Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0288 | 1 Cisco | 1 Ios | 2008-09-05 | 7.5 HIGH | N/A |
| Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. | |||||
| CVE-2001-0292 | 1 Francisco Burzi | 1 Php-nuke | 2008-09-05 | 7.5 HIGH | N/A |
| PHP-Nuke 4.4.1a allows remote attackers to modify a user's email address and obtain the password by guessing the user id (UID) and calling user.php with the saveuser operator. | |||||
| CVE-2001-0287 | 1 Symantec Veritas | 1 Cluster Server | 2008-09-05 | 2.1 LOW | N/A |
| VERITAS Cluster Server (VCS) 1.3.0 on Solaris allows local users to cause a denial of service (system panic) via the -L option to the lltstat command. | |||||
| CVE-2001-0079 | 1 Hp | 1 Support Tools Manager | 2008-09-05 | 2.1 LOW | N/A |
| Support Tools Manager (STM) A.22.00 for HP-UX allows local users to overwrite arbitrary files via a symlink attack on the tool_stat.txt log file. | |||||
| CVE-2001-0227 | 1 Biblioscape | 1 Biblioweb Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Buffer overflow in BiblioWeb web server 2.0 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP GET request. | |||||
| CVE-2001-0075 | 1 Technote Inc | 1 Technote | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in main.cgi in Technote allows remote attackers to read arbitrary files via a .. (dot dot) attack in the filename parameter. | |||||
| CVE-2001-0211 | 1 Silverplatter | 1 Webspirs | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in WebSPIRS 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the sp.nextform parameter. | |||||
| CVE-2001-0074 | 1 Technote Inc | 1 Technote | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in print.cgi in Technote allows remote attackers to read arbitrary files via a .. (dot dot) attack in the board parameter. | |||||
| CVE-2001-0289 | 1 Joseph Allen | 1 Joe | 2008-09-05 | 4.6 MEDIUM | N/A |
| Joe text editor 2.8 searches the current working directory (CWD) for the .joerc configuration file, which could allow local users to gain privileges of other users by placing a Trojan Horse .joerc file into a directory, then waiting for users to execute joe from that directory. | |||||
| CVE-2001-0290 | 1 Gnu | 1 Mailman | 2008-09-05 | 4.6 MEDIUM | N/A |
| Vulnerability in Mailman 2.0.1 and earlier allows list administrators to obtain user passwords. | |||||
| CVE-2001-0270 | 1 Marconi | 2 Asx-1000, Forethought | 2008-09-05 | 5.0 MEDIUM | N/A |
| Marconi ASX-1000 ASX switches allow remote attackers to cause a denial of service in the telnet and web management interfaces via a malformed packet with the SYN-FIN and More Fragments attributes set. | |||||
| CVE-2001-0132 | 1 Trend Micro | 1 Interscan Viruswall | 2008-09-05 | 1.2 LOW | N/A |
| Interscan VirusWall 3.6.x and earlier follows symbolic links when uninstalling the product, which allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2001-0210 | 1 Carey Internet Service | 1 Commerce.cgi | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in commerce.cgi CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack in the page parameter. | |||||
| CVE-2001-0285 | 1 A1webserver | 1 Http Server | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in A1 HTTP server 1.0a allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP request. | |||||
| CVE-2001-0279 | 2 Debian, Mandrakesoft | 3 Debian Linux, Mandrake Linux, Mandrake Linux Corporate Server | 2008-09-05 | 7.2 HIGH | N/A |
| Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges. | |||||
| CVE-2001-0084 | 1 Gtk | 1 Gtk\+ | 2008-09-05 | 7.2 HIGH | N/A |
| GTK+ library allows local users to specify arbitrary modules via the GTK_MODULES environmental variable, which could allow local users to gain privileges if GTK+ is used by a setuid/setgid program. | |||||
| CVE-2001-0327 | 1 Iplanet | 1 Iplanet Web Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to retrieve sensitive data from memory allocation pools, or cause a denial of service, via a URL-encoded Host: header in the HTTP request, which reveals memory in the Location: header that is returned by the server. | |||||
| CVE-2001-0133 | 1 Trend Micro | 1 Interscan Viruswall | 2008-09-05 | 10.0 HIGH | N/A |
| The web administration interface for Interscan VirusWall 3.6.x and earlier does not use encryption, which could allow remote attackers to obtain the administrator password to sniff the administrator password via the setpasswd.cgi program or other HTTP GET requests that contain base64 encoded usernames and passwords. | |||||
| CVE-2001-0082 | 1 Checkpoint | 1 Firewall-1 | 2008-09-05 | 7.5 HIGH | N/A |
| Check Point VPN-1/FireWall-1 4.1 SP2 with Fastmode enabled allows remote attackers to bypass access restrictions via malformed, fragmented packets. | |||||
| CVE-2000-1242 | 1 Apc | 1 Powerchute | 2008-09-05 | 9.0 HIGH | N/A |
| The HTTP service in American Power Conversion (APC) PowerChute uses a default username and password, which allows remote attackers to gain system access. | |||||