| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2000-0551 |
|
|
|
2000-05-23 |
2017-10-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
The file transfer mechanism in Danware NetOp 6.0 does not provide authentication, which allows remote attackers to access and modify arbitrary files. |
|
2 |
CVE-2000-0530 |
|
|
|
2000-05-31 |
2017-10-10 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files. |
|
3 |
CVE-2000-0491 |
|
|
DoS Exec Code Overflow |
2000-05-24 |
2008-09-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request. |
|
4 |
CVE-2000-0488 |
|
|
Exec Code Overflow |
2000-05-30 |
2017-10-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in ITHouse mail server 1.04 allows remote attackers to execute arbitrary commands via a long RCPT TO mail command. |
|
5 |
CVE-2000-0464 |
|
|
Exec Code Overflow |
2000-05-17 |
2021-07-23 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
Internet Explorer 4.x and 5.x allows remote attackers to execute arbitrary commands via a buffer overflow in the ActiveX parameter parsing capability, aka the "Malformed Component Attribute" vulnerability. |
|
6 |
CVE-2000-0460 |
|
|
Overflow +Priv |
2000-05-27 |
2008-09-10 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable. |
|
7 |
CVE-2000-0457 |
|
|
|
2000-05-11 |
2018-10-30 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the ".HTR File Fragment Reading" or "File Fragment Reading via .HTR" vulnerability. |
|
8 |
CVE-2000-0454 |
|
|
Overflow +Priv |
2000-05-29 |
2008-09-10 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter. |
|
9 |
CVE-2000-0450 |
|
|
Exec Code |
2000-05-18 |
2008-09-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Vulnerability in bbd server in Big Brother System and Network Monitor allows an attacker to execute arbitrary commands. |
|
10 |
CVE-2000-0449 |
|
|
|
2000-05-01 |
2008-09-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Omnis Studio 2.4 uses weak encryption (trivial encoding) for encrypting database fields. |
|
11 |
CVE-2000-0447 |
|
|
Exec Code Overflow |
2000-05-01 |
2008-09-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in WebShield SMTP 4.5.44 allows remote attackers to execute arbitrary commands via a long configuration parameter to the WebShield remote management service. |
|
12 |
CVE-2000-0446 |
|
|
Exec Code Overflow |
2000-05-24 |
2008-09-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in MDBMS database server allows remote attackers to execute arbitrary commands via a long string. |
|
13 |
CVE-2000-0443 |
|
|
|
2000-05-24 |
2008-09-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The web interface server in HP Web JetAdmin 5.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
|
14 |
CVE-2000-0442 |
|
|
+Priv |
2000-05-24 |
2008-09-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Qpopper 2.53 and earlier allows local users to gain privileges via a formatting string in the From: header, which is processed by the euidl command. |
|
15 |
CVE-2000-0438 |
|
|
Exec Code Overflow |
2000-05-22 |
2008-09-10 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in fdmount on Linux systems allows local users in the "floppy" group to execute arbitrary commands via a long mountpoint parameter. |
|
16 |
CVE-2000-0437 |
|
|
DoS Exec Code Overflow |
2000-05-18 |
2008-09-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the CyberPatrol daemon "cyberdaemon" used in gauntlet and WebShield allows remote attackers to cause a denial of service or execute arbitrary commands. |
|
17 |
CVE-2000-0435 |
|
|
|
2000-05-13 |
2008-09-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The allmanageup.pl file upload CGI script in the Allmanage Website administration software 2.6 can be called directly by remote attackers, which allows them to modify user accounts or web pages. |
|
18 |
CVE-2000-0434 |
|
|
|
2000-05-13 |
2008-09-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The administrative password for the Allmanage web site administration software is stored in plaintext in a file which could be accessed by remote attackers. |
|
19 |
CVE-2000-0432 |
|
|
Exec Code |
2000-05-16 |
2008-09-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The calender.pl and the calendar_admin.pl calendar scripts by Matt Kruse allow remote attackers to execute arbitrary commands via shell metacharacters. |
|
20 |
CVE-2000-0431 |
|
|
Bypass |
2000-05-22 |
2008-09-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Cobalt RaQ2 and RaQ3 does not properly set the access permissions and ownership for files that are uploaded via FrontPage, which allows attackers to bypass cgiwrap and modify files. |
|
21 |
CVE-2000-0428 |
|
|
Exec Code Overflow |
2000-05-04 |
2008-09-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the SMTP gateway for InterScan Virus Wall 3.32 and earlier allows a remote attacker to execute arbitrary commands via a long filename for a uuencoded attachment. |
|
22 |
CVE-2000-0425 |
|
|
Exec Code Overflow |
2000-05-03 |
2008-09-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the Web Archives component of L-Soft LISTSERV 1.8 allows remote attackers to execute arbitrary commands. |
|
23 |
CVE-2000-0424 |
|
|
Exec Code |
2000-05-15 |
2008-09-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The CGI counter 4.0.7 by George Burgyan allows remote attackers to execute arbitrary commands via shell metacharacters. |
|
24 |
CVE-2000-0422 |
|
|
Exec Code Overflow |
2000-05-04 |
2016-10-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in Netwin DMailWeb CGI program allows remote attackers to execute arbitrary commands via a long utoken parameter. |
|
25 |
CVE-2000-0421 |
|
|
Exec Code |
2000-05-11 |
2008-09-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The process_bug.cgi script in Bugzilla allows remote attackers to execute arbitrary commands via shell metacharacters. |
|
26 |
CVE-2000-0420 |
|
|
|
2000-05-11 |
2008-09-10 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The default configuration of SYSKEY in Windows 2000 stores the startup key in the registry, which could allow an attacker tor ecover it and use it to decrypt Encrypted File System (EFS) data. |
|
27 |
CVE-2000-0419 |
|
|
|
2000-05-11 |
2018-10-12 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability. |
|
28 |
CVE-2000-0407 |
|
|
Exec Code Overflow |
2000-05-12 |
2018-10-30 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in Solaris netpr program allows local users to execute arbitrary commands via a long -p option. |
|
29 |
CVE-2000-0405 |
|
|
Exec Code Overflow |
2000-05-16 |
2008-09-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in L0pht AntiSniff allows remote attackers to execute arbitrary commands via a malformed DNS response packet. |
|
30 |
CVE-2000-0401 |
|
|
Exec Code Overflow |
2000-05-01 |
2016-10-18 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflows in redirect.exe and changepw.exe in PDGSoft shopping cart allow remote attackers to execute arbitrary commands via a long query string. |
|
31 |
CVE-2000-0400 |
20 |
|
|
2000-05-13 |
2016-11-07 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The Microsoft Active Movie ActiveX Control in Internet Explorer 5 does not restrict which file types can be downloaded, which allows an attacker to download any type of file to a user's system by encoding it within an email message or news post. |
|
32 |
CVE-2000-0398 |
|
|
Exec Code Overflow |
2000-05-24 |
2008-09-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in wconsole.dll in Rockliffe MailSite Management Agent allows remote attackers to execute arbitrary commands via a long query_string parameter in the HTTP GET request. |
|
33 |
CVE-2000-0393 |
|
|
+Priv |
2000-05-16 |
2008-09-10 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The KDE kscd program does not drop privileges when executing a program specified in a user's SHELL environmental variable, which allows the user to gain privileges by specifying an alternate program to execute. |
|
34 |
CVE-2000-0392 |
|
|
Overflow +Priv |
2000-05-16 |
2020-01-21 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in ksu in Kerberos 5 allows local users to gain root privileges. |
|
35 |
CVE-2000-0391 |
|
|
Overflow +Priv |
2000-05-16 |
2020-01-21 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in krshd in Kerberos 5 allows remote attackers to gain root privileges. |
|
36 |
CVE-2000-0390 |
|
|
Overflow +Priv |
2000-05-16 |
2020-01-21 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in krb425_conv_principal function in Kerberos 5 allows remote attackers to gain root privileges. |
|
37 |
CVE-2000-0389 |
|
|
Overflow +Priv |
2000-05-16 |
2020-01-21 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in krb_rd_req function in Kerberos 4 and 5 allows remote attackers to gain root privileges. |
|
38 |
CVE-2000-0386 |
|
|
|
2000-05-02 |
2008-09-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
FileMaker Pro 5 Web Companion allows remote attackers to send anonymous or forged email. |
|
39 |
CVE-2000-0384 |
|
|
|
2000-05-08 |
2008-09-05 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
NetStructure 7110 and 7180 have undocumented accounts (servnow, root, and wizard) whose passwords are easily guessable from the NetStructure's MAC address, which could allow remote attackers to gain root access. |
|
40 |
CVE-2000-0378 |
|
|
|
2000-05-03 |
2008-09-10 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The pam_console PAM module in Linux systems performs a chown on various devices upon a user login, but an open file descriptor for those devices can be maintained after the user logs out, which allows that user to sniff activity on these devices when subsequent users log in. |
|
41 |
CVE-2000-0343 |
|
|
Exec Code Overflow |
2000-05-02 |
2008-09-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in Sniffit 0.3.x with the -L logging option enabled allows remote attackers to execute arbitrary commands via a long MAIL FROM mail header. |
|
42 |
CVE-2000-0335 |
|
|
|
2000-05-03 |
2008-09-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results. |
|
43 |
CVE-2000-0305 |
399 |
|
DoS |
2000-05-19 |
2018-10-12 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the "IP Fragment Reassembly" vulnerability. |
|
44 |
CVE-1999-1008 |
|
|
|
2000-05-17 |
2016-10-18 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
xsoldier program allows local users to gain root access via a long argument. |
|
45 |
CVE-1999-0427 |
|
|
DoS |
2000-05-01 |
2008-09-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Eudora 4.1 allows remote attackers to perform a denial of service by sending attachments with long file names. |
