Unknown · CVSS Not scored
The Trend Micro OfficeScan client tmlisten.exe allows remote attackers to cause a denial of service via malformed data to port 12345.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
AOL Instant Messenger (AIM) client allows remote attackers to cause a denial of service via a message with a malformed ASCII value.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
EZShopper 3.0 search.cgi CGI script allows remote attackers to read arbitrary files via a .. (dot dot) attack or execute commands via shell metacharacters.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Trend Micro OfficeScan allows remote attackers to replay administrative commands and modify the configuration of OfficeScan clients.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
DNSTools CGI applications allow remote attackers to execute arbitrary commands via shell metacharacters.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Microsoft email clients in Outlook, Exchange, and Windows Messaging automatically respond to Read Receipt and Delivery Receipt tags, which could allow an attacker to flood a mail system with responses by forging a Read Receipt request that is redirected to a large distribution list.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Zeus web server allows remote attackers to view the source code for CGI programs via a null character (%00) at the end of a URL.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Remote attackers can cause a denial of service in Novell BorderManager 3.5 by pressing the enter key in a telnet connection to port 2000.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The libguile.so library file used by gnucash in Debian GNU/Linux is installed with world-writable permissions.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Sojourn search engine allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
MySQL 3.22 allows remote attackers to bypass password authentication and access a database via a short check string.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Check Point Firewall-1 allows remote attackers to bypass port access restrictions on an FTP server by forcing it to send malicious packets that Firewall-1 misinterprets as a valid 227 response to a client's PASV attempt.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The Recycle Bin utility in Windows NT and Windows 2000 allows local users to read or modify files by creating a subdirectory with the victim's SID in the recycler directory, aka the "Recycle Bin Creation" vulnerability.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Internet Anywhere POP3 Mail Server allows local users to cause a denial of service via a malformed RETR command.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Vulnerability in the EELS system in SCO UnixWare 7.1.x allows remote attackers to cause a denial of service.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The Microsoft virtual machine (VM) in Internet Explorer 4.x and 5.x allows a remote attacker to read files via a malicious Java applet that escapes the Java sandbox, aka the "VM File Reading" vulnerability.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Microsoft Index Server allows remote attackers to determine the real path for a web directory via a request to an Internet Data Query file that does not exist.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Internet Explorer 4.x and 5.x allows remote web servers to access files on the client that are outside of its security domain, aka the "Image Source Redirect" vulnerability.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The rdisk utility in Microsoft Terminal Server Edition and Windows NT 4.0 stores registry hive information in a temporary file with permissions that allow local users to read it, aka the "RDISK Registry Enumeration File" vulnerability.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The initscripts package in Red Hat Linux allows local users to gain privileges via a symlink attack.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Outlook Express 5 for Macintosh downloads attachments to HTML mail without prompting the user, aka the "HTML Mail Attachment" vulnerability.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
AltaVista search engine allows remote attackers to read files above the document root via a .. (dot dot) in the query.cgi CGI program.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Majordomo wrapper allows local users to gain privileges by specifying an alternate configuration file.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
glFtpD allows local users to gain privileges via metacharacters in the SITE ZIPCHK command.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the conversion utilities for Japanese, Korean and Chinese Word 5 documents allows an attacker to execute commands, aka the "Malformed Conversion Data" vulnerability.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Macintosh systems generate large ICMP datagrams in response to malformed datagrams, allowing them to be used as amplifiers in a flood attack.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
strace allows local users to read arbitrary files via memory mapped file names.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
IBM Network Station Manager NetStation allows local users to gain privileges via a symlink attack.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in Lotus Domino HTTP server allows remote attackers to cause a denial of service via a long URL.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in UnixWare rtpm program allows local users to gain privileges via a long environmental variable.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the "Virtual Directory Naming" vulnerability.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
UnixWare pis and mkpis commands allow local users to gain privileges via a symlink attack.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Trend Micro PC-Cillin does not restrict access to its internal proxy port, allowing remote attackers to conduct a denial of service.
Published Mar 9, 2002 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in UnixWare i2odialogd daemon allows remote attackers to gain root access via a long username/password authorization string.
Published Mar 22, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Lotus Domino HTTP server does not properly disable anonymous access for the cgi-bin directory.
Published Mar 22, 2000 · Updated Aug 8, 2024