|
|
Security Vulnerabilities Published
In May 2000
| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
101 |
CVE-2000-0335 |
|
|
|
2000-05-03 |
2008-09-10 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results. |
|
102 |
CVE-2000-0332 |
|
|
|
2000-05-03 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
UltraBoard.pl or UltraBoard.cgi CGI scripts in UltraBoard 1.6 allows remote attackers to read arbitrary files via a pathname string that includes a dot dot (..) and ends with a null byte. |
|
103 |
CVE-2000-0305 |
399 |
|
DoS |
2000-05-19 |
2018-10-12 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
Windows 95, Windows 98, Windows 2000, Windows NT 4.0, and Terminal Server systems allow a remote attacker to cause a denial of service by sending a large number of identical fragmented IP packets, aka jolt2 or the "IP Fragment Reassembly" vulnerability. |
|
104 |
CVE-2000-0304 |
|
|
DoS |
2000-05-10 |
2018-10-30 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Microsoft IIS 4.0 and 5.0 with the IISADMPWD virtual directory installed allows a remote attacker to cause a denial of service via a malformed request to the inetinfo.exe program, aka the "Undelimited .HTR Request" vulnerability. |
|
105 |
CVE-2000-0303 |
|
|
|
2000-05-03 |
2008-09-10 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
Quake3 Arena allows malicious server operators to read or modify files on a client via a dot dot (..) attack. |
|
106 |
CVE-2000-0293 |
|
|
|
2000-05-02 |
2008-09-10 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
|
aaa_base in SuSE Linux 6.3, and cron.daily in earlier versions, allow local users to delete arbitrary files by creating files whose names include spaces, which are then incorrectly interpreted by aaa_base when it deletes expired files from the /tmp directory. |
|
107 |
CVE-2000-0138 |
|
|
DoS |
2000-05-02 |
2016-10-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
A system has a distributed denial of service (DDOS) attack master, agent, or zombie installed, such as (1) Trinoo, (2) Tribe Flood Network (TFN), (3) Tribe Flood Network 2000 (TFN2K), (4) stacheldraht, (5) mstream, or (6) shaft. |
|
108 |
CVE-1999-1008 |
|
|
|
2000-05-17 |
2016-10-18 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
xsoldier program allows local users to gain root access via a long argument. |
|
109 |
CVE-1999-0980 |
|
|
DoS |
2000-05-16 |
2018-10-12 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
Windows NT Service Control Manager (SCM) allows remote attackers to cause a denial of service via a malformed argument in a resource enumeration request. |
|
110 |
CVE-1999-0427 |
|
|
DoS |
2000-05-01 |
2008-09-09 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Eudora 4.1 allows remote attackers to perform a denial of service by sending attachments with long file names. |
Total number of vulnerabilities : 110
Page :
1
2
3
(This Page)
|
|
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is
MITRE's CVE web site.
CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is
MITRE's CWE web site.
OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is
MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition.
There are NO warranties, implied or otherwise, with regard to this information or its use.
Any use of this information is at the user's risk.
It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content.
EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site.
ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT,
INDIRECT or any other kind of loss.
