Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-1028 | 1 Hp | 1 Hp-ux | 2017-07-10 | 7.2 HIGH | N/A |
| Buffer overflow in cu program in HP-UX 11.0 may allow local users to gain privileges via a long -l command line argument. | |||||
| CVE-2000-1029 | 1 Isc | 1 Bind | 2017-07-10 | 10.0 HIGH | N/A |
| Buffer overflow in host command allows a remote attacker to execute arbitrary commands via a long response to an AXFR query. | |||||
| CVE-2000-1030 | 1 Csandt | 1 Corporatetime For The Web | 2017-07-10 | 5.0 MEDIUM | N/A |
| CS&T CorporateTime for the Web returns different error messages for invalid usernames and invalid passwords, which allows remote attackers to determine valid usernames on the server. | |||||
| CVE-2000-1066 | 1 Freebsd | 1 Freebsd | 2017-07-10 | 5.0 MEDIUM | N/A |
| The getnameinfo function in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows a remote attacker to cause a denial of service via a long DNS hostname. | |||||
| CVE-2000-1093 | 1 Aol | 1 Instant Messenger | 2017-07-10 | 7.5 HIGH | N/A |
| Buffer overflow in AOL Instant Messenger before 4.3.2229 allows remote attackers to execute arbitrary commands via a long "goim" command. | |||||
| CVE-2000-1215 | 1 Ibm | 1 Lotus Domino | 2017-07-10 | 5.0 MEDIUM | N/A |
| The default configuration of Lotus Domino server 5.0.8 includes system information (version, operating system, and build date) in the HTTP headers of replies, which allows remote attackers to obtain sensitive information. | |||||
| CVE-2000-1220 | 2 Redhat, Sgi | 2 Linux, Irix | 2017-07-10 | 10.0 HIGH | N/A |
| The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local users to gain root privileges by causing sendmail to execute with arbitrary command line arguments, as demonstrated using the -C option to specify a configuration file. | |||||
| CVE-2000-1221 | 3 Debian, Redhat, Sgi | 3 Debian Linux, Linux, Irix | 2017-07-10 | 10.0 HIGH | N/A |
| The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates by comparing the reverse-resolved hostname of the local machine to the hostname of the print server as returned by gethostname, which allows remote attackers to bypass intended access controls by modifying the DNS for the attacking IP. | |||||
| CVE-2000-1222 | 1 Ibm | 1 Aix | 2017-07-10 | 7.2 HIGH | N/A |
| AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which allows local users to gain privileges by modifying the path to point to a malicious hostname program. | |||||
| CVE-2000-1224 | 1 Caucho Technology | 1 Resin | 2017-07-10 | 5.0 MEDIUM | N/A |
| Caucho Technology Resin 1.2 and possibly earlier allows remote attackers to view JSP source via an HTTP request to a .jsp file with certain characters appended to the file name, such as (1) "..", (2) "%2e..", (3) "%81", (4) "%82", and others. | |||||
| CVE-2000-1238 | 1 Bea | 1 Weblogic Server | 2017-07-10 | 7.5 HIGH | N/A |
| BEA Systems WebLogic Express and WebLogic Server 5.1 SP1-SP6 allows remote attackers to bypass access controls for restricted JSP or servlet pages via a URL with multiple / (forward slash) characters before the restricted pages. | |||||
| CVE-2001-0199 | 1 Guido Frassetto | 1 Sedum | 2017-07-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in SEDUM HTTP Server 2.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the HTTP GET request. | |||||
| CVE-2001-0201 | 1 Umut Gokbayrak | 1 Postaci | 2017-07-10 | 7.5 HIGH | N/A |
| The Postaci frontend for PostgreSQL does not properly filter characters such as semicolons, which could allow remote attackers to execute arbitrary SQL queries via the deletecontact.php program. | |||||
| CVE-2001-0216 | 1 Mnscu Pals | 1 Webpals | 2017-07-10 | 7.5 HIGH | N/A |
| PALS Library System pals-cgi program allows remote attackers to execute arbitrary commands via shell metacharacters in the documentName parameter. | |||||
| CVE-2001-0217 | 1 Mnscu Pals | 1 Webpals | 2017-07-10 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in PALS Library System pals-cgi program allows remote attackers to read arbitrary files via a .. (dot dot) in the documentName parameter. | |||||
| CVE-2001-0224 | 1 Brightstation | 1 Muscat Empower | 2017-07-10 | 5.0 MEDIUM | N/A |
| Muscat Empower CGI program allows remote attackers to obtain the absolute pathname of the server via an invalid request in the DB parameter. | |||||
| CVE-2001-0273 | 1 Holger Lamm | 1 Pgp4pine | 2017-07-10 | 2.6 LOW | N/A |
| pgp4pine Pine/PGP interface version 1.75-6 does not properly check to see if a public key has expired when obtaining the keys via Gnu Privacy Guard (GnuPG), which causes the message to be sent in cleartext. | |||||
| CVE-2001-0300 | 1 Oracle | 1 Internet Directory | 2017-07-10 | 2.1 LOW | N/A |
| oidldapd 2.1.1.1 in Oracle 8.1.7 records log files in a directory (ldaplog) that has world-writable permissions, which may allow local users to delete logs and/or overwrite other files via a symlink attack. | |||||
| CVE-2001-0381 | 1 Pgp | 1 Openpgp | 2017-07-10 | 4.6 MEDIUM | N/A |
| The OpenPGP PGP standard allows an attacker to determine the private signature key via a cryptanalytic attack in which the attacker alters the encrypted private key file and captures a single message signed with the signature key. | |||||
| CVE-2001-0499 | 1 Oracle | 1 Oracle8i | 2017-07-10 | 10.0 HIGH | N/A |
| Buffer overflow in Transparent Network Substrate (TNS) Listener in Oracle 8i 8.1.7 and earlier allows remote attackers to gain privileges via a long argument to the commands (1) STATUS, (2) PING, (3) SERVICES, (4) TRC_FILE, (5) SAVE_CONFIG, or (6) RELOAD. | |||||