Search
Total
201818 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-0015 | 1 Ascend | 1 Cascadeview Ux | 2008-09-10 | 4.6 MEDIUM | N/A |
| CascadeView TFTP server allows local users to gain privileges via a symlink attack. | |||||
| CVE-2000-0016 | 1 True North | 1 Internet Anywhere Mail Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service or execute commands via a long username. | |||||
| CVE-2000-0017 | 1 Redhat | 1 Linux | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter. | |||||
| CVE-2000-0018 | 1 Windowmaker | 1 Wmmon | 2008-09-10 | 7.2 HIGH | N/A |
| wmmon in FreeBSD allows local users to gain privileges via the .wmmonrc configuration file. | |||||
| CVE-2000-0019 | 1 Ipswitch | 1 Imail | 2008-09-10 | 2.1 LOW | N/A |
| IMail POP3 daemon uses weak encryption, which allows local users to read files. | |||||
| CVE-2000-0020 | 1 Man And Mice | 1 Dns Pro | 2008-09-10 | 5.0 MEDIUM | N/A |
| DNS PRO allows remote attackers to conduct a denial of service via a large number of connections. | |||||
| CVE-2000-0021 | 1 Lotus | 1 Domino Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Lotus Domino HTTP server allows remote attackers to determine the real path of the server via a request to a non-existent script in /cgi-bin. | |||||
| CVE-2000-0022 | 1 Lotus | 1 Domino Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Lotus Domino HTTP server does not properly disable anonymous access for the cgi-bin directory. | |||||
| CVE-2000-0023 | 1 Lotus | 1 Domino Server | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in Lotus Domino HTTP server allows remote attackers to cause a denial of service via a long URL. | |||||
| CVE-2000-0027 | 1 Ibm | 1 Network Station Manager | 2008-09-10 | 6.2 MEDIUM | N/A |
| IBM Network Station Manager NetStation allows local users to gain privileges via a symlink attack. | |||||
| CVE-2000-0031 | 1 Redhat | 1 Linux | 2008-09-10 | 6.2 MEDIUM | N/A |
| The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack. | |||||
| CVE-2000-0033 | 1 Trend Micro | 1 Interscan Viruswall | 2008-09-10 | 5.0 MEDIUM | N/A |
| InterScan VirusWall SMTP scanner does not properly scan messages with malformed attachments. | |||||
| CVE-2000-0034 | 1 Netscape | 1 Communicator | 2008-09-10 | 5.0 MEDIUM | N/A |
| Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords." | |||||
| CVE-2000-0038 | 1 Glftpd | 1 Glftpd | 2008-09-10 | 7.5 HIGH | N/A |
| glFtpD includes a default glftpd user account with a default password and a UID of 0. | |||||
| CVE-2000-0039 | 1 Altavista | 1 Search Intranet | 2008-09-10 | 5.0 MEDIUM | N/A |
| AltaVista search engine allows remote attackers to read files above the document root via a .. (dot dot) in the query.cgi CGI program. | |||||
| CVE-2000-0040 | 1 Glftpd | 1 Glftpd | 2008-09-10 | 10.0 HIGH | N/A |
| glFtpD allows local users to gain privileges via metacharacters in the SITE ZIPCHK command. | |||||
| CVE-2000-0042 | 1 Csm | 1 Mail Server | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in CSM mail server allows remote attackers to cause a denial of service or execute commands via a long HELO command. | |||||
| CVE-2000-0043 | 1 Camshot | 1 Webcam Http Server | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in CamShot WebCam HTTP server allows remote attackers to execute commands via a long GET request. | |||||
| CVE-2000-0044 | 1 Jgaa | 1 Warftpd | 2008-09-10 | 10.0 HIGH | N/A |
| Macros in War FTP 1.70 and 1.67b2 allow local or remote attackers to read arbitrary files or execute commands. | |||||
| CVE-2000-0046 | 1 Mirabilis | 1 Icq | 2008-09-10 | 7.5 HIGH | N/A |
| Buffer overflow in ICQ 99b 1.1.1.1 client allows remote attackers to execute commands via a malformed URL within an ICQ message. | |||||
| CVE-2000-0047 | 1 Yahoo | 1 Pager | 2008-09-10 | 5.0 MEDIUM | N/A |
| Buffer overflow in Yahoo Pager/Messenger client allows remote attackers to cause a denial of service via a long URL within a message. | |||||
| CVE-2000-0048 | 1 Corel | 1 Linux | 2008-09-10 | 7.2 HIGH | N/A |
| get_it program in Corel Linux Update allows local users to gain root access by specifying an alternate PATH for the cp program. | |||||
| CVE-2000-0049 | 1 Nullsoft | 1 Winamp | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in Winamp client allows remote attackers to execute commands via a long entry in a .pls file. | |||||
| CVE-2000-0050 | 1 Allaire | 1 Spectra | 2008-09-10 | 4.6 MEDIUM | N/A |
| The Allaire Spectra Webtop allows authenticated users to access other Webtop sections by specifying explicit URLs. | |||||
| CVE-2000-0051 | 1 Allaire | 1 Spectra | 2008-09-10 | 5.0 MEDIUM | N/A |
| The Allaire Spectra Configuration Wizard allows remote attackers to cause a denial of service by repeatedly resubmitting data collections for indexing via a URL. | |||||
| CVE-2000-0052 | 3 Mandrakesoft, Redhat, Turbolinux | 3 Mandrake Linux, Linux, Turbolinux | 2008-09-10 | 7.2 HIGH | N/A |
| Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack. | |||||
| CVE-2000-0054 | 1 Solution Scripts | 1 Home Free | 2008-09-10 | 5.0 MEDIUM | N/A |
| search.cgi in the SolutionScripts Home Free package allows remote attackers to view directories via a .. (dot dot) attack. | |||||
| CVE-2000-0056 | 1 Ipswitch | 1 Imail | 2008-09-10 | 5.0 MEDIUM | N/A |
| IMail IMONITOR status.cgi CGI script allows remote attackers to cause a denial of service with many calls to status.cgi. | |||||
| CVE-2000-0057 | 1 Allaire | 1 Coldfusion Server | 2008-09-10 | 7.5 HIGH | N/A |
| Cold Fusion CFCACHE tag places temporary cache files within the web document root, allowing remote attackers to obtain sensitive system information. | |||||
| CVE-2000-0058 | 1 Handspring | 1 Visor Network Hotsync | 2008-09-10 | 5.0 MEDIUM | N/A |
| Network HotSync program in Handspring Visor does not have authentication, which allows remote attackers to retrieve email and files. | |||||
| CVE-2000-0059 | 1 Php | 1 Php | 2008-09-10 | 10.0 HIGH | N/A |
| PHP3 with safe_mode enabled does not properly filter shell metacharacters from commands that are executed by popen, which could allow remote attackers to execute commands. | |||||
| CVE-2000-0062 | 1 Zope | 1 Zope | 2008-09-10 | 10.0 HIGH | N/A |
| The DTML implementation in the Z Object Publishing Environment (Zope) allows remote attackers to conduct unauthorized activities. | |||||
| CVE-2000-0063 | 1 Nortel | 1 Contivity | 2008-09-10 | 5.0 MEDIUM | N/A |
| cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script. | |||||
| CVE-2000-0064 | 1 Nortel | 1 Contivity | 2008-09-10 | 5.0 MEDIUM | N/A |
| cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters. | |||||
| CVE-2000-0065 | 1 Avtronics | 1 Inetserv | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in InetServ 3.0 allows remote attackers to execute commands via a long GET request. | |||||
| CVE-2000-0066 | 1 Oreilly | 1 Website Professional | 2008-09-10 | 5.0 MEDIUM | N/A |
| WebSite Pro allows remote attackers to determine the real pathname of webdirectories via a malformed URL request. | |||||
| CVE-2000-0067 | 1 Cybercash | 1 Merchant Connection Kit | 2008-09-10 | 2.1 LOW | N/A |
| CyberCash Merchant Connection Kit (MCK) allows local users to modify files via a symlink attack. | |||||
| CVE-2000-0069 | 1 Sun | 1 Solstice Backup | 2008-09-10 | 2.1 LOW | N/A |
| The recover program in Solstice Backup allows local users to restore sensitive files. | |||||
| CVE-2000-0074 | 1 Powerscripts | 1 Plusmail | 2008-09-10 | 7.5 HIGH | N/A |
| PowerScripts PlusMail CGI program allows remote attackers to execute commands via a password file with improper permissions. | |||||
| CVE-2000-0075 | 1 Nosque | 1 Msgcore | 2008-09-10 | 5.0 MEDIUM | N/A |
| Super Mail Transfer Package (SMTP), later called MsgCore, has a memory leak which allows remote attackers to cause a denial of service by repeating multiple HELO, MAIL FROM, RCPT TO, and DATA commands in the same session. | |||||
| CVE-2000-0079 | 1 W3c | 1 Cern Httpd | 2008-09-10 | 7.5 HIGH | N/A |
| The W3C CERN httpd HTTP server allows remote attackers to determine the real pathnames of some commands via a request for a nonexistent URL. | |||||
| CVE-2000-0083 | 1 Hp | 1 Hp-ux | 2008-09-10 | 4.6 MEDIUM | N/A |
| HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local users to cause a denial of service or gain additional privileges. | |||||
| CVE-2000-0084 | 1 Globalscape | 1 Cuteftp | 2008-09-10 | 5.0 MEDIUM | N/A |
| CuteFTP uses weak encryption to store password information in its tree.dat file. | |||||
| CVE-2000-0085 | 1 Microsoft | 1 Hotmail | 2008-09-10 | 7.5 HIGH | N/A |
| Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attacker to execute code via the LOWSRC or DYNRC parameters in the IMG tag. | |||||
| CVE-2000-0086 | 1 Netopia | 1 Timbuktu Pro | 2008-09-10 | 5.0 MEDIUM | N/A |
| Netopia Timbuktu Pro sends user IDs and passwords in cleartext, which allows remote attackers to obtain them via sniffing. | |||||
| CVE-2000-0090 | 1 Vmware | 1 Workstation | 2008-09-10 | 3.6 LOW | N/A |
| VMWare 1.1.2 allows local users to cause a denial of service via a symlink attack. | |||||
| CVE-2000-0091 | 1 Inter7 | 1 Vpopmail | 2008-09-10 | 10.0 HIGH | N/A |
| Buffer overflow in vchkpw/vpopmail POP authentication package allows remote attackers to gain root privileges via a long username or password. | |||||
| CVE-2000-0093 | 1 Redhat | 1 Linux | 2008-09-10 | 10.0 HIGH | N/A |
| An installation of Red Hat uses DES password encryption with crypt() for the initial password, instead of md5. | |||||
| CVE-2000-0095 | 1 Hp | 1 Hp-ux | 2008-09-10 | 5.0 MEDIUM | N/A |
| The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for determining the optimum MTU generates large amounts of traffic in response to small packets, allowing remote attackers to cause the system to be used as a packet amplifier. | |||||
| CVE-2000-0096 | 1 Qualcomm | 1 Qpopper | 2008-09-10 | 7.2 HIGH | N/A |
| Buffer overflow in qpopper 3.0 beta versions allows local users to gain privileges via a long LIST command. | |||||