National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

There are 127,106 matching records.
Displaying matches 122921 through 122940.
Vuln ID Summary CVSS Severity
CVE-2001-1563

Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers.

Published: December 31, 2001; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2001-1564

setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 does not properly enforce core file size on processes after setuid or setgid privileges are dropped, which could allow local users to cause a denial of service by exhausting available disk space.

Published: December 31, 2001; 12:00:00 AM -05:00
    V2: 2.1 LOW
CVE-2001-1565

Point to Point Protocol daemon (pppd) in MacOS x 10.0 and 10.1 through 10.1.5 provides the username and password on the command line, which allows local users to obtain authentication information via the ps command.

Published: December 31, 2001; 12:00:00 AM -05:00
    V2: 2.1 LOW
CVE-2001-1566

Format string vulnerability in libvanessa_logger 0.0.1 in Perdition 0.1.8 allows remote attackers to execute arbitrary code via format string specifiers in the __vanessa_logger_log function.

Published: December 31, 2001; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2001-1567

Lotus Domino server 5.0.9a and earlier allows remote attackers to bypass security restrictions and view Notes database files and possibly sensitive Notes template files (.ntf) via an HTTP request with a large number of "+" characters before the .nsf file extension, which are converted to spaces by Domino.

Published: December 31, 2001; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2001-1568

CMG WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in-the-middle attack.

Published: December 31, 2001; 12:00:00 AM -05:00
    V2: 6.4 MEDIUM
CVE-2001-1569

Openwave WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in-the-middle attack.

Published: December 31, 2001; 12:00:00 AM -05:00
    V2: 6.4 MEDIUM
CVE-2001-1570

Windows XP with fast user switching and account lockout enabled allows local users to deny user account access by setting the fast user switch to the same user (self) multiple times, which causes other accounts to be locked out.

Published: December 31, 2001; 12:00:00 AM -05:00
    V2: 2.1 LOW
CVE-2001-1571

The Remote Desktop client in Windows XP sends the most recent user account name in cleartext, which could allow remote attackers to obtain terminal server user account names via sniffing.

Published: December 31, 2001; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2001-1572

The MAC module in Netfilter in Linux kernel 2.4.1 through 2.4.11, when configured to filter based on MAC addresses, allows remote attackers to bypass packet filters via small packets.

Published: December 31, 2001; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2001-1573

Buffer overflow in smtpscan.dll for Trend Micro InterScan VirusWall 3.51 for Windows NT has allows remote attackers to execute arbitrary code via a certain configuration parameter.

Published: December 31, 2001; 12:00:00 AM -05:00
    V2: 10.0 HIGH
CVE-2001-1574

Buffer overflow in (1) HttpSaveCVP.dll and (2) HttpSaveCSP.dll in Trend Micro InterScan VirusWall 3.5.1 allows remote attackers to execute arbitrary code.

Published: December 31, 2001; 12:00:00 AM -05:00
    V2: 10.0 HIGH
CVE-2001-1575

Apple Personal Web Sharing (PWS) 1.1, 1.5, and 1.5.5, when Web Sharing authentication is enabled, allows remote attackers to cause a denial of service via a long password, possibly due to a buffer overflow.

Published: December 31, 2001; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2001-1576

Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument.

Published: December 31, 2001; 12:00:00 AM -05:00
    V2: 4.6 MEDIUM
CVE-2001-1577

Unknown vulnerability in CDE in Caldera OpenUnix 7.1.0, 7.1.1, and 8.0 allows an xterm session to gain privileges when the session is reused.

Published: December 31, 2001; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2001-1578

Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors.

Published: December 31, 2001; 12:00:00 AM -05:00
    V2: 2.1 LOW
CVE-2001-1579

The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service.

Published: December 31, 2001; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2001-1580

Directory traversal vulnerability in ScriptEase viewcode.jse for Netware 5.1 before 5.1 SP3 allows remote attackers to read arbitrary files via ".." sequences in the query string.

Published: December 31, 2001; 12:00:00 AM -05:00
    V2: 5.0 MEDIUM
CVE-2001-1581

The File Blocker feature in Clearswift MAILsweeper for SMTP 4.2 allows remote attackers to bypass e-mail attachment filtering policies via a modified name in a Content-Type header.

Published: December 31, 2001; 12:00:00 AM -05:00
    V2: 7.5 HIGH
CVE-2001-1582

Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that uses libsldap.

Published: December 31, 2001; 12:00:00 AM -05:00
    V2: 7.2 HIGH