Full List

Search

Recent Vulnerabilities

• CVE-2000-0754 • published on October 13, 2000 Vulnerability in HP OpenView Network Node Manager (NMM) version 6.1 related to passwords.
• CVE-2000-0680 • published on September 21, 2000 The CVS 1.10.8 server does not properly restrict users from creating arbitrary Checkin.prog or Update.prog programs, which allows remote CVS committers to modify or create Trojan horse programs with the Checkin.prog or Update.prog names, then performing a CVS commit action.
• CVE-2000-0695 • published on September 21, 2000 Buffer overflows in pgxconfig in the Raptor GFX configuration tool allow local users to gain privileges via command line options.
• CVE-2000-0714 • published on September 21, 2000 umb-scheme 3.2-11 for Red Hat Linux is installed with world-writeable files.
• CVE-2000-0715 • published on September 21, 2000 DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to create or overwrite arbitrary files via a symlink attack on a temporary file.
• CVE-2000-0734 • published on September 21, 2000 eEye IRIS 1.01 beta allows remote attackers to cause a denial of service via a large number of UDP connections.
• CVE-2000-0736 • published on September 21, 2000 Buffer overflow in Becky! Internet Mail client 1.26.04 and earlier allows remote attackers to cause a denial of service via a long Content-type: MIME header when the user forwards a message.
• CVE-2000-0755 • published on September 21, 2000 Vulnerability in the newgrp command in HP-UX 11.00 allows local users to gain privileges.
• CVE-2000-0769 • published on September 21, 2000 O'Reilly WebSite Pro 2.3.7 installs the uploader.exe program with execute permissions for all users, which allows remote attackers to create and execute arbitrary files by directly calling uploader.exe.
• CVE-2000-0784 • published on September 21, 2000 sshd program in the Rapidstream 2.1 Beta VPN appliance has a hard-coded "rsadmin" account with a null password, which allows remote attackers to execute arbitrary commands via ssh.
• CVE-2000-0686 • published on September 21, 2000 Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the fromfile parameter.
• CVE-2000-0687 • published on September 21, 2000 Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the catdir parameter.
• CVE-2000-0688 • published on September 21, 2000 Subscribe Me LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the subscribe.pl script with the setpwd parameter.
• CVE-2000-0689 • published on September 21, 2000 Account Manager LITE does not properly authenticate attempts to change the administrator password, which allows remote attackers to gain privileges for the Account Manager by directly calling the amadmin.pl script with the setpasswd parameter.
• CVE-2000-0690 • published on September 21, 2000 Auction Weaver CGI script 1.02 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the fromfile parameter.
• CVE-2000-0697 • published on September 21, 2000 The administration interface for the dwhttpd web server in Solaris AnswerBook2 allows interface users to remotely execute commands via shell metacharacters.
• CVE-2000-0701 • published on September 21, 2000 The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges.
• CVE-2000-0710 • published on September 21, 2000 The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to determine the physical path of the server components by requesting an invalid URL whose name includes a standard DOS device name.
• CVE-2000-0713 • published on September 21, 2000 Buffer overflow in Adobe Acrobat 4.05, Reader, Business Tools, and Fill In products that handle PDF files allows attackers to execute arbitrary commands via a long /Registry or /Ordering specifier.
• CVE-2000-0719 • published on September 21, 2000 VariCAD 7.0 is installed with world-writeable files, which allows local users to replace the VariCAD programs with a Trojan horse program.