Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Total 210374 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2000-1037 1 Checkpoint 1 Firewall-1 2008-09-05 7.5 HIGH N/A
Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote attackers to determine valid usernames and guess a password via a brute force attack.
CVE-2000-1046 1 Lotus 1 Domino 2008-09-05 10.0 HIGH N/A
Multiple buffer overflows in the ESMTP service of Lotus Domino 5.0.2c and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via long (1) "RCPT TO," (2) "SAML FROM," or (3) "SOML FROM" commands.
CVE-2000-1098 1 Sonicwall 1 Soho Firewall 2008-09-05 5.0 MEDIUM N/A
The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via an empty GET or POST request.
CVE-2000-1100 1 Trlinux 1 Postaci Webmail 2008-09-05 7.5 HIGH N/A
The default configuration for PostACI webmail system installs the /includes/global.inc configuration file within the web root, which allows remote attackers to read sensitive information such as database usernames and passwords via a direct HTTP GET request.
CVE-2000-1101 1 Texas Imperial Software 1 Wftpd 2008-09-05 5.0 MEDIUM N/A
Directory traversal vulnerability in Winsock FTPd (WFTPD) 3.00 and 2.41 with the "Restrict to home directory" option enabled allows local users to escape the home directory via a "/../" string, a variation of the .. (dot dot) attack.
CVE-2000-1102 1 Ptlink 2 Ptlink Irc Services, Ptlink Ircd 2008-09-05 5.0 MEDIUM N/A
PTlink IRCD 3.5.3 and PTlink Services 1.8.1 allow remote attackers to cause a denial of service (server crash) via "mode +owgscfxeb" and "oper" commands.
CVE-2000-1103 1 Bsdi 1 Bsd Os 2008-09-05 7.2 HIGH N/A
rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before executing a script, which allows local attackers to gain privileges by specifying an alternate Trojan horse script on the command line.
CVE-2000-1105 1 Microsoft 1 Indexing Service 2008-09-05 4.3 MEDIUM N/A
The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 systems that have Indexing Services enabled.
CVE-2000-1110 1 Ibm 1 Net.data 2008-09-05 5.0 MEDIUM N/A
document.d2w CGI program in the IBM Net.Data db2www package allows remote attackers to determine the physical path of the web server by sending a nonexistent command to the program.
CVE-2000-1114 1 Unify 1 Ewave Servletexec 2008-09-05 5.0 MEDIUM N/A
Unify ServletExec AS v3.0C allows remote attackers to read source code for JSP pages via an HTTP request that ends with characters such as ".", or "+", or "%20".
CVE-2000-1118 1 24link 1 24link 2008-09-05 7.5 HIGH N/A
24Link 1.06 web server allows remote attackers to bypass access restrictions by prepending strings such as "/+/" or "/." to the HTTP GET request.
CVE-2000-1127 1 Hp 1 Hp-ux 2008-09-05 3.6 LOW N/A
registrar in the HP resource monitor service allows local users to read and modify arbitrary files by renaming the original registrar.log log file and creating a symbolic link to the target file, to which registrar appends log information and sets the permissions to be world readable.
CVE-2000-1128 1 Mcafee 1 Virusscan 2008-09-05 4.6 MEDIUM N/A
The default configuration of McAfee VirusScan 4.5 does not quote the ImagePath variable, which improperly sets the search path and allows local users to place a Trojan horse "common.exe" program in the C:\Program Files directory.
CVE-2000-1129 1 Network Associates 1 Webshield Smtp 2008-09-05 5.0 MEDIUM N/A
McAfee WebShield SMTP 4.5 allows remote attackers to cause a denial of service via a malformed recipient field.
CVE-2000-1130 1 Network Associates 1 Webshield Smtp 2008-09-05 7.5 HIGH N/A
McAfee WebShield SMTP 4.5 allows remote attackers to bypass email content filtering rules by including Extended ASCII characters in name of the attachment.
CVE-2000-1152 1 Be 1 Beos 2008-09-05 5.0 MEDIUM N/A
Browser IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL.
CVE-2000-1157 1 Network Associates 1 Sniffer Agent 2008-09-05 10.0 HIGH N/A
Buffer overflow in NAI Sniffer Agent allows remote attackers to execute arbitrary commands via a long SNMP community name.
CVE-2000-1158 1 Network Associates 1 Sniffer Agent 2008-09-05 7.5 HIGH N/A
NAI Sniffer Agent uses base64 encoding for authentication, which allows attackers to sniff the network and easily decrypt usernames and passwords.
CVE-2000-1159 1 Network Associates 1 Sniffer Agent 2008-09-05 7.5 HIGH N/A
NAI Sniffer Agent allows remote attackers to gain privileges on the agent by sniffing the initial UDP authentication packets and spoofing commands.
CVE-2000-1160 1 Network Associates 1 Sniffer Agent 2008-09-05 5.0 MEDIUM N/A
NAI Sniffer Agent allows remote attackers to cause a denial of service (crash) by sending a large number of login requests.