|
267101
|
4.6 |
MEDIUM
|
open_source_development_network
|
slashcode
|
Slashcode 2.0 creates new accounts with an 8-character random password, which could allow local users to obtain session ID's from cookies and gain unauthorized access via a brute force attack.
|
NVD-CWE-Other
|
CVE-2001-1535
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267102
|
7.5 |
HIGH
|
speedxess
|
ha-120_dsl_router
|
SpeedXess HA-120 DSL router has a default administrative password of "speedxess", which allows remote attackers to gain access.
|
NVD-CWE-Other
|
CVE-2001-1538
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267103
|
5.0 |
MEDIUM
|
david_f._mischler
|
iproute
|
IPRoute 0.973, 0.974 and 1.18 allows remote attackers to cause a denial of service via fragmented IP packets that split the TCP header.
|
NVD-CWE-Other
|
CVE-2001-1540
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267104
|
7.2 |
HIGH
|
bsdi
|
bsd_os
|
Buffer overflow in Unix-to-Unix Copy Protocol (UUCP) in BSDI BSD/OS 3.0 through 4.2 allows local users to execute arbitrary code via a long command line argument.
|
NVD-CWE-Other
|
CVE-2001-1541
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267105
|
7.5 |
HIGH
|
axis
|
2100_network_camera
2110_network_camera
2120_network_camera
neteye_200
neteye_200\+
|
Axis network camera 2120, 2110, 2100, 200+ and 200 contains a default administration password "pass", which allows remote attackers to gain access to the camera.
|
NVD-CWE-Other
|
CVE-2001-1543
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267106
|
5.0 |
MEDIUM
|
macromedia
|
jrun
|
Directory traversal vulnerability in Macromedia JRun Web Server (JWS) 2.3.3, 3.0 and 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP GET request.
|
NVD-CWE-Other
|
CVE-2001-1544
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267107
|
5.0 |
MEDIUM
|
macromedia
|
jrun
|
Macromedia JRun 3.0 and 3.1 appends the jsessionid to URL requests (a.k.a. rewriting) when client browsers have cookies enabled, which allows remote attackers to obtain session IDs and hijack session…
|
NVD-CWE-Other
|
CVE-2001-1545
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267108
|
7.5 |
HIGH
|
microsoft
|
outlook_express
|
Outlook Express 6.0, with "Do not allow attachments to be saved or opened that could potentially be a virus" enabled, does not block email attachments from forwarded messages, which could allow remot…
|
NVD-CWE-Other
|
CVE-2001-1547
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267109
|
2.1 |
LOW
|
zonelabs
|
zonealarm
|
ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters.
|
NVD-CWE-Other
|
CVE-2001-1548
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267110
|
2.1 |
LOW
|
tiny_software
|
tiny_personal_firewall
|
Tiny Personal Firewall 1.0 and 2.0 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters.
|
NVD-CWE-Other
|
CVE-2001-1549
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267111
|
2.1 |
LOW
|
linux
|
linux_kernel
|
Linux kernel 2.2.19 enables CAP_SYS_RESOURCE for setuid processes, which allows local users to exceed disk quota restrictions during execution of setuid programs.
|
NVD-CWE-Other
|
CVE-2001-1551
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267112
|
4.6 |
MEDIUM
|
university_of_california
|
seti_at_home
|
Buffer overflow in setiathome for SETI@home 3.03, if installed setuid, could allow local users to execute arbitrary code via long command line options (1) socks_server, (2) socks_user, and (3) socks_…
|
NVD-CWE-Other
|
CVE-2001-1553
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267113
|
5.0 |
MEDIUM
|
ibm
|
aix
|
IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote attackers to cause a denial of service (hang) via Path Maximum Transmit Unit (PMTU) IP packets.
|
NVD-CWE-Other
|
CVE-2001-1554
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267114
|
7.5 |
HIGH
|
ibm
|
aix
|
Buffer overflow in ftpd in IBM AIX 4.3 and 5.1 allows attackers to gain privileges.
|
NVD-CWE-Other
|
CVE-2001-1557
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267115
|
5.0 |
MEDIUM
|
snort
|
snort
|
Unknown vulnerability in IP defragmenter (frag2) in Snort before 1.8.3 allows attackers to cause a denial of service (crash).
|
NVD-CWE-Other
|
CVE-2001-1558
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267116
|
7.2 |
HIGH
|
john_bovey
debian
|
xvt
debian_linux
|
Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long (1) -name and (2) -T arguments.
|
NVD-CWE-Other
|
CVE-2001-1561
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267117
|
2.1 |
LOW
|
apple
|
mac_os_x
|
Point to Point Protocol daemon (pppd) in MacOS x 10.0 and 10.1 through 10.1.5 provides the username and password on the command line, which allows local users to obtain authentication information via…
|
NVD-CWE-Other
|
CVE-2001-1565
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267118
|
7.5 |
HIGH
|
vanessa
verge
|
vanessa_logger
perdition
|
Format string vulnerability in libvanessa_logger 0.0.1 in Perdition 0.1.8 allows remote attackers to execute arbitrary code via format string specifiers in the __vanessa_logger_log function.
|
NVD-CWE-Other
|
CVE-2001-1566
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267119
|
6.4 |
MEDIUM
|
cmg
|
wap_gateway
|
CMG WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in-the…
|
NVD-CWE-Other
|
CVE-2001-1568
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267120
|
6.4 |
MEDIUM
|
cmg
|
openwave_wap_gateway
|
Openwave WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-i…
|
NVD-CWE-Other
|
CVE-2001-1569
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267121
|
2.1 |
LOW
|
microsoft
|
windows_xp
|
Windows XP with fast user switching and account lockout enabled allows local users to deny user account access by setting the fast user switch to the same user (self) multiple times, which causes oth…
|
NVD-CWE-Other
|
CVE-2001-1570
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267122
|
5.0 |
MEDIUM
|
microsoft
|
windows_xp
|
The Remote Desktop client in Windows XP sends the most recent user account name in cleartext, which could allow remote attackers to obtain terminal server user account names via sniffing.
|
NVD-CWE-Other
|
CVE-2001-1571
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267123
|
7.5 |
HIGH
|
linux
|
linux_kernel
|
The MAC module in Netfilter in Linux kernel 2.4.1 through 2.4.11, when configured to filter based on MAC addresses, allows remote attackers to bypass packet filters via small packets.
|
NVD-CWE-Other
|
CVE-2001-1572
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267124
|
10.0 |
HIGH
|
trend_micro
|
interscan_viruswall
|
Buffer overflow in smtpscan.dll for Trend Micro InterScan VirusWall 3.51 for Windows NT has allows remote attackers to execute arbitrary code via a certain configuration parameter.
|
NVD-CWE-Other
|
CVE-2001-1573
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267125
|
10.0 |
HIGH
|
trend_micro
|
interscan_viruswall
|
Buffer overflow in (1) HttpSaveCVP.dll and (2) HttpSaveCSP.dll in Trend Micro InterScan VirusWall 3.5.1 allows remote attackers to execute arbitrary code.
|
NVD-CWE-Other
|
CVE-2001-1574
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267126
|
4.6 |
MEDIUM
|
caldera
|
unixware
|
Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument.
|
NVD-CWE-Other
|
CVE-2001-1576
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267127
|
2.1 |
LOW
|
sco
|
openserver
|
Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors.
|
NVD-CWE-Other
|
CVE-2001-1578
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267128
|
5.0 |
MEDIUM
|
sco
|
open_unix
unixware
|
The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service.
|
NVD-CWE-Other
|
CVE-2001-1579
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267129
|
7.5 |
HIGH
|
sgi
|
irix
|
Buffer overflow in SNMP daemon (snmpd) on SGI IRIX 6.5 through 6.5.15m allows remote attackers to execute arbitrary code via an SNMP request.
|
NVD-CWE-Other
|
CVE-2002-0017
|
2008-09-6 05:26 |
2002-04-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267130
|
4.6 |
MEDIUM
|
yahoo
|
messenger
|
Buffer overflows in Yahoo! Messenger 5,0,0,1064 and earlier allows remote attackers to execute arbitrary code via a ymsgr URI with long arguments to (1) call, (2) sendim, (3) getimv, (4) chat, (5) ad…
|
NVD-CWE-Other
|
CVE-2002-0031
|
2008-09-6 05:26 |
2002-07-26 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267131
|
10.0 |
HIGH
|
compaq
|
insight_manager_xe
|
Buffer overflow in Compaq Insight Manager XE 2.1b and earlier allows remote attackers to execute arbitrary code via (1) SNMP and (2) DMI.
|
NVD-CWE-Other
|
CVE-2001-0840
|
2008-09-6 05:25 |
2001-12-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267132
|
7.5 |
HIGH
|
cisco
|
12000_router
|
Cisco 12000 with IOS 12.0 and lines card based on Engine 2 does not properly handle an outbound ACL when an input ACL is not configured on all the interfaces of a multi port line card, which could al…
|
NVD-CWE-Other
|
CVE-2001-0866
|
2008-09-6 05:25 |
2001-12-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267133
|
7.2 |
HIGH
|
oracle
|
database_server
|
dbsnmp in Oracle 8.0.5 and 8.1.5, under certain conditions, trusts the PATH environment variable to find and execute the (1) chown or (2) chgrp commands, which allows local users to execute arbitrary…
|
NVD-CWE-Other
|
CVE-2001-0943
|
2008-09-6 05:25 |
2001-08-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267134
|
5.0 |
MEDIUM
|
glftpd
|
glftpd
|
glFTPD 1.23 allows remote attackers to cause a denial of service (CPU consumption) via a LIST command with an argument that contains a large number of * (asterisk) characters.
|
NVD-CWE-Other
|
CVE-2001-0965
|
2008-09-6 05:25 |
2001-08-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267135
|
10.0 |
HIGH
|
nudester.org
|
nudester
|
Directory traversal vulnerability in Nudester 1.10 and earlier allows remote attackers to read or write arbitrary files via a .. (dot dot) in the CD (CWD) command.
|
NVD-CWE-Other
|
CVE-2001-0966
|
2008-09-6 05:25 |
2001-08-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267136
|
10.0 |
HIGH
|
knox_software
|
arkeia
|
Knox Arkeia server 4.2, and possibly other versions, installs its root user with a null password by default, which allows local and remote users to gain privileges.
|
NVD-CWE-Other
|
CVE-2001-0968
|
2008-09-6 05:25 |
2001-08-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267137
|
5.0 |
MEDIUM
|
aci
|
4d_webserver
|
Directory traversal vulnerability in ACI 4d webserver allows remote attackers to read arbitrary files via a .. (dot dot) or drive letter (e.g., C:) in an HTTP request.
|
NVD-CWE-Other
|
CVE-2001-0971
|
2008-09-6 05:25 |
2001-08-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267138
|
6.4 |
MEDIUM
|
fraunhofer_fit
|
bscw
|
BSCW groupware system 3.3 through 4.0.2 beta allows remote attackers to read or modify arbitrary files by uploading and extracting a tar file with a symlink into the data-bag space.
|
NVD-CWE-Other
|
CVE-2001-0973
|
2008-09-6 05:25 |
2001-08-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267139
|
7.2 |
HIGH
|
hp
|
process_resource_manager
|
Vulnerability in HP Process Resource Manager (PRM) C.01.08.2 and earlier, as used by HP-UX Workload Manager (WLM), allows local users to gain root privileges via modified libraries or environment var…
|
NVD-CWE-Other
|
CVE-2001-0976
|
2008-09-6 05:25 |
2001-08-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267140
|
7.5 |
HIGH
|
hp
|
hp-ux
|
login in HP-UX 10.26 does not record failed login attempts in /var/adm/btmp, which could allow attackers to conduct brute force password guessing attacks without being detected or observed using the …
|
NVD-CWE-Other
|
CVE-2001-0978
|
2008-09-6 05:25 |
2001-09-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267141
|
7.2 |
HIGH
|
richard_everitt
|
pileup
|
Buffer overflows in Pileup before 1.2 allows local users to gain root privileges via (1) long command line arguments, or (2) a long callsign.
|
NVD-CWE-Other
|
CVE-2001-0989
|
2008-09-6 05:25 |
2001-07-23 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267142
|
5.0 |
MEDIUM
|
gnutella
|
gnutella_client
|
Cross-site scripting (CSS) vulnerability in gnut Gnutella client before 0.4.27 allows remote attackers to execute arbitrary script on other clients by sharing a file whose name contains the script ta…
|
NVD-CWE-Other
|
CVE-2001-1004
|
2008-09-6 05:25 |
2001-08-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267143
|
7.5 |
HIGH
|
starfish
|
truesync_desktop
|
Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses weak encryption to store the user password in a registry key, which allows attackers who have access to the registry key to decrypt the…
|
NVD-CWE-Other
|
CVE-2001-1005
|
2008-09-6 05:25 |
2001-08-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267144
|
5.0 |
MEDIUM
|
starfish
|
truesync_desktop
|
Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA does not encrypt sensitive files and relies solely on its password feature to restrict access, which allows an attacker to read the files us…
|
NVD-CWE-Other
|
CVE-2001-1006
|
2008-09-6 05:25 |
2001-08-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267145
|
5.0 |
MEDIUM
|
starfish
|
truesync_desktop
|
Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses a small keyspace for device keys and does not impose a delay when an incorrect key is entered, which allows attackers to more quickly g…
|
NVD-CWE-Other
|
CVE-2001-1007
|
2008-09-6 05:25 |
2001-08-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267146
|
7.5 |
HIGH
|
sun
|
java_plug-in
jre
|
Java Plugin 1.4 for JRE 1.3 executes signed applets even if the certificate is expired, which could allow remote attackers to conduct unauthorized activities via an applet that has been signed by an …
|
NVD-CWE-Other
|
CVE-2001-1008
|
2008-09-6 05:25 |
2001-08-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267147
|
7.2 |
HIGH
|
snes9x.com
|
snes9x
|
Buffer overflow in Snes9x 1.37, when installed setuid root, allows local users to gain root privileges via a long command line argument.
|
NVD-CWE-Other
|
CVE-2001-1015
|
2008-09-6 05:25 |
2001-10-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267148
|
10.0 |
HIGH
|
francisco_burzi
|
php-nuke
|
PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL operations by modifying the "prefix" variable when calling any scripts that do not already define the prefix variable (e.g., by including…
|
NVD-CWE-Other
|
CVE-2001-1025
|
2008-09-6 05:25 |
2001-08-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267149
|
7.2 |
HIGH
|
redhat
|
linux
|
Buffer overflow in ultimate_source function of man 1.5 and earlier allows local users to gain privileges.
|
NVD-CWE-Other
|
CVE-2001-1028
|
2008-09-6 05:25 |
2001-05-28 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
267150
|
7.5 |
HIGH
|
hp
|
jetadmin
|
The JetAdmin web interface for HP JetDirect does not set a password for the telnet interface when the admin password is changed, which allows remote attackers to gain access to the printer.
|
NVD-CWE-Other
|
CVE-2001-1039
|
2008-09-6 05:25 |
2001-08-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
