CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2001

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
901 CVE-2001-0763 Exec Code Overflow 2001-10-18 2018-05-03
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in Linux xinetd 2.1.8.9pre11-1 and earlier may allow remote attackers to execute arbitrary code via a long ident response, which is not properly handled by the svc_logprint function.
902 CVE-2001-0764 Exec Code Overflow 2001-10-18 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
Buffer overflow in ntping in scotty 2.1.0 allows local users to execute arbitrary code via a long hostname as a command line argument.
903 CVE-2001-0765 2001-10-18 2017-10-10
4.6
None Local Low Not required Partial Partial Partial
BisonFTP V4R1 allows local users to access directories outside of their home directory by uploading .bdl files, which can then be linked to other directories.
904 CVE-2001-0766 Bypass 2001-10-18 2008-09-05
7.5
None Remote Low Not required Partial Partial Partial
Apache on MacOS X Client 10.0.3 with the HFS+ file system allows remote attackers to bypass access restrictions via a URL that contains some characters whose case is not matched by Apache's filters.
905 CVE-2001-0767 Dir. Trav. 2001-10-18 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in GuildFTPd 0.9.7 allows attackers to list or read arbitrary files and directories via a .. in (1) LS or (2) GET.
906 CVE-2001-0768 +Priv 2001-10-18 2017-12-19
4.6
None Local Low Not required Partial Partial Partial
GuildFTPd 0.9.7 stores user names and passwords in plaintext in the default.usr file, which allows local users to gain privileges as other FTP users by reading the file.
907 CVE-2001-0769 DoS 2001-10-18 2017-10-10
5.0
None Remote Low Not required None None Partial
Memory leak in GuildFTPd Server 0.97 allows remote attackers to cause a denial of service via a request containing a null character.
908 CVE-2001-0770 Exec Code Overflow 2001-10-18 2017-10-10
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in GuildFTPd Server 0.97 allows remote attacker to execute arbitrary code via a long SITE command.
909 CVE-2001-0771 264 2001-10-18 2018-11-29
7.5
None Remote Low Not required Partial Partial Partial
Spytech SpyAnywhere 1.50 allows remote attackers to gain administrator access via a single character in the "loginpass" field.
910 CVE-2001-0772 DoS Overflow +Priv 2001-10-18 2017-12-19
4.6
None Local Low Not required Partial Partial Partial
Buffer overflows and other vulnerabilities in multiple Common Desktop Environment (CDE) modules in HP-UX 10.10 through 11.11 allow attackers to cause a denial of service and possibly gain additional privileges.
911 CVE-2001-0773 DoS 2001-10-18 2017-10-10
5.0
None Remote Low Not required None None Partial
Cayman 3220-H DSL Router 1.0 allows remote attacker to cause a denial of service (crash) via a series of SYN or TCP connect requests.
912 CVE-2001-0774 +Priv 2001-10-18 2017-10-10
4.6
None Local Low Not required Partial Partial Partial
Tripwire 1.3.1, 2.2.1 and 2.3.0 allows local users to overwrite arbitrary files and possible gain privileges via a symbolic link attack on temporary files.
913 CVE-2001-0775 119 Exec Code Overflow 2001-10-18 2016-05-20
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in xloadimage 4.1 (aka xli 1.16 and 1.17) in Linux allows remote attackers to execute arbitrary code via a FACES format image containing a long (1) Firstname or (2) Lastname field.
914 CVE-2001-0776 DoS Overflow 2001-10-18 2017-12-19
5.0
None Remote Low Not required None None Partial
Buffer overflow in DynFX MailServer version 2.10 allows remote attackers to conduct a denial of service via a long username to the POP3 service.
915 CVE-2001-0777 DoS 2001-10-18 2017-12-19
5.0
None Remote Low Not required None None Partial
Omnicron OmniHTTPd 2.0.8 allows remote attackers to cause a denial of service (memory exhaustion) via a series of requests for PHP scripts.
916 CVE-2001-0778 2001-10-18 2017-12-19
5.0
None Remote Low Not required None Partial None
OmniHTTPd 2.0.8 and earlier allow remote attackers to obtain source code via a GET request with the URL-encoded symbol for a space (%20).
917 CVE-2001-0779 Overflow 2001-10-18 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in rpc.yppasswdd (yppasswd server) in Solaris 2.6, 7 and 8 allows remote attackers to gain root access via a long username.
918 CVE-2001-0780 22 Dir. Trav. 2001-10-18 2016-05-25
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in cosmicpro.cgi in Cosmicperl Directory Pro 2.0 allows remote attackers to gain sensitive information via a .. (dot dot) in the SHOW parameter.
919 CVE-2001-0781 284 Exec Code Overflow 2001-05-30 2017-12-19
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in SpoonFTP 1.0.0.12 allows remote attackers to execute arbitrary code via a long argument to the commands (1) CWD or (2) LIST.
920 CVE-2001-0782 +Priv 2001-10-18 2017-12-19
7.2
None Local Low Not required Complete Complete Complete
KDE ktvision 0.1.1-271 and earlier allows local attackers to gain root privileges via a symlink attack on a user configuration file.
921 CVE-2001-0783 2001-10-18 2017-12-19
5.0
None Remote Low Not required Partial None None
Cisco TFTP server 1.1 allows remote attackers to read arbitrary files via a ..(dot dot) attack in the GET command.
922 CVE-2001-0784 Dir. Trav. 2001-10-18 2017-10-10
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in Icecast 1.3.10 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack using encoded URL characters.
923 CVE-2001-0785 Dir. Trav. 2001-10-18 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal in Webpaging interface in Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows allows remote attackers to read arbitrary files via a .. (dot dot) attack.
924 CVE-2001-0786 2001-10-18 2008-09-05
5.0
None Remote Low Not required Partial None None
Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 stores user passwords in plaintext in the pUser.Dat file.
925 CVE-2001-0787 2001-10-18 2017-10-10
4.6
None Local Low Not required Partial Partial Partial
LPRng in Red Hat Linux 7.0 and 7.1 does not properly drop memberships in supplemental groups when lowering privileges, which could allow a local user to elevate privileges.
926 CVE-2001-0788 2001-10-18 2008-09-05
5.0
None Remote Low Not required Partial None None
Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows remote attackers to obtain an absolute path for the server directory by viewing the Location header.
927 CVE-2001-0789 DoS Exec Code 2001-10-18 2018-11-28
10.0
None Remote Low Not required Complete Complete Complete
Format string vulnerability in avpkeeper in Kaspersky KAV 3.5.135.2 for Sendmail allows remote attackers to cause a denial of service or possibly execute arbitrary code via a malformed mail message.
928 CVE-2001-0790 DoS 2001-10-18 2008-09-05
5.0
None Remote Low Not required None None Partial
Specter IDS version 4.5 and 5.0 allows a remote attacker to cause a denial of service (CPU exhaustion) via a port scan, which causes the server to consume CPU while preparing alerts.
929 CVE-2001-0791 2001-10-18 2008-09-05
5.0
None Remote Low Not required None Partial None
Trend Micro InterScan VirusWall for Windows NT allows remote attackers to make configuration changes by directly calling certain CGI programs, which do not restrict access.
930 CVE-2001-0792 Exec Code 2001-10-18 2017-10-10
7.5
None Remote Low Not required Partial Partial Partial
Format string vulnerability in XChat 1.2.x allows remote attackers to execute arbitrary code via a malformed nickname.
931 CVE-2001-0794 DoS Overflow 2001-10-18 2008-09-05
5.0
None Remote Low Not required None None Partial
Buffer overflow in A-FTP Anonymous FTP Server allows remote attackers to cause a denial of service via a long USER command.
932 CVE-2001-0795 2001-10-18 2008-09-05
5.0
None Remote Low Not required Partial None None
Perception LiteServe 1.25 allows remote attackers to obtain source code of CGI scripts via URLs that contain MS-DOS conventions such as (1) upper case letters or (2) 8.3 file names.
933 CVE-2001-0796 DoS 2001-12-06 2017-10-10
5.0
None Remote Low Not required None None Partial
SGI IRIX 6.5 through 6.5.12f and possibly earlier versions, and FreeBSD 3.0, allows remote attackers to cause a denial of service via a malformed IGMP multicast packet with a small response delay.
934 CVE-2001-0797 Exec Code Overflow 2001-12-12 2018-10-30
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in login in various System V based operating systems allows remote attackers to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.
935 CVE-2001-0799 Exec Code Overflow 2001-12-06 2017-07-11
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflows in lpsched in IRIX 6.5.13f and earlier allow remote attackers to execute arbitrary commands via a long argument.
936 CVE-2001-0800 Exec Code 2001-12-06 2008-09-05
10.0
None Remote Low Not required Complete Complete Complete
lpsched in IRIX 6.5.13f and earlier allows remote attackers to execute arbitrary commands via shell metacharacters.
937 CVE-2001-0801 +Priv 2001-12-06 2017-10-10
7.2
None Local Low Not required Complete Complete Complete
lpstat in IRIX 6.5.13f and earlier allows local users to gain root privileges by specifying a Trojan Horse nettype shared library.
938 CVE-2001-0803 119 Exec Code Overflow 2001-12-06 2017-10-10
10.0
None Remote Low Not required Complete Complete Complete
Buffer overflow in the client connection routine of libDtSvc.so.1 in CDE Subprocess Control Service (dtspcd) allows remote attackers to execute arbitrary commands.
939 CVE-2001-0804 Dir. Trav. 2001-12-06 2017-10-10
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in story.pl in Interactive Story 1.3 allows a remote attacker to read arbitrary files via a .. (dot dot) attack on the "next" parameter.
940 CVE-2001-0805 Dir. Trav. 2001-12-06 2017-10-10
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in ttawebtop.cgi in Tarantella Enterprise 3.00 and 3.01 allows remote attackers to read arbitrary files via a .. (dot dot) in the pg parameter.
941 CVE-2001-0806 2001-12-06 2017-10-10
3.6
None Local Low Not required Partial Partial None
Apple MacOS X 10.0 and 10.1 allow a local user to read and write to a user's desktop folder via insecure default permissions for the Desktop when it is created in some languages.
942 CVE-2001-0807 2001-12-06 2021-07-22
2.6
None Remote High Not required Partial None None
Internet Explorer 5.0, and possibly other versions, may allow remote attackers (malicious web pages) to read known text files from a client's hard drive via a SCRIPT tag with a SRC value that points to the text file.
943 CVE-2001-0808 Exec Code 2001-12-06 2017-12-19
10.0
None Remote Low Not required Complete Complete Complete
gnatsweb.pl in GNATS GnatsWeb 2.7 through 3.95 allows remote attackers to execute arbitrary commands via certain characters in the help_file parameter.
944 CVE-2001-0809 2001-12-06 2017-10-11
2.1
None Local Low Not required None Partial None
Vulnerability in CIFS/9000 Server (SAMBA) A.01.06 and earlier in HP-UX 11.0 and 11.11, when configured as a print server, allows local users to overwrite arbitrary files by modifying certain resources.
945 CVE-2001-0815 Exec Code Overflow 2001-12-06 2017-10-10
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflow in PerlIS.dll in Activestate ActivePerl 5.6.1.629 and earlier allows remote attackers to execute arbitrary code via an HTTP request for a long filename that ends in a .pl extension.
946 CVE-2001-0816 Bypass 2001-12-06 2017-10-10
7.5
None Remote Low Not required Partial Partial Partial
OpenSSH before 2.9.9, when running sftp using sftp-server and using restricted keypairs, allows remote authenticated users to bypass authorized_keys2 command= restrictions using sftp commands.
947 CVE-2001-0817 +Priv 2001-12-06 2017-12-19
10.0
None Remote Low Not required Complete Complete Complete
Vulnerability in HP-UX line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to modify arbitrary files and gain root privileges via a certain print request.
948 CVE-2001-0818 Exec Code Overflow 2001-12-06 2017-12-19
7.5
None Remote Low Not required Partial Partial Partial
A buffer overflow the '\s' console command in MDBMS 0.99b9 and earlier allows remote attackers to execute arbitrary commands by sending the command a large amount of data.
949 CVE-2001-0819 119 Exec Code Overflow 2001-12-06 2017-10-10
7.5
None Remote Low Not required Partial Partial Partial
A buffer overflow in Linux fetchmail before 5.8.6 allows remote attackers to execute arbitrary code via a large 'To:' field in an email header.
950 CVE-2001-0820 Exec Code Overflow 2001-12-06 2017-12-19
7.5
None Remote Low Not required Partial Partial Partial
Buffer overflows in GazTek ghttpd 1.4 allows a remote attacker to execute arbitrary code via long arguments that are passed to (1) the Log function in util.c, or (2) serveconnection in protocol.c.
Total number of vulnerabilities : 1677   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 (This Page)20 21 22 23 24 25 26 27 28 29 30 31 32 33 34
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.