Lista CVE - 2001 / Settembre
Visualizzazione 301 - 400 di 487 CVE per Settembre 2001 (Pagina 4 di 5)
| ID CVE | Data | Titolo |
|---|---|---|
| CVE-1999-1466 | 2001-09-12 | Vulnerability in Cisco routers versions 8.2 through 9.1 allows remote attackers to bypass access control lists when extended IP access lists are used on certain interfaces, the IP route cache... |
| CVE-1999-1467 | 2001-09-12 | Vulnerability in rcp on SunOS 4.0.x allows remote attackers from trusted hosts to execute arbitrary commands as root, possibly related to the configuration of the nobody user. |
| CVE-1999-1469 | 2001-09-12 | Buffer overflow in w3-auth CGI program in miniSQL package allows remote attackers to execute arbitrary commands via an HTTP request with (1) a long URL, or (2) a long User-Agent... |
| CVE-1999-1470 | 2001-09-12 | Eastman Work Management 3.21 stores passwords in cleartext in the COMMON and LOCATOR registry keys, which could allow local users to gain privileges. |
| CVE-1999-1471 | 2001-09-12 | Buffer overflow in passwd in BSD based operating systems 4.3 and earlier allows local users to gain root privileges by specifying a long shell or GECOS field. |
| CVE-1999-1474 | 2001-09-12 | PowerPoint 95 and 97 allows remote attackers to cause an application to be run automatically without prompting the user, possibly through the slide show, when the document is opened in... |
| CVE-1999-1475 | 2001-09-12 | ProFTPd 1.2 compiled with the mod_sqlpw module records user passwords in the wtmp log file, which allows local users to obtain the passwords and gain privileges by reading wtmp, e.g.... |
| CVE-1999-1477 | 2001-09-12 | Buffer overflow in GNOME libraries 1.0.8 allows local user to gain root access via a long --espeaker argument in programs such as nethack. |
| CVE-1999-1479 | 2001-09-12 | The textcounter.pl by Matt Wright allows remote attackers to execute arbitrary commands via shell metacharacters. |
| CVE-1999-1480 | 2001-09-12 | (1) acledit and (2) aclput in AIX 4.3 allow local users to create or modify files via a symlink attack. |
| CVE-1999-1482 | 2001-09-12 | SVGAlib zgv 3.0-7 and earlier allows local users to gain root access via a privilege leak of the iopl(3) privileges to child processes. |
| CVE-1999-1483 | 2001-09-12 | Buffer overflow in zgv in svgalib 1.2.10 and earlier allows local users to execute arbitrary code via a long HOME environment variable. |
| CVE-1999-1484 | 2001-09-12 | Buffer overflow in MSN Setup BBS 4.71.0.10 ActiveX control (setupbbs.ocx) allows a remote attacker to execute arbitrary commands via the methods (1) vAddNewsServer or (2) bIsNewsServerConfigured. |
| CVE-1999-1485 | 2001-09-12 | nsd in IRIX 6.5 through 6.5.2 exports a virtual filesystem on a UDP port, which allows remote attackers to view files and cause a possible denial of service by mounting... |
| CVE-1999-1487 | 2001-09-12 | Vulnerability in digest in AIX 4.3 allows printq users to gain root privileges by creating and/or modifing any file on the system. |
| CVE-1999-1489 | 2001-09-12 | Buffer overflow in TestChip function in XFree86 SuperProbe in Slackware Linux 3.1 allows local users to gain root privileges via a long -nopr argument. |
| CVE-1999-1491 | 2001-09-12 | abuse.console in Red Hat 2.1 uses relative pathnames to find and execute the undrv program, which allows local users to execute arbitrary commands via a path that points to a... |
| CVE-1999-1492 | 2001-09-12 | Vulnerability in (1) diskperf and (2) diskalign in IRIX 6.4 allows local attacker to create arbitrary root owned files, leading to root privileges. |
| CVE-1999-1493 | 2001-09-12 | Vulnerability in crp in Hewlett Packard Apollo Domain OS SR10 through SR10.3 allows remote attackers to gain root privileges via insecure system calls, (1) pad_$dm_cmd and (2) pad_$def_pfk(). |
| CVE-1999-1495 | 2001-09-12 | xtvscreen in SuSE Linux 6.0 allows local users to overwrite arbitrary files via a symlink attack on the pic000.pnm file. |
| CVE-1999-1496 | 2001-09-12 | Sudo 1.5 in Debian Linux 2.1 and Red Hat 6.0 allows local users to determine the existence of arbitrary files by attempting to execute the target filename as a program,... |
| CVE-1999-1497 | 2001-09-12 | Ipswitch IMail 5.0 and 6.0 uses weak encryption to store passwords in registry keys, which allows local attackers to read passwords for e-mail accounts. |
| CVE-1999-1498 | 2001-09-12 | Slackware Linux 3.4 pkgtool allows local attacker to read and write to arbitrary files via a symlink attack on the reply file. |
| CVE-1999-1499 | 2001-09-12 | named in ISC BIND 4.9 and 8.1 allows local users to destroy files via a symlink attack on (1) named_dump.db when root kills the process with a SIGINT, or (2)... |
| CVE-1999-1500 | 2001-09-12 | Internet Anywhere POP3 Mail Server 2.3.1 allows remote attackers to cause a denial of service (crash) via (1) LIST, (2) TOP, or (3) UIDL commands using letters as arguments. |
| CVE-1999-1501 | 2001-09-12 | (1) ipxchk and (2) ipxlink in SGI OS2 IRIX 6.3 does not properly clear the IFS environmental variable before executing system calls, which allows local users to execute arbitrary commands. |
| CVE-1999-1502 | 2001-09-12 | Buffer overflows in Quake 1.9 client allows remote malicious servers to execute arbitrary commands via long (1) precache paths, (2) server name, (3) server address, or (4) argument to the... |
| CVE-1999-1503 | 2001-09-12 | Network Flight Recorder (NFR) 1.5 and 1.6 allows remote attackers to cause a denial of service in nfrd (crash) via a TCP packet with a null header and data field. |
| CVE-1999-1504 | 2001-09-12 | Stalker Internet Mail Server 1.6 allows a remote attacker to cause a denial of service (crash) via a long HELO command. |
| CVE-1999-1505 | 2001-09-12 | Buffer overflow in QuakeWorld 2.10 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary commands via a long initial connect packet. |
| CVE-1999-1506 | 2001-09-12 | Vulnerability in SMI Sendmail 4.0 and earlier, on SunOS up to 4.0.3, allows remote attackers to access user bin. |
| CVE-1999-1508 | 2001-09-12 | Web server in Tektronix PhaserLink Printer 840.0 and earlier allows a remote attacker to gain administrator access by directly calling undocumented URLs such as ncl_items.html and ncl_subjects.html. |
| CVE-1999-1509 | 2001-09-12 | Directory traversal vulnerability in Etype Eserv 2.50 web server allows a remote attacker to read any file in the file system via a .. (dot dot) in a URL. |
| CVE-1999-1510 | 2001-09-12 | Buffer overflows in Bisonware FTP server prior to 4.1 allow remote attackers to cause a denial of service, and possibly execute arbitrary commands, via long (1) USER, (2) LIST, or... |
| CVE-1999-1511 | 2001-09-12 | Buffer overflows in Xtramail 1.11 allow attackers to cause a denial of service (crash) and possibly execute arbitrary commands via (1) a long PASS command in the POP3 service, (2)... |
| CVE-1999-1513 | 2001-09-12 | Management information base (MIB) for a 3Com SuperStack II hub running software version 2.10 contains an object identifier (.1.3.6.1.4.1.43.10.4.2) that is accessible by a read-only community string, but lists the... |
| CVE-1999-1514 | 2001-09-12 | Buffer overflow in Celtech ExpressFS FTP server 2.x allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long USER command. |
| CVE-1999-1515 | 2001-09-12 | A non-default configuration in TenFour TFS Gateway 4.0 allows an attacker to cause a denial of service via messages with incorrect sender and recipient addresses, which causes the gateway to... |
| CVE-1999-1516 | 2001-09-12 | A buffer overflow in TenFour TFS Gateway SMTP mail server 3.2 allows an attacker to crash the mail server and possibly execute arbitrary code by offering more than 128 bytes... |
| CVE-1999-1517 | 2001-09-12 | runtar in the Amanda backup system used in various UNIX operating systems executes tar with root privileges, which allows a user to overwrite or read arbitrary files by providing the... |
| CVE-1999-1518 | 2001-09-12 | Operating systems with shared memory implementations based on BSD 4.4 code allow a user to conduct a denial of service and bypass memory limits (e.g., as specified with rlimits) using... |
| CVE-1999-1519 | 2001-09-12 | Gene6 G6 FTP Server 2.0 allows a remote attacker to cause a denial of service (resource exhaustion) via a long (1) user name or (2) password. |
| CVE-1999-1521 | 2001-09-12 | Computalynx CMail 2.4 and CMail 2.3 SP2 SMTP servers are vulnerable to a buffer overflow attack in the MAIL FROM command that may allow a remote attacker to execute arbitrary... |
| CVE-1999-1522 | 2001-09-12 | Vulnerability in htmlparse.pike in Roxen Web Server 1.3.11 and earlier, possibly related to recursive parsing and referer tags in RXML. |
| CVE-1999-1523 | 2001-09-12 | Buffer overflow in Sambar Web Server 4.2.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP GET request. |
| CVE-1999-1524 | 2001-09-12 | FlowPoint DSL router firmware versions prior to 3.0.8 allows a remote attacker to exploit a password recovery feature from the network and conduct brute force password guessing, instead of limiting... |
| CVE-1999-1525 | 2001-09-12 | Macromedia Shockwave before 6.0 allows a malicious webmaster to read a user's mail box and possibly access internal web servers via the GetNextText command on a Shockwave movie. |
| CVE-1999-1526 | 2001-09-12 | Auto-update feature of Macromedia Shockwave 7 transmits a user's password and hard disk information back to Macromedia. |
| CVE-1999-1527 | 2001-09-12 | Internal HTTP server in Sun Netbeans Java IDE in Netbeans Developer 3.0 Beta and Forte Community Edition 1.0 Beta does not properly restrict access to IP addresses as specified in... |
| CVE-1999-1528 | 2001-09-12 | ProSoft Netware Client 5.12 on Macintosh MacOS 9 does not automatically log a user out of the NDS tree when the user logs off the system, which allows other users... |
| CVE-1999-1529 | 2001-09-12 | A buffer overflow exists in the HELO command in Trend Micro Interscan VirusWall SMTP gateway 3.23/3.3 for NT, which may allow an attacker to execute arbitrary code. |
| CVE-1999-1532 | 2001-09-12 | Netscape Messaging Server 3.54, 3.55, and 3.6 allows a remote attacker to cause a denial of service (memory exhaustion) via a series of long RCPT TO commands. |
| CVE-1999-1533 | 2001-09-12 | Eicon Technology Diva LAN ISDN modem allows a remote attacker to cause a denial of service (hang) via a long password argument to the login.htm file in its HTTP service. |
| CVE-1999-1534 | 2001-09-12 | Buffer overflow in (1) nlservd and (2) rnavc in Knox Software Arkeia backup product allows local users to obtain root access via a long HOME environmental variable. |
| CVE-1999-1536 | 2001-09-12 | .sbstart startup script in AcuShop Salesbuilder is world writable, which allows local users to gain privileges by appending commands to the file. |
| CVE-1999-1538 | 2001-09-12 | When IIS 2 or 3 is upgraded to IIS 4, ism.dll is inadvertently left in /scripts/iisadmin, which does not restrict access to the local machine and allows an unauthorized user... |
| CVE-1999-1539 | 2001-09-12 | Buffer overflow in FTP server in QPC Software's QVT/Term Plus versions 4.2d and 4.3 and QVT/Net 4.3 allows remote attackers to cause a denial of service, and possibly execute arbitrary... |
| CVE-1999-1540 | 2001-09-12 | shell-lock in Cactus Software Shell Lock uses weak encryption (trivial encoding) which allows attackers to easily decrypt and obtain the source code. |
| CVE-1999-1541 | 2001-09-12 | shell-lock in Cactus Software Shell Lock allows local users to read or modify decoded shell files before they are executed, via a symlink attack on a temporary file. |
| CVE-1999-1543 | 2001-09-12 | MacOS uses weak encryption for passwords that are stored in the Users & Groups Data File. |
| CVE-1999-1544 | 2001-09-12 | Buffer overflow in FTP server in Microsoft IIS 3.0 and 4.0 allows local and sometimes remote attackers to cause a denial of service via a long NLST (ls) command. |
| CVE-1999-1545 | 2001-09-12 | Joe's Own Editor (joe) 2.8 sets the world-readable permission on its crash-save file, DEADJOE, which could allow local users to read files that were being edited by other users. |
| CVE-1999-1546 | 2001-09-12 | netstation.navio-com.rte 1.1.0.1 configuration script for Navio NC on IBM AIX exports /tmp over NFS as world-readable and world-writable. |
| CVE-1999-1547 | 2001-09-12 | Oracle Web Listener 2.1 allows remote attackers to bypass access restrictions by replacing a character in the URL with its HTTP-encoded (hex) equivalent. |
| CVE-1999-1548 | 2001-09-12 | Cabletron SmartSwitch Router (SSR) 8000 firmware 2.x can only handle 200 ARP requests per second allowing a denial of service attack to succeed with a flood of ARP requests exceeding... |
| CVE-1999-1549 | 2001-09-12 | Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a "secure" hidden form value from a temporary file and craft... |
| CVE-1999-1551 | 2001-09-12 | Buffer overflow in Ipswitch IMail Service 5.0 allows an attacker to cause a denial of service (crash) and possibly execute arbitrary commands via a long URL. |
| CVE-1999-1552 | 2001-09-12 | dpsexec (DPS Server) when running under XDM in IBM AIX 3.2.5 and earlier does not properly check privileges, which allows local users to overwrite arbitrary files and gain privileges. |
| CVE-1999-1553 | 2001-09-12 | Buffer overflow in XCmail 0.99.6 with autoquote enabled allows remote attackers to execute arbitrary commands via a long subject line. |
| CVE-1999-1554 | 2001-09-12 | /usr/sbin/Mail on SGI IRIX 3.3 and 3.3.1 does not properly set the group ID to the group ID of the user who started Mail, which allows local users to read... |
| CVE-1999-1555 | 2001-09-12 | Cheyenne InocuLAN Anti-Virus Server in Inoculan 4.0 before Service Pack 2 creates an update directory with "EVERYONE FULL CONTROL" permissions, which allows local users to cause Inoculan's antivirus update feature... |
| CVE-1999-1557 | 2001-09-12 | Buffer overflow in the login functions in IMAP server (imapd) in Ipswitch IMail 5.0 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary code... |
| CVE-1999-1558 | 2001-09-12 | Vulnerability in loginout in Digital OpenVMS 7.1 and earlier allows unauthorized access when external authentication is enabled. |
| CVE-1999-1559 | 2001-09-12 | Xylan OmniSwitch before 3.2.6 allows remote attackers to bypass the login prompt via a CTRL-D (control d) character, which locks other users out of the switch because it only supports... |
| CVE-1999-1560 | 2001-09-12 | Vulnerability in a script in Texas A&M University (TAMU) Tiger allows local users to execute arbitrary commands as the Tiger user, usually root. |
| CVE-1999-1561 | 2001-09-12 | Nullsoft SHOUTcast server stores the administrative password in plaintext in a configuration file (sc_serv.conf), which could allow a local user to gain administrative privileges on the server. |
| CVE-1999-1562 | 2001-09-12 | gFTP FTP client 1.13, and other versions before 2.0.0, records a password in plaintext in (1) the log window, or (2) in a log file. |
| CVE-1999-1563 | 2001-09-12 | Nachuatec D435 and D445 printer allows remote attackers to cause a denial of service via ICMP redirect storm. |
| CVE-1999-1564 | 2001-09-12 | FreeBSD 3.2 and possibly other versions allows a local user to cause a denial of service (panic) with a large number accesses of an NFS v3 mounted directory from a... |
| CVE-1999-1566 | 2001-09-12 | Buffer overflow in iParty server 1.2 and earlier allows remote attackers to cause a denial of service (crash) by connecting to default port 6004 and sending repeated extended characters. |
| CVE-1999-1567 | 2001-09-12 | Seapine Software TestTrack server allows a remote attacker to cause a denial of service (high CPU) via (1) TestTrackWeb.exe and (2) ttcgi.exe by connecting to port 99 and disconnecting without... |
| CVE-2000-1191 | 2001-09-12 | htsearch program in htDig 3.2 beta, 3.1.6, 3.1.5, and earlier allows remote attackers to determine the physical path of the server by requesting a non-existent configuration file using the config... |
| CVE-2000-1192 | 2001-09-12 | Buffer overflow in BTT Software SNMP Trap Watcher 1.16 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string trap. |
| CVE-2000-1194 | 2001-09-12 | Argosoft FRP server 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to the (1) USER or (2) CWD commands. |
| CVE-2000-1197 | 2001-09-12 | POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and other operating systems creates lock files with predictable names, which allows local users to cause a denial of... |
| CVE-2000-1198 | 2001-09-12 | qpopper POP server creates lock files with predictable names, which allows local users to cause a denial of service for other users (lack of mail access) by creating lock files... |
| CVE-2000-1199 | 2001-09-12 | PostgreSQL stores usernames and passwords in plaintext in (1) pg_shadow and (2) pg_pwd, which allows attackers with sufficient privileges to gain access to databases. |
| CVE-2000-1201 | 2001-09-12 | Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264. |
| CVE-2000-1202 | 2001-09-12 | ikeyman in IBM IBMHSSSB 1.0 sets the CLASSPATH environmental variable to include the user's own CLASSPATH directories before the system's directories, which allows a malicious local user to execute arbitrary... |
| CVE-2001-0647 | 2001-09-12 | Orange Web Server 2.1, based on GoAhead, allows a remote attacker to perform a denial of service via an HTTP GET request that does not include the HTTP version. |
| CVE-2001-0679 | 2001-09-12 | A buffer overflow in InterScan VirusWall 3.23 and 3.3 allows a remote attacker to execute arbitrary code by sending a long HELO command to the server. |
| CVE-2001-0711 | 2001-09-12 | Cisco IOS 11.x and 12.0 with ATM support allows attackers to cause a denial of service via the undocumented Interim Local Management Interface (ILMI) SNMP community string. |
| CVE-1999-0756 | 2001-09-18 | ColdFusion Administrator with Advanced Security enabled allows remote users to stop the ColdFusion server via the Start/Stop utility. |
| CVE-2000-0243 | 2001-09-18 | AnalogX SimpleServer:WWW HTTP server 1.03 allows remote attackers to cause a denial of service via a short GET request to cgi-bin. |
| CVE-2000-0568 | 2001-09-18 | Sybergen Secure Desktop 2.1 does not properly protect against false router advertisements (ICMP type 9), which allows remote attackers to modify default routes. |
| CVE-2000-0569 | 2001-09-18 | Sybergen Sygate allows remote attackers to cause a denial of service by sending a malformed DNS UDP packet to its internal interface. |
| CVE-2000-0576 | 2001-09-18 | Oracle Web Listener for AIX versions 4.0.7.0.0 and 4.0.8.1.0 allows remote attackers to cause a denial of service via a malformed URL. |
| CVE-2000-0620 | 2001-09-18 | libX11 X library allows remote attackers to cause a denial of service via a resource mask of 0, which causes libX11 to go into an infinite loop. |
| CVE-2000-0799 | 2001-09-18 | inpview in InPerson in SGI IRIX 5.3 through IRIX 6.5.10 allows local users to gain privileges via a symlink attack on the .ilmpAAA temporary file. |
| CVE-2000-0877 | 2001-09-18 | mailform.pl CGI script in MailForm 2.0 allows remote attackers to read arbitrary files by specifying the file name in the XX-attach_file parameter, which MailForm then sends to the attacker. |