Unknown · CVSS Not scored
The Windows NT 4.0 print spooler allows a local user to execute arbitrary commands due to inappropriate permissions that allow the user to specify an alternate print provider.
Published Jan 18, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in rpc.yppasswdd allows a local user to gain privileges via MD5 hash generation.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The "download behavior" in Internet Explorer 5 allows remote attackers to read arbitrary files via a server-side redirect.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
ucbmail allows remote attackers to execute commands via shell metacharacters that are passed to it from INN.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflows in Windows NT 4.0 print spooler allow remote attackers to gain privileges or cause a denial of service via a malformed spooler request.
Published Jan 18, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Internet Explorer 4.01 allows remote attackers to read arbitrary files by pasting a file name into the file upload control, aka untrusted scripted paste.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Internet Explorer 4.0 and 4.01 allow a remote attacker to read files via IE's cross frame security, aka the "Cross Frame Navigate" vulnerability.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in the FTP client in the Debian GNU/Linux netstd package.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The security descriptor for RASMAN allows users to point to an alternate location via the Windows NT Service Control Manager.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Denial of service in WU-FTPD via the SITE NEWER command, which does not free memory properly.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Internet Explorer 3.x to 4.01 allows a remote attacker to insert malicious content into a frame of another web site, aka frame spoofing.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via MAPPING_CHDIR.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The Zeus web server administrative interface uses weak encryption for its passwords.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in WU-FTPD and related FTP servers allows remote attackers to gain root privileges via macro variables in a message file.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in Internet Explorer 4.0 via EMBED tag.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
DHCP clients with ICMP Router Discovery Protocol (IRDP) enabled allow remote attackers to modify their default routes.
Published Jan 18, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Falcon web server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Published Jan 18, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Internet Explorer 5 allows remote attackers to read files via an ExecCommand method called on an IFRAME.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Zeus web server allows remote attackers to read arbitrary files by specifying the file name in an option to the search engine.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
ypserv allows local administrators to modify password tables.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
FTGate web interface server allows remote attackers to read files via a .. (dot dot) attack.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Race condition in the SSL ISAPI filter in IIS and other servers may leak information in plaintext.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Internet Explorer 5 allows a remote attacker to modify the IE client's proxy configuration via a malicious Web Proxy Auto-Discovery (WPAD) server.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Denial of service in IIS 4.0 via a flood of HTTP requests with malformed headers.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in Netscape Enterprise Server and Netscape FastTrack Server allows remote attackers to gain privileges via the HTTP Basic Authentication procedure.
Published Jan 18, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Denial of service in BIND named via naptr.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in RSAREF2 via the encryption and decryption functions in the RSAREF library.
Published Jan 18, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Denial of service in BIND named via malformed SIG records.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Denial of service in BIND by improperly closing TCP sessions via so_linger.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Lynx WWW client allows a remote attacker to specify command-line parameters which Lynx uses when calling external programs to handle certain protocols, e.g. telnet.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Microsoft Excel does not warn a user when a macro is present in a Symbolic Link (SYLK) format file.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in Microsoft Telnet client in Windows 95 and Windows 98 via a malformed Telnet argument.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in Samba smbd program via a malformed message command.
Published Jan 18, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Red Hat pump DHCP client allows remote attackers to gain root access in some configurations.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Denial of service in BIND named via consuming more than "fdmax" file descriptors.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in BIND 8.2 via NXT records.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Netscape Communicator 4.x with Javascript enabled does not warn a user of cookie settings, even if they have selected the option to "Only accept cookies originating from the same server as the page being viewed".
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Denial of service in Linux 2.2.x kernels via malformed ICMP packets containing unusual types, codes, and IP header lengths.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Denial of service in BIND named via maxdname.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in free internet chess server (FICS) program, xboard.
Published Jan 18, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The Debian mailman package uses weak authentication, which allows attackers to gain privileges.
Published Jan 18, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Windows NT Task Scheduler installed with Internet Explorer 5 allows a user to gain privileges by modifying the job after it has been scheduled.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Denial of service in Linux syslogd via a large number of connections.
Published Jan 18, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Internet Explorer allows remote attackers to read files by redirecting data to a Javascript applet.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Race condition in Samba smbmnt allows local users to mount file systems in arbitrary locations.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in Internet Explorer 5 allows remote attackers to execute commands via a malformed Favorites icon.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Denial of service in HP-UX SharedX recserv program.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
NetBSD on a multi-homed host allows ARP packets on one network to modify ARP entries on another connected network.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The logging facility of the Debian smtp-refuser package allows local users to delete arbitrary files using symbolic links.
Published Jan 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in Accept command in Netscape Enterprise Server 3.6 with the SSL Handshake Patch.
Published Jan 4, 2000 · Updated Aug 1, 2024