Search Results (Refine Search)

Search Parameters:
There are 163,028 matching records.
Displaying matches 161,301 through 161,320.
Vuln ID Summary CVSS Severity
CVE-2000-0176

The default configuration of Serv-U 2.5d and earlier allows remote attackers to determine the real pathname of the server by requesting a URL for a directory or file that does not exist.

Published: February 29, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2000-0191

Axis StorPoint CD allows remote attackers to access administrator URLs without authentication via a .. (dot dot) attack.

Published: February 29, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 10.0 HIGH
CVE-2000-0208

The htdig (ht://Dig) CGI program htsearch allows remote attackers to read arbitrary files by enclosing the file name with backticks (`) in parameters to htsearch.

Published: February 29, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2000-0216

Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Receipt and Delivery Receipt tags, which could allow an attacker to flood a mail system with responses by forging a Read Receipt request that is redirected to a large distribution list.

Published: February 29, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2000-0178

ServerIron switches by Foundry Networks have predictable TCP/IP sequence numbers, which allows remote attackers to spoof or hijack sessions.

Published: February 28, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2000-0179

HP OpenView OmniBack 2.55 allows remote attackers to cause a denial of service via a large number of connections to port 5555.

Published: February 28, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2000-0186

Buffer overflow in the dump utility in the Linux ext2fs backup package allows local users to gain privileges via a long command line argument.

Published: February 28, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2000-0196

Buffer overflow in mhshow in the Linux nmh package allows remote attackers to execute commands via malformed MIME headers in an email message.

Published: February 28, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2000-0203

The Trend Micro OfficeScan client tmlisten.exe allows remote attackers to cause a denial of service via malformed data to port 12345.

Published: February 28, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2000-0204

The Trend Micro OfficeScan client allows remote attackers to cause a denial of service by making 5 connections to port 12345, which raises CPU utilization to 100%.

Published: February 28, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2000-0187

EZShopper 3.0 loadpage.cgi CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack or execute commands via shell metacharacters.

Published: February 27, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2000-0188

EZShopper 3.0 search.cgi CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack or execute commands via shell metacharacters.

Published: February 27, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.5 HIGH
CVE-2000-0209

Buffer overflow in Lynx 2.x allows remote attackers to crash Lynx and possibly execute commands via a long URL in a malicious web page.

Published: February 27, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.6 HIGH
CVE-2000-0170

Buffer overflow in the man program in Linux allows local users to gain privileges via the MANPAGER environmental variable.

Published: February 26, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2000-0221

The Nautica Marlin bridge allows remote attackers to cause a denial of service via a zero length UDP packet to the SNMP port.

Published: February 25, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2000-0194

buildxconf in Corel Linux allows local users to modify or create arbitrary files via the -x or -f parameters.

Published: February 24, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2000-0195

setxconf in Corel Linux allows local users to gain root access via the -T parameter, which executes the user's .xserverrc file.

Published: February 24, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 7.2 HIGH
CVE-2000-0212

InterAccess TelnetD Server 4.0 allows remote attackers to conduct a denial of service via malformed terminal client configuration information.

Published: February 24, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.0 MEDIUM
CVE-2000-0214

FTP Explorer uses weak encryption for storing the username, password, and profile of FTP sites.

Published: February 24, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 4.6 MEDIUM
CVE-2000-0217

The default configuration of SSH allows X forwarding, which could allow a remote attacker to control a client's X sessions via a malicious xauth program.

Published: February 24, 2000; 12:00:00 AM -0500
V3.x:(not available)
V2.0: 5.1 MEDIUM