Full List

Search

Recent Vulnerabilities

• CVE-2001-0106 • published on May 7, 2001 Vulnerability in inetd server in HP-UX 11.04 and earlier allows attackers to cause a denial of service when the "swait" state is used by a server.
• CVE-2001-0118 • published on May 7, 2001 rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack.
• CVE-2001-0120 • published on May 7, 2001 useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack.
• CVE-2001-0123 • published on May 7, 2001 Directory traversal vulnerability in eXtropia bbs_forum.cgi 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the file parameter.
• CVE-2001-0124 • published on May 7, 2001 Buffer overflow in exrecover in Solaris 2.6 and earlier possibly allows local users to gain privileges via a long command line argument.
• CVE-2001-0128 • published on May 7, 2001 Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.
• CVE-2001-0151 • published on May 7, 2001 IIS 5.0 allows remote attackers to cause a denial of service via a series of malformed WebDAV requests.
• CVE-2001-0165 • published on May 7, 2001 Buffer overflow in ximp40 shared library in Solaris 7 and Solaris 8 allows local users to gain privileges via a long "arg0" (process name) argument.
• CVE-2001-0191 • published on May 7, 2001 gnuserv before 3.12, as shipped with XEmacs, does not properly check the specified length of an X Windows MIT-MAGIC-COOKIE cookie, which allows remote attackers to execute arbitrary commands via a buffer overflow, or brute force authentication by using a short cookie length.
• CVE-2001-0137 • published on May 7, 2001 Windows Media Player 7 allows remote attackers to execute malicious Java applets in Internet Explorer clients by enclosing the applet in a skin file named skin.wmz, then referencing that skin in the codebase parameter to an applet tag, aka the Windows Media Player Skins File Download" vulnerability.
• CVE-2001-0140 • published on May 7, 2001 arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations.
• CVE-2001-0144 • published on May 7, 2001 CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow.
• CVE-2001-0147 • published on May 7, 2001 Buffer overflow in Windows 2000 event viewer snap-in allows attackers to execute arbitrary commands via a malformed field that is improperly handled during the detailed view of event records.
• CVE-2001-0149 • published on May 7, 2001 Windows Scripting Host in Internet Explorer 5.5 and earlier allows remote attackers to read arbitrary files via the GetObject Javascript function and the htmlfile ActiveX object.
• CVE-2001-0169 • published on May 7, 2001 When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to overwrite arbitrary files by loading a library from /lib or /usr/lib.
• CVE-2001-0187 • published on May 7, 2001 Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment.
• CVE-2001-0190 • published on May 7, 2001 Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0).
• CVE-2001-0129 • published on May 7, 2001 Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long connect request.
• CVE-2001-0138 • published on May 7, 2001 privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack.
• CVE-2001-0139 • published on May 7, 2001 inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations.