Full List

Search

Recent Vulnerabilities

• CVE-2000-0842 • published on October 18, 2000 The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack.
• CVE-2000-0845 • published on October 18, 2000 kdebug daemon (kdebugd) in Digital Unix 4.0F allows remote attackers to read arbitrary files by specifying the full file name in the initialization packet.
• CVE-2000-0855 • published on October 18, 2000 SunFTP build 9(1) allows remote attackers to cause a denial of service by connecting to the server and disconnecting before sending a newline.
• CVE-2000-0857 • published on October 18, 2000 The logging capability in muh 2.05d IRC server does not properly cleanse user-injected format strings, which allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed nickname.
• CVE-2000-0879 • published on October 18, 2000 LPPlus programs dccsched, dcclpdser, dccbkst, dccshut, dcclpdshut, and dccbkstshut are installed setuid root and world executable, which allows arbitrary local users to start and stop various LPD services.
• CVE-2000-0881 • published on October 18, 2000 The dccscan setuid program in LPPlus does not properly check if the user has the permissions to print the file that is specified to dccscan, which allows local users to print arbitrary files.
• CVE-2000-0828 • published on October 18, 2000 Buffer overflow in ddicgi.exe in Mobius DocumentDirect for the Internet 1.2 allows remote attackers to execute arbitrary commands via a long User-Agent parameter.
• CVE-2000-0840 • published on October 18, 2000 Buffer overflow in XMail POP3 server before version 0.59 allows remote attackers to execute arbitrary commands via a long USER command.
• CVE-2000-0866 • published on October 18, 2000 Interbase 6 SuperServer for Linux allows an attacker to cause a denial of service via a query containing 0 bytes.
• CVE-2000-0880 • published on October 18, 2000 LPPlus creates the lpdprocess file with world-writeable permissions, which allows local users to kill arbitrary processes by specifying an alternate process ID and using the setuid dcclpdshut program to kill the process that was specified in the lpdprocess file.
• CVE-2000-0812 • published on October 18, 2000 The administration module in Sun Java web server allows remote attackers to execute arbitrary commands by uploading Java code to the module and invoke the com.sun.server.http.pagecompile.jsp92.JspServlet by requesting a URL that begins with a /servlet/ tag.
• CVE-2000-0831 • published on October 18, 2000 Buffer overflow in Fastream FTP++ 2.0 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long username.
• CVE-2000-0832 • published on October 18, 2000 Htgrep CGI program allows remote attackers to read arbitrary files by specifying the full pathname in the hdr parameter.
• CVE-2000-0835 • published on October 18, 2000 search.dll Sambar ISAPI Search utility in Sambar Server 4.4 Beta 3 allows remote attackers to read arbitrary directories by specifying the directory in the query parameter.
• CVE-2000-0841 • published on October 18, 2000 Buffer overflow in XMail POP3 server before version 0.59 allows remote attackers to execute arbitrary commands via a long APOP command.
• CVE-2000-0872 • published on October 18, 2000 explorer.php in PhotoAlbum 0.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
• CVE-2000-0882 • published on October 18, 2000 Intel Express 500 series switches allow a remote attacker to cause a denial of service via a malformed ICMP packet, which causes the CPU to crash.
• CVE-2000-0833 • published on October 18, 2000 Buffer overflow in WinSMTP 1.06f and 2.X allows remote attackers to cause a denial of service via a long (1) USER or (2) HELO command.
• CVE-2000-0836 • published on October 18, 2000 Buffer overflow in CamShot WebCam Trial2.6 allows remote attackers to execute arbitrary commands via a long Authorization header.
• CVE-2000-0843 • published on October 18, 2000 Buffer overflow in pam_smb and pam_ntdom pluggable authentication modules (PAM) allow remote attackers to execute arbitrary commands via a login with a long user name.