LiveActive security incident?Get immediate response
CVE archive

July 2001

Browse CVE records published in July 2001, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 31 of 131 matching CVEs · Page 3 of 3.

Unknown · CVSS Not scored

CVE-2001-0557: T.

T. Hauck Jana Webserver 1.46 and earlier allows a remote attacker to view arbitrary files via a '..' (dot dot) attack which is URL encoded (%2e%2e).

Published Jul 27, 2001 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2001-0523: eEye SecureIIS versions 1.0.3 and earlier allows a remote attacker to bypass filtering of requests made to...

eEye SecureIIS versions 1.0.3 and earlier allows a remote attacker to bypass filtering of requests made to SecureIIS by escaping HTML characters within the request, which could allow a remote attacker to use restricted variables and perform directory traversal attacks on vulnerable programs that would otherwise be protected.

Published Jul 27, 2001 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2001-0520: Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacker to circumvent filtering of SCRIPT t...

Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacker to circumvent filtering of SCRIPT tags by embedding the scripts within certain HTML tags including (1) onload in the BODY tag, (2) href in the A tag, (3) the BUTTON tag, (4) the INPUT tag, or (5) any other tag in which scripts can be defined.

Published Jul 27, 2001 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2001-0349: Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly veri...

Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly verify them, which allows local users to execute arbitrary commands by creating a named pipe with the predictable name and associating a malicious program with it, the first of two variants of this vulnerability.

Published Jul 27, 2001 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2001-0352: SNMP agents in 3Com AirConnect AP-4111 and Symbol 41X1 Access Point allow remote attackers to obtain the WE...

SNMP agents in 3Com AirConnect AP-4111 and Symbol 41X1 Access Point allow remote attackers to obtain the WEP encryption key by reading it from a MIB when the value should be write-only, via (1) dot11WEPDefaultKeyValue in the dot11WEPDefaultKeysTable of the IEEE 802.11b MIB, or (2) ap128bWepKeyValue in the ap128bWEPKeyTable in the Symbol MIB.

Published Jul 27, 2001 · Updated Aug 8, 2024

Unknown · CVSS Not scored

CVE-2001-0350: Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly veri...

Microsoft Windows 2000 telnet service creates named pipes with predictable names and does not properly verify them, which allows local users to execute arbitrary commands by creating a named pipe with the predictable name and associating a malicious program with it, the second of two variants of this vulnerability.

Published Jul 27, 2001 · Updated Aug 8, 2024