National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

There are 125,861 matching records.
Displaying matches 122761 through 122780.
Vuln ID Summary CVSS Severity
CVE-2001-0216

PALS Library System pals-cgi program allows remote attackers to execute arbitrary commands via shell metacharacters in the documentName parameter.

Published: June 02, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-0217

Directory traversal vulnerability in PALS Library System pals-cgi program allows remote attackers to read arbitrary files via a .. (dot dot) in the documentName parameter.

Published: June 02, 2001; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2001-0220

Buffer overflow in ja-elvis and ko-helvis ports of elvis allow local users to gain root privileges.

Published: June 02, 2001; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-2001-0221

Buffer overflow in ja-xklock 2.7.1 and earlier allows local users to gain root privileges.

Published: June 02, 2001; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-2001-0224

Muscat Empower CGI program allows remote attackers to obtain the absolute pathname of the server via an invalid request in the DB parameter.

Published: June 02, 2001; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2001-0225

fortran math component in Infobot 0.44.5.3 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters.

Published: June 02, 2001; 12:00:00 AM -04:00
    V2: 10.0 HIGH
CVE-2001-0230

Buffer overflow in dc20ctrl before 0.4_1 in FreeBSD, and possibly other operating systems, allows local users to gain privileges.

Published: June 02, 2001; 12:00:00 AM -04:00
    V2: 4.6 MEDIUM
CVE-2001-0250

The Web Publishing feature in Netscape Enterprise Server 4.x and earlier allows remote attackers to list arbitrary directories under the web server root via the INDEX command.

Published: June 02, 2001; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2001-0251

The Web Publishing feature in Netscape Enterprise Server 3.x allows remote attackers to cause a denial of service via the REVLOG command.

Published: June 02, 2001; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2001-0252

iPlanet (formerly Netscape) Enterprise Server 4.1 allows remote attackers to cause a denial of service via a long HTTP GET request that contains many "/../" (dot dot) sequences.

Published: June 02, 2001; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2001-0253

Directory traversal vulnerability in hsx.cgi program in iWeb Hyperseek 2000 allows remote attackers to read arbitrary files and directories via a .. (dot dot) attack in the show parameter.

Published: June 02, 2001; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2001-0254

FaSTream FTP++ Server 2.0 allows remote attackers to obtain the real pathname of the server via the "pwd" command.

Published: June 02, 2001; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2001-0255

FaSTream FTP++ Server 2.0 allows remote attackers to list arbitrary directories by using the "ls" command and including the drive letter name (e.g. C:) in the requested pathname.

Published: June 02, 2001; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2001-0256

FaSTream FTP++ Server 2.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long username.

Published: June 02, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-0257

Buffer overflow in Easycom/Safecom Print Server Web service, version 404.590 and earlier, allows remote attackers to execute arbitrary commands via (1) a long URL or (2) a long HTTP header field such as "Host:".

Published: June 02, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-0258

The Easycom/Safecom Print Server (firmware 404.590) PrintGuide server allows remote attackers to cause a denial of service via a large number of connections that send null characters.

Published: June 02, 2001; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2001-0259

ssh-keygen in ssh 1.2.27 - 1.2.30 with Secure-RPC can allow local attackers to recover a SUN-DES-1 magic phrase generated by another user, which the attacker can use to decrypt that user's private key file.

Published: June 02, 2001; 12:00:00 AM -04:00
    V2: 3.6 LOW
CVE-2001-0260

Buffer overflow in Lotus Domino Mail Server 5.0.5 and earlier allows a remote attacker to crash the server or execute arbitrary code via a long "RCPT TO" command.

Published: June 02, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-0261

Microsoft Windows 2000 Encrypted File System does not properly destroy backups of files that are encrypted, which allows a local attacker to recover the text of encrypted files.

Published: June 02, 2001; 12:00:00 AM -04:00
    V2: 2.1 LOW
CVE-2001-0299

Buffer overflow in Voyager web administration server for Nokia IP440 allows local users to cause a denial of service, and possibly execute arbitrary commands, via a long URL.

Published: June 02, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH