Total
28799 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2001-0200 | 1 Heat-on Software | 1 Hsweb | 2008-09-05 | 5.0 MEDIUM | N/A |
HSWeb 2.0 HTTP server allows remote attackers to obtain the physical path of the server via a request to the /cgi/ directory, which will list the path if directory browsing is enabled. | |||||
CVE-2001-0192 | 1 Davide Libenzi | 1 Xmail | 2008-09-05 | 10.0 HIGH | N/A |
Buffer overflows in CTRLServer in XMail allows attackers to execute arbitrary commands via the cfgfileget or domaindel functions. | |||||
CVE-2001-0186 | 1 Free Java Web Server | 1 Free Java Web Server | 2008-09-05 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in Free Java Web Server 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
CVE-2001-0163 | 1 Cisco | 1 Aironet Ap340 | 2008-09-05 | 4.6 MEDIUM | N/A |
Cisco AP340 base station produces predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. | |||||
CVE-2001-0161 | 1 Cisco | 1 Aironet | 2008-09-05 | 5.0 MEDIUM | N/A |
Cisco 340-series Aironet access point using firmware 11.01 does not use 6 of the 24 available IV bits for WEP encryption, which makes it easier for remote attackers to mount brute force attacks. | |||||
CVE-2001-0160 | 2 Lucent, Orinoco | 2 Wavelan, Orinoco Wavelan | 2008-09-05 | 5.0 MEDIUM | N/A |
Lucent/ORiNOCO WaveLAN cards generate predictable Initialization Vector (IV) values for the Wireless Encryption Protocol (WEP) which allows remote attackers to quickly compile information that will let them decrypt messages. | |||||
CVE-2001-0155 | 1 Van Dyke Technologies | 1 Vshell | 2008-09-05 | 7.5 HIGH | N/A |
Format string vulnerability in VShell SSH gateway 1.0.1 and earlier allows remote attackers to execute arbitrary commands via a user name that contains format string specifiers. | |||||
CVE-2001-0133 | 1 Trend Micro | 1 Interscan Viruswall | 2008-09-05 | 10.0 HIGH | N/A |
The web administration interface for Interscan VirusWall 3.6.x and earlier does not use encryption, which could allow remote attackers to obtain the administrator password to sniff the administrator password via the setpasswd.cgi program or other HTTP GET requests that contain base64 encoded usernames and passwords. | |||||
CVE-2001-0132 | 1 Trend Micro | 1 Interscan Viruswall | 2008-09-05 | 1.2 LOW | N/A |
Interscan VirusWall 3.6.x and earlier follows symbolic links when uninstalling the product, which allows local users to overwrite arbitrary files via a symlink attack. | |||||
CVE-2001-0127 | 1 Oliver Debon | 1 Flash | 2008-09-05 | 7.6 HIGH | N/A |
Buffer overflow in Olivier Debon Flash plugin (not the Macromedia plugin) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long DefineSound tag. | |||||
CVE-2001-0114 | 1 Omnicron | 1 Omnihttpd | 2008-09-05 | 5.0 MEDIUM | N/A |
statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to overwrite arbitrary files via the cgidir parameter. | |||||
CVE-2001-0113 | 1 Omnicron | 1 Omnihttpd | 2008-09-05 | 10.0 HIGH | N/A |
statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to execute arbitrary commands via the mostbrowsers parameter, whose value is used as part of a generated Perl script. | |||||
CVE-2001-0093 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 7.2 HIGH | N/A |
Vulnerability in telnetd in FreeBSD 1.5 allows local users to gain root privileges by modifying critical environmental variables that affect the behavior of telnetd. | |||||
CVE-2001-0082 | 1 Checkpoint | 1 Firewall-1 | 2008-09-05 | 7.5 HIGH | N/A |
Check Point VPN-1/FireWall-1 4.1 SP2 with Fastmode enabled allows remote attackers to bypass access restrictions via malformed, fragmented packets. | |||||
CVE-2001-0079 | 1 Hp | 1 Support Tools Manager | 2008-09-05 | 2.1 LOW | N/A |
Support Tools Manager (STM) A.22.00 for HP-UX allows local users to overwrite arbitrary files via a symlink attack on the tool_stat.txt log file. | |||||
CVE-2001-0075 | 1 Technote Inc | 1 Technote | 2008-09-05 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in main.cgi in Technote allows remote attackers to read arbitrary files via a .. (dot dot) attack in the filename parameter. | |||||
CVE-2001-0074 | 1 Technote Inc | 1 Technote | 2008-09-05 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in print.cgi in Technote allows remote attackers to read arbitrary files via a .. (dot dot) attack in the board parameter. | |||||
CVE-2001-0073 | 1 Nsa | 1 Security-enhanced Linux | 2008-09-05 | 2.1 LOW | N/A |
Buffer overflow in the find_default_type function in libsecure in NSA Security-enhanced Linux, which may allow attackers to modify critical data in memory. | |||||
CVE-2001-0064 | 1 Alt-n | 1 Mdaemon | 2008-09-05 | 5.0 MEDIUM | N/A |
Webconfig, IMAP, and other services in MDaemon 3.5.0 and earlier allows remote attackers to cause a denial of service via a long URL terminated by a "\r\n" string. | |||||
CVE-2001-0019 | 1 Cisco | 2 Arrowpoint, Content Services Switch | 2008-09-05 | 2.1 LOW | N/A |
Arrowpoint (aka Cisco Content Services, or CSS) allows local users to cause a denial of service via a long argument to the "show script," "clear script," "show archive," "clear archive," "show log," or "clear log" commands. |