CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In June 2000

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-1999-0590 2000-06-01 2021-09-22
10.0
None Remote Low Not required Complete Complete Complete
A system does not present an appropriate legal message or warning to a user who is accessing it.
2 CVE-2000-0376 Exec Code Overflow 2000-06-07 2008-09-10
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the HTTP proxy server for the i-drive Filo software allows remote attackers to execute arbitrary commands via a long HTTP GET request.
3 CVE-2000-0490 Exec Code Overflow 2000-06-01 2017-10-10
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the NetWin DSMTP 2.7q in the NetWin dmail package allows remote attackers to execute arbitrary commands via a long ETRN request.
4 CVE-2000-0493 DoS Exec Code Overflow 2000-06-01 2017-10-10
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in Simple Network Time Sync (SMTS) daemon allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long string.
5 CVE-2000-0506 DoS +Priv 2000-06-09 2008-09-10
10.0
None Remote Low Not required Complete Complete Complete
The "capabilities" feature in Linux before 2.2.16 allows local users to cause a denial of service or gain privileges by setting the capabilities to prevent a setuid program from dropping privileges, aka the "Linux kernel setuid/setcap vulnerability."
6 CVE-2000-0509 Exec Code Overflow 2000-06-01 2016-10-18
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflows in the finger and whois demonstration scripts in Sambar Server 4.3 allow remote attackers to execute arbitrary commands via a long hostname.
7 CVE-2000-0514 DoS +Priv 2000-06-14 2020-01-21
10.0
None Remote Low Not required Complete Complete Complete
GSSFTP FTP daemon in Kerberos 5 1.1.x does not properly restrict access to some FTP commands, which allows remote attackers to cause a denial of service, and local users to gain root privileges.
8 CVE-2000-0515 +Priv 2000-06-07 2017-10-10
10.0
None Remote Low Not required Complete Complete Complete
The snmpd.conf configuration file for the SNMP daemon (snmpd) in HP-UX 11.0 is world writable, which allows local users to modify SNMP configuration or gain privileges.
9 CVE-2000-0523 Exec Code Overflow 2000-06-06 2017-10-10
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the logging feature of EServ 2.9.2 and earlier allows an attacker to execute arbitrary commands via a long MKD command.
10 CVE-2000-0525 Exec Code 2000-06-08 2017-10-10
10.0
None Remote Low Not required Complete Complete Complete
OpenSSH does not properly drop privileges when the UseLogin option is enabled, which allows local users to execute arbitrary commands by providing the command to the ssh daemon.
11 CVE-2000-0527 Exec Code 2000-06-09 2008-09-10
10.0
None Remote Low Not required Complete Complete Complete
userreg.cgi CGI program in MailStudio 2000 2.0 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters.
12 CVE-2000-0557 Exec Code Overflow 2000-06-05 2017-10-10
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the web interface for Cmail 2.4.7 allows remote attackers to execute arbitrary commands via a long GET request.
13 CVE-2000-0558 Exec Code Overflow 2000-06-06 2008-09-10
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in HP Openview Network Node Manager 6.1 allows remote attackers to execute arbitrary commands via the Alarm service (OVALARMSRV) on port 2345.
14 CVE-2000-0577 2000-06-21 2008-09-10
10.0
None Remote Low Not required Complete Complete Complete
Netscape Professional Services FTP Server 1.3.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
15 CVE-2000-0585 Exec Code 2000-06-24 2018-05-03
10.0
None Remote Low Not required Complete Complete Complete
ISC DHCP client program dhclient allows remote attackers to execute arbitrary commands via shell metacharacters.
16 CVE-2000-0586 DoS Exec Code Overflow 2000-06-29 2008-09-10
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in Dalnet IRC server 4.6.5 allows remote attackers to cause a denial of service or execute arbitrary commands via the SUMMON command.
17 CVE-2000-0587 Bypass 2000-06-26 2008-09-10
10.0
None Remote Low Not required Complete Complete Complete
The privpath directive in glftpd 1.18 allows remote attackers to bypass access restrictions for directories by using the file name completion capability.
18 CVE-2000-0474 DoS 2000-06-01 2017-10-10
7.8
None Remote Low Not required None None Complete
Real Networks RealServer 7.x allows remote attackers to cause a denial of service via a malformed request for a page in the viewsource directory.
19 CVE-2000-0470 DoS 2000-06-01 2017-10-10
7.5
None Remote Low Not required Partial Partial Partial
Allegro RomPager HTTP server allows remote attackers to cause a denial of service via a malformed authentication request.
20 CVE-2000-0473 DoS Overflow 2000-06-15 2008-09-10
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in AnalogX SimpleServer 1.05 allows a remote attacker to cause a denial of service via a long GET request for a program in the cgi-bin directory.
21 CVE-2000-0483 2000-06-15 2017-10-10
7.5
None Remote Low Not required Partial Partial Partial
The DocumentTemplate package in Zope 2.2 and earlier allows a remote attacker to modify DTMLDocuments or DTMLMethods without authorization.
22 CVE-2000-0532 2000-06-07 2017-10-10
7.5
None Remote Low Not required Partial Partial Partial
A FreeBSD patch for SSH on 2000-01-14 configures ssh to listen on port 722 as well as port 22, which might allow remote attackers to access SSH through port 722 even if port 22 is otherwise filtered.
23 CVE-2000-0536 2000-06-04 2017-10-10
7.5
None Remote Low Not required Partial Partial Partial
xinetd 2.1.8.x does not properly restrict connections if hostnames are used for access control and the connecting host does not have a reverse DNS entry.
24 CVE-2000-0561 Exec Code Overflow 2000-06-19 2017-10-10
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in WebBBS 1.15 allows remote attackers to execute arbitrary commands via a long HTTP GET request.
25 CVE-2000-0562 2000-06-22 2008-09-10
7.5
None Remote Low Not required Partial Partial Partial
BlackIce Defender 2.1 and earlier, and BlackIce Pro 2.0.23 and earlier, do not properly block Back Orifice traffic when the security setting is Nervous or lower.
26 CVE-2000-0589 310 2000-06-26 2013-07-30
7.5
None Remote Low Not required Partial Partial Partial
SawMill 5.0.21 uses weak encryption to store passwords, which allows attackers to easily decrypt the password and modify the SawMill configuration.
27 CVE-2000-0592 Exec Code Overflow 2000-06-27 2008-09-10
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflows in POP3 service in WinProxy 2.0 and 2.0.1 allow remote attackers to execute arbitrary commands via long USER, PASS, LIST, RETR, or DELE commands.
28 CVE-2000-0596 Exec Code 2000-06-27 2021-07-22
7.5
None Remote Low Not required Partial Partial Partial
Internet Explorer 5.x does not warn a user before opening a Microsoft Access database file that is referenced within ActiveX OBJECT tags in an HTML document, which could allow remote attackers to execute arbitrary commands, aka the "IE Script" vulnerability.
29 CVE-2000-0597 2000-06-27 2018-10-12
7.5
None Remote Low Not required Partial Partial Partial
Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are marked as safe for scripting, which allows remote attackers to force Internet Explorer or some email clients to save files to arbitrary locations via the Visual Basic for Applications (VBA) SaveAs function, aka the "Office HTML Script" vulnerability.
30 CVE-2000-0599 Exec Code Overflow 2000-06-29 2008-09-10
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in iMesh 1.02 allows remote attackers to execute arbitrary commands via a long string to the iMesh port.
31 CVE-2000-0600 DoS Exec Code 2000-06-26 2017-10-10
7.5
None Remote Low Not required Partial Partial Partial
Netscape Enterprise Server in NetWare 5.1 allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed URL.
32 CVE-2000-0639 Exec Code 2000-06-11 2017-10-10
7.5
None Remote Low Not required Partial Partial Partial
The default configuration of Big Brother 1.4h2 and earlier does not include proper access restrictions, which allows remote attackers to execute arbitrary commands by using bbd to upload a file whose extension will cause it to be executed as a CGI script by the web server.
33 CVE-2000-0466 +Priv 2000-06-20 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
AIX cdmount allows local users to gain root privileges via shell metacharacters.
34 CVE-2000-0467 Overflow +Priv 2000-06-01 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in Linux splitvt 1.6.3 and earlier allows local users to gain root privileges via a long password in the screen locking function.
35 CVE-2000-0471 Overflow +Priv 2000-06-14 2018-10-30
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in ufsrestore in Solaris 8 and earlier allows local users to gain root privileges via a long pathname.
36 CVE-2000-0494 Exec Code 2000-06-16 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
Veritas Volume Manager creates a world writable .server_pids file, which allows local users to add arbitrary commands into the file, which is then executed by the vmsa_server script.
37 CVE-2000-0516 2000-06-06 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
When configured to store configuration information in an LDAP directory, Shiva Access Manager 5.0.0 stores the root DN (Distinguished Name) name and password in cleartext in a file that is world readable, which allows local users to compromise the LDAP server.
38 CVE-2000-0520 Exec Code Overflow 2000-06-07 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in restore program 0.4b17 and earlier in dump package allows local users to execute arbitrary commands via a long tape name.
39 CVE-2000-0533 2000-06-20 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
Vulnerability in cvconnect in SGI IRIX WorkShop allows local users to overwrite arbitrary files.
40 CVE-2000-0537 2000-06-05 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
BRU backup software allows local users to append data to arbitrary files by specifying an alternate configuration file with the BRUEXECLOG environmental variable.
41 CVE-2000-0541 Exec Code 2000-06-17 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
The Panda Antivirus console on port 2001 allows local users to execute arbitrary commands without authentication via the CMD command.
42 CVE-2000-0606 Overflow +Priv 2000-06-21 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter.
43 CVE-2000-0607 Overflow +Priv 2000-06-21 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings.
44 CVE-2000-0539 +Info 2000-06-22 2017-10-10
6.4
None Remote Low Not required Partial Partial None
Servlet examples in Allaire JRun 2.3.x allow remote attackers to obtain sensitive information, e.g. listing HttpSession ID's via the SessionServlet servlet.
45 CVE-2000-0377 DoS 2000-06-08 2018-10-12
5.0
None Remote Low Not required None None Partial
The Remote Registry server in Windows NT 4.0 allows local authenticated users to cause a denial of service via a malformed request, which causes the winlogon process to fail, aka the "Remote Registry Access Authentication" vulnerability.
46 CVE-2000-0476 DoS 2000-06-01 2008-09-10
5.0
None Remote Low Not required None None Partial
xterm, Eterm, and rxvt allow an attacker to cause a denial of service by embedding certain escape characters which force the window to be resized.
47 CVE-2000-0477 DoS Overflow 2000-06-14 2017-10-10
5.0
None Remote Low Not required None Partial None
Buffer overflow in Norton Antivirus for Exchange (NavExchange) allows remote attackers to cause a denial of service via a .zip file that contains long file names.
48 CVE-2000-0478 2000-06-14 2017-10-10
5.0
None Remote Low Not required None Partial None
In some cases, Norton Antivirus for Exchange (NavExchange) enters a "fail-open" state which allows viruses to pass through the server.
49 CVE-2000-0479 DoS 2000-06-16 2016-10-18
5.0
None Remote Low Not required None None Partial
Dragon FTP server allows remote attackers to cause a denial of service via a long USER command.
50 CVE-2000-0480 DoS 2000-06-16 2016-10-18
5.0
None Remote Low Not required None Partial None
Dragon telnet server allows remote attackers to cause a denial of service via a long username.
Total number of vulnerabilities : 119   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.