|
277251
|
2.1 |
LOW
|
cvs
|
cvs
|
The CVS 1.10.8 client trusts pathnames that are provided by the CVS server, which allows the server to force the client to create arbitrary files.
|
NVD-CWE-Other
|
CVE-2000-0679
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277252
|
7.2 |
HIGH
|
cvs
|
cvs
|
The CVS 1.10.8 server does not properly restrict users from creating arbitrary Checkin.prog or Update.prog programs, which allows remote CVS committers to modify or create Trojan horse programs with …
|
NVD-CWE-Other
|
CVE-2000-0680
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277253
|
10.0 |
HIGH
|
bea
|
weblogic_server
|
Buffer overflow in BEA WebLogic server proxy plugin allows remote attackers to execute arbitrary commands via a long URL with a .JSP extension.
|
NVD-CWE-Other
|
CVE-2000-0681
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277254
|
5.0 |
MEDIUM
|
bea
|
weblogic_server
|
BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /ConsoleHelp/ into the URL, which invokes the FileServlet.
|
NVD-CWE-Other
|
CVE-2000-0682
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277255
|
5.0 |
MEDIUM
|
bea
|
weblogic_server
|
BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /*.shtml/ into the URL, which invokes the SSIServlet.
|
NVD-CWE-Other
|
CVE-2000-0683
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277256
|
5.0 |
MEDIUM
|
cgi_script_center
|
auction_weaver
|
Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the fromfile parameter.
|
NVD-CWE-Other
|
CVE-2000-0686
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277257
|
10.0 |
HIGH
|
cgi_script_center
|
auction_weaver
|
Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack in the catdir parameter.
|
NVD-CWE-Other
|
CVE-2000-0687
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277258
|
2.1 |
LOW
|
gert_doering
|
mgetty
|
The faxrunq and faxrunqd in the mgetty package allows local users to create or modify arbitrary files via a symlink attack which creates a symlink in from /var/spool/fax/outgoing/.last_run to the tar…
|
NVD-CWE-Other
|
CVE-2000-0691
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277259
|
5.0 |
MEDIUM
|
iss
|
realsecure
|
ISS RealSecure 3.2.1 and 3.2.2 allows remote attackers to cause a denial of service via a flood of fragmented packets with the SYN flag set.
|
NVD-CWE-Other
|
CVE-2000-0692
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277260
|
7.2 |
HIGH
|
tech-source
|
raptor_gfx_pgx32
|
pgxconfig in the Raptor GFX configuration tool uses a relative path name for a system call to the "cp" program, which allows local users to execute arbitrary commands by modifying their path to point…
|
NVD-CWE-Other
|
CVE-2000-0693
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277261
|
7.2 |
HIGH
|
tech-source
|
raptor_gfx_pgx32
|
pgxconfig in the Raptor GFX configuration tool allows local users to gain privileges via a symlink attack.
|
NVD-CWE-Other
|
CVE-2000-0694
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277262
|
7.2 |
HIGH
|
tech-source
|
raptor_gfx_pgx32
|
Buffer overflows in pgxconfig in the Raptor GFX configuration tool allow local users to gain privileges via command line options.
|
NVD-CWE-Other
|
CVE-2000-0695
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277263
|
10.0 |
HIGH
|
hp
|
hp-ux
|
Format string vulnerability in ftpd in HP-UX 10.20 allows remote attackers to cause a denial of service or execute arbitrary commands via format strings in the PASS command.
|
NVD-CWE-Other
|
CVE-2000-0699
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277264
|
5.0 |
MEDIUM
|
cisco
|
ios
gigabit_switch_router_12008
gigabit_switch_router_12012
gigabit_switch_router_12016
|
Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit Ethernet cards, from IOS versions 11.2(15)GS1A up to 11.2(19)GS0.2 and some versions of 12.0, do not properly handle line card failures…
|
NVD-CWE-Other
|
CVE-2000-0700
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277265
|
5.0 |
MEDIUM
|
pragma_systems
|
telnetserver
|
Buffer overflow in Pragma Systems TelnetServer 2000 version 4.0 allows remote attackers to cause a denial of service via a long series of null characters to the rexec port.
|
NVD-CWE-Other
|
CVE-2000-0708
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277266
|
5.0 |
MEDIUM
|
microsoft
|
frontpage
|
The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to cause a denial of service in some components by requesting a URL whose name includes a standard DO…
|
NVD-CWE-Other
|
CVE-2000-0709
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277267
|
7.2 |
HIGH
|
lids
|
lids
|
Linux Intrusion Detection System (LIDS) 0.9.7 allows local users to gain root privileges when LIDS is disabled via the security=0 boot option.
|
NVD-CWE-Other
|
CVE-2000-0712
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277268
|
7.6 |
HIGH
|
adobe
|
acrobat
acrobat_business_tools
acrobat_reader
|
Buffer overflow in Adobe Acrobat 4.05, Reader, Business Tools, and Fill In products that handle PDF files allows attackers to execute arbitrary commands via a long /Registry or /Ordering specifier.
|
NVD-CWE-Other
|
CVE-2000-0713
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277269
|
1.2 |
LOW
|
mandrakesoft
|
mandrake_linux
|
A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed.
|
NVD-CWE-Other
|
CVE-2000-0718
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277270
|
6.2 |
MEDIUM
|
varicad
|
varicad
|
VariCAD 7.0 is installed with world-writeable files, which allows local users to replace the VariCAD programs with a Trojan horse program.
|
NVD-CWE-Other
|
CVE-2000-0719
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277271
|
6.2 |
MEDIUM
|
multisoft
|
flagship
|
The FSserial, FlagShip_c, and FlagShip_p programs in the FlagShip package are installed world-writeable, which allows local users to replace them with Trojan horses.
|
NVD-CWE-Other
|
CVE-2000-0721
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277272
|
6.2 |
MEDIUM
|
helix_code
|
go-gnome_pre-installer
|
The go-gnome Helix GNOME pre-installer allows local users to overwrite arbitrary files via a symlink attack on various files in /tmp, including uudecode, snarf, and some installer files.
|
NVD-CWE-Other
|
CVE-2000-0724
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277273
|
4.6 |
MEDIUM
|
hp
|
hp-ux
|
Vulnerability in newgrp command in HP-UX 11.0 allows local users to gain privileges.
|
NVD-CWE-Other
|
CVE-2000-0730
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277274
|
10.0 |
HIGH
|
sgi
|
irix
|
Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings, which allows remote attackers to execute arbitrary commands via a long RLD variable in the IAC-SB-…
|
NVD-CWE-Other
|
CVE-2000-0733
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277275
|
5.0 |
MEDIUM
|
rimarts_inc.
|
becky_internet_mail
|
Buffer overflow in Becky! Internet Mail client 1.26.03 and earlier allows remote attackers to cause a denial of service via a long Content-type: MIME header when the user replies to a message.
|
NVD-CWE-Other
|
CVE-2000-0735
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277276
|
5.0 |
MEDIUM
|
rimarts_inc.
|
becky_internet_mail
|
Buffer overflow in Becky! Internet Mail client 1.26.04 and earlier allows remote attackers to cause a denial of service via a long Content-type: MIME header when the user forwards a message.
|
NVD-CWE-Other
|
CVE-2000-0736
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277277
|
7.5 |
HIGH
|
network_associates
|
net_tools_pki_server
|
Format string vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote attackers to execute arbitrary code via format strings in a URL with a .XUDA extension.
|
NVD-CWE-Other
|
CVE-2000-0741
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277278
|
10.0 |
HIGH
|
university_of_minnesota
|
gopherd
|
Buffer overflow in University of Minnesota (UMN) gopherd 2.x allows remote attackers to execute arbitrary commands via a DES key generation request (GDESkey) that contains a long ticket value.
|
NVD-CWE-Other
|
CVE-2000-0743
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277279
|
7.5 |
HIGH
|
francisco_burzi
|
php-nuke
|
admin.php3 in PHP-Nuke does not properly verify the PHP-Nuke administrator password, which allows remote attackers to gain privileges by requesting a URL that does not specify the aid or pwd paramete…
|
NVD-CWE-Other
|
CVE-2000-0745
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277280
|
4.6 |
MEDIUM
|
openldap
|
openldap
|
OpenLDAP 1.2.11 and earlier improperly installs the ud binary with group write permissions, which could allow any user in that group to replace the binary with a Trojan horse.
|
NVD-CWE-Other
|
CVE-2000-0748
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277281
|
7.5 |
HIGH
|
netbsd
openbsd
redhat
|
netbsd
openbsd
linux
|
mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format strings, which allows remote attackers to execute arbitrary commands.
|
NVD-CWE-Other
|
CVE-2000-0751
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277282
|
7.2 |
HIGH
|
freebsd
|
freebsd
|
Buffer overflows in brouted in FreeBSD and possibly other OSes allows local users to gain root privileges via long command line arguments.
|
NVD-CWE-Other
|
CVE-2000-0752
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277283
|
2.1 |
LOW
|
hp
|
openview_network_node_manager
|
Vulnerability in HP OpenView Network Node Manager (NMM) version 6.1 related to passwords.
|
NVD-CWE-Other
|
CVE-2000-0754
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277284
|
4.6 |
MEDIUM
|
hp
|
openview_network_node_manager
|
Vulnerability in the newgrp command in HP-UX 11.00 allows local users to gain privileges.
|
NVD-CWE-Other
|
CVE-2000-0755
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277285
|
10.0 |
HIGH
|
aptis_software
|
totalbill
|
The sysgen service in Aptis Totalbill does not perform authentication, which allows remote attackers to gain root privileges by connecting to the service and specifying the commands to be executed.
|
NVD-CWE-Other
|
CVE-2000-0757
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277286
|
4.6 |
MEDIUM
|
lyris
|
list_manager
|
The web interface for Lyris List Manager 3 and 4 allows list subscribers to obtain administrative access by modifying the value of the list_admin hidden form field.
|
NVD-CWE-Other
|
CVE-2000-0758
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277287
|
5.0 |
MEDIUM
|
ibm
|
os2_ftp_server
|
OS2/Warp 4.5 FTP server allows remote attackers to cause a denial of service via a long username.
|
NVD-CWE-Other
|
CVE-2000-0761
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277288
|
5.0 |
MEDIUM
|
bajie
|
java_http_server
|
The sample Java servlet "test" in Bajie HTTP web server 0.30a reveals the real pathname of the web document root.
|
NVD-CWE-Other
|
CVE-2000-0774
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277289
|
10.0 |
HIGH
|
rapidstream
|
rapidstream
|
sshd program in the Rapidstream 2.1 Beta VPN appliance has a hard-coded "rsadmin" account with a null password, which allows remote attackers to execute arbitrary commands via ssh.
|
NVD-CWE-Other
|
CVE-2000-0784
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277290
|
4.6 |
MEDIUM
|
bardon_data_systems
|
winu
|
WinU 5.x and earlier uses weak encryption to store its configuration password, which allows local users to decrypt the password and gain privileges.
|
NVD-CWE-Other
|
CVE-2000-0789
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277291
|
4.6 |
MEDIUM
|
trustix
|
secure_linux
|
Trustix installs the httpsd program for Apache-SSL with world-writeable permissions, which allows local users to replace it with a Trojan horse.
|
NVD-CWE-Other
|
CVE-2000-0791
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277292
|
7.5 |
HIGH
|
alan_cox
|
gnome-lokkit
|
Gnome Lokkit firewall package before 0.41 does not properly restrict access to some ports, even if a user does not make any services available.
|
NVD-CWE-Other
|
CVE-2000-0792
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277293
|
7.2 |
HIGH
|
hp
|
hp-ux
|
Buffer overflow in bdf program in HP-UX 11.00 may allow local users to gain root privileges via a long -t option.
|
NVD-CWE-Other
|
CVE-2000-0801
|
2008-09-6 05:21 |
2000-10-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277294
|
7.5 |
HIGH
|
fastream
|
ftp\+\+_server
|
Buffer overflow in Fastream FTP++ 2.0 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long username.
|
NVD-CWE-Other
|
CVE-2000-0831
|
2008-09-6 05:21 |
2000-11-14 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277295
|
2.1 |
LOW
|
sco
|
openserver
|
snmpd in SCO OpenServer has an SNMP community string that is writable by default, which allows local attackers to modify the host's configuration.
|
NVD-CWE-Other
|
CVE-2000-0147
|
2008-09-6 05:20 |
2000-02-8 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277296
|
2.6 |
LOW
|
realnetworks
|
realplayer
|
Buffer overflow in the RealNetworks RealPlayer client versions 6 and 7 allows remote attackers to cause a denial of service via a long Location URL.
|
NVD-CWE-Other
|
CVE-2000-0280
|
2008-09-6 05:20 |
2000-04-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277297
|
2.1 |
LOW
|
napster
|
napster_client
|
Buffer overflow in the Napster client beta 5 allows remote attackers to cause a denial of service via a long message.
|
NVD-CWE-Other
|
CVE-2000-0281
|
2008-09-6 05:20 |
2000-03-26 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277298
|
5.0 |
MEDIUM
|
sco
|
open_desktop
openserver
unixware
|
Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service which prevents access to reserved port numbers below 1024.
|
NVD-CWE-Other
|
CVE-2000-0307
|
2008-09-6 05:20 |
2001-03-12 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277299
|
10.0 |
HIGH
|
netscape
sco
|
enterprise_server
fasttrack_server
proxy_server
unixware
|
Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges.
|
NVD-CWE-Other
|
CVE-2000-0308
|
2008-09-6 05:20 |
2001-03-12 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
277300
|
7.2 |
HIGH
|
openbsd
|
openbsd
|
cron in OpenBSD 2.5 allows local users to gain root privileges via an argv[] that is not NULL terminated, which is passed to cron's fake popen function.
|
NVD-CWE-Other
|
CVE-2000-0312
|
2008-09-6 05:20 |
2001-03-12 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
