Full List

Search

Recent Vulnerabilities

• CVE-2000-0100 • published on April 18, 2000 The SMS Remote Control program is installed with insecure permissions, which allows local users to gain privileges by modifying or replacing the program.
• CVE-2000-0095 • published on April 18, 2000 The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for determining the optimum MTU generates large amounts of traffic in response to small packets, allowing remote attackers to cause the system to be used as a packet amplifier.
• CVE-2000-0099 • published on April 18, 2000 Buffer overflow in UnixWare ppptalk command allows local users to gain privileges via a long prompt argument.
• CVE-2000-0107 • published on April 18, 2000 Linux apcd program allows local attackers to modify arbitrary files via a symlink attack.
• CVE-2000-0131 • published on April 18, 2000 Buffer overflow in War FTPd 1.6x allows users to cause a denial of service via long MKD and CWD commands.
• CVE-2000-0140 • published on April 18, 2000 Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service via a large number of connections.
• CVE-2000-0144 • published on April 18, 2000 Axis 700 Network Scanner does not properly restrict access to administrator URLs, which allows users to bypass the password protection via a .. (dot dot) attack.
• CVE-2000-0159 • published on April 18, 2000 HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set the password field to a blank and allow an attacker to gain privileges.
• CVE-2000-0183 • published on April 18, 2000 Buffer overflow in ircII 4.4 IRC client allows remote attackers to execute commands via the DCC chat capability.
• CVE-2000-0227 • published on April 12, 2000 The Linux 2.2.x kernel does not restrict the number of Unix domain sockets as defined by the wmem_max parameter, which allows local users to cause a denial of service by requesting a large number of sockets.
• CVE-2000-0244 • published on April 12, 2000 The Citrix ICA (Independent Computing Architecture) protocol uses weak encryption (XOR) for user authentication.
• CVE-2000-0242 • published on April 12, 2000 WindMail allows remote attackers to read arbitrary files or execute commands via shell metacharacters.
• CVE-2000-0239 • published on April 12, 2000 Buffer overflow in the MERCUR WebView WebMail server allows remote attackers to cause a denial of service via a long mail_user parameter in the GET request.
• CVE-2000-0241 • published on April 12, 2000 vqSoft vqServer stores sensitive information such as passwords in cleartext in the server.cfg file, which allows attackers to gain privileges.
• CVE-2000-0170 • published on April 10, 2000 Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable.
• CVE-2000-0172 • published on April 10, 2000 The mtr program only uses a seteuid call when attempting to drop privileges, which could allow local users to gain root privileges.
• CVE-2000-0182 • published on April 10, 2000 iPlanet Web Server 4.1 allows remote attackers to cause a denial of service via a large number of GET commands, which consumes memory and causes a kernel panic.
• CVE-2000-0186 • published on April 10, 2000 Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument.
• CVE-2000-0189 • published on April 10, 2000 ColdFusion Server 4.x allows remote attackers to determine the real pathname of the server via an HTTP request to the application.cfm or onrequestend.cfm files.
• CVE-2000-0178 • published on April 10, 2000 ServerIron switches by Foundry Networks have predictable TCP/IP sequence numbers, which allows remote attackers to spoof or hijack sessions.