Search Results (Refine Search)
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2000-0317 |
Buffer overflow in Solaris 7 lpset allows local users to gain root privileges via a long -r option. Published: April 24, 2000; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2000-0321 |
Buffer overflow in IC Radius package allows a remote attacker to cause a denial of service via a long user name. Published: April 24, 2000; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2000-0322 |
The passwd.php3 CGI script in the Red Hat Piranha Virtual Server Package allows local users to execute arbitrary commands via shell metacharacters. Published: April 24, 2000; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2000-0334 |
The Allaire Spectra container editor preview tool does not properly enforce object security, which allows an attacker to conduct unauthorized activities via an object-method that is added to the container object with a publishing rule. Published: April 24, 2000; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 2.1 LOW |
CVE-2000-0337 |
Buffer overflow in Xsun X server in Solaris 7 allows local users to gain root privileges via a long -dev parameter. Published: April 24, 2000; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2000-0339 |
ZoneAlarm 2.1.10 and earlier does not filter UDP packets with a source port of 67, which allows remote attackers to bypass the firewall rules. Published: April 24, 2000; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2000-0319 |
mail.local in Sendmail 8.10.x does not properly identify the .\n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 2047 characters long and ends in .\n. Published: April 23, 2000; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2000-0338 |
Concurrent Versions Software (CVS) uses predictable temporary file names for locking, which allows local users to cause a denial of service by creating the lock directory before it is created for use by a legitimate CVS user. Published: April 23, 2000; 12:00:00 AM -0400 |
V4.0:(not available) V3.1: 5.5 MEDIUM V2.0: 5.0 MEDIUM |
CVE-2000-0458 |
The MSWordView application in IMP creates world-readable files in the /tmp directory, which allows other local users to read potentially sensitive information. Published: April 22, 2000; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 2.1 LOW |
CVE-2000-0459 |
IMP does not remove files properly if the MSWordView application quits, which allows local users to cause a denial of service by filling up the disk space by requesting a large number of documents and prematurely stopping the request. Published: April 22, 2000; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2000-0295 |
Buffer overflow in LCDproc allows remote attackers to gain root privileges via the screen_add command. Published: April 21, 2000; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2000-0318 |
Atrium Mercur Mail Server 3.2 allows local attackers to read other user's email and create arbitrary files via a dot dot (..) attack. Published: April 21, 2000; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2000-0320 |
Qpopper 2.53 and 3.0 does not properly identify the \n string which identifies the end of message text, which allows a remote attacker to cause a denial of service or corrupt mailboxes via a message line that is 1023 characters long and ends in \n. Published: April 21, 2000; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2000-0336 |
Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack. Published: April 21, 2000; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 2.1 LOW |
CVE-2000-0267 |
Cisco Catalyst 5.4.x allows a user to gain access to the "enable" mode without a password. Published: April 20, 2000; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 4.6 MEDIUM |
CVE-2000-0268 |
Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of service by sending the ENVIRON option to the Telnet daemon before it is ready to accept it, which causes the system to reboot. Published: April 20, 2000; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2000-0272 |
RealNetworks RealServer allows remote attackers to cause a denial of service by sending malformed input to the server at port 7070. Published: April 20, 2000; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2000-0311 |
The Windows 2000 domain controller allows a malicious user to modify Active Directory information by modifying an unprotected attribute, aka the "Mixed Object Access" vulnerability. Published: April 20, 2000; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 2.1 LOW |
CVE-2000-0331 |
Buffer overflow in Microsoft command processor (CMD.EXE) for Windows NT and Windows 2000 allows a local user to cause a denial of service via a long environment variable, aka the "Malformed Environment Variable" vulnerability. Published: April 20, 2000; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2000-0256 |
Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 98 Server Extensions allow a user to conduct activities that are not otherwise available through the web site, aka the "Server-Side Image Map Components" vulnerability. Published: April 19, 2000; 12:00:00 AM -0400 |
V4.0:(not available) V3.x:(not available) V2.0: 7.5 HIGH |