Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-1037 | 1 Checkpoint | 1 Firewall-1 | 2008-09-05 | 7.5 HIGH | N/A |
| Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote attackers to determine valid usernames and guess a password via a brute force attack. | |||||
| CVE-2000-1046 | 1 Lotus | 1 Domino | 2008-09-05 | 10.0 HIGH | N/A |
| Multiple buffer overflows in the ESMTP service of Lotus Domino 5.0.2c and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via long (1) "RCPT TO," (2) "SAML FROM," or (3) "SOML FROM" commands. | |||||
| CVE-2000-1098 | 1 Sonicwall | 1 Soho Firewall | 2008-09-05 | 5.0 MEDIUM | N/A |
| The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via an empty GET or POST request. | |||||
| CVE-2000-1100 | 1 Trlinux | 1 Postaci Webmail | 2008-09-05 | 7.5 HIGH | N/A |
| The default configuration for PostACI webmail system installs the /includes/global.inc configuration file within the web root, which allows remote attackers to read sensitive information such as database usernames and passwords via a direct HTTP GET request. | |||||
| CVE-2000-1101 | 1 Texas Imperial Software | 1 Wftpd | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Winsock FTPd (WFTPD) 3.00 and 2.41 with the "Restrict to home directory" option enabled allows local users to escape the home directory via a "/../" string, a variation of the .. (dot dot) attack. | |||||
| CVE-2000-1102 | 1 Ptlink | 2 Ptlink Irc Services, Ptlink Ircd | 2008-09-05 | 5.0 MEDIUM | N/A |
| PTlink IRCD 3.5.3 and PTlink Services 1.8.1 allow remote attackers to cause a denial of service (server crash) via "mode +owgscfxeb" and "oper" commands. | |||||
| CVE-2000-1103 | 1 Bsdi | 1 Bsd Os | 2008-09-05 | 7.2 HIGH | N/A |
| rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before executing a script, which allows local attackers to gain privileges by specifying an alternate Trojan horse script on the command line. | |||||
| CVE-2000-1105 | 1 Microsoft | 1 Indexing Service | 2008-09-05 | 4.3 MEDIUM | N/A |
| The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 systems that have Indexing Services enabled. | |||||
| CVE-2000-1110 | 1 Ibm | 1 Net.data | 2008-09-05 | 5.0 MEDIUM | N/A |
| document.d2w CGI program in the IBM Net.Data db2www package allows remote attackers to determine the physical path of the web server by sending a nonexistent command to the program. | |||||
| CVE-2000-1114 | 1 Unify | 1 Ewave Servletexec | 2008-09-05 | 5.0 MEDIUM | N/A |
| Unify ServletExec AS v3.0C allows remote attackers to read source code for JSP pages via an HTTP request that ends with characters such as ".", or "+", or "%20". | |||||
| CVE-2000-1118 | 1 24link | 1 24link | 2008-09-05 | 7.5 HIGH | N/A |
| 24Link 1.06 web server allows remote attackers to bypass access restrictions by prepending strings such as "/+/" or "/." to the HTTP GET request. | |||||
| CVE-2000-1127 | 1 Hp | 1 Hp-ux | 2008-09-05 | 3.6 LOW | N/A |
| registrar in the HP resource monitor service allows local users to read and modify arbitrary files by renaming the original registrar.log log file and creating a symbolic link to the target file, to which registrar appends log information and sets the permissions to be world readable. | |||||
| CVE-2000-1128 | 1 Mcafee | 1 Virusscan | 2008-09-05 | 4.6 MEDIUM | N/A |
| The default configuration of McAfee VirusScan 4.5 does not quote the ImagePath variable, which improperly sets the search path and allows local users to place a Trojan horse "common.exe" program in the C:\Program Files directory. | |||||
| CVE-2000-1129 | 1 Network Associates | 1 Webshield Smtp | 2008-09-05 | 5.0 MEDIUM | N/A |
| McAfee WebShield SMTP 4.5 allows remote attackers to cause a denial of service via a malformed recipient field. | |||||
| CVE-2000-1130 | 1 Network Associates | 1 Webshield Smtp | 2008-09-05 | 7.5 HIGH | N/A |
| McAfee WebShield SMTP 4.5 allows remote attackers to bypass email content filtering rules by including Extended ASCII characters in name of the attachment. | |||||
| CVE-2000-1152 | 1 Be | 1 Beos | 2008-09-05 | 5.0 MEDIUM | N/A |
| Browser IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL. | |||||
| CVE-2000-1157 | 1 Network Associates | 1 Sniffer Agent | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in NAI Sniffer Agent allows remote attackers to execute arbitrary commands via a long SNMP community name. | |||||
| CVE-2000-1158 | 1 Network Associates | 1 Sniffer Agent | 2008-09-05 | 7.5 HIGH | N/A |
| NAI Sniffer Agent uses base64 encoding for authentication, which allows attackers to sniff the network and easily decrypt usernames and passwords. | |||||
| CVE-2000-1159 | 1 Network Associates | 1 Sniffer Agent | 2008-09-05 | 7.5 HIGH | N/A |
| NAI Sniffer Agent allows remote attackers to gain privileges on the agent by sniffing the initial UDP authentication packets and spoofing commands. | |||||
| CVE-2000-1160 | 1 Network Associates | 1 Sniffer Agent | 2008-09-05 | 5.0 MEDIUM | N/A |
| NAI Sniffer Agent allows remote attackers to cause a denial of service (crash) by sending a large number of login requests. | |||||