Full List

Search

Recent Vulnerabilities

• CVE-2000-0677 • published on October 13, 2000 Buffer overflow in IBM Net.Data db2www CGI program allows remote attackers to execute arbitrary commands via a long PATH_INFO environmental variable.
• CVE-2000-0682 • published on October 13, 2000 BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /ConsoleHelp/ into the URL, which invokes the FileServlet.
• CVE-2000-0700 • published on October 13, 2000 Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit Ethernet cards, from IOS versions 11.2(15)GS1A up to 11.2(19)GS0.2 and some versions of 12.0, do not properly handle line card failures, which allows remote attackers to bypass ACLs or force the interface to stop forwarding packets.
• CVE-2000-0711 • published on October 13, 2000 Netscape Communicator does not properly prevent a ServerSocket object from being created by untrusted entities, which allows remote attackers to create a server on the victim's system via a malicious applet, as demonstrated by Brown Orifice.
• CVE-2000-0737 • published on October 13, 2000 The Service Control Manager (SCM) in Windows 2000 creates predictable named pipes, which allows a local user with console access to gain administrator privileges, aka the "Service Control Manager Named Pipe Impersonation" vulnerability.
• CVE-2000-0743 • published on October 13, 2000 Buffer overflow in University of Minnesota (UMN) gopherd 2.x allows remote attackers to execute arbitrary commands via a DES key generation request (GDESkey) that contains a long ticket value.
• CVE-2000-0750 • published on October 13, 2000 Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to execute arbitrary commands via a long file name.
• CVE-2000-0761 • published on October 13, 2000 OS2/Warp 4.5 FTP server allows remote attackers to cause a denial of service via a long username.
• CVE-2000-0768 • published on October 13, 2000 A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability.
• CVE-2000-0779 • published on October 13, 2000 Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows remote attackers to bypass access restrictions and connect to a RSH/REXEC client via malformed connection requests.
• CVE-2000-0782 • published on October 13, 2000 netauth.cgi program in Netwin Netauth 4.2e and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack.
• CVE-2000-0787 • published on October 13, 2000 IRC Xchat client versions 1.4.2 and earlier allows remote attackers to execute arbitrary commands by encoding shell metacharacters into a URL which XChat uses to launch a web browser.
• CVE-2000-0643 • published on October 13, 2000 Buffer overflow in WebActive HTTP Server 1.00 allows remote attackers to cause a denial of service via a long URL.
• CVE-2000-0661 • published on October 13, 2000 WircSrv IRC Server 5.07s allows remote attackers to cause a denial of service via a long string to the server port.
• CVE-2000-0669 • published on October 13, 2000 Novell NetWare 5.0 allows remote attackers to cause a denial of service by flooding port 40193 with random data.
• CVE-2000-0673 • published on October 13, 2000 The NetBIOS Name Server (NBNS) protocol does not perform authentication, which allows remote attackers to cause a denial of service by sending a spoofed Name Conflict or Name Release datagram, aka the "NetBIOS Name Server Protocol Spoofing" vulnerability.
• CVE-2000-0675 • published on October 13, 2000 Buffer overflow in Infopulse Gatekeeper 3.5 and earlier allows remote attackers to execute arbitrary commands via a long string.
• CVE-2000-0708 • published on October 13, 2000 Buffer overflow in Pragma Systems TelnetServer 2000 version 4.0 allows remote attackers to cause a denial of service via a long series of null characters to the rexec port.
• CVE-2000-0730 • published on October 13, 2000 Vulnerability in newgrp command in HP-UX 11.0 allows local users to gain privileges.
• CVE-2000-0778 • published on October 13, 2000 IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability.