National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

There are 126,270 matching records.
Displaying matches 122881 through 122900.
Vuln ID Summary CVSS Severity
CVE-2001-0980

docview before 1.0-15 allows remote attackers to execute arbitrary commands via shell metacharacters that are processed when converting a man page to a web page.

Published: July 17, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-1177

ml85p in Samsung ML-85G GDI printer driver before 0.2.0 allows local users to overwrite arbitrary files via a symlink attack on temporary files.

Published: July 17, 2001; 12:00:00 AM -04:00
    V2: 6.2 MEDIUM
CVE-2001-1179

xman allows local users to gain privileges by modifying the MANPATH to point to a man page whose filename contains shell metacharacters.

Published: July 17, 2001; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-2001-1182

Vulnerability in login in HP-UX 11.00, 11.11, and 10.20 allows restricted shell users to bypass certain security checks and gain privileges.

Published: July 17, 2001; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-2001-1241

Un-CGI 1.9 and earlier does not verify that a CGI script has the execution bits set before executing it, which allows remote attackers to execute arbitrary commands by directing Un-CGI to a document that begins with "#!" and the desired program name.

Published: July 17, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-1242

Directory traversal vulnerability in Un-CGI 1.9 and earlier allows remote attackers to execute arbitrary code via a .. (dot dot) in an HTML form.

Published: July 17, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-1279

Buffer overflow in print-rx.c of tcpdump 3.x (probably 3.6x) allows remote attackers to cause a denial of service and possibly execute arbitrary code via AFS RPC packets with invalid lengths that trigger an integer signedness error, a different vulnerability than CVE-2000-1026.

Published: July 17, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-0975

Buffer overflow vulnerabilities in Oracle Internet Directory Server (LDAP) 2.1.1.x and 3.0.1 allow remote attackers to execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.

Published: July 16, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-0977

slapd in OpenLDAP 1.x before 1.2.12, and 2.x before 2.0.8, allows remote attackers to cause a denial of service (crash) via an invalid Basic Encoding Rules (BER) length field.

Published: July 16, 2001; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2001-1181

Dynamically Loadable Kernel Module (dlkm) static kernel symbol table in HP-UX 11.11 is not properly configured, which allows local users to gain privileges.

Published: July 16, 2001; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-2001-1238

Task Manager in Windows 2000 does not allow local users to end processes with uppercase letters named (1) winlogon.exe, (2) csrss.exe, (3) smss.exe and (4) services.exe via the Process tab which could allow local users to install Trojan horses that cannot be stopped with the Task Manager.

Published: July 16, 2001; 12:00:00 AM -04:00
    V2: 4.6 MEDIUM
CVE-2001-1306

iPlanet Directory Server 4.1.4 and earlier (LDAP) allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via invalid BER length of length fields, as demonstrated by the PROTOS LDAPv3 test suite.

Published: July 16, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-1307

Buffer overflows in iPlanet Directory Server 4.1.4 and earlier (LDAP) allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.

Published: July 16, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-1308

Format string vulnerabilities in iPlanet Directory Server 4.1.4 and earlier (LDAP) allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.

Published: July 16, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-1309

Buffer overflows in IBM SecureWay 3.2.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.

Published: July 16, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-1310

IBM SecureWay 3.2.1 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, via invalid encodings for the L field of a BER encoding, as demonstrated by the PROTOS LDAPv3 test suite.

Published: July 16, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-1311

Buffer overflows in Lotus Domino R5 before R5.0.7a allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.

Published: July 16, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-1312

Format string vulnerabilities in Lotus Domino R5 before R5.0.7a allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.

Published: July 16, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-1313

Lotus Domino R5 before R5.0.7a allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via miscellaneous packets with semi-valid BER encodings, as demonstrated by the PROTOS LDAPv3 test suite.

Published: July 16, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-1314

Buffer overflows in Critical Path (1) InJoin Directory Server or (2) LiveContent Directory allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test suite.

Published: July 16, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH