 Pcanywhere | 2008-09-10 | 10.0 HIGH | N/A |
| The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers to sniff and decrypt PcAnywhere or NT domain accounts. | |||||
| CVE-2000-0303 | 1 Id Software | 1 Quake 3 Arena | 2008-09-10 | 6.4 MEDIUM | N/A |
| Quake3 Arena allows malicious server operators to read or modify files on a client via a dot dot (..) attack. | |||||
| CVE-2000-0309 | 1 Openbsd | 1 Openbsd | 2008-09-10 | 2.1 LOW | N/A |
| The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service. | |||||
| CVE-2000-0310 | 1 Openbsd | 1 Openbsd | 2008-09-10 | 5.0 MEDIUM | N/A |
| IP fragment assembly in OpenBSD 2.4 allows a remote attacker to cause a denial of service by sending a large number of fragmented packets. | |||||
| CVE-2000-0313 | 1 Openbsd | 1 Openbsd | 2008-09-10 | 4.6 MEDIUM | N/A |
| Vulnerability in OpenBSD 2.6 allows a local user to change interface media configurations. | |||||
| CVE-2000-0318 | 1 Atrium Software | 1 Mercur Mailserver | 2008-09-10 | 7.5 HIGH | N/A |
| Atrium Mercur Mail Server 3.2 allows local attackers to read other user's email and create arbitrary files via a dot dot (..) attack. | |||||
| CVE-2000-0319 | 1 Eric Allman | 1 Sendmail | 2008-09-10 | 5.0 MEDIUM | N/A |
| mail.local in Sendmail 8.10.x does not properly identify the .\n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 2047 characters long and ends in .\n. | |||||
| CVE-2000-0320 | 2 Qualcomm, Sun | 3 Qpopper, Cobalt Raq 2, Cobalt Raq 3i | 2008-09-10 | 5.0 MEDIUM | N/A |
| Qpopper 2.53 and 3.0 does not properly identify the \n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 1023 characters long and ends in \n. | |||||
| CVE-2000-0321 | 1 Icradius | 1 Icradius | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in IC Radius package allows a remote attacker to cause a denial of service via a long user name. | |||||
| CVE-2000-0324 | 1 Symantec | 1 Pcanywhere | 2008-09-10 | 5.0 MEDIUM | N/A |
| pcAnywhere 8.x and 9.0 allows remote attackers to cause a denial of service via a TCP SYN scan, e.g. by nmap. | |||||
| CVE-2000-0326 | 1 On Technology | 1 Meeting Maker | 2008-09-10 | 5.0 MEDIUM | N/A |
| Meeting Maker uses weak encryption (a polyalphabetic substitution cipher) for passwords, which allows remote attackers to sniff and decrypt passwords for Meeting Maker accounts. | |||||
| CVE-2000-0332 | 1 Ultrascripts | 1 Ultraboard | 2008-09-10 | 5.0 MEDIUM | N/A |
| UltraBoard.pl or UltraBoard.cgi CGI scripts in UltraBoard 1.6 allows remote attackers to read arbitrary files via a pathname string that includes a dot dot (..) and ends with a null byte. | |||||
| CVE-2000-0333 | 2 Ethereal Group, Lbl | 2 Ethereal, Tcpdump | 2008-09-10 | 5.0 MEDIUM | N/A |
| tcpdump, Ethereal, and other sniffer packages allow remote attackers to cause a denial of service via malformed DNS packets in which a jump offset refers to itself, which causes tcpdump to enter an infinite loop while decompressing the packet. | |||||
| CVE-2000-0334 | 1 Allaire | 1 Spectra | 2008-09-10 | 2.1 LOW | N/A |
| The Allaire Spectra container editor preview tool does not properly enforce object security, which allows an attacker to conduct unauthorized activities via an object-method that is added to the container object with a publishing rule. | |||||
| CVE-2000-0335 | 2 Gnu, Isc | 2 Glibc, Bind | 2008-09-10 | 7.5 HIGH | N/A |
| The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results. | |||||
| CVE-2000-0336 | 4 Mandrakesoft, Openldap, Redhat and 1 more | 4 Mandrake Linux, Openldap, Linux and 1 more | 2008-09-10 | 2.1 LOW | N/A |
| Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack. | |||||
| CVE-2000-0338 | 1 Cvs | 1 Cvs | 2008-09-10 | 5.0 MEDIUM | N/A |
| Concurrent Versions Software (CVS) uses predictable temporary file names for locking, which allows local users to cause a denial of service by creating the lock directory before it is created for use by a legitimate CVS user. | |||||
| CVE-2000-0339 | 1 Zonelabs | 1 Zonealarm | 2008-09-10 | 7.5 HIGH | N/A |
| ZoneAlarm 2.1.10 and earlier does not filter UDP packets with a source port of 67, which allows remote attackers to bypass the firewall rules. | |||||
| CVE-2000-0340 | 1 Suse | 1 Suse Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in Gnomelib in SuSE Linux 6.3 allows local users to execute arbitrary commands via the DISPLAY environmental variable. | |||||
| CVE-2000-0342 | 1 Qualcomm | 1 Eudora | 2008-09-10 | 5.0 MEDIUM | N/A |
| Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment." | |||||
| CVE-2000-0343 | 1 Brecht Claerhout | 1 Sniffit | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in Sniffit 0.3.x with the -L logging option enabled allows remote attackers to execute arbitrary commands via a long MAIL FROM mail header. | |||||
| CVE-2000-0344 | 1 Linux | 1 Linux Kernel | 2008-09-10 | 5.0 MEDIUM | N/A |
| The knfsd NFS server in Linux kernel 2.2.x allows remote attackers to cause a denial of service via a negative size value. | |||||
| CVE-2000-0345 | 1 Cisco | 7 Ios, Router 2500, Router 2600 and 4 more | 2008-09-10 | 2.1 LOW | N/A |
| The on-line help system options in Cisco routers allows non-privileged users without "enabled" access to obtain sensitive information via the show command. | |||||
| CVE-2000-0350 | 1 Networkice | 1 Icecap Manager | 2008-09-10 | 5.0 MEDIUM | N/A |
| A debugging feature in NetworkICE ICEcap 2.0.23 and earlier is enabled, which allows a remote attacker to bypass the weak authentication and post unencrypted events. | |||||
| CVE-2000-0352 | 1 University Of Washington | 1 Pine | 2008-09-10 | 10.0 HIGH | N/A |
| Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remote attackers to execute arbitrary commands via a malformed URL. | |||||
| CVE-2000-0353 | 1 University Of Washington | 1 Pine | 2008-09-10 | 10.0 HIGH | N/A |
| Pine 4.x allows a remote attacker to execute arbitrary commands via an index.html file which executes lynx and obtains a uudecoded file from a malicious web server, which is then executed by Pine. | |||||
| CVE-2000-0354 | 1 Lee Mcloughlin | 1 Mirror | 2008-09-10 | 5.0 MEDIUM | N/A |
| mirror 2.8.x in Linux systems allows remote attackers to create files one level above the local target directory. | |||||
| CVE-2000-0355 | 3 Bent Bagger, Redhat, Suse | 3 Pbpg, Linux, Suse Linux | 2008-09-10 | 7.5 HIGH | N/A |
| pg and pb in SuSE pbpg 1.x package allows an attacker to read arbitrary files. | |||||
| CVE-2000-0356 | 1 Redhat | 1 Linux | 2008-09-10 | 4.6 MEDIUM | N/A |
| Pluggable Authentication Modules (PAM) in Red Hat Linux 6.1 does not properly lock access to disabled NIS accounts. | |||||
| CVE-2000-0357 | 1 Redhat | 1 Linux | 2008-09-10 | 7.5 HIGH | N/A |
| ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys. | |||||
| CVE-2000-0358 | 1 Redhat | 1 Linux | 2008-09-10 | 5.0 MEDIUM | N/A |
| ORBit and gnome-session in Red Hat Linux 6.1 allows remote attackers to crash a program. | |||||
| CVE-2000-0359 | 1 Acme Labs | 1 Thttpd | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in Trivial HTTP (THTTPd) allows remote attackers to cause a denial of service or execute arbitrary commands via a long If-Modified-Since header. | |||||
| CVE-2000-0360 | 1 Isc | 1 Inn | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in INN 2.2.1 and earlier allows remote attackers to cause a denial of service via a maliciously formatted article. | |||||