| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
651 |
CVE-2001-0827 |
|
|
DoS |
2001-12-06 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cerberus FTP server 1.0 - 1.5 allows remote attackers to cause a denial of service (crash) via a large number of "PASV" requests. |
|
652 |
CVE-2001-0826 |
|
|
Exec Code Overflow |
2001-12-06 |
2008-09-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflows in CesarFTPD 0.98b allows remote attackers to execute arbitrary commands via long arguments to (1) HELP, (2) USER, (3) PASS, (4) PORT, (5) DELE, (6) REST, (7) RMD, or (8) MKD. |
|
653 |
CVE-2001-0825 |
|
|
Exec Code Overflow |
2001-12-06 |
2018-05-03 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in internal string handling routines of xinetd before 2.1.8.8 allows remote attackers to execute arbitrary commands via a length argument of zero or less, which disables the length check. |
|
654 |
CVE-2001-0824 |
|
|
XSS |
2001-12-06 |
2008-09-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Cross-site scripting vulnerability in IBM WebSphere 3.02 and 3.5 FP2 allows remote attackers to execute Javascript by inserting the Javascript into (1) a request for a .JSP file, or (2) a request to the webapp/examples/ directory, which inserts the Javascript into an error page. |
|
655 |
CVE-2001-0823 |
|
|
+Priv |
2001-12-06 |
2017-10-10 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The pmpost program in Performance Co-Pilot (PCP) before 2.2.1-3 allows a local user to gain privileges via a symlink attack on the NOTICES file in the PCP log directory (PCP_LOG_DIR). |
|
656 |
CVE-2001-0822 |
|
|
DoS |
2001-12-06 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
FPF kernel module 1.0 allows a remote attacker to cause a denial of service via fragmented packets. |
|
657 |
CVE-2001-0821 |
|
|
|
2001-12-06 |
2017-12-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The default configuration of DCShop 1.002 beta places sensitive files in the cgi-bin directory, which could allow remote attackers to read sensitive data via an HTTP GET request for (1) orders.txt or (2) auth_user_file.txt. |
|
658 |
CVE-2001-0820 |
|
|
Exec Code Overflow |
2001-12-06 |
2017-12-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflows in GazTek ghttpd 1.4 allows a remote attacker to execute arbitrary code via long arguments that are passed to (1) the Log function in util.c, or (2) serveconnection in protocol.c. |
|
659 |
CVE-2001-0819 |
119 |
|
Exec Code Overflow |
2001-12-06 |
2017-10-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A buffer overflow in Linux fetchmail before 5.8.6 allows remote attackers to execute arbitrary code via a large 'To:' field in an email header. |
|
660 |
CVE-2001-0818 |
|
|
Exec Code Overflow |
2001-12-06 |
2017-12-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
A buffer overflow the '\s' console command in MDBMS 0.99b9 and earlier allows remote attackers to execute arbitrary commands by sending the command a large amount of data. |
|
661 |
CVE-2001-0817 |
|
|
+Priv |
2001-12-06 |
2017-12-19 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Vulnerability in HP-UX line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to modify arbitrary files and gain root privileges via a certain print request. |
|
662 |
CVE-2001-0816 |
|
|
Bypass |
2001-12-06 |
2017-10-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
OpenSSH before 2.9.9, when running sftp using sftp-server and using restricted keypairs, allows remote authenticated users to bypass authorized_keys2 command= restrictions using sftp commands. |
|
663 |
CVE-2001-0815 |
|
|
Exec Code Overflow |
2001-12-06 |
2017-10-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in PerlIS.dll in Activestate ActivePerl 5.6.1.629 and earlier allows remote attackers to execute arbitrary code via an HTTP request for a long filename that ends in a .pl extension. |
|
664 |
CVE-2001-0808 |
|
|
Exec Code |
2001-12-06 |
2017-12-19 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
gnatsweb.pl in GNATS GnatsWeb 2.7 through 3.95 allows remote attackers to execute arbitrary commands via certain characters in the help_file parameter. |
|
665 |
CVE-2001-0806 |
|
|
|
2001-12-06 |
2017-10-10 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
None |
|
Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a user's desktop folder via insecure default permissions for the Desktop when it is created in some languages. |
|
666 |
CVE-2001-0805 |
|
|
Dir. Trav. |
2001-12-06 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in ttawebtop.cgi in Tarantella Enterprise 3.00 and 3.01 allows remote attackers to read arbitrary files via a .. (dot dot) in the pg parameter. |
|
667 |
CVE-2001-0804 |
|
|
Dir. Trav. |
2001-12-06 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in story.pl in Interactive Story 1.3 allows a remote attacker to read arbitrary files via a .. (dot dot) attack on the "next" parameter. |
|
668 |
CVE-2001-0803 |
119 |
|
Exec Code Overflow |
2001-12-06 |
2017-10-10 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the client connection routine of libDtSvc.so.1 in CDE Subprocess Control Service (dtspcd) allows remote attackers to execute arbitrary commands. |
|
669 |
CVE-2001-0801 |
|
|
+Priv |
2001-12-06 |
2017-10-10 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library. |
|
670 |
CVE-2001-0800 |
|
|
Exec Code |
2001-12-06 |
2008-09-05 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute arbitrary commands via shell metacharacters. |
|
671 |
CVE-2001-0799 |
|
|
Exec Code Overflow |
2001-12-06 |
2017-07-11 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflows in lpsched in IRIX 6.5.13f and earlier allow remote attackers to execute arbitrary commands via a long argument. |
|
672 |
CVE-2001-0797 |
|
|
Exec Code Overflow |
2001-12-12 |
2018-10-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin. |
|
673 |
CVE-2001-0796 |
|
|
DoS |
2001-12-06 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and FreeBSD 3.0, allows remote attackers to cause a denial of service via a malformed IGMP multicast packet with a small response delay. |
|
674 |
CVE-2001-0795 |
|
|
|
2001-10-18 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Perception LiteServe 1.25 allows remote attackers to obtain source code of CGI scripts via URLs that contain MS-DOS conventions such as (1) upper case letters or (2) 8.3 file names. |
|
675 |
CVE-2001-0794 |
|
|
DoS Overflow |
2001-10-18 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in A-FTP Anonymous FTP Server allows remote attackers to cause a denial of service via a long USER command. |
|
676 |
CVE-2001-0792 |
|
|
Exec Code |
2001-10-18 |
2017-10-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Format string vulnerability in XChat 1.2.x allows remote attackers to execute arbitrary code via a malformed nickname. |
|
677 |
CVE-2001-0791 |
|
|
|
2001-10-18 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
Trend Micro InterScan VirusWall for Windows NT allows remote attackers to make configuration changes by directly calling certain CGI programs, which do not restrict access. |
|
678 |
CVE-2001-0790 |
|
|
DoS |
2001-10-18 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Specter IDS version 4.5 and 5.0 allows a remote attacker to cause a denial of service (CPU exhaustion) via a port scan, which causes the server to consume CPU while preparing alerts. |
|
679 |
CVE-2001-0789 |
|
|
DoS Exec Code |
2001-10-18 |
2018-11-28 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Format string vulnerability in avpkeeper in Kaspersky KAV 3.5.135.2 for Sendmail allows remote attackers to cause a denial of service or possibly execute arbitrary code via a malformed mail message. |
|
680 |
CVE-2001-0788 |
|
|
|
2001-10-18 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows remote attackers to obtain an absolute path for the server directory by viewing the Location header. |
|
681 |
CVE-2001-0787 |
|
|
|
2001-10-18 |
2017-10-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
LPRng in Red Hat Linux 7.0 and 7.1 does not properly drop memberships in supplemental groups when lowering privileges, which could allow a local user to elevate privileges. |
|
682 |
CVE-2001-0786 |
|
|
|
2001-10-18 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 stores user passwords in plaintext in the pUser.Dat file. |
|
683 |
CVE-2001-0785 |
|
|
Dir. Trav. |
2001-10-18 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal in Webpaging interface in Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows allows remote attackers to read arbitrary files via a .. (dot dot) attack. |
|
684 |
CVE-2001-0784 |
|
|
Dir. Trav. |
2001-10-18 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in Icecast 1.3.10 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack using encoded URL characters. |
|
685 |
CVE-2001-0783 |
|
|
|
2001-10-18 |
2017-12-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Cisco TFTP server 1.1 allows remote attackers to read arbitrary files via a ..(dot dot) attack in the GET command. |
|
686 |
CVE-2001-0782 |
|
|
+Priv |
2001-10-18 |
2017-12-19 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
KDE ktvision 0.1.1-271 and earlier allows local attackers to gain root privileges via a symlink attack on a user configuration file. |
|
687 |
CVE-2001-0781 |
284 |
|
Exec Code Overflow |
2001-05-30 |
2017-12-19 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in SpoonFTP 1.0.0.12 allows remote attackers to execute arbitrary code via a long argument to the commands (1) CWD or (2) LIST. |
|
688 |
CVE-2001-0780 |
22 |
|
Dir. Trav. |
2001-10-18 |
2016-05-25 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in cosmicpro.cgi in Cosmicperl Directory Pro 2.0 allows remote attackers to gain sensitive information via a .. (dot dot) in the SHOW parameter. |
|
689 |
CVE-2001-0779 |
|
|
Overflow |
2001-10-18 |
2018-10-30 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 and 8 allows remote attackers to gain root access via a long username. |
|
690 |
CVE-2001-0778 |
|
|
|
2001-10-18 |
2017-12-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
OmniHTTPd 2.0.8 and earlier allow remote attackers to obtain source code via a GET request with the URL-encoded symbol for a space (%20). |
|
691 |
CVE-2001-0777 |
|
|
DoS |
2001-10-18 |
2017-12-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Omnicron OmniHTTPd 2.0.8 allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests for PHP scripts. |
|
692 |
CVE-2001-0776 |
|
|
DoS Overflow |
2001-10-18 |
2017-12-19 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Buffer overflow in DynFX MailServer version 2.10 allows remote attackers to conduct a denial of service via a long username to the POP3 service. |
|
693 |
CVE-2001-0775 |
119 |
|
Exec Code Overflow |
2001-10-18 |
2016-05-20 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in xloadimage 4.1 (aka xli 1.16 and 1.17) in Linux allows remote attackers to execute arbitrary code via a FACES format image containing a long (1) Firstname or (2) Lastname field. |
|
694 |
CVE-2001-0774 |
|
|
+Priv |
2001-10-18 |
2017-10-10 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Tripwire 1.3.1, 2.2.1 and 2.3.0 allows local users to overwrite arbitrary files and possible gain privileges via a symbolic link attack on temporary files. |
|
695 |
CVE-2001-0773 |
|
|
DoS |
2001-10-18 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Cayman 3220-H DSL Router 1.0 allows remote attacker to cause a denial of service (crash) via a series of SYN or TCP connect requests. |
|
696 |
CVE-2001-0772 |
|
|
DoS Overflow +Priv |
2001-10-18 |
2017-12-19 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflows and other vulnerabilities in multiple Common Desktop Environment (CDE) modules in HP-UX 10.10 through 11.11 allow attackers to cause a denial of service and possibly gain additional privileges. |
|
697 |
CVE-2001-0771 |
264 |
|
|
2001-10-18 |
2018-11-29 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Spytech SpyAnywhere 1.50 allows remote attackers to gain administrator access via a single character in the "loginpass" field. |
|
698 |
CVE-2001-0770 |
|
|
Exec Code Overflow |
2001-10-18 |
2017-10-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Buffer overflow in GuildFTPd Server 0.97 allows remote attacker to execute arbitrary code via a long SITE command. |
|
699 |
CVE-2001-0769 |
|
|
DoS |
2001-10-18 |
2017-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Memory leak in GuildFTPd Server 0.97 allows remote attackers to cause a denial of service via a request containing a null character. |
|
700 |
CVE-2001-0768 |
|
|
+Priv |
2001-10-18 |
2017-12-19 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
|
GuildFTPd 0.9.7 stores user names and passwords in plaintext in the default.usr file, which allows local users to gain privileges as other FTP users by reading the file. |
