Full List

Search

Recent Vulnerabilities

• CVE-2000-0316 • published on July 12, 2000 Buffer overflow in Solaris 7 lp allows local users to gain root privileges via a long -d option.
• CVE-2000-0305 • published on July 12, 2000 Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the "IP Fragment Reassembly" vulnerability.
• CVE-2000-0195 • published on July 12, 2000 setxconf in Corel Linux allows local users to gain root access via the -T parameter, which executes the user's .xserverrc file.
• CVE-2000-0236 • published on July 12, 2000 Netscape Enterprise Server with Directory Indexing enabled allows remote attackers to list server directories via web publishing tags such as ?wp-ver-info and ?wp-cs-dump.
• CVE-2000-0249 • published on July 12, 2000 The AIX Fast Response Cache Accelerator (FRCA) allows local users to modify arbitrary files via the configuration capability in the frcactrl program.
• CVE-2000-0251 • published on July 12, 2000 HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes via an interface that has multiple aliased IP addresses.
• CVE-2000-0261 • published on July 12, 2000 The AVM KEN! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
• CVE-2000-0297 • published on July 12, 2000 Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables.
• CVE-2000-0304 • published on July 12, 2000 Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to cause a denial of service via a malformed request to the inetinfo.exe program, aka the "Undelimited .HTR Request" vulnerability.
• CVE-2000-0311 • published on July 12, 2000 The Windows 2000 domain controller allows a malicious user to modify Active Directory information by modifying an unprotected attribute, aka the "Mixed Object Access" vulnerability.
• CVE-2000-0262 • published on July 12, 2000 The AVM KEN! ISDN Proxy server allows remote attackers to cause a denial of service via a malformed request.
• CVE-2000-0264 • published on July 12, 2000 Panda Security 3.0 with registry editing disabled allows users to edit the registry and gain privileges by directly executing a .reg file or using other methods.
• CVE-2000-0279 • published on July 12, 2000 BeOS allows remote attackers to cause a denial of service via malformed packets whose length field is less than the length of the headers.
• CVE-2000-0331 • published on July 12, 2000 Buffer overflow in Microsoft command processor (CMD.EXE) for Windows NT and Windows 2000 allows a local user to cause a denial of service via a long environment variable, aka the "Malformed Environment Variable" vulnerability.
• CVE-2000-0352 • published on July 12, 2000 Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remote attackers to execute arbitrary commands via a malformed URL.
• CVE-2000-0354 • published on July 12, 2000 mirror 2.8.x in Linux systems allows remote attackers to create files one level above the local target directory.
• CVE-2000-0362 • published on July 12, 2000 Buffer overflows in Linux cdwtools 093 and earlier allows local users to gain root privileges.
• CVE-2000-0380 • published on July 12, 2000 The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a %% string.
• CVE-2000-0382 • published on July 12, 2000 ColdFusion ClusterCATS appends stale query string arguments to a URL during HTML redirection, which may provide sensitive information to the redirected site.
• CVE-2000-0336 • published on July 12, 2000 Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack.