| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2000-1000 | Format string vulnerability in AOL Instant Messenger (AIM) 4.1.2010 allows remote attackers to cause... | | |
| CVE-2000-1001 | add_2_basket.asp in Element InstantShop allows remote attackers to modify price information via the ... | | |
| CVE-2000-1002 | POP3 daemon in Stalker CommuniGate Pro 3.3.2 generates different error messages for invalid username... | E | |
| CVE-2000-1003 | NETBIOS client in Windows 95 and Windows 98 allows a remote attacker to cause a denial of service by... | | |
| CVE-2000-1004 | Format string vulnerability in OpenBSD photurisd allows local users to execute arbitrary commands vi... | | |
| CVE-2000-1005 | Directory traversal vulnerability in html_web_store.cgi and web_store.cgi CGI programs in eXtropia W... | E S | |
| CVE-2000-1006 | Microsoft Exchange Server 5.5 does not properly handle a MIME header with a blank charset specified,... | E S | |
| CVE-2000-1007 | I-gear 3.5.7 and earlier does not properly process log entries in which a URL is longer than 255 cha... | S | |
| CVE-2000-1008 | PalmOS 3.5.2 and earlier uses weak encryption to store the user password, which allows attackers wit... | E S | |
| CVE-2000-1009 | dump in Red Hat Linux 6.2 trusts the pathname specified by the RSH environmental variable, which all... | E S | |
| CVE-2000-1010 | Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote atta... | S | |
| CVE-2000-1011 | Buffer overflow in catopen() function in FreeBSD 5.0 and earlier, and possibly other OSes, allows lo... | S | |
| CVE-2000-1012 | The catopen function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read... | S | |
| CVE-2000-1013 | The setlocale function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to re... | S | |
| CVE-2000-1014 | Format string vulnerability in the search97.cgi CGI script in SCO help http server for Unixware 7 al... | E S | |
| CVE-2000-1015 | The default configuration of Slashcode before version 2.0 Alpha has a default administrative passwor... | S | |
| CVE-2000-1016 | The default configuration of Apache (httpd.conf) on SuSE 6.4 includes an alias for the /usr/doc dire... | E S | |
| CVE-2000-1017 | Webteachers Webdata allows remote attackers with valid Webdata accounts to read arbitrary files by p... | E S | |
| CVE-2000-1018 | shred 1.0 file wiping utility does not properly open a file for overwriting or flush its buffers, wh... | E S | |
| CVE-2000-1019 | Search engine in Ultraseek 3.1 and 3.1.10 (aka Inktomi Search) allows remote attackers to cause a de... | S | |
| CVE-2000-1020 | Heap overflow in Worldclient in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial ... | S | |
| CVE-2000-1021 | Heap overflow in WebConfig in Mdaemon 3.1.1 and earlier allows remote attackers to cause a denial of... | S | |
| CVE-2000-1022 | The mailguard feature in Cisco Secure PIX Firewall 5.2(2) and earlier does not properly restrict acc... | E S | |
| CVE-2000-1023 | The Alabanza Control Panel does not require passwords to access administrative commands, which allow... | E S | |
| CVE-2000-1024 | eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, w... | S | |
| CVE-2000-1025 | eWave ServletExec JSP/Java servlet engine, versions 3.0C and earlier, allows remote attackers to cau... | E S | |
| CVE-2000-1026 | Multiple buffer overflows in LBNL tcpdump allow remote attackers to execute arbitrary commands.... | S | |
| CVE-2000-1027 | Cisco Secure PIX Firewall 5.2(2) allows remote attackers to determine the real IP address of a targe... | E | |
| CVE-2000-1028 | Buffer overflow in cu program in HP-UX 11.0 may allow local users to gain privileges via a long -l c... | E S | |
| CVE-2000-1029 | Buffer overflow in host command allows a remote attacker to execute arbitrary commands via a long re... | E S | |
| CVE-2000-1030 | CS&T CorporateTime for the Web returns different error messages for invalid usernames and invalid pa... | | |
| CVE-2000-1031 | Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through 5.1a allows local users to ex... | S | |
| CVE-2000-1032 | The client authentication interface for Check Point Firewall-1 4.0 and earlier generates different e... | E S | |
| CVE-2000-1033 | Serv-U FTP Server allows remote attackers to bypass its anti-hammering feature by first logging on a... | E | |
| CVE-2000-1034 | Buffer overflow in the System Monitor ActiveX control in Windows 2000 allows remote attackers to exe... | E S | |
| CVE-2000-1035 | Buffer overflows in TYPSoft FTP Server 0.78 and earlier allows remote attackers to cause a denial of... | E | |
| CVE-2000-1036 | Directory traversal vulnerability in Extent RBS ISP web server allows remote attackers to read sensi... | E S | |
| CVE-2000-1037 | Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid ... | E | |
| CVE-2000-1038 | The web administration interface for IBM AS/400 Firewall allows remote attackers to cause a denial o... | S | |
| CVE-2000-1039 | Various TCP/IP stacks and network applications allow remote attackers to cause a denial of service b... | E S | |
| CVE-2000-1040 | Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks fi... | S | |
| CVE-2000-1041 | Buffer overflow in ypbind 3.3 possibly allows an attacker to gain root privileges.... | S | |
| CVE-2000-1042 | Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating syst... | S | |
| CVE-2000-1043 | Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux op... | S | |
| CVE-2000-1044 | Format string vulnerability in ypbind-mt in SuSE SuSE-6.2, and possibly other Linux operating system... | S | |
| CVE-2000-1045 | nss_ldap earlier than 121, when run with nscd (name service caching daemon), allows remote attackers... | S | |
| CVE-2000-1046 | Multiple buffer overflows in the ESMTP service of Lotus Domino 5.0.2c and earlier allow remote attac... | S | |
| CVE-2000-1047 | Buffer overflow in SMTP service of Lotus Domino 5.0.4 and earlier allows remote attackers to cause a... | E S | |
| CVE-2000-1048 | Directory traversal vulnerability in the logfile service of Wingate 4.1 Beta A and earlier allows re... | | |
| CVE-2000-1049 | Allaire JRun 3.0 http servlet server allows remote attackers to cause a denial of service via a URL ... | S | |
| CVE-2000-1050 | Allaire JRun 3.0 http servlet server allows remote attackers to directly access the WEB-INF director... | S | |
| CVE-2000-1051 | Directory traversal vulnerability in Allaire JRun 2.3 server allows remote attackers to read arbitra... | S | |
| CVE-2000-1052 | Allaire JRun 2.3 server allows remote attackers to obtain source code for executable content by dire... | | |
| CVE-2000-1053 | Allaire JRun 2.3.3 server allows remote attackers to compile and execute JSP code by inserting it vi... | S | |
| CVE-2000-1054 | Buffer overflow in CSAdmin module in CiscoSecure ACS Server 2.4(2) and earlier allows remote attacke... | S | |
| CVE-2000-1055 | Buffer overflow in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a deni... | S | |
| CVE-2000-1056 | CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to bypass LDAP authentication on t... | S | |
| CVE-2000-1057 | Vulnerabilities in database configuration scripts in HP OpenView Network Node Manager (NNM) 6.1 and ... | S | |
| CVE-2000-1058 | Buffer overflow in OverView5 CGI program in HP OpenView Network Node Manager (NNM) 6.1 and earlier a... | S | |
| CVE-2000-1059 | The default configuration of the Xsession file in Mandrake Linux 7.1 and 7.0 bypasses the Xauthority... | S | |
| CVE-2000-1060 | The default configuration of XFCE 3.5.1 bypasses the Xauthority access control mechanism with an "xh... | S | |
| CVE-2000-1061 | Microsoft Virtual Machine (VM) in Internet Explorer 4.x and 5.x allows an unsigned applet to create ... | | |
| CVE-2000-1062 | Buffer overflow in the FTP service in HP JetDirect printer card Firmware x.08.20 and earlier allows ... | S | |
| CVE-2000-1063 | Buffer overflow in the Telnet service in HP JetDirect printer card Firmware x.08.20 and earlier allo... | S | |
| CVE-2000-1064 | Buffer overflow in the LPD service in HP JetDirect printer card Firmware x.08.20 and earlier allows ... | S | |
| CVE-2000-1065 | Vulnerability in IP implementation of HP JetDirect printer card Firmware x.08.20 and earlier allows ... | S | |
| CVE-2000-1066 | The getnameinfo function in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows ... | S | |
| CVE-2000-1068 | pollit.cgi in Poll It 2.0 allows remote attackers to execute arbitrary commands via shell metacharac... | | |
| CVE-2000-1069 | pollit.cgi in Poll It 2.01 and earlier allows remote attackers to access administrative functions wi... | | |
| CVE-2000-1070 | pollit.cgi in Poll It 2.01 and earlier uses data files that are located under the web document root,... | | |
| CVE-2000-1071 | The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +... | E S | |
| CVE-2000-1072 | iCal 2.1 Patch 2 installs many files with world-writeable permissions, which allows local users to m... | E S | |
| CVE-2000-1073 | csstart program in iCal 2.1 Patch 2 searches for the cshttpd program in the current working director... | E S | |
| CVE-2000-1074 | csstart program in iCal 2.1 Patch 2 uses relative pathnames to install the libsocket and libnsl libr... | E S | |
| CVE-2000-1075 | Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server ... | E S | |
| CVE-2000-1076 | Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administra... | | |
| CVE-2000-1077 | Buffer overflow in the SHTML logging functionality of iPlanet Web Server 4.x allows remote attackers... | S | |
| CVE-2000-1078 | ICQ Web Front HTTPd allows remote attackers to cause a denial of service by requesting a URL that co... | E | |
| CVE-2000-1079 | Interactions between the CIFS Browser Protocol and NetBIOS as implemented in Microsoft Windows 95, 9... | S | |
| CVE-2000-1080 | Quake 1 (quake1) and ProQuake 1.01 and earlier allow remote attackers to cause a denial of service v... | S | |
| CVE-2000-1081 | The xp_displayparamstmt function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does n... | E S | |
| CVE-2000-1082 | The xp_enumresultset function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not ... | E S | |
| CVE-2000-1083 | The xp_showcolv function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not prope... | E S | |
| CVE-2000-1084 | The xp_updatecolvbm function in SQL Server and Microsoft SQL Server Desktop Engine (MSDE) does not p... | E S | |
| CVE-2000-1085 | The xp_peekqueue function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) does not... | E S | |
| CVE-2000-1086 | The xp_printstatements function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) do... | E S | |
| CVE-2000-1087 | The xp_proxiedmetadata function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) do... | E S | |
| CVE-2000-1088 | The xp_SetSQLSecurity function in Microsoft SQL Server 2000 and SQL Server Desktop Engine (MSDE) doe... | E S | |
| CVE-2000-1089 | Buffer overflow in Microsoft Phone Book Service allows local users to execute arbitrary commands, ak... | E S | |
| CVE-2000-1090 | Microsoft IIS for Far East editions 4.0 and 5.0 allows remote attackers to read source code for pars... | | |
| CVE-2000-1092 | loadpage.cgi CGI program in EZshopper 3.0 and 2.0 allows remote attackers to list and read files in ... | E | |
| CVE-2000-1093 | Buffer overflow in AOL Instant Messenger before 4.3.2229 allows remote attackers to execute arbitrar... | E S | |
| CVE-2000-1094 | Buffer overflow in AOL Instant Messenger (AIM) before 4.3.2229 allows remote attackers to execute ar... | E S | |
| CVE-2000-1095 | modprobe in the modutils 2.3.x package on Linux systems allows a local user to execute arbitrary com... | E S | |
| CVE-2000-1096 | crontab by Paul Vixie uses predictable file names for a temporary file and does not properly ensure ... | E S | |
| CVE-2000-1097 | The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service ... | S | |
| CVE-2000-1098 | The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service ... | S | |
| CVE-2000-1099 | Java Runtime Environment in Java Development Kit (JDK) 1.2.2_05 and earlier can allow an untrusted J... | | |
| CVE-2000-1100 | The default configuration for PostACI webmail system installs the /includes/global.inc configuration... | E S | |
| CVE-2000-1101 | Directory traversal vulnerability in Winsock FTPd (WFTPD) 3.00 and 2.41 with the "Restrict to home d... | E S | |
| CVE-2000-1102 | PTlink IRCD 3.5.3 and PTlink Services 1.8.1 allow remote attackers to cause a denial of service (ser... | E S | |
| CVE-2000-1103 | rcvtty in BSD 3.0 and 4.0 does not properly drop privileges before executing a script, which allows ... | E | |
| CVE-2000-1104 | Variant of the "IIS Cross-Site Scripting" vulnerability as originally discussed in MS:MS00-060 (CVE-... | | |
| CVE-2000-1105 | The ixsso.query ActiveX Object is marked as safe for scripting, which allows malicious web site oper... | E S | |
| CVE-2000-1106 | Trend Micro InterScan VirusWall creates an "Intscan" share to the "InterScan" directory with permiss... | E S | |
| CVE-2000-1107 | in.identd ident server in SuSE Linux 6.x and 7.0 allows remote attackers to cause a denial of servic... | E S | |
| CVE-2000-1108 | cons.saver in Midnight Commander (mc) 4.5.42 and earlier does not properly verify if an output file ... | E S | |
| CVE-2000-1109 | Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when ... | | |
| CVE-2000-1110 | document.d2w CGI program in the IBM Net.Data db2www package allows remote attackers to determine the... | E | |
| CVE-2000-1111 | Telnet Service for Windows 2000 Professional does not properly terminate incomplete connection attem... | E | |
| CVE-2000-1112 | Microsoft Windows Media Player 7 executes scripts in custom skin (.WMS) files, which could allow rem... | E S | |
| CVE-2000-1113 | Buffer overflow in Microsoft Windows Media Player allows remote attackers to execute arbitrary comma... | E S | |
| CVE-2000-1114 | Unify ServletExec AS v3.0C allows remote attackers to read source code for JSP pages via an HTTP req... | E S | |
| CVE-2000-1115 | Buffer overflow in remote web administration component (webprox.dll) of 602Pro LAN SUITE before 2000... | S | |
| CVE-2000-1116 | Buffer overflow in TransSoft Broker FTP Server before 4.3.0.1 allows remote attackers to cause a den... | | |
| CVE-2000-1117 | The Extended Control List (ECL) feature of the Java Virtual Machine (JVM) in Lotus Notes Client R5 a... | E | |
| CVE-2000-1118 | 24Link 1.06 web server allows remote attackers to bypass access restrictions by prepending strings s... | S | |
| CVE-2000-1119 | Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier allows local users to execute arbitr... | S | |
| CVE-2000-1120 | Buffer overflow in digest command in IBM AIX 4.3.x and earlier allows local users to execute arbitra... | S | |
| CVE-2000-1121 | Buffer overflow in enq command in IBM AIX 4.3.x and earlier may allow local users to execute arbitra... | S | |
| CVE-2000-1122 | Buffer overflow in setclock command in IBM AIX 4.3.x and earlier may allow local users to execute ar... | S | |
| CVE-2000-1123 | Buffer overflow in pioout command in IBM AIX 4.3.x and earlier may allow local users to execute arbi... | S | |
| CVE-2000-1124 | Buffer overflow in piobe command in IBM AIX 4.3.x allows local users to gain privileges via long env... | S | |
| CVE-2000-1125 | restore 0.4b15 and earlier in Red Hat Linux 6.2 trusts the pathname specified by the RSH environment... | E | |
| CVE-2000-1126 | Vulnerability in auto_parms and set_parms in HP-UX 11.00 and earlier allows remote attackers to exec... | S | |
| CVE-2000-1127 | registrar in the HP resource monitor service allows local users to read and modify arbitrary files b... | E S | |
| CVE-2000-1128 | The default configuration of McAfee VirusScan 4.5 does not quote the ImagePath variable, which impro... | E S | |
| CVE-2000-1129 | McAfee WebShield SMTP 4.5 allows remote attackers to cause a denial of service via a malformed recip... | E S | |
| CVE-2000-1130 | McAfee WebShield SMTP 4.5 allows remote attackers to bypass email content filtering rules by includi... | E | |
| CVE-2000-1131 | Bill Kendrick web site guestbook (GBook) allows remote attackers to execute arbitrary commands via s... | S | |
| CVE-2000-1132 | DCForum cgforum.cgi CGI script allows remote attackers to read arbitrary files, and delete the progr... | E S | |
| CVE-2000-1133 | Authentix Authentix100 allows remote attackers to bypass authentication by inserting a . (dot) into ... | E S | |
| CVE-2000-1134 | Multiple shell programs on various Unix systems, including (1) tcsh, (2) csh, (3) sh, and (4) bash, ... | E S | |
| CVE-2000-1135 | fshd (fsh daemon) in Debian GNU/Linux allows local users to overwrite files of other users via a sym... | E S | |
| CVE-2000-1136 | elvis-tiny before 1.4-10 in Debian GNU/Linux, and possibly other Linux operating systems, allows loc... | S | |
| CVE-2000-1137 | GNU ed before 0.2-18.1 allows local users to overwrite the files of other users via a symlink attack... | S | |
| CVE-2000-1138 | Lotus Notes R5 client R5.0.5 and earlier does not properly warn users when an S/MIME email message h... | | |
| CVE-2000-1139 | The installation of Microsoft Exchange 2000 before Rev. A creates a user account with a known passwo... | S | |
| CVE-2000-1140 | Recourse ManTrap 1.6 does not properly hide processes from attackers, which could allow attackers to... | E S | |
| CVE-2000-1141 | Recourse ManTrap 1.6 modifies the kernel so that ".." does not appear in the /proc listing, which al... | | |
| CVE-2000-1142 | Recourse ManTrap 1.6 generates an error when an attacker cd's to /proc/self/cwd and executes the pwd... | | |
| CVE-2000-1143 | Recourse ManTrap 1.6 hides the first 4 processes that run on a Solaris system, which allows attacker... | E | |
| CVE-2000-1144 | Recourse ManTrap 1.6 sets up a chroot environment to hide the fact that it is running, but the inode... | E S | |
| CVE-2000-1145 | Recourse ManTrap 1.6 allows attackers who have gained root access to use utilities such as crash or ... | | |
| CVE-2000-1146 | Recourse ManTrap 1.6 allows attackers to cause a denial of service via a sequence of commands that n... | S | |
| CVE-2000-1147 | Buffer overflow in IIS ISAPI .ASP parsing mechanism allows attackers to execute arbitrary commands v... | E S | |
| CVE-2000-1148 | The installation of VolanoChatPro chat server sets world-readable permissions for its configuration ... | S | |
| CVE-2000-1149 | Buffer overflow in RegAPI.DLL used by Windows NT 4.0 Terminal Server allows remote attackers to exec... | E S | |
| CVE-2000-1150 | Felix IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service v... | E | |
| CVE-2000-1151 | Baxter IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service ... | E | |
| CVE-2000-1152 | Browser IRC client in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service... | | |
| CVE-2000-1153 | PostMaster 1.0 in BeOS r5 pro and earlier allows remote attackers to conduct a denial of service via... | E | |
| CVE-2000-1154 | RHConsole in RobinHood 1.1 web server in BeOS r5 pro and earlier allows remote attackers to cause a ... | E | |
| CVE-2000-1155 | RHDaemon in RobinHood 1.1 web server in BeOS r5 pro and earlier allows remote attackers to cause a d... | E | |
| CVE-2000-1156 | StarOffice 5.2 follows symlinks and sets world-readable permissions for the /tmp/soffice.tmp directo... | E S | |
| CVE-2000-1157 | Buffer overflow in NAI Sniffer Agent allows remote attackers to execute arbitrary commands via a lon... | E | |
| CVE-2000-1158 | NAI Sniffer Agent uses base64 encoding for authentication, which allows attackers to sniff the netwo... | E | |
| CVE-2000-1159 | NAI Sniffer Agent allows remote attackers to gain privileges on the agent by sniffing the initial UD... | E | |
| CVE-2000-1160 | NAI Sniffer Agent allows remote attackers to cause a denial of service (crash) by sending a large nu... | E | |
| CVE-2000-1161 | The installation of AdCycle banner management system leaves the build.cgi program in a web-accessibl... | S | |
| CVE-2000-1162 | ghostscript before 5.10-16 allows local users to overwrite files of other users via a symlink attack... | S | |
| CVE-2000-1163 | ghostscript before 5.10-16 uses an empty LD_RUN_PATH environmental variable to find libraries in the... | S | |
| CVE-2000-1164 | WinVNC installs the WinVNC3 registry key with permissions that give Special Access (read and modify)... | S | |
| CVE-2000-1165 | Balabit syslog-ng allows remote attackers to cause a denial of service (application crash) via a mal... | E S | |
| CVE-2000-1166 | Twig webmail system does not properly set the "vhosts" variable if it is not configured on the site,... | S | |
| CVE-2000-1167 | ppp utility in FreeBSD 4.1.1 and earlier does not properly restrict access as specified by the "nat ... | S | |
| CVE-2000-1168 | IBM HTTP Server 1.3.6 (based on Apache) allows remote attackers to cause a denial of service and pos... | | |
| CVE-2000-1169 | OpenSSH SSH client before 2.3.0 does not properly disable X11 or agent forwarding, which could allow... | S | |
| CVE-2000-1170 | Buffer overflow in Netsnap webcam HTTP server before 1.2.9 allows remote attackers to execute arbitr... | S | |
| CVE-2000-1171 | Directory traversal vulnerability in cgiforum.pl script in CGIForum 1.0 allows remote attackers to r... | E S | |
| CVE-2000-1172 | Buffer overflow in Gaim 0.10.3 and earlier using the OSCAR protocol allows remote attackers to condu... | | |
| CVE-2000-1173 | Microsys CyberPatrol uses weak encryption (trivial encoding) for credit card numbers and uses no enc... | E | |
| CVE-2000-1174 | Multiple buffer overflows in AFS ACL parser for Ethereal 0.8.13 and earlier allows remote attackers ... | E S | |
| CVE-2000-1175 | Buffer overflow in Koules 1.4 allows local users to execute arbitrary commands via a long command li... | E | |
| CVE-2000-1176 | Directory traversal vulnerability in YaBB search.pl CGI script allows remote attackers to read arbit... | E | |
| CVE-2000-1177 | bb-hist.sh, bb-histlog.sh, bb-hostsvc.sh, bb-rep.sh, bb-replog.sh, and bb-ack.sh in Big Brother (BB)... | E S | |
| CVE-2000-1178 | Joe text editor follows symbolic links when creating a rescue copy called DEADJOE during an abnormal... | E S | |
| CVE-2000-1179 | Netopia ISDN Router 650-ST before 4.3.5 allows remote attackers to read system logs without authenti... | S | |
| CVE-2000-1180 | Buffer overflow in cmctl program in Oracle 8.1.5 Connection Manager Control allows local users to ga... | E S | |
| CVE-2000-1181 | Real Networks RealServer 7 and earlier allows remote attackers to obtain portions of RealServer's me... | E S | |
| CVE-2000-1182 | WatchGuard Firebox II allows remote attackers to cause a denial of service by flooding the Firebox w... | E S | |
| CVE-2000-1183 | Buffer overflow in socks5 server on Linux allows attackers to execute arbitrary commands via a long ... | E | |
| CVE-2000-1184 | telnetd in FreeBSD 4.2 and earlier, and possibly other operating systems, allows remote attackers to... | S | |
| CVE-2000-1185 | The telnet proxy in RideWay PN proxy server allows remote attackers to cause a denial of service via... | E | |
| CVE-2000-1186 | Buffer overflow in phf CGI program allows remote attackers to execute arbitrary commands by specifyi... | E S | |
| CVE-2000-1187 | Buffer overflow in the HTML parser for Netscape 4.75 and earlier allows remote attackers to execute ... | S | |
| CVE-2000-1188 | Directory traversal vulnerability in Quikstore shopping cart program allows remote attackers to read... | S | |
| CVE-2000-1189 | Buffer overflow in pam_localuser PAM module in Red Hat Linux 7.x and 6.x allows attackers to gain pr... | S | |
| CVE-2000-1190 | imwheel-solo in imwheel package allows local users to modify arbitrary files via a symlink attack fr... | | |
| CVE-2000-1191 | htsearch program in htDig 3.2 beta, 3.1.6, 3.1.5, and earlier allows remote attackers to determine t... | | |
| CVE-2000-1192 | Buffer overflow in BTT Software SNMP Trap Watcher 1.16 allows remote attackers to cause a denial of ... | E S | |
| CVE-2000-1193 | Performance Metrics Collector Daemon (PMCD) in Performance Copilot in IRIX 6.x allows remote attacke... | S | |
| CVE-2000-1194 | Argosoft FRP server 1.0 allows remote attackers to cause a denial of service, and possibly execute a... | E | |
| CVE-2000-1195 | telnet daemon (telnetd) from the Linux netkit package before netkit-telnet-0.16 allows remote attack... | S | |
| CVE-2000-1196 | PSCOErrPage.htm in Netscape PublishingXpert 2.5 before SP2 allows remote attackers to read arbitrary... | E S | |
| CVE-2000-1197 | POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and other operating systems creates l... | | |
| CVE-2000-1198 | qpopper POP server creates lock files with predictable names, which allows local users to cause a de... | | |
| CVE-2000-1199 | PostgreSQL stores usernames and passwords in plaintext in (1) pg_shadow and (2) pg_pwd, which allows... | E | |
| CVE-2000-1200 | Windows NT allows remote attackers to list all users in a domain by obtaining the domain SID with th... | E S | |
| CVE-2000-1201 | Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood o... | | |
| CVE-2000-1202 | ikeyman in IBM IBMHSSSB 1.0 sets the CLASSPATH environmental variable to include the user's own CLAS... | E S | |
| CVE-2000-1203 | Lotus Domino SMTP server 4.63 through 5.08 allows remote attackers to cause a denial of service (CPU... | S | |
| CVE-2000-1204 | Vulnerability in the mod_vhost_alias virtual hosting module for Apache 1.3.9, 1.3.11 and 1.3.12 allo... | E | |
| CVE-2000-1205 | Cross site scripting vulnerabilities in Apache 1.3.0 through 1.3.11 allow remote attackers to execut... | S | |
| CVE-2000-1206 | Vulnerability in Apache httpd before 1.3.11, when configured for mass virtual hosting using mod_rewr... | | |
| CVE-2000-1207 | userhelper in the usermode package on Red Hat Linux executes non-setuid programs as root, which does... | S | |
| CVE-2000-1208 | Format string vulnerability in startprinting() function of printjob.c in BSD-based lpr lpd package m... | S | |
| CVE-2000-1209 | The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL... | S | |
| CVE-2000-1210 | Directory traversal vulnerability in source.jsp of Apache Tomcat before 3.1 allows remote attackers ... | S | |
| CVE-2000-1211 | Zope 2.2.0 through 2.2.4 does not properly perform security registration for legacy names of object ... | S | |
| CVE-2000-1212 | Zope 2.2.0 through 2.2.4 does not properly protect a data updating method on Image and File objects,... | S | |
| CVE-2000-1213 | ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating ... | | |
| CVE-2000-1214 | Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as dist... | S | |
| CVE-2000-1215 | The default configuration of Lotus Domino server 5.0.8 includes system information (version, operati... | | |
| CVE-2000-1216 | Buffer overflow in portmir for AIX 4.3.0 allows local users to corrupt lock files and gain root priv... | | |
| CVE-2000-1217 | Microsoft Windows 2000 before Service Pack 2 (SP2), when running in a non-Windows 2000 domain and us... | | |
| CVE-2000-1218 | The default configuration for the domain name resolver for Microsoft Windows 98, NT 4.0, 2000, and X... | | |
| CVE-2000-1219 | The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not handle all types of integer ov... | | |
| CVE-2000-1220 | The line printer daemon (lpd) in the lpr package in multiple Linux operating systems allows local us... | | |
| CVE-2000-1221 | The line printer daemon (lpd) in the lpr package in multiple Linux operating systems authenticates b... | S | |
| CVE-2000-1222 | AIX sysback before 4.2.1.13 uses a relative path to find and execute the hostname program, which all... | | |
| CVE-2000-1223 | quikstore.cgi in Quikstore Shopping Cart allows remote attackers to execute arbitrary commands via s... | | |
| CVE-2000-1224 | Caucho Technology Resin 1.2 and possibly earlier allows remote attackers to view JSP source via an H... | | |
| CVE-2000-1225 | Xitami 2.5b installs the testcgi.exe program by default in the cgi-bin directory, which allows remot... | E | |
| CVE-2000-1226 | Snort 1.6, when running in straight ASCII packet logging mode or IDS mode with straight decoded ASCI... | S | |
| CVE-2000-1227 | Windows NT 4.0 and Windows 2000 hosts allow remote attackers to cause a denial of service (unavailab... | | |
| CVE-2000-1228 | Phorum 3.0.7 allows remote attackers to change the administrator password without authentication via... | E S | |
| CVE-2000-1229 | Directory traversal vulnerability in Phorum 3.0.7 allows remote Phorum administrators to read arbitr... | E S | |
| CVE-2000-1230 | Backdoor in auth.php3 in Phorum 3.0.7 allows remote attackers to access restricted web pages via an ... | E S | |
| CVE-2000-1231 | code.php3 in Phorum 3.0.7 allows remote attackers to read arbitrary files in the phorum directory vi... | E S | |
| CVE-2000-1232 | upgrade.php3 in Phorum 3.0.7 could allow remote attackers to modify certain Phorum database tables v... | E S | |
| CVE-2000-1233 | SQL injection vulnerability in read.php3 and other scripts in Phorum 3.0.7 allows remote attackers t... | E S | |
| CVE-2000-1234 | violation.php3 in Phorum 3.0.7 allows remote attackers to send e-mails to arbitrary addresses and po... | E S | |
| CVE-2000-1235 | The default configurations of (1) the port listener and (2) modplsql in Oracle Internet Application ... | E S | |
| CVE-2000-1236 | SQL injection vulnerability in mod_sql in Oracle Internet Application Server (IAS) 3.0.7 and earlier... | S | |
| CVE-2000-1237 | The POP3 server in FTGate returns an -ERR code after receiving an invalid USER request, which makes ... | | |
| CVE-2000-1238 | BEA Systems WebLogic Express and WebLogic Server 5.1 SP1-SP6 allows remote attackers to bypass acces... | S | |
| CVE-2000-1239 | The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3... | | |
| CVE-2000-1240 | Unspecified vulnerability in siteman.php3 in AnyPortal(php) before 22 APR 00 allows remote attackers... | S | |
| CVE-2000-1241 | Unspecified vulnerability in Haakon Nilsen simple, integrated publishing system (SIPS) before 0.2.4 ... | | |
| CVE-2000-1242 | The HTTP service in American Power Conversion (APC) PowerChute uses a default username and password,... | | |
| CVE-2000-1243 | Privacy leak in Dansie Shopping Cart 3.04, and probably earlier versions, sends sensitive informatio... | | |
| CVE-2000-1244 | Computer Associates InoculateIT Agent for Exchange Server does not recognize an e-mail virus attachm... | E | |
| CVE-2000-1245 | Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare ... | | |
| CVE-2000-1246 | NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allows remote authenticated user... | | |
| CVE-2000-1247 | The default configuration of the jserv-status handler in jserv.conf in Apache JServ 1.1.2 includes a... | E S | |
| CVE-2000-1248 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2000-1249 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2000-1250 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2000-1251 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2000-1252 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2000-1254 | crypto/rsa/rsa_gen.c in OpenSSL before 0.9.6 mishandles C bitwise-shift operations that exceed the s... | |