Total
28799 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2000-1100 | 1 Trlinux | 1 Postaci Webmail | 2008-09-05 | 7.5 HIGH | N/A |
| The default configuration for PostACI webmail system installs the /includes/global.inc configuration file within the web root, which allows remote attackers to read sensitive information such as database usernames and passwords via a direct HTTP GET request. | |||||
| CVE-2000-1098 | 1 Sonicwall | 1 Soho Firewall | 2008-09-05 | 5.0 MEDIUM | N/A |
| The web server for the SonicWALL SOHO firewall allows remote attackers to cause a denial of service via an empty GET or POST request. | |||||
| CVE-2000-1046 | 1 Lotus | 1 Domino | 2008-09-05 | 10.0 HIGH | N/A |
| Multiple buffer overflows in the ESMTP service of Lotus Domino 5.0.2c and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via long (1) "RCPT TO," (2) "SAML FROM," or (3) "SOML FROM" commands. | |||||
| CVE-2000-1037 | 1 Checkpoint | 1 Firewall-1 | 2008-09-05 | 7.5 HIGH | N/A |
| Check Point Firewall-1 session agent 3.0 through 4.1 generates different error messages for invalid user names versus invalid passwords, which allows remote attackers to determine valid usernames and guess a password via a brute force attack. | |||||
| CVE-2000-1017 | 1 Webteacher | 1 Webdata | 2008-09-05 | 5.0 MEDIUM | N/A |
| Webteachers Webdata allows remote attackers with valid Webdata accounts to read arbitrary files by posting a request to import the file into the WebData database. | |||||
| CVE-2000-1013 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 7.2 HIGH | N/A |
| The setlocale function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable. | |||||
| CVE-2000-1012 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 7.2 HIGH | N/A |
| The catopen function in FreeBSD 5.0 and earlier, and possibly other OSes, allows local users to read arbitrary files via the LANG environmental variable. | |||||
| CVE-2000-1008 | 1 Palm | 1 Palm Os | 2008-09-05 | 4.6 MEDIUM | N/A |
| PalmOS 3.5.2 and earlier uses weak encryption to store the user password, which allows attackers with physical access to the Palm device to decrypt the password and gain access to the device. | |||||
| CVE-2000-0999 | 1 Openbsd | 1 Openssh | 2008-09-05 | 10.0 HIGH | N/A |
| Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems) allow attackers to gain root privileges. | |||||
| CVE-2000-0998 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 7.2 HIGH | N/A |
| Format string vulnerability in top program allows local attackers to gain root privileges via the "kill" or "renice" function. | |||||
| CVE-2000-0985 | 1 Nevis Systems | 1 All-mail | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in All-Mail 1.1 allows remote attackers to execute arbitrary commands via a long "MAIL FROM" or "RCPT TO" command. | |||||
| CVE-2000-0976 | 1 Xfree86 Project | 1 Xlib | 2008-09-05 | 4.6 MEDIUM | N/A |
| Buffer overflow in xlib in XFree 3.3.x possibly allows local users to execute arbitrary commands via a long DISPLAY environment variable or a -display command line parameter. | |||||
| CVE-2000-0931 | 1 David Harris | 1 Pegasus Mail | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflow in Pegasus Mail 3.11 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long email message containing binary data. | |||||
| CVE-2000-0918 | 1 Kde | 1 Kvt | 2008-09-05 | 7.2 HIGH | N/A |
| Format string vulnerability in kvt in KDE 1.1.2 may allow local users to execute arbitrary commands via a DISPLAY environmental variable that contains formatting characters. | |||||
| CVE-2000-0916 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 7.5 HIGH | N/A |
| FreeBSD 4.1.1 and earlier, and possibly other BSD-based OSes, uses an insufficient random number generator to generate initial TCP sequence numbers (ISN), which allows remote attackers to spoof TCP connections. | |||||
| CVE-2000-0907 | 1 Etype | 1 Eserv | 2008-09-05 | 7.5 HIGH | N/A |
| EServ 2.92 Build 2982 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via long HELO and MAIL FROM commands. | |||||
| CVE-2000-0905 | 1 Qnx | 1 Voyager | 2008-09-05 | 5.0 MEDIUM | N/A |
| QNX Embedded Resource Manager in Voyager web server 2.01B in the demo disks for QNX 405 allows remote attackers to read sensitive system statistics information via the embedded.html web page. | |||||
| CVE-2000-0904 | 1 Qnx | 1 Voyager | 2008-09-05 | 5.0 MEDIUM | N/A |
| Voyager web server 2.01B in the demo disks for QNX 405 stores sensitive web client information in the .photon directory in the web document root, which allows remote attackers to obtain that information. | |||||
| CVE-2000-0903 | 1 Qnx | 1 Voyager | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Voyager web server 2.01B in the demo disks for QNX 405 allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2000-0893 | 1 Sgi | 1 Irix | 2008-09-05 | 5.0 MEDIUM | N/A |
| The presence of the Distributed GL Daemon (dgld) service on port 5232 on SGI IRIX systems allows remote attackers to identify the target host as an SGI system. | |||||