Security Vulnerabilities Published In October 2000

2000 : January February March April May June July August September October November December

CVSS Scores Greater Than: 0 1 2 3 4 5 6 7 8 9

Sort Results By : CVE Number Descending CVE Number Ascending CVSS Score Descending Number Of Exploits Descending

#	CVE ID	CWE ID	Vulnerability Type(s)	Publish Date	Update Date	Score	Gained Access Level	Access	Complexity	Authentication	Conf.	Integ.	Avail.
101	CVE-2000-0756		DoS	2000-10-20	2008-09-05	5.0	None	Remote	Low	Not required	None	None	Partial
Microsoft Outlook 2000 does not properly process long or malformed fields in vCard (.vcf) files, which allows attackers to cause a denial of service.
102	CVE-2000-0761		DoS	2000-10-20	2008-09-05	5.0	None	Remote	Low	Not required	None	None	Partial
OS2/Warp 4.5 FTP server allows remote attackers to cause a denial of service via a long username.
103	CVE-2000-0764		DoS	2000-10-20	2017-10-10	5.0	None	Remote	Low	Not required	None	None	Partial
Intel Express 500 series switches allow a remote attacker to cause a denial of service via a malformed IP packet.
104	CVE-2000-0773		Dir. Trav.	2000-10-20	2017-10-10	5.0	None	Remote	Low	Not required	Partial	None	None
Bajie HTTP web server 0.30a allows remote attackers to read arbitrary files via a URL that contains a "....", a variant of the dot dot directory traversal attack.
105	CVE-2000-0774			2000-10-20	2008-09-05	5.0	None	Remote	Low	Not required	Partial	None	None
The sample Java servlet "test" in Bajie HTTP web server 0.30a reveals the real pathname of the web document root.
106	CVE-2000-0778			2000-10-20	2018-10-30	5.0	None	Remote	Low	Not required	Partial	None	None
IIS 5.0 allows remote attackers to obtain source code for .ASP files and other scripts via an HTTP GET request with a "Translate: f" header, aka the "Specialized Header" vulnerability.
107	CVE-2000-0782			2000-10-20	2017-10-10	5.0	None	Remote	Low	Not required	Partial	None	None
netauth.cgi program in Netwin Netauth 4.2e and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack.
108	CVE-2000-0783		DoS	2000-10-20	2017-10-10	5.0	None	Remote	Low	Not required	None	None	Partial
Watchguard Firebox II allows remote attackers to cause a denial of service by sending a malformed URL to the authentication service on port 4100.
109	CVE-2000-0785			2000-10-20	2016-10-18	5.0	None	Remote	Low	Not required	Partial	None	None
WircSrv IRC Server 5.07s allows IRC operators to read arbitrary files via the importmotd command, which sets the Message of the Day (MOTD) to the specified file.
110	CVE-2000-1204			2000-10-13	2021-06-06	5.0	None	Remote	Low	Not required	Partial	None	None
Vulnerability in the mod_vhost_alias virtual hosting module for Apache 1.3.9, 1.3.11 and 1.3.12 allows remote attackers to obtain the source code for CGI programs if the cgi-bin directory is under the document root.
111	CVE-2000-0701		+Priv	2000-10-20	2008-09-10	4.6	None	Local	Low	Not required	Partial	Partial	Partial
The wrapper program in mailman 2.0beta3 and 2.0beta4 does not properly cleanse untrusted format strings, which allows local users to gain privileges.
112	CVE-2000-0730		+Priv	2000-10-20	2008-09-05	4.6	None	Local	Low	Not required	Partial	Partial	Partial
Vulnerability in newgrp command in HP-UX 11.0 allows local users to gain privileges.
113	CVE-2000-0737		+Priv	2000-10-20	2018-10-12	4.6	None	Local	Low	Not required	Partial	Partial	Partial
The Service Control Manager (SCM) in Windows 2000 creates predictable named pipes, which allows a local user with console access to gain administrator privileges, aka the "Service Control Manager Named Pipe Impersonation" vulnerability.
114	CVE-2000-0748			2000-10-20	2008-09-05	4.6	None	Local	Low	Not required	Partial	Partial	Partial
OpenLDAP 1.2.11 and earlier improperly installs the ud binary with group write permissions, which could allow any user in that group to replace the binary with a Trojan horse.
115	CVE-2000-0755		+Priv	2000-10-20	2008-09-05	4.6	None	Local	Low	Not required	Partial	Partial	Partial
Vulnerability in the newgrp command in HP-UX 11.00 allows local users to gain privileges.
116	CVE-2000-0758			2000-10-20	2008-09-05	4.6	None	Local	Low	Not required	Partial	Partial	Partial
The web interface for Lyris List Manager 3 and 4 allows list subscribers to obtain administrative access by modifying the value of the list_admin hidden form field.
117	CVE-2000-0786		Bypass	2000-10-20	2016-10-18	4.6	None	Local	Low	Not required	Partial	Partial	Partial
GNU userv 1.0.0 and earlier does not properly perform file descriptor swapping, which can corrupt the USERV_GROUPS and USERV_GIDS environmental variables and allow local users to bypass some access restrictions.
118	CVE-2000-0789		+Priv	2000-10-20	2008-09-05	4.6	None	Local	Low	Not required	Partial	Partial	Partial
WinU 5.x and earlier uses weak encryption to store its configuration password, which allows local users to decrypt the password and gain privileges.
119	CVE-2000-0790			2000-10-20	2017-10-10	4.6	None	Local	Low	Not required	Partial	Partial	Partial
The web-based folder display capability in Microsoft Internet Explorer 5.5 on Windows 98 allows local users to insert Trojan horse programs by modifying the Folder.htt file and using the InvokeVerb method in the ShellDefView ActiveX control to specify a default execute option for the first file that is listed in the folder.
120	CVE-2000-0791			2000-10-20	2008-09-05	4.6	None	Local	Low	Not required	Partial	Partial	Partial
Trustix installs the httpsd program for Apache-SSL with world-writeable permissions, which allows local users to replace it with a Trojan horse.
121	CVE-2000-1214		Overflow +Priv	2000-10-18	2016-10-18	4.6	None	Local	Low	Not required	Partial	Partial	Partial
Buffer overflows in the (1) outpack or (2) buf variables of ping in iputils before 20001010, as distributed on Red Hat Linux 6.2 through 7J and other operating systems, may allow local users to gain privileges.
122	CVE-2000-0799		+Priv	2000-10-20	2017-10-10	3.7	None	Local	High	Not required	Partial	Partial	Partial
inpview in InPerson in SGI IRIX 5.3 through IRIX 6.5.10 allows local users to gain privileges via a symlink attack on the .ilmpAAA temporary file.
123	CVE-2000-0802			2000-10-20	2016-10-18	3.6	None	Local	Low	Not required	Partial	Partial	None
The BAIR program does not properly restrict access to the Internet Explorer Internet options menu, which allows local users to obtain access to the menu by modifying the registry key that starts BAIR.
124	CVE-2000-0716			2000-10-20	2017-10-10	2.6	None	Remote	High	Not required	Partial	None	None
WorldClient email client in MDaemon 2.8 includes the session ID in the referer field of an HTTP request when the user clicks on a URL, which allows the visited web site to hijack the session ID and read the user's email.
125	CVE-2000-0726			2000-10-20	2017-10-10	2.6	None	Remote	High	Not required	Partial	None	None
CGIMail.exe CGI program in Stalkerlab Mailers 1.1.2 allows remote attackers to read arbitrary files by specifying the file in the $Attach$ hidden form variable.
126	CVE-2000-0767			2000-10-20	2021-07-23	2.6	None	Remote	High	Not required	Partial	None	None
The ActiveX control for invoking a scriptlet in Internet Explorer 4.x and 5.x renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka the "Scriptlet Rendering" vulnerability.
127	CVE-2000-0768			2000-10-20	2021-07-23	2.6	None	Remote	High	Not required	Partial	None	None
A function in Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files, aka a variant of the "Frame Domain Verification" vulnerability.
128	CVE-2000-0679			2000-10-20	2008-09-05	2.1	None	Local	Low	Not required	None	Partial	None
The CVS 1.10.8 client trusts pathnames that are provided by the CVS server, which allows the server to force the client to create arbitrary files.
129	CVE-2000-0691			2000-10-20	2008-09-05	2.1	None	Local	Low	Not required	None	Partial	None
The faxrunq and faxrunqd in the mgetty package allows local users to create or modify arbitrary files via a symlink attack which creates a symlink in from /var/spool/fax/outgoing/.last_run to the target file.
130	CVE-2000-0715	59		2000-10-20	2008-09-10	2.1	None	Local	Low	Not required	None	Partial	None
DiskCheck script diskcheck.pl in Red Hat Linux 6.2 allows local users to create or overwrite arbitrary files via a symlink attack on a temporary file.
131	CVE-2000-0729		DoS	2000-10-20	2017-10-10	2.1	None	Local	Low	Not required	None	None	Partial
FreeBSD 5.x, 4.x, and 3.x allows local users to cause a denial of service by executing a program with a malformed ELF image header.
132	CVE-2000-0754			2000-10-20	2008-09-05	2.1	None	Local	Low	Not required	None	Partial	None
Vulnerability in HP OpenView Network Node Manager (NMM) version 6.1 related to passwords.
133	CVE-2000-0771		DoS	2000-10-20	2018-10-12	2.1	None	Local	Low	Not required	None	None	Partial
Microsoft Windows 2000 allows local users to cause a denial of service by corrupting the local security policy via malformed RPC traffic, aka the "Local Security Policy Corruption" vulnerability.
134	CVE-2000-0816		Exec Code	2000-10-06	2017-10-10	2.1	None	Local	Low	Not required	None	Partial	None
Linux tmpwatch --fuser option allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters.
135	CVE-2000-0718			2000-10-20	2008-09-05	1.2	None	Local	High	Not required	None	Partial	None
A race condition in MandrakeUpdate allows local users to modify RPM files while they are in the /tmp directory before they are installed.
136	CVE-2000-0723			2000-10-20	2008-09-05	1.2	None	Local	High	Not required	None	None	Partial
Helix GNOME Updater helix-update 0.5 and earlier does not properly create /tmp directories, which allows local users to create empty system configuration files such as /etc/config.d/bashrc, /etc/config.d/csh.cshrc, and /etc/rc.config.

Total number of vulnerabilities : 136 Page : 1 2 3 (This Page)