Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2001-0625 |
ftpdownload in Computer Associates InoculateIT 6.0 allows a local attacker to overwrite arbitrary files via a symlink attack on /tmp/ftpdownload.log . Published: August 22, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2001-0626 |
O'Reilly Website Professional 2.5.4 and earlier allows remote attackers to determine the physical path to the root directory via a URL request containing a ":" character. Published: August 22, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2001-0627 |
vi as included with SCO OpenServer 5.0 - 5.0.6 allows a local attacker to overwrite arbitrary files via a symlink attack. Published: August 22, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 3.7 LOW |
CVE-2001-0630 |
Directory traversal vulnerability in MIMAnet viewsrc.cgi 2.0 allows a remote attacker to read arbitrary files via a '..' (dot dot) attack in the 'loc' variable. Published: August 22, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2001-0631 |
Centrinity First Class Internet Services 5.50 allows for the circumventing of the default 'spam' filters via the presence of '<@>' in the 'From:' field, which allows remote attackers to send spoofed email with the identity of local users. Published: August 22, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2001-0632 |
Sun Chili!Soft 3.5.2 on Linux and 3.6 on AIX creates a default admin username and password in the default installation, which can allow a remote attacker to gain additional privileges. Published: August 22, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2001-0633 |
Directory traversal vulnerability in Sun Chili!Soft ASP on multiple Unixes allows a remote attacker to read arbitrary files above the web root via a '..' (dot dot) attack in the sample script 'codebrws.asp'. Published: August 22, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2001-0634 |
Sun Chili!Soft ASP has weak permissions on various configuration files, which allows a local attacker to gain additional privileges and create a denial of service. Published: August 22, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2001-1139 |
Directory traversal vulnerability in ASCII NT WinWrapper Professional allows remote attackers to read arbitrary files via a .. (dot dot) in the server request. Published: August 22, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2001-1140 |
BadBlue Personal Edition v1.02 beta allows remote attackers to read source code for executable programs by appending a %00 (null byte) to the request. Published: August 22, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2001-1150 |
Vulnerability in cgiWebupdate.exe in Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.5.2 through 3.5.4 allows remote attackers to read arbitrary files. Published: August 22, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2001-1294 |
Buffer overflow in A-V Tronics Inetserv 3.2.1 and earlier allows remote attackers to cause a denial of service (crash) in the Webmail interface via a long username and password. Published: August 22, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2001-1131 |
Directory traversal vulnerability in WhitSoft Development SlimFTPd 2.2 allows an attacker to read arbitrary files and directories via a ... (modified dot dot) in the CD command. Published: August 21, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2001-1133 |
Vulnerability in a system call in BSDI 3.0 and 3.1 allows local users to cause a denial of service (reboot) in the kernel via a particular sequence of instructions. Published: August 21, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 2.1 LOW |
CVE-2001-1149 |
Panda Antivirus Platinum before 6.23.00 allows a remore attacker to cause a denial of service (crash) when a user selects an action for a malformed UPX packed executable file. Published: August 21, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2001-1166 |
linprocfs on FreeBSD 4.3 and earlier does not properly restrict access to kernel memory, which allows one process with debugging rights on a privileged process to read restricted memory from that process. Published: August 21, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2001-1295 |
Directory traversal vulnerability in Cerberus FTP Server 1.5 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the CD command. Published: August 21, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2000-1203 |
Lotus Domino SMTP server 4.63 through 5.08 allows remote attackers to cause a denial of service (CPU consumption) by forging an email message with the sender as bounce@[127.0.0.1] (localhost), which causes Domino to enter a mail loop. Published: August 20, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2001-1145 |
fts routines in FreeBSD 4.3 and earlier, NetBSD before 1.5.2, and OpenBSD 2.9 and earlier can be forced to change (chdir) into a different directory than intended when the directory above the current directory is moved, which could cause scripts to perform dangerous actions on the wrong directories. Published: August 17, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 6.2 MEDIUM |
CVE-2001-1305 |
ICQ 2001a Alpha and earlier allows remote attackers to automatically add arbitrary UINs to an ICQ user's contact list via a URL to a web page with a Content-Type of application/x-icq, which is processed by Internet Explorer. Published: August 17, 2001; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |