Unknown · CVSS Not scored
crypto/rsa/rsa_gen.c in OpenSSL before 0.9.6 mishandles C bitwise-shift operations that exceed the size of an expression, which makes it easier for remote attackers to defeat cryptographic protection mechanisms by leveraging improper RSA key generation on 64-bit HP-UX platforms.
Published May 5, 2016 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Caucho Technology Resin 1.2 and possibly earlier allows remote attackers to view JSP source via an HTTP request to a .jsp file with certain characters appended to the file name, such as (1) "..", (2) "%2e..", (3) "%81", (4) "%82", and others.
Published May 19, 2005 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in enq command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands via a long -M argument.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in setclock command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands via a long argument.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Balabit syslog-ng allows remote attackers to cause a denial of service (application crash) via a malformed log message that does not have a closing > in the priority specifier.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
WinVNC installs the WinVNC3 registry key with permissions that give Special Access (read and modify) to the Everybody group, which allows users to read and modify sensitive information such as passwords and gain access to the system.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in cmctl program in Oracle 8.1.5 Connection Manager Control allows local users to gain privileges via a long command line argument.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in piobe command in IBM AIX 4.3.x allows local users to gain privileges via long environmental variables.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Multiple buffer overflows in AFS ACL parser for Ethereal 0.8.13 and earlier allows remote attackers to execute arbitrary commands via a packet with a long username.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in Netsnap webcam HTTP server before 1.2.9 allows remote attackers to execute arbitrary commands via a long GET request.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in cgiforum.pl script in CGIForum 1.0 allows remote attackers to ready arbitrary files via a .. (dot dot) attack in the "thesection" parameter.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in pioout command in IBM AIX 4.3.x and earlier may allow local users to execute arbitrary commands.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in setsenv command in IBM AIX 4.3.x and earlier allows local users to execute arbitrary commands via a long "x=" argument.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
cons.saver in Midnight Commander (mc) 4.5.42 and earlier does not properly verify if an output file descriptor is a TTY, which allows local users to corrupt files by creating a symbolic link to the target file, calling mc, and specifying that link as a TTY argument.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Midnight Commander (mc) 4.5.51 and earlier does not properly process malformed directory names when a user opens a directory, which allows other local users to gain privileges by creating directories that contain special characters followed by the commands to be executed.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in iPlanet Certificate Management System 4.2 and Directory Server 4.12 allows remote attackers to read arbitrary files via a .. (dot dot) attack in the Agent, End Entity, or Administrator services.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in the web administration service for the HiNet LP5100 IP-phone allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long GET request.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
periodic in FreeBSD 4.1.1 and earlier, and possibly other operating systems, allows local users to overwrite arbitrary files via a symlink attack.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
WatchGuard SOHO firewall allows remote attackers to cause a denial of service via a flood of fragmented IP packets, which causes the firewall to drop connections and stop forwarding packets.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
WQuinn QuotaAdvisor 4.1 does not properly record file sizes if they are stored in alternative data streams, which allows users to bypass quota restrictions.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to obtain the full pathname of the server via a "%C" command, which generates an error message that includes the pathname.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Eudora mail client includes the absolute path of the sender's host within a virtual card (VCF).
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
When a Microsoft Office 2000 document is launched, the directory of that document is first used to locate DLL's such as riched20.dll and msi.dll, which could allow an attacker to execute arbitrary commands by inserting a Trojan Horse DLL into the same directory as the document.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
WFTPD and WFTPD Pro 2.41 RC12 allows remote attackers to cause a denial of service by sending a long string of unprintable characters.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in SunFTP build 9(1) allows remote attackers to cause a denial of service or possibly execute arbitrary commands via a long GET request.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The tmpwatch utility in Red Hat Linux forks a new process for each directory level, which allows local users to cause a denial of service by creating deeply nested directories in /tmp or /var/tmp/.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Linux tmpwatch --fuser option allows local users to execute arbitrary commands by creating files whose names contain shell metacharacters.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
GNU Groff uses the current working directory to find a device description file, which allows a local user to gain additional privileges by including a malicious postpro directive in the description file, which is executed when another user runs groff.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The default installation for the Oracle listener program 7.3.4, 8.0.6, and 8.1.6 allows an attacker to cause logging information to be appended to arbitrary files and execute commands via the SET TRC_FILE or SET LOG_FILE commands.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
pgxconfig in the Raptor GFX configuration tool allows local users to gain privileges via a symlink attack.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
pgxconfig in the Raptor GFX configuration tool uses a relative path name for a system call to the "cp" program, which allows local users to execute arbitrary commands by modifying their path to point to an alternate "cp" program.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The IPX protocol implementation in Microsoft Windows 95 and 98 allows remote attackers to cause a denial of service by sending a ping packet with a source IP address that is a broadcast address, aka the "Malformed IPX Ping Packet" vulnerability.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Directory traversal vulnerability in Worm HTTP server allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
news.cgi in GWScripts News Publisher does not properly authenticate requests to add an author to the author index, which allows remote attackers to add new authors by directly posting an HTTP request to the new.cgi program with an addAuthor parameter, and setting the Referer to the news.cgi program.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
CGIMail.exe CGI program in Stalkerlab Mailers 1.1.2 allows remote attackers to read arbitrary files by specifying the file in the $Attach$ hidden form variable.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
GoodTech FTP server allows remote attackers to cause a denial of service via a large number of RNTO commands.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The default installation of VirusScan 4.5 and NetShield 4.5 has insecure permissions for the registry key that identifies the AutoUpgrade directory, which allows local users to execute arbitrary commands by replacing SETUP.EXE in that directory with a Trojan Horse.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in Webfind CGI program in O'Reilly WebSite Professional web server 2.x allows remote attackers to execute arbitrary commands via a URL containing a long "keywords" parameter.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Netscape Professional Services FTP Server 1.3.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The lreply function in wu-ftpd 2.6.0 and earlier does not properly cleanse an untrusted format string, which allows remote attackers to execute arbitrary commands via the SITE EXEC command.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The Panda Antivirus console on port 2001 allows local users to execute arbitrary commands without authentication via the CMD command.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
libICE in XFree86 allows remote attackers to cause a denial of service by specifying a large value which is not properly checked by the SKIP_STRING macro.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Red Hat Linux 6.0 installs the /dev/pts file system with insecure modes, which allows local users to write to other tty devices.
Published May 24, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Buffer overflow in IC Radius package allows a remote attacker to cause a denial of service via a long user name.
Published May 18, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
ORBit and esound in Red Hat Linux 6.1 do not use sufficiently random numbers, which allows local users to guess the authentication keys.
Published May 24, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
The Microsoft Jet database engine allows an attacker to execute commands via a database query, aka the "VBA Shell" vulnerability.
Published May 18, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
screen and rxvt in Red Hat Linux 6.0 do not properly set the modes of tty devices, which allows local users to write to other ttys.
Published May 24, 2000 · Updated Aug 8, 2024
Unknown · CVSS Not scored
A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 and earlier allows an attacker to gain root privileges.
Published May 7, 2001 · Updated Aug 8, 2024
Unknown · CVSS Not scored
tcpdump, Ethereal, and other sniffer packages allow remote attackers to cause a denial of service via malformed DNS packets in which a jump offset refers to itself, which causes tcpdump to enter an infinite loop while decompressing the packet.
Published May 18, 2000 · Updated Aug 8, 2024