Total
262196 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2000-0949 | 2 Lbl, Sun | 2 Lbl Traceroute, Sunos | 2024-08-08 | N/A |
Heap overflow in savestr function in LBNL traceroute 1.4a5 and earlier allows a local user to execute arbitrary commands via the -g option. | ||||
CVE-2000-0921 | 1 Hassan Consulting | 1 Shopping Cart | 2024-08-08 | N/A |
Directory traversal vulnerability in Hassan Consulting shop.cgi shopping cart program allows remote attackers to read arbitrary files via a .. (dot dot) attack on the page parameter. | ||||
CVE-2000-1024 | 1 Unify | 1 Ewave Servletexec | 2024-08-08 | N/A |
eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attackers to upload files and execute arbitrary commands. | ||||
CVE-2000-1030 | 1 Csandt | 1 Corporatetime For The Web | 2024-08-08 | N/A |
CS&T CorporateTime for the Web returns different error messages for invalid usernames and invalid passwords, which allows remote attackers to determine valid usernames on the server. | ||||
CVE-2000-1032 | 1 Checkpoint | 1 Firewall-1 | 2024-08-08 | N/A |
The client authentication interface for Check Point Firewall-1 4.0 and earlier generates different error messages for invalid usernames versus invalid passwords, which allows remote attackers to identify valid usernames on the firewall. | ||||
CVE-2000-1028 | 1 Hp | 1 Hp-ux | 2024-08-08 | N/A |
Buffer overflow in cu program in HP-UX 11.0 may allow local users to gain privileges via a long -l command line argument. | ||||
CVE-2000-1034 | 1 Microsoft | 1 Windows 2000 | 2024-08-08 | N/A |
Buffer overflow in the System Monitor ActiveX control in Windows 2000 allows remote attackers to execute arbitrary commands via a long LogFileName parameter in HTML source code, aka the "ActiveX Parameter Validation" vulnerability. | ||||
CVE-2000-0969 | 1 Valve Software | 1 Half-life Dedicated Server | 2024-08-08 | N/A |
Format string vulnerability in Half Life dedicated server build 3104 and earlier allows remote attackers to execute arbitrary commands by injecting format strings into the changelevel command, via the system console or rcon. | ||||
CVE-2000-1018 | 1 Mendel Cooper | 1 Shred | 2024-08-08 | N/A |
shred 1.0 file wiping utility does not properly open a file for overwriting or flush its buffers, which prevents shred from properly replacing the file's data and allows local users to recover the file. | ||||
CVE-2000-0984 | 1 Cisco | 1 Ios | 2024-08-08 | N/A |
The HTTP server in Cisco IOS 12.0 through 12.1 allows local users to cause a denial of service (crash and reload) via a URL containing a "?/" string. | ||||
CVE-2000-0992 | 2 Openbsd, Ssh | 2 Openssh, Ssh | 2024-08-08 | N/A |
Directory traversal vulnerability in scp in sshd 1.2.xx allows a remote malicious scp server to overwrite arbitrary files via a .. (dot dot) attack. | ||||
CVE-2000-0995 | 1 Openbsd | 1 Openbsd | 2024-08-08 | N/A |
Format string vulnerability in OpenBSD yp_passwd program (and possibly other BSD-based operating systems) allows attackers to gain root privileges a malformed name. | ||||
CVE-2000-1031 | 1 Hp | 2 Hp-ux, Tru64 | 2024-08-08 | N/A |
Buffer overflow in dtterm in HP-UX 11.0 and HP Tru64 UNIX 4.0f through 5.1a allows local users to execute arbitrary code via a long -tn option. | ||||
CVE-2000-0975 | 1 Anaconda Partners | 1 Foundation Directory | 2024-08-08 | N/A |
Directory traversal vulnerability in apexec.pl in Anaconda Foundation Directory allows remote attackers to read arbitrary files via a .. (dot dot) attack. | ||||
CVE-2000-0987 | 1 Oracle | 2 Internet Directory, Oracle8i | 2024-08-08 | N/A |
Buffer overflow in oidldapd in Oracle 8.1.6 allow local users to gain privileges via a long "connect" command line parameter. | ||||
CVE-2000-1017 | 1 Webteacher | 1 Webdata | 2024-08-08 | N/A |
Webteachers Webdata allows remote attackers with valid Webdata accounts to read arbitrary files by posting a request to import the file into the WebData database. | ||||
CVE-2000-0970 | 1 Microsoft | 2 Internet Information Server, Internet Information Services | 2024-08-08 | N/A |
IIS 4.0 and 5.0 .ASP pages send the same Session ID cookie for secure and insecure web sessions, which could allow remote attackers to hijack the secure web session of the user if that user moves to an insecure session, aka the "Session ID Cookie Marking" vulnerability. | ||||
CVE-2000-1033 | 1 Cat Soft | 1 Serv-u | 2024-08-08 | N/A |
Serv-U FTP Server allows remote attackers to bypass its anti-hammering feature by first logging on as a valid user (possibly anonymous) and then attempting to guess the passwords of other users. | ||||
CVE-2000-0993 | 3 Freebsd, Netbsd, Openbsd | 3 Freebsd, Netbsd, Openbsd | 2024-08-08 | N/A |
Format string vulnerability in pw_error function in BSD libutil library allows local users to gain root privileges via a malformed password in commands such as chpass or passwd. | ||||
CVE-2000-1040 | 1 Suse | 1 Suse Linux | 2024-08-08 | N/A |
Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service. |