Lista CVE - 2000 / Febbraio
Visualizzazione 201 - 300 di 377 CVE per Febbraio 2000 (Pagina 3 di 4)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-1999-0603 | 2000-02-04 | In Windows NT, an inappropriate user is a member of a group, e.g. Administrator, Backup Operators, Domain Admins, Domain Guests, Power Users, Print Operators, Replicators, System Operators, etc. |
| CVE-1999-0604 | 2000-02-04 | An incorrect configuration of the WebStore 1.0 shopping cart CGI program "web_store.cgi" could disclose private information. |
| CVE-1999-0605 | 2000-02-04 | An incorrect configuration of the Order Form 1.0 shopping cart CGI program could disclose private information. |
| CVE-1999-0606 | 2000-02-04 | An incorrect configuration of the EZMall 2000 shopping cart CGI program "mall2000.cgi" could disclose private information. |
| CVE-1999-0607 | 2000-02-04 | quikstore.cgi in QuikStore shopping cart stores quikstore.cfg under the web document root with insufficient access control, which allows remote attackers to obtain the cleartext administrator password and gain privileges. |
| CVE-1999-0609 | 2000-02-04 | An incorrect configuration of the SoftCart CGI program "SoftCart.exe" could disclose private information. |
| CVE-1999-0610 | 2000-02-04 | An incorrect configuration of the Webcart CGI program could disclose private information. |
| CVE-1999-0611 | 2000-02-04 | A system-critical Windows NT registry key has an inappropriate value. |
| CVE-1999-0613 | 2000-02-04 | The rpc.sprayd service is running. |
| CVE-1999-0618 | 2000-02-04 | The rexec service is running. |
| CVE-1999-0624 | 2000-02-04 | The rstat/rstatd service is running. |
| CVE-1999-0625 | 2000-02-04 | The rpc.rquotad service is running. |
| CVE-1999-0629 | 2000-02-04 | The ident/identd service is running. |
| CVE-1999-0630 | 2000-02-04 | The NT Alerter and Messenger services are running. |
| CVE-1999-0632 | 2000-02-04 | The RPC portmapper service is running. |
| CVE-1999-0635 | 2000-02-04 | The echo service is running. |
| CVE-1999-0636 | 2000-02-04 | The discard service is running. |
| CVE-1999-0637 | 2000-02-04 | The systat service is running. |
| CVE-1999-0638 | 2000-02-04 | The daytime service is running. |
| CVE-1999-0639 | 2000-02-04 | The chargen service is running. |
| CVE-1999-0640 | 2000-02-04 | The Gopher service is running. |
| CVE-1999-0641 | 2000-02-04 | The UUCP service is running. |
| CVE-1999-0650 | 2000-02-04 | The netstat service is running, which provides sensitive information to remote attackers. |
| CVE-1999-0651 | 2000-02-04 | The rsh/rlogin service is running. |
| CVE-1999-0653 | 2000-02-04 | A component service related to NIS+ is running. |
| CVE-1999-0654 | 2000-02-04 | The OS/2 or POSIX subsystem in NT is enabled. |
| CVE-1999-0656 | 2000-02-04 | The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names. |
| CVE-1999-0657 | 2000-02-04 | WinGate is being used. |
| CVE-1999-0661 | 2000-02-04 | A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g,... |
| CVE-1999-0662 | 2000-02-04 | A system-critical program or library does not have the appropriate patch, hotfix, or service pack installed, or is outdated or obsolete. |
| CVE-1999-0663 | 2000-02-04 | A system-critical program, library, or file has a checksum or other integrity measurement that indicates that it has been modified. |
| CVE-1999-0664 | 2000-02-04 | An application-critical Windows NT registry key has inappropriate permissions. |
| CVE-1999-0665 | 2000-02-04 | An application-critical Windows NT registry key has an inappropriate value. |
| CVE-1999-0667 | 2000-02-04 | The ARP protocol allows any host to spoof ARP replies and poison the ARP cache to conduct IP address spoofing or a denial of service. |
| CVE-1999-0669 | 2000-02-04 | The Eyedog ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy. |
| CVE-1999-0670 | 2000-02-04 | Buffer overflow in the Eyedog ActiveX control allows a remote attacker to execute arbitrary commands. |
| CVE-1999-0673 | 2000-02-04 | Buffer overflow in ALMail32 POP3 client via From: or To: headers. |
| CVE-1999-0677 | 2000-02-04 | The WebRamp web administration utility has a default password. |
| CVE-1999-0684 | 2000-02-04 | Denial of service in Sendmail 8.8.6 in HPUX. |
| CVE-1999-0698 | 2000-02-04 | Denial of service in IP protocol logger (ippl) on Red Hat and Debian Linux. |
| CVE-1999-0712 | 2000-02-04 | A vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable. |
| CVE-1999-0736 | 2000-02-04 | The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. |
| CVE-1999-0737 | 2000-02-04 | The viewcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. |
| CVE-1999-0738 | 2000-02-04 | The code.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. |
| CVE-1999-0739 | 2000-02-04 | The codebrws.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files. |
| CVE-1999-0741 | 2000-02-04 | QMS CrownNet Unix Utilities for 2060 allows root to log on without a password. |
| CVE-1999-0748 | 2000-02-04 | Buffer overflows in Red Hat net-tools package. |
| CVE-1999-0750 | 2000-02-04 | Hotmail allows Javascript to be executed via the HTML STYLE tag, allowing remote attackers to execute commands on the user's Hotmail account. |
| CVE-1999-0767 | 2000-02-04 | Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable. |
| CVE-1999-0776 | 2000-02-04 | Alibaba HTTP server allows remote attackers to read files via a .. (dot dot) attack. |
| CVE-1999-0792 | 2000-02-04 | ROUTERmate has a default SNMP community name which allows remote attackers to modify its configuration. |
| CVE-1999-0795 | 2000-02-04 | The NIS+ rpc.nisd server allows remote attackers to execute certain RPC calls without authentication to obtain system information, disable logging, or modify caches. |
| CVE-1999-0798 | 2000-02-04 | Buffer overflow in bootpd on OpenBSD, FreeBSD, and Linux systems via a malformed header type. |
| CVE-1999-0816 | 2000-02-04 | The Motorola CableRouter allows any remote user to connect to and configure the router on port 1024. |
| CVE-1999-0818 | 2000-02-04 | Buffer overflow in Solaris kcms_configure via a long NETPATH environmental variable. |
| CVE-1999-0821 | 2000-02-04 | FreeBSD seyon allows local users to gain privileges by providing a malicious program in the -emulator argument. |
| CVE-1999-0822 | 2000-02-04 | Buffer overflow in Qpopper (qpop) 3.0 allows remote root access via AUTH command. |
| CVE-1999-0825 | 2000-02-04 | The default permissions for UnixWare /var/mail allow local users to read and modify other users' mail. |
| CVE-1999-0827 | 2000-02-04 | By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing. |
| CVE-1999-0828 | 2000-02-04 | UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary files via the dacread permission. |
| CVE-1999-0829 | 2000-02-04 | HP Secure Web Console uses weak encryption. |
| CVE-1999-0830 | 2000-02-04 | Buffer overflow in SCO UnixWare Xsco command via a long argument. |
| CVE-1999-0840 | 2000-02-04 | Buffer overflow in CDE dtmail and dtmailpr programs allows local users to gain privileges via a long -f option. |
| CVE-1999-0841 | 2000-02-04 | Buffer overflow in CDE mailtool allows local users to gain root privileges via a long MIME Content-Type. |
| CVE-1999-0843 | 2000-02-04 | Denial of service in Cisco routers running NAT via a PORT command from an FTP client to a Telnet port. |
| CVE-1999-0844 | 2000-02-04 | Denial of service in MDaemon WorldClient and WebConfig services via a long URL. |
| CVE-1999-0845 | 2000-02-04 | Buffer overflow in SCO su program allows local users to gain root access via a long username. |
| CVE-1999-0846 | 2000-02-04 | Denial of service in MDaemon 2.7 via a large number of connection attempts. |
| CVE-1999-0850 | 2000-02-04 | The default permissions for Endymion MailMan allow local users to read email or modify files. |
| CVE-1999-0852 | 2000-02-04 | IBM WebSphere sets permissions that allow a local user to modify a deinstallation script or its data files stored in /usr/bin. |
| CVE-1999-0855 | 2000-02-04 | Buffer overflow in FreeBSD gdc program. |
| CVE-1999-0857 | 2000-02-04 | FreeBSD gdc program allows local users to modify files via a symlink attack. |
| CVE-1999-0860 | 2000-02-04 | Solaris chkperm allows local users to read files owned by bin via the VMSYS environmental variable and a symlink attack. |
| CVE-1999-0862 | 2000-02-04 | Insecure directory permissions in RPM distribution for PostgreSQL allows local users to gain privileges by reading a plaintext password file. |
| CVE-1999-0863 | 2000-02-04 | Buffer overflow in FreeBSD seyon via HOME environmental variable, -emulator argument, -modems argument, or the GUI. |
| CVE-1999-0872 | 2000-02-04 | Buffer overflow in Vixie cron allows local users to gain root access via a long MAILTO environment variable in a crontab file. |
| CVE-1999-0882 | 2000-02-04 | Falcon web server allows remote attackers to determine the absolute path of the web root via long file names. |
| CVE-1999-0885 | 2000-02-04 | Alibaba web server allows remote attackers to execute commands via a pipe character in a malformed URL. |
| CVE-1999-0910 | 2000-02-04 | Microsoft Site Server and Commercial Internet System (MCIS) do not set an expiration for a cookie, which could then be cached by a proxy and inadvertently used by a different... |
| CVE-1999-0911 | 2000-02-04 | Buffer overflow in ProFTPD, wu-ftpd, and beroftpd allows remote attackers to gain root access via a series of MKD and CWD commands that create nested directories. |
| CVE-1999-0913 | 2000-02-04 | dfire.cgi script in Dragon-Fire IDS allows remote users to execute commands via shell metacharacters. |
| CVE-1999-0919 | 2000-02-04 | A memory leak in a Motorola CableRouter allows remote attackers to conduct a denial of service via a large number of telnet connections. |
| CVE-1999-0925 | 2000-02-04 | UnityMail allows remote attackers to conduct a denial of service via a large number of MIME headers. |
| CVE-1999-0929 | 2000-02-04 | Novell NetWare with Novell-HTTP-Server or YAWN web servers allows remote attackers to conduct a denial of service via a large number of HTTP GET requests. |
| CVE-1999-0941 | 2000-02-04 | Mutt mail client allows a remote attacker to execute commands via shell metacharacters. |
| CVE-1999-0944 | 2000-02-04 | IBM WebSphere ikeyman tool uses weak encryption to store a password for a key database that is used for SSL connections. |
| CVE-1999-0948 | 2000-02-04 | Buffer overflow in uum program for Canna input system allows local users to gain root privileges. |
| CVE-1999-0949 | 2000-02-04 | Buffer overflow in canuum program for Canna input system allows local users to gain root privileges. |
| CVE-1999-0952 | 2000-02-04 | Buffer overflow in Solaris lpstat via class argument allows local users to gain root access. |
| CVE-1999-0970 | 2000-02-04 | The OmniHTTPD visadmin.exe program allows a remote attacker to conduct a denial of service via a malformed URL which causes a large number of temporary files to be created. |
| CVE-1999-0983 | 2000-02-04 | Whois Internic Lookup program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry. |
| CVE-1999-0984 | 2000-02-04 | Matt's Whois program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry. |
| CVE-1999-0985 | 2000-02-04 | CC Whois program whois.cgi allows remote attackers to execute commands via shell metacharacters in the domain entry. |
| CVE-1999-0988 | 2000-02-04 | UnixWare pkgtrans allows local users to read arbitrary files via a symlink attack. |
| CVE-1999-0990 | 2000-02-04 | Error messages generated by gdm with the VerboseAuth setting allows an attacker to identify valid users on a system. |
| CVE-1999-0993 | 2000-02-04 | Modifications to ACLs (Access Control Lists) in Microsoft Exchange 5.5 do not take effect until the directory store cache is refreshed. |
| CVE-1999-1002 | 2000-02-04 | Netscape Navigator uses weak encryption for storing a user's Netscape mail password. |
| CVE-1999-1003 | 2000-02-04 | War FTP Daemon 1.70 allows remote attackers to cause a denial of service by flooding it with connections. |
| CVE-1999-1006 | 2000-02-04 | Groupwise web server GWWEB.EXE allows remote attackers to determine the real path of the web server via the HELP parameter. |
| CVE-1999-1009 | 2000-02-04 | The Disney Go Express Search allows remote attackers to access and modify search information for users by connecting to an HTTP server on the user's system. |