Vulnerabilities (CVE)

Filter

128519 total CVE
CVE Vendors Products Updated CVSS
CVE-2001-0075 1 Technote Inc 1 Technote 2008-09-05 5.0
Directory traversal vulnerability in main.cgi in Technote allows remote attackers to read arbitrary files via a .. (dot dot) attack in the filename parameter.
CVE-2001-0074 1 Technote Inc 1 Technote 2008-09-05 5.0
Directory traversal vulnerability in print.cgi in Technote allows remote attackers to read arbitrary files via a .. (dot dot) attack in the board parameter.
CVE-2001-0073 1 Nsa 1 Security-enhanced Linux 2008-09-05 2.1
Buffer overflow in the find_default_type function in libsecure in NSA Security-enhanced Linux, which may allow attackers to modify critical data in memory.
CVE-2001-0064 1 Alt-n 1 Mdaemon 2008-09-05 5.0
Webconfig, IMAP, and other services in MDaemon 3.5.0 and earlier allows remote attackers to cause a denial of service via a long URL terminated by a "\r\n" string.
CVE-2001-0019 1 Cisco 2 Content Services Switch, Arrowpoint 2008-09-05 2.1
Arrowpoint (aka Cisco Content Services, or CSS) allows local users to cause a denial of service via a long argument to the "show script," "clear script," "show archive," "clear archive," "show log," or "clear log" commands.
CVE-2000-1244 1 Ca 1 Inoculateit Agent For Exchange 2008-09-05 7.5
Computer Associates InoculateIT Agent for Exchange Server does not recognize an e-mail virus attachment if the SMTP header is missing the "From" field, which allows remote attackers to bypass virus protection.
CVE-2000-1242 1 Apc 1 Powerchute 2008-09-05 9.0
The HTTP service in American Power Conversion (APC) PowerChute uses a default username and password, which allows remote attackers to gain system access.
CVE-2000-1237 1 Floosietek 1 Ftgate 2008-09-05 5.0
The POP3 server in FTGate returns an -ERR code after receiving an invalid USER request, which makes it easier for remote attackers to determine valid usernames and conduct brute force password guessing.
CVE-2000-1235 1 Oracle 1 Application Server 2008-09-05 5.0
The default configurations of (1) the port listener and (2) modplsql in Oracle Internet Application Server (IAS) 3.0.7 and earlier allow remote attackers to view privileged database information via HTTP requests for Database Access Descriptor (DAD) files.
CVE-2000-1234 1 Phorum 1 Phorum 2008-09-05 5.0
violation.php3 in Phorum 3.0.7 allows remote attackers to send e-mails to arbitrary addresses and possibly use Phorum as a "spam proxy" by setting the Mod and ForumName parameters.
CVE-2000-1233 1 Phorum 1 Phorum 2008-09-05 7.5
SQL injection vulnerability in read.php3 and other scripts in Phorum 3.0.7 allows remote attackers to execute arbitrary SQL queries via the sSQL parameter.
CVE-2000-1232 1 Phorum 1 Phorum 2008-09-05 5.0
upgrade.php3 in Phorum 3.0.7 could allow remote attackers to modify certain Phorum database tables via an unknown method.
CVE-2000-1231 1 Phorum 1 Phorum 2008-09-05 5.0
code.php3 in Phorum 3.0.7 allows remote attackers to read arbitrary files in the phorum directory via the query string.
CVE-2000-1230 1 Phorum 1 Phorum 2008-09-05 5.0
Backdoor in auth.php3 in Phorum 3.0.7 allows remote attackers to access restricted web pages via an HTTP request with the PHP_AUTH_USER parameter set to "boogieman".
CVE-2000-1229 1 Phorum 1 Phorum 2008-09-05 5.0
Directory traversal vulnerability in Phorum 3.0.7 allows remote Phorum administrators to read arbitrary files via ".." (dot dot) sequences in the default .langfile name field in the Master Settings administrative function, which causes the file...
CVE-2000-1228 1 Phorum 1 Phorum 2008-09-05 5.0
Phorum 3.0.7 allows remote attackers to change the administrator password without authentication via an HTTP request for admin.php3 that sets step, option, confirm and newPssword variables.
CVE-2000-1226 1 Snort 1 Snort 2008-09-05 5.0
Snort 1.6, when running in straight ASCII packet logging mode or IDS mode with straight decoded ASCII packet logging selected, allows remote attackers to cause a denial of service (crash) by sending non-IP protocols that Snort does not know...
CVE-2000-1225 1 Imatix 1 Xitami 2008-09-05 5.0
Xitami 2.5b installs the testcgi.exe program by default in the cgi-bin directory, which allows remote attackers to gain sensitive configuration information about the web server by accessing the program.
CVE-2000-1223 1 I-soft 1 Quikstore 2008-09-05 7.5
quikstore.cgi in Quikstore Shopping Cart allows remote attackers to execute arbitrary commands via shell metacharacters in the URL portion of an HTTP GET request.
CVE-2000-1219 1 Gnu 2 Gcc, G%2b%2b 2008-09-05 7.5
The -ftrapv compiler option in gcc and g++ 3.3.3 and earlier does not handle all types of integer overflows, which may leave applications vulnerable to vulnerabilities related to overflows.