Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0440 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2008-09-10 | 5.0 MEDIUM | N/A |
| NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet with an unaligned IP timestamp option. | |||||
| CVE-2000-0441 | 1 Ibm | 1 Aix | 2008-09-10 | 5.0 MEDIUM | N/A |
| Vulnerability in AIX 3.2.x and 4.x allows local users to gain write access to files on locally or remotely mounted AIX filesystems. | |||||
| CVE-2000-0442 | 2 Qualcomm, Sun | 3 Qpopper, Cobalt Raq 2, Cobalt Raq 3i | 2008-09-10 | 7.5 HIGH | N/A |
| Qpopper 2.53 and earlier allows local users to gain privileges via a formatting string in the From: header, which is processed by the euidl command. | |||||
| CVE-2000-0443 | 1 Hp | 1 Jetadmin | 2008-09-10 | 7.5 HIGH | N/A |
| The web interface server in HP Web JetAdmin 5.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0444 | 1 Hp | 1 Jetadmin | 2008-09-10 | 5.0 MEDIUM | N/A |
| HP Web JetAdmin 6.0 allows remote attackers to cause a denial of service via a malformed URL to port 8000. | |||||
| CVE-2000-0445 | 1 Pgp | 1 Pgp | 2008-09-10 | 2.1 LOW | N/A |
| The pgpk command in PGP 5.x on Unix systems uses an insufficiently random data source for non-interactive key pair generation, which may produce predictable keys. | |||||
| CVE-2000-0446 | 1 Marty Bochane | 1 Mdbms | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in MDBMS database server allows remote attackers to execute arbitrary commands via a long string. | |||||
| CVE-2000-0447 | 1 Network Associates | 1 Webshield | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in WebShield SMTP 4.5.44 allows remote attackers to execute arbitrary commands via a long configuration parameter to the WebShield remote management service. | |||||
| CVE-2000-0448 | 1 Network Associates | 1 Webshield | 2008-09-10 | 5.0 MEDIUM | N/A |
| The WebShield SMTP Management Tool version 4.5.44 does not properly restrict access to the management port when an IP address does not resolve to a hostname, which allows remote attackers to access the configuration via the GET_CONFIG command. | |||||
| CVE-2000-0449 | 1 Omnis | 1 Studio | 2008-09-10 | 10.0 HIGH | N/A |
| Omnis Studio 2.4 uses weak encryption (trivial encoding) for encrypting database fields. | |||||
| CVE-2000-0450 | 1 Sean Macguire | 1 Big Brother | 2008-09-10 | 7.5 HIGH | N/A |
| Vulnerability in bbd server in Big Brother System and Network Monitor allows an attacker to execute arbitrary commands. | |||||
| CVE-2000-0451 | 1 Intel | 1 Express 8100 | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Intel express 8100 ISDN router allows remote attackers to cause a denial of service via oversized or fragmented ICMP packets. | |||||
| CVE-2000-0452 | 1 Lotus | 2 Domino Enterprise Server, Domino Mail Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in the ESMTP service of Lotus Domino Server 5.0.1 allows remote attackers to cause a denial of service via a long MAIL FROM command. | |||||
| CVE-2000-0453 | 1 Xfree86 Project | 1 X11r6 | 2008-09-10 | 5.0 MEDIUM | N/A |
| XFree86 3.3.x and 4.0 allows a user to cause a denial of service via a negative counter value in a malformed TCP packet that is sent to port 6000. | |||||
| CVE-2000-0454 | 1 Mandrakesoft | 1 Mandrake Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter. | |||||
| CVE-2000-0455 | 1 David Bagley | 1 Xlock | 2008-09-10 | 2.1 LOW | N/A |
| Buffer overflow in xlockmore xlock program version 4.16 and earlier allows local users to read sensitive data from memory via a long -mode option. | |||||
| CVE-2000-0456 | 1 Netbsd | 1 Netbsd | 2008-09-10 | 2.1 LOW | N/A |
| NetBSD 1.4.2 and earlier allows local users to cause a denial of service by repeatedly running certain system calls in the kernel which do not yield the CPU, aka "cpu-hog". | |||||
| CVE-2000-0460 | 1 Kde | 1 Kde | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable. | |||||
| CVE-2000-0461 | 2 Freebsd, Netbsd | 2 Freebsd, Netbsd | 2008-09-10 | 2.1 LOW | N/A |
| The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call. | |||||
| CVE-2000-0462 | 1 Netbsd | 1 Netbsd | 2008-09-10 | 2.1 LOW | N/A |
| ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory. | |||||
| CVE-2000-0463 | 1 Be | 1 Beos | 2008-09-10 | 5.0 MEDIUM | N/A |
| BeOS 5.0 allows remote attackers to cause a denial of service via fragmented TCP packets. | |||||
| CVE-2000-0467 | 1 Sam Lantinga | 1 Splitvt | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in Linux splitvt 1.6.3 and earlier allows local users to gain root privileges via a long password in the screen locking function. | |||||
| CVE-2000-0468 | 1 Hp | 1 Hp-ux | 2008-09-10 | 4.6 MEDIUM | N/A |
| man in HP-UX 10.20 and 11 allows local attackers to overwrite files via a symlink attack. | |||||
| CVE-2000-0469 | 1 Selena Sol | 1 Webbanner | 2008-09-10 | 5.1 MEDIUM | N/A |
| Selena Sol WebBanner 4.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0473 | 1 Analogx | 1 Simpleserver Www | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in AnalogX SimpleServer 1.05 allows a remote attacker to cause a denial of service via a long GET request for a program in the cgi-bin directory. | |||||
| CVE-2000-0476 | 4 Michael Jennings, Putty, Rxvt and 1 more | 4 Eterm, Putty, Rxvt and 1 more | 2008-09-10 | 5.0 MEDIUM | N/A |
| xterm, Eterm, and rxvt allow an attacker to cause a denial of service by embedding certain escape characters which force the window to be resized. | |||||
| CVE-2000-0491 | 3 Caldera, Gnome, Suse | 3 Openlinux, Gdm, Suse Linux | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request. | |||||
| CVE-2000-0492 | 1 Passwd | 1 Passwd | 2008-09-10 | 5.0 MEDIUM | N/A |
| PassWD 1.2 uses weak encryption (trivial encoding) to store passwords, which allows an attacker who can read the password file to easliy decrypt the passwords. | |||||
| CVE-2000-0494 | 1 Symantec Veritas | 1 Volume Manager | 2008-09-10 | 7.2 HIGH | N/A |
| Veritas Volume Manager creates a world writable .server_pids file, which allows local users to add arbitrary commands into the file, which is then executed by the vmsa_server script. | |||||
| CVE-2000-0497 | 1 Ibm | 1 Websphere Application Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| IBM WebSphere server 3.0.2 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case. | |||||
| CVE-2000-0504 | 3 Gnome, Open Group, Xfree86 Project | 3 Gdm, X, X11r6 | 2008-09-10 | 5.0 MEDIUM | N/A |
| libICE in XFree86 allows remote attackers to cause a denial of service by specifying a large value which is not properly checked by the SKIP_STRING macro. | |||||
| CVE-2000-0506 | 1 Linux | 1 Linux Kernel | 2008-09-10 | 10.0 HIGH | N/A |
| The "capabilities" feature in Linux before 2.2.16 allows local users to cause a denial of service or gain privileges by setting the capabilities to prevent a setuid program from dropping privileges, aka the "Linux kernel setuid/setcap vulnerability." | |||||
| CVE-2000-0526 | 1 3r Soft | 1 Mailstudio 2000 | 2008-09-10 | 5.0 MEDIUM | N/A |
| mailview.cgi CGI program in MailStudio 2000 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0527 | 1 3r Soft | 1 Mailstudio 2000 | 2008-09-10 | 10.0 HIGH | N/A |
| userreg.cgi CGI program in MailStudio 2000 2.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters. | |||||
| CVE-2000-0129 | 1 Microsoft | 3 Windows 95, Windows 98, Windows Nt | 2008-09-10 | 2.1 LOW | N/A |
| Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cause a denial of service by performing a LIST command on a malformed .lnk file. | |||||
| CVE-2000-0132 | 1 Microsoft | 1 Virtual Machine | 2008-09-10 | 2.6 LOW | N/A |
| Microsoft Java Virtual Machine allows remote attackers to read files via the getSystemResourceAsStream function. | |||||
| CVE-2000-0133 | 1 H. Nomura | 1 Tiny Ftpdaemon | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflows in Tiny FTPd 0.52 beta3 FTP server allows users to execute commands via the STOR, RNTO, MKD, XMKD, RMD, XRMD, APPE, SIZE, and RNFR commands. | |||||
| CVE-2000-0134 | 1 Adgrafix Corporation | 1 Check It Out | 2008-09-10 | 7.5 HIGH | N/A |
| The Check It Out shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0135 | 1 Atretail | 1 Atretail | 2008-09-10 | 7.5 HIGH | N/A |
| The @Retail shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0136 | 1 Mcmurtrey Whitaker And Associates | 1 Cart32 | 2008-09-10 | 7.5 HIGH | N/A |
| The Cart32 shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0137 | 1 Cartit | 1 Cartit | 2008-09-10 | 7.5 HIGH | N/A |
| The CartIt shopping cart application allows remote users to modify sensitive purchase information via hidden form fields. | |||||
| CVE-2000-0141 | 1 Infopop | 1 Ultimate Bulletin Board | 2008-09-10 | 10.0 HIGH | N/A |
| Infopop Ultimate Bulletin Board (UBB) allows remote attackers to execute commands via shell metacharacters in the topic hidden field. | |||||
| CVE-2000-0142 | 1 Netopia | 1 Timbuktu Pro | 2008-09-10 | 5.0 MEDIUM | N/A |
| The authentication protocol in Timbuktu Pro 2.0b650 allows remote attackers to cause a denial of service via connections to port 407 and 1417. | |||||
| CVE-2000-0143 | 2 Openbsd, Ssh | 2 Openssh, Ssh | 2008-09-10 | 4.6 MEDIUM | N/A |
| The SSH protocol server sshd allows local users without shell access to redirect a TCP connection through a service that uses the standard system password database for authentication, such as POP or FTP. | |||||
| CVE-2000-0144 | 1 Axis | 1 700 Network Document Server | 2008-09-10 | 7.5 HIGH | N/A |
| Axis 700 Network Scanner does not properly restrict access to administrator URLs, which allows users to bypass the password protection via a .. (dot dot) attack. | |||||
| CVE-2000-0145 | 1 Debian | 1 Debian Linux | 2008-09-10 | 7.5 HIGH | N/A |
| The libguile.so library file used by gnucash in Debian GNU/Linux is installed with world-writable permissions. | |||||
| CVE-2000-0146 | 1 Novell | 1 Groupwise | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Java Server in the Novell GroupWise Web Access Enhancement Pack allows remote attackers to cause a denial of service via a long URL to the servlet. | |||||
| CVE-2000-0151 | 1 Gnu | 1 Make | 2008-09-10 | 6.2 MEDIUM | N/A |
| GNU make follows symlinks when it reads a Makefile from stdin, which allows other local users to execute commands. | |||||
| CVE-2000-0152 | 1 Novell | 1 Bordermanager | 2008-09-10 | 5.0 MEDIUM | N/A |
| Remote attackers can cause a denial of service in Novell BorderManager 3.5 by pressing the enter key in a telnet connection to port 2000. | |||||
| CVE-2000-0153 | 1 Microsoft | 2 Frontpage, Personal Web Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attack. | |||||