Total
304758 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2001-0785 | 1 Internet Software Solutions | 1 Air Messenger Lan Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal in Webpaging interface in Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows allows remote attackers to read arbitrary files via a .. (dot dot) attack. | |||||
| CVE-2001-0786 | 1 Internet Software Solutions | 1 Air Messenger Lan Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 stores user passwords in plaintext in the pUser.Dat file. | |||||
| CVE-2001-0432 | 1 Trend Micro | 1 Interscan Viruswall | 2008-09-05 | 10.0 HIGH | N/A |
| Buffer overflows in various CGI programs in the remote administration service for Trend Micro Interscan VirusWall 3.01 allow remote attackers to execute arbitrary commands. | |||||
| CVE-2001-0438 | 1 Netopia | 1 Timbuktu Mac | 2008-09-05 | 2.1 LOW | N/A |
| Preview version of Timbuktu for Mac OS X allows local users to modify System Preferences without logging in via the About Timbuktu menu. | |||||
| CVE-2001-0406 | 1 Samba | 1 Samba | 2008-09-05 | 2.1 LOW | N/A |
| Samba before 2.2.0 allows local attackers to overwrite arbitrary files via a symlink attack using (1) a printer queue query, (2) the more command in smbclient, or (3) the mput command in smbclient. | |||||
| CVE-2001-0633 | 1 Sun | 1 Chilisoft | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Sun Chili!Soft ASP on multiple Unixes allows a remote attacker to read arbitrary files above the web root via a '..' (dot dot) attack in the sample script 'codebrws.asp'. | |||||
| CVE-2001-0647 | 1 Orange Software | 1 Orange Web Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Orange Web Server 2.1, based on GoAhead, allows a remote attacker to perform a denial of service via an HTTP GET request that does not include the HTTP version. | |||||
| CVE-2001-0483 | 1 Symantec | 1 Raptor Firewall | 2008-09-05 | 7.5 HIGH | N/A |
| Configuration error in Axent Raptor Firewall 6.5 allows remote attackers to use the firewall as a proxy to access internal web resources when the http.noproxy Rule is not set. | |||||
| CVE-2001-0535 | 1 Macromedia | 1 Coldfusion Server | 2008-09-05 | 7.5 HIGH | N/A |
| Example applications (Exampleapps) in ColdFusion Server 4.x do not properly restrict prevent access from outside the local host's domain, which allows remote attackers to conduct upload, read, or execute files by spoofing the "HTTP Host" (CGI.Host) variable in (1) the "Web Publish" example script, and (2) the "Email" example script. | |||||
| CVE-2001-0398 | 1 Ritlabs | 1 The Bat | 2008-09-05 | 7.5 HIGH | N/A |
| The BAT! mail client allows remote attackers to bypass user warnings of an executable attachment and execute arbitrary commands via an attachment whose file name contains many spaces, which also causes the BAT! to misrepresent the attachment's type with a different icon. | |||||
| CVE-2001-0758 | 1 Evolvable Corporation | 1 Shambala Server | 2008-09-05 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in Shambala 4.5 allows remote attackers to escape the FTP root directory via "CWD ..." command. | |||||
| CVE-2001-0691 | 1 University Of Washington | 1 Imapd | 2008-09-05 | 4.6 MEDIUM | N/A |
| Buffer overflows in Washington University imapd 2000a through 2000c could allow local users without shell access to execute code as themselves in certain configurations. | |||||
| CVE-2001-0400 | 1 Matt Tourtillott | 1 Nph-maillist | 2008-09-05 | 7.5 HIGH | N/A |
| nph-maillist.pl allows remote attackers to execute arbitrary commands via shell metacharacters ("`") in the email address. | |||||
| CVE-2001-0767 | 1 Steve Poulsen | 1 Guildftpd | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in GuildFTPd 0.9.7 allows attackers to list or read arbitrary files and directories via a .. in (1) LS or (2) GET. | |||||
| CVE-2001-0636 | 1 Raytheon | 1 Silentrunner | 2008-09-05 | 7.5 HIGH | N/A |
| Buffer overflows in Raytheon SilentRunner allow remote attackers to (1) cause a denial of service in the collector (cle.exe) component of SilentRunner 2.0 via traffic containing long passwords, or (2) execute arbitrary commands via long HTTP queries in the Knowledge Browser component in SilentRunner 2.0 and 2.0.1. NOTE: It is highly likely that this candidate will be split into multiple candidates. | |||||
| CVE-2001-0418 | 1 Ncm | 1 Ncm Content Management System | 2008-09-05 | 5.0 MEDIUM | N/A |
| content.pl script in NCM Content Management System allows remote attackers to read arbitrary contents of the content database by inserting SQL characters into the id parameter. | |||||
| CVE-2001-0788 | 1 Internet Software Solutions | 1 Air Messenger Lan Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows remote attackers to obtain an absolute path for the server directory by viewing the Location header. | |||||
| CVE-2001-0480 | 1 Alex Linde | 1 Alexs Ftp Server | 2008-09-05 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Alex's FTP Server 0.7 allows remote attackers to read arbitrary files via a ... (modified dot dot) in the (1) GET or (2) CD commands. | |||||
| CVE-2001-0447 | 1 Software602 | 1 602pro Lan Suite | 2008-09-05 | 7.5 HIGH | N/A |
| Web configuration server in 602Pro LAN SUITE allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long HTTP request containing "%2e" (dot dot) characters. | |||||
| CVE-2001-0568 | 1 Zope | 1 Zope | 2008-09-05 | 2.1 LOW | N/A |
| Digital Creations Zope 2.3.1 b1 and earlier allows a local attacker (Zope user) with through-the-web scripting capabilities to alter ZClasses class attributes. | |||||