Full List

Search

Recent Vulnerabilities

• CVE-1999-0916 • published on March 22, 2000 WebTrends software stores account names and passwords in a file which does not have restricted access permissions.
• CVE-1999-0996 • published on March 22, 2000 Buffer overflow in Infoseek Ultraseek search engine allows remote attackers to execute commands via a long GET request.
• CVE-1999-1000 • published on March 22, 2000 The web administration interface for Cisco Cache Engine allows remote attackers to view performance statistics.
• CVE-1999-0998 • published on March 22, 2000 Cisco Cache Engine allows an attacker to replace content in the cache.
• CVE-2000-0026 • published on March 22, 2000 Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string.
• CVE-2000-0037 • published on March 22, 2000 Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file.
• CVE-2000-0003 • published on March 22, 2000 Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable.
• CVE-2000-0022 • published on March 22, 2000 Lotus Domino HTTP server does not properly disable anonymous access for the cgi-bin directory.
• CVE-2000-0031 • published on March 22, 2000 The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack.
• CVE-2000-0025 • published on March 22, 2000 IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the "Virtual Directory Naming" vulnerability.
• CVE-2000-0023 • published on March 22, 2000 Buffer overflow in Lotus Domino HTTP server allows remote attackers to cause a denial of service via a long URL.
• CVE-2000-0040 • published on March 22, 2000 glFtpD allows local users to gain privileges via metacharacters in the SITE ZIPCHK command.
• CVE-2000-0029 • published on March 22, 2000 UnixWare pis and mkpis commands allow local users to gain privileges via a symlink attack.
• CVE-2000-0036 • published on March 22, 2000 Outlook Express 5 for Macintosh downloads attachments to HTML mail without prompting the user, aka the "HTML Mail Attachment" vulnerability.
• CVE-2000-0039 • published on March 22, 2000 AltaVista search engine allows remote attackers to read files above the document root via a .. (dot dot) in the query.cgi CGI program.
• CVE-2000-0041 • published on March 22, 2000 Macintosh systems generate large ICMP datagrams in response to malformed datagrams, allowing them to be used as amplifiers in a flood attack.
• CVE-2000-0089 • published on March 22, 2000 The rdisk utility in Microsoft Terminal Server Edition and Windows NT 4.0 stores registry hive information in a temporary file with permissions that allow local users to read it, aka the "RDISK Registry Enumeration File" vulnerability.
• CVE-2000-0088 • published on March 22, 2000 Buffer overflow in the conversion utilities for Japanese, Korean and Chinese Word 5 documents allows an attacker to execute commands, aka the "Malformed Conversion Data" vulnerability.
• CVE-2000-0098 • published on March 22, 2000 Microsoft Index Server allows remote attackers to determine the real path for a web directory via a request to an Internet Data Query file that does not exist.
• CVE-2000-0097 • published on March 22, 2000 The WebHits ISAPI filter in Microsoft Index Server allows remote attackers to read arbitrary files, aka the "Malformed Hit-Highlighting Argument" vulnerability.