Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0818 | 1 Marty Bochane | 1 Mdbms | 2017-12-18 | 7.5 HIGH | N/A |
| A buffer overflow the '\s' console command in MDBMS 0.99b9 and earlier allows remote attackers to execute arbitrary commands by sending the command a large amount of data. | |||||
| CVE-2001-1101 | 1 Checkpoint | 1 Firewall-1 | 2017-12-18 | 6.4 MEDIUM | N/A |
| The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b through 4.1 SP2 does not check for the existence of '.log' files when saving files, which allows (1) remote authenticated users to overwrite arbitrary files ending in '.log', or (2) local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2001-1102 | 1 Checkpoint | 1 Firewall-1 | 2017-12-18 | 6.2 MEDIUM | N/A |
| Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable. | |||||
| CVE-2001-0582 | 1 Ben Spink | 1 Crushftp Ftp Server | 2017-12-18 | 4.6 MEDIUM | N/A |
| Ben Spink CrushFTP FTP Server 2.1.6 and earlier allows a local attacker to access arbitrary files via a '..' (dot dot) attack, or variations, in (1) GET, (2) CD, (3) NLST, (4) SIZE, (5) RETR. | |||||
| CVE-1999-0805 | 1 Novell | 1 Netware | 2017-12-18 | 5.0 MEDIUM | N/A |
| Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests. | |||||
| CVE-2000-1048 | 1 Qbik | 1 Wingate | 2017-12-18 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the logfile service of Wingate 4.1 Beta A and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack via an HTTP GET request that uses encoded characters in the URL. | |||||
| CVE-1999-1557 | 1 Ipswitch | 1 Imail | 2017-12-18 | 5.0 MEDIUM | N/A |
| Buffer overflow in the login functions in IMAP server (imapd) in Ipswitch IMail 5.0 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via (1) a long user name or (2) a long password. | |||||
| CVE-2001-1109 | 1 Khamil Landross And Zack Jones | 1 Eftp | 2017-12-18 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in EFTP 2.0.7.337 allows remote authenticated users to reveal directory contents via a .. (dot dot) in the (1) LIST, (2) QUOTE SIZE, and (3) QUOTE MDTM commands. | |||||
| CVE-2000-1053 | 1 Macromedia | 1 Jrun | 2017-12-18 | 10.0 HIGH | N/A |
| Allaire JRun 2.3.3 server allows remote attackers to compile and execute JSP code by inserting it via a cross-site scripting (CSS) attack and directly calling the com.livesoftware.jrun.plugins.JSP JSP servlet. | |||||
| CVE-2001-1111 | 1 Khamil Landross And Zack Jones | 1 Eftp | 2017-12-18 | 4.6 MEDIUM | N/A |
| EFTP 2.0.7.337 stores user passwords in plaintext in the eftp2users.dat file. | |||||
| CVE-2001-1112 | 1 Khamil Landross And Zack Jones | 1 Eftp | 2017-12-18 | 7.5 HIGH | N/A |
| Buffer overflow in EFTP 2.0.7.337 allows remote attackers to execute arbitrary code by uploading a .lnk file containing a large number of characters. | |||||
| CVE-2001-1136 | 1 Hp | 1 Hp-ux | 2017-12-18 | 2.1 LOW | N/A |
| The libsecurity library in HP-UX 11.04 (VVOS) allows attackers to cause a denial of service. | |||||
| CVE-2001-0870 | 2 Alchemy Lab, Dek Software | 2 Alchemy Eye, Alchemy Network Monitor | 2017-12-18 | 5.0 MEDIUM | N/A |
| HTTP server in Alchemy Eye and Alchemy Network Monitor 1.9x through 2.6.18 is enabled without authentication by default, which allows remote attackers to obtain network monitoring logs with potentially sensitive information by directly requesting the eye.ini file. | |||||
| CVE-2001-1114 | 1 Netcode | 1 Nc Book | 2017-12-18 | 7.5 HIGH | N/A |
| book.cgi in NetCode NC Book 0.2b allows remote attackers to execute arbitrary commands via shell metacharacters in the "current" parameter. | |||||
| CVE-2001-1115 | 1 Sixhead | 1 Six-webboard | 2017-12-18 | 5.0 MEDIUM | N/A |
| generate.cgi in SIX-webboard 2.01 and before allows remote attackers to read arbitrary files via a dot dot (..) in the content parameter. | |||||
| CVE-2001-1320 | 1 Pgp | 1 Keyserver | 2017-12-18 | 7.5 HIGH | N/A |
| Network Associates PGP Keyserver 7.0 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via exceptional BER encodings (possibly buffer overflows), as demonstrated by the PROTOS LDAPv3 test suite. | |||||
| CVE-2000-1062 | 1 Hp | 1 Jetdirect | 2017-12-18 | 5.0 MEDIUM | N/A |
| Buffer overflow in the FTP service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service. | |||||
| CVE-2000-1063 | 1 Hp | 1 Jetdirect | 2017-12-18 | 5.0 MEDIUM | N/A |
| Buffer overflow in the Telnet service in HP JetDirect printer card Firmware x.08.20 and earlier allows remote attackers to cause a denial of service. | |||||
| CVE-2001-1137 | 1 D-link | 1 Dl-704 | 2017-12-18 | 5.0 MEDIUM | N/A |
| D-Link DI-704 Internet Gateway firmware earlier than V2.56b6 allows remote attackers to cause a denial of service (reboot) via malformed IP datagram fragments. | |||||
| CVE-2001-1138 | 1 Randy Parker | 1 Power Up Html | 2017-12-18 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in r.pl (aka r.cgi) of Randy Parker Power Up HTML 0.8033beta allows remote attackers to read arbitrary files and possibly execute arbitrary code via a .. (dot dot) in the FILE parameter. | |||||