Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1117 | 1 Linksys | 1 Befsr41 | 2017-10-09 | 5.0 MEDIUM | N/A |
| LinkSys EtherFast BEFSR41 Cable/DSL routers running firmware before 1.39.3 Beta allows a remote attacker to view administration and user passwords by connecting to the router and viewing the HTML source for (1) index.htm and (2) Password.htm. | |||||
| CVE-2001-1130 | 1 Suse | 1 Suse Linux | 2017-10-09 | 7.5 HIGH | N/A |
| Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers to execute arbitrary commands by uploading a keylist.txt file that contains filenames with shell metacharacters, then causing the file to be searched using a .. in the HTTP referer (from the HTTP_REFERER variable) to point to the directory that contains the keylist.txt file. | |||||
| CVE-2001-1119 | 1 Ti Kan | 1 Xmcd | 2017-10-09 | 6.2 MEDIUM | N/A |
| cda in xmcd 3.0.2 and 2.6 in SuSE Linux allows local users to overwrite arbitrary files via a symlink attack. | |||||
| CVE-2001-1141 | 2 Openssl, Ssleay | 2 Openssl, Ssleay | 2017-10-09 | 5.0 MEDIUM | N/A |
| The Pseudo-Random Number Generator (PRNG) in SSLeay and OpenSSL before 0.9.6b allows attackers to use the output of small PRNG requests to determine the internal state information, which could be used by attackers to predict future pseudo-random numbers. | |||||
| CVE-2001-1146 | 1 Lee Herron | 1 Allcommerce | 2017-10-09 | 1.2 LOW | N/A |
| AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 creates temporary files with predictable names, which allows local users to modify files via a symlink attack. | |||||
| CVE-2001-1160 | 1 Microburst | 1 Udirectory | 2017-10-09 | 7.5 HIGH | N/A |
| udirectory.pl in Microburst Technologies uDirectory 2.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the category_file field. | |||||
| CVE-2002-1382 | 1 Macromedia | 1 Flash Player | 2017-10-09 | 7.5 HIGH | N/A |
| Macromedia Flash Player before 6.0.65.0 allows remote attackers to execute arbitrary code via certain malformed data headers in Shockwave Flash file format (SWF) files, a different issue than CAN-2002-0846. | |||||
| CVE-2002-1381 | 1 University Of Cambridge | 1 Exim | 2017-10-09 | 7.2 HIGH | N/A |
| Format string vulnerability in daemon.c for Exim 4.x through 4.10, and 3.x through 3.36, allows exim administrative users to execute arbitrary code by modifying the pid_file_path value. | |||||
| CVE-2001-1158 | 1 Checkpoint | 1 Firewall-1 | 2017-10-09 | 7.5 HIGH | N/A |
| Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, accept_fw1_rdp, which can allow remote attackers to bypass intended restrictions with forged RDP (internal protocol) headers to UDP port 259 of arbitrary hosts. | |||||
| CVE-2001-1098 | 1 Cisco | 1 Pix Firewall Manager | 2017-10-09 | 2.1 LOW | N/A |
| Cisco PIX firewall manager (PFM) 4.3(2)g logs the enable password in plaintext in the pfm.log file, which could allow local users to obtain the password by reading the file. | |||||
| CVE-2001-1180 | 1 Freebsd | 1 Freebsd | 2017-10-09 | 7.2 HIGH | N/A |
| FreeBSD 4.3 does not properly clear shared signal handlers when executing a process, which allows local users to gain privileges by calling rfork with a shared signal handler, having the child process execute a setuid program, and sending a signal to the child. | |||||
| CVE-2001-1172 | 1 Omnisecure | 1 Httprotect | 2017-10-09 | 4.6 MEDIUM | N/A |
| OmniSecure HTTProtect 1.1.1 allows a superuser without omnish privileges to modify a protected file by creating a symbolic link to that file. | |||||
| CVE-2001-1177 | 1 Samsung | 2 Ml-85g Gdi Printer Driver, Ml-85p Printer Driver | 2017-10-09 | 6.2 MEDIUM | N/A |
| ml85p in Samsung ML-85G GDI printer driver before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files. | |||||
| CVE-2001-1175 | 1 Andries Brouwer | 1 Util-linux | 2017-10-09 | 7.2 HIGH | N/A |
| vipw in the util-linux package before 2.10 causes /etc/shadow to be world-readable in some cases, which would make it easier for local users to perform brute force password guessing. | |||||
| CVE-2002-1385 | 1 Open Webmail | 1 Open Webmail | 2017-10-09 | 7.2 HIGH | N/A |
| openwebmail_init in Open WebMail 1.81 and earlier allows local users to execute arbitrary code via .. (dot dot) sequences in a login name, such as the name provided in the sessionid parameter for openwebmail-abook.pl, which is used to find a configuration file that specifies additional code to be executed. | |||||
| CVE-2001-1174 | 1 Elm Development Group | 1 Elm | 2017-10-09 | 7.5 HIGH | N/A |
| Buffer overflow in Elm 2.5.5 and earlier allows remote attackers to execute arbitrary code via a long Message-ID header. | |||||
| CVE-2001-1176 | 1 Checkpoint | 3 Firewall-1, Provider-1, Vpn-1 | 2017-10-09 | 7.5 HIGH | N/A |
| Format string vulnerability in Check Point VPN-1/FireWall-1 4.1 allows a remote authenticated firewall administrator to execute arbitrary code via format strings in the control connection. | |||||
| CVE-2001-1162 | 2 Hp, Samba | 2 Cifs-9000 Server, Samba | 2017-10-09 | 10.0 HIGH | N/A |
| Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before 2.2.0a allows remote attackers to overwrite certain files via a .. in a NETBIOS name, which is used as the name for a .log file. | |||||
| CVE-2001-1183 | 1 Cisco | 1 Ios | 2017-10-09 | 5.0 MEDIUM | N/A |
| PPTP implementation in Cisco IOS 12.1 and 12.2 allows remote attackers to cause a denial of service (crash) via a malformed packet. | |||||
| CVE-2002-1403 | 1 Phystech | 1 Dhcpcd | 2017-10-09 | 7.2 HIGH | N/A |
| dhcpcd DHCP client daemon 1.3.22 and earlier allows local users to execute arbitrary code via shell metacharacters that are fed from a dhcpd .info script into a .exe script. | |||||