Vulnerabilites CVE
Base de donnees CVE enrichie avec CISA KEV et NVD
| CVE ID | CVSS | Severite | KEV | Observations |
|---|---|---|---|---|
| CVE-2001-0254 FaSTream FTP++ Server 2.0 allows remote attackers to obtain the real pathname of the server via the "pwd" command. | N/A | NONE | — | 0 |
| CVE-2001-0255 FaSTream FTP++ Server 2.0 allows remote attackers to list arbitrary directories by using the "ls" command and including the drive letter name (e.g. C:) in the requested pathname. | N/A | NONE | — | 0 |
| CVE-2001-0256 FaSTream FTP++ Server 2.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long username. | N/A | NONE | — | 0 |
| CVE-2001-0257 Buffer overflow in Easycom/Safecom Print Server Web service, version 404.590 and earlier, allows remote attackers to execute arbitrary commands via (1) a long URL or (2) a long HTTP header field such ... | N/A | NONE | — | 0 |
| CVE-2001-0258 The Easycom/Safecom Print Server (firmware 404.590) PrintGuide server allows remote attackers to cause a denial of service via a large number of connections that send null characters. | N/A | NONE | — | 0 |
| CVE-2001-0259 ssh-keygen in ssh 1.2.27 - 1.2.30 with Secure-RPC can allow local attackers to recover a SUN-DES-1 magic phrase generated by another user, which the attacker can use to decrypt that user's private key... | N/A | NONE | — | 0 |
| CVE-2001-0260 Buffer overflow in Lotus Domino Mail Server 5.0.5 and earlier allows a remote attacker to crash the server or execute arbitrary code via a long "RCPT TO" command. | N/A | NONE | — | 0 |
| CVE-2001-0261 Microsoft Windows 2000 Encrypted File System does not properly destroy backups of files that are encrypted, which allows a local attacker to recover the text of encrypted files. | N/A | NONE | — | 0 |
| CVE-2001-0299 Buffer overflow in Voyager web administration server for Nokia IP440 allows local users to cause a denial of service, and possibly execute arbitrary commands, via a long URL. | N/A | NONE | — | 0 |
| CVE-2001-0300 oidldapd 2.1.1.1 in Oracle 8.1.7 records log files in a directory (ldaplog) that has world-writable permissions, which may allow local users to delete logs and/or overwrite other files via a symlink a... | N/A | NONE | — | 0 |
| CVE-2001-0309 inetd in Red Hat 6.2 does not properly close sockets for internal services such as chargen, daytime, echo, etc., which allows remote attackers to cause a denial of service via a series of connections ... | N/A | NONE | — | 0 |
| CVE-2001-0310 sort in FreeBSD 4.1.1 and earlier, and possibly other operating systems, uses predictable temporary file names and does not properly handle when the temporary file already exists, which causes sort to... | N/A | NONE | — | 0 |
| CVE-2001-0311 Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized access to an OmniBack client. | N/A | NONE | — | 0 |
| CVE-2001-0312 IBM WebSphere plugin for Netscape Enterprise server allows remote attackers to read source code for JSP files via an HTTP request that contains a host header that references a host that is not in WebS... | N/A | NONE | — | 0 |
| CVE-2001-0313 Borderware Firewall Server 6.1.2 allows remote attackers to cause a denial of service via a ping to the broadcast address of the public network on which the server is placed, which causes the server t... | N/A | NONE | — | 0 |
| CVE-2001-0314 Buffer overflow in www.tol module in America Online (AOL) 5.0 may allow remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long URL in a link. | N/A | NONE | — | 0 |
| CVE-2001-0315 The locking feature in mIRC 5.7 allows local users to bypass the password mechanism by modifying the LockOptions registry key. | N/A | NONE | — | 0 |
| CVE-2001-0318 Format string vulnerability in ProFTPD 1.2.0rc2 may allow attackers to execute arbitrary commands by shutting down the FTP server while using a malformed working directory (cwd). | N/A | NONE | — | 0 |
| CVE-2001-0322 MSHTML.DLL HTML parser in Internet Explorer 4.0, and other versions, allows remote attackers to cause a denial of service (application crash) via a script that creates and deletes an object that is as... | N/A | NONE | — | 0 |
| CVE-2001-0323 The ICMP path MTU (PMTU) discovery feature in various UNIX systems allows remote attackers to cause a denial of service by spoofing "ICMP Fragmentation needed but Don't Fragment (DF) set" packets betw... | N/A | NONE | — | 0 |
| CVE-2001-1046 Buffer overflow in qpopper (aka qpop or popper) 4.0 through 4.0.2 allows remote attackers to gain privileges via a long username. | N/A | NONE | — | 0 |
| CVE-2001-0597 Zetetic Secure Tool for Recalling Important Passwords (STRIP) 0.5 and earlier for the PalmOS allows a local attacker to recover passwords via a brute force attack. This attack is made feasible by STR... | N/A | NONE | — | 0 |
| CVE-2001-0598 Symantec Ghost 6.5 and earlier allows a remote attacker to create a denial of service by sending large (> 45Kb) amounts of data to the Ghost Configuration Server on port 1347, which triggers an error ... | N/A | NONE | — | 0 |
| CVE-2001-0599 Sybase Adaptive Server Anywhere Database Engine 6.0.3.2747 and earlier as included with Symantec Ghost 6.5 allows a remote attacker to create a denial of service by sending large (> 45Kb) amounts of d... | N/A | NONE | — | 0 |
| CVE-2001-0600 Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeated URL requests with the same HTTP headers, such as (1) Accept, (2) Accept-Charset, (3) Accept-Encoding,... | N/A | NONE | — | 0 |
| CVE-2001-0601 Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via HTTP requests containing certain combinations of UNICODE characters. | N/A | NONE | — | 0 |
| CVE-2001-0602 Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeated (>400) URL requests for DOS devices. | N/A | NONE | — | 0 |
| CVE-2001-0603 Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via repeatedly sending large (> 10Kb) amounts of data to the DIIOP - CORBA service on TCP port 63148. | N/A | NONE | — | 0 |
| CVE-2001-0604 Lotus Domino R5 prior to 5.0.7 allows a remote attacker to create a denial of service via URL requests (>8Kb) containing a large number of '/' characters. | N/A | NONE | — | 0 |
| CVE-2001-0609 Format string vulnerability in Infodrom cfingerd 1.4.3 and earlier allows a remote attacker to gain additional privileges via a malformed ident reply that is passed to the syslog function. | 9.8 | CRITICAL | — | 0 |
| CVE-2001-0610 kfm as included with KDE 1.x can allow a local attacker to gain additional privileges via a symlink attack in the kfm cache directory in /tmp. | N/A | NONE | — | 0 |
| CVE-2001-0618 Orinoco RG-1000 wireless Residential Gateway uses the last 5 digits of the 'Network Name' or SSID as the default Wired Equivalent Privacy (WEP) encryption key. Since the SSID occurs in the clear duri... | N/A | NONE | — | 0 |
| CVE-2001-0619 The Lucent Closed Network protocol can allow remote attackers to join Closed Network networks which they do not have access to. The 'Network Name' or SSID, which is used as a shared secret to join th... | N/A | NONE | — | 0 |
| CVE-2001-0620 iPlanet Calendar Server 5.0p2 and earlier allows a local attacker to gain access to the Netscape Admin Server (NAS) LDAP database and read arbitrary files by obtaining the cleartext administrator user... | N/A | NONE | — | 0 |
| CVE-2001-0623 sendfiled, as included with Simple Asynchronous File Transfer (SAFT), on various Linux systems does not properly drop privileges when sending notification emails, which allows local attackers to gain ... | N/A | NONE | — | 0 |
| CVE-2001-0624 QNX 2.4 allows a local user to read arbitrary files by directly accessing the mount point for the FAT disk partition, e.g. /fs-dos. | N/A | NONE | — | 0 |
| CVE-2001-1116 Identix BioLogon 2.03 and earlier does not lock secondary displays on a multi-monitor system running Windows 98 or ME, which allows an attacker with physical access to the system to bypass authenticat... | N/A | NONE | — | 0 |
| CVE-2001-1118 A module in Roxen 2.0 before 2.0.92, and 2.1 before 2.1.264, does not properly decode UTF-8, Mac and ISO-2202 encoded URLs, which could allow a remote attacker to execute arbitrary commands or view ar... | N/A | NONE | — | 0 |
| CVE-2001-1130 Sdbsearch.cgi in SuSE Linux 6.0-7.2 could allow remote attackers to execute arbitrary commands by uploading a keylist.txt file that contains filenames with shell metacharacters, then causing the file ... | N/A | NONE | — | 0 |
| CVE-2001-1119 cda in xmcd 3.0.2 and 2.6 in SuSE Linux allows local users to overwrite arbitrary files via a symlink attack. | N/A | NONE | — | 0 |
| CVE-2001-1122 Windows NT 4.0 SP 6a allows a local user with write access to winnt/system32 to cause a denial of service (crash in lsass.exe) by running the NT4ALL exploit program in 'SPECIAL' mode. | N/A | NONE | — | 0 |
| CVE-2001-1304 Buffer overflow in SHOUTcast Server 1.8.2 allows remote attackers to cause a denial of service (crash) via several HTTP requests with a long (1) user-agent or (2) host HTTP header. | N/A | NONE | — | 0 |
| CVE-2001-1472 SQL injection vulnerability in prefs.php in phpBB 1.4.0 and 1.4.1 allows remote authenticated users to execute arbitrary SQL commands and gain administrative access via the viewemail parameter. | N/A | NONE | — | 0 |
| CVE-2001-1356 NetWin SurgeFTP 2.0f and earlier encrypts passwords using weak hashing, a fixed salt value and modulo 40 calculations, which allows remote attackers to conduct brute force password guessing attacks ag... | N/A | NONE | — | 0 |
| CVE-2001-0647 Orange Web Server 2.1, based on GoAhead, allows a remote attacker to perform a denial of service via an HTTP GET request that does not include the HTTP version. | N/A | NONE | — | 0 |
| CVE-2001-1259 Avaya Argent Office allows remote attackers to cause a denial of service by sending UDP packets to port 53 with no payload. | N/A | NONE | — | 0 |
| CVE-2001-1260 Avaya Argent Office uses weak encryption (trivial encoding) for passwords, which allows remote attackers to gain administrator privileges by sniffing and decrypting the sniffing the passwords during a... | N/A | NONE | — | 0 |
| CVE-2001-1261 Avaya Argent Office 2.1 may allow remote attackers to change hold music by spoofing a legitimate server's response to a TFTP broadcast and providing an alternate HoldMusic file. | N/A | NONE | — | 0 |
| CVE-2001-1262 Avaya Argent Office 2.1 compares a user-provided SNMP community string with the correct string only up to the length of the user-provided string, which allows remote attackers to bypass authentication... | N/A | NONE | — | 0 |
| CVE-2001-1301 rcs2log, as used in Emacs 20.4, xemacs 21.1.10 and other versions before 21.4, and possibly other packages, allows local users to modify files of other users via a symlink attack on a temporary file. | N/A | NONE | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.