Full List

Search

Recent Vulnerabilities

• CVE-2000-0481 • published on October 13, 2000 Buffer overflow in KDE Kmail allows a remote attacker to cause a denial of service via an attachment with a long file name.
• CVE-2000-0484 • published on October 13, 2000 Small HTTP Server ver 3.06 contains a memory corruption bug causing a memory overflow. The overflowed buffer crashes into a Structured Exception Handler resulting in a Denial of Service.
• CVE-2000-0485 • published on October 13, 2000 Microsoft SQL Server allows local users to obtain database passwords via the Data Transformation Service (DTS) package Properties dialog, aka the "DTS Password" vulnerability.
• CVE-2000-0490 • published on October 13, 2000 Buffer overflow in the NetWin DSMTP 2.7q in the NetWin dmail package allows remote attackers to execute arbitrary commands via a long ETRN request.
• CVE-2000-0494 • published on October 13, 2000 Veritas Volume Manager creates a world writable .server_pids file, which allows local users to add arbitrary commands into the file, which is then executed by the vmsa_server script.
• CVE-2000-0514 • published on October 13, 2000 GSSFTP FTP daemon in Kerberos 5 1.1.x does not properly restrict access to some FTP commands, which allows remote attackers to cause a denial of service, and local users to gain root privileges.
• CVE-2000-0530 • published on October 13, 2000 The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files.
• CVE-2000-0540 • published on October 13, 2000 JSP sample files in Allaire JRun 2.3.x allow remote attackers to access arbitrary files (e.g. via viewsource.jsp) or obtain configuration information.
• CVE-2000-0550 • published on October 13, 2000 Kerberos 4 KDC program improperly frees memory twice (aka "double-free"), which allows remote attackers to cause a denial of service.
• CVE-2000-0555 • published on October 13, 2000 Ceilidh allows remote attackers to cause a denial of service via a large number of POST requests.
• CVE-2000-0558 • published on October 13, 2000 Buffer overflow in HP Openview Network Node Manager 6.1 allows remote attackers to execute arbitrary commands via the Alarm service (OVALARMSRV) on port 2345.
• CVE-2000-0561 • published on October 13, 2000 Buffer overflow in WebBBS 1.15 allows remote attackers to execute arbitrary commands via a long HTTP GET request.
• CVE-2000-0583 • published on October 13, 2000 vchkpw program in vpopmail before version 4.8 does not properly cleanse an untrusted format string used in a call to syslog, which allows remote attackers to cause a denial of service via a USER or PASS command that contains arbitrary formatting directives.
• CVE-2000-0584 • published on October 13, 2000 Buffer overflow in Canna input system allows remote attackers to execute arbitrary commands via an SR_INIT command with a long user name or group name.
• CVE-2000-0591 • published on October 13, 2000 Novell BorderManager 3.0 and 3.5 allows remote attackers to bypass URL filtering by encoding characters in the requested URL.
• CVE-2000-0610 • published on October 13, 2000 NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to bypass authentication and use the server for mail relay via a username that contains a carriage return.
• CVE-2000-0624 • published on October 13, 2000 Buffer overflow in Winamp 2.64 and earlier allows remote attackers to execute arbitrary commands via a long #EXTINF: extension in the M3U playlist.
• CVE-2000-0627 • published on October 13, 2000 BlackBoard CourseInfo 4.0 does not properly authenticate users, which allows local users to modify CourseInfo database information and gain privileges by directly calling the supporting CGI programs such as user_update_passwd.pl and user_update_admin.pl.
• CVE-2000-0630 • published on October 13, 2000 IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source code by appending a +.htr to the URL, a variant of the "File Fragment Reading via .HTR" vulnerability.
• CVE-2000-0632 • published on October 13, 2000 Buffer overflow in the web archive component of L-Soft Listserv 1.8d and earlier allows remote attackers to execute arbitrary commands via a long query string.