|
272701
|
5.0 |
MEDIUM
|
informs
|
picserver
|
Picserver web server allows remote attackers to read arbitrary files via a .. (dot dot) attack in an HTTP GET request.
|
NVD-CWE-Other
|
CVE-2001-0202
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272702
|
5.0 |
MEDIUM
|
soft_lite
|
serverworx
|
Directory traversal vulnerability in Soft Lite ServerWorx 3.00 allows remote attackers to read arbitrary files by inserting a .. (dot dot) or ... into the requested pathname of an HTTP GET request.
|
NVD-CWE-Other
|
CVE-2001-0206
|
2008-09-6 05:23 |
2001-06-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272703
|
4.6 |
MEDIUM
|
microfocus
|
cobol
|
MicroFocus Cobol 4.1, with the AppTrack feature enabled, installs the mfaslmf directory and the nolicense file with insecure permissions, which allows local users to gain privileges by modifying file…
|
NVD-CWE-Other
|
CVE-2001-0208
|
2008-09-6 05:23 |
2001-06-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272704
|
5.0 |
MEDIUM
|
carey_internet_service
|
commerce.cgi
|
Directory traversal vulnerability in commerce.cgi CGI program allows remote attackers to read arbitrary files via a .. (dot dot) attack in the page parameter.
|
NVD-CWE-Other
|
CVE-2001-0210
|
2008-09-6 05:23 |
2001-06-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272705
|
5.0 |
MEDIUM
|
silverplatter
|
webspirs
|
Directory traversal vulnerability in WebSPIRS 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the sp.nextform parameter.
|
NVD-CWE-Other
|
CVE-2001-0211
|
2008-09-6 05:23 |
2001-06-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272706
|
7.5 |
HIGH
|
his
|
auktion
|
Directory traversal vulnerability in HIS Auktion 1.62 allows remote attackers to read arbitrary files via a .. (dot dot) in the menue parameter, and possibly execute commands via shell metacharacters.
|
NVD-CWE-Other
|
CVE-2001-0212
|
2008-09-6 05:23 |
2001-06-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272707
|
5.0 |
MEDIUM
|
way
|
way-board
|
Way-board CGI program allows remote attackers to read arbitrary files by specifying the filename in the db parameter and terminating the filename with a null byte.
|
NVD-CWE-Other
|
CVE-2001-0214
|
2008-09-6 05:23 |
2001-06-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272708
|
7.2 |
HIGH
|
ja-elvis
ko-helvis
|
ja-elvis
ko-helvis
|
Buffer overflow in ja-elvis and ko-helvis ports of elvis allow local users to gain root privileges.
|
NVD-CWE-Other
|
CVE-2001-0220
|
2008-09-6 05:23 |
2001-06-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272709
|
10.0 |
HIGH
|
lenzo
|
infobot
|
fortran math component in Infobot 0.44.5.3 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters.
|
NVD-CWE-Other
|
CVE-2001-0225
|
2008-09-6 05:23 |
2001-06-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272710
|
5.0 |
MEDIUM
|
biblioscape
|
biblioweb_server
|
Buffer overflow in BiblioWeb web server 2.0 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP GET request.
|
NVD-CWE-Other
|
CVE-2001-0227
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272711
|
7.2 |
HIGH
|
sun
|
chilisoft
|
Chili!Soft ASP for Linux before 3.6 does not properly set group privileges when running in inherited mode, which could allow attackers to gain privileges via malicious scripts.
|
NVD-CWE-Other
|
CVE-2001-0229
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272712
|
5.0 |
MEDIUM
|
ibrow
|
news_desk
|
newsdesk.cgi in News Desk 1.2 allows remote attackers to read arbitrary files via shell metacharacters.
|
NVD-CWE-Other
|
CVE-2001-0232
|
2008-09-6 05:23 |
2001-03-26 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272713
|
7.5 |
HIGH
|
netscape
|
smartdownload
|
Buffer overflow in Netscape SmartDownload 1.3 allows remote attackers (malicious web pages) to execute arbitrary commands via a long URL.
|
NVD-CWE-Other
|
CVE-2001-0262
|
2008-09-6 05:23 |
2001-07-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272714
|
5.0 |
MEDIUM
|
gene6
|
g6_ftp_server
|
Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send t…
|
NVD-CWE-Other
|
CVE-2001-0264
|
2008-09-6 05:23 |
2001-06-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272715
|
7.2 |
HIGH
|
hp
|
hp-ux
|
Vulnerability in Software Distributor SD-UX in HP-UX 11.0 and earlier allows local users to gain privileges.
|
NVD-CWE-Other
|
CVE-2001-0266
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272716
|
5.0 |
MEDIUM
|
marconi
|
forethought
asx-1000
|
Marconi ASX-1000 ASX switches allow remote attackers to cause a denial of service in the telnet and web management interfaces via a malformed packet with the SYN-FIN and More Fragments attributes set.
|
NVD-CWE-Other
|
CVE-2001-0270
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272717
|
10.0 |
HIGH
|
mailnews.cgi
|
mailnews.cgi
|
mailnews.cgi 1.3 and earlier allows remote attackers to execute arbitrary commands via a user name that contains shell metacharacters.
|
NVD-CWE-Other
|
CVE-2001-0271
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272718
|
5.0 |
MEDIUM
|
w3.org
|
sendtemp.pl
|
Directory traversal vulnerability in sendtemp.pl in W3.org Anaya Web development server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the templ parameter.
|
NVD-CWE-Other
|
CVE-2001-0272
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272719
|
2.1 |
LOW
|
moby
|
netsuite_web_server
|
Moby Netsuite Web Server 1.02 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request.
|
NVD-CWE-Other
|
CVE-2001-0275
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272720
|
7.2 |
HIGH
|
debian
mandrakesoft
|
debian_linux
mandrake_linux
mandrake_linux_corporate_server
|
Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges.
|
NVD-CWE-Other
|
CVE-2001-0279
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272721
|
7.2 |
HIGH
|
microsoft
|
windows_nt
|
Format string vulnerability in DbgPrint function, used in debug messages for some Windows NT drivers (possibly when called through DebugMessage), may allow local users to gain privileges.
|
NVD-CWE-Other
|
CVE-2001-0281
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272722
|
6.4 |
MEDIUM
|
sun
|
sun_ftp
|
Directory traversal vulnerability in SunFTP build 9 allows remote attackers to read arbitrary files via .. (dot dot) characters in various commands, including (1) GET, (2) MKDIR, (3) RMDIR, (4) RENAM…
|
NVD-CWE-Other
|
CVE-2001-0283
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272723
|
10.0 |
HIGH
|
a1webserver
|
http_server
|
Buffer overflow in A1 HTTP server 1.0a allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP request.
|
NVD-CWE-Other
|
CVE-2001-0285
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272724
|
5.0 |
MEDIUM
|
a1webserver
|
http_server
|
Directory traversal vulnerability in A1 HTTP server 1.0a allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request.
|
NVD-CWE-Other
|
CVE-2001-0286
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272725
|
2.1 |
LOW
|
symantec_veritas
|
cluster_server
|
VERITAS Cluster Server (VCS) 1.3.0 on Solaris allows local users to cause a denial of service (system panic) via the -L option to the lltstat command.
|
NVD-CWE-Other
|
CVE-2001-0287
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272726
|
7.5 |
HIGH
|
cisco
|
ios
|
Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections.
|
NVD-CWE-Other
|
CVE-2001-0288
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272727
|
4.6 |
MEDIUM
|
joseph_allen
|
joe
|
Joe text editor 2.8 searches the current working directory (CWD) for the .joerc configuration file, which could allow local users to gain privileges of other users by placing a Trojan Horse .joerc fi…
|
NVD-CWE-Other
|
CVE-2001-0289
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272728
|
4.6 |
MEDIUM
|
gnu
|
mailman
|
Vulnerability in Mailman 2.0.1 and earlier allows list administrators to obtain user passwords.
|
NVD-CWE-Other
|
CVE-2001-0290
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272729
|
7.5 |
HIGH
|
francisco_burzi
|
php-nuke
|
PHP-Nuke 4.4.1a allows remote attackers to modify a user's email address and obtain the password by guessing the user id (UID) and calling user.php with the saveuser operator.
|
NVD-CWE-Other
|
CVE-2001-0292
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272730
|
5.0 |
MEDIUM
|
datawizard
|
ftpxq
|
Directory traversal vulnerability in FtpXQ FTP server 2.0.93 allows remote attackers to read arbitrary files via a .. (dot dot) in the GET command.
|
NVD-CWE-Other
|
CVE-2001-0293
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272731
|
5.0 |
MEDIUM
|
typsoft
|
typsoft_ftp_server
|
Directory traversal vulnerability in TYPSoft FTP Server 0.85 allows remote attackers to read arbitrary files via (1) a .. (dot dot) in a GET command, or (2) a ... in a CWD command.
|
NVD-CWE-Other
|
CVE-2001-0294
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272732
|
10.0 |
HIGH
|
texas_imperial_software
|
wftpd_pro
|
Buffer overflow in WFTPD Pro 3.00 allows remote attackers to execute arbitrary commands via a long CWD command.
|
NVD-CWE-Other
|
CVE-2001-0296
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272733
|
5.0 |
MEDIUM
|
dattaraj_rao
|
simple_server
|
Directory traversal vulnerability in Simple Server HTTPd 1.0 (originally Free Java Server) allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.
|
NVD-CWE-Other
|
CVE-2001-0297
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272734
|
5.0 |
MEDIUM
|
sapio_design_ltd
|
webreflex
|
Buffer overflow in WebReflex 1.55 HTTPd allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP GET request.
|
NVD-CWE-Other
|
CVE-2001-0298
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272735
|
5.0 |
MEDIUM
|
pi3
|
pi3web
|
Buffer overflow in tstisapi.dll in Pi3Web 1.0.1 web server allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long URL.
|
NVD-CWE-Other
|
CVE-2001-0302
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272736
|
5.0 |
MEDIUM
|
pi3
|
pi3web
|
tstisapi.dll in Pi3Web 1.0.1 web server allows remote attackers to determine the physical path of the server via a URL that requests a non-existent file.
|
NVD-CWE-Other
|
CVE-2001-0303
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272737
|
5.0 |
MEDIUM
|
thinking_arts
|
es.one
|
Directory traversal vulnerability in store.cgi in Thinking Arts ES.One package allows remote attackers to read arbitrary files via a .. (dot dot) in the StartID parameter.
|
NVD-CWE-Other
|
CVE-2001-0305
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272738
|
5.0 |
MEDIUM
|
itafrica
|
webactive
|
Directory traversal vulnerability in ITAfrica WEBactive HTTP Server 1.00 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL.
|
NVD-CWE-Other
|
CVE-2001-0306
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272739
|
7.5 |
HIGH
|
bajie
|
java_http_server
|
Bajie HTTP JServer 0.78, and other versions before 0.80, allows remote attackers to execute arbitrary commands via shell metacharacters in an HTTP request for a CGI program that does not exist.
|
CWE-94
コード・インジェクション
|
CVE-2001-0307
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272740
|
7.5 |
HIGH
|
bajie
|
java_http_server
|
UploadServlet in Bajie HTTP JServer 0.78, and possibly other versions before 0.80, allows remote attackers to execute arbitrary commands by calling the servlet to upload a program, then using a ... (…
|
CWE-94
コード・インジェクション
|
CVE-2001-0308
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272741
|
5.0 |
MEDIUM
|
ibm
|
websphere_plugin
|
IBM WebSphere plugin for Netscape Enterprise server allows remote attackers to read source code for JSP files via an HTTP request that contains a host header that references a host that is not in Web…
|
NVD-CWE-Other
|
CVE-2001-0312
|
2008-09-6 05:23 |
2001-06-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272742
|
10.0 |
HIGH
|
francisco_burzi
|
php-nuke
|
bb_smilies.php and bbcode_ref.php in PHP-Nuke 4.4 allows remote attackers to read arbitrary files and gain PHP administrator privileges by inserting a null character and .. (dot dot) sequences into a…
|
NVD-CWE-Other
|
CVE-2001-0320
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272743
|
2.6 |
LOW
|
microsoft
|
windows_2000
windows_98
|
Windows 98 and Windows 2000 Java clients allow remote attackers to cause a denial of service via a Java applet that opens a large number of UDP sockets, which prevents the host from establishing any …
|
NVD-CWE-Other
|
CVE-2001-0324
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272744
|
7.5 |
HIGH
|
qnx
|
rtp
|
Buffer overflow in QNX RTP 5.60 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large number of arguments to the stat command.
|
NVD-CWE-Other
|
CVE-2001-0325
|
2008-09-6 05:23 |
2001-05-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272745
|
5.0 |
MEDIUM
|
iplanet
|
iplanet_web_server
|
iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to retrieve sensitive data from memory allocation pools, or cause a denial of service, via a URL-encoded Host: header in …
|
NVD-CWE-Other
|
CVE-2001-0327
|
2008-09-6 05:23 |
2001-07-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272746
|
5.0 |
MEDIUM
|
thenet
|
checkbo
|
TheNet CheckBO 1.56 allows remote attackers to cause a denial of service via a flood of characters to the TCP ports which it is listening on.
|
NVD-CWE-Other
|
CVE-2001-0354
|
2008-09-6 05:23 |
2001-07-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272747
|
2.1 |
LOW
|
siemens
|
reliant_unix
|
ppd in Reliant Sinix allows local users to corrupt arbitrary files via a symlink attack in the /tmp/ppd.trace file.
|
NVD-CWE-Other
|
CVE-2001-0384
|
2008-09-6 05:23 |
2001-07-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272748
|
5.0 |
MEDIUM
|
ibm
|
net.commerce
websphere_application_server
|
IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to determine the real path of the server by directly calling the macro.d2w macro with a NOEXISTINGHTMLBLOCK argument.
|
NVD-CWE-Other
|
CVE-2001-0389
|
2008-09-6 05:23 |
2001-07-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272749
|
5.0 |
MEDIUM
|
ibm
|
net.commerce
net.commerce_hosting_server
websphere_application_server
|
IBM Websphere/NetCommerce3 3.1.2 allows remote attackers to cause a denial of service by directly calling the macro.d2w macro with a long string of %0a characters.
|
NVD-CWE-Other
|
CVE-2001-0390
|
2008-09-6 05:23 |
2001-07-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
272750
|
5.0 |
MEDIUM
|
sco
|
unixware
|
The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbitrary files via a .. (dot dot) attack.
|
NVD-CWE-Other
|
CVE-2000-0842
|
2008-09-6 05:22 |
2000-11-14 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
