imwheel-solo in imwheel package allows local users to modify arbitrary files via a symlink attack from the .imwheelrc file.
Max CVSS
2.1
EPSS Score
0.04%
Published
2001-08-31
Updated
2016-10-18
htsearch program in htDig 3.2 beta, 3.1.6, 3.1.5, and earlier allows remote attackers to determine the physical path of the server by requesting a non-existent configuration file using the config parameter, which generates an error message that includes the full path.
Max CVSS
5.0
EPSS Score
0.19%
Published
2001-08-31
Updated
2020-12-09
Buffer overflow in BTT Software SNMP Trap Watcher 1.16 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string trap.
Max CVSS
7.5
EPSS Score
0.95%
Published
2001-08-31
Updated
2008-09-10
Performance Metrics Collector Daemon (PMCD) in Performance Copilot in IRIX 6.x allows remote attackers to cause a denial of service (resource exhaustion) via an extremely long string to the PMCD port.
Max CVSS
5.0
EPSS Score
2.87%
Published
2001-08-31
Updated
2017-10-10
Argosoft FRP server 1.0 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long string to the (1) USER or (2) CWD commands.
Max CVSS
7.5
EPSS Score
12.00%
Published
2001-08-31
Updated
2008-09-05
telnet daemon (telnetd) from the Linux netkit package before netkit-telnet-0.16 allows remote attackers to bypass authentication when telnetd is running with the -L command line option.
Max CVSS
7.5
EPSS Score
0.31%
Published
2001-08-31
Updated
2017-10-10
PSCOErrPage.htm in Netscape PublishingXpert 2.5 before SP2 allows remote attackers to read arbitrary files by specifying the target file in the errPagePath parameter.
Max CVSS
5.0
EPSS Score
1.99%
Published
2001-08-31
Updated
2017-10-10
POP2 or POP3 server (pop3d) in imap-uw IMAP package on FreeBSD and other operating systems creates lock files with predictable names, which allows local users to cause a denial of service (lack of mail access) for other users by creating lock files for other mail boxes.
Max CVSS
2.1
EPSS Score
0.04%
Published
2001-08-31
Updated
2016-10-18
qpopper POP server creates lock files with predictable names, which allows local users to cause a denial of service for other users (lack of mail access) by creating lock files for other mail boxes.
Max CVSS
5.5
EPSS Score
0.04%
Published
2001-08-31
Updated
2024-02-08
PostgreSQL stores usernames and passwords in plaintext in (1) pg_shadow and (2) pg_pwd, which allows attackers with sufficient privileges to gain access to databases.
Max CVSS
4.6
EPSS Score
0.11%
Published
2001-08-31
Updated
2017-12-19
Windows NT allows remote attackers to list all users in a domain by obtaining the domain SID with the LsaQueryInformationPolicy policy function via a null session and using the SID to list the users.
Max CVSS
5.0
EPSS Score
1.57%
Published
2001-08-31
Updated
2017-10-10
Check Point FireWall-1 allows remote attackers to cause a denial of service (high CPU) via a flood of packets to port 264.
Max CVSS
5.0
EPSS Score
0.24%
Published
2001-08-31
Updated
2008-09-05
ikeyman in IBM IBMHSSSB 1.0 sets the CLASSPATH environmental variable to include the user's own CLASSPATH directories before the system's directories, which allows a malicious local user to execute arbitrary code as root via a Trojan horse Ikeyman class.
Max CVSS
7.2
EPSS Score
0.04%
Published
2001-08-31
Updated
2017-12-19
Lotus Domino SMTP server 4.63 through 5.08 allows remote attackers to cause a denial of service (CPU consumption) by forging an email message with the sender as bounce@[127.0.0.1] (localhost), which causes Domino to enter a mail loop.
Max CVSS
5.0
EPSS Score
1.44%
Published
2001-08-20
Updated
2017-10-10
FormMail.pl in FormMail 1.6 and earlier allows a remote attacker to send anonymous email (spam) by modifying the recipient and message parameters.
Max CVSS
7.5
EPSS Score
2.83%
Published
2001-08-22
Updated
2017-12-19
Remote manager service in Website Pro 3.0.37 allows remote attackers to cause a denial of service via a series of malformed HTTP requests to the /dyn directory.
Max CVSS
5.0
EPSS Score
0.84%
Published
2001-08-22
Updated
2017-10-10
Vulnerability in authentication process for SMTP service in Microsoft Windows 2000 allows remote attackers to use incorrect credentials to gain privileges and conduct activities such as mail relaying.
Max CVSS
7.5
EPSS Score
1.53%
Published
2001-08-14
Updated
2018-10-12
Aladdin eSafe Gateway versions 2.x allows a remote attacker to circumvent HTML SCRIPT filtering via a special arrangement of HTML tags which includes SCRIPT tags embedded within other SCRIPT tags.
Max CVSS
7.5
EPSS Score
1.65%
Published
2001-08-14
Updated
2017-12-19
Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacker to circumvent filtering of SCRIPT tags by embedding the scripts within certain HTML tags including (1) onload in the BODY tag, (2) href in the A tag, (3) the BUTTON tag, (4) the INPUT tag, or (5) any other tag in which scripts can be defined.
Max CVSS
7.5
EPSS Score
1.62%
Published
2001-08-14
Updated
2017-12-19
Aladdin eSafe Gateway versions 3.0 and earlier allows a remote attacker to circumvent HTML SCRIPT filtering via the UNICODE encoding of SCRIPT tags within the HTML document.
Max CVSS
7.5
EPSS Score
1.62%
Published
2001-08-14
Updated
2017-12-19
Format string vulnerability in Gnu Privacy Guard (aka GnuPG or gpg) 1.05 and earlier can allow an attacker to gain privileges via format strings in the original filename that is stored in an encrypted file.
Max CVSS
7.5
EPSS Score
1.81%
Published
2001-08-14
Updated
2018-05-03
eEye SecureIIS versions 1.0.3 and earlier allows a remote attacker to bypass filtering of requests made to SecureIIS by escaping HTML characters within the request, which could allow a remote attacker to use restricted variables and perform directory traversal attacks on vulnerable programs that would otherwise be protected.
Max CVSS
7.5
EPSS Score
0.66%
Published
2001-08-14
Updated
2017-12-19
eEye SecureIIS versions 1.0.3 and earlier does not perform length checking on individual HTTP headers, which allows a remote attacker to send arbitrary length strings to IIS, contrary to an advertised feature of SecureIIS versions 1.0.3 and earlier.
Max CVSS
7.5
EPSS Score
0.94%
Published
2001-08-14
Updated
2017-12-19
Buffer overflow in dsh in dqs 3.2.7 in SuSE Linux 7.0 and earlier, and possibly other operating systems, allows local users to gain privileges via a long first command line argument.
Max CVSS
7.2
EPSS Score
0.04%
Published
2001-08-14
Updated
2017-10-10
Buffer overflow in the Xview library as used by mailtool in Solaris 8 and earlier allows a local attacker to gain privileges via the OPENWINHOME environment variable.
Max CVSS
4.6
EPSS Score
0.04%
Published
2001-08-14
Updated
2018-05-03
205 vulnerabilities found
1 2 3 4 5 6 7 8 9
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!