LiveActive security incident?Get immediate response
CVE archive

February 2001

Browse CVE records published in February 2001, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 166 matching CVEs · Page 1 of 4.

Unknown · CVSS Not scored

CVE-2001-1078: Format string vulnerability in flog function of eXtremail 1.1.9 and earlier allows remote attackers to gain...

Format string vulnerability in flog function of eXtremail 1.1.9 and earlier allows remote attackers to gain root privileges via format specifiers in the SMTP commands (1) HELO, (2) EHLO, (3) MAIL FROM, or (4) RCPT TO, and the POP3 commands (5) USER and (6) other commands that can be executed after POP3 authentication.

Published Feb 2, 2002 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2001-1047: Race condition in OpenBSD VFS allows local users to cause a denial of service (kernel panic) by (1) creatin...

Race condition in OpenBSD VFS allows local users to cause a denial of service (kernel panic) by (1) creating a pipe in one thread and causing another thread to set one of the file descriptors to NULL via a close, or (2) calling dup2 on a file descriptor in one process, then setting the descriptor to NULL via a close in another process that is created via rfork.

Published Feb 2, 2002 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2001-1026: Trend Micro InterScan AppletTrap 2.0 does not properly filter URLs when they are modified in certain ways s...

Trend Micro InterScan AppletTrap 2.0 does not properly filter URLs when they are modified in certain ways such as (1) using a double slash (//) instead of a single slash, (2) URL-encoded characters, (3) requesting the IP address instead of the domain name, or (4) using a leading 0 in an octet of an IP address.

Published Feb 2, 2002 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2001-0986: SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote attackers to obtain sensitive informati...

SQLQHit.asp sample file in Microsoft Index Server 2.0 allows remote attackers to obtain sensitive information such as the physical path, file attributes, or portions of source code by directly calling sqlqhit.asp with a CiScope parameter set to (1) webinfo, (2) extended_fileinfo, (3) extended_webinfo, or (4) fileinfo.

Published Feb 2, 2002 · Updated Aug 8, 2024