Unknown · CVSS Not scored
SmartWin CyberOffice Shopping Cart 2 (aka CyberShop) allows remote attackers to modify price information by changing the "Price" hidden form variable.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The default configuration of Apache 1.3.12 in SuSE Linux 6.4 allows remote attackers to read source code for CGI scripts by replacing the /cgi-bin/ in the requested URL with /cgi-bin-sdb/.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in Bytes Interactive Web Shopper shopping cart program (shopper.cgi) 2.0 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) attack on the newpage parameter.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The default configuration of mod_perl for Apache as installed on Mandrake Linux 6.1 through 7.1 sets the /perl/ directory to be browseable, which allows remote attackers to list the contents of that directory.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Kootenay Web KW Whois 1.0 CGI program allows remote attackers to execute arbitrary commands via shell metacharacters in the "whois" parameter.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Format string vulnerability in use_syslog() function in LPRng 3.6.24 allows remote attackers to execute arbitrary commands.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Samba Web Administration Tool (SWAT) in Samba 2.0.7 allows local users to overwrite arbitrary files via a symlink attack on the cgi.log file.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Horde library 1.02 allows attackers to execute arbitrary commands via shell metacharacters in the "from" address.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Format string vulnerability in screen 3.9.5 and earlier allows local users to gain root privileges via format characters in the vbell_msg initialization variable.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
mod_rewrite in Apache 1.3.12 and earlier allows remote attackers to read arbitrary files if a RewriteRule directive is expanded to include a filename whose name contains a regular expression.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by sending an SRV record to the server, aka the "srv bug."
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Pegasus Mail 3.12 allows remote attackers to read arbitrary files via an embedded URL that calls the mailto: protocol with a -F switch.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the automatic mail checking component of Pine 4.21 and earlier allows remote attackers to execute arbitrary commands via a long From: header.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Kernel logging daemon (klogd) in Linux does not properly cleanse user-injected format strings, which allows local users to gain root privileges by triggering malformed kernel messages.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The mailto CGI script allows remote attacker to execute arbitrary commands via shell metacharacters in the emailadd form field.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in EFTP allows remote attackers to cause a denial of service by sending a string that does not contain a newline, then disconnecting from the server.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Microsoft Windows Media Player 7 allows attackers to cause a denial of service in RTF-enabled email clients via an embedded OCX control that is not closed properly, aka the "OCX Attachment" vulnerability.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The default installation of SmartWin CyberOffice Shopping Cart 2 (aka CyberShop) installs the _private directory with world readable permissions, which allows remote attackers to obtain sensitive information.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
named in BIND 8.2 through 8.2.2-P6 allows remote attackers to cause a denial of service by making a compressed zone transfer (ZXFR) request and performing a name service query on an authoritative record that is not cached, aka the "zxfr bug."
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in search.cgi CGI script in Armada Master Index allows remote attackers to read arbitrary files via a .. (dot dot) attack in the "catigory" parameter.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
netstat in AIX 4.x.x does not properly restrict access to the -Zi option, which allows local users to clear network interface statistics and possibly hide evidence of unusual network activities.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Vulnerability in an administrative interface utility for Allaire Spectra 1.0.1 allows remote attackers to read and modify sensitive configuration information.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in listmanager earlier than 2.105.1 allows local users to gain additional privileges.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Mailman 1.1 allows list administrators to execute arbitrary commands via shell metacharacters in the %(listname) macro expansion.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in EFTP allows remote attackers to cause a denial of service via a long string.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in University of Washington c-client library (used by pine and other programs) allows remote attackers to execute arbitrary commands via a long X-Keywords header.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in dvtermtype in Tridia Double Vision 3.07.00 allows local users to gain root privileges via a long terminal type argument.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Race condition in the creation of a Unix domain socket in GNOME esound 0.2.19 and earlier allows a local user to change the permissions of arbitrary files and directories, and gain additional privileges, via a symlink attack.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Some functions that implement the locale subsystem on Unix do not properly cleanse user-injected format strings, which allows local attackers to execute arbitrary commands via functions such as gettext and catopen.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple buffer overflows in eject on FreeBSD and possibly other OSes allows local users to gain root privileges.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Race condition in Microsoft Windows Media server allows remote attackers to cause a denial of service in the Windows Media Unicast Service via a malformed request, aka the "Unicast Service Race Condition" vulnerability.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the Still Image Service in Windows 2000 allows local users to gain additional privileges via a long WM_USER message, aka the "Still Image Service Privilege Escalation" vulnerability.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The file upload capability in PHP versions 3 and 4 allows remote attackers to read arbitrary files by setting hidden form fields whose names match the names of internal PHP script variables.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in Darxite 0.4 and earlier allows a remote attacker to execute arbitrary commands via a long username or password.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
YaBB Bulletin Board 9.1.2000 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in IBM WebSphere web application server (WAS) allows remote attackers to execute arbitrary commands via a long Host: request header.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The default configuration of Apache 1.3.12 in SuSE Linux 6.4 enables WebDAV, which allows remote attackers to list arbitrary directories via the PROPFIND HTTP request method.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Netegrity SiteMinder before 4.11 allows remote attackers to bypass its authentication mechanism by appending "$/FILENAME.ext" (where ext is .ccc, .class, or .jpg) to the requested URL.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Auction Weaver 1.0 through 1.04 does not properly validate the names of form fields, which allows remote attackers to delete arbitrary files and directories via a .. (dot dot) attack.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The Windows 2000 telnet client attempts to perform NTLM authentication by default, which allows remote attackers to capture and replay the NTLM challenge/response via a telnet:// URL that points to the malicious server, aka the "Windows 2000 Telnet Client NTLM Authentication" vulnerability.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
FTP Serv-U 2.5e allows remote attackers to cause a denial of service by sending a large number of null bytes.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Auction Weaver 1.0 through 1.04 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the username or bidfile form fields.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The seed generation mechanism in the inter-module S/Key authentication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to bypass authentication via a brute force attack, aka "One-time (s/key) Password Authentication."
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The inter-module authentication mechanism (fwa1) in Check Point VPN-1/FireWall-1 4.1 and earlier may allow remote attackers to conduct a denial of service, aka "Inter-module Communications Bypass."
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in Getkey in the protocol checker in the inter-module communication mechanism in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to cause a denial of service.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
WebShield SMTP 4.5 allows remote attackers to cause a denial of service by sending e-mail with a From: address that has a . (period) at the end, which causes WebShield to continuously send itself copies of the e-mail.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Check Point VPN-1/FireWall-1 4.1 and earlier improperly retransmits encapsulated FWS packets, even if they do not come from a valid FWZ client, aka "Retransmission of Encapsulated Packets."
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The default installation of eTrust Access Control (formerly SeOS) uses a default encryption key, which allows remote attackers to spoof the eTrust administrator and gain privileges.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The unsetenv function in glibc 2.1.1 does not properly unset an environmental variable if the variable is provided twice to a program, which could allow local users to execute arbitrary commands in setuid programs by specifying their own duplicate environmental variables such as LD_PRELOAD or LD_LIBRARY_PATH.
Published Jan 22, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The OPSEC communications authentication mechanism (fwn1) in Check Point VPN-1/FireWall-1 4.1 and earlier allows remote attackers to spoof connections, aka the "OPSEC Authentication Vulnerability."
Published Jan 22, 2001 · Updated Aug 8, 2024