|
266101
|
10.0 |
HIGH
|
elsa
|
lancom_1100_office
|
The web administration server for ELSA Lancom 1100 Office does not require authentication, which allows arbitrary remote attackers to gain administrative privileges by connecting to the server.
|
NVD-CWE-Other
|
CVE-2001-1223
|
2008-09-6 05:25 |
2001-12-26 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266102
|
5.0 |
MEDIUM
|
lightwave
|
consoleserver
|
The pre-login mode in the System Administrator interface of Lightwave ConsoleServer 3200 allows remote attackers to obtain sensitive information such as system status, configuration, and users.
|
NVD-CWE-Other
|
CVE-2001-0396
|
2008-09-6 05:24 |
2001-07-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266103
|
7.5 |
HIGH
|
silent_runner
|
silent_runner_collector_src
|
Buffer overflow in Silent Runner Collector (SRC) 1.6.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long SMTP HELO command.
|
NVD-CWE-Other
|
CVE-2001-0397
|
2008-09-6 05:24 |
2001-06-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266104
|
7.5 |
HIGH
|
ritlabs
|
the_bat
|
The BAT! mail client allows remote attackers to bypass user warnings of an executable attachment and execute arbitrary commands via an attachment whose file name contains many spaces, which also caus…
|
NVD-CWE-Other
|
CVE-2001-0398
|
2008-09-6 05:24 |
2001-06-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266105
|
7.5 |
HIGH
|
matt_tourtillott
|
nph-maillist
|
nph-maillist.pl allows remote attackers to execute arbitrary commands via shell metacharacters ("`") in the email address.
|
NVD-CWE-Other
|
CVE-2001-0400
|
2008-09-6 05:24 |
2001-07-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266106
|
2.1 |
LOW
|
samba
|
samba
|
Samba before 2.2.0 allows local attackers to overwrite arbitrary files via a symlink attack using (1) a printer queue query, (2) the more command in smbclient, or (3) the mput command in smbclient.
|
NVD-CWE-Other
|
CVE-2001-0406
|
2008-09-6 05:24 |
2001-07-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266107
|
5.0 |
MEDIUM
|
ncm
|
ncm_content_management_system
|
content.pl script in NCM Content Management System allows remote attackers to read arbitrary contents of the content database by inserting SQL characters into the id parameter.
|
NVD-CWE-Other
|
CVE-2001-0418
|
2008-09-6 05:24 |
2001-07-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266108
|
5.0 |
MEDIUM
|
way_to_the_web
|
talkback
|
Directory traversal vulnerability in talkback.cgi program allows remote attackers to read arbitrary files via a .. (dot dot) in the article parameter.
|
NVD-CWE-Other
|
CVE-2001-0420
|
2008-09-6 05:24 |
2001-06-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266109
|
7.5 |
HIGH
|
adcycle
|
adcycle
|
AdLibrary.pm in AdCycle 0.78b allows remote attackers to gain privileges to AdCycle via a malformed Agent: header in the HTTP request, which is inserted into a resulting SQL query that is used to ver…
|
NVD-CWE-Other
|
CVE-2001-0425
|
2008-09-6 05:24 |
2001-06-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266110
|
10.0 |
HIGH
|
trend_micro
|
interscan_viruswall
|
Buffer overflows in various CGI programs in the remote administration service for Trend Micro Interscan VirusWall 3.01 allow remote attackers to execute arbitrary commands.
|
NVD-CWE-Other
|
CVE-2001-0432
|
2008-09-6 05:24 |
2001-07-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266111
|
2.1 |
LOW
|
netopia
|
timbuktu_mac
|
Preview version of Timbuktu for Mac OS X allows local users to modify System Preferences without logging in via the About Timbuktu menu.
|
NVD-CWE-Other
|
CVE-2001-0438
|
2008-09-6 05:24 |
2001-07-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266112
|
7.5 |
HIGH
|
david_harris
|
mercury_nlm
|
Buffer overflow in Mercury MTA POP3 server for NetWare 1.48 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long APOP command.
|
NVD-CWE-Other
|
CVE-2001-0442
|
2008-09-6 05:24 |
2001-06-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266113
|
7.5 |
HIGH
|
software602
|
602pro_lan_suite
|
Web configuration server in 602Pro LAN SUITE allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request containing "%2e" (dot dot) characte…
|
NVD-CWE-Other
|
CVE-2001-0447
|
2008-09-6 05:24 |
2001-06-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266114
|
5.0 |
MEDIUM
|
software602
|
602pro_lan_suite
|
Web configuration server in 602Pro LAN SUITE allows remote attackers to cause a denial of service via an HTTP GET HTTP request to the aux directory, and possibly other directories with legacy DOS dev…
|
NVD-CWE-Other
|
CVE-2001-0448
|
2008-09-6 05:24 |
2001-06-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266115
|
5.0 |
MEDIUM
|
brs
|
webweaver
|
BRS WebWeaver FTP server before 0.64 Beta allows remote attackers to obtain the real pathname of the server via a "CD *" command followed by an ls command.
|
NVD-CWE-Other
|
CVE-2001-0452
|
2008-09-6 05:24 |
2001-06-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266116
|
5.0 |
MEDIUM
|
brs
|
webweaver
|
Directory traversal vulnerability in BRS WebWeaver HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the (1) syshelp, (2) sysimages, or (3) scripts directories.
|
NVD-CWE-Other
|
CVE-2001-0453
|
2008-09-6 05:24 |
2001-06-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266117
|
7.5 |
HIGH
|
ssh
|
ssh
|
SSH daemon version 1 (aka SSHD-1 or SSH-1) 1.2.30 and earlier does not log repeated login attempts, which could allow remote attackers to compromise accounts without detection via a brute force attac…
|
NVD-CWE-Other
|
CVE-2001-0471
|
2008-09-6 05:24 |
2001-06-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266118
|
7.5 |
HIGH
|
webcalendar
|
webcalendar
|
Vulnerability in WebCalendar 0.9.26 allows remote command execution.
|
NVD-CWE-Other
|
CVE-2001-0477
|
2008-09-6 05:24 |
2001-06-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266119
|
7.5 |
HIGH
|
phpmyadmin
|
phpmyadmin
|
Directory traversal vulnerability in phpMyAdmin 2.2.0 and earlier versions allows remote attackers to execute arbitrary code via a .. (dot dot) in an argument to the sql.php script.
|
NVD-CWE-Other
|
CVE-2001-0478
|
2008-09-6 05:24 |
2001-06-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266120
|
5.0 |
MEDIUM
|
alex_linde
|
alexs_ftp_server
|
Directory traversal vulnerability in Alex's FTP Server 0.7 allows remote attackers to read arbitrary files via a ... (modified dot dot) in the (1) GET or (2) CD commands.
|
NVD-CWE-Other
|
CVE-2001-0480
|
2008-09-6 05:24 |
2001-06-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266121
|
7.5 |
HIGH
|
symantec
|
raptor_firewall
|
Configuration error in Axent Raptor Firewall 6.5 allows remote attackers to use the firewall as a proxy to access internal web resources when the http.noproxy Rule is not set.
|
NVD-CWE-Other
|
CVE-2001-0483
|
2008-09-6 05:24 |
2001-06-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266122
|
7.5 |
HIGH
|
nullsoft
|
winamp
|
Buffer overflow in WINAMP 2.6x and 2.7x allows attackers to execute arbitrary code via a long string in an AIP file.
|
NVD-CWE-Other
|
CVE-2001-0490
|
2008-09-6 05:24 |
2001-06-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266123
|
7.5 |
HIGH
|
macromedia
|
coldfusion_server
|
Example applications (Exampleapps) in ColdFusion Server 4.x do not properly restrict prevent access from outside the local host's domain, which allows remote attackers to conduct upload, read, or exe…
|
NVD-CWE-Other
|
CVE-2001-0535
|
2008-09-6 05:24 |
2001-10-30 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266124
|
2.1 |
LOW
|
zope
|
zope
|
Digital Creations Zope 2.3.1 b1 and earlier allows a local attacker (Zope user) with through-the-web scripting capabilities to alter ZClasses class attributes.
|
NVD-CWE-Other
|
CVE-2001-0568
|
2008-09-6 05:24 |
2001-08-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266125
|
2.1 |
LOW
|
zope
|
zope
|
Digital Creations Zope 2.3.1 b1 and earlier contains a problem in the method return values related to the classes (1) ObjectManager, (2) PropertyManager, and (3) PropertySheet.
|
NVD-CWE-Other
|
CVE-2001-0569
|
2008-09-6 05:24 |
2001-08-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266126
|
7.5 |
HIGH
|
openbsd
ssh
|
openssh
ssh
|
The SSH protocols 1 and 2 (aka SSH-2) as implemented in OpenSSH and other packages have various weaknesses which can allow a remote attacker to obtain the following information via sniffing: (1) pass…
|
NVD-CWE-Other
|
CVE-2001-0572
|
2008-09-6 05:24 |
2001-08-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266127
|
7.5 |
HIGH
|
sun
|
chilisoft
|
Sun Chili!Soft 3.5.2 on Linux and 3.6 on AIX creates a default admin username and password in the default installation, which can allow a remote attacker to gain additional privileges.
|
NVD-CWE-Other
|
CVE-2001-0632
|
2008-09-6 05:24 |
2001-08-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266128
|
5.0 |
MEDIUM
|
sun
|
chilisoft
|
Directory traversal vulnerability in Sun Chili!Soft ASP on multiple Unixes allows a remote attacker to read arbitrary files above the web root via a '..' (dot dot) attack in the sample script 'codebr…
|
NVD-CWE-Other
|
CVE-2001-0633
|
2008-09-6 05:24 |
2001-08-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266129
|
7.5 |
HIGH
|
raytheon
|
silentrunner
|
Buffer overflows in Raytheon SilentRunner allow remote attackers to (1) cause a denial of service in the collector (cle.exe) component of SilentRunner 2.0 via traffic containing long passwords, or (2…
|
NVD-CWE-Other
|
CVE-2001-0636
|
2008-09-6 05:24 |
2001-09-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266130
|
5.0 |
MEDIUM
|
orange_software
|
orange_web_server
|
Orange Web Server 2.1, based on GoAhead, allows a remote attacker to perform a denial of service via an HTTP GET request that does not include the HTTP version.
|
NVD-CWE-Other
|
CVE-2001-0647
|
2008-09-6 05:24 |
2001-08-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266131
|
10.0 |
HIGH
|
ibm
|
aix
|
Buffer overflows in (1) send_status, (2) kill_print, and (3) chk_fhost in lpd in AIX 4.3 and 5.1 allow remote attackers to gain root privileges.
|
NVD-CWE-Other
|
CVE-2001-0671
|
2008-09-6 05:24 |
2001-12-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266132
|
5.0 |
MEDIUM
|
transsoft
|
broker_ftp_server
|
Broker FTP Server 5.9.5.0 allows a remote attacker to cause a denial of service by repeatedly issuing an invalid CD or CWD ("CD . .") command.
|
NVD-CWE-Other
|
CVE-2001-0688
|
2008-09-6 05:24 |
2001-09-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266133
|
7.5 |
HIGH
|
trend_micro
|
virus_control_system
|
Vulnerability in TrendMicro Virus Control System 1.8 allows a remote attacker to view configuration files and change the configuration via a certain CGI program.
|
NVD-CWE-Other
|
CVE-2001-0689
|
2008-09-6 05:24 |
2001-09-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266134
|
4.6 |
MEDIUM
|
university_of_washington
|
imapd
|
Buffer overflows in Washington University imapd 2000a through 2000c could allow local users without shell access to execute code as themselves in certain configurations.
|
NVD-CWE-Other
|
CVE-2001-0691
|
2008-09-6 05:24 |
2001-09-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266135
|
7.5 |
HIGH
|
texas_imperial_software
|
wftpd
|
Directory traversal vulnerability in WFTPD 3.00 R5 allows a remote attacker to view arbitrary files via a dot dot attack in the CD command.
|
NVD-CWE-Other
|
CVE-2001-0694
|
2008-09-6 05:24 |
2001-09-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266136
|
4.6 |
MEDIUM
|
sendmail
|
sendmail
|
Sendmail before 8.12.1 does not properly drop privileges when the -C option is used to load custom configuration files, which allows local users to gain privileges via malformed arguments in the conf…
|
NVD-CWE-Other
|
CVE-2001-0713
|
2008-09-6 05:24 |
2001-10-30 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266137
|
2.1 |
LOW
|
sendmail
|
sendmail
|
Sendmail before 8.12.1, without the RestrictQueueRun option enabled, allows local users to cause a denial of service (data loss) by (1) setting a high initial message hop count option (-h), which cau…
|
NVD-CWE-Other
|
CVE-2001-0714
|
2008-09-6 05:24 |
2001-10-30 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266138
|
7.5 |
HIGH
|
computalynx
|
cmail
|
Buffer overflow in Computalynx CMail POP3 mail server 2.4.9 allows remote attackers to run arbitrary code via a long HELO command.
|
NVD-CWE-Other
|
CVE-2001-0742
|
2008-09-6 05:24 |
2001-10-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266139
|
5.0 |
MEDIUM
|
oreilly
|
webboard
|
Paging function in O'Reilly WebBoard Pager 4.10 allows remote attackers to cause a denial of service via a message with an escaped ' character followed by JavaScript commands.
|
NVD-CWE-Other
|
CVE-2001-0743
|
2008-09-6 05:24 |
2001-10-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266140
|
7.5 |
HIGH
|
debian
|
debian_linux
|
Buffer overflow in ftp daemon (ftpd) 6.2 in Debian GNU/Linux allows attackers to cause a denial of service and possibly execute arbitrary code via a long SITE command.
|
NVD-CWE-Other
|
CVE-2001-0755
|
2008-09-6 05:24 |
2001-10-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266141
|
7.5 |
HIGH
|
evolvable_corporation
|
shambala_server
|
Directory traversal vulnerability in Shambala 4.5 allows remote attackers to escape the FTP root directory via "CWD ..." command.
|
NVD-CWE-Other
|
CVE-2001-0758
|
2008-09-6 05:24 |
2001-10-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266142
|
7.2 |
HIGH
|
jetico
|
bestcrypt
|
Buffer overflow in bctool in Jetico BestCrypt 0.8.1 and earlier allows local users to execute arbitrary code via a file or directory with a long pathname, which is processed during an unmount.
|
NVD-CWE-Other
|
CVE-2001-0759
|
2008-09-6 05:24 |
2001-10-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266143
|
7.5 |
HIGH
|
trend_micro
|
interscan_webmanager
|
Buffer overflow in HttpSave.dll in Trend Micro InterScan WebManager 1.2 allows remote attackers to execute arbitrary code via a long value to a certain parameter.
|
NVD-CWE-Other
|
CVE-2001-0761
|
2008-09-6 05:24 |
2001-10-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266144
|
4.6 |
MEDIUM
|
su-wrapper
|
su-wrapper
|
Buffer overflow in su-wrapper 1.1.1 allows local users to execute arbitrary code via a long first argument.
|
NVD-CWE-Other
|
CVE-2001-0762
|
2008-09-6 05:24 |
2001-10-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266145
|
5.0 |
MEDIUM
|
steve_poulsen
|
guildftpd
|
Directory traversal vulnerability in GuildFTPd 0.9.7 allows attackers to list or read arbitrary files and directories via a .. in (1) LS or (2) GET.
|
NVD-CWE-Other
|
CVE-2001-0767
|
2008-09-6 05:24 |
2001-10-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266146
|
5.0 |
MEDIUM
|
internet_software_solutions
|
air_messenger_lan_server
|
Directory traversal in Webpaging interface in Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows allows remote attackers to read arbitrary files via a .. (dot dot) attack.
|
NVD-CWE-Other
|
CVE-2001-0785
|
2008-09-6 05:24 |
2001-10-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266147
|
5.0 |
MEDIUM
|
internet_software_solutions
|
air_messenger_lan_server
|
Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 stores user passwords in plaintext in the pUser.Dat file.
|
NVD-CWE-Other
|
CVE-2001-0786
|
2008-09-6 05:24 |
2001-10-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266148
|
5.0 |
MEDIUM
|
internet_software_solutions
|
air_messenger_lan_server
|
Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows remote attackers to obtain an absolute path for the server directory by viewing the Location header.
|
NVD-CWE-Other
|
CVE-2001-0788
|
2008-09-6 05:24 |
2001-10-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266149
|
5.0 |
MEDIUM
|
specter
|
specter_ids
|
Specter IDS version 4.5 and 5.0 allows a remote attacker to cause a denial of service (CPU exhaustion) via a port scan, which causes the server to consume CPU while preparing alerts.
|
NVD-CWE-Other
|
CVE-2001-0790
|
2008-09-6 05:24 |
2001-10-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
266150
|
5.0 |
MEDIUM
|
trend_micro
|
interscan_viruswall
|
Trend Micro InterScan VirusWall for Windows NT allows remote attackers to make configuration changes by directly calling certain CGI programs, which do not restrict access.
|
NVD-CWE-Other
|
CVE-2001-0791
|
2008-09-6 05:24 |
2001-10-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
