National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

There are 124,283 matching records.
Displaying matches 122841 through 122860.
Vuln ID Summary CVSS Severity
CVE-2000-0017

Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter.

Published: December 21, 1999; 12:00:00 AM -05:00
    V2: 10.0 HIGH
CVE-2000-0022

Lotus Domino HTTP server does not properly disable anonymous access for the cgi-bin directory.

Published: December 21, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2000-0023

Buffer overflow in Lotus Domino HTTP server allows remote attackers to cause a denial of service via a long URL.

Published: December 21, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2000-0024

IIS does not properly canonicalize URLs, potentially allowing remote attackers to bypass access restrictions in third-party software via escape characters, aka the "Escape Character Parsing" vulnerability.

Published: December 21, 1999; 12:00:00 AM -05:00
    V2: 6.4 MEDIUM
CVE-2000-0025

IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the "Virtual Directory Naming" vulnerability.

Published: December 21, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2000-0026

Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string.

Published: December 21, 1999; 12:00:00 AM -05:00
    V2: 10.0 HIGH
CVE-1999-0997

wu-ftp with FTP conversion enabled allows an attacker to execute commands via a malformed file name that is interpreted as an argument to the program that does the conversion, e.g. tar or uncompress.

Published: December 20, 1999; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2000-0020

DNS PRO allows remote attackers to conduct a denial of service via a large number of connections.

Published: December 20, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-1999-1005

Groupwise web server GWWEB.EXE allows remote attackers to read arbitrary files with .htm extensions via a .. (dot dot) attack using the HELP parameter.

Published: December 19, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-1999-1006

Groupwise web server GWWEB.EXE allows remote attackers to determine the real path of the web server via the HELP parameter.

Published: December 19, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-1999-0994

Windows NT with SYSKEY reuses the keystream that is used for encrypting SAM password hashes, allowing an attacker to crack passwords.

Published: December 16, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-1999-0995

Windows NT Local Security Authority (LSA) allows remote attackers to cause a denial of service via malformed arguments to the LsaLookupSids function which looks up the SID, aka "Malformed Security Identifier Request."

Published: December 16, 1999; 12:00:00 AM -05:00
    V2: 7.8 HIGH
CVE-1999-0998

Cisco Cache Engine allows an attacker to replace content in the cache.

Published: December 16, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-1999-1000

The web administration interface for Cisco Cache Engine allows remote attackers to view performance statistics.

Published: December 16, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-1999-1001

Cisco Cache Engine allows a remote attacker to gain access via a null username and password.

Published: December 16, 1999; 12:00:00 AM -05:00
    V2: 2.6 LOW
CVE-1999-1004

Buffer overflow in the POP server POProxy for the Norton Anti-Virus protection NAV2000 program via a large USER command.

Published: December 16, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-1999-0934

classifieds.cgi allows remote attackers to read arbitrary files via shell metacharacters.

Published: December 15, 1999; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-1999-0935

classifieds.cgi allows remote attackers to execute arbitrary commands by specifying them in a hidden variable in a CGI form.

Published: December 15, 1999; 12:00:00 AM -05:00
    V2: 10.0 HIGH
CVE-1999-0996

Buffer overflow in Infoseek Ultraseek search engine allows remote attackers to execute commands via a long GET request.

Published: December 15, 1999; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-1999-1010

An SSH 1.2.27 server allows a client to use the "none" cipher, even if it is not allowed by the server policy.

Published: December 14, 1999; 12:00:00 AM -05:00
    V2: 2.1 LOW