Total
29527 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-1189 | 1 Ibm | 1 Websphere Application Server | 2008-09-05 | 4.6 MEDIUM | N/A |
| IBM Websphere Application Server 3.5.3 and earlier stores a password in cleartext in the sas.server.props file, which allows local users to obtain the passwords via a JSP script. | |||||
| CVE-2001-1081 | 2 Lucent, Simon Horms | 2 Radius, Radius | 2008-09-05 | 7.5 HIGH | N/A |
| Format string vulnerabilities in Livingston/Lucent RADIUS before 2.1.va.1 may allow local or remote attackers to cause a denial of service and possibly execute arbitrary code via format specifiers that are injected into log messages. | |||||
| CVE-2001-1007 | 1 Starfish | 1 Truesync Desktop | 2008-09-05 | 5.0 MEDIUM | N/A |
| Starfish Truesync Desktop 2.0b as used on the REX 5000 PDA uses a small keyspace for device keys and does not impose a delay when an incorrect key is entered, which allows attackers to more quickly guess the key via a brute force attack. | |||||
| CVE-2001-0978 | 1 Hp | 1 Hp-ux | 2008-09-05 | 7.5 HIGH | N/A |
| login in HP-UX 10.26 does not record failed login attempts in /var/adm/btmp, which could allow attackers to conduct brute force password guessing attacks without being detected or observed using the lastb program. | |||||
| CVE-2001-1166 | 1 Freebsd | 1 Freebsd | 2008-09-05 | 5.0 MEDIUM | N/A |
| linprocfs on FreeBSD 4.3 and earlier does not properly restrict access to kernel memory, which allows one process with debugging rights on a privileged process to read restricted memory from that process. | |||||
| CVE-2001-1150 | 1 Trend Micro | 2 Officescan, Virus Buster | 2008-09-05 | 5.0 MEDIUM | N/A |
| Vulnerability in cgiWebupdate.exe in Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.5.2 through 3.5.4 allows remote attackers to read arbitrary files. | |||||
| CVE-2001-1139 | 1 Ascii Nt | 1 Winwrapper Professional | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in ASCII NT WinWrapper Professional allows remote attackers to read arbitrary files via a .. (dot dot) in the server request. | |||||
| CVE-2001-1179 | 1 Xfree86 Project | 1 X11r6 | 2008-09-05 | 7.2 HIGH | N/A |
| xman allows local users to gain privileges by modifying the MANPATH to point to a man page whose filename contains shell metacharacters. | |||||
| CVE-2001-1163 | 1 Munica | 1 Netsql | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflow in Munica Corporation NetSQL 1.0 allows remote attackers to execute arbitrary code via a long CONNECT argument to port 6500. | |||||
| CVE-2001-1165 | 1 Intego | 2 Diskguard, Fileguard | 2008-09-05 | 4.6 MEDIUM | N/A |
| Intego FileGuard 4.0 uses weak encryption to store user information and passwords, which allows local users to gain privileges by decrypting the information, e.g., with the Disengage tool. | |||||
| CVE-2001-1040 | 1 Hp | 1 Jetadmin | 2008-09-05 | 6.4 MEDIUM | N/A |
| HP LaserJet, and possibly other JetDirect devices, resets the admin password when the device is turned off, which could allow remote attackers to access the device without the password. | |||||
| CVE-2001-1184 | 1 Denicomp | 1 Winsock Rshd Nt | 2008-09-05 | 5.0 MEDIUM | N/A |
| wrshdsp.exe in Denicomp Winsock RSHD/NT 2.21.00 and earlier allows remote attackers to cause a denial of service (CPU consumption) via (1) in 2.20.00 and earlier, an invalid port number such as a negative number, which causes a connection attempt to that port and all ports below 1024, and (2) in 2.21.00, a port number of 1024. | |||||
| CVE-2001-1142 | 1 Argosoft | 1 Ftp Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| ArGoSoft FTP Server 1.2.2.2 uses weak encryption for user passwords, which allows an attacker with access to the password file to gain privileges. | |||||
| CVE-2001-1171 | 1 Checkpoint | 1 Firewall-1 | 2008-09-05 | 7.2 HIGH | N/A |
| Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and creates a world-writable temporary .cpp file when compiling Policy rules, which could allow local users to gain privileges or modify the firewall policy. | |||||
| CVE-2001-1149 | 1 Panda | 1 Panda Antivirus Platinum | 2008-09-05 | 5.0 MEDIUM | N/A |
| Panda Antivirus Platinum before 6.23.00 allows a remore attacker to cause a denial of service (crash) when a user selects an action for a malformed UPX packed executable file. | |||||
| CVE-2001-1147 | 1 Andries Brouwer | 1 Util-linux | 2008-09-05 | 7.2 HIGH | N/A |
| The PAM implementation in /bin/login of the util-linux package before 2.11 causes a password entry to be rewritten across multiple PAM calls, which could provide the credentials of one user to a different user, when used in certain PAM modules such as pam_limits. | |||||
| CVE-2001-1221 | 1 D-link | 1 Dwl-1000ap | 2008-09-05 | 5.0 MEDIUM | N/A |
| D-Link DWL-1000AP Firmware 3.2.28 #483 Wireless LAN Access Point uses a default SNMP community string of 'public' which allows remote attackers to gain sensitive information. | |||||
| CVE-2001-1143 | 1 Ibm | 1 Db2 Universal Database | 2008-09-05 | 5.0 MEDIUM | N/A |
| IBM DB2 7.0 allows a remote attacker to cause a denial of service (crash) via a single byte to (1) db2ccs.exe on port 6790, or (2) db2jds.exe on port 6789. | |||||
| CVE-2001-0968 | 1 Knox Software | 1 Arkeia | 2008-09-05 | 10.0 HIGH | N/A |
| Knox Arkeia server 4.2, and possibly other versions, installs its root user with a null password by default, which allows local and remote users to gain privileges. | |||||
| CVE-2001-1048 | 1 Topher1kenobe | 1 Awol | 2008-09-05 | 7.5 HIGH | N/A |
| AWOL PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable. | |||||