Full List

Search

Recent Vulnerabilities

• CVE-2000-0290 • published on March 9, 2002 Buffer overflow in Webstar HTTP server allows remote attackers to cause a denial of service via a long GET request.
• CVE-2000-0298 • published on March 9, 2002 The unattended installation of Windows 2000 with the OEMPreinstall option sets insecure permissions for the All Users and Default Users directories.
• CVE-2000-0324 • published on March 9, 2002 pcAnywhere 8.x and 9.0 allows remote attackers to cause a denial of service via a TCP SYN scan, e.g. by nmap.
• CVE-2000-0457 • published on March 9, 2002 ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the ".HTR File Fragment Reading" or "File Fragment Reading via .HTR" vulnerability.
• CVE-2000-0581 • published on March 9, 2002 Windows 2000 Telnet Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros, which causes the server to crash.
• CVE-2000-0551 • published on March 9, 2002 The file transfer mechanism in Danware NetOp 6.0 does not provide authentication, which allows remote attackers to access and modify arbitrary files.
• CVE-2000-0575 • published on March 9, 2002 SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created in the current directory of the user who is logging in, which could allow remote attackers to sniff the ticket cache if the home directory is installed on NFS.
• CVE-2000-0600 • published on March 9, 2002 Netscape Enterprise Server in NetWare 5.1 allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed URL.
• CVE-2000-0619 • published on March 9, 2002 Top Layer AppSwitch 2500 allows remote attackers to cause a denial of service via malformed ICMP packets.
• CVE-2000-0570 • published on March 9, 2002 FirstClass Internet Services server 5.770, and other versions before 6.1, allows remote attackers to cause a denial of service by sending an email with a long To: mail header.
• CVE-2000-0593 • published on March 9, 2002 WinProxy 2.0 and 2.0.1 allows remote attackers to cause a denial of service by sending an HTTP GET request without listing an HTTP version number.
• CVE-2000-0615 • published on March 9, 2002 LPRng 3.6.x improperly installs lpd as setuid root, which can allow local users to append lpd trace and logging messages to files.
• CVE-2000-0699 • published on March 9, 2002 Format string vulnerability in ftpd in HP-UX 10.20 allows remote attackers to cause a denial of service or execute arbitrary commands via format strings in the PASS command.
• CVE-2000-0825 • published on March 9, 2002 Ipswitch Imail 6.0 allows remote attackers to cause a denial of service via a large number of connections in which a long Host: header is sent, which causes a thread to crash.
• CVE-2000-0830 • published on March 9, 2002 annclist.exe in webTV for Windows allows remote attackers to cause a denial of service by via a large, malformed UDP packet to ports 22701 through 22705.
• CVE-2000-0891 • published on March 9, 2002 A default ECL in Lotus Notes before 5.02 allows remote attackers to execute arbitrary commands by attaching a malicious program in an email message that is automatically executed when the user opens the email.
• CVE-2000-0741 • published on March 9, 2002 Format string vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary code via format strings in a URL with a .XUDA extension.
• CVE-2000-0662 • published on March 9, 2002 Internet Explorer 5.x and Microsoft Outlook allows remote attackers to read arbitrary files by redirecting the contents of an IFRAME using the DHTML Edit Control (DHTMLED).
• CVE-2000-0776 • published on March 9, 2002 Mediahouse Statistics Server 5.02x allows remote attackers to execute arbitrary commands via a long HTTP GET request.
• CVE-2000-0790 • published on March 9, 2002 The web-based folder display capability in Microsoft Internet Explorer 5.5 on Windows 98 allows local users to insert Trojan horse programs by modifying the Folder.htt file and using the InvokeVerb method in the ShellDefView ActiveX control to specify a default execute option for the first file that is listed in the folder.