|
306701
|
- |
|
wolfram_schneider
|
makewhatis
|
makewhatis in the man package before 1.5i2 allows an attacker in group man to overwrite arbitrary files via a man page whose name contains shell metacharacters.
|
NVD-CWE-Other
|
CVE-2001-1277
|
2016-10-18 11:14 |
2001-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306702
|
- |
|
mirabilis
|
icq
|
ICQ 2001a Alpha and earlier allows remote attackers to automatically add arbitrary UINs to an ICQ user's contact list via a URL to a web page with a Content-Type of application/x-icq, which is proces…
|
NVD-CWE-Other
|
CVE-2001-1305
|
2016-10-18 11:14 |
2001-08-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306703
|
- |
|
phpslash
|
phpslash
|
Block_render_url.class in PHPSlash 0.6.1 allows remote attackers with PHPSlash administrator privileges to read arbitrary files by creating a block and specifying the target file as the source URL.
|
NVD-CWE-Other
|
CVE-2001-1334
|
2016-10-18 11:14 |
2002-05-19 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306704
|
- |
|
namazu
|
namazu
|
Cross-site scripting vulnerability in namazu.cgi for Namazu 2.0.7 and earlier allows remote attackers to execute arbitrary Javascript as other web users via the lang parameter.
|
NVD-CWE-Other
|
CVE-2001-1350
|
2016-10-18 11:14 |
2001-11-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306705
|
- |
|
aladdin_enterprises
|
ghostscript
|
ghostscript before 6.51 allows local users to read and write arbitrary files as the 'lp' user via the file operator, even with -dSAFER enabled.
|
NVD-CWE-Other
|
CVE-2001-1353
|
2016-10-18 11:14 |
2001-09-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306706
|
- |
|
phplib_team
|
phplib
|
prepend.php3 in PHPLib before 7.2d, when register_globals is enabled for PHP, allows remote attackers to execute arbitrary scripts via an HTTP request that modifies $_PHPLIB[libdir] to point to malic…
|
NVD-CWE-Other
|
CVE-2001-1370
|
2016-10-18 11:14 |
2001-07-21 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306707
|
- |
|
oracle
|
application_server
|
The default configuration of Oracle Application Server 9iAS 1.0.2.2 enables SOAP and allows anonymous users to deploy applications by default via urn:soap-service-manager and urn:soap-provider-manage…
|
NVD-CWE-noinfo
CWE-264
Permissions, Privileges, and Access Controls
|
CVE-2001-1371
|
2016-10-18 11:14 |
2002-02-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306708
|
- |
|
linux
|
linux_kernel
|
ptrace in Linux 2.2.x through 2.2.19, and 2.4.x through 2.4.9, allows local users to gain root privileges by running ptrace on a setuid or setgid program that itself calls an unprivileged program, su…
|
NVD-CWE-Other
|
CVE-2001-1384
|
2016-10-18 11:14 |
2001-10-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306709
|
- |
|
php
mandrakesoft
|
php
mandrake_linux
|
The Apache module for PHP 4.0.0 through PHP 4.0.4, when disabled with the 'engine = off' option for a virtual host, may disable PHP for other virtual hosts, which could cause Apache to serve the sour…
|
NVD-CWE-Other
|
CVE-2001-1385
|
2016-10-18 11:14 |
2001-01-12 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
306710
|
- |
|
xinetd
|
xinetd
|
Multiple vulnerabilities in xinetd 2.3.0 and earlier, and additional variants until 2.3.3, may allow remote attackers to cause a denial of service or execute arbitrary code, primarily via buffer over…
|
NVD-CWE-Other
|
CVE-2001-1389
|
2016-10-18 11:14 |
2001-08-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
