|
364301
|
7.2 |
HIGH
|
ibm
|
aix
|
dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and earlier does not properly check privileges, which allows local users to overwrite arbitrary files and gain privileges.
|
NVD-CWE-Other
|
CVE-1999-1552
|
2008-09-11 04:02 |
1994-07-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364302
|
7.2 |
HIGH
|
nortel
|
optivity_net_architect
|
The bna_pass program in Optivity NETarchitect uses the PATH environmental variable for finding the "rm" program, which allows local users to execute arbitrary commands.
|
NVD-CWE-Other
|
CVE-2000-0009
|
2008-09-11 04:02 |
1999-12-29 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364303
|
7.5 |
HIGH
|
analogx
|
simpleserver_www
|
Buffer overflow in AnalogX SimpleServer:WWW HTTP server allows remote attackers to execute commands via a long GET request.
|
NVD-CWE-Other
|
CVE-2000-0011
|
2008-09-11 04:02 |
1999-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364304
|
10.0 |
HIGH
|
hughes
|
msql
|
Buffer overflow in w3-msql CGI program in miniSQL package allows remote attackers to execute commands.
|
NVD-CWE-Other
|
CVE-2000-0012
|
2008-09-11 04:02 |
1999-12-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364305
|
7.2 |
HIGH
|
sgi
|
irix
|
IRIX soundplayer program allows local users to gain privileges by including shell metacharacters in a .wav file, which is executed via the midikeys program.
|
NVD-CWE-Other
|
CVE-2000-0013
|
2008-09-11 04:02 |
1999-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364306
|
5.0 |
MEDIUM
|
michael_lamont
|
savant_webserver
|
Denial of service in Savant web server via a null character in the requested URL.
|
NVD-CWE-Other
|
CVE-2000-0014
|
2008-09-11 04:02 |
1999-12-28 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364307
|
4.6 |
MEDIUM
|
ascend
|
cascadeview_ux
|
CascadeView TFTP server allows local users to gain privileges via a symlink attack.
|
NVD-CWE-Other
|
CVE-2000-0015
|
2008-09-11 04:02 |
1999-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364308
|
5.0 |
MEDIUM
|
true_north
|
internet_anywhere_mail_server
|
Buffer overflow in Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service or execute commands via a long username.
|
NVD-CWE-Other
|
CVE-2000-0016
|
2008-09-11 04:02 |
1999-10-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364309
|
7.2 |
HIGH
|
windowmaker
|
wmmon
|
wmmon in FreeBSD allows local users to gain privileges via the .wmmonrc configuration file.
|
NVD-CWE-Other
|
CVE-2000-0018
|
2008-09-11 04:02 |
1999-12-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364310
|
5.0 |
MEDIUM
|
lotus
|
domino_server
|
Lotus Domino HTTP server allows remote attackers to determine the real path of the server via a request to a non-existent script in /cgi-bin.
|
NVD-CWE-Other
|
CVE-2000-0021
|
2008-09-11 04:02 |
1999-12-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364311
|
5.0 |
MEDIUM
|
lotus
|
domino_server
|
Lotus Domino HTTP server does not properly disable anonymous access for the cgi-bin directory.
|
NVD-CWE-Other
|
CVE-2000-0022
|
2008-09-11 04:02 |
1999-12-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364312
|
5.0 |
MEDIUM
|
lotus
|
domino_server
|
Buffer overflow in Lotus Domino HTTP server allows remote attackers to cause a denial of service via a long URL.
|
NVD-CWE-Other
|
CVE-2000-0023
|
2008-09-11 04:02 |
1999-12-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364313
|
6.2 |
MEDIUM
|
ibm
|
network_station_manager
|
IBM Network Station Manager NetStation allows local users to gain privileges via a symlink attack.
|
NVD-CWE-Other
|
CVE-2000-0027
|
2008-09-11 04:02 |
1999-12-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364314
|
5.0 |
MEDIUM
|
trend_micro
|
interscan_viruswall
|
InterScan VirusWall SMTP scanner does not properly scan messages with malformed attachments.
|
NVD-CWE-Other
|
CVE-2000-0033
|
2008-09-11 04:02 |
1999-12-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364315
|
5.0 |
MEDIUM
|
altavista
|
search_intranet
|
AltaVista search engine allows remote attackers to read files above the document root via a .. (dot dot) in the query.cgi CGI program.
|
NVD-CWE-Other
|
CVE-2000-0039
|
2008-09-11 04:02 |
1999-12-29 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364316
|
10.0 |
HIGH
|
csm
|
mail_server
|
Buffer overflow in CSM mail server allows remote attackers to cause a denial of service or execute commands via a long HELO command.
|
NVD-CWE-Other
|
CVE-2000-0042
|
2008-09-11 04:02 |
1999-12-29 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364317
|
7.5 |
HIGH
|
camshot
|
webcam_http_server
|
Buffer overflow in CamShot WebCam HTTP server allows remote attackers to execute commands via a long GET request.
|
NVD-CWE-Other
|
CVE-2000-0043
|
2008-09-11 04:02 |
1999-12-30 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364318
|
10.0 |
HIGH
|
jgaa
|
warftpd
|
Macros in War FTP 1.70 and 1.67b2 allow local or remote attackers to read arbitrary files or execute commands.
|
NVD-CWE-Other
|
CVE-2000-0044
|
2008-09-11 04:02 |
2000-01-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364319
|
7.5 |
HIGH
|
mirabilis
|
icq
|
Buffer overflow in ICQ 99b 1.1.1.1 client allows remote attackers to execute commands via a malformed URL within an ICQ message.
|
NVD-CWE-Other
|
CVE-2000-0046
|
2008-09-11 04:02 |
2000-01-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364320
|
7.2 |
HIGH
|
corel
|
linux
|
get_it program in Corel Linux Update allows local users to gain root access by specifying an alternate PATH for the cp program.
|
NVD-CWE-Other
|
CVE-2000-0048
|
2008-09-11 04:02 |
2000-01-12 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364321
|
7.2 |
HIGH
|
nullsoft
|
winamp
|
Buffer overflow in Winamp client allows remote attackers to execute commands via a long entry in a .pls file.
|
NVD-CWE-Other
|
CVE-2000-0049
|
2008-09-11 04:02 |
2000-01-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364322
|
4.6 |
MEDIUM
|
allaire
|
spectra
|
The Allaire Spectra Webtop allows authenticated users to access other Webtop sections by specifying explicit URLs.
|
NVD-CWE-Other
|
CVE-2000-0050
|
2008-09-11 04:02 |
2000-01-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364323
|
5.0 |
MEDIUM
|
allaire
|
spectra
|
The Allaire Spectra Configuration Wizard allows remote attackers to cause a denial of service by repeatedly resubmitting data collections for indexing via a URL.
|
NVD-CWE-Other
|
CVE-2000-0051
|
2008-09-11 04:02 |
2000-01-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364324
|
7.2 |
HIGH
|
mandrakesoft redhat turbolinux
|
mandrake_linux linux turbolinux
|
Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack.
|
NVD-CWE-Other
|
CVE-2000-0052
|
2008-09-11 04:02 |
2000-01-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364325
|
5.0 |
MEDIUM
|
solution_scripts
|
home_free
|
search.cgi in the SolutionScripts Home Free package allows remote attackers to view directories via a .. (dot dot) attack.
|
NVD-CWE-Other
|
CVE-2000-0054
|
2008-09-11 04:02 |
1999-01-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364326
|
5.0 |
MEDIUM
|
ipswitch
|
imail
|
IMail IMONITOR status.cgi CGI script allows remote attackers to cause a denial of service with many calls to status.cgi.
|
NVD-CWE-Other
|
CVE-2000-0056
|
2008-09-11 04:02 |
2000-01-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364327
|
7.5 |
HIGH
|
allaire
|
coldfusion_server
|
Cold Fusion CFCACHE tag places temporary cache files within the web document root, allowing remote attackers to obtain sensitive system information.
|
NVD-CWE-Other
|
CVE-2000-0057
|
2008-09-11 04:02 |
2000-01-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364328
|
5.0 |
MEDIUM
|
handspring
|
visor_network_hotsync
|
Network HotSync program in Handspring Visor does not have authentication, which allows remote attackers to retrieve email and files.
|
NVD-CWE-Other
|
CVE-2000-0058
|
2008-09-11 04:02 |
2000-01-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364329
|
10.0 |
HIGH
|
php
|
php
|
PHP3 with safe_mode enabled does not properly filter shell metacharacters from commands that are executed by popen, which could allow remote attackers to execute commands.
|
NVD-CWE-Other
|
CVE-2000-0059
|
2008-09-11 04:02 |
2000-01-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364330
|
5.0 |
MEDIUM
|
nortel
|
contivity
|
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script.
|
NVD-CWE-Other
|
CVE-2000-0063
|
2008-09-11 04:02 |
2000-01-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364331
|
5.0 |
MEDIUM
|
nortel
|
contivity
|
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters.
|
NVD-CWE-Other
|
CVE-2000-0064
|
2008-09-11 04:02 |
2000-01-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364332
|
5.0 |
MEDIUM
|
nosque
|
msgcore
|
Super Mail Transfer Package (SMTP), later called MsgCore, has a memory leak which allows remote attackers to cause a denial of service by repeating multiple HELO, MAIL FROM, RCPT TO, and DATA command…
|
NVD-CWE-Other
|
CVE-2000-0075
|
2008-09-11 04:02 |
2000-01-13 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364333
|
7.5 |
HIGH
|
w3c
|
cern_httpd
|
The W3C CERN httpd HTTP server allows remote attackers to determine the real pathnames of some commands via a request for a nonexistent URL.
|
NVD-CWE-Other
|
CVE-2000-0079
|
2008-09-11 04:02 |
2000-01-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364334
|
4.6 |
MEDIUM
|
hp
|
hp-ux
|
HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local users to cause a denial of service or gain additional privileges.
|
NVD-CWE-Other
|
CVE-2000-0083
|
2008-09-11 04:02 |
2000-04-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364335
|
5.0 |
MEDIUM
|
netopia
|
timbuktu_pro
|
Netopia Timbuktu Pro sends user IDs and passwords in cleartext, which allows remote attackers to obtain them via sniffing.
|
NVD-CWE-Other
|
CVE-2000-0086
|
2008-09-11 04:02 |
2000-01-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364336
|
3.6 |
LOW
|
vmware
|
workstation
|
VMWare 1.1.2 allows local users to cause a denial of service via a symlink attack.
|
NVD-CWE-Other
|
CVE-2000-0090
|
2008-09-11 04:02 |
2000-01-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364337
|
10.0 |
HIGH
|
inter7
|
vpopmail
|
Buffer overflow in vchkpw/vpopmail POP authentication package allows remote attackers to gain root privileges via a long username or password.
|
NVD-CWE-Other
|
CVE-2000-0091
|
2008-09-11 04:02 |
2000-01-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364338
|
5.0 |
MEDIUM
|
hp
|
hp-ux
|
The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for determining the optimum MTU generates large amounts of traffic in response to small packets, allowing remote attackers to cause the syst…
|
NVD-CWE-Other
|
CVE-2000-0095
|
2008-09-11 04:02 |
2000-01-24 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364339
|
7.2 |
HIGH
|
qualcomm
|
qpopper
|
Buffer overflow in qpopper 3.0 beta versions allows local users to gain privileges via a long LIST command.
|
NVD-CWE-Other
|
CVE-2000-0096
|
2008-09-11 04:02 |
2000-01-26 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364340
|
5.0 |
MEDIUM
|
microsoft
|
outlook_express
|
Outlook Express 5.01 and Internet Explorer 5.01 allow remote attackers to view a user's email messages via a script that accesses a variable that references subsequent email messages that are read by…
|
NVD-CWE-Other
|
CVE-2000-0105
|
2008-09-11 04:02 |
2000-02-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364341
|
7.2 |
HIGH
|
debian
|
debian_linux
|
Linux apcd program allows local attackers to modify arbitrary files via a symlink attack.
|
NVD-CWE-Other
|
CVE-2000-0107
|
2008-09-11 04:02 |
2000-02-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364342
|
7.5 |
HIGH
|
avt
|
rightfax
|
The RightFax web client uses predictable session numbers, which allows remote attackers to hijack user sessions.
|
NVD-CWE-Other
|
CVE-2000-0111
|
2008-09-11 04:02 |
2000-01-29 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364343
|
7.5 |
HIGH
|
checkpoint
|
firewall-1
|
Firewall-1 does not properly filter script tags, which allows remote attackers to bypass the "Strip Script Tags" restriction by including an extra < in front of the SCRIPT tag.
|
NVD-CWE-Other
|
CVE-2000-0116
|
2008-09-11 04:02 |
2000-01-29 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364344
|
7.2 |
HIGH
|
sun
|
cobalt_raq cobalt_raq_2 cobalt_raq_3i
|
The siteUserMod.cgi program in Cobalt RaQ2 servers allows any Site Administrator to modify passwords for other users, site administrators, and possibly admin (root).
|
NVD-CWE-Other
|
CVE-2000-0117
|
2008-09-11 04:02 |
2000-01-30 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364345
|
2.1 |
LOW
|
surfcontrol
|
superscout
|
surfCONTROL SuperScout does not properly asign a category to web sites with a . (dot) at the end, which may allow users to bypass web access restrictions.
|
NVD-CWE-Other
|
CVE-2000-0124
|
2008-09-11 04:02 |
2000-02-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364346
|
7.5 |
HIGH
|
progress
|
webspeed
|
The Webspeed configuration program does not properly disable access to the WSMadmin utility, which allows remote attackers to gain privileges via wsisa.dll.
|
NVD-CWE-Other
|
CVE-2000-0127
|
2008-09-11 04:02 |
2000-02-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364347
|
10.0 |
HIGH
|
daniel_beckham
|
the_finger_server
|
The Finger Server 0.82 allows remote attackers to execute commands via shell metacharacters.
|
NVD-CWE-Other
|
CVE-2000-0128
|
2008-09-11 04:02 |
2000-02-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364348
|
7.2 |
HIGH
|
hp
|
hp-ux
|
Vulnerability in Vue 3.0 in HP 9.x allows local users to gain root privileges, as fixed by PHSS_4038, PHSS_4055, and PHSS_4066.
|
NVD-CWE-Other
|
CVE-1999-1134
|
2008-09-11 04:01 |
1994-05-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364349
|
5.0 |
MEDIUM
|
flavio_veloso
|
nobo
|
nobo 1.2 allows remote attackers to cause a denial of service (crash) via a series of large UDP packets.
|
NVD-CWE-Other
|
CVE-1999-1169
|
2008-09-11 04:01 |
1999-02-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
364350
|
4.6 |
MEDIUM
|
iomega
|
zip_100_mb_drive
|
ZIP drive for Iomega ZIP-100 disks allows attackers with physical access to the drive to bypass password protection by inserting a known disk with a known password, waiting for the ZIP drive to power…
|
NVD-CWE-Other
|
CVE-1999-1174
|
2008-09-11 04:01 |
2001-12-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|