Total
28799 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-1358 | 1 Phpheaven | 1 Phpmychat | 2008-09-05 | 7.2 HIGH | N/A |
Vulnerabilities in phpMyChat before 0.14.4 allow local and possibly remote attackers to gain privileges by specifying an alternate library file in the L (localization) parameter. | |||||
CVE-2001-1357 | 1 Phpheaven | 1 Phpmychat | 2008-09-05 | 7.5 HIGH | N/A |
Multiple vulnerabilities in phpMyChat before 0.14.5 exist in (1) input.php3, (2) handle_inputH.php3, or (3) index.lib.php3 with unknown consequences, possibly related to user spoofing or improperly initialized variables. | |||||
CVE-2001-1356 | 1 Netwin | 1 Surgeftp | 2008-09-05 | 10.0 HIGH | N/A |
NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allows remote attackers to conduct brute force password guessing attacks against the administrator account on port 7021. | |||||
CVE-2001-1349 | 1 Sendmail | 1 Sendmail | 2008-09-05 | 3.7 LOW | N/A |
Sendmail before 8.11.4, and 8.12.0 before 8.12.0.Beta10, allows local users to cause a denial of service and possibly corrupt the heap and gain privileges via race conditions in signal handlers. | |||||
CVE-2001-1348 | 1 Twig Development Team | 1 Twig | 2008-09-05 | 7.5 HIGH | N/A |
TWIG 2.6.2 and earlier allows remote attackers to perform unauthorized database operations via a SQL injection attack on the id parameter. | |||||
CVE-2001-1338 | 1 Beck Ipc Gmbh | 1 Ipc At Chip Telnetd Server | 2008-09-05 | 5.0 MEDIUM | N/A |
Beck IPC GmbH IPC@CHIP TelnetD server generates different responses when given valid and invalid login names, which allows remote attackers to determine accounts on the system. | |||||
CVE-2001-1337 | 1 Beck Ipc Gmbh | 1 Ipc At Chip Embedded-webserver | 2008-09-05 | 5.0 MEDIUM | N/A |
Beck IPC GmbH IPC@CHIP Embedded-Webserver allows remote attackers to cause a denial of service via a long HTTP request. | |||||
CVE-2001-1333 | 1 Easy Software Products | 1 Cups | 2008-09-05 | 1.2 LOW | N/A |
Linux CUPS before 1.1.6 does not securely handle temporary files, possibly due to a symlink vulnerability that could allow local users to overwrite files. | |||||
CVE-2001-1332 | 1 Easy Software Products | 1 Cups | 2008-09-05 | 7.5 HIGH | N/A |
Buffer overflows in Linux CUPS before 1.1.6 may allow remote attackers to execute arbitrary code. | |||||
CVE-2001-1330 | 1 Ibm | 1 Aix | 2008-09-05 | 7.2 HIGH | N/A |
Buffer overflow in rsh on AIX 4.2.0.0 may allow local users to gain root privileges via a long command line argument. | |||||
CVE-2001-1327 | 1 Berkeley Softworks | 1 Pmake | 2008-09-05 | 4.6 MEDIUM | N/A |
pmake before 2.1.35 in Turbolinux 6.05 and earlier is installed with setuid root privileges, which could allow local users to gain privileges by exploiting vulnerabilities in pmake or programs that are used by pmake. | |||||
CVE-2001-1326 | 1 Qualcomm | 1 Eudora | 2008-09-05 | 7.5 HIGH | N/A |
Eudora 5.1 allows remote attackers to execute arbitrary code when the "Use Microsoft Viewer" option is enabled and the "allow executables in HTML content" option is disabled, via an HTML email with a form that is activated from an image that the attacker spoofs as a link, which causes the user to execute the form and access embedded attachments. | |||||
CVE-2001-1321 | 1 Oracle | 1 Internet Directory | 2008-09-05 | 7.5 HIGH | N/A |
Oracle Internet Directory Server 2.1.1.x and 3.0.1 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via invalid encodings of BER OBJECT-IDENTIFIER values, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
CVE-2001-1318 | 1 Qualcomm | 1 Eudora Worldmail Server | 2008-09-05 | 7.5 HIGH | N/A |
Vulnerabilities in Qualcomm Eudora WorldMail Server may allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
CVE-2001-1317 | 1 Teamware | 1 Teamware Office | 2008-09-05 | 7.5 HIGH | N/A |
Teamware Office Enterprise Directory allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, via invalid encodings for certain BER object types, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
CVE-2001-1315 | 1 Critical Path | 2 Injoin Directory Server, Livecontent Directory | 2008-09-05 | 7.5 HIGH | N/A |
Critical Path (1) InJoin Directory Server or (2) LiveContent Directory allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via malformed BER encodings, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
CVE-2001-1314 | 1 Critical Path | 2 Injoin Directory Server, Livecontent Directory | 2008-09-05 | 7.5 HIGH | N/A |
Buffer overflows in Critical Path (1) InJoin Directory Server or (2) LiveContent Directory allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
CVE-2001-1306 | 1 Sun | 1 Iplanet Directory Server | 2008-09-05 | 7.5 HIGH | N/A |
iPlanet Directory Server 4.1.4 and earlier (LDAP) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via invalid BER length of length fields, as demonstrated by the PROTOS LDAPv3 test suite. | |||||
CVE-2001-1304 | 1 Nullsoft | 1 Shoutcast Server | 2008-09-05 | 5.0 MEDIUM | N/A |
Buffer overflow in SHOUTcast Server 1.8.2 allows remote attackers to cause a denial of service (crash) via several HTTP requests with a long (1) user-agent or (2) host HTTP header. | |||||
CVE-2001-1301 | 2 Gnu, Xemacs | 2 Emacs, Xemacs | 2008-09-05 | 1.2 LOW | N/A |
rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file. |