Full List

Search

Recent Vulnerabilities

• CVE-2000-0660 • published on October 13, 2000 The WDaemon web server for WorldClient 2.1 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
• CVE-2000-0663 • published on October 13, 2000 The registry entry for the Windows Shell executable (Explorer.exe) in Windows NT and Windows 2000 uses a relative path name, which allows local users to execute arbitrary commands by inserting a Trojan Horse named Explorer.exe into the %Systemdrive% directory, aka the "Relative Shell Path" vulnerability.
• CVE-2000-0668 • published on October 13, 2000 pam_console PAM module in Linux systems allows a user to access the system console and reboot the system when a display manager such as gdm or kdm has XDMCP enabled.
• CVE-2000-0670 • published on October 13, 2000 The cvsweb CGI script in CVSWeb 1.80 allows remote attackers with write access to a CVS repository to execute arbitrary commands via shell metacharacters.
• CVE-2000-0681 • published on October 13, 2000 Buffer overflow in BEA WebLogic server proxy plugin allows remote attackers to execute arbitrary commands via a long URL with a .JSP extension.
• CVE-2000-0683 • published on October 13, 2000 BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /*.shtml/ into the URL, which invokes the SSIServlet.
• CVE-2000-0703 • published on October 13, 2000 suidperl (aka sperl) does not properly cleanse the escape sequence "~!" before calling /bin/mail to send an error report, which allows local users to gain privileges by setting the "interactive" environmental variable and calling suidperl with a filename that contains the escape sequence.
• CVE-2000-0706 • published on October 13, 2000 Buffer overflows in ntop running in web mode allows remote attackers to execute arbitrary commands.
• CVE-2000-0707 • published on October 13, 2000 PCCS MySQLDatabase Admin Tool Manager 1.2.4 and earlier installs the file dbconnect.inc within the web root, which allows remote attackers to obtain sensitive information such as the administrative password.
• CVE-2000-0727 • published on October 13, 2000 xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL's, which allows an attacker to execute arbitrary commands via a URL that contains shell metacharacters.
• CVE-2000-0728 • published on October 13, 2000 xpdf PDF viewer client earlier than 0.91 allows local users to overwrite arbitrary files via a symlink attack.
• CVE-2000-0758 • published on October 13, 2000 The web interface for Lyris List Manager 3 and 4 allows list subscribers to obtain administrative access by modifying the value of the list_admin hidden form field.
• CVE-2000-0763 • published on October 13, 2000 xlockmore and xlockf do not properly cleanse user-injected format strings, which allows local users to gain root privileges via the -d option.
• CVE-2000-0770 • published on October 13, 2000 IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folders have less restrictive permissions, which could allow remote attackers to bypass access restrictions to some files, aka the "File Permission Canonicalization" vulnerability.
• CVE-2000-0771 • published on October 13, 2000 Microsoft Windows 2000 allows local users to cause a denial of service by corrupting the local security policy via malformed RPC traffic, aka the "Local Security Policy Corruption" vulnerability.
• CVE-2000-0786 • published on October 13, 2000 GNU userv 1.0.0 and earlier does not properly perform file descriptor swapping, which can corrupt the USERV_GROUPS and USERV_GIDS environmental variables and allow local users to bypass some access restrictions.
• CVE-2000-0792 • published on October 13, 2000 Gnome Lokkit firewall package before 0.41 does not properly restrict access to some ports, even if a user does not make any services available.
• CVE-2000-0651 • published on October 13, 2000 The ClientTrust program in Novell BorderManager does not properly verify the origin of authentication requests, which could allow remote attackers to impersonate another user by replaying the authentication requests and responses from port 3024 of the victim's machine.
• CVE-2000-0652 • published on October 13, 2000 IBM WebSphere allows remote attackers to read source code for executable web files by directly calling the default InvokerServlet using a URL which contains the "/servlet/file" string.
• CVE-2000-0664 • published on October 13, 2000 AnalogX SimpleServer:WWW 1.06 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack that uses the %2E URL encoding for the dots.