|
314651
|
2.1 |
LOW
|
rarsoft
|
rar
|
Directory traversal vulnerability in rar 2.02 and earlier allows attackers to overwrite arbitrary files during archive extraction via a .. (dot dot) attack on archived filenames.
|
NVD-CWE-Other
|
CVE-2001-1271
|
2008-09-6 05:26 |
2001-07-12 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314652
|
4.6 |
MEDIUM
|
wliang
|
wmtv
|
wmtv 0.6.5 and earlier does not properly drop privileges, which allows local users to execute arbitrary commands via the -e (external command) option.
|
NVD-CWE-Other
|
CVE-2001-1272
|
2008-09-6 05:26 |
2001-12-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314653
|
2.1 |
LOW
|
linux
|
linux_kernel
|
The "mxcsr P4" vulnerability in the Linux kernel before 2.2.17-14, when running on certain Intel CPUs, allows local users to cause a denial of service (system halt).
|
NVD-CWE-Other
|
CVE-2001-1273
|
2008-09-6 05:26 |
2001-02-12 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314654
|
7.5 |
HIGH
|
sambar
|
sambar_server
|
Sambar Telnet Proxy/Server allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long password.
|
NVD-CWE-Other
|
CVE-2001-1292
|
2008-09-6 05:26 |
2001-08-13 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314655
|
5.0 |
MEDIUM
|
grant_averett
|
cerberus_ftp_server
|
Directory traversal vulnerability in Cerberus FTP Server 1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the CD command.
|
NVD-CWE-Other
|
CVE-2001-1295
|
2008-09-6 05:26 |
2001-08-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314656
|
5.0 |
MEDIUM
|
zorbat
|
zorbstats
|
Zorbat Zorbstats PHP script before 0.9 allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.
|
NVD-CWE-Other
|
CVE-2001-1299
|
2008-09-6 05:26 |
2001-10-2 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314657
|
5.0 |
MEDIUM
|
dynu_systems_inc.
|
dynu_ftp_server
|
Directory traversal vulnerability in Dynu FTP server 1.05 and earlier allows remote attackers to read arbitrary files via a .. in the CD (CWD) command.
|
NVD-CWE-Other
|
CVE-2001-1300
|
2008-09-6 05:26 |
2002-06-25 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314658
|
1.2 |
LOW
|
gnu
xemacs
|
emacs
xemacs
|
rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file.
|
NVD-CWE-Other
|
CVE-2001-1301
|
2008-09-6 05:26 |
2001-08-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314659
|
5.0 |
MEDIUM
|
nullsoft
|
shoutcast_server
|
Buffer overflow in SHOUTcast Server 1.8.2 allows remote attackers to cause a denial of service (crash) via several HTTP requests with a long (1) user-agent or (2) host HTTP header.
|
NVD-CWE-Other
|
CVE-2001-1304
|
2008-09-6 05:26 |
2001-08-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314660
|
7.5 |
HIGH
|
sun
|
iplanet_directory_server
|
iPlanet Directory Server 4.1.4 and earlier (LDAP) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via invalid BER length of length fields, as demonstr…
|
NVD-CWE-Other
|
CVE-2001-1306
|
2008-09-6 05:26 |
2001-07-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314661
|
7.5 |
HIGH
|
critical_path
|
injoin_directory_server
livecontent_directory
|
Buffer overflows in Critical Path (1) InJoin Directory Server or (2) LiveContent Directory allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstr…
|
NVD-CWE-Other
|
CVE-2001-1314
|
2008-09-6 05:26 |
2001-07-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314662
|
7.5 |
HIGH
|
critical_path
|
injoin_directory_server
livecontent_directory
|
Critical Path (1) InJoin Directory Server or (2) LiveContent Directory allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed BER encodings, as …
|
NVD-CWE-Other
|
CVE-2001-1315
|
2008-09-6 05:26 |
2001-07-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314663
|
7.5 |
HIGH
|
teamware
|
teamware_office
|
Teamware Office Enterprise Directory allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, via invalid encodings for certain BER object types, as demonstra…
|
NVD-CWE-Other
|
CVE-2001-1317
|
2008-09-6 05:26 |
2001-07-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314664
|
7.5 |
HIGH
|
qualcomm
|
eudora_worldmail_server
|
Vulnerabilities in Qualcomm Eudora WorldMail Server may allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suit…
|
NVD-CWE-Other
|
CVE-2001-1318
|
2008-09-6 05:26 |
2001-07-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314665
|
7.5 |
HIGH
|
oracle
|
internet_directory
|
Oracle Internet Directory Server 2.1.1.x and 3.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via invalid encodings of BER OBJECT-IDENTIFIER valu…
|
NVD-CWE-Other
|
CVE-2001-1321
|
2008-09-6 05:26 |
2001-07-16 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314666
|
7.5 |
HIGH
|
qualcomm
|
eudora
|
Eudora 5.1 allows remote attackers to execute arbitrary code when the "Use Microsoft Viewer" option is enabled and the "allow executables in HTML content" option is disabled, via an HTML email with a…
|
NVD-CWE-Other
|
CVE-2001-1326
|
2008-09-6 05:26 |
2001-05-29 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314667
|
4.6 |
MEDIUM
|
berkeley_softworks
|
pmake
|
pmake before 2.1.35 in Turbolinux 6.05 and earlier is installed with setuid root privileges, which could allow local users to gain privileges by exploiting vulnerabilities in pmake or programs that a…
|
NVD-CWE-Other
|
CVE-2001-1327
|
2008-09-6 05:26 |
2001-05-24 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314668
|
7.2 |
HIGH
|
ibm
|
aix
|
Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain root privileges via a long command line argument.
|
NVD-CWE-Other
|
CVE-2001-1330
|
2008-09-6 05:26 |
2001-06-11 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314669
|
7.5 |
HIGH
|
easy_software_products
|
cups
|
Buffer overflows in Linux CUPS before 1.1.6 may allow remote attackers to execute arbitrary code.
|
NVD-CWE-Other
|
CVE-2001-1332
|
2008-09-6 05:26 |
2001-05-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314670
|
1.2 |
LOW
|
easy_software_products
|
cups
|
Linux CUPS before 1.1.6 does not securely handle temporary files, possibly due to a symlink vulnerability that could allow local users to overwrite files.
|
NVD-CWE-Other
|
CVE-2001-1333
|
2008-09-6 05:26 |
2001-05-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314671
|
5.0 |
MEDIUM
|
beck_ipc_gmbh
|
ipc_at_chip_embedded-webserver
|
Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to cause a denial of service via a long HTTP request.
|
NVD-CWE-Other
|
CVE-2001-1337
|
2008-09-6 05:26 |
2001-05-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314672
|
5.0 |
MEDIUM
|
beck_ipc_gmbh
|
ipc_at_chip_telnetd_server
|
Beck IPC GmbH IPC@CHIP TelnetD server generates different responses when given valid and invalid login names, which allows remote attackers to determine accounts on the system.
|
NVD-CWE-Other
|
CVE-2001-1338
|
2008-09-6 05:26 |
2001-05-24 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314673
|
7.5 |
HIGH
|
twig_development_team
|
twig
|
TWIG 2.6.2 and earlier allows remote attackers to perform unauthorized database operations via a SQL injection attack on the id parameter.
|
NVD-CWE-Other
|
CVE-2001-1348
|
2008-09-6 05:26 |
2001-05-28 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314674
|
3.7 |
LOW
|
sendmail
|
sendmail
|
Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local users to cause a denial of service and possibly corrupt the heap and gain privileges via race conditions in signal handlers.
|
NVD-CWE-Other
|
CVE-2001-1349
|
2008-09-6 05:26 |
2001-05-28 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314675
|
10.0 |
HIGH
|
netwin
|
surgeftp
|
NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allows remote attackers to conduct brute force password guessing attacks a…
|
NVD-CWE-Other
|
CVE-2001-1356
|
2008-09-6 05:26 |
2001-08-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314676
|
7.5 |
HIGH
|
phpheaven
|
phpmychat
|
Multiple vulnerabilities in phpMyChat before 0.14.5 exist in (1) input.php3, (2) handle_inputH.php3, or (3) index.lib.php3 with unknown consequences, possibly related to user spoofing or improperly i…
|
NVD-CWE-Other
|
CVE-2001-1357
|
2008-09-6 05:26 |
2001-02-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314677
|
7.2 |
HIGH
|
phpheaven
|
phpmychat
|
Vulnerabilities in phpMyChat before 0.14.4 allow local and possibly remote attackers to gain privileges by specifying an alternate library file in the L (localization) parameter.
|
NVD-CWE-Other
|
CVE-2001-1358
|
2008-09-6 05:26 |
2001-02-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314678
|
7.2 |
HIGH
|
mostang
|
sane
|
Vulnerability in Scanner Access Now Easy (SANE) before 1.0.5, related to pnm and saned.
|
NVD-CWE-Other
|
CVE-2001-1360
|
2008-09-6 05:26 |
2001-07-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314679
|
7.5 |
HIGH
|
twig_development_team
|
twig
|
Vulnerability in The Web Information Gateway (TWIG) 2.7.1, possibly related to incorrect security rights and/or the generation of mailto links.
|
NVD-CWE-Other
|
CVE-2001-1361
|
2008-09-6 05:26 |
2001-07-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314680
|
7.5 |
HIGH
|
horsburgh
|
npulse
|
Vulnerability in the server for nPULSE before 0.53p4.
|
NVD-CWE-Other
|
CVE-2001-1362
|
2008-09-6 05:26 |
2001-07-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314681
|
10.0 |
HIGH
|
phpwebsite_development_team
|
phpwebsite
|
Vulnerability in phpWebSite before 0.7.9 related to running multiple instances in the same domain, which may allow attackers to gain administrative privileges.
|
NVD-CWE-Other
|
CVE-2001-1363
|
2008-09-6 05:26 |
2001-07-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314682
|
7.5 |
HIGH
|
project_purple
|
autodns
|
Vulnerability in autodns.pl for AutoDNS before 0.0.4 related to domain names that are not fully qualified.
|
NVD-CWE-Other
|
CVE-2001-1364
|
2008-09-6 05:26 |
2001-07-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314683
|
7.5 |
HIGH
|
osi_codes_inc.
|
intragnat
|
Vulnerability in IntraGnat before 1.4.
|
NVD-CWE-Other
|
CVE-2001-1365
|
2008-09-6 05:26 |
2001-07-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314684
|
5.0 |
MEDIUM
|
netscript_project
|
netscript
|
netscript before 1.6.3 parses dynamic variables, which could allow remote attackers to alter program behavior or obtain sensitive information.
|
NVD-CWE-Other
|
CVE-2001-1366
|
2008-09-6 05:26 |
2001-07-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314685
|
4.6 |
MEDIUM
|
conectiva
redhat
|
linux
|
tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code via a Trojan horse library t…
|
NVD-CWE-Other
|
CVE-2001-1375
|
2008-09-6 05:26 |
2001-07-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314686
|
5.0 |
MEDIUM
|
openbsd
|
openssh
|
The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers t…
|
NVD-CWE-Other
|
CVE-2001-1382
|
2008-09-6 05:26 |
2001-09-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314687
|
5.1 |
MEDIUM
|
aol
|
instant_messenger
|
Multiple cross-site scripting (XSS) vulnerabilities in the log messages in certain Alpha versions of AOL Instant Messenger (AIM) 4.4 allow remote attackers to execute arbitrary web script or HTML via…
|
NVD-CWE-Other
|
CVE-2001-1416
|
2008-09-6 05:26 |
2001-01-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314688
|
4.6 |
MEDIUM
|
surfcontrol
|
superscout_web_filter
|
SurfControl SuperScout only filters packets containing both an HTTP GET request and a Host header, which allows local users to bypass filtering by fragmenting packets so that no packet contains both …
|
NVD-CWE-Other
|
CVE-2001-1465
|
2008-09-6 05:26 |
2002-02-26 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314689
|
5.0 |
MEDIUM
|
macromedia
|
jrun
|
Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by a…
|
NVD-CWE-Other
|
CVE-2001-1510
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314690
|
5.0 |
MEDIUM
|
macromedia
|
jrun
|
JRun 3.0 and 3.1 running on JRun Web Server (JWS) and IIS allows remote attackers to read arbitrary JavaServer Pages (JSP) source code via a request URL containing the source filename ending in (1) "…
|
NVD-CWE-Other
|
CVE-2001-1511
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314691
|
10.0 |
HIGH
|
macromedia
|
coldfusion
|
ColdFusion 4.5 and 5, when running on Windows with the advanced security sandbox type set to "operating system," does not properly pass security context to (1) child processes created with <CFEXECUTE…
|
NVD-CWE-Other
|
CVE-2001-1514
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314692
|
4.3 |
MEDIUM
|
hans_wolters
|
phpreview
|
Cross-site scripting (XSS) vulnerability in phpReview 0.9.0 rc2 and earlier allows remote attackers to inject arbitrary web script or HTML via user-submitted reviews.
|
NVD-CWE-Other
|
CVE-2001-1516
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314693
|
2.1 |
LOW
|
intel
|
xircom_rex_6000
|
Xircom REX 6000 allows local users to obtain the 10 digit PIN by starting a serial monitor, connecting to the personal digital assistant (PDA) via Rextools, and capturing the cleartext PIN.
|
NVD-CWE-Other
|
CVE-2001-1520
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314694
|
4.3 |
MEDIUM
|
francisco_burzi
|
php-nuke
|
Cross-site scripting (XSS) vulnerability in im.php in IMessenger for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via a message.
|
NVD-CWE-Other
|
CVE-2001-1522
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314695
|
4.3 |
MEDIUM
|
dmozgateway
|
dmozgateway
|
Cross-site scripting (XSS) vulnerability in the DMOZGateway module for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the topic parameter.
|
NVD-CWE-Other
|
CVE-2001-1523
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314696
|
5.0 |
MEDIUM
|
easyscripts
|
easynews
|
Directory traversal vulnerability in the comments action in easyNews 1.5 and earlier allows remote attackers to modify news.dat, template.dat and possibly other files via a ".." in the cid parameter.
|
NVD-CWE-Other
|
CVE-2001-1525
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314697
|
4.3 |
MEDIUM
|
easyscripts
|
easynews
|
Cross-site scripting (XSS) vulnerability in the comments action in index.php in easyNews 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the zeit parameter.
|
NVD-CWE-Other
|
CVE-2001-1526
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314698
|
7.5 |
HIGH
|
ibm
|
aix
|
Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. NOTE: due to lack of details in the vendor advisory, it is not clear if this…
|
NVD-CWE-Other
|
CVE-2001-1529
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314699
|
4.6 |
MEDIUM
|
webmin
|
webmin
|
run.cgi in Webmin 0.80 and 0.88 creates temporary files with world-writable permissions, which allows local users to execute arbitrary commands.
|
NVD-CWE-Other
|
CVE-2001-1530
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
314700
|
7.5 |
HIGH
|
apple
|
claris_emailer
|
Buffer overflow in Claris Emailer 2.0v2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an email attachment with a long filename.
|
NVD-CWE-Other
|
CVE-2001-1531
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
