|
359351
|
3.7 |
LOW
|
sendmail
|
sendmail
|
Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local users to cause a denial of service and possibly corrupt the heap and gain privileges via race conditions in signal handlers.
|
NVD-CWE-Other
|
CVE-2001-1349
|
2008-09-6 05:26 |
2001-05-28 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359352
|
10.0 |
HIGH
|
netwin
|
surgeftp
|
NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allows remote attackers to conduct brute force password guessing attacks a…
|
NVD-CWE-Other
|
CVE-2001-1356
|
2008-09-6 05:26 |
2001-08-4 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359353
|
7.5 |
HIGH
|
phpheaven
|
phpmychat
|
Multiple vulnerabilities in phpMyChat before 0.14.5 exist in (1) input.php3, (2) handle_inputH.php3, or (3) index.lib.php3 with unknown consequences, possibly related to user spoofing or improperly i…
|
NVD-CWE-Other
|
CVE-2001-1357
|
2008-09-6 05:26 |
2001-02-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359354
|
7.2 |
HIGH
|
phpheaven
|
phpmychat
|
Vulnerabilities in phpMyChat before 0.14.4 allow local and possibly remote attackers to gain privileges by specifying an alternate library file in the L (localization) parameter.
|
NVD-CWE-Other
|
CVE-2001-1358
|
2008-09-6 05:26 |
2001-02-7 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359355
|
7.2 |
HIGH
|
mostang
|
sane
|
Vulnerability in Scanner Access Now Easy (SANE) before 1.0.5, related to pnm and saned.
|
NVD-CWE-Other
|
CVE-2001-1360
|
2008-09-6 05:26 |
2001-07-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359356
|
7.5 |
HIGH
|
twig_development_team
|
twig
|
Vulnerability in The Web Information Gateway (TWIG) 2.7.1, possibly related to incorrect security rights and/or the generation of mailto links.
|
NVD-CWE-Other
|
CVE-2001-1361
|
2008-09-6 05:26 |
2001-07-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359357
|
7.5 |
HIGH
|
horsburgh
|
npulse
|
Vulnerability in the server for nPULSE before 0.53p4.
|
NVD-CWE-Other
|
CVE-2001-1362
|
2008-09-6 05:26 |
2001-07-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359358
|
10.0 |
HIGH
|
phpwebsite_development_team
|
phpwebsite
|
Vulnerability in phpWebSite before 0.7.9 related to running multiple instances in the same domain, which may allow attackers to gain administrative privileges.
|
NVD-CWE-Other
|
CVE-2001-1363
|
2008-09-6 05:26 |
2001-07-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359359
|
7.5 |
HIGH
|
project_purple
|
autodns
|
Vulnerability in autodns.pl for AutoDNS before 0.0.4 related to domain names that are not fully qualified.
|
NVD-CWE-Other
|
CVE-2001-1364
|
2008-09-6 05:26 |
2001-07-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359360
|
7.5 |
HIGH
|
osi_codes_inc.
|
intragnat
|
Vulnerability in IntraGnat before 1.4.
|
NVD-CWE-Other
|
CVE-2001-1365
|
2008-09-6 05:26 |
2001-07-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359361
|
5.0 |
MEDIUM
|
netscript_project
|
netscript
|
netscript before 1.6.3 parses dynamic variables, which could allow remote attackers to alter program behavior or obtain sensitive information.
|
NVD-CWE-Other
|
CVE-2001-1366
|
2008-09-6 05:26 |
2001-07-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359362
|
4.6 |
MEDIUM
|
conectiva
redhat
|
linux
|
tcl/tk package (tcltk) 8.3.1 searches for its libraries in the current working directory before other directories, which could allow local users to execute arbitrary code via a Trojan horse library t…
|
NVD-CWE-Other
|
CVE-2001-1375
|
2008-09-6 05:26 |
2001-07-19 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359363
|
5.0 |
MEDIUM
|
openbsd
|
openssh
|
The "echo simulation" traffic analysis countermeasure in OpenSSH before 2.9.9p2 sends an additional echo packet after the password and carriage return is entered, which could allow remote attackers t…
|
NVD-CWE-Other
|
CVE-2001-1382
|
2008-09-6 05:26 |
2001-09-27 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359364
|
5.1 |
MEDIUM
|
aol
|
instant_messenger
|
Multiple cross-site scripting (XSS) vulnerabilities in the log messages in certain Alpha versions of AOL Instant Messenger (AIM) 4.4 allow remote attackers to execute arbitrary web script or HTML via…
|
NVD-CWE-Other
|
CVE-2001-1416
|
2008-09-6 05:26 |
2001-01-18 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359365
|
4.6 |
MEDIUM
|
surfcontrol
|
superscout_web_filter
|
SurfControl SuperScout only filters packets containing both an HTTP GET request and a Host header, which allows local users to bypass filtering by fragmenting packets so that no packet contains both …
|
NVD-CWE-Other
|
CVE-2001-1465
|
2008-09-6 05:26 |
2002-02-26 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359366
|
5.0 |
MEDIUM
|
macromedia
|
jrun
|
Allaire JRun 2.3.3, 3.0 and 3.1 running on IIS 4.0 and 5.0, iPlanet, Apache, JRun web server (JWS), and possibly other web servers allows remote attackers to read arbitrary files and directories by a…
|
NVD-CWE-Other
|
CVE-2001-1510
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359367
|
5.0 |
MEDIUM
|
macromedia
|
jrun
|
JRun 3.0 and 3.1 running on JRun Web Server (JWS) and IIS allows remote attackers to read arbitrary JavaServer Pages (JSP) source code via a request URL containing the source filename ending in (1) "…
|
NVD-CWE-Other
|
CVE-2001-1511
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359368
|
10.0 |
HIGH
|
macromedia
|
coldfusion
|
ColdFusion 4.5 and 5, when running on Windows with the advanced security sandbox type set to "operating system," does not properly pass security context to (1) child processes created with <CFEXECUTE…
|
NVD-CWE-Other
|
CVE-2001-1514
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359369
|
4.3 |
MEDIUM
|
hans_wolters
|
phpreview
|
Cross-site scripting (XSS) vulnerability in phpReview 0.9.0 rc2 and earlier allows remote attackers to inject arbitrary web script or HTML via user-submitted reviews.
|
NVD-CWE-Other
|
CVE-2001-1516
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359370
|
2.1 |
LOW
|
intel
|
xircom_rex_6000
|
Xircom REX 6000 allows local users to obtain the 10 digit PIN by starting a serial monitor, connecting to the personal digital assistant (PDA) via Rextools, and capturing the cleartext PIN.
|
NVD-CWE-Other
|
CVE-2001-1520
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359371
|
4.3 |
MEDIUM
|
francisco_burzi
|
php-nuke
|
Cross-site scripting (XSS) vulnerability in im.php in IMessenger for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via a message.
|
NVD-CWE-Other
|
CVE-2001-1522
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359372
|
4.3 |
MEDIUM
|
dmozgateway
|
dmozgateway
|
Cross-site scripting (XSS) vulnerability in the DMOZGateway module for PHP-Nuke allows remote attackers to inject arbitrary web script or HTML via the topic parameter.
|
NVD-CWE-Other
|
CVE-2001-1523
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359373
|
5.0 |
MEDIUM
|
easyscripts
|
easynews
|
Directory traversal vulnerability in the comments action in easyNews 1.5 and earlier allows remote attackers to modify news.dat, template.dat and possibly other files via a ".." in the cid parameter.
|
NVD-CWE-Other
|
CVE-2001-1525
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359374
|
4.3 |
MEDIUM
|
easyscripts
|
easynews
|
Cross-site scripting (XSS) vulnerability in the comments action in index.php in easyNews 1.5 and earlier allows remote attackers to inject arbitrary web script or HTML via the zeit parameter.
|
NVD-CWE-Other
|
CVE-2001-1526
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359375
|
7.5 |
HIGH
|
ibm
|
aix
|
Buffer overflow in rpc.yppasswdd (yppasswd server) in AIX allows attackers to gain unauthorized access via a long string. NOTE: due to lack of details in the vendor advisory, it is not clear if this…
|
NVD-CWE-Other
|
CVE-2001-1529
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359376
|
4.6 |
MEDIUM
|
webmin
|
webmin
|
run.cgi in Webmin 0.80 and 0.88 creates temporary files with world-writable permissions, which allows local users to execute arbitrary commands.
|
NVD-CWE-Other
|
CVE-2001-1530
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359377
|
7.5 |
HIGH
|
apple
|
claris_emailer
|
Buffer overflow in Claris Emailer 2.0v2 allows remote attackers to cause a denial of service and possibly execute arbitrary code via an email attachment with a long filename.
|
NVD-CWE-Other
|
CVE-2001-1531
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359378
|
5.0 |
MEDIUM
|
web_crossing
|
webx
|
WebX stores authentication information in the HTTP_REFERER variable, which is included in URL links within bulletin board messages posted by users, which could allow remote attackers to hijack user s…
|
NVD-CWE-Other
|
CVE-2001-1532
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359379
|
4.6 |
MEDIUM
|
open_source_development_network
|
slashcode
|
Slashcode 2.0 creates new accounts with an 8-character random password, which could allow local users to obtain session ID's from cookies and gain unauthorized access via a brute force attack.
|
NVD-CWE-Other
|
CVE-2001-1535
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359380
|
7.5 |
HIGH
|
speedxess
|
ha-120_dsl_router
|
SpeedXess HA-120 DSL router has a default administrative password of "speedxess", which allows remote attackers to gain access.
|
NVD-CWE-Other
|
CVE-2001-1538
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359381
|
5.0 |
MEDIUM
|
david_f._mischler
|
iproute
|
IPRoute 0.973, 0.974 and 1.18 allows remote attackers to cause a denial of service via fragmented IP packets that split the TCP header.
|
NVD-CWE-Other
|
CVE-2001-1540
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359382
|
7.2 |
HIGH
|
bsdi
|
bsd_os
|
Buffer overflow in Unix-to-Unix Copy Protocol (UUCP) in BSDI BSD/OS 3.0 through 4.2 allows local users to execute arbitrary code via a long command line argument.
|
NVD-CWE-Other
|
CVE-2001-1541
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359383
|
7.5 |
HIGH
|
axis
|
2100_network_camera
2110_network_camera
2120_network_camera
neteye_200
neteye_200\+
|
Axis network camera 2120, 2110, 2100, 200+ and 200 contains a default administration password "pass", which allows remote attackers to gain access to the camera.
|
NVD-CWE-Other
|
CVE-2001-1543
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359384
|
5.0 |
MEDIUM
|
macromedia
|
jrun
|
Directory traversal vulnerability in Macromedia JRun Web Server (JWS) 2.3.3, 3.0 and 3.1 allows remote attackers to read arbitrary files via a .. (dot dot) in the HTTP GET request.
|
NVD-CWE-Other
|
CVE-2001-1544
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359385
|
5.0 |
MEDIUM
|
macromedia
|
jrun
|
Macromedia JRun 3.0 and 3.1 appends the jsessionid to URL requests (a.k.a. rewriting) when client browsers have cookies enabled, which allows remote attackers to obtain session IDs and hijack session…
|
NVD-CWE-Other
|
CVE-2001-1545
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359386
|
7.5 |
HIGH
|
microsoft
|
outlook_express
|
Outlook Express 6.0, with "Do not allow attachments to be saved or opened that could potentially be a virus" enabled, does not block email attachments from forwarded messages, which could allow remot…
|
NVD-CWE-Other
|
CVE-2001-1547
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359387
|
2.1 |
LOW
|
zonelabs
|
zonealarm
|
ZoneAlarm 2.1 through 2.6 and ZoneAlarm Pro 2.4 and 2.6 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters.
|
NVD-CWE-Other
|
CVE-2001-1548
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359388
|
2.1 |
LOW
|
tiny_software
|
tiny_personal_firewall
|
Tiny Personal Firewall 1.0 and 2.0 allows local users to bypass filtering via non-standard TCP packets created with non-Windows protocol adapters.
|
NVD-CWE-Other
|
CVE-2001-1549
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359389
|
2.1 |
LOW
|
linux
|
linux_kernel
|
Linux kernel 2.2.19 enables CAP_SYS_RESOURCE for setuid processes, which allows local users to exceed disk quota restrictions during execution of setuid programs.
|
NVD-CWE-Other
|
CVE-2001-1551
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359390
|
4.6 |
MEDIUM
|
university_of_california
|
seti_at_home
|
Buffer overflow in setiathome for SETI@home 3.03, if installed setuid, could allow local users to execute arbitrary code via long command line options (1) socks_server, (2) socks_user, and (3) socks_…
|
NVD-CWE-Other
|
CVE-2001-1553
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359391
|
5.0 |
MEDIUM
|
ibm
|
aix
|
IBM AIX 430 does not properly unlock IPPMTU_LOCK, which allows remote attackers to cause a denial of service (hang) via Path Maximum Transmit Unit (PMTU) IP packets.
|
NVD-CWE-Other
|
CVE-2001-1554
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359392
|
7.5 |
HIGH
|
ibm
|
aix
|
Buffer overflow in ftpd in IBM AIX 4.3 and 5.1 allows attackers to gain privileges.
|
NVD-CWE-Other
|
CVE-2001-1557
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359393
|
5.0 |
MEDIUM
|
snort
|
snort
|
Unknown vulnerability in IP defragmenter (frag2) in Snort before 1.8.3 allows attackers to cause a denial of service (crash).
|
NVD-CWE-Other
|
CVE-2001-1558
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359394
|
7.2 |
HIGH
|
john_bovey
debian
|
xvt
debian_linux
|
Buffer overflow in Xvt 2.1 in Debian Linux 2.2 allows local users to execute arbitrary code via long (1) -name and (2) -T arguments.
|
NVD-CWE-Other
|
CVE-2001-1561
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359395
|
2.1 |
LOW
|
apple
|
mac_os_x
|
Point to Point Protocol daemon (pppd) in MacOS x 10.0 and 10.1 through 10.1.5 provides the username and password on the command line, which allows local users to obtain authentication information via…
|
NVD-CWE-Other
|
CVE-2001-1565
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359396
|
7.5 |
HIGH
|
vanessa
verge
|
vanessa_logger
perdition
|
Format string vulnerability in libvanessa_logger 0.0.1 in Perdition 0.1.8 allows remote attackers to execute arbitrary code via format string specifiers in the __vanessa_logger_log function.
|
NVD-CWE-Other
|
CVE-2001-1566
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359397
|
6.4 |
MEDIUM
|
cmg
|
wap_gateway
|
CMG WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in-the…
|
NVD-CWE-Other
|
CVE-2001-1568
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359398
|
6.4 |
MEDIUM
|
cmg
|
openwave_wap_gateway
|
Openwave WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-i…
|
NVD-CWE-Other
|
CVE-2001-1569
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359399
|
2.1 |
LOW
|
microsoft
|
windows_xp
|
Windows XP with fast user switching and account lockout enabled allows local users to deny user account access by setting the fast user switch to the same user (self) multiple times, which causes oth…
|
NVD-CWE-Other
|
CVE-2001-1570
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
359400
|
5.0 |
MEDIUM
|
microsoft
|
windows_xp
|
The Remote Desktop client in Windows XP sends the most recent user account name in cleartext, which could allow remote attackers to obtain terminal server user account names via sniffing.
|
NVD-CWE-Other
|
CVE-2001-1571
|
2008-09-6 05:26 |
2001-12-31 |
表示
|
GitHub
Exploit DB
Packet Storm
|
|
|
