| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-1999-0695 |
|
|
|
2000-04-11 |
2008-09-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Sybase PowerDynamo personal web server allows attackers to read arbitrary files through a .. (dot dot) attack. |
|
2 |
CVE-1999-0699 |
|
|
|
2000-04-11 |
2008-09-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The Bluestone Sapphire web server allows session hijacking via easily guessable session IDs. |
|
3 |
CVE-1999-0701 |
16 |
|
|
2000-04-11 |
2018-10-12 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
After an unattended installation of Windows NT 4.0, an installation file could include sensitive information such as the local Administrator password. |
|
4 |
CVE-1999-0706 |
|
|
+Priv |
2000-04-27 |
2008-09-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Linux xmonisdn package allows local users to gain root privileges by modifying the IFS or PATH environmental variables. |
|
5 |
CVE-1999-0790 |
|
|
|
2000-04-01 |
2008-09-09 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
A remote attacker can read information from a Netscape user's cache via JavaScript. |
|
6 |
CVE-1999-0979 |
|
|
+Priv |
2000-04-11 |
2016-10-18 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The SCO UnixWare privileged process system allows local users to gain root privileges by using a debugger such as gdb to insert traps into _init before the privileged process is executed. |
|
7 |
CVE-2000-0083 |
|
|
DoS +Priv |
2000-04-18 |
2008-09-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
HP asecure creates the Audio Security File audio.sec with insecure permissions, which allows local users to cause a denial of service or gain additional privileges. |
|
8 |
CVE-2000-0248 |
|
|
Exec Code |
2000-04-24 |
2008-09-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The web GUI for the Linux Virtual Server (LVS) software in the Red Hat Linux Piranha package has a backdoor password that allows remote attackers to execute arbitrary commands. |
|
9 |
CVE-2000-0249 |
|
|
|
2000-04-26 |
2008-09-10 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The AIX Fast Response Cache Accelerator (FRCA) allows local users to modify arbitrary files via the configuration capability in the frcactrl program. |
|
10 |
CVE-2000-0250 |
|
|
|
2000-04-14 |
2008-09-10 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The crypt function in QNX uses weak encryption, which allows local users to decrypt passwords. |
|
11 |
CVE-2000-0251 |
|
|
|
2000-04-06 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
HP-UX 11.04 VirtualVault (VVOS) sends data to unprivileged processes via an interface that has multiple aliased IP addresses. |
|
12 |
CVE-2000-0252 |
|
|
Exec Code |
2000-04-11 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The dansie shopping cart application cart.pl allows remote attackers to execute commands via a shell metacharacters in a form variable. |
|
13 |
CVE-2000-0253 |
|
|
|
2000-04-11 |
2018-05-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The dansie shopping cart application cart.pl allows remote attackers to modify sensitive purchase information via hidden form fields. |
|
14 |
CVE-2000-0254 |
|
|
+Info |
2000-04-14 |
2018-05-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The dansie shopping cart application cart.pl allows remote attackers to obtain the shopping cart database and configuration information via a URL that references either the env, db, or vars form variables. |
|
15 |
CVE-2000-0255 |
|
|
DoS |
2000-04-05 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The Nbase-Xyplex EdgeBlaster router allows remote attackers to cause a denial of service via a scan for the FormMail CGI program. |
|
16 |
CVE-2000-0256 |
|
|
Overflow |
2000-04-19 |
2018-10-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflows in htimage.exe and Imagemap.exe in FrontPage 97 and 98 Server Extensions allow a user to conduct activities that are not otherwise available through the web site, aka the "Server-Side Image Map Components" vulnerability. |
|
17 |
CVE-2000-0257 |
|
|
DoS Exec Code Overflow |
2000-04-19 |
2008-09-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the NetWare remote web administration utility allows remote attackers to cause a denial of service or execute commands via a long URL. |
|
18 |
CVE-2000-0258 |
20 |
|
DoS |
2000-04-12 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability. |
|
19 |
CVE-2000-0259 |
|
|
|
2000-04-12 |
2018-10-12 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The default permissions for the Cryptography\Offload registry key used by the OffloadModExpo in Windows NT 4.0 allows local users to obtain compromise the cryptographic keys of other users. |
|
20 |
CVE-2000-0260 |
|
|
DoS Exec Code Overflow |
2000-04-14 |
2018-10-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in the dvwssr.dll DLL in Microsoft Visual Interdev 1.0 allows users to cause a denial of service or execute commands, aka the "Link View Server-Side Component" vulnerability. |
|
21 |
CVE-2000-0261 |
|
|
|
2000-04-12 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The AVM KEN! web server allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
|
22 |
CVE-2000-0262 |
|
|
DoS |
2000-04-12 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The AVM KEN! ISDN Proxy server allows remote attackers to cause a denial of service via a malformed request. |
|
23 |
CVE-2000-0263 |
|
|
DoS |
2000-04-16 |
2008-09-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a malformed request. |
|
24 |
CVE-2000-0264 |
|
|
+Priv |
2000-04-17 |
2008-09-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
Panda Security 3.0 with registry editing disabled allows users to edit the registry and gain privileges by directly executing a .reg file or using other methods. |
|
25 |
CVE-2000-0265 |
|
|
|
2000-04-17 |
2008-09-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Panda Security 3.0 allows users to uninstall the Panda software via its Add/Remove Programs applet. |
|
26 |
CVE-2000-0266 |
|
|
Bypass |
2000-04-18 |
2021-07-23 |
2.6 |
None |
Remote |
High |
Not required |
Partial |
None |
None |
|
Internet Explorer 5.01 allows remote attackers to bypass the cross frame security policy via a malicious applet that interacts with the Java JSObject to modify the DOM properties to set the IFRAME to an arbitrary Javascript URL. |
|
27 |
CVE-2000-0267 |
|
|
|
2000-04-20 |
2008-09-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Cisco Catalyst 5.4.x allows a user to gain access to the "enable" mode without a password. |
|
28 |
CVE-2000-0268 |
|
|
DoS |
2000-04-20 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cisco IOS 11.x and 12.x allows remote attackers to cause a denial of service by sending the ENVIRON option to the Telnet daemon before it is ready to accept it, which causes the system to reboot. |
|
29 |
CVE-2000-0269 |
|
|
|
2000-04-18 |
2008-09-10 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
Emacs 20 does not properly set permissions for a slave PTY device when starting a new subprocess, which allows local users to read or modify communications between Emacs and the subprocess. |
|
30 |
CVE-2000-0270 |
|
|
|
2000-04-18 |
2008-09-10 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
None |
|
The make-temp-name Lisp function in Emacs 20 creates temporary files with predictable names, which allows attackers to conduct a symlink attack. |
|
31 |
CVE-2000-0271 |
|
|
|
2000-04-18 |
2008-09-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
read-passwd and other Lisp functions in Emacs 20 do not properly clear the history of recently typed keys, which allows an attacker to read unencrypted passwords. |
|
32 |
CVE-2000-0272 |
|
|
DoS |
2000-04-20 |
2016-10-18 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
RealNetworks RealServer allows remote attackers to cause a denial of service by sending malformed input to the server at port 7070. |
|
33 |
CVE-2000-0273 |
|
|
DoS |
2000-04-09 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
PCAnywhere allows remote attackers to cause a denial of service by terminating the connection before PCAnywhere provides a login prompt. |
|
34 |
CVE-2000-0274 |
|
|
DoS |
2000-04-10 |
2008-09-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
The Linux trustees kernel patch allows attackers to cause a denial of service by accessing a file or directory with a long name. |
|
35 |
CVE-2000-0275 |
|
|
|
2000-04-10 |
2008-09-10 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
CRYPTOCard CryptoAdmin for PalmOS uses weak encryption to store a user's PIN number, which allows an attacker with access to the .PDB file to generate valid PT-1 tokens after cracking the PIN. |
|
36 |
CVE-2000-0276 |
|
|
DoS |
2000-04-10 |
2008-09-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
BeOS 4.5 and 5.0 allow local users to cause a denial of service via malformed direct system calls using interrupt 37. |
|
37 |
CVE-2000-0277 |
254 |
|
|
2000-04-03 |
2018-10-12 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Microsoft Excel 97 and 2000 does not warn the user when executing Excel Macro Language (XLM) macros in external text files, which could allow an attacker to execute a macro virus, aka the "XLM Text Macro" vulnerability. |
|
38 |
CVE-2000-0279 |
|
|
DoS |
2000-04-07 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
BeOS allows remote attackers to cause a denial of service via malformed packets whose length field is less than the length of the headers. |
|
39 |
CVE-2000-0280 |
|
|
DoS Overflow |
2000-04-03 |
2008-09-05 |
2.6 |
None |
Remote |
High |
Not required |
None |
None |
Partial |
|
Buffer overflow in the RealNetworks RealPlayer client versions 6 and 7 allows remote attackers to cause a denial of service via a long Location URL. |
|
40 |
CVE-2000-0282 |
|
|
|
2000-04-12 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
TalentSoft webpsvr daemon in the Web+ shopping cart application allows remote attackers to read arbitrary files via a .. (dot dot) attack on the webplus CGI program. |
|
41 |
CVE-2000-0283 |
|
|
|
2000-04-12 |
2008-09-10 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
The default installation of IRIX Performance Copilot allows remote attackers to access sensitive system information via the pmcd daemon. |
|
42 |
CVE-2000-0284 |
|
|
Exec Code Overflow |
2000-04-16 |
2008-09-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in University of Washington imapd version 4.7 allows users with a valid account to execute commands via LIST or other commands. |
|
43 |
CVE-2000-0285 |
|
|
Exec Code Overflow |
2000-04-16 |
2008-09-10 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in XFree86 3.3.x allows local users to execute arbitrary commands via a long -xkbmap parameter. |
|
44 |
CVE-2000-0286 |
|
|
DoS |
2000-04-16 |
2008-09-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
|
X fontserver xfs allows local users to cause a denial of service via malformed input to the server. |
|
45 |
CVE-2000-0287 |
|
|
Exec Code |
2000-04-12 |
2008-09-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The BizDB CGI script bizdb-search.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the dbname parameter. |
|
46 |
CVE-2000-0288 |
|
|
Bypass |
2000-04-12 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Infonautics getdoc.cgi allows remote attackers to bypass the payment phase for accessing documents via a modified form variable. |
|
47 |
CVE-2000-0291 |
|
|
DoS Overflow |
2000-04-16 |
2008-09-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document. |
|
48 |
CVE-2000-0292 |
|
|
DoS |
2000-04-19 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The Adtran MX2800 M13 Multiplexer allows remote attackers to cause a denial of service via a ping flood to the Ethernet interface, which causes the device to crash. |
|
49 |
CVE-2000-0294 |
|
|
Overflow +Priv |
2000-04-10 |
2008-09-10 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in healthd for FreeBSD allows local users to gain root privileges. |
|
50 |
CVE-2000-0295 |
|
|
Overflow +Priv |
2000-04-21 |
2018-10-19 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in LCDproc allows remote attackers to gain root privileges via the screen_add command. |
