Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1078 | 1 Extremail | 1 Extremail | 2017-12-18 | 10.0 HIGH | N/A |
| Format string vulnerability in flog function of eXtremail 1.1.9 and earlier allows remote attackers to gain root privileges via format specifiers in the SMTP commands (1) HELO, (2) EHLO, (3) MAIL FROM, or (4) RCPT TO, and the POP3 commands (5) USER and (6) other commands that can be executed after POP3 authentication. | |||||
| CVE-2000-0988 | 1 Bardon Data Systems | 1 Winu | 2017-12-18 | 7.2 HIGH | N/A |
| WinU 1.0 through 5.1 has a backdoor password that allows remote attackers to gain access to its administrative interface and modify configuration. | |||||
| CVE-2001-0198 | 1 Apple | 1 Quicktime | 2017-12-18 | 7.6 HIGH | N/A |
| Buffer overflow in QuickTime Player plugin 4.1.2 (Japanese) allows remote attackers to execute arbitrary commands via a long HREF parameter in an EMBED tag. | |||||
| CVE-2000-1009 | 2 Redhat, Trustix | 2 Linux, Secure Linux | 2017-12-18 | 7.2 HIGH | N/A |
| dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which allows local users to obtain root privileges by modifying the RSH variable to point to a Trojan horse program. | |||||
| CVE-2000-1015 | 1 Open Source Development Network | 1 Slashcode | 2017-12-18 | 7.5 HIGH | N/A |
| The default configuration of Slashcode before version 2.0 Alpha has a default administrative password, which allows remote attackers to gain Slashcode privileges and possibly execute arbitrary commands. | |||||
| CVE-2000-1020 | 1 Alt-n | 1 Mdaemon | 2017-12-18 | 7.5 HIGH | N/A |
| Heap overflow in Worldclient in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long URL. | |||||
| CVE-2001-1086 | 1 Xfree86 Project | 1 X11r6 | 2017-12-18 | 7.5 HIGH | N/A |
| XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using gettimeofday() when compiled with the HasXdmXauth option, which allows remote attackers to gain unauthorized access to the X display via a brute force attack. | |||||
| CVE-2001-1087 | 1 Network Appliance | 1 Netcache | 2017-12-18 | 7.5 HIGH | N/A |
| The default configuration of the config.http.tunnel.allow_ports option on NetCache devices is set to +all, which allows remote attackers to connect to arbitrary ports on remote systems behind the device. | |||||
| CVE-2000-1021 | 1 Alt-n | 1 Mdaemon | 2017-12-18 | 7.5 HIGH | N/A |
| Heap overflow in WebConfig in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long URL. | |||||
| CVE-2000-1023 | 1 Alabanza | 1 Control Panel | 2017-12-18 | 7.5 HIGH | N/A |
| The Alabanza Control Panel does not require passwords to access administrative commands, which allows remote attackers to modify domain name information via the nsManager.cgi CGI program. | |||||
| CVE-2001-1091 | 1 Netbsd | 1 Netbsd | 2017-12-18 | 7.2 HIGH | N/A |
| The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable. | |||||
| CVE-2001-1092 | 1 Compaq | 1 Tru64 | 2017-12-18 | 2.1 LOW | N/A |
| msgchk in Digital UNIX 4.0G and earlier allows a local user to read the first line of arbitrary files via a symlink attack on the .mh_profile file. | |||||
| CVE-2001-1093 | 1 Compaq | 1 Tru64 | 2017-12-18 | 7.2 HIGH | N/A |
| Buffer overflow in msgchk in Digital UNIX 4.0G and earlier allows local users to execute arbitrary code via a long command line argument. | |||||
| CVE-2001-1094 | 1 Crosstec Corporation | 1 Netop School | 2017-12-18 | 4.6 MEDIUM | N/A |
| NetOp School 1.5 allows local users to bypass access restrictions on the administration version by logging into the student version, closing the student version, then starting the administration version. | |||||
| CVE-2001-0674 | 1 Robtex | 1 Viking Server | 2017-12-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in RobTex Viking Web server before 1.07-381 allows remote attackers to read arbitrary files via a hexadecimal encoded dot-dot attack (eg. http://www.server.com/%2e%2e/%2e%2e) in an HTTP URL request. | |||||
| CVE-2000-1025 | 1 Unify | 1 Ewave Servletexec | 2017-12-18 | 5.0 MEDIUM | N/A |
| eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cause a denial of service via a URL that contains the "/servlet/" string, which invokes the ServletExec servlet and causes an exception if the servlet is already running. | |||||
| CVE-2000-1033 | 1 Cat Soft | 1 Serv-u | 2017-12-18 | 7.5 HIGH | N/A |
| Serv-U FTP Server allows remote attackers to bypass its anti-hammering feature by first logging on as a valid user (possibly anonymous) and then attempting to guess the passwords of other users. | |||||
| CVE-2001-1097 | 1 Cisco | 1 Ios | 2017-12-18 | 5.0 MEDIUM | N/A |
| Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets. | |||||
| CVE-2001-0868 | 1 Redhat | 1 Stronghold | 2017-12-18 | 5.0 MEDIUM | N/A |
| Red Hat Stronghold 2.3 to 3.0 allows remote attackers to retrieve system information via an HTTP GET request to (1) stronghold-info or (2) stronghold-status. | |||||
| CVE-2001-1107 | 1 Snapstream | 1 Pvs | 2017-12-18 | 5.0 MEDIUM | N/A |
| SnapStream PVS 1.2a stores its passwords in plaintext in the file SSD.ini, which could allow a remote attacker to gain privileges on the server. | |||||