Full List

Search

Recent Vulnerabilities

• CVE-2000-0381 • published on July 12, 2000 The Gossamer Threads DBMan db.cgi CGI script allows remote attackers to view environmental variables and setup information by referencing a non-existing database in the db parameter.
• CVE-2000-0387 • published on July 12, 2000 The makelev program in the golddig game from the FreeBSD ports collection allows local users to overwrite arbitrary files.
• CVE-2000-0388 • published on July 12, 2000 Buffer overflow in FreeBSD libmytinfo library allows local users to execute commands via a long TERMCAP environmental variable.
• CVE-2000-0390 • published on July 12, 2000 Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges.
• CVE-2000-0393 • published on July 12, 2000 The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute.
• CVE-2000-0395 • published on July 12, 2000 Buffer overflow in CProxy 3.3 allows remote users to cause a denial of service via a long HTTP request.
• CVE-2000-0402 • published on July 12, 2000 The Mixed Mode authentication capability in Microsoft SQL Server 7.0 stores the System Administrator (sa) account in plaintext in a log file which is readable by any user, aka the "SQL Server 7.0 Service Pack Password" vulnerability.
• CVE-2000-0404 • published on July 12, 2000 The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ResetBrowser frame to the Master Browser, aka the "ResetBrowser Frame" vulnerability.
• CVE-2000-0410 • published on July 12, 2000 ColdFusion Server 4.5.1 allows remote attackers to cause a denial of service by making repeated requests to a CFCACHE tagged cache file that is not stored in memory.
• CVE-2000-0416 • published on July 12, 2000 NTMail 5.x allows network users to bypass the NTMail proxy restrictions by redirecting their requests to NTMail's web configuration server.
• CVE-2000-0418 • published on July 12, 2000 The Cayman 3220-H DSL router allows remote attackers to cause a denial of service via oversized ICMP echo (ping) requests.
• CVE-2000-0435 • published on July 12, 2000 The allmanageup.pl file upload CGI script in the Allmanage Website administration software 2.6 can be called directly by remote attackers, which allows them to modify user accounts or web pages.
• CVE-2000-0456 • published on July 12, 2000 NetBSD 1.4.2 and earlier allows local users to cause a denial of service by repeatedly running certain system calls in the kernel which do not yield the CPU, aka "cpu-hog".
• CVE-2000-0479 • published on July 12, 2000 Dragon FTP server allows remote attackers to cause a denial of service via a long USER command.
• CVE-2000-0487 • published on July 12, 2000 The Protected Store in Windows 2000 does not properly select the strongest encryption when available, which causes it to use a default of 40-bit encryption instead of 56-bit DES encryption, aka the "Protected Store Key Length" vulnerability.
• CVE-2000-0503 • published on July 12, 2000 The IFRAME of the WebBrowser control in Internet Explorer 5.01 allows a remote attacker to violate the cross frame security policy via the NavigateComplete2 event.
• CVE-2000-0391 • published on July 12, 2000 Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges.
• CVE-2000-0392 • published on July 12, 2000 Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges.
• CVE-2000-0396 • published on July 12, 2000 The add.exe program in the Carello shopping cart software allows remote attackers to duplicate files on the server, which could allow the attacker to read source code for web scripts such as .ASP files.
• CVE-2000-0398 • published on July 12, 2000 Buffer overflow in wconsole.dll in Rockliffe MailSite Management Agent allows remote attackers to execute arbitrary commands via a long query_string parameter in the HTTP GET request.