National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Search Results (Refine Search)

There are 136,790 matching records.
Displaying matches 133201 through 133220.
Vuln ID Summary CVSS Severity
CVE-2001-0585

Gordano NTMail 6.0.3c allows a remote attacker to create a denial of service via a long (>= 255 characters) URL request to port 8000 or port 9000.

Published: August 22, 2001; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2001-0586

TrendMicro ScanMail for Exchange 3.5 Evaluation allows a local attacker to recover the administrative credentials for ScanMail via a combination of unprotected registry keys and weakly encrypted passwords.

Published: August 22, 2001; 12:00:00 AM -04:00
    V2: 4.6 MEDIUM
CVE-2001-0587

deliver program in MMDF 2.43.3b in SCO OpenServer 5.0.6 can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command.

Published: August 22, 2001; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-2001-0588

sendmail 8.9.3, as included with the MMDF 2.43.3b package in SCO OpenServer 5.0.6, can allow a local attacker to gain additional privileges via a buffer overflow in the first argument to the command.

Published: August 22, 2001; 12:00:00 AM -04:00
    V2: 4.6 MEDIUM
CVE-2001-0589

NetScreen ScreenOS prior to 2.5r6 on the NetScreen-10 and Netscreen-100 can allow a local attacker to bypass the DMZ 'denial' policy via specific traffic patterns.

Published: August 22, 2001; 12:00:00 AM -04:00
    V2: 2.1 LOW
CVE-2001-0591

Directory traversal vulnerability in Oracle JSP 1.0.x through 1.1.1 and Oracle 8.1.7 iAS Release 1.0.2 can allow a remote attacker to read or execute arbitrary .jsp files via a '..' (dot dot) attack.

Published: August 22, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-0593

Anaconda Partners Clipper 3.3 and earlier allows a remote attacker to read arbitrary files via a '..' (dot dot) attack in the template parameter.

Published: August 22, 2001; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2001-0605

Headlight Software MyGetright prior to 1.0b allows a remote attacker to upload and/or overwrite arbitrary files via a malicious .dld (skins-data) file which contains long strings of random data.

Published: August 22, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-0606

Vulnerability in iPlanet Web Server 4.X in HP-UX 11.04 (VVOS) with VirtualVault A.04.00 allows a remote attacker to create a denial of service via the HTTPS service.

Published: August 22, 2001; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2001-0607

asecure as included with HP-UX 10.01 through 11.00 can allow a local attacker to create a denial of service and gain additional privileges via unsafe permissions on the asecure program, a different vulnerability than CVE-2000-0083.

Published: August 22, 2001; 12:00:00 AM -04:00
    V2: 4.6 MEDIUM
CVE-2001-0608

HP architected interface facility (AIF) as includes with MPE/iX 5.5 through 6.5 running on a HP3000 allows an attacker to gain additional privileges and gain access to databases via the AIF - AIFCHANGELOGON program.

Published: August 22, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-0612

McAfee Remote Desktop 3.0 and earlier allows remote attackers to cause a denial of service (crash) via a large number of packets to port 5045.

Published: August 22, 2001; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2001-0613

Omnicron Technologies OmniHTTPD Professional 2.08 and earlier allows a remote attacker to create a denial of service via a long POST URL request.

Published: August 22, 2001; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2001-0614

Carello E-Commerce 1.2.1 and earlier allows a remote attacker to gain additional privileges and execute arbitrary commands via a specially constructed URL.

Published: August 22, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-0617

Allied Telesyn AT-AR220e cable/DSL router firmware 1.08a RC14 with the portmapper and the 'Virtual Server' enabled can allow a remote attacker to gain access to mapped services even though the single portmappings may be disabled.

Published: August 22, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-0625

ftpdownload in Computer Associates InoculateIT 6.0 allows a local attacker to overwrite arbitrary files via a symlink attack on /tmp/ftpdownload.log .

Published: August 22, 2001; 12:00:00 AM -04:00
    V2: 7.2 HIGH
CVE-2001-0626

O'Reilly Website Professional 2.5.4 and earlier allows remote attackers to determine the physical path to the root directory via a URL request containing a ":" character.

Published: August 22, 2001; 12:00:00 AM -04:00
    V2: 7.5 HIGH
CVE-2001-0627

vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local attacker to overwrite arbitrary files via a symlink attack.

Published: August 22, 2001; 12:00:00 AM -04:00
    V2: 3.7 LOW
CVE-2001-0630

Directory traversal vulnerability in MIMAnet viewsrc.cgi 2.0 allows a remote attacker to read arbitrary files via a '..' (dot dot) attack in the 'loc' variable.

Published: August 22, 2001; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM
CVE-2001-0631

Centrinity First Class Internet Services 5.50 allows for the circumventing of the default 'spam' filters via the presence of '<@>' in the 'From:' field, which allows remote attackers to send spoofed email with the identity of local users.

Published: August 22, 2001; 12:00:00 AM -04:00
    V2: 5.0 MEDIUM