Unknown · CVSS Not scored
The default permissions for UnixWare /var/mail allow local users to read and modify other users' mail.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
ROUTERmate has a default SNMP community name which allows remote attackers to modify its configuration.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The default permissions for Endymion MailMan allow local users to read email or modify files.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
By default, Internet Explorer 5.0 and other versions enables the "Navigate sub-frames across different domains" option, which allows frame spoofing.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
UnixWare pkg commands such as pkginfo, pkgcat, and pkgparam allow local users to read arbitrary files via the dacread permission.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in SCO su program allows local users to gain root access via a long username.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Denial of service in Oracle TNSLSNR SQL*Net Listener via a malformed string to the listener port, aka NERP.
Published Feb 14, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Denial of service in MDaemon 2.7 via a large number of connection attempts.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The NIS+ rpc.nisd server allows remote attackers to execute certain RPC calls without authentication to obtain system information, disable logging, or modify caches.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Alibaba HTTP server allows remote attackers to read files via a .. (dot dot) attack.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflows in Red Hat net-tools package.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The codebrws.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The OS/2 or POSIX subsystem in NT is enabled.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The code.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The viewcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in Solaris libc, ufsrestore, and rcp via LC_MESSAGES environmental variable.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
QMS CrownNet Unix Utilities for 2060 allows root to log on without a password.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The ColdFusion CFCRYPT program for encrypting CFML templates has weak encryption, allowing attackers to decrypt the templates.
Published Feb 14, 2001 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
A system-critical program or library does not have the appropriate patch, hotfix, or service pack installed, or is outdated or obsolete.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in ALMail32 POP3 client via From: or To: headers.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Buffer overflow in the Eyedog ActiveX control allows a remote attacker to execute arbitrary commands.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The UUCP service is running.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Hotmail allows Javascript to be executed via the HTML STYLE tag, allowing remote attackers to execute commands on the user's Hotmail account.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The Gopher service is running.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
An application-critical Windows NT registry key has inappropriate permissions.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The netstat service is running, which provides sensitive information to remote attackers.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
An application-critical Windows NT registry key has an inappropriate value.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
A vulnerability in Caldera Open Administration System (COAS) allows the /etc/shadow password file to be made world-readable.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The Eyedog ActiveX control is marked as "safe for scripting" for Internet Explorer, which allows a remote attacker to execute arbitrary commands as demonstrated by Bubbleboy.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The rsh/rlogin service is running.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
A system-critical program, library, or file has a checksum or other integrity measurement that indicates that it has been modified.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
A component service related to NIS+ is running.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Denial of service in IP protocol logger (ippl) on Red Hat and Debian Linux.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
A system is running a version of software that was replaced with a Trojan Horse at one of its distribution points, such as (1) TCP Wrappers 7.6, (2) util-linux 2.9g, (3) wuarchive ftpd (wuftpd) 2.2 and 2.1f, (4) IRC client (ircII) ircII 2.2.9, (5) OpenSSH 3.4p1, or (6) Sendmail 8.12.6.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Denial of service in Sendmail 8.8.6 in HPUX.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The ARP protocol allows any host to spoof ARP replies and poison the ARP cache to conduct IP address spoofing or a denial of service.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The WebRamp web administration utility has a default password.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
WinGate is being used.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The chargen service is running.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The rpc.sprayd service is running.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The systat service is running.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The discard service is running.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The echo service is running.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
An incorrect configuration of the EZMall 2000 shopping cart CGI program "mall2000.cgi" could disclose private information.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
A filter in a router or firewall allows unusual fragmented packets.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The rexec service is running.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
Windows NT is not using a password filter utility, e.g. PASSFILT.DLL.
Published Feb 4, 2000 · Updated Aug 1, 2024
Unknown · CVSS Not scored
The rpc.rquotad service is running.
Published Feb 4, 2000 · Updated Aug 1, 2024