Full List

Search

Recent Vulnerabilities

• CVE-2000-0941 • published on January 22, 2001 Kootenay Web KW Whois 1.0 CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the "whois" parameter.
• CVE-2000-0961 • published on January 22, 2001 Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch 2 allows local users to execute arbitrary commands via a long LIST command.
• CVE-2000-0968 • published on January 22, 2001 Buffer overflow in Half Life dedicated server before build 3104 allows remote attackers to execute arbitrary commands via a long rcon command.
• CVE-2000-0972 • published on January 22, 2001 HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a symlink to the target file during the crontab session, quitting the session, and reading the error messages that crontab generates.
• CVE-2000-0975 • published on January 22, 2001 Directory traversal vulnerability in apexec.pl in Anaconda Foundation Directory allows remote attackers to read arbitrary files via a .. (dot dot) attack.
• CVE-2000-0982 • published on January 22, 2001 Internet Explorer before 5.5 forwards cached user credentials for a secure web site to insecure pages on the same web site, which could allow remote attackers to obtain the credentials by monitoring connections to the web server, aka the "Cached Web Credentials" vulnerability.
• CVE-2000-0983 • published on January 22, 2001 Microsoft NetMeeting with Remote Desktop Sharing enabled allows remote attackers to cause a denial of service (CPU utilization) via a sequence of null bytes to the NetMeeting port, aka the "NetMeeting Desktop Sharing" vulnerability.
• CVE-2000-0992 • published on January 22, 2001 Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack.
• CVE-2000-0994 • published on January 22, 2001 Format string vulnerability in OpenBSD fstat program (and possibly other BSD-based operating systems) allows local users to gain root privileges via the PWD environmental variable.
• CVE-2000-1000 • published on January 22, 2001 Format string vulnerability in AOL Instant Messenger (AIM) 4.1.2010 allows remote attackers to cause a denial of service and possibly execute arbitrary commands by transferring a file whose name includes format characters.
• CVE-2000-1006 • published on January 22, 2001 Microsoft Exchange Server 5.5 does not properly handle a MIME header with a blank charset specified, which allows remote attackers to cause a denial of service via a charset="" command, aka the "Malformed MIME Header" vulnerability.
• CVE-2000-0910 • published on January 22, 2001 Horde library 1.02 allows attackers to execute arbitrary commands via shell metacharacters in the "from" address.
• CVE-2000-0913 • published on January 22, 2001 mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to read arbitrary files if a RewriteRule directive is expanded to include a filename whose name contains a regular expression.
• CVE-2000-0914 • published on January 22, 2001 OpenBSD 2.6 and earlier allows remote attackers to cause a denial of service by flooding the server with ARP requests.
• CVE-2000-0917 • published on January 22, 2001 Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.
• CVE-2000-0926 • published on January 22, 2001 SmartWin CyberOffice Shopping Cart 2 (aka CyberShop) allows remote attackers to modify price information by changing the "Price" hidden form variable.
• CVE-2000-0928 • published on January 22, 2001 WQuinn QuotaAdvisor 4.1 allows users to list directories and files by running a report on the targeted shares.
• CVE-2000-0937 • published on January 22, 2001 Samba Web Administration Tool (SWAT) in Samba 2.0.7 does not log login attempts in which the username is correct but the password is wrong, which allows remote attackers to conduct brute force password guessing attacks.
• CVE-2000-0949 • published on January 22, 2001 Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier allows a local user to execute arbitrary commands via the -g option.
• CVE-2000-0956 • published on January 22, 2001 cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify the authorization for a local user, which could allow the users to bypass specified access restrictions.