|
258901
|
5.0 |
MEDIUM
|
sonicwall
|
soho_firewall
|
The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via an empty GET or POST request.
|
NVD-CWE-Other
|
CVE-2000-1098
|
2008-09-6 05:22 |
2001-01-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258902
|
7.5 |
HIGH
|
trlinux
|
postaci_webmail
|
The default configuration for PostACI webmail system installs the /includes/global.inc configuration file within the web root, which allows remote attackers to read sensitive information such as data…
|
NVD-CWE-Other
|
CVE-2000-1100
|
2008-09-6 05:22 |
2001-01-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258903
|
5.0 |
MEDIUM
|
texas_imperial_software
|
wftpd
|
Directory traversal vulnerability in Winsock FTPd (WFTPD) 3.00 and 2.41 with the "Restrict to home directory" option enabled allows local users to escape the home directory via a "/../" string, a var…
|
NVD-CWE-Other
|
CVE-2000-1101
|
2008-09-6 05:22 |
2001-01-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258904
|
5.0 |
MEDIUM
|
ptlink
|
ptlink_irc_services
ptlink_ircd
|
PTlink IRCD 3.5.3 and PTlink Services 1.8.1 allow remote attackers to cause a denial of service (server crash) via "mode +owgscfxeb" and "oper" commands.
|
NVD-CWE-Other
|
CVE-2000-1102
|
2008-09-6 05:22 |
2001-01-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258905
|
7.2 |
HIGH
|
bsdi
|
bsd_os
|
rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before executing a script, which allows local attackers to gain privileges by specifying an alternate Trojan horse script on the command li…
|
NVD-CWE-Other
|
CVE-2000-1103
|
2008-09-6 05:22 |
2001-01-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258906
|
4.3 |
MEDIUM
|
microsoft
|
indexing_service
|
The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site operators to embed a script that remotely determines the existence of files on visiting Windows 2000 sy…
|
NVD-CWE-Other
|
CVE-2000-1105
|
2008-09-6 05:22 |
2001-01-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258907
|
5.0 |
MEDIUM
|
ibm
|
net.data
|
document.d2w CGI program in the IBM Net.Data db2www package allows remote attackers to determine the physical path of the web server by sending a nonexistent command to the program.
|
NVD-CWE-Other
|
CVE-2000-1110
|
2008-09-6 05:22 |
2001-01-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258908
|
5.0 |
MEDIUM
|
unify
|
ewave_servletexec
|
Unify ServletExec AS v3.0C allows remote attackers to read source code for JSP pages via an HTTP request that ends with characters such as ".", or "+", or "%20".
|
NVD-CWE-Other
|
CVE-2000-1114
|
2008-09-6 05:22 |
2001-01-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258909
|
7.5 |
HIGH
|
24link
|
24link
|
24Link 1.06 web server allows remote attackers to bypass access restrictions by prepending strings such as "/+/" or "/." to the HTTP GET request.
|
NVD-CWE-Other
|
CVE-2000-1118
|
2008-09-6 05:22 |
2001-01-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258910
|
3.6 |
LOW
|
hp
|
hp-ux
|
registrar in the HP resource monitor service allows local users to read and modify arbitrary files by renaming the original registrar.log log file and creating a symbolic link to the target file, to …
|
NVD-CWE-Other
|
CVE-2000-1127
|
2008-09-6 05:22 |
2001-01-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258911
|
4.6 |
MEDIUM
|
mcafee
|
virusscan
|
The default configuration of McAfee VirusScan 4.5 does not quote the ImagePath variable, which improperly sets the search path and allows local users to place a Trojan horse "common.exe" program in t…
|
NVD-CWE-Other
|
CVE-2000-1128
|
2008-09-6 05:22 |
2001-01-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258912
|
5.0 |
MEDIUM
|
network_associates
|
webshield_smtp
|
McAfee WebShield SMTP 4.5 allows remote attackers to cause a denial of service via a malformed recipient field.
|
NVD-CWE-Other
|
CVE-2000-1129
|
2008-09-6 05:22 |
2001-01-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258913
|
7.5 |
HIGH
|
network_associates
|
webshield_smtp
|
McAfee WebShield SMTP 4.5 allows remote attackers to bypass email content filtering rules by including Extended ASCII characters in name of the attachment.
|
NVD-CWE-Other
|
CVE-2000-1130
|
2008-09-6 05:22 |
2001-01-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258914
|
5.0 |
MEDIUM
|
be
|
beos
|
Browser IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via a message that contains a long URL.
|
NVD-CWE-Other
|
CVE-2000-1152
|
2008-09-6 05:22 |
2001-01-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258915
|
10.0 |
HIGH
|
network_associates
|
sniffer_agent
|
Buffer overflow in NAI Sniffer Agent allows remote attackers to execute arbitrary commands via a long SNMP community name.
|
NVD-CWE-Other
|
CVE-2000-1157
|
2008-09-6 05:22 |
2001-01-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258916
|
7.5 |
HIGH
|
network_associates
|
sniffer_agent
|
NAI Sniffer Agent uses base64 encoding for authentication, which allows attackers to sniff the network and easily decrypt usernames and passwords.
|
NVD-CWE-Other
|
CVE-2000-1158
|
2008-09-6 05:22 |
2001-01-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258917
|
7.5 |
HIGH
|
network_associates
|
sniffer_agent
|
NAI Sniffer Agent allows remote attackers to gain privileges on the agent by sniffing the initial UDP authentication packets and spoofing commands.
|
NVD-CWE-Other
|
CVE-2000-1159
|
2008-09-6 05:22 |
2001-01-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258918
|
5.0 |
MEDIUM
|
network_associates
|
sniffer_agent
|
NAI Sniffer Agent allows remote attackers to cause a denial of service (crash) by sending a large number of login requests.
|
NVD-CWE-Other
|
CVE-2000-1160
|
2008-09-6 05:22 |
2001-01-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258919
|
7.5 |
HIGH
|
adcycle
|
adcycle
|
The installation of AdCycle banner management system leaves the build.cgi program in a web-accessible directory, which allows remote attackers to execute the program and view passwords or delete data…
|
NVD-CWE-Other
|
CVE-2000-1161
|
2008-09-6 05:22 |
2001-01-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258920
|
10.0 |
HIGH
|
rob_flynn
|
gaim
|
Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol allows remote attackers to conduct a denial of service and possibly execute arbitrary commands via a long HTML tag.
|
NVD-CWE-Other
|
CVE-2000-1172
|
2008-09-6 05:22 |
2001-01-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258921
|
5.0 |
MEDIUM
|
microsys
|
cyberpatrol
|
Microsys CyberPatrol uses weak encryption (trivial encoding) for credit card numbers and uses no encryption for the remainder of the information during registration, which could allow attackers to sn…
|
NVD-CWE-Other
|
CVE-2000-1173
|
2008-09-6 05:22 |
2001-01-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258922
|
7.2 |
HIGH
|
jan_hubicka
|
koules
|
Buffer overflow in Koules 1.4 allows local users to execute arbitrary commands via a long command line argument.
|
NVD-CWE-Other
|
CVE-2000-1175
|
2008-09-6 05:22 |
2001-01-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258923
|
7.5 |
HIGH
|
yabb
|
yabb
|
Directory traversal vulnerability in YaBB search.pl CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "catsearch" form field.
|
NVD-CWE-Other
|
CVE-2000-1176
|
2008-09-6 05:22 |
2001-01-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258924
|
5.0 |
MEDIUM
|
bb4
|
big_brother_network_monitor
|
bb-hist.sh, bb-histlog.sh, bb-hostsvc.sh, bb-rep.sh, bb-replog.sh, and bb-ack.sh in Big Brother (BB) before 1.5d3 allows remote attackers to determine the existence of files and user ID's by specifyi…
|
NVD-CWE-Other
|
CVE-2000-1177
|
2008-09-6 05:22 |
2001-01-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258925
|
5.0 |
MEDIUM
|
itserv_incorporated
|
ridewaypn
|
The telnet proxy in RideWay PN proxy server allows remote attackers to cause a denial of service via a flood of connections that contain malformed requests.
|
NVD-CWE-Other
|
CVE-2000-1185
|
2008-09-6 05:22 |
2001-01-9 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258926
|
7.5 |
HIGH
|
argosoft
|
ftp_server
|
Argosoft FRP server 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to the (1) USER or (2) CWD commands.
|
NVD-CWE-Other
|
CVE-2000-1194
|
2008-09-6 05:22 |
2001-08-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258927
|
5.0 |
MEDIUM
|
checkpoint
|
firewall-1
|
Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264.
|
NVD-CWE-Other
|
CVE-2000-1201
|
2008-09-6 05:22 |
2001-08-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258928
|
7.5 |
HIGH
|
zope
|
zope
|
Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object constructors such as DTML method objects, which could allow attackers to perform unauthorized activ…
|
NVD-CWE-Other
|
CVE-2000-1211
|
2008-09-6 05:22 |
2000-12-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258929
|
7.5 |
HIGH
|
gnu
|
g\+\+
gcc
|
The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not handle all types of integer overflows, which may leave applications vulnerable to vulnerabilities related to overflows.
|
NVD-CWE-Other
|
CVE-2000-1219
|
2008-09-6 05:22 |
2000-11-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258930
|
7.5 |
HIGH
|
i-soft
|
quikstore
|
quikstore.cgi in Quikstore Shopping Cart allows remote attackers to execute arbitrary commands via shell metacharacters in the URL portion of an HTTP GET request.
|
NVD-CWE-Other
|
CVE-2000-1223
|
2008-09-6 05:22 |
2000-11-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258931
|
5.0 |
MEDIUM
|
imatix
|
xitami
|
Xitami 2.5b installs the testcgi.exe program by default in the cgi-bin directory, which allows remote attackers to gain sensitive configuration information about the web server by accessing the progr…
|
NVD-CWE-Other
|
CVE-2000-1225
|
2008-09-6 05:22 |
2000-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258932
|
5.0 |
MEDIUM
|
snort
|
snort
|
Snort 1.6, when running in straight ASCII packet logging mode or IDS mode with straight decoded ASCII packet logging selected, allows remote attackers to cause a denial of service (crash) by sending …
|
NVD-CWE-Other
|
CVE-2000-1226
|
2008-09-6 05:22 |
2000-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258933
|
5.0 |
MEDIUM
|
phorum
|
phorum
|
Phorum 3.0.7 allows remote attackers to change the administrator password without authentication via an HTTP request for admin.php3 that sets step, option, confirm and newPssword variables.
|
NVD-CWE-Other
|
CVE-2000-1228
|
2008-09-6 05:22 |
2000-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258934
|
5.0 |
MEDIUM
|
phorum
|
phorum
|
Directory traversal vulnerability in Phorum 3.0.7 allows remote Phorum administrators to read arbitrary files via ".." (dot dot) sequences in the default .langfile name field in the Master Settings a…
|
NVD-CWE-Other
|
CVE-2000-1229
|
2008-09-6 05:22 |
2000-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258935
|
5.0 |
MEDIUM
|
phorum
|
phorum
|
Backdoor in auth.php3 in Phorum 3.0.7 allows remote attackers to access restricted web pages via an HTTP request with the PHP_AUTH_USER parameter set to "boogieman".
|
NVD-CWE-Other
|
CVE-2000-1230
|
2008-09-6 05:22 |
2000-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258936
|
5.0 |
MEDIUM
|
phorum
|
phorum
|
code.php3 in Phorum 3.0.7 allows remote attackers to read arbitrary files in the phorum directory via the query string.
|
NVD-CWE-Other
|
CVE-2000-1231
|
2008-09-6 05:22 |
2000-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258937
|
5.0 |
MEDIUM
|
phorum
|
phorum
|
upgrade.php3 in Phorum 3.0.7 could allow remote attackers to modify certain Phorum database tables via an unknown method.
|
NVD-CWE-Other
|
CVE-2000-1232
|
2008-09-6 05:22 |
2000-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258938
|
7.5 |
HIGH
|
phorum
|
phorum
|
SQL injection vulnerability in read.php3 and other scripts in Phorum 3.0.7 allows remote attackers to execute arbitrary SQL queries via the sSQL parameter.
|
NVD-CWE-Other
|
CVE-2000-1233
|
2008-09-6 05:22 |
2000-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258939
|
5.0 |
MEDIUM
|
phorum
|
phorum
|
violation.php3 in Phorum 3.0.7 allows remote attackers to send e-mails to arbitrary addresses and possibly use Phorum as a "spam proxy" by setting the Mod and ForumName parameters.
|
NVD-CWE-Other
|
CVE-2000-1234
|
2008-09-6 05:22 |
2000-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258940
|
5.0 |
MEDIUM
|
oracle
|
application_server
|
The default configurations of (1) the port listener and (2) modplsql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allow remote attackers to view privileged database information via H…
|
NVD-CWE-Other
|
CVE-2000-1235
|
2008-09-6 05:22 |
2000-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258941
|
5.0 |
MEDIUM
|
floosietek
|
ftgate
|
The POP3 server in FTGate returns an -ERR code after receiving an invalid USER request, which makes it easier for remote attackers to determine valid usernames and conduct brute force password guessi…
|
NVD-CWE-Other
|
CVE-2000-1237
|
2008-09-6 05:22 |
2000-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258942
|
7.2 |
HIGH
|
ibm
|
aix
|
AIX cdmount allows local users to gain root privileges via shell metacharacters.
|
NVD-CWE-Other
|
CVE-2000-0466
|
2008-09-6 05:21 |
2000-06-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258943
|
5.0 |
MEDIUM
|
analogx
|
proxy
|
Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial of service via a long HELO command in the SMTP protocol.
|
NVD-CWE-Other
|
CVE-2000-0657
|
2008-09-6 05:21 |
2000-07-25 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258944
|
2.1 |
LOW
|
cvs
|
cvs
|
The CVS 1.10.8 client trusts pathnames that are provided by the CVS server, which allows the server to force the client to create arbitrary files.
|
NVD-CWE-Other
|
CVE-2000-0679
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258945
|
7.2 |
HIGH
|
cvs
|
cvs
|
The CVS 1.10.8 server does not properly restrict users from creating arbitrary Checkin.prog or Update.prog programs, which allows remote CVS committers to modify or create Trojan horse programs with …
|
NVD-CWE-Other
|
CVE-2000-0680
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258946
|
10.0 |
HIGH
|
bea
|
weblogic_server
|
Buffer overflow in BEA WebLogic server proxy plugin allows remote attackers to execute arbitrary commands via a long URL with a .JSP extension.
|
NVD-CWE-Other
|
CVE-2000-0681
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258947
|
5.0 |
MEDIUM
|
bea
|
weblogic_server
|
BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /ConsoleHelp/ into the URL, which invokes the FileServlet.
|
NVD-CWE-Other
|
CVE-2000-0682
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258948
|
5.0 |
MEDIUM
|
bea
|
weblogic_server
|
BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /*.shtml/ into the URL, which invokes the SSIServlet.
|
NVD-CWE-Other
|
CVE-2000-0683
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258949
|
5.0 |
MEDIUM
|
cgi_script_center
|
auction_weaver
|
Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the fromfile parameter.
|
NVD-CWE-Other
|
CVE-2000-0686
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
258950
|
10.0 |
HIGH
|
cgi_script_center
|
auction_weaver
|
Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the catdir parameter.
|
NVD-CWE-Other
|
CVE-2000-0687
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
