National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): PHP
  • Search Type: Search All
  • Contains Software Flaws (CVE)
There are 27,399 matching records.
Displaying matches 27001 through 27020.
Vuln ID Summary CVSS Severity
CVE-2001-0535

Example applications (Exampleapps) in ColdFusion Server 4.x do not properly restrict prevent access from outside the local host's domain, which allows remote attackers to conduct upload, read, or execute files by spoofing the "HTTP Host" (CGI.Host) variable in (1) the "Web Publish" example script, and (2) the "Email" example script.

Published: October 30, 2001; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2001-0669

Various Intrusion Detection Systems (IDS) including (1) Cisco Secure Intrusion Detection System, (2) Cisco Catalyst 6000 Intrusion Detection System Module, (3) Dragon Sensor 4.x, (4) Snort before 1.8.1, (5) ISS RealSecure Network Sensor 5.x and 6.x before XPU 3.2, and (6) ISS RealSecure Server Sensor 5.5 and 6.0 for Windows, allow remote attackers to evade detection of HTTP attacks via non-standard "%u" Unicode encoding of ASCII characters in the requested URL.

Published: October 30, 2001; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2001-0713

Sendmail before 8.12.1 does not properly drop privileges when the -C option is used to load custom configuration files, which allows local users to gain privileges via malformed arguments in the configuration file whose names contain characters with the high bit set, such as (1) macro names that are one character long, (2) a variable setting which is processed by the setoption function, or (3) a Modifiers setting which is processed by the getmodifiers function.

Published: October 30, 2001; 12:00:00 AM -05:00
    V2: 4.6 MEDIUM
CVE-2001-0717

Format string vulnerability in ToolTalk database server rpc.ttdbserverd allows remote attackers to execute arbitrary commands via format string specifiers that are passed to the syslog function.

Published: October 30, 2001; 12:00:00 AM -05:00
    V2: 10.0 HIGH
CVE-2001-0736

Vulnerability in (1) pine before 4.33 and (2) the pico editor, included with pine, allows local users local users to overwrite arbitrary files via a symlink attack.

Published: October 18, 2001; 12:00:00 AM -04:00
    V2: 2.1 LOW
CVE-2001-0744

Horde IMP 2.2.4 and earlier allows local users to overwrite files via a symlink attack on a temporary file.

Published: October 18, 2001; 12:00:00 AM -04:00
    V2: 2.1 LOW
CVE-2001-0748

Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote attackers to read arbitrary files by prepending several / (slash) characters to the URI.

Published: October 18, 2001; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2001-0774

Tripwire 1.3.1, 2.2.1 and 2.3.0 allows local users to overwrite arbitrary files and possible gain privileges via a symbolic link attack on temporary files.

Published: October 18, 2001; 12:00:00 AM -04:00
    V2: 4.6 MEDIUM
CVE-2001-0775

Buffer overflow in xloadimage 4.1 (aka xli 1.16 and 1.17) in Linux allows remote attackers to execute arbitrary code via a FACES format image containing a long (1) Firstname or (2) Lastname field.

Published: October 18, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-0777

Omnicron OmniHTTPd 2.0.8 allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests for PHP scripts.

Published: October 18, 2001; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2001-0905

Race condition in signal handling of procmail 3.20 and earlier, when running setuid, allows local users to cause a denial of service or gain root privileges by sending a signal while a signal handling routine is already running.

Published: October 18, 2001; 12:00:00 AM -04:00
    V2: 6.2 MEDIUM
CVE-2001-0907

Linux kernel 2.2.1 through 2.2.19, and 2.4.1 through 2.4.10, allows local users to cause a denial of service via a series of deeply nested symlinks, which causes the kernel to spend extra time when trying to access the link.

Published: October 18, 2001; 12:00:00 AM -04:00
    V2: 2.1 LOW
CVE-2001-1380

OpenSSH before 2.9.9, while using keypairs and multiple keys of different types in the ~/.ssh/authorized_keys2 file, may not properly handle the "from" option associated with a key, which could allow remote attackers to login from unauthorized IP addresses.

Published: October 18, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-1384

ptrace in Linux 2.2.x through 2.2.19, and 2.4.x through 2.4.9, allows local users to gain root privileges by running ptrace on a setuid or setgid program that itself calls an unprivileged program, such as newgrp.

Published: October 18, 2001; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-2001-1460

SQL injection vulnerability in article.php in PostNuke 0.62 through 0.64 allows remote attackers to bypass authentication via the user parameter.

Published: October 13, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-1227

Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags.

Published: October 10, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-1278

Zope before 2.2.4 allows partially trusted users to bypass security controls for certain methods by accessing the methods through the fmt attribute of dtml-var tags.

Published: October 10, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-1147

The PAM implementation in /bin/login of the util-linux package before 2.11 causes a password entry to be rewritten across multiple PAM calls, which could provide the credentials of one user to a different user, when used in certain PAM modules such as pam_limits.

Published: October 08, 2001; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-2001-1156

TYPSoft FTP 0.95 allows remote attackers to cause a denial of service (CPU consumption) via a "../../*" argument to (1) STOR or (2) RETR.

Published: October 08, 2001; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2001-0670

Buffer overflow in BSD line printer daemon (in.lpd or lpd) in various BSD-based operating systems allows remote attackers to execute arbitrary code via an incomplete print job followed by a request to display the printer queue.

Published: October 03, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH