Total
27865 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-1059 | 1 Mandrakesoft | 1 Mandrake Linux | 2017-10-09 | 7.2 HIGH | N/A |
| The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority access control mechanism with an "xhost + localhost" command, which allows local users to sniff X Windows events and gain privileges. | |||||
| CVE-2000-1068 | 1 Cgi-world | 2 Poll It, Poll It Pro | 2017-10-09 | 10.0 HIGH | N/A |
| pollit.cgi in Poll It 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the poll_options parameter. | |||||
| CVE-2000-1187 | 1 Netscape | 2 Communicator, Navigator | 2017-10-09 | 7.5 HIGH | N/A |
| Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute arbitrary commands via a long password value in a form field. | |||||
| CVE-1999-1452 | 1 Microsoft | 1 Windows Nt | 2017-10-09 | 2.1 LOW | N/A |
| GINA in Windows NT 4.0 allows attackers with physical access to display a portion of the clipboard of the user who has locked the workstation by pasting (CTRL-V) the contents into the username prompt. | |||||
| CVE-2000-1069 | 1 Cgi-world | 2 Poll It, Poll It Pro | 2017-10-09 | 6.4 MEDIUM | N/A |
| pollit.cgi in Poll It 2.01 and earlier allows remote attackers to access administrative functions without knowing the real password by specifying the same value to the entered_password and admin_password parameters. | |||||
| CVE-2000-1070 | 1 Cgi-world | 2 Poll It, Poll It Pro | 2017-10-09 | 5.0 MEDIUM | N/A |
| pollit.cgi in Poll It 2.01 and earlier uses data files that are located under the web document root, which allows remote attackers to access sensitive or private information. | |||||
| CVE-2000-1071 | 1 Netscape | 1 Iplanet Ical | 2017-10-09 | 10.0 HIGH | N/A |
| The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote attackers to monitor X Windows events and gain privileges. | |||||
| CVE-2000-1072 | 1 Netscape | 1 Iplanet Ical | 2017-10-09 | 7.2 HIGH | N/A |
| iCal 2.1 Patch 2 installs many files with world-writeable permissions, which allows local users to modify the iCal configuration and execute arbitrary commands by replacing the iplncal.sh program with a Trojan horse. | |||||
| CVE-2001-0234 | 1 Sourceforge | 1 Newsdaemon | 2017-10-09 | 7.5 HIGH | N/A |
| NewsDaemon before 0.21b allows remote attackers to execute arbitrary SQL queries and gain privileges via a malformed user_username parameter. | |||||
| CVE-2000-1073 | 1 Netscape | 1 Iplanet Ical | 2017-10-09 | 7.2 HIGH | N/A |
| csstart program in iCal 2.1 Patch 2 searches for the cshttpd program in the current working directory, which allows local users to gain root privileges by creating a Trojan Horse cshttpd program in a directory and calling csstart from that directory. | |||||
| CVE-2000-1074 | 1 Netscape | 1 Iplanet Ical | 2017-10-09 | 10.0 HIGH | N/A |
| csstart program in iCal 2.1 Patch 2 uses relative pathnames to install the libsocket and libnsl libraries, which could allow the icsuser account to gain root privileges by creating a Trojan Horse library in the current or parent directory. | |||||
| CVE-2000-1075 | 2 Netscape, Sun | 2 Directory Server, Iplanet Certificate Management System | 2017-10-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services. | |||||
| CVE-1999-1455 | 1 Microsoft | 1 Windows Nt | 2017-10-09 | 7.5 HIGH | N/A |
| RSH service utility RSHSVC in Windows NT 3.5 through 4.0 does not properly restrict access as specified in the .Rhosts file when a user comes from an authorized host, which could allow unauthorized users to access the service by logging in from an authorized host. | |||||
| CVE-2000-1077 | 1 Iplanet | 1 Iplanet Web Server | 2017-10-09 | 10.0 HIGH | N/A |
| Buffer overflow in the SHTML logging functionality of iPlanet Web Server 4.x allows remote attackers to execute arbitrary commands via a long filename with a .shtml extension. | |||||
| CVE-1999-1456 | 1 Thttpd | 1 Thttpd Http Server | 2017-10-09 | 5.0 MEDIUM | N/A |
| thttpd HTTP server 2.03 and earlier allows remote attackers to read arbitrary files via a GET request with more than one leading / (slash) character in the filename. | |||||
| CVE-2000-1080 | 2 Id Software, J. P. Grossman | 2 Quake, Proquake | 2017-10-09 | 5.0 MEDIUM | N/A |
| Quake 1 (quake1) and ProQuake 1.01 and earlier allow remote attackers to cause a denial of service via a malformed (empty) UDP packet. | |||||
| CVE-2001-0680 | 1 Qpc Software | 2 Avt Term, Qvt Net | 2017-10-09 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in ftpd in QPC QVT/Net 4.0 and AVT/Term 5.0 allows a remote attacker to traverse directories on the web server via a "dot dot" attack in a LIST (ls) command. | |||||
| CVE-2001-0596 | 1 Netscape | 1 Communicator | 2017-10-09 | 7.5 HIGH | N/A |
| Netscape Communicator before 4.77 allows remote attackers to execute arbitrary Javascript via a GIF image whose comment contains the Javascript. | |||||
| CVE-2001-0685 | 1 Thibault Godouet | 1 Fcron | 2017-10-09 | 2.6 LOW | N/A |
| Thibault Godouet FCron prior to 1.1.1 allows a local user to corrupt another user's crontab file via a symlink attack on the fcrontab temporary file. | |||||
| CVE-1999-0815 | 1 Microsoft | 1 Windows Nt | 2017-10-09 | 5.0 MEDIUM | N/A |
| Memory leak in SNMP agent in Windows NT 4.0 before SP5 allows remote attackers to conduct a denial of service (memory exhaustion) via a large number of queries. | |||||