| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2001-1000 | rlmadmin RADIUS management utility in Merit AAA Server 3.8M, 5.01, and possibly other versions, allo... | E | |
| CVE-2001-1002 | The default configuration of the DVI print filter (dvips) in Red Hat Linux 7.0 and earlier does not ... | S | |
| CVE-2001-1003 | Respondus 1.1.2 for WebCT uses weak encryption to remember usernames and passwords, which allows loc... | | |
| CVE-2001-1004 | Cross-site scripting (CSS) vulnerability in gnut Gnutella client before 0.4.27 allows remote attacke... | S | |
| CVE-2001-1005 | Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses weak encryption to store the user pa... | S | |
| CVE-2001-1006 | Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA does not encrypt sensitive files and reli... | S | |
| CVE-2001-1007 | Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses a small keyspace for device keys and... | S | |
| CVE-2001-1008 | Java Plugin 1.4 for JRE 1.3 executes signed applets even if the certificate is expired, which could ... | E S | |
| CVE-2001-1009 | Fetchmail (aka fetchmail-ssl) before 5.8.17 allows a remote malicious (1) IMAP server or (2) POP/POP... | E S | |
| CVE-2001-1010 | Directory traversal vulnerability in pagecount CGI script in Sambar Server before 5.0 beta 5 allows ... | E S | |
| CVE-2001-1011 | index2.php in Mambo Site Server 3.0.0 through 3.0.5 allows remote attackers to gain Mambo administra... | E S | |
| CVE-2001-1012 | Vulnerability in screen before 3.9.10, related to a multi-attach error, allows local users to gain r... | | |
| CVE-2001-1013 | Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when... | E S | |
| CVE-2001-1014 | eshop.pl in WebDiscount(e)shop allows remote attackers to execute arbitrary commands via shell metac... | E | |
| CVE-2001-1015 | Buffer overflow in Snes9x 1.37, when installed setuid root, allows local users to gain root privileg... | E S | |
| CVE-2001-1016 | PGP Corporate Desktop before 7.1, Personal Security before 7.0.3, Freeware before 7.0.3, and E-Busin... | S | |
| CVE-2001-1017 | rmuser utility in FreeBSD 4.2 and 4.3 creates a copy of the master.passwd file with world-readable p... | S | |
| CVE-2001-1018 | Lotus Domino web server 5.08 allows remote attackers to determine the internal IP address of the ser... | | |
| CVE-2001-1019 | Directory traversal vulnerability in view_item CGI program in sglMerchant 1.0 allows remote attacker... | E | |
| CVE-2001-1020 | edit_image.php in Vibechild Directory Manager before 0.91 allows remote attackers to execute arbitra... | | |
| CVE-2001-1021 | Buffer overflows in WS_FTP 2.02 allow remote attackers to execute arbitrary code via long arguments ... | E S | |
| CVE-2001-1022 | Format string vulnerability in pic utility in groff 1.16.1 and other versions, and jgroff before 1.1... | E S | |
| CVE-2001-1023 | Xcache 2.1 allows remote attackers to determine the absolute path of web server documents by request... | | |
| CVE-2001-1024 | login.gas.bat and other CGI scripts in Entrust getAccess allow remote attackers to execute Java prog... | E | |
| CVE-2001-1025 | PHP-Nuke 5.x allows remote attackers to perform arbitrary SQL operations by modifying the "prefix" v... | E | |
| CVE-2001-1026 | Trend Micro InterScan AppletTrap 2.0 does not properly filter URLs when they are modified in certain... | | |
| CVE-2001-1027 | Buffer overflow in WindowMaker (aka wmaker) 0.64 and earlier allows remote attackers to execute arbi... | S | |
| CVE-2001-1028 | Buffer overflow in ultimate_source function of man 1.5 and earlier allows local users to gain privil... | S | |
| CVE-2001-1029 | libutil in OpenSSH on FreeBSD 4.4 and earlier does not drop privileges before verifying the capabili... | E | |
| CVE-2001-1030 | Squid before 2.3STABLE5 in HTTP accelerator mode does not enable access control lists (ACLs) when th... | S | |
| CVE-2001-1031 | Directory traversal vulnerability in Meteor FTP 1.0 allows remote attackers to read arbitrary files ... | E | |
| CVE-2001-1032 | admin.php in PHP-Nuke 5.2 and earlier, except 5.0RC1, does not check login credentials for upload op... | E | |
| CVE-2001-1033 | Compaq TruCluster 1.5 allows remote attackers to cause a denial of service via a port scan from a sy... | | |
| CVE-2001-1034 | Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via f... | | |
| CVE-2001-1035 | Binary decoding feature of slrn 0.9 and earlier allows remote attackers to execute commands via shel... | S | |
| CVE-2001-1036 | GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an ol... | E | |
| CVE-2001-1037 | Cisco SN 5420 Storage Router 1.1(3) and earlier allows local users to access a developer's shell wit... | E S | |
| CVE-2001-1038 | Cisco SN 5420 Storage Router 1.1(3) and earlier allows remote attackers to cause a denial of service... | | |
| CVE-2001-1039 | The JetAdmin web interface for HP JetDirect does not set a password for the telnet interface when th... | S | |
| CVE-2001-1040 | HP LaserJet, and possibly other JetDirect devices, resets the admin password when the device is turn... | S | |
| CVE-2001-1041 | oracle program in Oracle 8.0.x, 8.1.x and 9.0.1 allows local users to overwrite arbitrary files via ... | S | |
| CVE-2001-1042 | Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary files and directories by uploadin... | E | |
| CVE-2001-1043 | ArGoSoft FTP Server 1.2.2.2 allows remote attackers to read arbitrary files and directories by uploa... | E | |
| CVE-2001-1044 | Basilix Webmail 0.9.7beta, and possibly other versions, stores *.class and *.inc files under the doc... | E S | |
| CVE-2001-1045 | Directory traversal vulnerability in basilix.php3 in Basilix Webmail 1.0.3beta and earlier allows re... | E S | |
| CVE-2001-1046 | Buffer overflow in qpopper (aka qpop or popper) 4.0 through 4.0.2 allows remote attackers to gain pr... | S | |
| CVE-2001-1047 | Race condition in OpenBSD VFS allows local users to cause a denial of service (kernel panic) by (1) ... | | |
| CVE-2001-1048 | AWOL PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP... | S | |
| CVE-2001-1049 | Phorecast PHP script before 0.40 allows remote attackers to include arbitrary files from remote web ... | S | |
| CVE-2001-1050 | CCCSoftware CCC PHP script allows remote attackers to include arbitrary files from remote web sites ... | S | |
| CVE-2001-1051 | Dark Hart Portal (darkportal) PHP script allows remote attackers to include arbitrary files from rem... | E S | |
| CVE-2001-1052 | Empris PHP script allows remote attackers to include arbitrary files from remote web sites via an HT... | S | |
| CVE-2001-1053 | AdLogin.pm in AdCycle 1.15 and earlier allows remote attackers to bypass authentication and gain pri... | E S | |
| CVE-2001-1054 | PHPAdsNew PHP script allows remote attackers to include arbitrary files from remote web sites via an... | S | |
| CVE-2001-1055 | The Microsoft Windows network stack allows remote attackers to cause a denial of service (CPU consum... | E | |
| CVE-2001-1056 | IRC DCC helper in the ip_masq_irc IP masquerading module 2.2 allows remote attackers to bypass inten... | | |
| CVE-2001-1057 | The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote attackers to cause a denial o... | S | |
| CVE-2001-1058 | The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote attackers to bypass access co... | S | |
| CVE-2001-1059 | VMWare creates a temporary file vmware-log.USERNAME with insecure permissions, which allows local us... | S | |
| CVE-2001-1060 | phpMyAdmin 2.2.0rc3 and earlier allows remote attackers to execute arbitrary commands by inserting t... | S | |
| CVE-2001-1061 | Vulnerability in lsmcode in unknown versions of AIX, possibly related to a usage error.... | | |
| CVE-2001-1062 | Buffer overflow in mana in OpenServer 5.0.6a and earlier allows local users to execute arbitrary cod... | | |
| CVE-2001-1063 | Buffer overflow in uidadmin in Caldera Open Unix 8.0.0 and UnixWare 7 allows local users to gain roo... | S | |
| CVE-2001-1064 | Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denia... | E S | |
| CVE-2001-1065 | Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds... | S | |
| CVE-2001-1066 | ns6install installation script for Netscape 6.01 on Solaris, and other versions including 6.2.1 beta... | | |
| CVE-2001-1067 | Buffer overflow in AOLserver 3.0 allows remote attackers to cause a denial of service, and possibly ... | E S | |
| CVE-2001-1068 | qpopper 4.01 with PAM based authentication on Red Hat systems generates different error messages whe... | E S | |
| CVE-2001-1069 | libCoolType library as used in Adobe Acrobat (acroread) on Linux creates the AdobeFnt.lst file with ... | S | |
| CVE-2001-1070 | Sage Software MAS 200 allows remote attackers to cause a denial of service by connecting to port 100... | E | |
| CVE-2001-1071 | Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a... | S | |
| CVE-2001-1072 | Apache with mod_rewrite enabled on most UNIX systems allows remote attackers to bypass RewriteRules ... | S | |
| CVE-2001-1073 | Webridge PX Application Suite allows remote attackers to obtain sensitive information via a malforme... | E | |
| CVE-2001-1074 | Webmin 0.84 and earlier does not properly clear the HTTP_AUTHORIZATION environment variable when the... | E S | |
| CVE-2001-1075 | poprelayd script before 2.0 in Cobalt RaQ3 servers allows remote attackers to bypass authentication ... | E S | |
| CVE-2001-1076 | Buffer overflow in whodo in Solaris SunOS 5.5.1 through 5.8 allows local users to execute arbitrary ... | E S | |
| CVE-2001-1077 | Buffer overflow in tt_printf function of rxvt 2.6.2 allows local users to gain privileges via a long... | E S | |
| CVE-2001-1078 | Format string vulnerability in flog function of eXtremail 1.1.9 and earlier allows remote attackers ... | E S | |
| CVE-2001-1079 | create_keyfiles in PSSP 3.2 with DCE 3.1 authentication on AIX creates keyfile directories with worl... | S | |
| CVE-2001-1080 | diagrpt in AIX 4.3.x and 5.1 uses the DIAGDATADIR environment variable to find and execute certain p... | | |
| CVE-2001-1081 | Format string vulnerabilities in Livingston/Lucent RADIUS before 2.1.va.1 may allow local or remote ... | S | |
| CVE-2001-1082 | Directory traversal vulnerability in Livingston/Lucent RADIUS before 2.1.va.1 may allow attackers to... | | |
| CVE-2001-1083 | Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file streaming support enabled allo... | E S | |
| CVE-2001-1084 | Cross-site scripting vulnerability in Allaire JRun 3.0 and 2.3.3 allows a malicious webmaster to emb... | E S | |
| CVE-2001-1085 | Lmail 2.7 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temp... | E S | |
| CVE-2001-1086 | XDM in XFree86 3.3 and 3.3.3 generates easily guessable cookies using gettimeofday() when compiled w... | E S | |
| CVE-2001-1087 | The default configuration of the config.http.tunnel.allow_ports option on NetCache devices is set to... | | |
| CVE-2001-1088 | Microsoft Outlook 8.5 and earlier, and Outlook Express 5 and earlier, with the "Automatically put pe... | E | |
| CVE-2001-1089 | libnss-pgsql in nss-pgsql 0.9.0 and earlier allows remote attackers to execute arbitrary SQL queries... | S | |
| CVE-2001-1090 | nss_postgresql 0.6.1 and before allows a remote attacker to execute arbitrary SQL queries by inserti... | S | |
| CVE-2001-1091 | The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges... | | |
| CVE-2001-1092 | msgchk in Digital UNIX 4.0G and earlier allows a local user to read the first line of arbitrary file... | E | |
| CVE-2001-1093 | Buffer overflow in msgchk in Digital UNIX 4.0G and earlier allows local users to execute arbitrary c... | E | |
| CVE-2001-1094 | NetOp School 1.5 allows local users to bypass access restrictions on the administration version by l... | | |
| CVE-2001-1095 | Buffer overflow in uuq in AIX 4 could allow local users to execute arbitrary code via a long -r para... | | |
| CVE-2001-1096 | Buffer overflows in muxatmd in AIX 4 allows an attacker to cause a core dump and possibly execute co... | | |
| CVE-2001-1097 | Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denia... | | |
| CVE-2001-1098 | Cisco PIX firewall manager (PFM) 4.3(2)g logs the enable password in plaintext in the pfm.log file, ... | E S | |
| CVE-2001-1099 | The default configuration of Norton AntiVirus for Microsoft Exchange 2000 2.x allows remote attacker... | | |
| CVE-2001-1100 | sendmessage.cgi in W3Mail 1.0.2, and possibly other CGI programs, allows remote attackers to execute... | E S | |
| CVE-2001-1101 | The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b through 4.1 SP2 does not ... | S | |
| CVE-2001-1102 | Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users to overwrite arbitrary files ... | S | |
| CVE-2001-1103 | FTP Voyager ActiveX control before 8.0, when it is marked as safe for scripting (the default) or if ... | S | |
| CVE-2001-1104 | SonicWALL SOHO uses easily predictable TCP sequence numbers, which allows remote attackers to spoof ... | | |
| CVE-2001-1105 | RSA BSAFE SSL-J 3.0, 3.0.1 and 3.1, as used in Cisco iCND 2.0, caches session IDs from failed login ... | S | |
| CVE-2001-1106 | The default configuration of Sambar Server 5 and earlier uses a symmetric key that is compiled into ... | E S | |
| CVE-2001-1107 | SnapStream PVS 1.2a stores its passwords in plaintext in the file SSD.ini, which could allow a remot... | E | |
| CVE-2001-1108 | Directory traversal vulnerability in SnapStream PVS 1.2a allows remote attackers to read arbitrary f... | E | |
| CVE-2001-1109 | Directory traversal vulnerability in EFTP 2.0.7.337 allows remote authenticated users to reveal dire... | E | |
| CVE-2001-1110 | EFTP 2.0.7.337 allows remote attackers to obtain NETBIOS credentials by requesting information on a ... | | |
| CVE-2001-1111 | EFTP 2.0.7.337 stores user passwords in plaintext in the eftp2users.dat file.... | | |
| CVE-2001-1112 | Buffer overflow in EFTP 2.0.7.337 allows remote attackers to execute arbitrary code by uploading a .... | E | |
| CVE-2001-1113 | Buffer overflow in TrollFTPD 1.26 and earlier allows local users to execute arbitrary code by creati... | E S | |
| CVE-2001-1114 | book.cgi in NetCode NC Book 0.2b allows remote attackers to execute arbitrary commands via shell met... | E | |
| CVE-2001-1115 | generate.cgi in SIX-webboard 2.01 and before allows remote attackers to read arbitrary files via a d... | E | |
| CVE-2001-1116 | Identix BioLogon 2.03 and earlier does not lock secondary displays on a multi-monitor system running... | | |
| CVE-2001-1117 | LinkSys EtherFast BEFSR41 Cable/DSL routers running firmware before 1.39.3 Beta allows a remote atta... | S | |
| CVE-2001-1118 | A module in Roxen 2.0 before 2.0.92, and 2.1 before 2.1.264, does not properly decode UTF-8, Mac and... | S | |
| CVE-2001-1119 | cda in xmcd 3.0.2 and 2.6 in SuSE Linux allows local users to overwrite arbitrary files via a symlin... | S | |
| CVE-2001-1120 | Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote attackers to (1) read or delete ar... | S | |
| CVE-2001-1121 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2001-1084. Reason: This candidate... | R | |
| CVE-2001-1122 | Windows NT 4.0 SP 6a allows a local user with write access to winnt/system32 to cause a denial of se... | E S | |
| CVE-2001-1123 | Vulnerability in Network Node Manager (NNM) 6.2 and earlier in HP OpenView allows a local user to ex... | S | |
| CVE-2001-1124 | rpcbind in HP-UX 11.00, 11.04 and 11.11 allows remote attackers to cause a denial of service (core d... | S | |
| CVE-2001-1125 | Symantec LiveUpdate before 1.6 does not use cryptography to ensure the integrity of download files, ... | S | |
| CVE-2001-1126 | Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allows remote attackers to cause a... | S | |
| CVE-2001-1127 | Buffer overflow in Progress database 8.3D and 9.1C could allow a local user to execute arbitrary cod... | S | |
| CVE-2001-1128 | Buffer overflow in Progress database 8.3D and 9.1C allows local users to execute arbitrary code via ... | S | |
| CVE-2001-1129 | Format string vulnerabilities in (1) _probuild, (2) _dbutil, (3) _mprosrv, (4) _mprshut, (5) _proaps... | S | |
| CVE-2001-1130 | Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers to execute arbitrary commands by up... | S | |
| CVE-2001-1131 | Directory traversal vulnerability in WhitSoft Development SlimFTPd 2.2 allows an attacker to read ar... | | |
| CVE-2001-1132 | Mailman 2.0.x before 2.0.6 allows remote attackers to gain access to list administrative pages when ... | | |
| CVE-2001-1133 | Vulnerability in a system call in BSDI 3.0 and 3.1 allows local users to cause a denial of service (... | E | |
| CVE-2001-1134 | Xerox DocuPrint N40 Printers allow remote attackers to cause a denial of service via malformed data,... | S | |
| CVE-2001-1135 | ZyXEL Prestige 642R and 642R-I routers do not filter the routers' Telnet and FTP ports on the extern... | | |
| CVE-2001-1136 | The libsecurity library in HP-UX 11.04 (VVOS) allows attackers to cause a denial of service.... | S | |
| CVE-2001-1137 | D-Link DI-704 Internet Gateway firmware earlier than V2.56b6 allows remote attackers to cause a deni... | S | |
| CVE-2001-1138 | Directory traversal vulnerability in r.pl (aka r.cgi) of Randy Parker Power Up HTML 0.8033beta allow... | E | |
| CVE-2001-1139 | Directory traversal vulnerability in ASCII NT WinWrapper Professional allows remote attackers to rea... | S | |
| CVE-2001-1140 | BadBlue Personal Edition v1.02 beta allows remote attackers to read source code for executable progr... | | |
| CVE-2001-1141 | The Pseudo-Random Number Generator (PRNG) in SSLeay and OpenSSL before 0.9.6b allows attackers to us... | S | |
| CVE-2001-1142 | ArGoSoft FTP Server 1.2.2.2 uses weak encryption for user passwords, which allows an attacker with a... | E | |
| CVE-2001-1143 | IBM DB2 7.0 allows a remote attacker to cause a denial of service (crash) via a single byte to (1) d... | | |
| CVE-2001-1144 | Directory traversal vulnerability in McAfee ASaP VirusScan agent 1.0 allows remote attackers to read... | | |
| CVE-2001-1145 | fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be for... | S | |
| CVE-2001-1146 | AllCommerce with debugging enabled in EnGarde Secure Linux 1.0.1 creates temporary files with predic... | S | |
| CVE-2001-1147 | The PAM implementation in /bin/login of the util-linux package before 2.11 causes a password entry t... | S | |
| CVE-2001-1148 | Multiple buffer overflows in programs used by scoadmin and sysadmsh in SCO OpenServer 5.0.6a and ear... | S | |
| CVE-2001-1149 | Panda Antivirus Platinum before 6.23.00 allows a remore attacker to cause a denial of service (crash... | | |
| CVE-2001-1150 | Vulnerability in cgiWebupdate.exe in Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.5... | S | |
| CVE-2001-1151 | Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.53 allows remote attackers to access s... | S | |
| CVE-2001-1152 | Baltimore Technologies WEBsweeper 4.02, when used to manage URL blacklists, allows remote attackers ... | | |
| CVE-2001-1153 | lpsystem in OpenUnix 8.0.0 allows local users to cause a denial of service and possibly execute arbi... | S | |
| CVE-2001-1154 | Cyrus 2.0.15, 2.0.16, and 1.6.24 on BSDi 4.2, with IMAP enabled, allows remote attackers to cause a ... | | |
| CVE-2001-1155 | TCP Wrappers (tcp_wrappers) in FreeBSD 4.1.1 through 4.3 with the PARANOID ACL option enabled does n... | S | |
| CVE-2001-1156 | TYPSoft FTP 0.95 allows remote attackers to cause a denial of service (CPU consumption) via a "../..... | E | |
| CVE-2001-1157 | Baltimore Technologies WEBsweeper 4.0 and 4.02 does not properly filter Javascript from HTML pages, ... | | |
| CVE-2001-1158 | Check Point VPN-1/FireWall-1 4.1 base.def contains a default macro, accept_fw1_rdp, which can allow ... | S | |
| CVE-2001-1159 | load_prefs.php and supporting include files in SquirrelMail 1.0.4 and earlier do not properly initia... | S | |
| CVE-2001-1160 | udirectory.pl in Microburst Technologies uDirectory 2.0 and earlier allows remote attackers to execu... | E S | |
| CVE-2001-1161 | Cross-site scripting (CSS) vulnerability in Lotus Domino 5.0.6 allows remote attackers to execute sc... | S | |
| CVE-2001-1162 | Directory traversal vulnerability in the %m macro in the smb.conf configuration file in Samba before... | E S | |
| CVE-2001-1163 | Buffer overflow in Munica Corporation NetSQL 1.0 allows remote attackers to execute arbitrary code v... | E | |
| CVE-2001-1164 | Buffer overflow in uucp utilities in UnixWare 7 allows local users to execute arbitrary code via lon... | S | |
| CVE-2001-1165 | Intego FileGuard 4.0 uses weak encryption to store user information and passwords, which allows loca... | E | |
| CVE-2001-1166 | linprocfs on FreeBSD 4.3 and earlier does not properly restrict access to kernel memory, which allow... | S | |
| CVE-2001-1167 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2001-0976. Reason: This candida... | R | |
| CVE-2001-1168 | Directory traversal vulnerability in index.php in PhpMyExplorer before 1.2.1 allows remote attackers... | E | |
| CVE-2001-1169 | keyinit in S/Key does not require authentication to initialize a one-time password sequence, which a... | S | |
| CVE-2001-1170 | AmTote International homebet program stores the homebet.log file in the homebet/ virtual directory, ... | E S | |
| CVE-2001-1171 | Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and creates a world-writable temporary ... | S | |
| CVE-2001-1172 | OmniSecure HTTProtect 1.1.1 allows a superuser without omnish privileges to modify a protected file ... | S | |
| CVE-2001-1173 | Vulnerability in MasqMail before 0.1.15 allows local users to gain privileges via piped aliases.... | | |
| CVE-2001-1174 | Buffer overflow in Elm 2.5.5 and earlier allows remote attackers to execute arbitrary code via a lon... | S | |
| CVE-2001-1175 | vipw in the util-linux package before 2.10 causes /etc/shadow to be world-readable in some cases, wh... | S | |
| CVE-2001-1176 | Format string vulnerability in Check Point VPN-1/FireWall-1 4.1 allows a remote authenticated firewa... | S | |
| CVE-2001-1177 | ml85p in Samsung ML-85G GDI printer driver before 0.2.0 allows local users to overwrite arbitrary fi... | E S | |
| CVE-2001-1178 | Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variabl... | | |
| CVE-2001-1179 | xman allows local users to gain privileges by modifying the MANPATH to point to a man page whose fil... | E | |
| CVE-2001-1180 | FreeBSD 4.3 does not properly clear shared signal handlers when executing a process, which allows lo... | E S | |
| CVE-2001-1181 | Dynamically Loadable Kernel Module (dlkm) static kernel symbol table in HP-UX 11.11 is not properly ... | E S | |
| CVE-2001-1182 | Vulnerability in login in HP-UX 11.00, 11.11, and 10.20 allows restricted shell users to bypass cert... | S | |
| CVE-2001-1183 | PPTP implementation in Cisco IOS 12.1 and 12.2 allows remote attackers to cause a denial of service ... | S | |
| CVE-2001-1184 | wrshdsp.exe in Denicomp Winsock RSHD/NT 2.21.00 and earlier allows remote attackers to cause a denia... | E | |
| CVE-2001-1185 | Some AIO operations in FreeBSD 4.4 may be delayed until after a call to execve, which could allow a ... | E S | |
| CVE-2001-1186 | Microsoft IIS 5.0 allows remote attackers to cause a denial of service via an HTTP request with a co... | E | |
| CVE-2001-1187 | csvform.pl 0.1 allows remote attackers to execute arbitrary commands via metacharacters in the file ... | E S | |
| CVE-2001-1188 | mailto.exe in Brian Dorricott MAILTO 1.0.9 and earlier allows remote attackers to send SPAM e-mail t... | E | |
| CVE-2001-1189 | IBM Websphere Application Server 3.5.3 and earlier stores a password in cleartext in the sas.server.... | S | |
| CVE-2001-1190 | The default PAM files included with passwd in Mandrake Linux 8.1 do not support MD5 passwords, which... | S | |
| CVE-2001-1191 | WebSeal in IBM Tivoli SecureWay Policy Director 3.8 allows remote attackers to cause a denial of ser... | | |
| CVE-2001-1192 | Citrix Independent Computing Architecture (ICA) Client for Windows 6.1 allows remote malicious web s... | S | |
| CVE-2001-1193 | Directory traversal vulnerability in EFTP 2.0.8.346 allows local users to read directories via a ...... | S | |
| CVE-2001-1194 | Zyxel Prestige 681 and 1600 SDSL Routers allow remote attackers to cause a denial of service via mal... | S | |
| CVE-2001-1195 | Novell Groupwise 5.5 and 6.0 Servlet Gateway is installed with a default username and password for t... | E S | |
| CVE-2001-1196 | Directory traversal vulnerability in edit_action.cgi of Webmin Directory 0.91 allows attackers to ga... | E S | |
| CVE-2001-1197 | klprfax_filter in KDE2 KDEUtils allows local users to overwrite arbitrary files via a symlink attack... | S | |
| CVE-2001-1198 | RLPDaemon in HP-UX 10.20 and 11.0 allows local users to overwrite arbitrary files and gain privilege... | S | |
| CVE-2001-1199 | Cross-site scripting vulnerability in agora.cgi for Agora 3.0a through 4.0g, when debug mode is enab... | E S | |
| CVE-2001-1200 | Microsoft Windows XP allows local users to bypass a locked screen and run certain programs that are ... | | |
| CVE-2001-1201 | Buffer overflow in wmcube-gdk for WMCube/GDK 0.98 allows local users to execute arbitrary code via l... | | |
| CVE-2001-1202 | Cross-site scripting vulnerability in DeleGate 7.7.0 and 7.7.1 does not quote scripting commands wit... | S | |
| CVE-2001-1203 | Format string vulnerability in gpm-root in gpm 1.17.8 through 1.17.18 allows local users to gain roo... | S | |
| CVE-2001-1204 | Directory traversal vulnerability in phprocketaddin in Total PC Solutions PHP Rocket Add-in for Fron... | E | |
| CVE-2001-1205 | Directory traversal vulnerability in lastlines.cgi for Last Lines 2.0 allows remote attackers to rea... | | |
| CVE-2001-1206 | Matrix CGI vault Last Lines 2.0 allows remote attackers to execute arbitrary commands via shell meta... | | |
| CVE-2001-1207 | Buffer overflows in DayDream BBS 2.9 through 2.13 allow remote attackers to possibly execute arbitra... | E S | |
| CVE-2001-1208 | Format string vulnerability in DayDream BBS allows remote attackers to execute arbitrary code via fo... | | |
| CVE-2001-1209 | Directory traversal vulnerability in zml.cgi allows remote attackers to read arbitrary files via a .... | E | |
| CVE-2001-1210 | Cisco ubr900 series routers that conform to the Data-over-Cable Service Interface Specifications (DO... | | |
| CVE-2001-1211 | Ipswitch IMail 7.0.4 and earlier allows attackers with administrator privileges to read and modify u... | | |
| CVE-2001-1212 | Cross-site scripting vulnerability in catgy.cgi for Aktivate 1.03 allows remote attackers to execute... | | |
| CVE-2001-1213 | The default configuration of DataWizard FtpXQ 2.0 and 2.1 includes a default username and password, ... | S | |
| CVE-2001-1214 | manual.php in Marcus S. Xenakis Unix Manual 1.0 allows remote attackers to execute arbitrary code vi... | | |
| CVE-2001-1215 | Format string vulnerability in PFinger 0.7.5 through 0.7.7 allows remote attackers to execute arbitr... | S | |
| CVE-2001-1216 | Buffer overflow in PL/SQL Apache module in Oracle 9i Application Server allows remote attackers to e... | S | |
| CVE-2001-1217 | Directory traversal vulnerability in PL/SQL Apache module in Oracle Oracle 9i Application Server all... | S | |
| CVE-2001-1218 | Microsoft Internet Explorer for Unix 5.0SP1 allows local users to possibly cause a denial of service... | | |
| CVE-2001-1219 | Microsoft Internet Explorer 6.0 and earlier allows malicious website operators to cause a denial of ... | | |
| CVE-2001-1220 | D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point stores the administrative password ... | | |
| CVE-2001-1221 | D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point uses a default SNMP community strin... | | |
| CVE-2001-1222 | Plesk Server Administrator (PSA) 1.0 allows remote attackers to obtain PHP source code via an HTTP r... | S | |
| CVE-2001-1223 | The web administration server for ELSA Lancom 1100 Office does not require authentication, which all... | S | |
| CVE-2001-1224 | get_input in adrotate.pm for Les VanBrunt AdRotate Pro 2.0 allows remote attackers to modify the dat... | | |
| CVE-2001-1225 | Hughes Technology Mini SQL 2.0.10 through 2.0.12 allows local users to cause a denial of service by ... | | |
| CVE-2001-1226 | AdCycle 1.17 and earlier allow remote attackers to modify SQL queries, which are not properly saniti... | | |
| CVE-2001-1227 | Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by ... | S | |
| CVE-2001-1228 | Buffer overflows in gzip 1.3x, 1.2.4, and other versions might allow attackers to execute code via a... | S | |
| CVE-2001-1229 | Buffer overflows in (1) Icecast before 1.3.9 and (2) libshout before 1.0.4 allow remote attackers to... | | |
| CVE-2001-1230 | Buffer overflows in Icecast before 1.3.10 allow remote attackers to cause a denial of service (crash... | S | |
| CVE-2001-1231 | GroupWise 5.5 and 6 running in live remote or smart caching mode allows remote attackers to read arb... | S | |
| CVE-2001-1232 | GroupWise WebAccess 5.5 with directory indexing enabled allows a remote attacker to view arbitrary d... | E S | |
| CVE-2001-1233 | Netware Enterprise Web Server 5.1 running GroupWise WebAccess 5.5 with Novell Directory Services (ND... | E S | |
| CVE-2001-1234 | Bharat Mediratta Gallery PHP script before 1.2.1 allows remote attackers to execute arbitrary code b... | E S | |
| CVE-2001-1235 | pSlash PHP script 0.7 and earlier allows remote attackers to execute arbitrary code by including fil... | E S | |
| CVE-2001-1236 | myphpPagetool PHP script 0.4.3-1 and earlier allows remote attackers to execute arbitrary code by in... | | |
| CVE-2001-1237 | Phormation PHP script 0.9.1 and earlier allows remote attackers to execute arbitrary code by includi... | E S | |
| CVE-2001-1238 | Task Manager in Windows 2000 does not allow local users to end processes with uppercase letters name... | S | |
| CVE-2001-1239 | PowerNet IX allows remote attackers to cause a denial of service via a port scan.... | | |
| CVE-2001-1240 | The default configuration of sudo in Engarde Secure Linux 1.0.1 allows any user in the admin group t... | S | |
| CVE-2001-1241 | Un-CGI 1.9 and earlier does not verify that a CGI script has the execution bits set before executing... | S | |
| CVE-2001-1242 | Directory traversal vulnerability in Un-CGI 1.9 and earlier allows remote attackers to execute arbit... | S | |
| CVE-2001-1243 | Scripting.FileSystemObject in asp.dll for Microsoft IIS 4.0 and 5.0 allows local or remote attackers... | E S | |
| CVE-2001-1244 | Multiple TCP implementations could allow remote attackers to cause a denial of service (bandwidth an... | E | |
| CVE-2001-1245 | Opera 5.0 for Linux does not properly handle malformed HTTP headers, which allows remote attackers t... | | |
| CVE-2001-1246 | PHP 4.0.5 through 4.1.0 in safe mode does not properly cleanse the 5th parameter to the mail() funct... | S | |
| CVE-2001-1247 | PHP 4.0.4pl1 and 4.0.5 in safe mode allows remote attackers to read and write files owned by the web... | E S | |
| CVE-2001-1248 | vWebServer 1.2.0 allows remote attackers to view arbitrary ASP scripts via a request for an ASP scri... | E | |
| CVE-2001-1249 | vWebServer 1.2.0 allows remote attackers to cause a denial of service via a URL that contains MS-DOS... | | |
| CVE-2001-1250 | vWebServer 1.2.0 allows remote attackers to cause a denial of service (hang) via a small number of l... | | |
| CVE-2001-1251 | SmallHTTP 1.204 through 3.00 beta 8 allows remote attackers to cause a denial of service via multipl... | | |
| CVE-2001-1252 | Network Associates PGP Keyserver 7.0 allows remote attackers to bypass authentication and access the... | S | |
| CVE-2001-1253 | Alexis 2.0 and 2.1 in COM2001 InternetPBX stores voicemail passwords in plain text in the com2001.in... | S | |
| CVE-2001-1254 | Web Access component for COM2001 Alexis 2.0 and 2.1 in InternetPBX sends username and voice mail pas... | S | |
| CVE-2001-1255 | WinMySQLadmin 1.1 stores the MySQL password in plain text in the my.ini file, which allows local use... | | |
| CVE-2001-1256 | kmmodreg in HP-UX 11.11, 11.04 and 11.00 allows local users to create arbitrary world-writeable file... | S | |
| CVE-2001-1257 | Cross-site scripting vulnerability in Horde Internet Messaging Program (IMP) before 2.2.6 and 1.2.6 ... | E S | |
| CVE-2001-1258 | Horde Internet Messaging Program (IMP) before 2.2.6 allows local users to read IMP configuration fil... | E S | |
| CVE-2001-1259 | Avaya Argent Office allows remote attackers to cause a denial of service by sending UDP packets to p... | E | |
| CVE-2001-1260 | Avaya Argent Office uses weak encryption (trivial encoding) for passwords, which allows remote attac... | E | |
| CVE-2001-1261 | Avaya Argent Office 2.1 may allow remote attackers to change hold music by spoofing a legitimate ser... | E | |
| CVE-2001-1262 | Avaya Argent Office 2.1 compares a user-provided SNMP community string with the correct string only ... | E | |
| CVE-2001-1263 | telnet95.exe in Pragma InterAccess 4.0 build 5 allows remote attackers to cause a denial of service ... | E | |
| CVE-2001-1264 | Vulnerability in mkacct in HP-UX 11.04 running Virtualvault Operating System (VVOS) 4.0 and 4.5 allo... | E S | |
| CVE-2001-1265 | Directory traversal vulnerability in IBM alphaWorks Java TFTP server 1.21 allows remote attackers to... | E | |
| CVE-2001-1266 | Directory traversal vulnerability in Doug Neal's HTTPD Daemon (DNHTTPD) before 0.4.1 allows remote a... | | |
| CVE-2001-1267 | Directory traversal vulnerability in GNU tar 1.13.19 and earlier allows local users to overwrite arb... | E S | |
| CVE-2001-1268 | Directory traversal vulnerability in Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite a... | E S | |
| CVE-2001-1269 | Info-ZIP UnZip 5.42 and earlier allows attackers to overwrite arbitrary files during archive extract... | E S | |
| CVE-2001-1270 | Directory traversal vulnerability in the console version of PKZip (pkzipc) 4.00 and earlier allows a... | E S | |
| CVE-2001-1271 | Directory traversal vulnerability in rar 2.02 and earlier allows attackers to overwrite arbitrary fi... | E S | |
| CVE-2001-1272 | wmtv 0.6.5 and earlier does not properly drop privileges, which allows local users to execute arbitr... | S | |
| CVE-2001-1273 | The "mxcsr P4" vulnerability in the Linux kernel before 2.2.17-14, when running on certain Intel CPU... | S | |
| CVE-2001-1274 | Buffer overflow in MySQL before 3.23.31 allows attackers to cause a denial of service and possibly g... | S | |
| CVE-2001-1275 | MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the ... | S | |
| CVE-2001-1276 | ispell before 3.1.20 allows local users to overwrite files of other users via a symlink attack on a ... | S | |
| CVE-2001-1277 | makewhatis in the man package before 1.5i2 allows an attacker in group man to overwrite arbitrary fi... | S | |
| CVE-2001-1278 | Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by ... | S | |
| CVE-2001-1279 | Buffer overflow in print-rx.c of tcpdump 3.x (probably 3.6x) allows remote attackers to cause a deni... | S | |
| CVE-2001-1280 | POP3 Server for Ipswitch IMail 7.04 and earlier generates different responses to valid and invalid u... | | |
| CVE-2001-1281 | Web Messaging Server for Ipswitch IMail 7.04 and earlier allows remote authenticated users to change... | | |
| CVE-2001-1282 | Ipswitch IMail 7.04 and earlier records the physical path of attachments in an e-mail message header... | | |
| CVE-2001-1283 | The webmail interface for Ipswitch IMail 7.04 and earlier allows remote authenticated users to cause... | | |
| CVE-2001-1284 | Ipswitch IMail 7.04 and earlier uses predictable session IDs for authentication, which allows remote... | | |
| CVE-2001-1285 | Directory traversal vulnerability in readmail.cgi for Ipswitch IMail 7.04 and earlier allows remote ... | | |
| CVE-2001-1286 | Ipswitch IMail 7.04 and earlier stores a user's session ID in a URL, which could allow remote attack... | S | |
| CVE-2001-1287 | Buffer overflow in Web Calendar in Ipswitch IMail 7.04 and earlier allows remote attackers to execut... | | |
| CVE-2001-1288 | Windows 2000 and Windows NT allows local users to cause a denial of service (reboot) by executing a ... | E | |
| CVE-2001-1289 | Quake 3 arena 1.29f and 1.29g allows remote attackers to cause a denial of service (crash) via a mal... | | |
| CVE-2001-1290 | admin.cgi in Active Classifieds Free Edition 1.0, and possibly commercial versions, allows remote at... | | |
| CVE-2001-1291 | The telnet server for 3Com hardware such as PS40 SuperStack II does not delay or disconnect remote a... | E | |
| CVE-2001-1292 | Sambar Telnet Proxy/Server allows remote attackers to cause a denial of service and possibly execute... | E | |
| CVE-2001-1293 | Buffer overflow in web server of 3com HomeConnect Cable Modem External with USB (#3CR29223) allows r... | | |
| CVE-2001-1294 | Buffer overflow in A-V Tronics Inetserv 3.2.1 and earlier allows remote attackers to cause a denial ... | | |
| CVE-2001-1295 | Directory traversal vulnerability in Cerberus FTP Server 1.5 and earlier allows remote attackers to ... | | |
| CVE-2001-1296 | More.groupware PHP script allows remote attackers to include arbitrary files from remote web sites v... | S | |
| CVE-2001-1297 | PHP remote file inclusion vulnerability in Actionpoll PHP script before 1.1.2 allows remote attacker... | E S | |
| CVE-2001-1298 | Webodex PHP script 1.0 and earlier allows remote attackers to include arbitrary files from remote we... | S | |
| CVE-2001-1299 | Zorbat Zorbstats PHP script before 0.9 allows remote attackers to include arbitrary files from remot... | S | |
| CVE-2001-1300 | Directory traversal vulnerability in Dynu FTP server 1.05 and earlier allows remote attackers to rea... | E S | |
| CVE-2001-1301 | rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other pa... | | |
| CVE-2001-1302 | The change password option in the Windows Security interface for Windows 2000 allows attackers to us... | | |
| CVE-2001-1303 | The default configuration of SecuRemote for Check Point Firewall-1 allows remote attackers to obtain... | | |
| CVE-2001-1304 | Buffer overflow in SHOUTcast Server 1.8.2 allows remote attackers to cause a denial of service (cras... | | |
| CVE-2001-1305 | ICQ 2001a Alpha and earlier allows remote attackers to automatically add arbitrary UINs to an ICQ us... | S | |
| CVE-2001-1306 | iPlanet Directory Server 4.1.4 and earlier (LDAP) allows remote attackers to cause a denial of servi... | S | |
| CVE-2001-1307 | Buffer overflows in iPlanet Directory Server 4.1.4 and earlier (LDAP) allow remote attackers to caus... | S | |
| CVE-2001-1308 | Format string vulnerabilities in iPlanet Directory Server 4.1.4 and earlier (LDAP) allow remote atta... | S | |
| CVE-2001-1309 | Buffer overflows in IBM SecureWay 3.2.1 allow remote attackers to cause a denial of service (crash) ... | | |
| CVE-2001-1310 | IBM SecureWay 3.2.1 allow remote attackers to cause a denial of service (crash) and possibly execute... | S | |
| CVE-2001-1311 | Buffer overflows in Lotus Domino R5 before R5.0.7a allow remote attackers to cause a denial of servi... | S | |
| CVE-2001-1312 | Format string vulnerabilities in Lotus Domino R5 before R5.0.7a allow remote attackers to cause a de... | S | |
| CVE-2001-1313 | Lotus Domino R5 before R5.0.7a allows remote attackers to cause a denial of service (crash) and poss... | S | |
| CVE-2001-1314 | Buffer overflows in Critical Path (1) InJoin Directory Server or (2) LiveContent Directory allow rem... | S | |
| CVE-2001-1315 | Critical Path (1) InJoin Directory Server or (2) LiveContent Directory allow remote attackers to cau... | S | |
| CVE-2001-1316 | Buffer overflows in Teamware Office Enterprise Directory allows remote attackers to cause a denial o... | S | |
| CVE-2001-1317 | Teamware Office Enterprise Directory allows remote attackers to cause a denial of service (crash) an... | S | |
| CVE-2001-1318 | Vulnerabilities in Qualcomm Eudora WorldMail Server may allow remote attackers to cause a denial of ... | S | |
| CVE-2001-1319 | Microsoft Exchange 5.5 2000 allows remote attackers to cause a denial of service (hang) via exceptio... | S | |
| CVE-2001-1320 | Network Associates PGP Keyserver 7.0 allows remote attackers to cause a denial of service (crash) an... | S | |
| CVE-2001-1321 | Oracle Internet Directory Server 2.1.1.x and 3.0.1 allows remote attackers to cause a denial of serv... | S | |
| CVE-2001-1322 | xinetd 2.1.8 and earlier runs with a default umask of 0, which could allow local users to read or mo... | | |
| CVE-2001-1323 | Buffer overflow in MIT Kerberos 5 (krb5) 1.2.2 and earlier allows remote attackers to cause a denial... | S | |
| CVE-2001-1324 | cvmlogin and statfile in Paul Jarc idtools before 2001.06.27 do not properly check the return value ... | S | |
| CVE-2001-1325 | Internet Explorer 5.0 and 5.5, and Outlook Express 5.0 and 5.5, allow remote attackers to execute sc... | E S | |
| CVE-2001-1326 | Eudora 5.1 allows remote attackers to execute arbitrary code when the "Use Microsoft Viewer" option ... | E S | |
| CVE-2001-1327 | pmake before 2.1.35 in Turbolinux 6.05 and earlier is installed with setuid root privileges, which c... | S | |
| CVE-2001-1328 | Buffer overflow in ypbind daemon in Solaris 5.4 through 8 allows remote attackers to execute arbitra... | S | |
| CVE-2001-1329 | Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain root privileges via a long comma... | E | |
| CVE-2001-1330 | Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain root privileges via a long comma... | E | |
| CVE-2001-1331 | mandb in the man-db package before 2.3.16-3 allows local users to overwrite arbitrary files via the ... | S | |
| CVE-2001-1332 | Buffer overflows in Linux CUPS before 1.1.6 may allow remote attackers to execute arbitrary code.... | S | |
| CVE-2001-1333 | Linux CUPS before 1.1.6 does not securely handle temporary files, possibly due to a symlink vulnerab... | S | |
| CVE-2001-1334 | Block_render_url.class in PHPSlash 0.6.1 allows remote attackers with PHPSlash administrator privile... | | |
| CVE-2001-1335 | Directory traversal vulnerability in CesarFTP 0.98b and earlier allows remote authenticated users (s... | E | |
| CVE-2001-1336 | CesarFTP 0.98b and earlier stores usernames and passwords in plaintext in the settings.ini file, whi... | | |
| CVE-2001-1337 | Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to cause a denial of service via a... | | |
| CVE-2001-1338 | Beck IPC GmbH IPC@CHIP TelnetD server generates different responses when given valid and invalid log... | S | |
| CVE-2001-1339 | Beck IPC GmbH IPC@CHIP telnet service does not delay or disconnect users from the service when bad p... | E S | |
| CVE-2001-1340 | Beck GmbH IPC@Chip TelnetD service supports only one connection and does not disconnect a user who d... | S | |
| CVE-2001-1341 | The Beck GmbH IPC@Chip embedded web server installs the chipcfg.cgi program by default, which allows... | S | |
| CVE-2001-1342 | Apache before 1.3.20 on Windows and OS/2 systems allows remote attackers to cause a denial of servic... | S | |
| CVE-2001-1343 | ws_mail.cgi in WebStore 400/400CS 4.14 allows remote authenticated WebStore administrators to execut... | E S | |
| CVE-2001-1344 | WSSecurity.pl in WebStore allows remote attackers to bypass authentication by providing the program ... | E | |
| CVE-2001-1345 | bctool in Jetico BestCrypt 0.7 and earlier trusts the user-supplied PATH to find and execute an fsck... | E S | |
| CVE-2001-1346 | Computer Associates ARCserveIT 6.61 and 6.63 (also called ARCservIT) allows local users to overwrite... | | |
| CVE-2001-1347 | Windows 2000 allows local users to cause a denial of service and possibly gain privileges by setting... | E S | |
| CVE-2001-1348 | TWIG 2.6.2 and earlier allows remote attackers to perform unauthorized database operations via a SQL... | E S | |
| CVE-2001-1349 | Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local users to cause a denial of ser... | E S | |
| CVE-2001-1350 | Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attacker... | | |
| CVE-2001-1351 | Cross-site scripting vulnerability in Namazu 2.0.8 and earlier allows remote attackers to execute ar... | | |
| CVE-2001-1352 | Cross-site scripting vulnerability in Namazu 2.0.9 and earlier allows remote attackers to execute ar... | | |
| CVE-2001-1353 | ghostscript before 6.51 allows local users to read and write arbitrary files as the 'lp' user via th... | S | |
| CVE-2001-1354 | NetWin Authentication module (NWAuth) 2.0 and 3.0b, as implemented in SurgeFTP, DMail, and possibly ... | E | |
| CVE-2001-1355 | Buffer overflows in NetWin Authentication Module (NWAuth) 3.0b and earlier, as implemented in DMail,... | | |
| CVE-2001-1356 | NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modul... | | |
| CVE-2001-1357 | Multiple vulnerabilities in phpMyChat before 0.14.5 exist in (1) input.php3, (2) handle_inputH.php3,... | | |
| CVE-2001-1358 | Vulnerabilities in phpMyChat before 0.14.4 allow local and possibly remote attackers to gain privile... | | |
| CVE-2001-1359 | Volution clients 1.0.7 and earlier attempt to contact the computer creation daemon (CCD) when an LDA... | S | |
| CVE-2001-1360 | Vulnerability in Scanner Access Now Easy (SANE) before 1.0.5, related to pnm and saned.... | | |
| CVE-2001-1361 | Vulnerability in The Web Information Gateway (TWIG) 2.7.1, possibly related to incorrect security ri... | | |
| CVE-2001-1362 | Vulnerability in the server for nPULSE before 0.53p4.... | | |
| CVE-2001-1363 | Vulnerability in phpWebSite before 0.7.9 related to running multiple instances in the same domain, w... | | |
| CVE-2001-1364 | Vulnerability in autodns.pl for AutoDNS before 0.0.4 related to domain names that are not fully qual... | | |
| CVE-2001-1365 | Vulnerability in IntraGnat before 1.4.... | | |
| CVE-2001-1366 | netscript before 1.6.3 parses dynamic variables, which could allow remote attackers to alter program... | | |
| CVE-2001-1367 | The checkAccess function in PHPSlice 0.1.4, and all other versions between 0.1.1 and 0.1.6, does not... | | |
| CVE-2001-1368 | Vulnerability in iPlanet Web Server 4 included in Virtualvault Operating System (VVOS) 4.0 running H... | | |
| CVE-2001-1369 | Leon J Breedt pam-pgsql before 0.5.2 allows remote attackers to execute arbitrary SQL code and bypas... | S | |
| CVE-2001-1370 | prepend.php3 in PHPLib before 7.2d, when register_globals is enabled for PHP, allows remote attacker... | E S | |
| CVE-2001-1371 | The default configuration of Oracle Application Server 9iAS 1.0.2.2 enables SOAP and allows anonymou... | E S | |
| CVE-2001-1372 | Oracle 9i Application Server 1.0.2 allows remote attackers to obtain the physical path of a file und... | E S | |
| CVE-2001-1373 | MailSafe in Zone Labs ZoneAlarm 2.6 and earlier and ZoneAlarm Pro 2.6 and 2.4 does not block prohibi... | | |
| CVE-2001-1374 | expect before 5.32 searches for its libraries in /var/tmp before other directories, which could allo... | S | |
| CVE-2001-1375 | tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before othe... | S | |
| CVE-2001-1376 | Buffer overflow in digest calculation function of multiple RADIUS implementations allows remote atta... | S | |
| CVE-2001-1377 | Multiple RADIUS implementations do not properly validate the Vendor-Length of the Vendor-Specific at... | S | |
| CVE-2001-1378 | fetchmailconf in fetchmail before 5.7.4 allows local users to overwrite files of other users via a s... | S | |
| CVE-2001-1379 | The PostgreSQL authentication modules (1) mod_auth_pgsql 0.9.5, and (2) mod_auth_pgsql_sys 0.9.4, al... | S | |
| CVE-2001-1380 | OpenSSH before 2.9.9, while using keypairs and multiple keys of different types in the ~/.ssh/author... | S | |
| CVE-2001-1382 | The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional ... | | |
| CVE-2001-1383 | initscript in setserial 2.17-4 and earlier uses predictable temporary file names, which could allow ... | S | |
| CVE-2001-1384 | ptrace in Linux 2.2.x through 2.2.19, and 2.4.x through 2.4.9, allows local users to gain root privi... | S | |
| CVE-2001-1385 | The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for ... | S | |
| CVE-2001-1386 | WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends in a... | E S | |
| CVE-2001-1387 | iptables-save in iptables before 1.2.4 records the "--reject-with icmp-host-prohibited" rule as "--r... | E | |
| CVE-2001-1388 | iptables before 1.2.4 does not accurately convert rate limits that are specified on the command line... | E S | |
| CVE-2001-1389 | Multiple vulnerabilities in xinetd 2.3.0 and earlier, and additional variants until 2.3.3, may allow... | S | |
| CVE-2001-1390 | Unknown vulnerability in binfmt_misc in the Linux kernel before 2.2.19, related to user pages.... | S | |
| CVE-2001-1391 | Off-by-one vulnerability in CPIA driver of Linux kernel before 2.2.19 allows users to modify kernel ... | S | |
| CVE-2001-1392 | The Linux kernel before 2.2.19 does not have unregister calls for (1) CPUID and (2) MSR drivers, whi... | S | |
| CVE-2001-1393 | Unknown vulnerability in classifier code for Linux kernel before 2.2.19 could result in denial of se... | S | |
| CVE-2001-1394 | Signedness error in (1) getsockopt and (2) setsockopt for Linux kernel before 2.2.19 allows local us... | S | |
| CVE-2001-1395 | Unknown vulnerability in sockfilter for Linux kernel before 2.2.19 related to "boundary cases," with... | S | |
| CVE-2001-1396 | Unknown vulnerabilities in strnlen_user for Linux kernel before 2.2.19, with unknown impact.... | S | |
| CVE-2001-1397 | The System V (SYS5) shared memory implementation for Linux kernel before 2.2.19 could allow attacker... | S | |
| CVE-2001-1398 | Masquerading code for Linux kernel before 2.2.19 does not fully check packet lengths in certain case... | S | |
| CVE-2001-1399 | Certain operations in Linux kernel before 2.2.19 on the x86 architecture copy the wrong number of by... | S | |
| CVE-2001-1400 | Unknown vulnerabilities in the UDP port allocation for Linux kernel before 2.2.19 could allow local ... | S | |
| CVE-2001-1401 | Bugzilla before 2.14 does not properly restrict access to confidential bugs, which could allow Bugzi... | S | |
| CVE-2001-1402 | Bugzilla before 2.14 does not properly escape untrusted parameters, which could allow remote attacke... | S | |
| CVE-2001-1403 | Bugzilla before 2.14 includes the username and password in URLs, which could allow attackers to gain... | S | |
| CVE-2001-1404 | Bugzilla before 2.14 stores user passwords in plaintext and sends password requests in an email mess... | S | |
| CVE-2001-1405 | Bugzilla before 2.14 does not restrict access to sanitycheck.cgi, which allows local users to cause ... | S | |
| CVE-2001-1406 | process_bug.cgi in Bugzilla before 2.14 does not set the "groupset" bit when a bug is moved between ... | S | |
| CVE-2001-1407 | Bugzilla before 2.14 allows Bugzilla users to bypass group security checks by marking a bug as the d... | S | |
| CVE-2001-1408 | Directory traversal vulnerability in readmsg.php in WebMail 2.0.1 in Cobalt Qube 3 allows remote att... | | |
| CVE-2001-1409 | dexconf in XFree86 Xserver 4.1.0-2 creates the /dev/dri directory with insecure permissions (666), w... | S | |
| CVE-2001-1410 | Internet Explorer 6 and earlier allows remote attackers to create chromeless windows using the Javas... | E | |
| CVE-2001-1411 | Format string vulnerability in gm4 (aka m4) on Mac OS X may allow local users to gain privileges if ... | | |
| CVE-2001-1412 | nidump on MacOS X before 10.3 allows local users to read the encrypted passwords from the password f... | E S | |
| CVE-2001-1413 | Stack-based buffer overflow in the comprexx function for ncompress 4.2.4 and earlier, when used in s... | S | |
| CVE-2001-1414 | The Basic Security Module (BSM) for Solaris 2.5.1, 2.6, 7, and 8 does not log anonymous FTP access, ... | | |
| CVE-2001-1415 | vi.recover in OpenBSD before 3.1 allows local users to remove arbitrary zero-byte files such as devi... | S | |
| CVE-2001-1416 | Multiple cross-site scripting (XSS) vulnerabilities in the log messages in certain Alpha versions of... | | |
| CVE-2001-1417 | AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application ha... | E | |
| CVE-2001-1418 | AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application cr... | E | |
| CVE-2001-1419 | AOL Instant Messenger (AIM) 4.7.2480 and earlier allows remote attackers to cause a denial of servic... | E | |
| CVE-2001-1420 | AOL Instant Messenger (AIM) 4.7 allows remote attackers to cause a denial of service (application cr... | E | |
| CVE-2001-1421 | AOL Instant Messenger (AIM) 4.7 and earlier allows remote attackers to cause a denial of service (ap... | E | |
| CVE-2001-1422 | WinVNC 3.3.3 and earlier generates the same challenge string for multiple connections, which allows ... | | |
| CVE-2001-1423 | Advanced Poll before 1.61, when using a flat file database, allows remote attackers to gain privileg... | | |
| CVE-2001-1424 | Alcatel Speed Touch ADSL modem running firmware KHDSAA.108, KHDSAA.132, KHDSBA.133, and KHDSAA.134 h... | | |
| CVE-2001-1425 | The challenge-response authentication of the EXPERT user for Alcatel Speed Touch running firmware KH... | | |
| CVE-2001-1426 | Alcatel Speed Touch running firmware KHDSAA.108 and KHDSAA.132 through KHDSAA.134 has a TFTP server ... | S | |
| CVE-2001-1427 | Unknown vulnerability in ColdFusion Server 2.0 through 4.5.1 SP2 allows remote attackers to overwrit... | S | |
| CVE-2001-1428 | The (1) FTP and (2) Telnet services in Beck GmbH IPC@Chip are shipped with a default password, which... | E | |
| CVE-2001-1429 | Buffer overflow in mcedit in Midnight Commander 4.5.1 allows local users to cause a denial of servic... | | |
| CVE-2001-1430 | Cayman 3220-H DSL Router 1.0 ship without a password set, which allows remote attackers to gain unau... | E | |
| CVE-2001-1431 | Nokia Firewall Appliances running IPSO 3.3 and VPN-1/FireWall-1 4.1 Service Pack 3, IPSO 3.4 and VPN... | | |
| CVE-2001-1432 | Directory traversal vulnerability in Cherokee Web Server allows remote attackers to read arbitrary f... | E | |
| CVE-2001-1433 | Cherokee web server before 0.2.7 does not properly drop root privileges after binding to port 80, wh... | E S | |
| CVE-2001-1434 | Cisco IOS 12.0(5)XU through 12.1(2) allows remote attackers to read system administration and topolo... | | |
| CVE-2001-1435 | inetd in Compaq Tru64 UNIX 5.1 allows attackers to cause a denial of service (network connection los... | | |
| CVE-2001-1436 | Dallas Semiconductor iButton DS1991 returns predictable values when given an incorrect password, whi... | E | |
| CVE-2001-1437 | easyScripts easyNews 1.5 allows remote attackers to obtain the full path of the web root via a view ... | E | |
| CVE-2001-1438 | Handspring Visor 1.0 and 1.0.1 with the VisorPhone Springboard module installed allows remote attack... | E | |
| CVE-2001-1439 | Buffer overflow in the text editor functionality in HP-UX 10.01 through 11.04 on HP9000 Series 700 a... | S | |
| CVE-2001-1440 | Unknown vulnerability in login for AIX 5.1L, when using loadable authentication modules, allows remo... | | |
| CVE-2001-1441 | Cross-site scripting (XSS) vulnerability in VisualAge for Java 3.5 Professional allows remote attack... | E | |
| CVE-2001-1442 | Buffer overflow in innfeed for ISC InterNetNews (INN) before 2.3.0 allows local users in the "news" ... | E S | |
| CVE-2001-1443 | KTH Kerberos IV and Kerberos V (Heimdal) for Telnet clients do not encrypt connections if the server... | E | |
| CVE-2001-1444 | The Kerberos Telnet protocol, as implemented by KTH Kerberos IV and Kerberos V (Heimdal), does not e... | E | |
| CVE-2001-1445 | Unknown vulnerability in the SMTP server in Lotus Domino 5.0 through 5.7 allows remote attackers to ... | S | |
| CVE-2001-1446 | Find-By-Content in Mac OS X 10.0 through 10.0.4 creates world-readable index files named .FBCIndex i... | | |
| CVE-2001-1447 | NetInfo Manager for Mac OS X 10.0 through 10.1 allows local users to gain root privileges by opening... | E S | |
| CVE-2001-1448 | Magic eDeveloper Enterprise Edition 8.30-5 and earlier allows local users to overwrite arbitrary fil... | E | |
| CVE-2001-1449 | The default installation of Apache before 1.3.19 on Mandrake Linux 7.1 through 8.0 and Linux Corpora... | S | |
| CVE-2001-1450 | Microsoft Internet Explorer 5.0 through 6.0 allows attackers to cause a denial of service (browser c... | E | |
| CVE-2001-1451 | Memory leak in the SNMP LAN Manager (LANMAN) MIB extension for Microsoft Windows 2000 before SP3, wh... | E S | |
| CVE-2001-1452 | By default, DNS servers on Windows NT 4.0 and Windows 2000 Server cache glue records received from n... | S | |
| CVE-2001-1453 | Buffer overflow in libmysqlclient.so in MySQL 3.23.33 and earlier allows remote attackers to execute... | E | |
| CVE-2001-1454 | Buffer overflow in MySQL before 3.23.33 allows remote attackers to execute arbitrary code via a long... | E | |
| CVE-2001-1455 | Netegrity SiteMinder 3.6 through 4.5.1 allows remote attackers to bypass filtering via URLs containi... | S | |
| CVE-2001-1456 | Buffer overflow in the (1) smap/smapd and (2) CSMAP daemons for Gauntlet Firewall 5.0 through 6.0 al... | S | |
| CVE-2001-1457 | Buffer overflow in CrazyWWWBoard 2000p4 and 2000LEp5 allows remote attackers to execute arbitrary co... | E | |
| CVE-2001-1458 | Directory traversal vulnerability in Novell GroupWise 5.5 and 6.0 allows remote attackers to read ar... | E | |
| CVE-2001-1459 | OpenSSH 2.9 and earlier does not initiate a Pluggable Authentication Module (PAM) session if command... | | |
| CVE-2001-1460 | SQL injection vulnerability in article.php in PostNuke 0.62 through 0.64 allows remote attackers to ... | E S | |
| CVE-2001-1461 | Directory traversal vulnerability in WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Wind... | | |
| CVE-2001-1462 | WebID in RSA Security SecurID 5.0 as used by ACE/Agent for Windows, Windows NT and Windows 2000 allo... | | |
| CVE-2001-1463 | The remote administration client for RhinoSoft Serv-U 3.0 sends the user password in plaintext even ... | E | |
| CVE-2001-1464 | Crystal Reports, when displaying data for a password protected database using HTML pages, embeds the... | E | |
| CVE-2001-1465 | SurfControl SuperScout only filters packets containing both an HTTP GET request and a Host header, w... | | |
| CVE-2001-1466 | Buffer overflow in VanDyke SecureCRT before 3.4.2, when using the SSH-1 protocol, allows remote atta... | | |
| CVE-2001-1467 | mkpasswd in expect 5.2.8, as used by Red Hat Linux 6.2 through 7.0, seeds its random number generato... | | |
| CVE-2001-1468 | PHP remote file inclusion vulnerability in checklogin.php in phpSecurePages 0.24 and earlier allows ... | | |
| CVE-2001-1469 | The RC4 stream cipher as used by SSH1 allows remote attackers to modify messages without detection b... | E | |
| CVE-2001-1470 | The IDEA cipher as implemented by SSH1 does not protect the final block of a message against modific... | | |
| CVE-2001-1471 | prefs.php in phpBB 1.4.0 and earlier allows remote authenticated users to execute arbitrary PHP code... | E S | |
| CVE-2001-1472 | SQL injection vulnerability in prefs.php in phpBB 1.4.0 and 1.4.1 allows remote authenticated users ... | E | |
| CVE-2001-1473 | The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client ch... | | |
| CVE-2001-1474 | SSH before 2.0 disables host key checking when connecting to the localhost, which allows remote atta... | | |
| CVE-2001-1475 | SSH before 2.0, when using RC4 and password authentication, allows remote attackers to replay messag... | S | |
| CVE-2001-1476 | SSH before 2.0, with RC4 encryption and the "disallow NULL passwords" option enabled, makes it easie... | E S | |
| CVE-2001-1477 | The Domain gateway in BEA Tuxedo 7.1 does not perform authorization checks for imported services and... | S | |
| CVE-2001-1478 | Buffer overflow in xlock in UnixWare 7.1.0 and 7.1.1 and Open Unix 8.0.0 allows local users to execu... | S | |
| CVE-2001-1479 | smcboot in Sun SMC (Sun Management Center) 2.0 in Solaris 8 allows local users to delete arbitrary f... | E S | |
| CVE-2001-1480 | Java Runtime Environment (JRE) and SDK 1.2 through 1.3.0_04 allows untrusted applets to access the s... | E S | |
| CVE-2001-1481 | Xitami 2.4 through 2.5 b4 stores the Administrator password in plaintext in the default.aut file, wh... | E | |
| CVE-2001-1482 | SQL injection vulnerability in bb_memberlist.php for phpBB 1.4.2 allows remote attackers to execute ... | | |
| CVE-2001-1483 | One-Time Passwords In Everything (a.k.a OPIE) 2.32 and 2.4 allows remote attackers to determine the ... | | |
| CVE-2001-1484 | Alcatel ADSL modems allow remote attackers to access the Trivial File Transfer Protocol (TFTP) to mo... | | |
| CVE-2001-1487 | popauth utility in Qualcomm Qpopper 4.0 and earlier allows local users to overwrite arbitrary files ... | | |
| CVE-2001-1488 | Open Projects Network Internet Relay Chat (IRC) daemon u2.10.05.18 does not perform a double-reverse... | | |
| CVE-2001-1489 | Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (CPU consumption ... | E | |
| CVE-2001-1490 | Mozilla 0.9.6 allows remote attackers to cause a denial of service (CPU consumption and memory leak)... | E | |
| CVE-2001-1491 | Opera 5.11 allows remote attackers to cause a denial of service (CPU consumption and memory leak) vi... | E | |
| CVE-2001-1492 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2001-1460. Reason: This candida... | R | |
| CVE-2001-1494 | script command in the util-linux package before 2.11n allows local users to overwrite arbitrary file... | | |
| CVE-2001-1495 | network_query.php in Network Query Tool 1.0 allows remote attackers to execute arbitrary commands vi... | | |
| CVE-2001-1496 | Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows remo... | | |
| CVE-2001-1497 | Microsoft Internet Explorer 4.0 through 6.0 could allow local users to differentiate between alphanu... | | |
| CVE-2001-1498 | Buffer overflow in mod_bf 0.2 allows local users to execute arbitrary commands via a long script.... | | |
| CVE-2001-1499 | Check Point VPN-1 4.1SP4 using SecuRemote returns different error messages for valid and invalid use... | | |
| CVE-2001-1500 | ProFTPD 1.2.2rc2, and possibly other versions, does not properly verify reverse-resolved hostnames b... | S | |
| CVE-2001-1501 | The glob functionality in ProFTPD 1.2.1, and possibly other versions allows remote attackers to caus... | | |
| CVE-2001-1502 | webcart.cgi in Mountain Network Systems WebCart 8.4 allows remote attackers to execute arbitrary com... | E | |
| CVE-2001-1503 | The finger daemon (in.fingerd) in Sun Solaris 2.5 through 8 and SunOS 5.5 through 5.8 allows remote ... | | |
| CVE-2001-1504 | Lotus Notes R5 Client 4.6 allows remote attackers to execute arbitrary commands via a Lotus Notes ob... | | |
| CVE-2001-1505 | tinc 1.0pre3 and 1.0pre4 allows remote attackers to inject data into user sessions by sniffing and r... | | |
| CVE-2001-1506 | Unknown vulnerability in the file system protection subsystem in HP Secure OS Software for Linux 1.0... | | |
| CVE-2001-1507 | OpenSSH before 3.0.1 with Kerberos V enabled does not properly authenticate users, which could allow... | S | |
| CVE-2001-1508 | Buffer overflow in lpstat in SCO OpenServer 5.0 through 5.0.6a allows local users to execute arbitra... | S | |
| CVE-2001-1509 | geteuid in Itanium Architecture (IA) running on HP-UX 11.20 does not properly identify a user's effe... | S | |
| CVE-2001-1510 | Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), ... | E | |
| CVE-2001-1511 | JRun 3.0 and 3.1 running on JRun Web Server (JWS) and IIS allows remote attackers to read arbitrary ... | E S | |
| CVE-2001-1512 | Unknown vulnerability in Allaire JRun 3.1 allows remote attackers to directly access the WEB-INF and... | S | |
| CVE-2001-1513 | Macromedia JRun 3.0 and 3.1 allows remote attackers to obtain duplicate active user session IDs and ... | S | |
| CVE-2001-1514 | ColdFusion 4.5 and 5, when running on Windows with the advanced security sandbox type set to "operat... | | |
| CVE-2001-1515 | Macintosh clients, when using NT file system volumes on Windows 2000 SP1, create subdirectories and ... | | |
| CVE-2001-1516 | Cross-site scripting (XSS) vulnerability in phpReview 0.9.0 rc2 and earlier allows remote attackers ... | S | |
| CVE-2001-1517 | RunAs (runas.exe) in Windows 2000 stores cleartext authentication information in memory, which could... | S | |
| CVE-2001-1518 | RunAs (runas.exe) in Windows 2000 only creates one session instance at a time, which allows local us... | E | |
| CVE-2001-1519 | RunAs (runas.exe) in Windows 2000 allows local users to create a spoofed named pipe when the service... | E | |
| CVE-2001-1520 | Xircom REX 6000 allows local users to obtain the 10 digit PIN by starting a serial monitor, connecti... | | |
| CVE-2001-1521 | Cross-site scripting (XSS) vulnerability in user.php in PostNuke 0.64 allows remote attackers to inj... | | |
| CVE-2001-1522 | Cross-site scripting (XSS) vulnerability in im.php in IMessenger for PHP-Nuke allows remote attacker... | E | |
| CVE-2001-1523 | Cross-site scripting (XSS) vulnerability in the DMOZGateway module for PHP-Nuke allows remote attack... | E | |
| CVE-2001-1524 | Cross-site scripting (XSS) vulnerability in PHP-Nuke 5.3.1 and earlier allows remote attackers to in... | S | |
| CVE-2001-1525 | Directory traversal vulnerability in the comments action in easyNews 1.5 and earlier allows remote a... | E | |
| CVE-2001-1526 | Cross-site scripting (XSS) vulnerability in the comments action in index.php in easyNews 1.5 and ear... | E | |
| CVE-2001-1527 | easyNews 1.5 and earlier stores administration passwords in cleartext in settings.php, which allows ... | | |
| CVE-2001-1528 | AmTote International homebet program returns different error messages when invalid account numbers a... | E | |
| CVE-2001-1529 | Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized acce... | | |
| CVE-2001-1530 | run.cgi in Webmin 0.80 and 0.88 creates temporary files with world-writable permissions, which allow... | | |
| CVE-2001-1531 | Buffer overflow in Claris Emailer 2.0v2 allows remote attackers to cause a denial of service and pos... | | |
| CVE-2001-1532 | WebX stores authentication information in the HTTP_REFERER variable, which is included in URL links ... | | |
| CVE-2001-1533 | Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause a de... | | |
| CVE-2001-1534 | mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information i... | | |
| CVE-2001-1535 | Slashcode 2.0 creates new accounts with an 8-character random password, which could allow local user... | | |
| CVE-2001-1536 | Autogalaxy stores usernames and passwords in cleartext in cookies, which makes it easier for remote ... | | |
| CVE-2001-1537 | The default "basic" security setting' in config.php for TWIG webmail 2.7.4 and earlier stores cleart... | | |
| CVE-2001-1538 | SpeedXess HA-120 DSL router has a default administrative password of "speedxess", which allows remot... | S | |
| CVE-2001-1539 | Stack consumption vulnerability in Internet Explorer The JavaScript settimeout function in Internet ... | | |
| CVE-2001-1540 | IPRoute 0.973, 0.974 and 1.18 allows remote attackers to cause a denial of service via fragmented IP... | | |
| CVE-2001-1541 | Buffer overflow in Unix-to-Unix Copy Protocol (UUCP) in BSDI BSD/OS 3.0 through 4.2 allows local use... | E | |
| CVE-2001-1542 | NAI WebShield SMTP 4.5 and possibly 4.5 MR1a does not filter improperly MIME encoded email attachmen... | | |
| CVE-2001-1543 | Axis network camera 2120, 2110, 2100, 200+ and 200 contains a default administration password "pass"... | | |
| CVE-2001-1544 | Directory traversal vulnerability in Macromedia JRun Web Server (JWS) 2.3.3, 3.0 and 3.1 allows remo... | S | |
| CVE-2001-1545 | Macromedia JRun 3.0 and 3.1 appends the jsessionid to URL requests (a.k.a. rewriting) when client br... | S | |
| CVE-2001-1546 | Pathways Homecare 6.5 uses weak encryption for user names and passwords, which allows local users to... | E | |
| CVE-2001-1547 | Outlook Express 6.0, with "Do not allow attachments to be saved or opened that could potentially be ... | | |
| CVE-2001-1548 | ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local users to bypass filtering via n... | E | |
| CVE-2001-1549 | Tiny Personal Firewall 1.0 and 2.0 allows local users to bypass filtering via non-standard TCP packe... | E | |
| CVE-2001-1550 | CentraOne 5.2 and Centra ASP with basic authentication enabled creates world-writable base64 encoded... | S | |
| CVE-2001-1551 | Linux kernel 2.2.19 enables CAP_SYS_RESOURCE for setuid processes, which allows local users to excee... | | |
| CVE-2001-1552 | ssdpsrv.exe in Windows ME allows remote attackers to cause a denial of service by sending multiple n... | | |
| CVE-2001-1553 | Buffer overflow in setiathome for SETI@home 3.03, if installed setuid, could allow local users to ex... | | |
| CVE-2001-1554 | IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote attackers to cause a denial of... | | |
| CVE-2001-1555 | pt_chmod in Solaris 8 does not call fdetach to reset terminal privileges when users log out of termi... | E S | |
| CVE-2001-1556 | The log files in Apache web server contain information directly supplied by clients and does not fil... | | |
| CVE-2001-1557 | Buffer overflow in ftpd in IBM AIX 4.3 and 5.1 allows attackers to gain privileges.... | | |
| CVE-2001-1558 | Unknown vulnerability in IP defragmenter (frag2) in Snort before 1.8.3 allows attackers to cause a d... | S | |
| CVE-2001-1559 | The uipc system calls (uipc_syscalls.c) in OpenBSD 2.9 and 3.0 provide user mode return instead of v... | E | |
| CVE-2001-1560 | Win32k.sys (aka Graphics Device Interface (GDI)) in Windows 2000 and XP allows local users to cause ... | E | |
| CVE-2001-1561 | Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long... | E S | |
| CVE-2001-1562 | Format string vulnerability in nvi before 1.79 allows local users to gain privileges via format stri... | S | |
| CVE-2001-1563 | Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to acce... | S | |
| CVE-2001-1564 | setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 does not properly enforce core... | | |
| CVE-2001-1565 | Point to Point Protocol daemon (pppd) in MacOS x 10.0 and 10.1 through 10.1.5 provides the username ... | | |
| CVE-2001-1566 | Format string vulnerability in libvanessa_logger 0.0.1 in Perdition 0.1.8 allows remote attackers to... | S | |
| CVE-2001-1567 | Lotus Domino server 5.0.9a and earlier allows remote attackers to bypass security restrictions and v... | | |
| CVE-2001-1568 | CMG WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from roo... | | |
| CVE-2001-1569 | Openwave WAP gateway does not verify the fully qualified domain name URL with X.509 certificates fro... | | |
| CVE-2001-1570 | Windows XP with fast user switching and account lockout enabled allows local users to deny user acco... | | |
| CVE-2001-1571 | The Remote Desktop client in Windows XP sends the most recent user account name in cleartext, which ... | | |
| CVE-2001-1572 | The MAC module in Netfilter in Linux kernel 2.4.1 through 2.4.11, when configured to filter based on... | E S | |
| CVE-2001-1573 | Buffer overflow in smtpscan.dll for Trend Micro InterScan VirusWall 3.51 for Windows NT has allows r... | S | |
| CVE-2001-1574 | Buffer overflow in (1) HttpSaveCVP.dll and (2) HttpSaveCSP.dll in Trend Micro InterScan VirusWall 3.... | S | |
| CVE-2001-1575 | Apple Personal Web Sharing (PWS) 1.1, 1.5, and 1.5.5, when Web Sharing authentication is enabled, al... | | |
| CVE-2001-1576 | Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a com... | S | |
| CVE-2001-1577 | Unknown vulnerability in CDE in Caldera OpenUnix 7.1.0, 7.1.1, and 8.0 allows an xterm session to ga... | S | |
| CVE-2001-1578 | Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical info... | S | |
| CVE-2001-1579 | The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain st... | S | |
| CVE-2001-1580 | Directory traversal vulnerability in ScriptEase viewcode.jse for Netware 5.1 before 5.1 SP3 allows r... | E S | |
| CVE-2001-1581 | The File Blocker feature in Clearswift MAILsweeper for SMTP 4.2 allows remote attackers to bypass e-... | | |
| CVE-2001-1582 | Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users t... | E S | |
| CVE-2001-1583 | lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands v... | E | |
| CVE-2001-1584 | CardBoard 2.4 greeting card CGI by Michael Barretto allows remote attackers to execute arbitrary com... | | |
| CVE-2001-1585 | SSH protocol 2 (aka SSH-2) public key authentication in the development snapshot of OpenSSH 2.3.1, a... | S | |
| CVE-2001-1586 | Directory traversal vulnerability in SimpleServer:WWW 1.13 and earlier allows remote attackers to ex... | E | |
| CVE-2001-1587 | NWFTPD.nlm before 5.01w in the FTP server in Novell NetWare allows remote attackers to cause a denia... | | |
| CVE-2001-1588 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2001-1589 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2001-1590 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2001-1591 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2001-1592 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2001-1593 | The tempname_ensure function in lib/routines.h in a2ps 4.14 and earlier, as used by the spy_user fun... | | |
| CVE-2001-1594 | GE Healthcare eNTEGRA P&R has a password of (1) entegra for the entegra user, (2) passme for the sup... | |