Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0217 | 2 Openbsd, Ssh | 3 Openssh, Ssh, Ssh2 | 2008-09-10 | 5.1 MEDIUM | N/A |
| The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious xauth program. | |||||
| CVE-2000-0218 | 2 Caldera, Suse | 2 Openlinux, Suse Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long relative pathname. | |||||
| CVE-2000-0220 | 1 Zonelabs | 1 Zonealarm | 2008-09-10 | 5.0 MEDIUM | N/A |
| ZoneAlarm sends sensitive system and network information in cleartext to the Zone Labs server if a user requests more information about an event. | |||||
| CVE-2000-0221 | 1 Nortel | 1 Nautica Marlin | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Nautica Marlin bridge allows remote attackers to cause a denial of service via a zero length UDP packet to the SNMP port. | |||||
| CVE-2000-0223 | 1 Sam Hawker | 1 Wmcdplay | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in the wmcdplay CD player program for the WindowMaker desktop allows local users to gain root privileges via a long parameter. | |||||
| CVE-2000-0224 | 1 Sco | 1 Unixware | 2008-09-10 | 1.2 LOW | N/A |
| ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root privileges via a symlink attack. | |||||
| CVE-2000-0225 | 1 Deti Fliegl | 1 Poc32 | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Pocsag POC32 program does not properly prevent remote users from accessing its server port, even if the option has been disabled. | |||||
| CVE-2000-0229 | 4 Alessandro Rubini, Debian, Redhat and 1 more | 4 Gpm, Debian Linux, Linux and 1 more | 2008-09-10 | 7.2 HIGH | N/A |
| gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root. | |||||
| CVE-2000-0230 | 2 Halloween, Redhat | 2 Halloween Linux, Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script and a long HOME environmental variable. | |||||
| CVE-2000-0231 | 2 Halloween, Suse | 2 Halloween Linux, Suse Linux | 2008-09-10 | 7.2 HIGH | N/A |
| Linux kreatecd trusts a user-supplied path that is used to find the cdrecord program, allowing local users to gain root privileges. | |||||
| CVE-2000-0233 | 1 Suse | 1 Suse Linux Imap Server | 2008-09-10 | 10.0 HIGH | N/A |
| SuSE Linux IMAP server allows remote attackers to bypass IMAP authentication and gain privileges. | |||||
| CVE-2000-0234 | 1 Sun | 2 Cobalt Raq 2, Cobalt Raq 3i | 2008-09-10 | 5.0 MEDIUM | N/A |
| The default configuration of Cobalt RaQ2 and RaQ3 as specified in access.conf allows remote attackers to view sensitive contents of a .htaccess file. | |||||
| CVE-2000-0236 | 1 Netscape | 1 Enterprise Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Netscape Enterprise Server with Directory Indexing enabled allows remote attackers to list server directories via web publishing tags such as ?wp-ver-info and ?wp-cs-dump. | |||||
| CVE-2000-0237 | 1 Netscape | 1 Enterprise Server | 2008-09-10 | 6.4 MEDIUM | N/A |
| Netscape Enterprise Server with Web Publishing enabled allows remote attackers to list arbitrary directories via a GET request for the /publisher directory, which provides a Java applet that allows the attacker to browse the directories. | |||||
| CVE-2000-0238 | 1 Symantec | 1 Norton Antivirus | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in the web server for Norton AntiVirus for Internet Email Gateways allows remote attackers to cause a denial of service via a long URL. | |||||
| CVE-2000-0240 | 1 Vqsoft | 1 Vqserver | 2008-09-10 | 5.0 MEDIUM | N/A |
| vqSoft vqServer program allows remote attackers to read arbitrary files via a /........../ in the URL, a variation of a .. (dot dot) attack. | |||||
| CVE-2000-0241 | 1 Vqsoft | 1 Vqserver | 2008-09-10 | 5.0 MEDIUM | N/A |
| vqSoft vqServer stores sensitive information such as passwords in cleartext in the server.cfg file, which allows attackers to gain privileges. | |||||
| CVE-2000-0242 | 1 Geocel | 1 Windmail | 2008-09-10 | 5.0 MEDIUM | N/A |
| WindMail allows remote attackers to read arbitrary files or execute commands via shell metacharacters. | |||||
| CVE-2000-0244 | 1 Citrix | 2 Metaframe, Winframe | 2008-09-10 | 10.0 HIGH | N/A |
| The Citrix ICA (Independent Computing Architecture) protocol uses weak encryption (XOR) for user authentication. | |||||
| CVE-2000-0248 | 1 Redhat | 1 Linux | 2008-09-10 | 10.0 HIGH | N/A |
| The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote attackers to execute arbitrary commands. | |||||
| CVE-2000-0249 | 1 Ibm | 1 Aix | 2008-09-10 | 7.2 HIGH | N/A |
| The AIX Fast Response Cache Accelerator (FRCA) allows local users to modify arbitrary files via the configuration capability in the frcactrl program. | |||||
| CVE-2000-0250 | 1 Qnx | 1 Qnx | 2008-09-10 | 7.2 HIGH | N/A |
| The crypt function in QNX uses weak encryption, which allows local users to decrypt passwords. | |||||
| CVE-2000-0251 | 1 Hp | 2 Hp-ux, Vvos | 2008-09-10 | 5.0 MEDIUM | N/A |
| HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes via an interface that has multiple aliased IP addresses. | |||||
| CVE-2000-0255 | 1 Nbase-xyplex | 1 Edgeblaster | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Nbase-Xyplex EdgeBlaster router allows remote attackers to cause a denial of service via a scan for the FormMail CGI program. | |||||
| CVE-2000-0257 | 1 Novell | 1 Netware | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in the NetWare remote web administration utility allows remote attackers to cause a denial of service or execute commands via a long URL. | |||||
| CVE-2000-0261 | 1 Avm | 1 Ken | 2008-09-10 | 5.0 MEDIUM | N/A |
| The AVM KEN! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0262 | 1 Avm | 1 Ken | 2008-09-10 | 5.0 MEDIUM | N/A |
| The AVM KEN! ISDN Proxy server allows remote attackers to cause a denial of service via a malformed request. | |||||
| CVE-2000-0263 | 1 Redhat | 1 Linux | 2008-09-10 | 2.1 LOW | N/A |
| The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a malformed request. | |||||
| CVE-2000-0264 | 1 Panda | 1 Panda Security | 2008-09-10 | 2.1 LOW | N/A |
| Panda Security 3.0 with registry editing disabled allows users to edit the registry and gain privileges by directly executing a .reg file or using other methods. | |||||
| CVE-2000-0265 | 1 Panda | 1 Panda Security | 2008-09-10 | 4.6 MEDIUM | N/A |
| Panda Security 3.0 allows users to uninstall the Panda software via its Add/Remove Programs applet. | |||||
| CVE-2000-0267 | 1 Cisco | 1 Catos | 2008-09-10 | 4.6 MEDIUM | N/A |
| Cisco Catalyst 5.4.x allows a user to gain access to the "enable" mode without a password. | |||||
| CVE-2000-0268 | 1 Cisco | 12 3660 Router, 7100 Router, 7200 Router and 9 more | 2008-09-10 | 5.0 MEDIUM | N/A |
| Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of service by sending the ENVIRON option to the Telnet daemon before it is ready to accept it, which causes the system to reboot. | |||||
| CVE-2000-0269 | 1 Gnu | 1 Emacs | 2008-09-10 | 2.1 LOW | N/A |
| Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess. | |||||
| CVE-2000-0270 | 1 Gnu | 1 Emacs | 2008-09-10 | 3.6 LOW | N/A |
| The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack. | |||||
| CVE-2000-0271 | 1 Gnu | 1 Emacs | 2008-09-10 | 4.6 MEDIUM | N/A |
| read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords. | |||||
| CVE-2000-0273 | 1 Symantec | 1 Pcanywhere | 2008-09-10 | 5.0 MEDIUM | N/A |
| PCAnywhere allows remote attackers to cause a denial of service by terminating the connection before PCAnywhere provides a login prompt. | |||||
| CVE-2000-0274 | 1 Bray Systems | 1 Linux Trustees | 2008-09-10 | 2.1 LOW | N/A |
| The Linux trustees kernel patch allows attackers to cause a denial of service by accessing a file or directory with a long name. | |||||
| CVE-2000-0275 | 1 Cryptocard | 1 Cryptoadmin | 2008-09-10 | 2.1 LOW | N/A |
| CRYPTOCard CryptoAdmin for PalmOS uses weak encryption to store a user's PIN number, which allows an attacker with access to the .PDB file to generate valid PT-1 tokens after cracking the PIN. | |||||
| CVE-2000-0276 | 1 Be | 1 Beos | 2008-09-10 | 2.1 LOW | N/A |
| BeOS 4.5 and 5.0 allow local users to cause a denial of service via malformed direct system calls using interrupt 37. | |||||
| CVE-2000-0278 | 1 Saleslogix | 1 Corporation Eviewer | 2008-09-10 | 5.0 MEDIUM | N/A |
| The SalesLogix Eviewer allows remote attackers to cause a denial of service by accessing the URL for the slxweb.dll administration program, which does not authenticate the user. | |||||
| CVE-2000-0279 | 1 Be | 1 Beos | 2008-09-10 | 5.0 MEDIUM | N/A |
| BeOS allows remote attackers to cause a denial of service via malformed packets whose length field is less than the length of the headers. | |||||
| CVE-2000-0282 | 1 Talentsoft | 1 Web\+ | 2008-09-10 | 5.0 MEDIUM | N/A |
| TalentSoft webpsvr daemon in the Web+ shopping cart application allows remote attackers to read arbitrary files via a .. (dot dot) attack on the webplus CGI program. | |||||
| CVE-1999-1552 | 1 Ibm | 1 Aix | 2008-09-10 | 7.2 HIGH | N/A |
| dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and earlier does not properly check privileges, which allows local users to overwrite arbitrary files and gain privileges. | |||||
| CVE-2000-0008 | 1 1st Choice Software | 1 Ftppro | 2008-09-10 | 2.1 LOW | N/A |
| FTPPro allows local users to read sensitive information, which is stored in plain text. | |||||
| CVE-2000-0009 | 1 Nortel | 1 Optivity Net Architect | 2008-09-10 | 7.2 HIGH | N/A |
| The bna_pass program in Optivity NETarchitect uses the PATH environmental variable for finding the "rm" program, which allows local users to execute arbitrary commands. | |||||
| CVE-2000-0010 | 1 Tony Greenwood | 1 Webwho\+ | 2008-09-10 | 10.0 HIGH | N/A |
| WebWho+ whois.cgi program allows remote attackers to execute commands via shell metacharacters in the TLD parameter. | |||||
| CVE-2000-0011 | 1 Analogx | 1 Simpleserver Www | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in AnalogX SimpleServer:WWW HTTP server allows remote attackers to execute commands via a long GET request. | |||||
| CVE-2000-0012 | 1 Hughes | 1 Msql | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in w3-msql CGI program in miniSQL package allows remote attackers to execute commands. | |||||
| CVE-2000-0013 | 1 Sgi | 1 Irix | 2008-09-10 | 7.2 HIGH | N/A |
| IRIX soundplayer program allows local users to gain privileges by including shell metacharacters in a .wav file, which is executed via the midikeys program. | |||||
| CVE-2000-0014 | 1 Michael Lamont | 1 Savant Webserver | 2008-09-10 | 5.0 MEDIUM | N/A |
| Denial of service in Savant web server via a null character in the requested URL. | |||||