Full List

Search

Recent Vulnerabilities

• CVE-2000-0798 • published on September 21, 2000 The truncate function in IRIX 6.x does not properly check for privileges when the file is in the xfs file system, which allows local users to delete the contents of arbitrary files.
• CVE-2000-0696 • published on September 21, 2000 The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly authenticate requests to its supporting CGI scripts, which allows remote attackers to add user accounts to the interface by directly calling the admin CGI script.
• CVE-2000-0723 • published on September 21, 2000 Helix GNOME Updater helix-update 0.5 and earlier does not properly create /tmp directories, which allows local users to create empty system configuration files such as /etc/config.d/bashrc, /etc/config.d/csh.cshrc, and /etc/rc.config.
• CVE-2000-0724 • published on September 21, 2000 The go-gnome Helix GNOME pre-installer allows local users to overwrite arbitrary files via a symlink attack on various files in /tmp, including uudecode, snarf, and some installer files.
• CVE-2000-0735 • published on September 21, 2000 Buffer overflow in Becky! Internet Mail client 1.26.03 and earlier allows remote attackers to cause a denial of service via a long Content-type: MIME header when the user replies to a message.
• CVE-2000-0752 • published on September 21, 2000 Buffer overflows in brouted in FreeBSD and possibly other OSes allows local users to gain root privileges via long command line arguments.
• CVE-2000-0789 • published on September 21, 2000 WinU 5.x and earlier uses weak encryption to store its configuration password, which allows local users to decrypt the password and gain privileges.
• CVE-2000-0800 • published on September 21, 2000 String parsing error in rpc.kstatd in the linuxnfs or knfsd packages in SuSE and possibly other Linux systems allows remote attackers to gain root privileges.
• CVE-2000-0802 • published on September 21, 2000 The BAIR program does not properly restrict access to the Internet Explorer Internet options menu, which allows local users to obtain access to the menu by modifying the registry key that starts BAIR.
• CVE-2000-0623 • published on August 3, 2000 Buffer overflow in O'Reilly WebSite Professional web server 2.4 and earlier allows remote attackers to execute arbitrary commands via a long GET request or Referrer header.
• CVE-2000-0626 • published on August 3, 2000 Buffer overflow in Alibaba web server allows remote attackers to cause a denial of service via a long GET request.
• CVE-2000-0629 • published on August 3, 2000 The default configuration of the Sun Java web server 2.0 and earlier allows remote attackers to execute arbitrary commands by uploading Java code to the server via board.html, then directly calling the JSP compiler servlet.
• CVE-2000-0625 • published on August 3, 2000 NetZero 3.0 and earlier uses weak encryption for storing a user's login information, which allows a local user to decrypt the password.
• CVE-2000-0656 • published on August 3, 2000 Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long USER command in the FTP protocol.
• CVE-2000-0667 • published on August 3, 2000 Vulnerability in gpm in Caldera Linux allows local users to delete arbitrary files or conduct a denial of service.
• CVE-2000-0645 • published on August 3, 2000 WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by using the RESTART (REST) command and writing beyond the end of a file, or writing to a file that does not exist, via commands such as STORE UNIQUE (STOU), STORE (STOR), or APPEND (APPE).
• CVE-2000-0646 • published on August 3, 2000 WFTPD and WFTPD Pro 2.41 allows remote attackers to obtain the real pathname for a file by executing a STATUS (STAT) command while the file is being transferred.
• CVE-2000-0648 • published on August 3, 2000 WFTPD and WFTPD Pro 2.41 allows local users to cause a denial of service by executing the RENAME TO (RNTO) command before a RENAME FROM (RNFR) command.
• CVE-2000-0649 • published on August 3, 2000 IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0 request for a web page which is protected by basic authentication and has no realm defined.
• CVE-2000-0659 • published on August 3, 2000 Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long user ID in a SOCKS4 CONNECT request.