|
357101
|
2.1 |
LOW
|
cryptocard
|
cryptoadmin
|
CRYPTOCard CryptoAdmin for PalmOS uses weak encryption to store a user's PIN number, which allows an attacker with access to the .PDB file to generate valid PT-1 tokens after cracking the PIN.
|
NVD-CWE-Other
|
CVE-2000-0275
|
2008-09-11 04:03 |
2000-04-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357102
|
5.0 |
MEDIUM
|
saleslogix
|
corporation_eviewer
|
The SalesLogix Eviewer allows remote attackers to cause a denial of service by accessing the URL for the slxweb.dll administration program, which does not authenticate the user.
|
NVD-CWE-Other
|
CVE-2000-0278
|
2008-09-11 04:03 |
2000-08-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357103
|
5.0 |
MEDIUM
|
be
|
beos
|
BeOS allows remote attackers to cause a denial of service via malformed packets whose length field is less than the length of the headers.
|
NVD-CWE-Other
|
CVE-2000-0279
|
2008-09-11 04:03 |
2000-04-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357104
|
5.0 |
MEDIUM
|
talentsoft
|
web\+
|
TalentSoft webpsvr daemon in the Web+ shopping cart application allows remote attackers to read arbitrary files via a .. (dot dot) attack on the webplus CGI program.
|
NVD-CWE-Other
|
CVE-2000-0282
|
2008-09-11 04:03 |
2000-04-12 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357105
|
7.2 |
HIGH
|
ibm
|
aix
|
dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and earlier does not properly check privileges, which allows local users to overwrite arbitrary files and gain privileges.
|
NVD-CWE-Other
|
CVE-1999-1552
|
2008-09-11 04:02 |
1994-07-20 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357106
|
7.2 |
HIGH
|
nortel
|
optivity_net_architect
|
The bna_pass program in Optivity NETarchitect uses the PATH environmental variable for finding the "rm" program, which allows local users to execute arbitrary commands.
|
NVD-CWE-Other
|
CVE-2000-0009
|
2008-09-11 04:02 |
1999-12-29 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357107
|
7.5 |
HIGH
|
analogx
|
simpleserver_www
|
Buffer overflow in AnalogX SimpleServer:WWW HTTP server allows remote attackers to execute commands via a long GET request.
|
NVD-CWE-Other
|
CVE-2000-0011
|
2008-09-11 04:02 |
1999-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357108
|
10.0 |
HIGH
|
hughes
|
msql
|
Buffer overflow in w3-msql CGI program in miniSQL package allows remote attackers to execute commands.
|
NVD-CWE-Other
|
CVE-2000-0012
|
2008-09-11 04:02 |
1999-12-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357109
|
7.2 |
HIGH
|
sgi
|
irix
|
IRIX soundplayer program allows local users to gain privileges by including shell metacharacters in a .wav file, which is executed via the midikeys program.
|
NVD-CWE-Other
|
CVE-2000-0013
|
2008-09-11 04:02 |
1999-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357110
|
5.0 |
MEDIUM
|
michael_lamont
|
savant_webserver
|
Denial of service in Savant web server via a null character in the requested URL.
|
NVD-CWE-Other
|
CVE-2000-0014
|
2008-09-11 04:02 |
1999-12-28 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357111
|
4.6 |
MEDIUM
|
ascend
|
cascadeview_ux
|
CascadeView TFTP server allows local users to gain privileges via a symlink attack.
|
NVD-CWE-Other
|
CVE-2000-0015
|
2008-09-11 04:02 |
1999-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357112
|
5.0 |
MEDIUM
|
true_north
|
internet_anywhere_mail_server
|
Buffer overflow in Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service or execute commands via a long username.
|
NVD-CWE-Other
|
CVE-2000-0016
|
2008-09-11 04:02 |
1999-10-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357113
|
7.2 |
HIGH
|
windowmaker
|
wmmon
|
wmmon in FreeBSD allows local users to gain privileges via the .wmmonrc configuration file.
|
NVD-CWE-Other
|
CVE-2000-0018
|
2008-09-11 04:02 |
1999-12-22 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357114
|
5.0 |
MEDIUM
|
lotus
|
domino_server
|
Lotus Domino HTTP server allows remote attackers to determine the real path of the server via a request to a non-existent script in /cgi-bin.
|
NVD-CWE-Other
|
CVE-2000-0021
|
2008-09-11 04:02 |
1999-12-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357115
|
5.0 |
MEDIUM
|
lotus
|
domino_server
|
Lotus Domino HTTP server does not properly disable anonymous access for the cgi-bin directory.
|
NVD-CWE-Other
|
CVE-2000-0022
|
2008-09-11 04:02 |
1999-12-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357116
|
5.0 |
MEDIUM
|
lotus
|
domino_server
|
Buffer overflow in Lotus Domino HTTP server allows remote attackers to cause a denial of service via a long URL.
|
NVD-CWE-Other
|
CVE-2000-0023
|
2008-09-11 04:02 |
1999-12-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357117
|
6.2 |
MEDIUM
|
ibm
|
network_station_manager
|
IBM Network Station Manager NetStation allows local users to gain privileges via a symlink attack.
|
NVD-CWE-Other
|
CVE-2000-0027
|
2008-09-11 04:02 |
1999-12-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357118
|
5.0 |
MEDIUM
|
trend_micro
|
interscan_viruswall
|
InterScan VirusWall SMTP scanner does not properly scan messages with malformed attachments.
|
NVD-CWE-Other
|
CVE-2000-0033
|
2008-09-11 04:02 |
1999-12-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357119
|
5.0 |
MEDIUM
|
altavista
|
search_intranet
|
AltaVista search engine allows remote attackers to read files above the document root via a .. (dot dot) in the query.cgi CGI program.
|
NVD-CWE-Other
|
CVE-2000-0039
|
2008-09-11 04:02 |
1999-12-29 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357120
|
10.0 |
HIGH
|
csm
|
mail_server
|
Buffer overflow in CSM mail server allows remote attackers to cause a denial of service or execute commands via a long HELO command.
|
NVD-CWE-Other
|
CVE-2000-0042
|
2008-09-11 04:02 |
1999-12-29 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357121
|
7.5 |
HIGH
|
camshot
|
webcam_http_server
|
Buffer overflow in CamShot WebCam HTTP server allows remote attackers to execute commands via a long GET request.
|
NVD-CWE-Other
|
CVE-2000-0043
|
2008-09-11 04:02 |
1999-12-30 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357122
|
10.0 |
HIGH
|
jgaa
|
warftpd
|
Macros in War FTP 1.70 and 1.67b2 allow local or remote attackers to read arbitrary files or execute commands.
|
NVD-CWE-Other
|
CVE-2000-0044
|
2008-09-11 04:02 |
2000-01-6 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357123
|
7.5 |
HIGH
|
mirabilis
|
icq
|
Buffer overflow in ICQ 99b 1.1.1.1 client allows remote attackers to execute commands via a malformed URL within an ICQ message.
|
NVD-CWE-Other
|
CVE-2000-0046
|
2008-09-11 04:02 |
2000-01-10 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357124
|
7.2 |
HIGH
|
corel
|
linux
|
get_it program in Corel Linux Update allows local users to gain root access by specifying an alternate PATH for the cp program.
|
NVD-CWE-Other
|
CVE-2000-0048
|
2008-09-11 04:02 |
2000-01-12 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357125
|
7.2 |
HIGH
|
nullsoft
|
winamp
|
Buffer overflow in Winamp client allows remote attackers to execute commands via a long entry in a .pls file.
|
NVD-CWE-Other
|
CVE-2000-0049
|
2008-09-11 04:02 |
2000-01-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357126
|
4.6 |
MEDIUM
|
allaire
|
spectra
|
The Allaire Spectra Webtop allows authenticated users to access other Webtop sections by specifying explicit URLs.
|
NVD-CWE-Other
|
CVE-2000-0050
|
2008-09-11 04:02 |
2000-01-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357127
|
5.0 |
MEDIUM
|
allaire
|
spectra
|
The Allaire Spectra Configuration Wizard allows remote attackers to cause a denial of service by repeatedly resubmitting data collections for indexing via a URL.
|
NVD-CWE-Other
|
CVE-2000-0051
|
2008-09-11 04:02 |
2000-01-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357128
|
7.2 |
HIGH
|
mandrakesoft
redhat
turbolinux
|
mandrake_linux
linux
turbolinux
|
Red Hat userhelper program in the usermode package allows local users to gain root access via PAM and a .. (dot dot) attack.
|
NVD-CWE-Other
|
CVE-2000-0052
|
2008-09-11 04:02 |
2000-01-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357129
|
5.0 |
MEDIUM
|
solution_scripts
|
home_free
|
search.cgi in the SolutionScripts Home Free package allows remote attackers to view directories via a .. (dot dot) attack.
|
NVD-CWE-Other
|
CVE-2000-0054
|
2008-09-11 04:02 |
1999-01-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357130
|
5.0 |
MEDIUM
|
ipswitch
|
imail
|
IMail IMONITOR status.cgi CGI script allows remote attackers to cause a denial of service with many calls to status.cgi.
|
NVD-CWE-Other
|
CVE-2000-0056
|
2008-09-11 04:02 |
2000-01-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357131
|
7.5 |
HIGH
|
allaire
|
coldfusion_server
|
Cold Fusion CFCACHE tag places temporary cache files within the web document root, allowing remote attackers to obtain sensitive system information.
|
NVD-CWE-Other
|
CVE-2000-0057
|
2008-09-11 04:02 |
2000-01-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357132
|
5.0 |
MEDIUM
|
handspring
|
visor_network_hotsync
|
Network HotSync program in Handspring Visor does not have authentication, which allows remote attackers to retrieve email and files.
|
NVD-CWE-Other
|
CVE-2000-0058
|
2008-09-11 04:02 |
2000-01-5 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357133
|
10.0 |
HIGH
|
php
|
php
|
PHP3 with safe_mode enabled does not properly filter shell metacharacters from commands that are executed by popen, which could allow remote attackers to execute commands.
|
NVD-CWE-Other
|
CVE-2000-0059
|
2008-09-11 04:02 |
2000-01-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357134
|
5.0 |
MEDIUM
|
nortel
|
contivity
|
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to read arbitrary files by specifying the filename in a parameter to the script.
|
NVD-CWE-Other
|
CVE-2000-0063
|
2008-09-11 04:02 |
2000-01-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357135
|
5.0 |
MEDIUM
|
nortel
|
contivity
|
cgiproc CGI script in Nortel Contivity HTTP server allows remote attackers to cause a denial of service via a malformed URL that includes shell metacharacters.
|
NVD-CWE-Other
|
CVE-2000-0064
|
2008-09-11 04:02 |
2000-01-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357136
|
5.0 |
MEDIUM
|
nosque
|
msgcore
|
Super Mail Transfer Package (SMTP), later called MsgCore, has a memory leak which allows remote attackers to cause a denial of service by repeating multiple HELO, MAIL FROM, RCPT TO, and DATA command…
|
NVD-CWE-Other
|
CVE-2000-0075
|
2008-09-11 04:02 |
2000-01-13 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357137
|
7.5 |
HIGH
|
w3c
|
cern_httpd
|
The W3C CERN httpd HTTP server allows remote attackers to determine the real pathnames of some commands via a request for a nonexistent URL.
|
NVD-CWE-Other
|
CVE-2000-0079
|
2008-09-11 04:02 |
2000-01-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357138
|
4.6 |
MEDIUM
|
hp
|
hp-ux
|
HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local users to cause a denial of service or gain additional privileges.
|
NVD-CWE-Other
|
CVE-2000-0083
|
2008-09-11 04:02 |
2000-04-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357139
|
5.0 |
MEDIUM
|
netopia
|
timbuktu_pro
|
Netopia Timbuktu Pro sends user IDs and passwords in cleartext, which allows remote attackers to obtain them via sniffing.
|
NVD-CWE-Other
|
CVE-2000-0086
|
2008-09-11 04:02 |
2000-01-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357140
|
3.6 |
LOW
|
vmware
|
workstation
|
VMWare 1.1.2 allows local users to cause a denial of service via a symlink attack.
|
NVD-CWE-Other
|
CVE-2000-0090
|
2008-09-11 04:02 |
2000-01-17 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357141
|
10.0 |
HIGH
|
inter7
|
vpopmail
|
Buffer overflow in vchkpw/vpopmail POP authentication package allows remote attackers to gain root privileges via a long username or password.
|
NVD-CWE-Other
|
CVE-2000-0091
|
2008-09-11 04:02 |
2000-01-21 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357142
|
5.0 |
MEDIUM
|
hp
|
hp-ux
|
The PMTU discovery procedure used by HP-UX 10.30 and 11.00 for determining the optimum MTU generates large amounts of traffic in response to small packets, allowing remote attackers to cause the syst…
|
NVD-CWE-Other
|
CVE-2000-0095
|
2008-09-11 04:02 |
2000-01-24 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357143
|
7.2 |
HIGH
|
qualcomm
|
qpopper
|
Buffer overflow in qpopper 3.0 beta versions allows local users to gain privileges via a long LIST command.
|
NVD-CWE-Other
|
CVE-2000-0096
|
2008-09-11 04:02 |
2000-01-26 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357144
|
5.0 |
MEDIUM
|
microsoft
|
outlook_express
|
Outlook Express 5.01 and Internet Explorer 5.01 allow remote attackers to view a user's email messages via a script that accesses a variable that references subsequent email messages that are read by…
|
NVD-CWE-Other
|
CVE-2000-0105
|
2008-09-11 04:02 |
2000-02-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357145
|
7.2 |
HIGH
|
debian
|
debian_linux
|
Linux apcd program allows local attackers to modify arbitrary files via a symlink attack.
|
NVD-CWE-Other
|
CVE-2000-0107
|
2008-09-11 04:02 |
2000-02-1 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357146
|
7.5 |
HIGH
|
avt
|
rightfax
|
The RightFax web client uses predictable session numbers, which allows remote attackers to hijack user sessions.
|
NVD-CWE-Other
|
CVE-2000-0111
|
2008-09-11 04:02 |
2000-01-29 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357147
|
7.5 |
HIGH
|
checkpoint
|
firewall-1
|
Firewall-1 does not properly filter script tags, which allows remote attackers to bypass the "Strip Script Tags" restriction by including an extra < in front of the SCRIPT tag.
|
NVD-CWE-Other
|
CVE-2000-0116
|
2008-09-11 04:02 |
2000-01-29 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357148
|
7.2 |
HIGH
|
sun
|
cobalt_raq
cobalt_raq_2
cobalt_raq_3i
|
The siteUserMod.cgi program in Cobalt RaQ2 servers allows any Site Administrator to modify passwords for other users, site administrators, and possibly admin (root).
|
NVD-CWE-Other
|
CVE-2000-0117
|
2008-09-11 04:02 |
2000-01-30 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357149
|
2.1 |
LOW
|
surfcontrol
|
superscout
|
surfCONTROL SuperScout does not properly asign a category to web sites with a . (dot) at the end, which may allow users to bypass web access restrictions.
|
NVD-CWE-Other
|
CVE-2000-0124
|
2008-09-11 04:02 |
2000-02-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
357150
|
7.5 |
HIGH
|
progress
|
webspeed
|
The Webspeed configuration program does not properly disable access to the WSMadmin utility, which allows remote attackers to gain privileges via wsisa.dll.
|
NVD-CWE-Other
|
CVE-2000-0127
|
2008-09-11 04:02 |
2000-02-3 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
