CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
  Take a third party risk management course for FREE
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In 2001

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
951 CVE-2001-0227 DoS Exec Code Overflow 2001-05-03 2008-09-05
5.0
None Remote Low Not required Partial None None
Buffer overflow in BiblioWeb web server 2.0 allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long HTTP GET request.
952 CVE-2001-0228 Dir. Trav. 2001-05-03 2017-12-20
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in GoAhead web server 2.1 and earlier allows remote attackers to read arbitrary files via a .. attack in an HTTP GET request.
953 CVE-2001-0231 Dir. Trav. 2001-03-26 2017-12-19
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in newsdesk.cgi in News Desk 1.2 allows remote attackers to read arbitrary files via a .. in the "t" parameter.
954 CVE-2001-0232 2001-03-26 2008-09-05
5.0
None Remote Low Not required Partial None None
newsdesk.cgi in News Desk 1.2 allows remote attackers to read arbitrary files via shell metacharacters.
955 CVE-2001-0237 DoS 2001-06-27 2019-04-30
5.0
None Remote Low Not required None None Partial
Memory leak in Microsoft 2000 domain controller allows remote attackers to cause a denial of service by repeatedly connecting to the Kerberos service and then disconnecting without sending any data.
956 CVE-2001-0243 2001-06-27 2018-10-12
5.0
None Remote Low Not required Partial None None
Windows Media Player 7 and earlier stores Internet shortcuts in a user's Temporary Files folder with a fixed filename instead of in the Internet Explorer cache, which causes the HTML in those shortcuts to run in the Local Computer Zone instead of the Internet Zone, which allows remote attackers to read certain files.
957 CVE-2001-0245 2001-06-27 2018-10-12
5.0
None Remote Low Not required Partial None None
Microsoft Index Server 2.0 in Windows NT 4.0, and Indexing Service in Windows 2000, allows remote attackers to read server-side include files via a malformed search request, aka a new variant of the "Malformed Hit-Highlighting" vulnerability.
958 CVE-2001-0246 2001-06-27 2021-07-23
5.0
None Remote Low Not required Partial None None
Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain, aka a variant of the "Frame Domain Verification" vulnerability.
959 CVE-2001-0250 2001-06-02 2017-12-19
5.0
None Remote Low Not required Partial None None
The Web Publishing feature in Netscape Enterprise Server 4.x and earlier allows remote attackers to list arbitrary directories under the web server root via the INDEX command.
960 CVE-2001-0251 DoS 2001-06-02 2017-12-19
5.0
None Remote Low Not required None None Partial
The Web Publishing feature in Netscape Enterprise Server 3.x allows remote attackers to cause a denial of service via the REVLOG command.
961 CVE-2001-0252 DoS 2001-06-02 2017-10-10
5.0
None Remote Low Not required None None Partial
iPlanet (formerly Netscape) Enterprise Server 4.1 allows remote attackers to cause a denial of service via a long HTTP GET request that contains many "/../" (dot dot) sequences.
962 CVE-2001-0253 Dir. Trav. 2001-06-02 2017-12-19
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in hsx.cgi program in iWeb Hyperseek 2000 allows remote attackers to read arbitrary files and directories via a .. (dot dot) attack in the show parameter.
963 CVE-2001-0254 2001-06-02 2016-10-18
5.0
None Remote Low Not required Partial None None
FaSTream FTP++ Server 2.0 allows remote attackers to obtain the real pathname of the server via the "pwd" command.
964 CVE-2001-0255 2001-06-02 2017-12-19
5.0
None Remote Low Not required Partial None None
FaSTream FTP++ Server 2.0 allows remote attackers to list arbitrary directories by using the "ls" command and including the drive letter name (e.g. C:) in the requested pathname.
965 CVE-2001-0258 DoS 2001-06-02 2017-12-19
5.0
None Remote Low Not required None None Partial
The Easycom/Safecom Print Server (firmware 404.590) PrintGuide server allows remote attackers to cause a denial of service via a large number of connections that send null characters.
966 CVE-2001-0264 +Info 2001-06-18 2008-09-05
5.0
None Remote Low Not required Partial None None
Gene6 G6 FTP Server 2.0 (aka BPFTP Server 2.10) allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection.
967 CVE-2001-0270 DoS 2001-05-03 2008-09-05
5.0
None Remote Low Not required None None Partial
Marconi ASX-1000 ASX switches allow remote attackers to cause a denial of service in the telnet and web management interfaces via a malformed packet with the SYN-FIN and More Fragments attributes set.
968 CVE-2001-0272 Dir. Trav. 2001-05-03 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in sendtemp.pl in W3.org Anaya Web development server allows remote attackers to read arbitrary files via a .. (dot dot) attack in the templ parameter.
969 CVE-2001-0286 Dir. Trav. 2001-05-03 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in A1 HTTP server 1.0a allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request.
970 CVE-2001-0293 Dir. Trav. 2001-05-03 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in FtpXQ FTP server 2.0.93 allows remote attackers to read arbitrary files via a .. (dot dot) in the GET command.
971 CVE-2001-0294 Dir. Trav. 2001-05-03 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in TYPSoft FTP Server 0.85 allows remote attackers to read arbitrary files via (1) a .. (dot dot) in a GET command, or (2) a ... in a CWD command.
972 CVE-2001-0295 Dir. Trav. 2001-05-03 2016-10-18
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in War FTP 1.67.04 allows remote attackers to list directory contents and possibly read files via a "dir *./../.." command.
973 CVE-2001-0297 Dir. Trav. 2001-05-03 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in Simple Server HTTPd 1.0 (originally Free Java Server) allows remote attackers to read arbitrary files via a .. (dot dot) in the URL.
974 CVE-2001-0298 DoS Exec Code Overflow 2001-05-03 2008-09-05
5.0
None Remote Low Not required None None Partial
Buffer overflow in WebReflex 1.55 HTTPd allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP GET request.
975 CVE-2001-0302 DoS Exec Code Overflow 2001-05-03 2008-09-05
5.0
None Remote Low Not required None None Partial
Buffer overflow in tstisapi.dll in Pi3Web 1.0.1 web server allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long URL.
976 CVE-2001-0303 2001-05-03 2008-09-05
5.0
None Remote Low Not required Partial None None
tstisapi.dll in Pi3Web 1.0.1 web server allows remote attackers to determine the physical path of the server via a URL that requests a non-existent file.
977 CVE-2001-0304 Dir. Trav. 2001-05-03 2016-10-18
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in Caucho Resin 1.2.2 allows remote attackers to read arbitrary files via a "\.." (dot dot) in a URL request.
978 CVE-2001-0305 Dir. Trav. 2001-05-03 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in store.cgi in Thinking Arts ES.One package allows remote attackers to read arbitrary files via a .. (dot dot) in the StartID parameter.
979 CVE-2001-0306 Dir. Trav. 2001-05-03 2008-09-05
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in ITAfrica WEBactive HTTP Server 1.00 allows remote attackers to read arbitrary files via a .. (dot dot) in a URL.
980 CVE-2001-0309 DoS 2001-06-02 2017-10-10
5.0
None Remote Low Not required None None Partial
inetd in Red Hat 6.2 does not properly close sockets for internal services such as chargen, daytime, echo, etc., which allows remote attackers to cause a denial of service via a series of connections to the internal services.
981 CVE-2001-0312 Bypass 2001-06-02 2008-09-05
5.0
None Remote Low Not required Partial None None
IBM WebSphere plugin for Netscape Enterprise server allows remote attackers to read source code for JSP files via an HTTP request that contains a host header that references a host that is not in WebSphere's host aliases list, which will bypass WebSphere processing.
982 CVE-2001-0313 DoS 2001-06-02 2017-12-19
5.0
None Remote Low Not required None None Partial
Borderware Firewall Server 6.1.2 allows remote attackers to cause a denial of service via a ping to the broadcast address of the public network on which the server is placed, which causes the server to continuously send pings (echo requests) to the network.
983 CVE-2001-0321 2001-05-03 2017-10-10
5.0
None Remote Low Not required Partial None None
opendir.php script in PHP-Nuke allows remote attackers to read arbitrary files by specifying the filename as an argument to the requesturl parameter.
984 CVE-2001-0322 DoS 2001-06-02 2021-07-22
5.0
None Remote Low Not required None None Partial
MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, allows remote attackers to cause a denial of service (application crash) via a script that creates and deletes an object that is associated with the browser window object.
985 CVE-2001-0327 DoS 2001-07-02 2008-09-05
5.0
None Remote Low Not required Partial None None
iPlanet Web Server Enterprise Edition 4.1 and earlier allows remote attackers to retrieve sensitive data from memory allocation pools, or cause a denial of service, via a URL-encoded Host: header in the HTTP request, which reveals memory in the Location: header that is returned by the server.
986 CVE-2001-0328 2001-06-27 2017-10-19
5.0
None Remote Low Not required None None Partial
TCP implementations that use random increments for initial sequence numbers (ISN) can allow remote attackers to perform session hijacking or disruption by injecting a flood of packets with a range of ISN values, one of which may match the expected ISN.
987 CVE-2001-0332 2001-06-27 2021-07-23
5.0
None Remote Low Not required Partial None None
Internet Explorer 5.5 and earlier does not properly verify the domain of a frame within a browser window, which allows remote web site operators to read certain files on the client by sending information from a local frame to a frame in a different domain using MSScriptControl.ScriptControl and GetObject, aka a variant of the "Frame Domain Verification" vulnerability.
988 CVE-2001-0334 DoS 2001-06-27 2018-10-12
5.0
None Remote Low Not required None None Partial
FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded.
989 CVE-2001-0335 2001-06-27 2018-10-12
5.0
None Remote Low Not required Partial None None
FTP service in IIS 5.0 and earlier allows remote attackers to enumerate Guest accounts in trusted domains by preceding the username with a special sequence of characters.
990 CVE-2001-0336 DoS 2001-06-27 2018-10-12
5.0
None Remote Low Not required None None Partial
The Microsoft MS00-060 patch for IIS 5.0 and earlier introduces an error which allows attackers to cause a denial of service via a malformed request.
991 CVE-2001-0337 DoS 2001-06-27 2018-10-12
5.0
None Remote Low Not required None None Partial
The Microsoft MS01-014 and MS01-016 patches for IIS 5.0 and earlier introduce a memory leak which allows attackers to cause a denial of service via a series of requests.
992 CVE-2001-0345 DoS 2001-07-21 2018-10-12
5.0
None Remote Low Not required None None Partial
Microsoft Windows 2000 telnet service allows attackers to prevent idle Telnet sessions from timing out, causing a denial of service by creating a large number of idle sessions.
993 CVE-2001-0346 DoS 2001-07-21 2018-10-12
5.0
None Remote Low Not required None None Partial
Handle leak in Microsoft Windows 2000 telnet service allows attackers to cause a denial of service by starting a large number of sessions and terminating them.
994 CVE-2001-0348 DoS 2001-07-21 2018-10-12
5.0
None Remote Low Not required None None Partial
Microsoft Windows 2000 telnet service allows attackers to cause a denial of service (crash) via a long logon command that contains a backspace.
995 CVE-2001-0352 2001-07-21 2008-09-10
5.0
None Remote Low Not required Partial None None
SNMP agents in 3Com AirConnect AP-4111 and Symbol 41X1 Access Point allow remote attackers to obtain the WEP encryption key by reading it from a MIB when the value should be write-only, via (1) dot11WEPDefaultKeyValue in the dot11WEPDefaultKeysTable of the IEEE 802.11b MIB, or (2) ap128bWepKeyValue in the ap128bWEPKeyTable in the Symbol MIB.
996 CVE-2001-0354 DoS 2001-07-02 2008-09-05
5.0
None Remote Low Not required None None Partial
TheNet CheckBO 1.56 allows remote attackers to cause a denial of service via a flood of characters to the TCP ports which it is listening on.
997 CVE-2001-0355 2001-06-27 2016-10-18
5.0
None Remote Low Not required Partial None None
Novell Groupwise 5.5 (sp1 and sp2) allows a remote user to access arbitrary files via an implementation error in Groupwise system policies.
998 CVE-2001-0360 Dir. Trav. 2001-06-27 2017-12-19
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in help.cgi in Ikonboard 2.1.7b and earlier allows a remote attacker to read arbitrary files via a .. (dot dot) attack in the helpon parameter.
999 CVE-2001-0364 DoS 2001-06-27 2017-10-10
5.0
None Remote Low Not required None None Partial
SSH Communications Security sshd 2.4 for Windows allows remote attackers to create a denial of service via a large number of simultaneous connections.
1000 CVE-2001-0367 DoS 2001-06-27 2016-10-18
5.0
None Remote Low Not required None None Partial
Mirabilis ICQ WebFront Plug-in ICQ2000b Build 3278 allows a remote attacker to create a denial of service via HTTP URL requests containing a large number of % characters.
Total number of vulnerabilities : 1677   Page : 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 (This Page)21 22 23 24 25 26 27 28 29 30 31 32 33 34
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.