Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0361 | 1 Suse | 1 Suse Linux | 2008-09-10 | 2.1 LOW | N/A |
| The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a .config file with world readable permissions, which allows a local attacker in the dialout group to access login and password information. | |||||
| CVE-2000-0362 | 1 Suse | 1 Suse Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflows in Linux cdwtools 093 and earlier allows local users to gain root privileges. | |||||
| CVE-2000-0363 | 1 Suse | 1 Suse Linux | 2008-09-10 | 6.2 MEDIUM | N/A |
| Linux cdwtools 093 and earlier allows local users to gain root privileges via the /tmp directory. | |||||
| CVE-2000-0366 | 1 Debian | 1 Debian Linux | 2008-09-10 | 2.1 LOW | N/A |
| dump in Debian GNU/Linux 2.1 does not properly restore symlinks, which allows a local user to modify the ownership of arbitrary files. | |||||
| CVE-2000-0367 | 1 Michael Jennings | 1 Eterm | 2008-09-10 | 7.2 HIGH | N/A |
| Vulnerability in eterm 0.8.8 in Debian GNU/Linux allows an attacker to gain root privileges. | |||||
| CVE-2000-0369 | 1 Caldera | 1 Openlinux | 2008-09-10 | 5.0 MEDIUM | N/A |
| The IDENT server in Caldera Linux 2.3 creates multiple threads for each IDENT request, which allows remote attackers to cause a denial of service. | |||||
| CVE-2000-0370 | 1 Caldera | 1 Openlinux | 2008-09-10 | 10.0 HIGH | N/A |
| The debug option in Caldera Linux smail allows remote attackers to execute commands via shell metacharacters in the -D option for the rmail command. | |||||
| CVE-2000-0371 | 1 Kde | 1 Kde | 2008-09-10 | 1.2 LOW | N/A |
| The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack. | |||||
| CVE-2000-0375 | 1 Freebsd | 1 Freebsd | 2008-09-10 | 2.1 LOW | N/A |
| The kernel in FreeBSD 3.2 follows symbolic links when it creates core dump files, which allows local attackers to modify arbitrary files. | |||||
| CVE-2000-0376 | 1 I-drive | 1 Filo | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in the HTTP proxy server for the i-drive Filo software allows remote attackers to execute arbitrary commands via a long HTTP GET request. | |||||
| CVE-2000-0378 | 1 Redhat | 1 Linux | 2008-09-10 | 7.2 HIGH | N/A |
| The pam_console PAM module in Linux systems performs a chown on various devices upon a user login, but an open file descriptor for those devices can be maintained after the user logs out, which allows that user to sniff activity on these devices when subsequent users log in. | |||||
| CVE-2000-0379 | 1 Netopia | 1 R-series Routers | 2008-09-10 | 3.6 LOW | N/A |
| The Netopia R9100 router does not prevent authenticated users from modifying SNMP tables, even if the administrator has configured it to do so. | |||||
| CVE-2000-0381 | 1 Gossamer Threads | 1 Dbman | 2008-09-10 | 6.4 MEDIUM | N/A |
| The Gossamer Threads DBMan db.cgi CGI script allows remote attackers to view environmental variables and setup information by referencing a non-existing database in the db parameter. | |||||
| CVE-2000-0382 | 1 Allaire | 1 Clustercats | 2008-09-10 | 2.6 LOW | N/A |
| ColdFusion ClusterCATS appends stale query string arguments to a URL during HTML redirection, which may provide sensitive information to the redirected site. | |||||
| CVE-2000-0383 | 1 Aol | 1 Instant Messenger | 2008-09-10 | 5.0 MEDIUM | N/A |
| The file transfer component of AOL Instant Messenger (AIM) reveals the physical path of the transferred file to the remote recipient. | |||||
| CVE-2000-0385 | 1 Filemaker | 1 Filemaker | 2008-09-10 | 5.0 MEDIUM | N/A |
| FileMaker Pro 5 Web Companion allows remote attackers to bypass Field-Level database security restrictions via the XML publishing or email capabilities. | |||||
| CVE-2000-0386 | 1 Filemaker | 1 Filemaker | 2008-09-10 | 7.5 HIGH | N/A |
| FileMaker Pro 5 Web Companion allows remote attackers to send anonymous or forged email. | |||||
| CVE-2000-0387 | 1 Alexander Siegel | 1 Golddig | 2008-09-10 | 2.1 LOW | N/A |
| The makelev program in the golddig game from the FreeBSD ports collection allows local users to overwrite arbitrary files. | |||||
| CVE-2000-0388 | 1 Freebsd | 1 Freebsd | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in FreeBSD libmytinfo library allows local users to execute commands via a long TERMCAP environmental variable. | |||||
| CVE-2000-0393 | 1 Kde | 1 Kde | 2008-09-10 | 7.2 HIGH | N/A |
| The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute. | |||||
| CVE-2000-0395 | 1 Computalynx | 1 Cproxy Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in CProxy 3.3 allows remote users to cause a denial of service via a long HTTP request. | |||||
| CVE-2000-0396 | 1 Pacific Software | 1 Carello | 2008-09-10 | 5.0 MEDIUM | N/A |
| The add.exe program in the Carello shopping cart software allows remote attackers to duplicate files on the server, which could allow the attacker to read source code for web scripts such as .ASP files. | |||||
| CVE-2000-0397 | 1 Seattle Lab Software | 1 Emurl | 2008-09-10 | 5.0 MEDIUM | N/A |
| The EMURL web-based email account software encodes predictable identifiers in user session URLs, which allows a remote attacker to access a user's email account. | |||||
| CVE-2000-0398 | 1 Rockliffe | 1 Mailsite | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in wconsole.dll in Rockliffe MailSite Management Agent allows remote attackers to execute arbitrary commands via a long query_string parameter in the HTTP GET request. | |||||
| CVE-2000-0399 | 1 Alt-n | 1 Mdaemon | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in MDaemon POP server allows remote attackers to cause a denial of service via a long user name. | |||||
| CVE-2000-0405 | 1 Atstake | 1 Antisniff | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in L0pht AntiSniff allows remote attackers to execute arbitrary commands via a malformed DNS response packet. | |||||
| CVE-2000-0406 | 1 Netscape | 1 Communicator | 2008-09-10 | 2.6 LOW | N/A |
| Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to their own malicious server, aka the "Acros-Suencksen SSL" vulnerability. | |||||
| CVE-2000-0409 | 1 Netscape | 1 Communicator | 2008-09-10 | 3.7 LOW | N/A |
| Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate. | |||||
| CVE-2000-0410 | 1 Allaire | 1 Coldfusion Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| ColdFusion Server 4.5.1 allows remote attackers to cause a denial of service by making repeated requests to a CFCACHE tagged cache file that is not stored in memory. | |||||
| CVE-2000-0411 | 1 Matt Wright | 1 Formmail | 2008-09-10 | 5.0 MEDIUM | N/A |
| Matt Wright's FormMail CGI script allows remote attackers to obtain environmental variables via the env_report parameter. | |||||
| CVE-2000-0412 | 1 Napster | 1 Knapster | 2008-09-10 | 7.5 HIGH | N/A |
| The gnapster and knapster clients for Napster do not properly restrict access only to MP3 files, which allows remote attackers to read arbitrary files from the client by specifying the full pathname for the file. | |||||
| CVE-2000-0414 | 1 Hp | 2 Hp-ux, Vvos | 2008-09-10 | 4.6 MEDIUM | N/A |
| Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows local users to gain privileges via malformed input variables. | |||||
| CVE-2000-0416 | 1 Microsoft | 1 Windows 2000 | 2008-09-10 | 5.0 MEDIUM | N/A |
| NTMail 5.x allows network users to bypass the NTMail proxy restrictions by redirecting their requests to NTMail's web configuration server. | |||||
| CVE-2000-0417 | 1 Cayman | 2 3220-h Dsl Router, Gatorsurf | 2008-09-10 | 5.0 MEDIUM | N/A |
| The HTTP administration interface to the Cayman 3220-H DSL router allows remote attackers to cause a denial of service via a long username or password. | |||||
| CVE-2000-0418 | 1 Cayman | 2 3220-h Dsl Router, Gatorsurf | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Cayman 3220-H DSL router allows remote attackers to cause a denial of service via oversized ICMP echo (ping) requests. | |||||
| CVE-2000-0420 | 1 Microsoft | 1 Windows 2000 | 2008-09-10 | 7.2 HIGH | N/A |
| The default configuration of SYSKEY in Windows 2000 stores the startup key in the registry, which could allow an attacker tor ecover it and use it to decrypt Encrypted File System (EFS) data. | |||||
| CVE-2000-0421 | 1 Mozilla | 1 Bugzilla | 2008-09-10 | 7.5 HIGH | N/A |
| The process_bug.cgi script in Bugzilla allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0424 | 1 George Burgyan | 1 Cgi Counter | 2008-09-10 | 7.5 HIGH | N/A |
| The CGI counter 4.0.7 by George Burgyan allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0425 | 1 Lsoft | 1 Listserv | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in the Web Archives component of L-Soft LISTSERV 1.8 allows remote attackers to execute arbitrary commands. | |||||
| CVE-2000-0426 | 1 Ultrascripts | 1 Ultraboard | 2008-09-10 | 5.0 MEDIUM | N/A |
| UltraBoard 1.6 and other versions allow remote attackers to cause a denial of service by referencing UltraBoard in the Session parameter, which causes UltraBoard to fork copies of itself. | |||||
| CVE-2000-0427 | 1 Aladdin Knowledge Systems | 1 Etoken | 2008-09-10 | 4.6 MEDIUM | N/A |
| The Aladdin Knowledge Systems eToken device allows attackers with physical access to the device to obtain sensitive information without knowing the PIN of the owner by resetting the PIN in the EEPROM. | |||||
| CVE-2000-0428 | 1 Trend Micro | 1 Interscan Viruswall | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in the SMTP gateway for InterScan Virus Wall 3.32 and earlier allows a remote attacker to execute arbitrary commands via a long filename for a uuencoded attachment. | |||||
| CVE-2000-0431 | 1 Sun | 2 Cobalt Raq 2, Cobalt Raq 3i | 2008-09-10 | 7.5 HIGH | N/A |
| Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files. | |||||
| CVE-2000-0432 | 1 Matt Kruse | 1 Calendar Script | 2008-09-10 | 7.5 HIGH | N/A |
| The calender.pl and the calendar_admin.pl calendar scripts by Matt Kruse allow remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0433 | 1 Suse | 1 Suse Linux | 2008-09-10 | 4.6 MEDIUM | N/A |
| The SuSE aaa_base package installs some system accounts with home directories set to /tmp, which allows local users to gain privileges to those accounts by creating standard user startup scripts such as profiles. | |||||
| CVE-2000-0434 | 1 Matthew Redman | 1 Allmanage | 2008-09-10 | 7.5 HIGH | N/A |
| The administrative password for the Allmanage web site administration software is stored in plaintext in a file which could be accessed by remote attackers. | |||||
| CVE-2000-0435 | 1 Matthew Redman | 1 Allmanage | 2008-09-10 | 7.5 HIGH | N/A |
| The allmanageup.pl file upload CGI script in the Allmanage Website administration software 2.6 can be called directly by remote attackers, which allows them to modify user accounts or web pages. | |||||
| CVE-2000-0436 | 1 Metaproducts | 1 Offline Explorer | 2008-09-10 | 5.0 MEDIUM | N/A |
| MetaProducts Offline Explorer 1.2 and earlier allows remote attackers to access arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0437 | 1 Network Associates | 3 Gauntlet Firewall, Webshield, Webshield E-ppliance | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in the CyberPatrol daemon "cyberdaemon" used in gauntlet and WebShield allows remote attackers to cause a denial of service or execute arbitrary commands. | |||||
| CVE-2000-0438 | 4 Caldera, Slackware, Suse and 1 more | 4 Openlinux, Slackware Linux, Suse Linux and 1 more | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter. | |||||