Lista CVE - 2000 / Luglio
Visualizzazione 1 - 100 di 155 CVE per Luglio 2000 (Pagina 1 di 2)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-1999-0387 | 2000-07-12 | A legacy credential caching mechanism used in Windows 95 and Windows 98 systems allows attackers to read plaintext network passwords. |
| CVE-1999-0415 | 2000-07-12 | The HTTP server in Cisco 7xx series routers 3.2 through 4.2 is enabled by default, which allows remote attackers to change the router's configuration. |
| CVE-1999-0416 | 2000-07-12 | Vulnerability in Cisco 7xx series routers allows a remote attacker to cause a system reload via a TCP connection to the router's TELNET port. |
| CVE-1999-0820 | 2000-07-12 | FreeBSD seyon allows users to gain privileges via a modified PATH variable for finding the xterm and seyon-emu commands. |
| CVE-1999-0959 | 2000-07-12 | IRIX startmidi program allows local users to modify arbitrary files via a symlink attack. |
| CVE-2000-0001 | 2000-07-12 | RealMedia server allows remote attackers to cause a denial of service via a long ramgen request. |
| CVE-2000-0011 | 2000-07-12 | Buffer overflow in AnalogX SimpleServer:WWW HTTP server allows remote attackers to execute commands via a long GET request. |
| CVE-2000-0013 | 2000-07-12 | IRIX soundplayer program allows local users to gain privileges by including shell metacharacters in a .wav file, which is executed via the midikeys program. |
| CVE-2000-0015 | 2000-07-12 | CascadeView TFTP server allows local users to gain privileges via a symlink attack. |
| CVE-2000-0018 | 2000-07-12 | wmmon in FreeBSD allows local users to gain privileges via the .wmmonrc configuration file. |
| CVE-2000-0030 | 2000-07-12 | Solaris dmispd dmi_cmd allows local users to fill up restricted disk space by adding files to the /var/dmi/db database. |
| CVE-2000-0032 | 2000-07-12 | Solaris dmi_cmd allows local users to crash the dmispd daemon by adding a malformed file to the /var/dmi/db database. |
| CVE-2000-0034 | 2000-07-12 | Netscape 4.7 records user passwords in the preferences.js file during an IMAP or POP session, even if the user has not enabled "remember passwords." |
| CVE-2000-0045 | 2000-07-12 | MySQL allows local users to modify passwords for arbitrary MySQL users via the GRANT privilege. |
| CVE-2000-0092 | 2000-07-12 | The BSD make program allows local users to modify files via a symlink attack when the -j option is being used. |
| CVE-2000-0157 | 2000-07-12 | NetBSD ptrace call on VAX allows local users to gain privileges by modifying the PSL contents in the debugging process. |
| CVE-2000-0168 | 2000-07-12 | Microsoft Windows 9x operating systems allow an attacker to cause a denial of service via a pathname that includes file device names, aka the "DOS Device in Path Name" vulnerability. |
| CVE-2000-0174 | 2000-07-12 | StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
| CVE-2000-0175 | 2000-07-12 | Buffer overflow in StarOffice StarScheduler web server allows remote attackers to gain root access via a long GET command. |
| CVE-2000-0195 | 2000-07-12 | setxconf in Corel Linux allows local users to gain root access via the -T parameter, which executes the user's .xserverrc file. |
| CVE-2000-0236 | 2000-07-12 | Netscape Enterprise Server with Directory Indexing enabled allows remote attackers to list server directories via web publishing tags such as ?wp-ver-info and ?wp-cs-dump. |
| CVE-2000-0249 | 2000-07-12 | The AIX Fast Response Cache Accelerator (FRCA) allows local users to modify arbitrary files via the configuration capability in the frcactrl program. |
| CVE-2000-0251 | 2000-07-12 | HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes via an interface that has multiple aliased IP addresses. |
| CVE-2000-0261 | 2000-07-12 | The AVM KEN! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
| CVE-2000-0262 | 2000-07-12 | The AVM KEN! ISDN Proxy server allows remote attackers to cause a denial of service via a malformed request. |
| CVE-2000-0264 | 2000-07-12 | Panda Security 3.0 with registry editing disabled allows users to edit the registry and gain privileges by directly executing a .reg file or using other methods. |
| CVE-2000-0279 | 2000-07-12 | BeOS allows remote attackers to cause a denial of service via malformed packets whose length field is less than the length of the headers. |
| CVE-2000-0297 | 2000-07-12 | Allaire Forums 2.0.5 allows remote attackers to bypass access restrictions to secure conferences via the rightAccessAllForums or rightModerateAllForums variables. |
| CVE-2000-0303 | 2000-07-12 | Quake3 Arena allows malicious server operators to read or modify files on a client via a dot dot (..) attack. |
| CVE-2000-0304 | 2000-07-12 | Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to cause a denial of service via a malformed request to the inetinfo.exe program, aka... |
| CVE-2000-0305 | 2000-07-12 | Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical... |
| CVE-2000-0311 | 2000-07-12 | The Windows 2000 domain controller allows a malicious user to modify Active Directory information by modifying an unprotected attribute, aka the "Mixed Object Access" vulnerability. |
| CVE-2000-0316 | 2000-07-12 | Buffer overflow in Solaris 7 lp allows local users to gain root privileges via a long -d option. |
| CVE-2000-0331 | 2000-07-12 | Buffer overflow in Microsoft command processor (CMD.EXE) for Windows NT and Windows 2000 allows a local user to cause a denial of service via a long environment variable, aka the... |
| CVE-2000-0334 | 2000-07-12 | The Allaire Spectra container editor preview tool does not properly enforce object security, which allows an attacker to conduct unauthorized activities via an object-method that is added to the container... |
| CVE-2000-0336 | 2000-07-12 | Linux OpenLDAP server allows local users to modify arbitrary files via a symlink attack. |
| CVE-2000-0337 | 2000-07-12 | Buffer overflow in Xsun X server in Solaris 7 allows local users to gain root privileges via a long -dev parameter. |
| CVE-2000-0339 | 2000-07-12 | ZoneAlarm 2.1.10 and earlier does not filter UDP packets with a source port of 67, which allows remote attackers to bypass the firewall rules. |
| CVE-2000-0342 | 2000-07-12 | Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka... |
| CVE-2000-0346 | 2000-07-12 | AppleShare IP 6.1 and later allows a remote attacker to read potentially sensitive information via an invalid range request to the web server. |
| CVE-2000-0350 | 2000-07-12 | A debugging feature in NetworkICE ICEcap 2.0.23 and earlier is enabled, which allows a remote attacker to bypass the weak authentication and post unencrypted events. |
| CVE-2000-0352 | 2000-07-12 | Pine before version 4.21 does not properly filter shell metacharacters from URLs, which allows remote attackers to execute arbitrary commands via a malformed URL. |
| CVE-2000-0353 | 2000-07-12 | Pine 4.x allows a remote attacker to execute arbitrary commands via an index.html file which executes lynx and obtains a uudecoded file from a malicious web server, which is then... |
| CVE-2000-0354 | 2000-07-12 | mirror 2.8.x in Linux systems allows remote attackers to create files one level above the local target directory. |
| CVE-2000-0356 | 2000-07-12 | Pluggable Authentication Modules (PAM) in Red Hat Linux 6.1 does not properly lock access to disabled NIS accounts. |
| CVE-2000-0359 | 2000-07-12 | Buffer overflow in Trivial HTTP (THTTPd) allows remote attackers to cause a denial of service or execute arbitrary commands via a long If-Modified-Since header. |
| CVE-2000-0360 | 2000-07-12 | Buffer overflow in INN 2.2.1 and earlier allows remote attackers to cause a denial of service via a maliciously formatted article. |
| CVE-2000-0361 | 2000-07-12 | The PPP wvdial.lxdialog script in wvdial 1.4 and earlier creates a .config file with world readable permissions, which allows a local attacker in the dialout group to access login and... |
| CVE-2000-0362 | 2000-07-12 | Buffer overflows in Linux cdwtools 093 and earlier allows local users to gain root privileges. |
| CVE-2000-0363 | 2000-07-12 | Linux cdwtools 093 and earlier allows local users to gain root privileges via the /tmp directory. |
| CVE-2000-0367 | 2000-07-12 | Vulnerability in eterm 0.8.8 in Debian GNU/Linux allows an attacker to gain root privileges. |
| CVE-2000-0370 | 2000-07-12 | The debug option in Caldera Linux smail allows remote attackers to execute commands via shell metacharacters in the -D option for the rmail command. |
| CVE-2000-0371 | 2000-07-12 | The libmediatool library used for the KDE mediatool allows local users to create arbitrary files via a symlink attack. |
| CVE-2000-0372 | 2000-07-12 | Vulnerability in Caldera rmt command in the dump package 0.4b4 allows a local user to gain root privileges. |
| CVE-2000-0373 | 2000-07-12 | Vulnerabilities in the KDE kvt terminal program allow local users to gain root privileges. |
| CVE-2000-0376 | 2000-07-12 | Buffer overflow in the HTTP proxy server for the i-drive Filo software allows remote attackers to execute arbitrary commands via a long HTTP GET request. |
| CVE-2000-0377 | 2000-07-12 | The Remote Registry server in Windows NT 4.0 allows local authenticated users to cause a denial of service via a malformed request, which causes the winlogon process to fail, aka... |
| CVE-2000-0379 | 2000-07-12 | The Netopia R9100 router does not prevent authenticated users from modifying SNMP tables, even if the administrator has configured it to do so. |
| CVE-2000-0380 | 2000-07-12 | The IOS HTTP service in Cisco routers and switches running IOS 11.1 through 12.1 allows remote attackers to cause a denial of service by requesting a URL that contains a... |
| CVE-2000-0381 | 2000-07-12 | The Gossamer Threads DBMan db.cgi CGI script allows remote attackers to view environmental variables and setup information by referencing a non-existing database in the db parameter. |
| CVE-2000-0382 | 2000-07-12 | ColdFusion ClusterCATS appends stale query string arguments to a URL during HTML redirection, which may provide sensitive information to the redirected site. |
| CVE-2000-0387 | 2000-07-12 | The makelev program in the golddig game from the FreeBSD ports collection allows local users to overwrite arbitrary files. |
| CVE-2000-0388 | 2000-07-12 | Buffer overflow in FreeBSD libmytinfo library allows local users to execute commands via a long TERMCAP environmental variable. |
| CVE-2000-0389 | 2000-07-12 | Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges. |
| CVE-2000-0390 | 2000-07-12 | Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges. |
| CVE-2000-0391 | 2000-07-12 | Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges. |
| CVE-2000-0392 | 2000-07-12 | Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges. |
| CVE-2000-0393 | 2000-07-12 | The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate... |
| CVE-2000-0394 | 2000-07-12 | NetProwler 3.0 allows remote attackers to cause a denial of service by sending malformed IP packets that trigger NetProwler's Man-in-the-Middle signature. |
| CVE-2000-0395 | 2000-07-12 | Buffer overflow in CProxy 3.3 allows remote users to cause a denial of service via a long HTTP request. |
| CVE-2000-0396 | 2000-07-12 | The add.exe program in the Carello shopping cart software allows remote attackers to duplicate files on the server, which could allow the attacker to read source code for web scripts... |
| CVE-2000-0397 | 2000-07-12 | The EMURL web-based email account software encodes predictable identifiers in user session URLs, which allows a remote attacker to access a user's email account. |
| CVE-2000-0398 | 2000-07-12 | Buffer overflow in wconsole.dll in Rockliffe MailSite Management Agent allows remote attackers to execute arbitrary commands via a long query_string parameter in the HTTP GET request. |
| CVE-2000-0399 | 2000-07-12 | Buffer overflow in MDaemon POP server allows remote attackers to cause a denial of service via a long user name. |
| CVE-2000-0402 | 2000-07-12 | The Mixed Mode authentication capability in Microsoft SQL Server 7.0 stores the System Administrator (sa) account in plaintext in a log file which is readable by any user, aka the... |
| CVE-2000-0403 | 2000-07-12 | The CIFS Computer Browser service on Windows NT 4.0 allows a remote attacker to cause a denial of service by sending a large number of host announcement requests to the... |
| CVE-2000-0404 | 2000-07-12 | The CIFS Computer Browser service allows remote attackers to cause a denial of service by sending a ResetBrowser frame to the Master Browser, aka the "ResetBrowser Frame" vulnerability. |
| CVE-2000-0405 | 2000-07-12 | Buffer overflow in L0pht AntiSniff allows remote attackers to execute arbitrary commands via a malformed DNS response packet. |
| CVE-2000-0406 | 2000-07-12 | Netscape Communicator before version 4.73 and Navigator 4.07 do not properly validate SSL certificates, which allows remote attackers to steal information by redirecting traffic from a legitimate web server to... |
| CVE-2000-0407 | 2000-07-12 | Buffer overflow in Solaris netpr program allows local users to execute arbitrary commands via a long -p option. |
| CVE-2000-0408 | 2000-07-12 | IIS 4.05 and 5.0 allow remote attackers to cause a denial of service via a long, complex URL that appears to contain a large number of file extensions, aka the... |
| CVE-2000-0409 | 2000-07-12 | Netscape 4.73 and earlier follows symlinks when it imports a new certificate, which allows local users to overwrite files of the user importing the certificate. |
| CVE-2000-0410 | 2000-07-12 | ColdFusion Server 4.5.1 allows remote attackers to cause a denial of service by making repeated requests to a CFCACHE tagged cache file that is not stored in memory. |
| CVE-2000-0411 | 2000-07-12 | Matt Wright's FormMail CGI script allows remote attackers to obtain environmental variables via the env_report parameter. |
| CVE-2000-0414 | 2000-07-12 | Vulnerability in shutdown command for HP-UX 11.X and 10.X allows allows local users to gain privileges via malformed input variables. |
| CVE-2000-0416 | 2000-07-12 | NTMail 5.x allows network users to bypass the NTMail proxy restrictions by redirecting their requests to NTMail's web configuration server. |
| CVE-2000-0417 | 2000-07-12 | The HTTP administration interface to the Cayman 3220-H DSL router allows remote attackers to cause a denial of service via a long username or password. |
| CVE-2000-0418 | 2000-07-12 | The Cayman 3220-H DSL router allows remote attackers to cause a denial of service via oversized ICMP echo (ping) requests. |
| CVE-2000-0419 | 2000-07-12 | The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the... |
| CVE-2000-0421 | 2000-07-12 | The process_bug.cgi script in Bugzilla allows remote attackers to execute arbitrary commands via shell metacharacters. |
| CVE-2000-0424 | 2000-07-12 | The CGI counter 4.0.7 by George Burgyan allows remote attackers to execute arbitrary commands via shell metacharacters. |
| CVE-2000-0425 | 2000-07-12 | Buffer overflow in the Web Archives component of L-Soft LISTSERV 1.8 allows remote attackers to execute arbitrary commands. |
| CVE-2000-0427 | 2000-07-12 | The Aladdin Knowledge Systems eToken device allows attackers with physical access to the device to obtain sensitive information without knowing the PIN of the owner by resetting the PIN in... |
| CVE-2000-0428 | 2000-07-12 | Buffer overflow in the SMTP gateway for InterScan Virus Wall 3.32 and earlier allows a remote attacker to execute arbitrary commands via a long filename for a uuencoded attachment. |
| CVE-2000-0431 | 2000-07-12 | Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files. |
| CVE-2000-0432 | 2000-07-12 | The calender.pl and the calendar_admin.pl calendar scripts by Matt Kruse allow remote attackers to execute arbitrary commands via shell metacharacters. |
| CVE-2000-0435 | 2000-07-12 | The allmanageup.pl file upload CGI script in the Allmanage Website administration software 2.6 can be called directly by remote attackers, which allows them to modify user accounts or web pages. |
| CVE-2000-0436 | 2000-07-12 | MetaProducts Offline Explorer 1.2 and earlier allows remote attackers to access arbitrary files via a .. (dot dot) attack. |
| CVE-2000-0437 | 2000-07-12 | Buffer overflow in the CyberPatrol daemon "cyberdaemon" used in gauntlet and WebShield allows remote attackers to cause a denial of service or execute arbitrary commands. |
| CVE-2000-0438 | 2000-07-12 | Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter. |