CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2001

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
701 CVE-2001-0652 Overflow +Priv 2001-10-30 2018-10-30
7.2
None Local Low Not required Complete Complete Complete
Heap overflow in xlock in Solaris 2.6 through 8 allows local users to gain root privileges via a long (1) XFILESEARCHPATH or (2) XUSERFILESEARCHPATH environmental variable.
702 CVE-2001-0699 Exec Code Overflow 2001-09-20 2018-10-30
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in cb_reset in the System Service Processor (SSP) package of SunOS 5.8 allows a local user to execute arbitrary code via a long argument.
703 CVE-2001-0701 Overflow +Priv 2001-09-20 2018-05-03
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in ptexec in the Sun Validation Test Suite 4.3 and earlier allows a local user to gain privileges via a long -o argument.
704 CVE-2001-0734 +Priv 2001-10-18 2017-12-19
7.2
None Local Low Not required Complete Complete Complete
Hitachi Super-H architecture in NetBSD 1.5 and 1.4.1 allows a local user to gain privileges via modified Status Register contents, which are not properly handled by (1) the sigreturn system call or (2) the process_write_regs kernel routine.
705 CVE-2001-0735 Exec Code Overflow 2001-10-18 2017-12-19
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in cfingerd 1.4.3 and earlier with the ALLOW_LINE_PARSING option enabled allows local users to execute arbitrary code via a long line in the .nofinger file.
706 CVE-2001-0739 +Priv 2001-10-18 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
Guardian Digital WebTool in EnGarde Secure Linux 1.0.1 allows restarted services to inherit some environmental variables, which could allow local users to gain root privileges.
707 CVE-2001-0759 Exec Code Overflow 2001-10-18 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in bctool in Jetico BestCrypt 0.8.1 and earlier allows local users to execute arbitrary code via a file or directory with a long pathname, which is processed during an unmount.
708 CVE-2001-0764 Exec Code Overflow 2001-10-18 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in ntping in scotty 2.1.0 allows local users to execute arbitrary code via a long hostname as a command line argument.
709 CVE-2001-0782 +Priv 2001-10-18 2017-12-19
7.2
None Local Low Not required Complete Complete Complete
KDE ktvision 0.1.1-271 and earlier allows local attackers to gain root privileges via a symlink attack on a user configuration file.
710 CVE-2001-0801 +Priv 2001-12-06 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library.
711 CVE-2001-0823 +Priv 2001-12-06 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
The pmpost program in Performance Co-Pilot (PCP) before 2.2.1-3 allows a local user to gain privileges via a symlink attack on the NOTICES file in the PCP log directory (PCP_LOG_DIR).
712 CVE-2001-0833 Exec Code Overflow 2001-12-06 2018-05-03
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in otrcrep in Oracle 8.0.x through 9.0.1 allows local users to execute arbitrary code via a long ORACLE_HOME environment variable, aka the "Oracle Trace Collection Security Vulnerability."
713 CVE-2001-0855 Overflow +Priv 2001-12-06 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in db_loader in ClearCase 4.2 and earlier allows local users to gain root privileges via a long TERM environment variable.
714 CVE-2001-0872 +Priv 2001-12-21 2018-05-03
7.2
None Local Low Not required Complete Complete Complete
OpenSSH 3.0.1 and earlier with UseLogin enabled does not properly cleanse critical environment variables such as LD_PRELOAD, which allows local users to gain root privileges.
715 CVE-2001-0873 +Priv 2001-12-21 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
uuxqt in Taylor UUCP package does not properly remove dangerous long options, which allows local users to gain privileges by calling uux and specifying an alternate configuration file with the --config option.
716 CVE-2001-0912 +Priv 2001-11-30 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
Packaging error for expect 8.3.3 in Mandrake Linux 8.1 causes expect to search for its libraries in the /home/snailtalk directory before other directories, which could allow a local user to gain root privileges.
717 CVE-2001-0915 +Priv 2001-11-21 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
Format string vulnerability in Berkeley parallel make (pmake) 2.1.33 and earlier allows a local user to gain root privileges via format specifiers in the check argument of a shell definition.
718 CVE-2001-0916 Overflow +Priv 2001-11-21 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in Berkeley parallel make (pmake) 2.1.33 and earlier allows a local user to gain root privileges via a long check argument of a shell definition.
719 CVE-2001-0923 Exec Code 2001-10-25 2017-12-19
7.2
None Local Low Not required Complete Complete Complete
RPM Package Manager 4.0.x through 4.0.2.x allows an attacker to execute arbitrary code via corrupted data in the RPM file when the file is queried.
720 CVE-2001-0943 Exec Code 2001-08-31 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
dbsnmp in Oracle 8.0.5 and 8.1.5, under certain conditions, trusts the PATH environment variable to find and execute the (1) chown or (2) chgrp commands, which allows local users to execute arbitrary code by modifying the PATH to point to Trojan Horse programs.
721 CVE-2001-0944 Exec Code 2001-12-02 2016-10-18
7.2
None Local Low Not required Complete Complete Complete
DDE in mIRC allows local users to launch applications under another user's account via a DDE message that executes a command, which may be executed by the other user's process.
722 CVE-2001-0955 DoS Overflow +Priv 2001-09-22 2017-12-19
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in fbglyph.c in XFree86 before 4.2.0, related to glyph clipping for large origins, allows attackers to cause a denial of service and possibly gain privileges via a large number of characters, possibly through the web page search form of KDE Konqueror or from an xterm command with a long title.
723 CVE-2001-0956 Exec Code 2001-09-11 2017-12-19
7.2
None Local Low Not required Complete Complete Complete
speechd 0.54 and earlier, with the Festival or rsynth speech synthesis package, allows attackers to execute arbitrary commands via shell metacharacters.
724 CVE-2001-0976 +Priv 2001-08-31 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
Vulnerability in HP Process Resource Manager (PRM) C.01.08.2 and earlier, as used by HP-UX Workload Manager (WLM), allows local users to gain root privileges via modified libraries or environment variables.
725 CVE-2001-0979 Overflow +Priv 2001-09-03 2017-12-19
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in swverify in HP-UX 11.0, and possibly other programs, allows local users to gain privileges via a long command line argument.
726 CVE-2001-0988 +Info 2001-07-23 2017-12-19
7.2
None Local Low Not required Complete Complete Complete
Arkeia backup server 4.2.8-2 and earlier creates its database files with world-writable permissions, which could allow local users to overwrite the files or obtain sensitive information.
727 CVE-2001-0989 Overflow +Priv 2001-07-23 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
Buffer overflows in Pileup before 1.2 allows local users to gain root privileges via (1) long command line arguments, or (2) a long callsign.
728 CVE-2001-1012 +Priv 2001-09-05 2017-12-19
7.2
None Local Low Not required Complete Complete Complete
Vulnerability in screen before 3.9.10, related to a multi-attach error, allows local users to gain root privileges when there is a subdirectory under /tmp/screens/.
729 CVE-2001-1015 Overflow +Priv 2001-10-16 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in Snes9x 1.37, when installed setuid root, allows local users to gain root privileges via a long command line argument.
730 CVE-2001-1017 +Priv 2001-09-04 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
rmuser utility in FreeBSD 4.2 and 4.3 creates a copy of the master.passwd file with world-readable permissions while updating the original file, which could allow local users to gain privileges by reading the copied file while rmuser is running, obtain the password hashes, and crack the passwords.
731 CVE-2001-1028 Overflow +Priv 2001-05-28 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in ultimate_source function of man 1.5 and earlier allows local users to gain privileges.
732 CVE-2001-1034 Exec Code 2001-09-23 2017-12-19
7.2
None Local Low Not required Complete Complete Complete
Format string vulnerability in Hylafax on FreeBSD allows local users to execute arbitrary code via format specifiers in the -h hostname argument for (1) faxrm or (2) faxalter.
733 CVE-2001-1036 +Priv 2001-08-31 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
GNU locate in findutils 4.1 on Slackware 7.1 and 8.0 allows local users to gain privileges via an old formatted filename database (locatedb) that contains an entry with an out-of-range offset, which causes locate to write to arbitrary process memory.
734 CVE-2001-1062 Exec Code Overflow 2001-08-31 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in mana in OpenServer 5.0.6a and earlier allows local users to execute arbitrary code.
735 CVE-2001-1063 Overflow +Priv 2001-08-31 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in uidadmin in Caldera Open Unix 8.0.0 and UnixWare 7 allows local users to gain root privileges via a long -S (scheme) command line argument.
736 CVE-2001-1069 2001-08-31 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
libCoolType library as used in Adobe Acrobat (acroread) on Linux creates the AdobeFnt.lst file with world-writable permissions, which allows local users to modify the file and possibly modify acroread's behavior.
737 CVE-2001-1074 +Priv 2001-05-28 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
Webmin 0.84 and earlier does not properly clear the HTTP_AUTHORIZATION environment variable when the web server is restarted, which makes authentication information available to all CGI programs and allows local users to gain privileges.
738 CVE-2001-1076 Exec Code Overflow 2001-07-05 2018-10-30
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in whodo in Solaris SunOS 5.5.1 through 5.8 allows local users to execute arbitrary code via a long (1) SOR or (2) CFIME environment variable.
739 CVE-2001-1091 +Priv 2001-08-23 2017-12-19
7.2
None Local Low Not required Complete Complete Complete
The (1) dump and (2) dump_lfs commands in NetBSD 1.4.x through 1.5.1 do not properly drop privileges, which could allow local users to gain privileges via the RCMD_CMD environment variable.
740 CVE-2001-1093 Exec Code Overflow 2001-09-10 2017-12-19
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in msgchk in Digital UNIX 4.0G and earlier allows local users to execute arbitrary code via a long command line argument.
741 CVE-2001-1123 Exec Code Overflow 2001-10-01 2017-12-19
7.2
None Local Low Not required Complete Complete Complete
Vulnerability in Network Node Manager (NNM) 6.2 and earlier in HP OpenView allows a local user to execute arbitrary code, possibly via a buffer overflow in a long hostname or object ID.
742 CVE-2001-1127 Exec Code Overflow 2001-10-05 2017-12-19
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in Progress database 8.3D and 9.1C could allow a local user to execute arbitrary code via (1) _proapsv, (2) _mprosrv, (3) _mprshut, (4) orarx, (5) sqlcpp, (6) _probrkr, (7) _sqlschema and (8) _sqldump.
743 CVE-2001-1128 Exec Code Overflow 2001-10-08 2017-12-19
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in Progress database 8.3D and 9.1C allows local users to execute arbitrary code via long entries in files that are specified by the (1) PROMSGS or (2) PROTERMCAP environment variables.
744 CVE-2001-1129 Exec Code 2001-11-02 2017-12-19
7.2
None Local Low Not required Complete Complete Complete
Format string vulnerabilities in (1) _probuild, (2) _dbutil, (3) _mprosrv, (4) _mprshut, (5) _proapsv, (6) _progres, (7) _proutil, (8) _rfutil and (9) prolib in Progress database 9.1C allows a local user to execute arbitrary code via format string specifiers in the file used by the PROMSGS environment variable.
745 CVE-2001-1147 2001-10-08 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
The PAM implementation in /bin/login of the util-linux package before 2.11 causes a password entry to be rewritten across multiple PAM calls, which could provide the credentials of one user to a different user, when used in certain PAM modules such as pam_limits.
746 CVE-2001-1153 DoS Exec Code 2001-08-28 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
lpsystem in OpenUnix 8.0.0 allows local users to cause a denial of service and possibly execute arbitrary code via a long command line argument.
747 CVE-2001-1164 Exec Code Overflow 2001-06-27 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in uucp utilities in UnixWare 7 allows local users to execute arbitrary code via long command line arguments to (1) uucp, (2) uux, (3) bnuconvert, (4) uucico, (5) uuxcmd, or (6) uuxqt.
748 CVE-2001-1173 +Priv 2001-07-26 2008-09-10
7.2
None Local Low Not required Complete Complete Complete
Vulnerability in MasqMail before 0.1.15 allows local users to gain privileges via piped aliases.
749 CVE-2001-1178 Overflow +Priv 2001-07-11 2017-12-19
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in xman allows local users to gain privileges via a long MANPATH environment variable.
750 CVE-2001-1179 +Priv 2001-07-17 2008-09-05
7.2
None Local Low Not required Complete Complete Complete
xman allows local users to gain privileges by modifying the MANPATH to point to a man page whose filename contains shell metacharacters.
Total number of vulnerabilities : 1677   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 (This Page)16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.