CVE-2000-0xxx

There are 990 CVE in this subgroup.
Last updated: 
← Back to 2000
ID Summary Flags Max Score
CVE-2000-0001 RealMedia server allows remote attackers to cause a denial of service via a long ramgen request....
CVE-2000-0002 Buffer overflow in ZBServer Pro 1.50 allows remote attackers to execute commands via a long GET requ...
CVE-2000-0003 Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmen...
CVE-2000-0004 ZBServer Pro allows remote attackers to read source code for executable files by inserting a . (dot)...
CVE-2000-0005 HP-UX aserver program allows local users to gain privileges via a symlink attack....
CVE-2000-0006 strace allows local users to read arbitrary files via memory mapped file names....
CVE-2000-0007 Trend Micro PC-Cillin does not restrict access to its internal proxy port, allowing remote attackers...
CVE-2000-0008 FTPPro allows local users to read sensitive information, which is stored in plain text....
CVE-2000-0009 The bna_pass program in Optivity NETarchitect uses the PATH environmental variable for finding the "...
CVE-2000-0010 WebWho+ whois.cgi program allows remote attackers to execute commands via shell metacharacters in th...
CVE-2000-0011 Buffer overflow in AnalogX SimpleServer:WWW HTTP server allows remote attackers to execute commands ...
CVE-2000-0012 Buffer overflow in w3-msql CGI program in miniSQL package allows remote attackers to execute command...
CVE-2000-0013 IRIX soundplayer program allows local users to gain privileges by including shell metacharacters in ...
CVE-2000-0014 Denial of service in Savant web server via a null character in the requested URL....
CVE-2000-0015 CascadeView TFTP server allows local users to gain privileges via a symlink attack....
CVE-2000-0016 Buffer overflow in Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of s...
CVE-2000-0017 Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a lon...
CVE-2000-0018 wmmon in FreeBSD allows local users to gain privileges via the .wmmonrc configuration file....
CVE-2000-0019 IMail POP3 daemon uses weak encryption, which allows local users to read files....
CVE-2000-0020 DNS PRO allows remote attackers to conduct a denial of service via a large number of connections....
CVE-2000-0021 Lotus Domino HTTP server allows remote attackers to determine the real path of the server via a requ...
CVE-2000-0022 Lotus Domino HTTP server does not properly disable anonymous access for the cgi-bin directory....
CVE-2000-0023 Buffer overflow in Lotus Domino HTTP server allows remote attackers to cause a denial of service via...
CVE-2000-0024 IIS does not properly canonicalize URLs, potentially allowing remote attackers to bypass access rest...
CVE-2000-0025 IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is ...
CVE-2000-0026 Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long...
CVE-2000-0027 IBM Network Station Manager NetStation allows local users to gain privileges via a symlink attack....
CVE-2000-0028 Internet Explorer 5.0 and 5.01 allows remote attackers to bypass the cross frame security policy and...
CVE-2000-0029 UnixWare pis and mkpis commands allow local users to gain privileges via a symlink attack....
CVE-2000-0030 Solaris dmispd dmi_cmd allows local users to fill up restricted disk space by adding files to the /v...
CVE-2000-0031 The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack....
CVE-2000-0032 Solaris dmi_cmd allows local users to crash the dmispd daemon by adding a malformed file to the /var...
CVE-2000-0033 InterScan VirusWall SMTP scanner does not properly scan messages with malformed attachments....
CVE-2000-0034 Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even i...
CVE-2000-0035 resend command in Majordomo allows local users to gain privileges via shell metacharacters....
CVE-2000-0036 Outlook Express 5 for Macintosh downloads attachments to HTML mail without prompting the user, aka t...
CVE-2000-0037 Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration fil...
CVE-2000-0038 glFtpD includes a default glftpd user account with a default password and a UID of 0....
CVE-2000-0039 AltaVista search engine allows remote attackers to read files above the document root via a .. (dot ...
CVE-2000-0040 glFtpD allows local users to gain privileges via metacharacters in the SITE ZIPCHK command....
CVE-2000-0041 Macintosh systems generate large ICMP datagrams in response to malformed datagrams, allowing them to...
CVE-2000-0042 Buffer overflow in CSM mail server allows remote attackers to cause a denial of service or execute c...
CVE-2000-0043 Buffer overflow in CamShot WebCam HTTP server allows remote attackers to execute commands via a long...
CVE-2000-0044 Macros in War FTP 1.70 and 1.67b2 allow local or remote attackers to read arbitrary files or execute...
CVE-2000-0045 MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege....
CVE-2000-0046 Buffer overflow in ICQ 99b 1.1.1.1 client allows remote attackers to execute commands via a malforme...
CVE-2000-0047 Buffer overflow in Yahoo Pager/Messenger client allows remote attackers to cause a denial of service...
CVE-2000-0048 get_it program in Corel Linux Update allows local users to gain root access by specifying an alterna...
CVE-2000-0049 Buffer overflow in Winamp client allows remote attackers to execute commands via a long entry in a ....
CVE-2000-0050 The Allaire Spectra Webtop allows authenticated users to access other Webtop sections by specifying ...
S
CVE-2000-0051 The Allaire Spectra Configuration Wizard allows remote attackers to cause a denial of service by rep...
S
CVE-2000-0052 Red Hat userhelper program in the usermode package allows local users to gain root access via PAM an...
CVE-2000-0053 Microsoft Commercial Internet System (MCIS) IMAP server allows remote attackers to cause a denial of...
CVE-2000-0054 search.cgi in the SolutionScripts Home Free package allows remote attackers to view directories via ...
CVE-2000-0055 Buffer overflow in Solaris chkperm command allows local users to gain root access via a long -n opti...
CVE-2000-0056 IMail IMONITOR status.cgi CGI script allows remote attackers to cause a denial of service with many ...
CVE-2000-0057 Cold Fusion CFCACHE tag places temporary cache files within the web document root, allowing remote a...
S
CVE-2000-0058 Network HotSync program in Handspring Visor does not have authentication, which allows remote attack...
CVE-2000-0059 PHP3 with safe_mode enabled does not properly filter shell metacharacters from commands that are exe...
CVE-2000-0060 Buffer overflow in aVirt Rover POP3 server 1.1 allows remote attackers to cause a denial of service ...
CVE-2000-0061 Internet Explorer 5 does not modify the security zone for a document that is being loaded into a win...
CVE-2000-0062 The DTML implementation in the Z Object Publishing Environment (Zope) allows remote attackers to con...
CVE-2000-0063 cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files b...
CVE-2000-0064 cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of serv...
CVE-2000-0065 Buffer overflow in InetServ 3.0 allows remote attackers to execute commands via a long GET request....
CVE-2000-0066 WebSite Pro allows remote attackers to determine the real pathname of webdirectories via a malformed...
CVE-2000-0067 CyberCash Merchant Connection Kit (MCK) allows local users to modify files via a symlink attack....
CVE-2000-0068 daynad program in Intel InBusiness E-mail Station does not require authentication, which allows remo...
CVE-2000-0069 The recover program in Solstice Backup allows local users to restore sensitive files....
CVE-2000-0070 NtImpersonateClientOfPort local procedure call in Windows NT 4.0 allows local users to gain privileg...
E S
CVE-2000-0071 IIS 4.0 allows a remote attacker to obtain the real pathname of the document root by requesting non-...
CVE-2000-0072 Visual Casel (Vcasel) does not properly prevent users from executing files, which allows local users...
CVE-2000-0073 Buffer overflow in Microsoft Rich Text Format (RTF) reader allows attackers to cause a denial of ser...
CVE-2000-0074 PowerScripts PlusMail CGI program allows remote attackers to execute commands via a password file wi...
CVE-2000-0075 Super Mail Transfer Package (SMTP), later called MsgCore, has a memory leak which allows remote atta...
CVE-2000-0076 nviboot boot script in the Debian nvi package allows local users to delete files via malformed entri...
CVE-2000-0077 The October 1998 version of the HP-UX aserver program allows local users to gain privileges by speci...
CVE-2000-0078 The June 1999 version of the HP-UX aserver program allows local users to gain privileges by specifyi...
CVE-2000-0079 The W3C CERN httpd HTTP server allows remote attackers to determine the real pathnames of some comma...
CVE-2000-0080 AIX techlibss allows local users to overwrite files via a symlink attack....
CVE-2000-0081 Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attack...
CVE-2000-0082 WebTV email client allows remote attackers to force the client to send email without the user's know...
CVE-2000-0083 HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local u...
CVE-2000-0084 CuteFTP uses weak encryption to store password information in its tree.dat file....
CVE-2000-0085 Hotmail does not properly filter JavaScript code from a user's mailbox, which allows a remote attack...
CVE-2000-0086 Netopia Timbuktu Pro sends user IDs and passwords in cleartext, which allows remote attackers to obt...
CVE-2000-0087 Netscape Mail Notification (nsnotify) utility in Netscape Communicator uses IMAP without SSL, even i...
CVE-2000-0088 Buffer overflow in the conversion utilities for Japanese, Korean and Chinese Word 5 documents allows...
CVE-2000-0089 The rdisk utility in Microsoft Terminal Server Edition and Windows NT 4.0 stores registry hive infor...
CVE-2000-0090 VMWare 1.1.2 allows local users to cause a denial of service via a symlink attack....
CVE-2000-0091 Buffer overflow in vchkpw/vpopmail POP authentication package allows remote attackers to gain root p...
CVE-2000-0092 The BSD make program allows local users to modify files via a symlink attack when the -j option is b...
CVE-2000-0093 An installation of Red Hat uses DES password encryption with crypt() for the initial password, inste...
CVE-2000-0094 procfs in BSD systems allows local users to gain root privileges by modifying the /proc/pid/mem inte...
CVE-2000-0095 The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for determining the optimum MTU generates...
CVE-2000-0096 Buffer overflow in qpopper 3.0 beta versions allows local users to gain privileges via a long LIST c...
CVE-2000-0097 The WebHits ISAPI filter in Microsoft Index Server allows remote attackers to read arbitrary files, ...
CVE-2000-0098 Microsoft Index Server allows remote attackers to determine the real path for a web directory via a ...
CVE-2000-0099 Buffer overflow in UnixWare ppptalk command allows local users to gain privileges via a long prompt ...
CVE-2000-0100 The SMS Remote Control program is installed with insecure permissions, which allows local users to g...
CVE-2000-0101 The Make-a-Store OrderPage shopping cart application allows remote users to modify sensitive purchas...
CVE-2000-0102 The SalesCart shopping cart application allows remote users to modify sensitive purchase information...
CVE-2000-0103 The SmartCart shopping cart application allows remote users to modify sensitive purchase information...
CVE-2000-0104 The Shoptron shopping cart application allows remote users to modify sensitive purchase information ...
CVE-2000-0105 Outlook Express 5.01 and Internet Explorer 5.01 allow remote attackers to view a user's email messag...
CVE-2000-0106 The EasyCart shopping cart application allows remote users to modify sensitive purchase information ...
CVE-2000-0107 Linux apcd program allows local attackers to modify arbitrary files via a symlink attack....
CVE-2000-0108 The Intellivend shopping cart application allows remote users to modify sensitive purchase informati...
CVE-2000-0109 The mcsp Client Site Processor system (MultiCSP) in Standard and Poor's ComStock is installed with s...
CVE-2000-0110 The WebSiteTool shopping cart application allows remote users to modify sensitive purchase informati...
CVE-2000-0111 The RightFax web client uses predictable session numbers, which allows remote attackers to hijack us...
CVE-2000-0112 The default installation of Debian GNU/Linux uses an insecure Master Boot Record (MBR) which allows ...
CVE-2000-0113 The SyGate Remote Management program does not properly restrict access to its administration service...
CVE-2000-0114 Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account v...
CVE-2000-0115 IIS allows local users to cause a denial of service via invalid regular expressions in a Visual Basi...
CVE-2000-0116 Firewall-1 does not properly filter script tags, which allows remote attackers to bypass the "Strip ...
CVE-2000-0117 The siteUserMod.cgi program in Cobalt RaQ2 servers allows any Site Administrator to modify passwords...
CVE-2000-0118 The Red Hat Linux su program does not log failed password guesses if the su process is killed before...
CVE-2000-0119 The default configurations for McAfee Virus Scan and Norton Anti-Virus virus checkers do not check f...
CVE-2000-0120 The Remote Access Service invoke.cfm template in Allaire Spectra 1.0 allows users to bypass authenti...
CVE-2000-0121 The Recycle Bin utility in Windows NT and Windows 2000 allows local users to read or modify files by...
CVE-2000-0122 Frontpage Server Extensions allows remote attackers to determine the physical path of a virtual dire...
CVE-2000-0123 The shopping cart application provided with Filemaker allows remote users to modify sensitive purcha...
CVE-2000-0124 surfCONTROL SuperScout does not properly asign a category to web sites with a . (dot) at the end, wh...
CVE-2000-0125 wwwthreads does not properly cleanse numeric data or table names that are passed to SQL queries, whi...
CVE-2000-0126 Sample Internet Data Query (IDQ) scripts in IIS 3 and 4 allow remote attackers to read files via a ....
CVE-2000-0127 The Webspeed configuration program does not properly disable access to the WSMadmin utility, which a...
CVE-2000-0128 The Finger Server 0.82 allows remote attackers to execute commands via shell metacharacters....
CVE-2000-0129 Buffer overflow in the SHGetPathFromIDList function of the Serv-U FTP server allows attackers to cau...
CVE-2000-0130 Buffer overflow in SCO scohelp program allows remote attackers to execute commands....
CVE-2000-0131 Buffer overflow in War FTPd 1.6x allows users to cause a denial of service via long MKD and CWD comm...
CVE-2000-0132 Microsoft Java Virtual Machine allows remote attackers to read files via the getSystemResourceAsStre...
CVE-2000-0133 Buffer overflows in Tiny FTPd 0.52 beta3 FTP server allows users to execute commands via the STOR, R...
CVE-2000-0134 The Check It Out shopping cart application allows remote users to modify sensitive purchase informat...
CVE-2000-0135 The @Retail shopping cart application allows remote users to modify sensitive purchase information v...
CVE-2000-0136 The Cart32 shopping cart application allows remote users to modify sensitive purchase information vi...
CVE-2000-0137 The CartIt shopping cart application allows remote users to modify sensitive purchase information vi...
CVE-2000-0138 A system has a distributed denial of service (DDOS) attack master, agent, or zombie installed, such ...
CVE-2000-0139 Internet Anywhere POP3 Mail Server allows local users to cause a denial of service via a malformed R...
CVE-2000-0140 Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service via a large ...
CVE-2000-0141 Infopop Ultimate Bulletin Board (UBB) allows remote attackers to execute commands via shell metachar...
CVE-2000-0142 The authentication protocol in Timbuktu Pro 2.0b650 allows remote attackers to cause a denial of ser...
CVE-2000-0143 The SSH protocol server sshd allows local users without shell access to redirect a TCP connection th...
CVE-2000-0144 Axis 700 Network Scanner does not properly restrict access to administrator URLs, which allows users...
CVE-2000-0145 The libguile.so library file used by gnucash in Debian GNU/Linux is installed with world-writable pe...
CVE-2000-0146 The Java Server in the Novell GroupWise Web Access Enhancement Pack allows remote attackers to cause...
E S
CVE-2000-0147 snmpd in SCO OpenServer has an SNMP community string that is writable by default, which allows local...
S
CVE-2000-0148 MySQL 3.22 allows remote attackers to bypass password authentication and access a database via a sho...
CVE-2000-0149 Zeus web server allows remote attackers to view the source code for CGI programs via a null characte...
CVE-2000-0150 Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server b...
CVE-2000-0151 GNU make follows symlinks when it reads a Makefile from stdin, which allows other local users to exe...
S
CVE-2000-0152 Remote attackers can cause a denial of service in Novell BorderManager 3.5 by pressing the enter key...
CVE-2000-0153 FrontPage Personal Web Server (PWS) allows remote attackers to read files via a .... (dot dot) attac...
CVE-2000-0154 The ARCserve agent in UnixWare allows local attackers to modify arbitrary files via a symlink attack...
E S
CVE-2000-0155 Windows NT Autorun executes the autorun.inf file on non-removable media, which allows local attacker...
E S
CVE-2000-0156 Internet Explorer 4.x and 5.x allows remote web servers to access files on the client that are outsi...
CVE-2000-0157 NetBSD ptrace call on VAX allows local users to gain privileges by modifying the PSL contents in the...
CVE-2000-0158 Buffer overflow in MMDF server allows remote attackers to gain privileges via a long MAIL FROM comma...
S
CVE-2000-0159 HP Ignite-UX does not save /etc/passwd when it creates an image of a trusted system, which can set t...
CVE-2000-0160 The Microsoft Active Setup ActiveX component in Internet Explorer 4.x and 5.x allows a remote attack...
CVE-2000-0161 Sample web sites on Microsoft Site Server 3.0 Commerce Edition do not validate an identification num...
CVE-2000-0162 The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read...
CVE-2000-0163 asmon and ascpu in FreeBSD allow local users to gain root privileges via a configuration file....
CVE-2000-0164 The installation of Sun Internet Mail Server (SIMS) creates a world-readable file that allows local ...
E
CVE-2000-0165 The Delegate application proxy has several buffer overflows which allow a remote attacker to execute...
CVE-2000-0166 Buffer overflow in the InterAccess telnet server TelnetD allows remote attackers to execute commands...
CVE-2000-0167 IIS Inetinfo.exe allows local users to cause a denial of service by creating a mail file with a long...
CVE-2000-0168 Microsoft Windows 9x operating systems allow an attacker to cause a denial of service via a pathname...
CVE-2000-0169 Batch files in the Oracle web listener ows-bin directory allow remote attackers to execute commands ...
CVE-2000-0170 Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER e...
CVE-2000-0171 atsadc in the atsar package for Linux does not properly check the permissions of an output file, whi...
CVE-2000-0172 The mtr program only uses a seteuid call when attempting to drop privileges, which could allow local...
CVE-2000-0173 Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote attackers to cause a denial of ...
S
CVE-2000-0174 StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot do...
CVE-2000-0175 Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access v...
CVE-2000-0176 The default configuration of Serv-U 2.5d and earlier allows remote attackers to determine the real p...
E S
CVE-2000-0177 DNSTools CGI applications allow remote attackers to execute arbitrary commands via shell metacharact...
CVE-2000-0178 ServerIron switches by Foundry Networks have predictable TCP/IP sequence numbers, which allows remot...
CVE-2000-0179 HP OpenView OmniBack 2.55 allows remote attackers to cause a denial of service via a large number of...
E S
CVE-2000-0180 Sojourn search engine allows remote attackers to read arbitrary files via a .. (dot dot) attack....
E S
CVE-2000-0181 Firewall-1 3.0 and 4.0 leaks packets with private IP address information, which could allow remote a...
CVE-2000-0182 iPlanet Web Server 4.1 allows remote attackers to cause a denial of service via a large number of GE...
CVE-2000-0183 Buffer overflow in ircII 4.4 IRC client allows remote attackers to execute commands via the DCC chat...
CVE-2000-0184 Linux printtool sets the permissions of printer configuration files to be world-readable, which allo...
CVE-2000-0185 RealMedia RealServer reveals the real IP address of a Real Server, even if the address is supposed t...
CVE-2000-0186 Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain pr...
CVE-2000-0187 EZShopper 3.0 loadpage.cgi CGI script allows remote attackers to read arbitrary files via a .. (dot ...
E S
CVE-2000-0188 EZShopper 3.0 search.cgi CGI script allows remote attackers to read arbitrary files via a .. (dot do...
E S
CVE-2000-0189 ColdFusion Server 4.x allows remote attackers to determine the real pathname of the server via an HT...
CVE-2000-0190 AOL Instant Messenger (AIM) client allows remote attackers to cause a denial of service via a messag...
CVE-2000-0191 Axis StorPoint CD allows remote attackers to access administrator URLs without authentication via a ...
E S
CVE-2000-0192 The default installation of Caldera OpenLinux 2.3 includes the CGI program rpm_query, which allows r...
CVE-2000-0193 The default configuration of Dosemu in Corel Linux 1.0 allows local users to execute the system.com ...
E S
CVE-2000-0194 buildxconf in Corel Linux allows local users to modify or create arbitrary files via the -x or -f pa...
CVE-2000-0195 setxconf in Corel Linux allows local users to gain root access via the -T parameter, which executes ...
CVE-2000-0196 Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via m...
CVE-2000-0197 The Windows NT scheduler uses the drive mapping of the interactive user who is currently logged onto...
E S
CVE-2000-0198 Buffer overflow in POP3 and IMAP servers in the MERCUR mail server suite allows remote attackers to ...
CVE-2000-0199 When a new SQL Server is registered in Enterprise Manager for Microsoft SQL Server 7.0 and the "Alwa...
E S
CVE-2000-0200 Buffer overflow in Microsoft Clip Art Gallery allows remote attackers to cause a denial of service o...
CVE-2000-0201 The window.showHelp() method in Internet Explorer 5.x does not restrict HTML help files (.chm) to be...
CVE-2000-0202 Microsoft SQL Server 7.0 and Microsoft Data Engine (MSDE) 1.0 allow remote attackers to gain privile...
CVE-2000-0203 The Trend Micro OfficeScan client tmlisten.exe allows remote attackers to cause a denial of service ...
S
CVE-2000-0204 The Trend Micro OfficeScan client allows remote attackers to cause a denial of service by making 5 c...
CVE-2000-0205 Trend Micro OfficeScan allows remote attackers to replay administrative commands and modify the conf...
E S
CVE-2000-0206 The installation of Oracle 8.1.5.x on Linux follows symlinks and creates the orainstRoot.sh file wit...
CVE-2000-0207 SGI InfoSearch CGI program infosrch.cgi allows remote attackers to execute commands via shell metach...
CVE-2000-0208 The htdig (ht://Dig) CGI program htsearch allows remote attackers to read arbitrary files by enclosi...
CVE-2000-0209 Buffer overflow in Lynx 2.x allows remote attackers to crash Lynx and possibly execute commands via ...
CVE-2000-0210 The lit program in Sun Flex License Manager (FlexLM) follows symlinks, which allows local users to m...
CVE-2000-0211 The Windows Media server allows remote attackers to cause a denial of service via a series of client...
CVE-2000-0212 InterAccess TelnetD Server 4.0 allows remote attackers to conduct a denial of service via malformed ...
CVE-2000-0213 The Sambar server includes batch files ECHO.BAT and HELLO.BAT in the CGI directory, which allow remo...
S
CVE-2000-0214 FTP Explorer uses weak encryption for storing the username, password, and profile of FTP sites....
CVE-2000-0215 Vulnerability in SCO cu program in UnixWare 7.x allows local users to gain privileges....
CVE-2000-0216 Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Re...
CVE-2000-0217 The default configuration of SSH allows X forwarding, which could allow a remote attacker to control...
CVE-2000-0218 Buffer overflow in Linux mount and umount allows local users to gain root privileges via a long rela...
CVE-2000-0219 Red Hat 6.0 allows local users to gain root access by booting single user and hitting ^C at the pass...
E S
CVE-2000-0220 ZoneAlarm sends sensitive system and network information in cleartext to the Zone Labs server if a u...
CVE-2000-0221 The Nautica Marlin bridge allows remote attackers to cause a denial of service via a zero length UDP...
CVE-2000-0222 The installation for Windows 2000 does not activate the Administrator password until the system has ...
CVE-2000-0223 Buffer overflow in the wmcdplay CD player program for the WindowMaker desktop allows local users to ...
CVE-2000-0224 ARCserve agent in SCO UnixWare 7.x allows local attackers to gain root privileges via a symlink atta...
CVE-2000-0225 The Pocsag POC32 program does not properly prevent remote users from accessing its server port, even...
E
CVE-2000-0226 IIS 4.0 allows attackers to cause a denial of service by requesting a large buffer in a POST or PUT ...
CVE-2000-0227 The Linux 2.2.x kernel does not restrict the number of Unix domain sockets as defined by the wmem_ma...
CVE-2000-0228 Microsoft Windows Media License Manager allows remote attackers to cause a denial of service by send...
CVE-2000-0229 gpm-root in the gpm package does not properly drop privileges, which allows local users to gain priv...
CVE-2000-0230 Buffer overflow in imwheel allows local users to gain root privileges via the imwheel-solo script an...
CVE-2000-0231 Linux kreatecd trusts a user-supplied path that is used to find the cdrecord program, allowing local...
CVE-2000-0232 Microsoft TCP/IP Printing Services, aka Print Services for Unix, allows an attacker to cause a denia...
CVE-2000-0233 SuSE Linux IMAP server allows remote attackers to bypass IMAP authentication and gain privileges....
CVE-2000-0234 The default configuration of Cobalt RaQ2 and RaQ3 as specified in access.conf allows remote attacker...
CVE-2000-0235 Buffer overflow in the huh program in the orville-write package allows local users to gain root priv...
CVE-2000-0236 Netscape Enterprise Server with Directory Indexing enabled allows remote attackers to list server di...
CVE-2000-0237 Netscape Enterprise Server with Web Publishing enabled allows remote attackers to list arbitrary dir...
E S
CVE-2000-0238 Buffer overflow in the web server for Norton AntiVirus for Internet Email Gateways allows remote att...
E
CVE-2000-0239 Buffer overflow in the MERCUR WebView WebMail server allows remote attackers to cause a denial of se...
CVE-2000-0240 vqSoft vqServer program allows remote attackers to read arbitrary files via a /........../ in the UR...
E S
CVE-2000-0241 vqSoft vqServer stores sensitive information such as passwords in cleartext in the server.cfg file, ...
E
CVE-2000-0242 WindMail allows remote attackers to read arbitrary files or execute commands via shell metacharacter...
E S
CVE-2000-0243 AnalogX SimpleServer:WWW HTTP server 1.03 allows remote attackers to cause a denial of service via a...
E S
CVE-2000-0244 The Citrix ICA (Independent Computing Architecture) protocol uses weak encryption (XOR) for user aut...
E S
CVE-2000-0245 Vulnerability in SGI IRIX objectserver daemon allows remote attackers to create user accounts....
CVE-2000-0246 IIS 4.0 and 5.0 does not properly perform ISAPI extension processing if a virtual directory is mappe...
CVE-2000-0247 Unknown vulnerability in Generic-NQS (GNQS) allows local users to gain root privileges....
S
CVE-2000-0248 The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a b...
S
CVE-2000-0249 The AIX Fast Response Cache Accelerator (FRCA) allows local users to modify arbitrary files via the ...
CVE-2000-0250 The crypt function in QNX uses weak encryption, which allows local users to decrypt passwords....
E
CVE-2000-0251 HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes via an interface that has multi...
CVE-2000-0252 The dansie shopping cart application cart.pl allows remote attackers to execute commands via a shell...
E
CVE-2000-0253 The dansie shopping cart application cart.pl allows remote attackers to modify sensitive purchase in...
E
CVE-2000-0254 The dansie shopping cart application cart.pl allows remote attackers to obtain the shopping cart dat...
E
CVE-2000-0255 The Nbase-Xyplex EdgeBlaster router allows remote attackers to cause a denial of service via a scan ...
E
CVE-2000-0256 Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 98 Server Extensions allow a us...
E S
CVE-2000-0257 Buffer overflow in the NetWare remote web administration utility allows remote attackers to cause a ...
E S
CVE-2000-0258 IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a lar...
CVE-2000-0259 The default permissions for the Cryptography\Offload registry key used by the OffloadModExpo in Wind...
S
CVE-2000-0260 Buffer overflow in the dvwssr.dll DLL in Microsoft Visual Interdev 1.0 allows users to cause a denia...
CVE-2000-0261 The AVM KEN! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack....
CVE-2000-0262 The AVM KEN! ISDN Proxy server allows remote attackers to cause a denial of service via a malformed ...
CVE-2000-0263 The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a mal...
E
CVE-2000-0264 Panda Security 3.0 with registry editing disabled allows users to edit the registry and gain privile...
CVE-2000-0265 Panda Security 3.0 allows users to uninstall the Panda software via its Add/Remove Programs applet....
E S
CVE-2000-0266 Internet Explorer 5.01 allows remote attackers to bypass the cross frame security policy via a malic...
CVE-2000-0267 Cisco Catalyst 5.4.x allows a user to gain access to the "enable" mode without a password....
CVE-2000-0268 Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of service by sending the ENVIRON ...
S
CVE-2000-0269 Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, wh...
S
CVE-2000-0270 The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which a...
S
CVE-2000-0271 read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed...
S
CVE-2000-0272 RealNetworks RealServer allows remote attackers to cause a denial of service by sending malformed in...
E S
CVE-2000-0273 PCAnywhere allows remote attackers to cause a denial of service by terminating the connection before...
E
CVE-2000-0274 The Linux trustees kernel patch allows attackers to cause a denial of service by accessing a file or...
CVE-2000-0275 CRYPTOCard CryptoAdmin for PalmOS uses weak encryption to store a user's PIN number, which allows an...
E
CVE-2000-0276 BeOS 4.5 and 5.0 allow local users to cause a denial of service via malformed direct system calls us...
E
CVE-2000-0277 Microsoft Excel 97 and 2000 does not warn the user when executing Excel Macro Language (XLM) macros ...
CVE-2000-0278 The SalesLogix Eviewer allows remote attackers to cause a denial of service by accessing the URL for...
E
CVE-2000-0279 BeOS allows remote attackers to cause a denial of service via malformed packets whose length field i...
CVE-2000-0280 Buffer overflow in the RealNetworks RealPlayer client versions 6 and 7 allows remote attackers to ca...
E
CVE-2000-0281 Buffer overflow in the Napster client beta 5 allows remote attackers to cause a denial of service vi...
E
CVE-2000-0282 TalentSoft webpsvr daemon in the Web+ shopping cart application allows remote attackers to read arbi...
E S
CVE-2000-0283 The default installation of IRIX Performance Copilot allows remote attackers to access sensitive sys...
E S
CVE-2000-0284 Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to e...
CVE-2000-0285 Buffer overflow in XFree86 3.3.x allows local users to execute arbitrary commands via a long -xkbmap...
E
CVE-2000-0286 X fontserver xfs allows local users to cause a denial of service via malformed input to the server....
E
CVE-2000-0287 The BizDB CGI script bizdb-search.cgi allows remote attackers to execute arbitrary commands via shel...
E S
CVE-2000-0288 Infonautics getdoc.cgi allows remote attackers to bypass the payment phase for accessing documents v...
CVE-2000-0289 IP masquerading in Linux 2.2.x allows remote attackers to route UDP packets through the internal int...
E S
CVE-2000-0290 Buffer overflow in Webstar HTTP server allows remote attackers to cause a denial of service via a lo...
CVE-2000-0291 Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long...
E
CVE-2000-0292 The Adtran MX2800 M13 Multiplexer allows remote attackers to cause a denial of service via a ping fl...
CVE-2000-0293 aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrar...
CVE-2000-0294 Buffer overflow in healthd for FreeBSD allows local users to gain root privileges....
CVE-2000-0295 Buffer overflow in LCDproc allows remote attackers to gain root privileges via the screen_add comman...
E S
CVE-2000-0296 fcheck allows local users to gain privileges by embedding shell metacharacters into file names that ...
E S
CVE-2000-0297 Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via...
CVE-2000-0298 The unattended installation of Windows 2000 with the OEMPreinstall option sets insecure permissions ...
CVE-2000-0299 Buffer overflow in WebObjects.exe in the WebObjects Developer 4.5 package allows remote attackers to...
CVE-2000-0300 The default encryption method of PcAnywhere 9.x uses weak encryption, which allows remote attackers ...
E S
CVE-2000-0301 Ipswitch IMAIL server 6.02 and earlier allows remote attackers to cause a denial of service via the ...
S
CVE-2000-0302 Microsoft Index Server allows remote attackers to view the source code of ASP files by appending a %...
CVE-2000-0303 Quake3 Arena allows malicious server operators to read or modify files on a client via a dot dot (.....
S
CVE-2000-0304 Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to...
CVE-2000-0305 Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote att...
CVE-2000-0306 Buffer overflow in calserver in SCO OpenServer allows remote attackers to gain root access via a lon...
CVE-2000-0307 Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to...
S
CVE-2000-0308 Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server...
S
CVE-2000-0309 The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial o...
CVE-2000-0310 IP fragment assembly in OpenBSD 2.4 allows a remote attacker to cause a denial of service by sending...
CVE-2000-0311 The Windows 2000 domain controller allows a malicious user to modify Active Directory information by...
CVE-2000-0312 cron in OpenBSD 2.5 allows local users to gain root privileges via an argv[] that is not NULL termin...
S
CVE-2000-0313 Vulnerability in OpenBSD 2.6 allows a local user to change interface media configurations....
CVE-2000-0314 traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing ...
S
CVE-2000-0315 traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source ad...
S
CVE-2000-0316 Buffer overflow in Solaris 7 lp allows local users to gain root privileges via a long -d option....
CVE-2000-0317 Buffer overflow in Solaris 7 lpset allows local users to gain root privileges via a long -r option....
E S
CVE-2000-0318 Atrium Mercur Mail Server 3.2 allows local attackers to read other user's email and create arbitrary...
E
CVE-2000-0319 mail.local in Sendmail 8.10.x does not properly identify the .\n string which identifies the end of ...
S
CVE-2000-0320 Qpopper 2.53 and 3.0 does not properly identify the \n string which identifies the end of message te...
E S
CVE-2000-0321 Buffer overflow in IC Radius package allows a remote attacker to cause a denial of service via a lon...
CVE-2000-0322 The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execu...
E S
CVE-2000-0323 The Microsoft Jet database engine allows an attacker to modify text files via a database query, aka ...
CVE-2000-0324 pcAnywhere 8.x and 9.0 allows remote attackers to cause a denial of service via a TCP SYN scan, e.g....
E
CVE-2000-0325 The Microsoft Jet database engine allows an attacker to execute commands via a database query, aka t...
CVE-2000-0326 Meeting Maker uses weak encryption (a polyalphabetic substitution cipher) for passwords, which allow...
E
CVE-2000-0327 Microsoft Virtual Machine (VM) allows remote attackers to escape the Java sandbox and execute comman...
CVE-2000-0328 Windows NT 4.0 generates predictable random TCP initial sequence numbers (ISN), which allows remote ...
CVE-2000-0329 A Microsoft ActiveX control allows a remote attacker to execute a malicious cabinet file via an atta...
CVE-2000-0330 The networking software in Windows 95 and Windows 98 allows remote attackers to execute commands via...
CVE-2000-0331 Buffer overflow in Microsoft command processor (CMD.EXE) for Windows NT and Windows 2000 allows a lo...
S
CVE-2000-0332 UltraBoard.pl or UltraBoard.cgi CGI scripts in UltraBoard 1.6 allows remote attackers to read arbitr...
E
CVE-2000-0333 tcpdump, Ethereal, and other sniffer packages allow remote attackers to cause a denial of service vi...
E S
CVE-2000-0334 The Allaire Spectra container editor preview tool does not properly enforce object security, which a...
S
CVE-2000-0335 The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query r...
CVE-2000-0336 Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack....
S
CVE-2000-0337 Buffer overflow in Xsun X server in Solaris 7 allows local users to gain root privileges via a long ...
CVE-2000-0338 Concurrent Versions Software (CVS) uses predictable temporary file names for locking, which allows l...
E S
CVE-2000-0339 ZoneAlarm 2.1.10 and earlier does not filter UDP packets with a source port of 67, which allows remo...
CVE-2000-0340 Buffer overflow in Gnomelib in SuSE Linux 6.3 allows local users to execute arbitrary commands via t...
E S
CVE-2000-0341 ATRIUM Cassandra NNTP Server 1.10 allows remote attackers to cause a denial of service via a long lo...
E
CVE-2000-0342 Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .ex...
E
CVE-2000-0343 Buffer overflow in Sniffit 0.3.x with the -L logging option enabled allows remote attackers to execu...
E
CVE-2000-0344 The knfsd NFS server in Linux kernel 2.2.x allows remote attackers to cause a denial of service via ...
CVE-2000-0345 The on-line help system options in Cisco routers allows non-privileged users without "enabled" acces...
E S
CVE-2000-0346 AppleShare IP 6.1 and later allows a remote attacker to read potentially sensitive information via a...
CVE-2000-0347 Windows 95 and Windows 98 allow a remote attacker to cause a denial of service via a NetBIOS session...
CVE-2000-0348 A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 an...
S
CVE-2000-0349 Vulnerability in the passthru driver in SCO UnixWare 7.1.0 allows an attacker to cause a denial of s...
S
CVE-2000-0350 A debugging feature in NetworkICE ICEcap 2.0.23 and earlier is enabled, which allows a remote attack...
CVE-2000-0351 Some packaging commands in SCO UnixWare 7.1.0 have insecure privileges, which allows local users to ...
S
CVE-2000-0352 Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remot...
CVE-2000-0353 Pine 4.x allows a remote attacker to execute arbitrary commands via an index.html file which execute...
E S
CVE-2000-0354 mirror 2.8.x in Linux systems allows remote attackers to create files one level above the local targ...
CVE-2000-0355 pg and pb in SuSE pbpg 1.x package allows an attacker to read arbitrary files....
CVE-2000-0356 Pluggable Authentication Modules (PAM) in Red Hat Linux 6.1 does not properly lock access to disable...
CVE-2000-0357 ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local use...
CVE-2000-0358 ORBit and gnome-session in Red Hat Linux 6.1 allows remote attackers to crash a program....
CVE-2000-0359 Buffer overflow in Trivial HTTP (THTTPd) allows remote attackers to cause a denial of service or exe...
CVE-2000-0360 Buffer overflow in INN 2.2.1 and earlier allows remote attackers to cause a denial of service via a ...
E S
CVE-2000-0361 The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a .config file with world readable ...
CVE-2000-0362 Buffer overflows in Linux cdwtools 093 and earlier allows local users to gain root privileges....
CVE-2000-0363 Linux cdwtools 093 and earlier allows local users to gain root privileges via the /tmp directory....
CVE-2000-0364 screen and rxvt in Red Hat Linux 6.0 do not properly set the modes of tty devices, which allows loca...
CVE-2000-0365 Red Hat Linux 6.0 installs the /dev/pts file system with insecure modes, which allows local users to...
CVE-2000-0366 dump in Debian GNU/Linux 2.1 does not properly restore symlinks, which allows a local user to modify...
CVE-2000-0367 Vulnerability in eterm 0.8.8 in Debian GNU/Linux allows an attacker to gain root privileges....
CVE-2000-0368 Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions ...
S
CVE-2000-0369 The IDENT server in Caldera Linux 2.3 creates multiple threads for each IDENT request, which allows ...
CVE-2000-0370 The debug option in Caldera Linux smail allows remote attackers to execute commands via shell metach...
E S
CVE-2000-0371 The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via...
E S
CVE-2000-0372 Vulnerability in Caldera rmt command in the dump package 0.4b4 allows a local user to gain root priv...
S
CVE-2000-0373 Vulnerabilities in the KDE kvt terminal program allow local users to gain root privileges....
S
CVE-2000-0374 The default configuration of kdm in Caldera and Mandrake Linux, and possibly other distributions, al...
CVE-2000-0375 The kernel in FreeBSD 3.2 follows symbolic links when it creates core dump files, which allows local...
CVE-2000-0376 Buffer overflow in the HTTP proxy server for the i-drive Filo software allows remote attackers to ex...
CVE-2000-0377 The Remote Registry server in Windows NT 4.0 allows local authenticated users to cause a denial of s...
CVE-2000-0378 The pam_console PAM module in Linux systems performs a chown on various devices upon a user login, b...
CVE-2000-0379 The Netopia R9100 router does not prevent authenticated users from modifying SNMP tables, even if th...
CVE-2000-0380 The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attac...
CVE-2000-0381 The Gossamer Threads DBMan db.cgi CGI script allows remote attackers to view environmental variables...
CVE-2000-0382 ColdFusion ClusterCATS appends stale query string arguments to a URL during HTML redirection, which ...
S
CVE-2000-0383 The file transfer component of AOL Instant Messenger (AIM) reveals the physical path of the transfer...
CVE-2000-0384 NetStructure 7110 and 7180 have undocumented accounts (servnow, root, and wizard) whose passwords ar...
S
CVE-2000-0385 FileMaker Pro 5 Web Companion allows remote attackers to bypass Field-Level database security restri...
CVE-2000-0386 FileMaker Pro 5 Web Companion allows remote attackers to send anonymous or forged email....
CVE-2000-0387 The makelev program in the golddig game from the FreeBSD ports collection allows local users to over...
CVE-2000-0388 Buffer overflow in FreeBSD libmytinfo library allows local users to execute commands via a long TERM...
CVE-2000-0389 Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root priv...
CVE-2000-0390 Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root...
CVE-2000-0391 Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges....
CVE-2000-0392 Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges....
CVE-2000-0393 The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL e...
CVE-2000-0394 NetProwler 3.0 allows remote attackers to cause a denial of service by sending malformed IP packets ...
CVE-2000-0395 Buffer overflow in CProxy 3.3 allows remote users to cause a denial of service via a long HTTP reque...
CVE-2000-0396 The add.exe program in the Carello shopping cart software allows remote attackers to duplicate files...
CVE-2000-0397 The EMURL web-based email account software encodes predictable identifiers in user session URLs, whi...
CVE-2000-0398 Buffer overflow in wconsole.dll in Rockliffe MailSite Management Agent allows remote attackers to ex...
CVE-2000-0399 Buffer overflow in MDaemon POP server allows remote attackers to cause a denial of service via a lon...
CVE-2000-0400 The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does not restrict which file types...
CVE-2000-0401 Buffer overflows in redirect.exe and changepw.exe in PDGSoft shopping cart allow remote attackers to...
CVE-2000-0402 The Mixed Mode authentication capability in Microsoft SQL Server 7.0 stores the System Administrator...
CVE-2000-0403 The CIFS Computer Browser service on Windows NT 4.0 allows a remote attacker to cause a denial of se...
CVE-2000-0404 The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ...
CVE-2000-0405 Buffer overflow in L0pht AntiSniff allows remote attackers to execute arbitrary commands via a malfo...
E S
CVE-2000-0406 Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificat...
CVE-2000-0407 Buffer overflow in Solaris netpr program allows local users to execute arbitrary commands via a long...
CVE-2000-0408 IIS 4.05 and 5.0 allow remote attackers to cause a denial of service via a long, complex URL that ap...
CVE-2000-0409 Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local use...
CVE-2000-0410 ColdFusion Server 4.5.1 allows remote attackers to cause a denial of service by making repeated requ...
E S
CVE-2000-0411 Matt Wright's FormMail CGI script allows remote attackers to obtain environmental variables via the ...
CVE-2000-0412 The gnapster and knapster clients for Napster do not properly restrict access only to MP3 files, whi...
CVE-2000-0413 The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers...
CVE-2000-0414 Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows local users to gain privileg...
CVE-2000-0415 Buffer overflow in Outlook Express 4.x allows attackers to cause a denial of service via a mail or n...
S
CVE-2000-0416 NTMail 5.x allows network users to bypass the NTMail proxy restrictions by redirecting their request...
CVE-2000-0417 The HTTP administration interface to the Cayman 3220-H DSL router allows remote attackers to cause a...
CVE-2000-0418 The Cayman 3220-H DSL router allows remote attackers to cause a denial of service via oversized ICMP...
CVE-2000-0419 The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers ...
CVE-2000-0420 The default configuration of SYSKEY in Windows 2000 stores the startup key in the registry, which co...
CVE-2000-0421 The process_bug.cgi script in Bugzilla allows remote attackers to execute arbitrary commands via she...
CVE-2000-0422 Buffer overflow in Netwin DMailWeb CGI program allows remote attackers to execute arbitrary commands...
CVE-2000-0423 Buffer overflow in Netwin DNEWSWEB CGI program allows remote attackers to execute arbitrary commands...
CVE-2000-0424 The CGI counter 4.0.7 by George Burgyan allows remote attackers to execute arbitrary commands via sh...
CVE-2000-0425 Buffer overflow in the Web Archives component of L-Soft LISTSERV 1.8 allows remote attackers to exec...
CVE-2000-0426 UltraBoard 1.6 and other versions allow remote attackers to cause a denial of service by referencing...
CVE-2000-0427 The Aladdin Knowledge Systems eToken device allows attackers with physical access to the device to o...
CVE-2000-0428 Buffer overflow in the SMTP gateway for InterScan Virus Wall 3.32 and earlier allows a remote attack...
CVE-2000-0429 A backdoor password in Cart32 3.0 and earlier allows remote attackers to execute arbitrary commands....
CVE-2000-0430 Cart32 allows remote attackers to access sensitive debugging information by appending /expdate to th...
CVE-2000-0431 Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are u...
S
CVE-2000-0432 The calender.pl and the calendar_admin.pl calendar scripts by Matt Kruse allow remote attackers to e...
CVE-2000-0433 The SuSE aaa_base package installs some system accounts with home directories set to /tmp, which all...
CVE-2000-0434 The administrative password for the Allmanage web site administration software is stored in plaintex...
CVE-2000-0435 The allmanageup.pl file upload CGI script in the Allmanage Website administration software 2.6 can b...
CVE-2000-0436 MetaProducts Offline Explorer 1.2 and earlier allows remote attackers to access arbitrary files via ...
S
CVE-2000-0437 Buffer overflow in the CyberPatrol daemon "cyberdaemon" used in gauntlet and WebShield allows remote...
CVE-2000-0438 Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbi...
CVE-2000-0439 Internet Explorer 4.0 and 5.0 allows a malicious web site to obtain client cookies from another doma...
CVE-2000-0440 NetBSD 1.4.2 and earlier allows remote attackers to cause a denial of service by sending a packet wi...
CVE-2000-0441 Vulnerability in AIX 3.2.x and 4.x allows local users to gain write access to files on locally or re...
CVE-2000-0442 Qpopper 2.53 and earlier allows local users to gain privileges via a formatting string in the From: ...
CVE-2000-0443 The web interface server in HP Web JetAdmin 5.6 allows remote attackers to read arbitrary files via ...
CVE-2000-0444 HP Web JetAdmin 6.0 allows remote attackers to cause a denial of service via a malformed URL to port...
CVE-2000-0445 The pgpk command in PGP 5.x on Unix systems uses an insufficiently random data source for non-intera...
CVE-2000-0446 Buffer overflow in MDBMS database server allows remote attackers to execute arbitrary commands via a...
CVE-2000-0447 Buffer overflow in WebShield SMTP 4.5.44 allows remote attackers to execute arbitrary commands via a...
CVE-2000-0448 The WebShield SMTP Management Tool version 4.5.44 does not properly restrict access to the managemen...
CVE-2000-0449 Omnis Studio 2.4 uses weak encryption (trivial encoding) for encrypting database fields....
CVE-2000-0450 Vulnerability in bbd server in Big Brother System and Network Monitor allows an attacker to execute ...
CVE-2000-0451 The Intel express 8100 ISDN router allows remote attackers to cause a denial of service via oversize...
CVE-2000-0452 Buffer overflow in the ESMTP service of Lotus Domino Server 5.0.1 allows remote attackers to cause a...
CVE-2000-0453 XFree86 3.3.x and 4.0 allows a user to cause a denial of service via a negative counter value in a m...
CVE-2000-0454 Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter....
CVE-2000-0455 Buffer overflow in xlockmore xlock program version 4.16 and earlier allows local users to read sensi...
CVE-2000-0456 NetBSD 1.4.2 and earlier allows local users to cause a denial of service by repeatedly running certa...
CVE-2000-0457 ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and ...
CVE-2000-0458 The MSWordView application in IMP creates world-readable files in the /tmp directory, which allows o...
CVE-2000-0459 IMP does not remove files properly if the MSWordView application quits, which allows local users to ...
CVE-2000-0460 Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY envir...
E
CVE-2000-0461 The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local us...
CVE-2000-0462 ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the speci...
CVE-2000-0463 BeOS 5.0 allows remote attackers to cause a denial of service via fragmented TCP packets....
CVE-2000-0464 Internet Explorer 4.x and 5.x allows remote attackers to execute arbitrary commands via a buffer ove...
CVE-2000-0465 Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser windo...
CVE-2000-0466 AIX cdmount allows local users to gain root privileges via shell metacharacters....
E S
CVE-2000-0467 Buffer overflow in Linux splitvt 1.6.3 and earlier allows local users to gain root privileges via a ...
E S
CVE-2000-0468 man in HP-UX 10.20 and 11 allows local attackers to overwrite files via a symlink attack....
E S
CVE-2000-0469 Selena Sol WebBanner 4.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack....
CVE-2000-0470 Allegro RomPager HTTP server allows remote attackers to cause a denial of service via a malformed au...
CVE-2000-0471 Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges vi...
E S
CVE-2000-0472 Buffer overflow in innd 2.2.2 allows remote attackers to execute arbitrary commands via a cancel req...
CVE-2000-0473 Buffer overflow in AnalogX SimpleServer 1.05 allows a remote attacker to cause a denial of service v...
E S
CVE-2000-0474 Real Networks RealServer 7.x allows remote attackers to cause a denial of service via a malformed re...
E S
CVE-2000-0475 Windows 2000 allows a local user process to access another user's desktop within the same windows st...
E S
CVE-2000-0476 xterm, Eterm, and rxvt allow an attacker to cause a denial of service by embedding certain escape ch...
E S
CVE-2000-0477 Buffer overflow in Norton Antivirus for Exchange (NavExchange) allows remote attackers to cause a de...
E S
CVE-2000-0478 In some cases, Norton Antivirus for Exchange (NavExchange) enters a "fail-open" state which allows v...
E
CVE-2000-0479 Dragon FTP server allows remote attackers to cause a denial of service via a long USER command....
E
CVE-2000-0480 Dragon telnet server allows remote attackers to cause a denial of service via a long username....
E
CVE-2000-0481 Buffer overflow in KDE Kmail allows a remote attacker to cause a denial of service via an attachment...
S
CVE-2000-0482 Check Point Firewall-1 allows remote attackers to cause a denial of service by sending a large numbe...
E S
CVE-2000-0483 The DocumentTemplate package in Zope 2.2 and earlier allows a remote attacker to modify DTMLDocument...
S
CVE-2000-0484 Small HTTP Server ver 3.06 contains a memory corruption bug causing a memory overflow. The overflowe...
CVE-2000-0485 Microsoft SQL Server allows local users to obtain database passwords via the Data Transformation Ser...
CVE-2000-0486 Buffer overflow in Cisco TACACS+ tac_plus server allows remote attackers to cause a denial of servic...
S
CVE-2000-0487 The Protected Store in Windows 2000 does not properly select the strongest encryption when available...
E S
CVE-2000-0488 Buffer overflow in ITHouse mail server 1.04 allows remote attackers to execute arbitrary commands vi...
CVE-2000-0489 FreeBSD, NetBSD, and OpenBSD allow an attacker to cause a denial of service by creating a large numb...
CVE-2000-0490 Buffer overflow in the NetWin DSMTP 2.7q in the NetWin dmail package allows remote attackers to exec...
E S
CVE-2000-0491 Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to ...
S
CVE-2000-0492 PassWD 1.2 uses weak encryption (trivial encoding) to store passwords, which allows an attacker who ...
S
CVE-2000-0493 Buffer overflow in Simple Network Time Sync (SMTS) daemon allows remote attackers to cause a denial ...
E
CVE-2000-0494 Veritas Volume Manager creates a world writable .server_pids file, which allows local users to add a...
E S
CVE-2000-0495 Microsoft Windows Media Encoder allows remote attackers to cause a denial of service via a malformed...
CVE-2000-0497 IBM WebSphere server 3.0.2 allows a remote attacker to view source code of a JSP program by requesti...
S
CVE-2000-0498 Unify eWave ServletExec allows a remote attacker to view source code of a JSP program by requesting ...
CVE-2000-0499 The default configuration of BEA WebLogic 3.1.8 through 4.5.1 allows a remote attacker to view sourc...
E S
CVE-2000-0500 The default configuration of BEA WebLogic 5.1.0 allows a remote attacker to view source code of prog...
E S
CVE-2000-0501 Race condition in MDaemon 2.8.5.0 POP server allows local users to cause a denial of service by ente...
S
CVE-2000-0502 Mcafee VirusScan 4.03 does not properly restrict access to the alert text file before it is sent to ...
CVE-2000-0503 The IFRAME of the WebBrowser control in Internet Explorer 5.01 allows a remote attacker to violate t...
S
CVE-2000-0504 libICE in XFree86 allows remote attackers to cause a denial of service by specifying a large value w...
E S
CVE-2000-0505 The Apache 1.3.x HTTP server for Windows platforms allows remote attackers to list directory content...
E S
CVE-2000-0506 The "capabilities" feature in Linux before 2.2.16 allows local users to cause a denial of service or...
CVE-2000-0507 Imate Webmail Server 2.5 allows remote attackers to cause a denial of service via a long HELO comman...
CVE-2000-0508 rpc.lockd in Red Hat Linux 6.1 and 6.2 allows remote attackers to cause a denial of service via a ma...
E S
CVE-2000-0509 Buffer overflows in the finger and whois demonstration scripts in Sambar Server 4.3 allow remote att...
S
CVE-2000-0510 CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of ser...
S
CVE-2000-0511 CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of ser...
S
CVE-2000-0512 CUPS (Common Unix Printing System) 1.04 and earlier does not properly delete request files, which al...
S
CVE-2000-0513 CUPS (Common Unix Printing System) 1.04 and earlier allows remote attackers to cause a denial of ser...
S
CVE-2000-0514 GSSFTP FTP daemon in Kerberos 5 1.1.x does not properly restrict access to some FTP commands, which ...
S
CVE-2000-0515 The snmpd.conf configuration file for the SNMP daemon (snmpd) in HP-UX 11.0 is world writable, which...
CVE-2000-0516 When configured to store configuration information in an LDAP directory, Shiva Access Manager 5.0.0 ...
S
CVE-2000-0517 Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if th...
S
CVE-2000-0518 Internet Explorer 4.x and 5.x does not properly verify all contents of an SSL certificate if a conne...
S
CVE-2000-0519 Internet Explorer 4.x and 5.x does not properly re-validate an SSL certificate if the user establish...
S
CVE-2000-0520 Buffer overflow in restore program 0.4b17 and earlier in dump package allows local users to execute ...
E S
CVE-2000-0521 Savant web server allows remote attackers to read source code of CGI scripts via a GET request that ...
S
CVE-2000-0522 RSA ACE/Server allows remote attackers to cause a denial of service by flooding the server's authent...
S
CVE-2000-0523 Buffer overflow in the logging feature of EServ 2.9.2 and earlier allows an attacker to execute arbi...
CVE-2000-0524 Microsoft Outlook and Outlook Express allow remote attackers to cause a denial of service by sending...
CVE-2000-0525 OpenSSH does not properly drop privileges when the UseLogin option is enabled, which allows local us...
CVE-2000-0526 mailview.cgi CGI program in MailStudio 2000 2.0 and earlier allows remote attackers to read arbitrar...
CVE-2000-0527 userreg.cgi CGI program in MailStudio 2000 2.0 and earlier allows remote attackers to execute arbitr...
CVE-2000-0528 Net Tools PKI Server does not properly restrict access to remote attackers when the XUDA template fi...
S
CVE-2000-0529 Net Tools PKI Server allows remote attackers to cause a denial of service via a long HTTP request....
S
CVE-2000-0530 The KApplication class in the KDE 1.1.2 configuration file management capability allows local users ...
E S
CVE-2000-0531 Linux gpm program allows local users to cause a denial of service by flooding the /dev/gpmctl device...
E S
CVE-2000-0532 A FreeBSD patch for SSH on 2000-01-14 configures ssh to listen on port 722 as well as port 22, which...
E S
CVE-2000-0533 Vulnerability in cvconnect in SGI IRIX WorkShop allows local users to overwrite arbitrary files....
S
CVE-2000-0534 The apsfilter software in the FreeBSD ports package does not properly read user filter configuration...
S
CVE-2000-0535 OpenSSL 0.9.4 and OpenSSH for FreeBSD do not properly check for the existence of the /dev/random or ...
S
CVE-2000-0536 xinetd 2.1.8.x does not properly restrict connections if hostnames are used for access control and t...
E S
CVE-2000-0537 BRU backup software allows local users to append data to arbitrary files by specifying an alternate ...
S
CVE-2000-0538 ColdFusion Administrator for ColdFusion 4.5.1 and earlier allows remote attackers to cause a denial ...
S
CVE-2000-0539 Servlet examples in Allaire JRun 2.3.x allow remote attackers to obtain sensitive information, e.g. ...
S
CVE-2000-0540 JSP sample files in Allaire JRun 2.3.x allow remote attackers to access arbitrary files (e.g. via vi...
S
CVE-2000-0541 The Panda Antivirus console on port 2001 allows local users to execute arbitrary commands without au...
E S
CVE-2000-0542 Tigris remote access server before 11.5.4.22 does not properly record Radius accounting information ...
S
CVE-2000-0543 The command port for PGP Certificate Server 2.5.0 and 2.5.1 allows remote attackers to cause a denia...
E S
CVE-2000-0544 Windows NT and Windows 2000 hosts allow a remote attacker to cause a denial of service via malformed...
CVE-2000-0545 Buffer overflow in mailx mail command (aka Mail) on Linux systems allows local users to gain privile...
CVE-2000-0546 Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via t...
S
CVE-2000-0547 Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via t...
S
CVE-2000-0548 Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via t...
S
CVE-2000-0549 Kerberos 4 KDC program does not properly check for null termination of AUTH_MSG_KDC_REQUEST requests...
E S
CVE-2000-0550 Kerberos 4 KDC program improperly frees memory twice (aka "double-free"), which allows remote attack...
S
CVE-2000-0551 The file transfer mechanism in Danware NetOp 6.0 does not provide authentication, which allows remot...
S
CVE-2000-0552 ICQwebmail client for ICQ 2000A creates a world readable temporary file during login and does not de...
E S
CVE-2000-0553 Race condition in IPFilter firewall 3.4.3 and earlier, when configured with overlapping "return-rst"...
E S
CVE-2000-0554 Ceilidh allows remote attackers to obtain the real path of the Ceilidh directory via the translated_...
S
CVE-2000-0555 Ceilidh allows remote attackers to cause a denial of service via a large number of POST requests....
E S
CVE-2000-0556 Buffer overflow in the web interface for Cmail 2.4.7 allows remote attackers to cause a denial of se...
S
CVE-2000-0557 Buffer overflow in the web interface for Cmail 2.4.7 allows remote attackers to execute arbitrary co...
E S
CVE-2000-0558 Buffer overflow in HP Openview Network Node Manager 6.1 allows remote attackers to execute arbitrary...
CVE-2000-0559 eTrust Intrusion Detection System (formerly SessionWall-3) uses weak encryption (XOR) to store admin...
E S
CVE-2000-0561 Buffer overflow in WebBBS 1.15 allows remote attackers to execute arbitrary commands via a long HTTP...
E S
CVE-2000-0562 BlackIce Defender 2.1 and earlier, and BlackIce Pro 2.0.23 and earlier, do not properly block Back O...
E S
CVE-2000-0563 The URLConnection function in MacOS Runtime Java (MRJ) 2.1 and earlier and the Microsoft virtual mac...
E S
CVE-2000-0564 The guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, and others allows remote atta...
S
CVE-2000-0565 SmartFTP Daemon 0.2 allows a local user to access arbitrary files by uploading and specifying an alt...
E S
CVE-2000-0566 makewhatis in Linux man package allows local users to overwrite files via a symlink attack....
CVE-2000-0567 Buffer overflow in Microsoft Outlook and Outlook Express allows remote attackers to execute arbitrar...
CVE-2000-0568 Sybergen Secure Desktop 2.1 does not properly protect against false router advertisements (ICMP type...
CVE-2000-0569 Sybergen Sygate allows remote attackers to cause a denial of service by sending a malformed DNS UDP ...
S
CVE-2000-0570 FirstClass Internet Services server 5.770, and other versions before 6.1, allows remote attackers to...
E
CVE-2000-0571 LocalWEB HTTP server 1.2.0 allows remote attackers to cause a denial of service via a long GET reque...
CVE-2000-0572 The Razor configuration management tool uses weak encryption for its password file, which allows loc...
CVE-2000-0573 The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format strin...
S
CVE-2000-0574 FTP servers such as OpenBSD ftpd, NetBSD ftpd, ProFTPd and Opieftpd do not properly cleanse untruste...
S
CVE-2000-0575 SSH 1.2.27 with Kerberos authentication support stores Kerberos tickets in a file which is created i...
S
CVE-2000-0576 Oracle Web Listener for AIX versions 4.0.7.0.0 and 4.0.8.1.0 allows remote attackers to cause a deni...
E
CVE-2000-0577 Netscape Professional Services FTP Server 1.3.6 allows remote attackers to read arbitrary files via ...
CVE-2000-0578 SGI MIPSPro compilers C, C++, F77 and F90 generate temporary files in /tmp with predictable file nam...
E
CVE-2000-0579 IRIX crontab creates temporary files with predictable file names and with the umask of the user, whi...
E
CVE-2000-0580 Windows 2000 Server allows remote attackers to cause a denial of service by sending a continuous str...
E
CVE-2000-0581 Windows 2000 Telnet Server allows remote attackers to cause a denial of service by sending a continu...
CVE-2000-0582 Check Point FireWall-1 4.0 and 4.1 allows remote attackers to cause a denial of service by sending a...
CVE-2000-0583 vchkpw program in vpopmail before version 4.8 does not properly cleanse an untrusted format string u...
CVE-2000-0584 Buffer overflow in Canna input system allows remote attackers to execute arbitrary commands via an S...
CVE-2000-0585 ISC DHCP client program dhclient allows remote attackers to execute arbitrary commands via shell met...
S
CVE-2000-0586 Buffer overflow in Dalnet IRC server 4.6.5 allows remote attackers to cause a denial of service or e...
CVE-2000-0587 The privpath directive in glftpd 1.18 allows remote attackers to bypass access restrictions for dire...
CVE-2000-0588 SawMill 5.0.21 CGI program allows remote attackers to read the first line of arbitrary files by list...
E
CVE-2000-0589 SawMill 5.0.21 uses weak encryption to store passwords, which allows attackers to easily decrypt the...
S
CVE-2000-0590 Poll It 2.0 CGI script allows remote attackers to read arbitrary files by specifying the file name i...
S
CVE-2000-0591 Novell BorderManager 3.0 and 3.5 allows remote attackers to bypass URL filtering by encoding charact...
CVE-2000-0592 Buffer overflows in POP3 service in WinProxy 2.0 and 2.0.1 allow remote attackers to execute arbitra...
CVE-2000-0593 WinProxy 2.0 and 2.0.1 allows remote attackers to cause a denial of service by sending an HTTP GET r...
CVE-2000-0594 BitchX IRC client does not properly cleanse an untrusted format string, which allows remote attacker...
CVE-2000-0595 libedit searches for the .editrc file in the current directory instead of the user's home directory,...
E S
CVE-2000-0596 Internet Explorer 5.x does not warn a user before opening a Microsoft Access database file that is r...
CVE-2000-0597 Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are marked as safe for scripting, whi...
CVE-2000-0598 Fortech Proxy+ allows remote attackers to bypass access restrictions for to the administration servi...
S
CVE-2000-0599 Buffer overflow in iMesh 1.02 allows remote attackers to execute arbitrary commands via a long strin...
E S
CVE-2000-0600 Netscape Enterprise Server in NetWare 5.1 allows remote attackers to cause a denial of service or ex...
E S
CVE-2000-0601 LeafChat 1.7 IRC client allows a remote IRC server to cause a denial of service by rapidly sending a...
CVE-2000-0602 Secure Locate (slocate) in Red Hat Linux allows local users to gain privileges via a malformed confi...
CVE-2000-0603 Microsoft SQL Server 7.0 allows a local user to bypass permissions for stored procedures by referenc...
E S
CVE-2000-0604 gkermit in Red Hat Linux is improperly installed with setgid uucp, which allows local users to modif...
CVE-2000-0605 Blackboard CourseInfo 4.0 stores the local and SQL administrator user names and passwords in clearte...
CVE-2000-0606 Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to g...
CVE-2000-0607 Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to g...
CVE-2000-0608 NetWin dMailWeb and cwMail 2.6i and earlier allows remote attackers to cause a denial of service via...
E S
CVE-2000-0609 NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to cause a denial of service via...
CVE-2000-0610 NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to bypass authentication and use...
S
CVE-2000-0611 The default configuration of NetWin dMailWeb and cwMail trusts all POP servers, which allows attacke...
E S
CVE-2000-0612 Windows 95 and Windows 98 do not properly process spoofed ARP packets, which allows remote attackers...
CVE-2000-0613 Cisco Secure PIX Firewall does not properly identify forged TCP Reset (RST) packets, which allows re...
CVE-2000-0614 Tnef program in Linux systems allows remote attackers to overwrite arbitrary files via TNEF encoded ...
E S
CVE-2000-0615 LPRng 3.6.x improperly installs lpd as setuid root, which can allow local users to append lpd trace ...
E S
CVE-2000-0616 Vulnerability in HP TurboIMAGE DBUTIL allows local users to gain additional privileges via DBUTIL.PU...
E S
CVE-2000-0617 Buffer overflow in xconq and cconq game programs on Red Hat Linux allows local users to gain additio...
CVE-2000-0618 Buffer overflow in xconq and cconq game programs on Red Hat Linux allows local users to gain additio...
CVE-2000-0619 Top Layer AppSwitch 2500 allows remote attackers to cause a denial of service via malformed ICMP pac...
S
CVE-2000-0620 libX11 X library allows remote attackers to cause a denial of service via a resource mask of 0, whic...
E S
CVE-2000-0621 Microsoft Outlook 98 and 2000, and Outlook Express 4.0x and 5.0x, allow remote attackers to read fil...
S
CVE-2000-0622 Buffer overflow in Webfind CGI program in O'Reilly WebSite Professional web server 2.x allows remote...
CVE-2000-0623 Buffer overflow in O'Reilly WebSite Professional web server 2.4 and earlier allows remote attackers ...
E S
CVE-2000-0624 Buffer overflow in Winamp 2.64 and earlier allows remote attackers to execute arbitrary commands via...
E
CVE-2000-0625 NetZero 3.0 and earlier uses weak encryption for storing a user's login information, which allows a ...
E S
CVE-2000-0626 Buffer overflow in Alibaba web server allows remote attackers to cause a denial of service via a lon...
E
CVE-2000-0627 BlackBoard CourseInfo 4.0 does not properly authenticate users, which allows local users to modify C...
E S
CVE-2000-0628 The source.asp example script in the Apache ASP module Apache::ASP 1.93 and earlier allows remote at...
E S
CVE-2000-0629 The default configuration of the Sun Java web server 2.0 and earlier allows remote attackers to exec...
E S
CVE-2000-0630 IIS 4.0 and 5.0 allows remote attackers to obtain fragments of source code by appending a +.htr to t...
CVE-2000-0631 An administrative script from IIS 3.0, later included in IIS 4.0 and 5.0, allows remote attackers to...
S
CVE-2000-0632 Buffer overflow in the web archive component of L-Soft Listserv 1.8d and earlier allows remote attac...
CVE-2000-0633 Vulnerability in Mandrake Linux usermode package allows local users to to reboot or halt the system....
S
CVE-2000-0634 The web administration interface for CommuniGate Pro 3.2.5 and earlier allows remote attackers to re...
E S
CVE-2000-0635 The view_page.html sample page in the MiniVend shopping cart program allows remote attackers to exec...
S
CVE-2000-0636 HP JetDirect printers versions G.08.20 and H.08.20 and earlier allow remote attackers to cause a den...
E S
CVE-2000-0637 Microsoft Excel 97 and 2000 allows an attacker to execute arbitrary commands by specifying a malicio...
CVE-2000-0638 bb-hostsvc.sh in Big Brother 1.4h1 and earlier allows remote attackers to read arbitrary files via a...
CVE-2000-0639 The default configuration of Big Brother 1.4h2 and earlier does not include proper access restrictio...
E S
CVE-2000-0640 Guild FTPd allows remote attackers to determine the existence of files outside the FTP root via a .....
E S
CVE-2000-0641 Savant web server allows remote attackers to execute arbitrary commands via a long GET request....
E
CVE-2000-0642 The default configuration of WebActive HTTP Server 1.00 stores the web access log active.log in the ...
E
CVE-2000-0643 Buffer overflow in WebActive HTTP Server 1.00 allows remote attackers to cause a denial of service v...
E
CVE-2000-0644 WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by executing a STAT co...
E S
CVE-2000-0645 WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by using the RESTART (...
E S
CVE-2000-0646 WFTPD and WFTPD Pro 2.41 allows remote attackers to obtain the real pathname for a file by executing...
E S
CVE-2000-0647 WFTPD and WFTPD Pro 2.41 allows remote attackers to cause a denial of service by executing an MLST c...
E S
CVE-2000-0648 WFTPD and WFTPD Pro 2.41 allows local users to cause a denial of service by executing the RENAME TO ...
E S
CVE-2000-0649 IIS 4.0 allows remote attackers to obtain the internal IP address of the server via an HTTP 1.0 requ...
E S
CVE-2000-0650 The default installation of VirusScan 4.5 and NetShield 4.5 has insecure permissions for the registr...
S
CVE-2000-0651 The ClientTrust program in Novell BorderManager does not properly verify the origin of authenticatio...
E S
CVE-2000-0652 IBM WebSphere allows remote attackers to read source code for executable web files by directly calli...
E S
CVE-2000-0653 Microsoft Outlook Express allows remote attackers to monitor a user's email by creating a persistent...
S
CVE-2000-0654 Microsoft Enterprise Manager allows local users to obtain database passwords via the Data Transforma...
S
CVE-2000-0655 Netscape Communicator 4.73 and earlier allows remote attackers to cause a denial of service or execu...
E S
CVE-2000-0656 Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial o...
E S
CVE-2000-0657 Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial o...
E S
CVE-2000-0658 Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial o...
E S
CVE-2000-0659 Buffer overflow in AnalogX proxy server 4.04 and earlier allows remote attackers to cause a denial o...
E S
CVE-2000-0660 The WDaemon web server for WorldClient 2.1 allows remote attackers to read arbitrary files via a .. ...
E S
CVE-2000-0661 WircSrv IRC Server 5.07s allows remote attackers to cause a denial of service via a long string to t...
E
CVE-2000-0662 Internet Explorer 5.x and Microsoft Outlook allows remote attackers to read arbitrary files by redir...
CVE-2000-0663 The registry entry for the Windows Shell executable (Explorer.exe) in Windows NT and Windows 2000 us...
S
CVE-2000-0664 AnalogX SimpleServer:WWW 1.06 and earlier allows remote attackers to read arbitrary files via a modi...
E S
CVE-2000-0665 GAMSoft TelSrv telnet server 1.5 and earlier allows remote attackers to cause a denial of service vi...
E S
CVE-2000-0666 rpc.statd in the nfs-utils package in various Linux distributions does not properly cleanse untruste...
E S
CVE-2000-0667 Vulnerability in gpm in Caldera Linux allows local users to delete arbitrary files or conduct a deni...
E S
CVE-2000-0668 pam_console PAM module in Linux systems allows a user to access the system console and reboot the sy...
E S
CVE-2000-0669 Novell NetWare 5.0 allows remote attackers to cause a denial of service by flooding port 40193 with ...
E
CVE-2000-0670 The cvsweb CGI script in CVSWeb 1.80 allows remote attackers with write access to a CVS repository t...
E S
CVE-2000-0671 Roxen web server earlier than 2.0.69 allows allows remote attackers to bypass access restrictions, l...
E S
CVE-2000-0672 The default configuration of Jakarta Tomcat does not restrict access to the /admin context, which al...
E S
CVE-2000-0673 The NetBIOS Name Server (NBNS) protocol does not perform authentication, which allows remote attacke...
E S
CVE-2000-0674 ftp.pl CGI program for Virtual Visions FTP browser allows remote attackers to read directories outsi...
E S
CVE-2000-0675 Buffer overflow in Infopulse Gatekeeper 3.5 and earlier allows remote attackers to execute arbitrary...
E S
CVE-2000-0676 Netscape Communicator and Navigator 4.04 through 4.74 allows remote attackers to read arbitrary file...
E S
CVE-2000-0677 Buffer overflow in IBM Net.Data db2www CGI program allows remote attackers to execute arbitrary comm...
CVE-2000-0678 PGP 5.5.x through 6.5.3 does not properly check if an Additional Decryption Key (ADK) is stored in t...
S
CVE-2000-0679 The CVS 1.10.8 client trusts pathnames that are provided by the CVS server, which allows the server ...
E
CVE-2000-0680 The CVS 1.10.8 server does not properly restrict users from creating arbitrary Checkin.prog or Updat...
E S
CVE-2000-0681 Buffer overflow in BEA WebLogic server proxy plugin allows remote attackers to execute arbitrary com...
S
CVE-2000-0682 BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /Consol...
S
CVE-2000-0683 BEA WebLogic 5.1.x allows remote attackers to read source code for parsed pages by inserting /*.shtm...
S
CVE-2000-0684 BEA WebLogic 5.1.x does not properly restrict access to the JSPServlet, which could allow remote att...
E S
CVE-2000-0685 BEA WebLogic 5.1.x does not properly restrict access to the PageCompileServlet, which could allow re...
E S
CVE-2000-0686 Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. ...
E
CVE-2000-0687 Auction Weaver CGI script 1.03 and earlier allows remote attackers to read arbitrary files via a .. ...
E
CVE-2000-0688 Subscribe Me LITE does not properly authenticate attempts to change the administrator password, whic...
E S
CVE-2000-0689 Account Manager LITE does not properly authenticate attempts to change the administrator password, w...
E S
CVE-2000-0690 Auction Weaver CGI script 1.02 and earlier allows remote attackers to execute arbitrary commands via...
E
CVE-2000-0691 The faxrunq and faxrunqd in the mgetty package allows local users to create or modify arbitrary file...
E S
CVE-2000-0692 ISS RealSecure 3.2.1 and 3.2.2 allows remote attackers to cause a denial of service via a flood of f...
E S
CVE-2000-0693 pgxconfig in the Raptor GFX configuration tool uses a relative path name for a system call to the "c...
E S
CVE-2000-0694 pgxconfig in the Raptor GFX configuration tool allows local users to gain privileges via a symlink a...
E
CVE-2000-0695 Buffer overflows in pgxconfig in the Raptor GFX configuration tool allow local users to gain privile...
E
CVE-2000-0696 The administration interface for the dwhttpd web server in Solaris AnswerBook2 does not properly aut...
E S
CVE-2000-0697 The administration interface for the dwhttpd web server in Solaris AnswerBook2 allows interface user...
E S
CVE-2000-0698 Minicom 1.82.1 and earlier on some Linux systems allows local users to create arbitrary files owned ...
E
CVE-2000-0699 Format string vulnerability in ftpd in HP-UX 10.20 allows remote attackers to cause a denial of serv...
CVE-2000-0700 Cisco Gigabit Switch Routers (GSR) with Fast Ethernet / Gigabit Ethernet cards, from IOS versions 11...
S
CVE-2000-0701 The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format stri...
S
CVE-2000-0702 The net.init rc script in HP-UX 11.00 (S008net.init) allows local users to overwrite arbitrary files...
E S
CVE-2000-0703 suidperl (aka sperl) does not properly cleanse the escape sequence "~!" before calling /bin/mail to ...
E S
CVE-2000-0704 Buffer overflow in SGI Omron WorldView Wnn allows remote attackers to execute arbitrary commands via...
E
CVE-2000-0705 ntop running in web mode allows remote attackers to read arbitrary files via a .. (dot dot) attack....
E S
CVE-2000-0706 Buffer overflows in ntop running in web mode allows remote attackers to execute arbitrary commands....
CVE-2000-0707 PCCS MySQLDatabase Admin Tool Manager 1.2.4 and earlier installs the file dbconnect.inc within the w...
S
CVE-2000-0708 Buffer overflow in Pragma Systems TelnetServer 2000 version 4.0 allows remote attackers to cause a d...
E
CVE-2000-0709 The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to...
S
CVE-2000-0710 The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to...
S
CVE-2000-0711 Netscape Communicator does not properly prevent a ServerSocket object from being created by untruste...
E S
CVE-2000-0712 Linux Intrusion Detection System (LIDS) 0.9.7 allows local users to gain root privileges when LIDS i...
S
CVE-2000-0713 Buffer overflow in Adobe Acrobat 4.05, Reader, Business Tools, and Fill In products that handle PDF ...
S
CVE-2000-0714 umb-scheme 3.2-11 for Red Hat Linux is installed with world-writeable files....
S
CVE-2000-0715 DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to create or overwrite arbitra...
S
CVE-2000-0716 WorldClient email client in MDaemon 2.8 includes the session ID in the referer field of an HTTP requ...
S
CVE-2000-0717 GoodTech FTP server allows remote attackers to cause a denial of service via a large number of RNTO ...
CVE-2000-0718 A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp...
S
CVE-2000-0719 VariCAD 7.0 is installed with world-writeable files, which allows local users to replace the VariCAD...
S
CVE-2000-0720 news.cgi in GWScripts News Publisher does not properly authenticate requests to add an author to the...
E
CVE-2000-0721 The FSserial, FlagShip_c, and FlagShip_p programs in the FlagShip package are installed world-writea...
E S
CVE-2000-0722 Helix GNOME Updater helix-update 0.5 and earlier allows local users to install arbitrary RPM package...
S
CVE-2000-0723 Helix GNOME Updater helix-update 0.5 and earlier does not properly create /tmp directories, which al...
S
CVE-2000-0724 The go-gnome Helix GNOME pre-installer allows local users to overwrite arbitrary files via a symlink...
S
CVE-2000-0725 Zope before 2.2.1 does not properly restrict access to the getRoles method, which allows users who c...
S
CVE-2000-0726 CGIMail.exe CGI program in Stalkerlab Mailers 1.1.2 allows remote attackers to read arbitrary files ...
CVE-2000-0727 xpdf PDF viewer client earlier than 0.91 does not properly launch a web browser for embedded URL's, ...
S
CVE-2000-0728 xpdf PDF viewer client earlier than 0.91 allows local users to overwrite arbitrary files via a symli...
S
CVE-2000-0729 FreeBSD 5.x, 4.x, and 3.x allows local users to cause a denial of service by executing a program wit...
S
CVE-2000-0730 Vulnerability in newgrp command in HP-UX 11.0 allows local users to gain privileges....
S
CVE-2000-0731 Directory traversal vulnerability in Worm HTTP server allows remote attackers to read arbitrary file...
S
CVE-2000-0732 Worm HTTP server allows remote attackers to cause a denial of service via a long URL....
S
CVE-2000-0733 Telnetd telnet server in IRIX 5.2 through 6.1 does not properly cleans user-injected format strings,...
E S
CVE-2000-0734 eEye IRIS 1.01 beta allows remote attackers to cause a denial of service via a large number of UDP c...
E S
CVE-2000-0735 Buffer overflow in Becky! Internet Mail client 1.26.03 and earlier allows remote attackers to cause ...
S
CVE-2000-0736 Buffer overflow in Becky! Internet Mail client 1.26.04 and earlier allows remote attackers to cause ...
S
CVE-2000-0737 The Service Control Manager (SCM) in Windows 2000 creates predictable named pipes, which allows a lo...
E S
CVE-2000-0738 WebShield SMTP 4.5 allows remote attackers to cause a denial of service by sending e-mail with a Fro...
E S
CVE-2000-0739 Directory traversal vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFi...
E S
CVE-2000-0740 Buffer overflow in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 allows remote ...
E S
CVE-2000-0741 Format string vulnerability in strong.exe program in NAI Net Tools PKI server 1.0 before HotFix 3 al...
E S
CVE-2000-0742 The IPX protocol implementation in Microsoft Windows 95 and 98 allows remote attackers to cause a de...
S
CVE-2000-0743 Buffer overflow in University of Minnesota (UMN) gopherd 2.x allows remote attackers to execute arbi...
S
CVE-2000-0744 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2000-0743. Reason: This candidate...
R
CVE-2000-0745 admin.php3 in PHP-Nuke does not properly verify the PHP-Nuke administrator password, which allows re...
E S
CVE-2000-0746 Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attack...
S
CVE-2000-0747 The logrotate script for OpenLDAP before 1.2.11 in Conectiva Linux sends an improper signal to the k...
S
CVE-2000-0748 OpenLDAP 1.2.11 and earlier improperly installs the ud binary with group write permissions, which co...
S
CVE-2000-0749 Buffer overflow in the Linux binary compatibility module in FreeBSD 3.x through 5.x allows local use...
S
CVE-2000-0750 Buffer overflow in mopd (Maintenance Operations Protocol loader daemon) allows remote attackers to e...
S
CVE-2000-0751 mopd (Maintenance Operations Protocol loader daemon) does not properly cleanse user-injected format ...
S
CVE-2000-0752 Buffer overflows in brouted in FreeBSD and possibly other OSes allows local users to gain root privi...
S
CVE-2000-0753 The Microsoft Outlook mail client identifies the physical path of the sender's machine within a winm...
S
CVE-2000-0754 Vulnerability in HP OpenView Network Node Manager (NMM) version 6.1 related to passwords....
S
CVE-2000-0755 Vulnerability in the newgrp command in HP-UX 11.00 allows local users to gain privileges....
S
CVE-2000-0756 Microsoft Outlook 2000 does not properly process long or malformed fields in vCard (.vcf) files, whi...
CVE-2000-0757 The sysgen service in Aptis Totalbill does not perform authentication, which allows remote attackers...
E
CVE-2000-0758 The web interface for Lyris List Manager 3 and 4 allows list subscribers to obtain administrative ac...
S
CVE-2000-0759 Jakarta Tomcat 3.1 under Apache reveals physical path information when a remote attacker requests a ...
E
CVE-2000-0760 The Snoop servlet in Jakarta Tomcat 3.1 and 3.0 under Apache reveals sensitive system information wh...
E
CVE-2000-0761 OS2/Warp 4.5 FTP server allows remote attackers to cause a denial of service via a long username....
S
CVE-2000-0762 The default installation of eTrust Access Control (formerly SeOS) uses a default encryption key, whi...
S
CVE-2000-0763 xlockmore and xlockf do not properly cleanse user-injected format strings, which allows local users ...
E S
CVE-2000-0764 Intel Express 500 series switches allow a remote attacker to cause a denial of service via a malform...
CVE-2000-0765 Buffer overflow in the HTML interpreter in Microsoft Office 2000 allows an attacker to execute arbit...
S
CVE-2000-0766 Buffer overflow in vqSoft vqServer 1.4.49 allows remote attackers to cause a denial of service or po...
E S
CVE-2000-0767 The ActiveX control for invoking a scriptlet in Internet Explorer 4.x and 5.x renders arbitrary file...
S
CVE-2000-0768 A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a ...
S
CVE-2000-0769 O'Reilly WebSite Pro 2.3.7 installs the uploader.exe program with execute permissions for all users,...
S
CVE-2000-0770 IIS 4.0 and 5.0 does not properly restrict access to certain types of files when their parent folder...
S
CVE-2000-0771 Microsoft Windows 2000 allows local users to cause a denial of service by corrupting the local secur...
S
CVE-2000-0772 The installation of Tumbleweed Messaging Management System (MMS) 4.6 and earlier (formerly Worldtalk...
S
CVE-2000-0773 Bajie HTTP web server 0.30a allows remote attackers to read arbitrary files via a URL that contains ...
CVE-2000-0774 The sample Java servlet "test" in Bajie HTTP web server 0.30a reveals the real pathname of the web d...
S
CVE-2000-0775 Buffer overflow in RobTex Viking server earlier than 1.06-370 allows remote attackers to cause a den...
E S
CVE-2000-0776 Mediahouse Statistics Server 5.02x allows remote attackers to execute arbitrary commands via a long ...
E S
CVE-2000-0777 The password protection feature of Microsoft Money can store the password in plaintext, which allows...
CVE-2000-0778 IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP G...
CVE-2000-0779 Checkpoint Firewall-1 with the RSH/REXEC setting enabled allows remote attackers to bypass access re...
S
CVE-2000-0780 The web server in IPSWITCH IMail 6.04 and earlier allows remote attackers to read and delete arbitra...
CVE-2000-0781 uagentsetup in ARCServeIT Client Agent 6.62 does not properly check for the existence or ownership o...
CVE-2000-0782 netauth.cgi program in Netwin Netauth 4.2e and earlier allows remote attackers to read arbitrary fil...
E S
CVE-2000-0783 Watchguard Firebox II allows remote attackers to cause a denial of service by sending a malformed UR...
S
CVE-2000-0784 sshd program in the Rapidstream 2.1 Beta VPN appliance has a hard-coded "rsadmin" account with a nul...
S
CVE-2000-0785 WircSrv IRC Server 5.07s allows IRC operators to read arbitrary files via the importmotd command, wh...
CVE-2000-0786 GNU userv 1.0.0 and earlier does not properly perform file descriptor swapping, which can corrupt th...
CVE-2000-0787 IRC Xchat client versions 1.4.2 and earlier allows remote attackers to execute arbitrary commands by...
CVE-2000-0788 The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) s...
E
CVE-2000-0789 WinU 5.x and earlier uses weak encryption to store its configuration password, which allows local us...
CVE-2000-0790 The web-based folder display capability in Microsoft Internet Explorer 5.5 on Windows 98 allows loca...
CVE-2000-0791 Trustix installs the httpsd program for Apache-SSL with world-writeable permissions, which allows lo...
S
CVE-2000-0792 Gnome Lokkit firewall package before 0.41 does not properly restrict access to some ports, even if a...
S
CVE-2000-0793 Norton AntiVirus 5.00.01C with the Novell Netware client does not properly restart the auto-protecti...
CVE-2000-0794 Buffer overflow in IRIX libgl.so library allows local users to gain root privileges via a long HOME ...
CVE-2000-0795 Buffer overflow in lpstat in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long ...
CVE-2000-0796 Buffer overflow in dmplay in IRIX 6.2 and 6.3 allows local users to gain root privileges via a long ...
CVE-2000-0797 Buffer overflow in gr_osview in IRIX 6.2 and 6.3 allows local users to gain privileges via a long -D...
CVE-2000-0798 The truncate function in IRIX 6.x does not properly check for privileges when the file is in the xfs...
CVE-2000-0799 inpview in InPerson in SGI IRIX 5.3 through IRIX 6.5.10 allows local users to gain privileges via a ...
CVE-2000-0800 String parsing error in rpc.kstatd in the linuxnfs or knfsd packages in SuSE and possibly other Linu...
CVE-2000-0801 Buffer overflow in bdf program in HP-UX 11.00 may allow local users to gain root privileges via a lo...
CVE-2000-0802 The BAIR program does not properly restrict access to the Internet Explorer Internet options menu, w...
CVE-2000-0803 GNU Groff uses the current working directory to find a device description file, which allows a local...
CVE-2000-0804 Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass the directionality ch...
CVE-2000-0805 Check Point VPN-1/FireWall-1 4.1 and earlier improperly retransmits encapsulated FWS packets, even i...
CVE-2000-0806 The inter-module authentication mechanism (fwa1) in Check Point VPN-1/FireWall-1 4.1 and earlier may...
CVE-2000-0807 The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and ear...
CVE-2000-0808 The seed generation mechanism in the inter-module S/Key authentication mechanism in Check Point VPN-...
CVE-2000-0809 Buffer overflow in Getkey in the protocol checker in the inter-module communication mechanism in Che...
CVE-2000-0810 Auction Weaver 1.0 through 1.04 does not properly validate the names of form fields, which allows re...
CVE-2000-0811 Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitrary files via a .. (dot dot) a...
CVE-2000-0812 The administration module in Sun Java web server allows remote attackers to execute arbitrary comman...
E S
CVE-2000-0813 Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to redirect FTP connections to ...
CVE-2000-0816 Linux tmpwatch --fuser option allows local users to execute arbitrary commands by creating files who...
CVE-2000-0817 Buffer overflow in the HTTP protocol parser for Microsoft Network Monitor (Netmon) allows remote att...
CVE-2000-0818 The default installation for the Oracle listener program 7.3.4, 8.0.6, and 8.1.6 allows an attacker ...
S
CVE-2000-0824 The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variab...
E S
CVE-2000-0825 Ipswitch Imail 6.0 allows remote attackers to cause a denial of service via a large number of connec...
E
CVE-2000-0826 Buffer overflow in ddicgi.exe program in Mobius DocumentDirect for the Internet 1.2 allows remote at...
E S
CVE-2000-0827 Buffer overflow in the web authorization form of Mobius DocumentDirect for the Internet 1.2 allows r...
E S
CVE-2000-0828 Buffer overflow in ddicgi.exe in Mobius DocumentDirect for the Internet 1.2 allows remote attackers ...
E S
CVE-2000-0829 The tmpwatch utility in Red Hat Linux forks a new process for each directory level, which allows loc...
E S
CVE-2000-0830 annclist.exe in webTV for Windows allows remote attackers to cause a denial of service by via a larg...
E S
CVE-2000-0831 Buffer overflow in Fastream FTP++ 2.0 allows remote attackers to cause a denial of service and possi...
S
CVE-2000-0832 Htgrep CGI program allows remote attackers to read arbitrary files by specifying the full pathname i...
E
CVE-2000-0833 Buffer overflow in WinSMTP 1.06f and 2.X allows remote attackers to cause a denial of service via a ...
E
CVE-2000-0834 The Windows 2000 telnet client attempts to perform NTLM authentication by default, which allows remo...
E S
CVE-2000-0835 search.dll Sambar ISAPI Search utility in Sambar Server 4.4 Beta 3 allows remote attackers to read a...
E S
CVE-2000-0836 Buffer overflow in CamShot WebCam Trial2.6 allows remote attackers to execute arbitrary commands via...
E
CVE-2000-0837 FTP Serv-U 2.5e allows remote attackers to cause a denial of service by sending a large number of nu...
E
CVE-2000-0838 Fastream FUR HTTP server 1.0b allows remote attackers to cause a denial of service via a long GET re...
CVE-2000-0839 WinCOM LPD 1.00.90 allows remote attackers to cause a denial of service via a large number of LPD op...
CVE-2000-0840 Buffer overflow in XMail POP3 server before version 0.59 allows remote attackers to execute arbitrar...
S
CVE-2000-0841 Buffer overflow in XMail POP3 server before version 0.59 allows remote attackers to execute arbitrar...
S
CVE-2000-0842 The search97cgi/vtopic" in the UnixWare 7 scohelphttp webserver allows remote attackers to read arbi...
CVE-2000-0843 Buffer overflow in pam_smb and pam_ntdom pluggable authentication modules (PAM) allow remote attacke...
S
CVE-2000-0844 Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected fo...
E S
CVE-2000-0845 kdebug daemon (kdebugd) in Digital Unix 4.0F allows remote attackers to read arbitrary files by spec...
S
CVE-2000-0846 Buffer overflow in Darxite 0.4 and earlier allows a remote attacker to execute arbitrary commands vi...
E
CVE-2000-0847 Buffer overflow in University of Washington c-client library (used by pine and other programs) allow...
CVE-2000-0848 Buffer overflow in IBM WebSphere web application server (WAS) allows remote attackers to execute arb...
E S
CVE-2000-0849 Race condition in Microsoft Windows Media server allows remote attackers to cause a denial of servic...
S
CVE-2000-0850 Netegrity SiteMinder before 4.11 allows remote attackers to bypass its authentication mechanism by a...
S
CVE-2000-0851 Buffer overflow in the Still Image Service in Windows 2000 allows local users to gain additional pri...
E S
CVE-2000-0852 Multiple buffer overflows in eject on FreeBSD and possibly other OSes allows local users to gain roo...
S
CVE-2000-0853 YaBB Bulletin Board 9.1.2000 allows remote attackers to read arbitrary files via a .. (dot dot) atta...
E S
CVE-2000-0854 When a Microsoft Office 2000 document is launched, the directory of that document is first used to l...
E S
CVE-2000-0855 SunFTP build 9(1) allows remote attackers to cause a denial of service by connecting to the server a...
E
CVE-2000-0856 Buffer overflow in SunFTP build 9(1) allows remote attackers to cause a denial of service or possibl...
CVE-2000-0857 The logging capability in muh 2.05d IRC server does not properly cleanse user-injected format string...
E S
CVE-2000-0858 Vulnerability in Microsoft Windows NT 4.0 allows remote attackers to cause a denial of service in II...
S
CVE-2000-0859 The web configuration server for NTMail V5 and V6 allows remote attackers to cause a denial of servi...
S
CVE-2000-0860 The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files b...
E
CVE-2000-0861 Mailman 1.1 allows list administrators to execute arbitrary commands via shell metacharacters in the...
E S
CVE-2000-0862 Vulnerability in an administrative interface utility for Allaire Spectra 1.0.1 allows remote attacke...
CVE-2000-0863 Buffer overflow in listmanager earlier than 2.105.1 allows local users to gain additional privileges...
S
CVE-2000-0864 Race condition in the creation of a Unix domain socket in GNOME esound 0.2.19 and earlier allows a l...
E S
CVE-2000-0865 Buffer overflow in dvtermtype in Tridia Double Vision 3.07.00 allows local users to gain root privil...
E S
CVE-2000-0866 Interbase 6 SuperServer for Linux allows an attacker to cause a denial of service via a query contai...
CVE-2000-0867 Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which...
CVE-2000-0868 The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source ...
S
CVE-2000-0869 The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote att...
E S
CVE-2000-0870 Buffer overflow in EFTP allows remote attackers to cause a denial of service via a long string....
CVE-2000-0871 Buffer overflow in EFTP allows remote attackers to cause a denial of service by sending a string tha...
E
CVE-2000-0872 explorer.php in PhotoAlbum 0.9.9 allows remote attackers to read arbitrary files via a .. (dot dot) ...
E
CVE-2000-0873 netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users t...
CVE-2000-0874 Eudora mail client includes the absolute path of the sender's host within a virtual card (VCF)....
CVE-2000-0875 WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to cause a denial of service by sending a long...
CVE-2000-0876 WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to obtain the full pathname of the server via...
CVE-2000-0877 mailform.pl CGI script in MailForm 2.0 allows remote attackers to read arbitrary files by specifying...
CVE-2000-0878 The mailto CGI script allows remote attacker to execute arbitrary commands via shell metacharacters ...
S
CVE-2000-0879 LPPlus programs dccsched, dcclpdser, dccbkst, dccshut, dcclpdshut, and dccbkstshut are installed set...
E
CVE-2000-0880 LPPlus creates the lpdprocess file with world-writeable permissions, which allows local users to kil...
E
CVE-2000-0881 The dccscan setuid program in LPPlus does not properly check if the user has the permissions to prin...
E
CVE-2000-0882 Intel Express 500 series switches allow a remote attacker to cause a denial of service via a malform...
S
CVE-2000-0883 The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets...
E S
CVE-2000-0884 IIS 4.0 and 5.0 allows remote attackers to read documents outside of the web root, and possibly exec...
CVE-2000-0885 Buffer overflows in Microsoft Network Monitor (Netmon) allow remote attackers to execute arbitrary c...
CVE-2000-0886 IIS 5.0 allows remote attackers to execute arbitrary commands via a malformed request for an executa...
CVE-2000-0887 named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a ...
E S
CVE-2000-0888 named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by sending a...
CVE-2000-0889 Two Sun security certificates have been compromised, which could allow attackers to insert malicious...
S
CVE-2000-0890 periodic in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows local users to o...
S
CVE-2000-0891 A default ECL in Lotus Notes before 5.02 allows remote attackers to execute arbitrary commands by at...
E S
CVE-2000-0892 Some telnet clients allow remote telnet servers to request environment variables from the client tha...
E S
CVE-2000-0893 The presence of the Distributed GL Daemon (dgld) service on port 5232 on SGI IRIX systems allows rem...
S
CVE-2000-0894 HTTP server on the WatchGuard SOHO firewall does not properly restrict access to administrative func...
E S
CVE-2000-0895 Buffer overflow in HTTP server on the WatchGuard SOHO firewall allows remote attackers to cause a de...
E S
CVE-2000-0896 WatchGuard SOHO firewall allows remote attackers to cause a denial of service via a flood of fragmen...
E S
CVE-2000-0897 Small HTTP Server 2.03 and earlier allows remote attackers to cause a denial of service by repeatedl...
E S
CVE-2000-0898 Small HTTP Server 2.01 does not properly process Server Side Includes (SSI) tags that contain null v...
CVE-2000-0899 Small HTTP Server 2.01 allows remote attackers to cause a denial of service by connecting to the ser...
S
CVE-2000-0900 Directory traversal vulnerability in ssi CGI program in thttpd 2.19 and earlier allows remote attack...
E
CVE-2000-0901 Format string vulnerability in screen 3.9.5 and earlier allows local users to gain root privileges v...
E S
CVE-2000-0902 getalbum.php in PhotoAlbum before 0.9.9 allows remote attackers to read arbitrary files via a .. (do...
CVE-2000-0903 Directory traversal vulnerability in Voyager web server 2.01B in the demo disks for QNX 405 allows r...
E
CVE-2000-0904 Voyager web server 2.01B in the demo disks for QNX 405 stores sensitive web client information in th...
E
CVE-2000-0905 QNX Embedded Resource Manager in Voyager web server 2.01B in the demo disks for QNX 405 allows remot...
E
CVE-2000-0906 Directory traversal vulnerability in Moreover.com cached_feed.cgi script version 4.July.00 allows re...
E S
CVE-2000-0907 EServ 2.92 Build 2982 allows remote attackers to cause a denial of service and possibly execute arbi...
E S
CVE-2000-0908 BrowseGate 2.80 allows remote attackers to cause a denial of service and possibly execute arbitrary ...
S
CVE-2000-0909 Buffer overflow in the automatic mail checking component of Pine 4.21 and earlier allows remote atta...
E S
CVE-2000-0910 Horde library 1.02 allows attackers to execute arbitrary commands via shell metacharacters in the "f...
S
CVE-2000-0911 IMP 2.2 and earlier allows attackers to read and delete arbitrary files by modifying the attachment_...
S
CVE-2000-0912 MultiHTML CGI script allows remote attackers to read arbitrary files and possibly execute arbitrary ...
CVE-2000-0913 mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to read arbitrary files if a Rewrit...
S
CVE-2000-0914 OpenBSD 2.6 and earlier allows remote attackers to cause a denial of service by flooding the server ...
E S
CVE-2000-0915 fingerd in FreeBSD 4.1.1 allows remote attackers to read arbitrary files by specifying the target fi...
S
CVE-2000-0916 FreeBSD 4.1.1 and earlier, and possibly other BSD-based OSes, uses an insufficient random number gen...
S
CVE-2000-0917 Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to exec...
E S
CVE-2000-0918 Format string vulnerability in kvt in KDE 1.1.2 may allow local users to execute arbitrary commands ...
S
CVE-2000-0919 Directory traversal vulnerability in PHPix Photo Album 1.0.2 and earlier allows remote attackers to ...
E
CVE-2000-0920 Directory traversal vulnerability in BOA web server 0.94.8.2 and earlier allows remote attackers to ...
E S
CVE-2000-0921 Directory traversal vulnerability in Hassan Consulting shop.cgi shopping cart program allows remote ...
E S
CVE-2000-0922 Directory traversal vulnerability in Bytes Interactive Web Shopper shopping cart program (shopper.cg...
S
CVE-2000-0923 authenticate.cgi CGI program in Aplio PRO allows remote attackers to execute arbitrary commands via ...
E
CVE-2000-0924 Directory traversal vulnerability in search.cgi CGI script in Armada Master Index allows remote atta...
E
CVE-2000-0925 The default installation of SmartWin CyberOffice Shopping Cart 2 (aka CyberShop) installs the _priva...
E S
CVE-2000-0926 SmartWin CyberOffice Shopping Cart 2 (aka CyberShop) allows remote attackers to modify price informa...
E S
CVE-2000-0927 WQuinn QuotaAdvisor 4.1 does not properly record file sizes if they are stored in alternative data s...
E
CVE-2000-0928 WQuinn QuotaAdvisor 4.1 allows users to list directories and files by running a report on the target...
CVE-2000-0929 Microsoft Windows Media Player 7 allows attackers to cause a denial of service in RTF-enabled email ...
E S
CVE-2000-0930 Pegasus Mail 3.12 allows remote attackers to read arbitrary files via an embedded URL that calls the...
E S
CVE-2000-0931 Buffer overflow in Pegasus Mail 3.11 allows remote attackers to cause a denial of service and possib...
CVE-2000-0932 MAILsweeper for SMTP 3.x does not properly handle corrupt CDA documents in a ZIP file and hangs, whi...
CVE-2000-0933 The Input Method Editor (IME) in the Simplified Chinese version of Windows 2000 does not disable acc...
E S
CVE-2000-0934 Glint in Red Hat Linux 5.2 allows local users to overwrite arbitrary files and cause a denial of ser...
S
CVE-2000-0935 Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users to overwrite arbitrary files ...
E S
CVE-2000-0936 Samba Web Administration Tool (SWAT) in Samba 2.0.7 installs the cgi.log logging file with world rea...
E S
CVE-2000-0937 Samba Web Administration Tool (SWAT) in Samba 2.0.7 does not log login attempts in which the usernam...
E S
CVE-2000-0938 Samba Web Administration Tool (SWAT) in Samba 2.0.7 supplies a different error message when a valid ...
E S
CVE-2000-0939 Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows remote attackers to cause a denial of ser...
E S
CVE-2000-0940 Directory traversal vulnerability in Metertek pagelog.cgi allows remote attackers to read arbitrary ...
E
CVE-2000-0941 Kootenay Web KW Whois 1.0 CGI program allows remote attackers to execute arbitrary commands via shel...
E S
CVE-2000-0942 The CiWebHitsFile component in Microsoft Indexing Services for Windows 2000 allows remote attackers ...
E S
CVE-2000-0943 Buffer overflow in bftp daemon (bftpd) 1.0.11 allows remote attackers to cause a denial of service a...
E S
CVE-2000-0944 CGI Script Center News Update 1.1 does not properly validate the original news administration passwo...
E
CVE-2000-0945 The web configuration interface for Catalyst 3500 XL switches allows remote attackers to execute arb...
S
CVE-2000-0946 Compaq Easy Access Keyboard software 1.3 does not properly disable access to custom buttons when the...
S
CVE-2000-0947 Format string vulnerability in cfd daemon in GNU CFEngine before 1.6.0a11 allows attackers to execut...
S
CVE-2000-0948 GnoRPM before 0.95 allows local users to modify arbitrary files via a symlink attack....
S
CVE-2000-0949 Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier allows a local user to execut...
E S
CVE-2000-0950 Format string vulnerability in x-gw in TIS Firewall Toolkit (FWTK) allows local users to execute arb...
S
CVE-2000-0951 A misconfiguration in IIS 5.0 with Index Server enabled and the Index property set allows remote att...
E S
CVE-2000-0952 global.cgi CGI program in Global 3.55 and earlier on NetBSD allows remote attackers to execute arbit...
S
CVE-2000-0953 Shambala Server 4.5 allows remote attackers to cause a denial of service by opening then closing a c...
E
CVE-2000-0954 Shambala Server 4.5 stores passwords in plaintext, which could allow local users to obtain the passw...
E
CVE-2000-0955 Cisco Virtual Central Office 4000 (VCO/4K) uses weak encryption to store usernames and passwords in ...
E S
CVE-2000-0956 cyrus-sasl before 1.5.24 in Red Hat Linux 7.0 does not properly verify the authorization for a local...
S
CVE-2000-0957 The pluggable authentication module for mysql (pam_mysql) before 0.4.7 does not properly cleanse use...
S
CVE-2000-0958 HotJava Browser 3.0 allows remote attackers to access the DOM of a web page by opening a javascript:...
E S
CVE-2000-0959 glibc2 does not properly clear the LD_DEBUG_OUTPUT and LD_DEBUG environmental variables when a progr...
CVE-2000-0960 The POP3 server in Netscape Messaging Server 4.15p1 generates different error messages for incorrect...
E
CVE-2000-0961 Buffer overflow in IMAP server in Netscape Messaging Server 4.15 Patch 2 allows local users to execu...
CVE-2000-0962 The IPSEC implementation in OpenBSD 2.7 does not properly handle empty AH/ESP packets, which allows ...
E S
CVE-2000-0963 Buffer overflow in ncurses library allows local users to execute arbitrary commands via long environ...
E S
CVE-2000-0964 Buffer overflow in the web administration service for the HiNet LP5100 IP-phone allows remote attack...
CVE-2000-0965 The NSAPI plugins for TGA and the Java Servlet proxy in HP-UX VVOS 10.24 and 11.04 allows an attacke...
S
CVE-2000-0966 Buffer overflows in lpspooler in the fileset PrinterMgmt.LP-SPOOL of HP-UX 11.0 and earlier allows l...
S
CVE-2000-0967 PHP 3 and 4 do not properly cleanse user-injected format strings, which allows remote attackers to e...
E S
CVE-2000-0968 Buffer overflow in Half Life dedicated server before build 3104 allows remote attackers to execute a...
S
CVE-2000-0969 Format string vulnerability in Half Life dedicated server build 3104 and earlier allows remote attac...
CVE-2000-0970 IIS 4.0 and 5.0 .ASP pages send the same Session ID cookie for secure and insecure web sessions, whi...
CVE-2000-0971 Avirt Mail 4.0 and 4.2 allows remote attackers to cause a denial of service and possibly execute arb...
E
CVE-2000-0972 HP-UX 11.00 crontab allows local users to read arbitrary files via the -e option by creating a symli...
E
CVE-2000-0973 Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier than 6.0-1.2, allows remote attac...
E S
CVE-2000-0974 GnuPG (gpg) 1.0.3 does not properly check all signatures of a file containing multiple documents, wh...
E S
CVE-2000-0975 Directory traversal vulnerability in apexec.pl in Anaconda Foundation Directory allows remote attack...
CVE-2000-0976 Buffer overflow in xlib in XFree 3.3.x possibly allows local users to execute arbitrary commands via...
E
CVE-2000-0977 mailfile.cgi CGI program in MailFile 1.10 allows remote attackers to read arbitrary files by specify...
E
CVE-2000-0978 bbd server in Big Brother System and Network Monitor before 1.5c2 allows remote attackers to execute...
S
CVE-2000-0979 File and Print Sharing service in Windows 95, Windows 98, and Windows Me does not properly check the...
E S
CVE-2000-0980 NMPI (Name Management Protocol on IPX) listener in Microsoft NWLink does not properly filter packets...
E S
CVE-2000-0981 MySQL Database Engine uses a weak authentication method which leaks information that could be used b...
CVE-2000-0982 Internet Explorer before 5.5 forwards cached user credentials for a secure web site to insecure page...
E S
CVE-2000-0983 Microsoft NetMeeting with Remote Desktop Sharing enabled allows remote attackers to cause a denial o...
E S
CVE-2000-0984 The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (cras...
E S
CVE-2000-0985 Buffer overflow in All-Mail 1.1 allows remote attackers to execute arbitrary commands via a long "MA...
E S
CVE-2000-0986 Buffer overflow in Oracle 8.1.5 applications such as names, namesctl, onrsd, osslogin, tnslsnr, tnsp...
E
CVE-2000-0987 Buffer overflow in oidldapd in Oracle 8.1.6 allow local users to gain privileges via a long "connect...
CVE-2000-0988 WinU 1.0 through 5.1 has a backdoor password that allows remote attackers to gain access to its admi...
E S
CVE-2000-0989 Buffer overflow in Intel InBusiness eMail Station 1.04.87 POP service allows remote attackers to cau...
CVE-2000-0990 cmd5checkpw 0.21 and earlier allows remote attackers to cause a denial of service via an "SMTP AUTH"...
S
CVE-2000-0991 Buffer overflow in Hilgraeve, Inc. HyperTerminal client on Windows 98, ME, and 2000 allows remote at...
E S
CVE-2000-0992 Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to over...
E S
CVE-2000-0993 Format string vulnerability in pw_error function in BSD libutil library allows local users to gain r...
E S
CVE-2000-0994 Format string vulnerability in OpenBSD fstat program (and possibly other BSD-based operating systems...
E S
CVE-2000-0995 Format string vulnerability in OpenBSD yp_passwd program (and possibly other BSD-based operating sys...
S
CVE-2000-0996 Format string vulnerability in OpenBSD su program (and possibly other BSD-based operating systems) a...
S
CVE-2000-0997 Format string vulnerabilities in eeprom program in OpenBSD, NetBSD, and possibly other operating sys...
S
CVE-2000-0998 Format string vulnerability in top program allows local attackers to gain root privileges via the "k...
S
CVE-2000-0999 Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems...
S
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.