ovactiond in HP OpenView Network Node Manager (NNM) 6.1 and Tivoli Netview 5.x and 6.x allows remote attackers to execute arbitrary commands via shell metacharacters in a certain SNMP trap message.
Max CVSS
10.0
EPSS Score
1.87%
Published
2001-09-20
Updated
2016-10-18
Computer Associates ARCserve for NT 6.61 SP2a and ARCserve 2000 7.0 stores the backup agent user name and password in cleartext in the aremote.dmp file in the ARCSERVE$ hidden share, which allows local and remote attackers to gain privileges.
Max CVSS
10.0
EPSS Score
1.92%
Published
2001-09-15
Updated
2021-04-07
Buffer overflow in tab expansion capability of the most program allows local or remote attackers to execute arbitrary code via a malformed file that is viewed with most.
Max CVSS
10.0
EPSS Score
6.82%
Published
2001-09-18
Updated
2017-10-10
Network Associates PGP Keyserver 7.0 allows remote attackers to bypass authentication and access the administrative web interface via URLs that directly access cgi-bin instead of keyserver/cgi-bin for the programs (1) console, (2) cs, (3) multi_config and (4) directory.
Max CVSS
10.0
EPSS Score
0.49%
Published
2001-09-28
Updated
2008-09-10
Buffer overflow in Microsoft Windows Media Player 7.1 and earlier allows remote attackers to execute arbitrary commands via a malformed Windows Media Station (.NSC) file.
Max CVSS
7.5
EPSS Score
0.56%
Published
2001-09-20
Updated
2018-10-12
Buffer overflows in Raytheon SilentRunner allow remote attackers to (1) cause a denial of service in the collector (cle.exe) component of SilentRunner 2.0 via traffic containing long passwords, or (2) execute arbitrary commands via long HTTP queries in the Knowledge Browser component in SilentRunner 2.0 and 2.0.1. NOTE: It is highly likely that this candidate will be split into multiple candidates.
Max CVSS
7.5
EPSS Score
0.20%
Published
2001-09-20
Updated
2008-09-05
Maxum Rumpus FTP Server 1.3.3 and 2.0.3 dev 3 stores passwords in plaintext in the "Rumpus User Database" file in the prefs folder, which could allow attackers to gain privileges on the server.
Max CVSS
7.5
EPSS Score
0.84%
Published
2001-09-20
Updated
2017-10-10
Symantec/AXENT NetProwler 3.5.x contains several default passwords, which could allow remote attackers to (1) access to the management tier via the "admin" password, or (2) connect to a MySQL ODBC from the management tier using a blank password.
Max CVSS
7.5
EPSS Score
2.57%
Published
2001-09-20
Updated
2017-12-19
Cross-site scripting (CSS) vulnerability in Microsoft Internet Security and Acceleration (ISA) Server 2000 allows remote attackers to cause other clients to execute certain script or read cookies via malicious script in an invalid URL that is not properly quoted in an error message.
Max CVSS
7.5
EPSS Score
2.11%
Published
2001-09-20
Updated
2018-10-12
Buffer overflow in line printer daemon (rlpdaemon) in HP-UX 10.01 through 11.11 allows remote attackers to execute arbitrary commands.
Max CVSS
7.5
EPSS Score
3.41%
Published
2001-09-20
Updated
2017-10-10
Vulnerability in TrendMicro Virus Control System 1.8 allows a remote attacker to view configuration files and change the configuration via a certain CGI program.
Max CVSS
7.5
EPSS Score
0.69%
Published
2001-09-20
Updated
2008-09-05
Format string vulnerability in exim (3.22-10 in Red Hat, 3.12 in Debian and 3.16 in Conectiva) in batched SMTP mode allows a remote attacker to execute arbitrary code via format strings in SMTP mail headers.
Max CVSS
7.5
EPSS Score
19.61%
Published
2001-09-20
Updated
2017-10-10
SMTP proxy in WatchGuard Firebox (2500 and 4500) 4.5 and 4.6 allows a remote attacker to bypass firewall filtering via a base64 MIME encoded email attachment whose boundary name ends in two dashes.
Max CVSS
7.5
EPSS Score
1.70%
Published
2001-09-20
Updated
2017-10-10
Directory traversal vulnerability in WFTPD 3.00 R5 allows a remote attacker to view arbitrary files via a dot dot attack in the CD command.
Max CVSS
7.5
EPSS Score
1.49%
Published
2001-09-20
Updated
2008-09-05
Buffer overflow in w3m 0.2.1 and earlier allows a remote attacker to execute arbitrary code via a long base64 encoded MIME header.
Max CVSS
7.5
EPSS Score
23.45%
Published
2001-09-20
Updated
2017-10-10
Cerberus FTP 1.5 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long (1) username, (2) password, or (3) PASV command.
Max CVSS
7.5
EPSS Score
2.03%
Published
2001-09-20
Updated
2017-12-19
tradecli.dll in Arcadia Internet Store 1.0 allows a remote attacker to discover the full path to the working directory via a URL with a template argument for a file that does not exist.
Max CVSS
7.5
EPSS Score
2.41%
Published
2001-09-20
Updated
2017-12-19
Buffer overflow in the GUI authentication code of Check Point VPN-1/FireWall-1 Management Server 4.0 and 4.1 allows remote attackers to execute arbitrary code via a long user name.
Max CVSS
7.5
EPSS Score
3.61%
Published
2001-09-21
Updated
2017-10-10
Buffer overflows in eManager plugin for Trend Micro InterScan VirusWall for NT 3.51 and 3.51J allow remote attackers to execute arbitrary code via long arguments to the CGI programs (1) register.dll, (2) ContentFilter.dll, (3) SFNofitication.dll, (4) register.dll, (5) TOP10.dll, (6) SpamExcp.dll, and (7) spamrule.dll.
Max CVSS
7.5
EPSS Score
2.75%
Published
2001-09-12
Updated
2017-12-19
IBM WebSphere Application Server 3.02 through 3.53 uses predictable session IDs for cookies, which allows remote attackers to gain privileges of WebSphere users via brute force guessing.
Max CVSS
7.5
EPSS Score
1.58%
Published
2001-09-19
Updated
2017-10-10
Directory traversal vulnerability in SpoonFTP 1.1 allows local and sometimes remote attackers to access files outside of the FTP root via a ... (modified dot dot) in the CD (CWD) command.
Max CVSS
7.5
EPSS Score
1.31%
Published
2001-09-20
Updated
2017-10-10
Buffer overflow in client for Half-Life 1.1.0.8 and earlier allows malicious remote servers to execute arbitrary code via a long console command.
Max CVSS
7.5
EPSS Score
1.62%
Published
2001-09-20
Updated
2017-12-19
login in HP-UX 10.26 does not record failed login attempts in /var/adm/btmp, which could allow attackers to conduct brute force password guessing attacks without being detected or observed using the lastb program.
Max CVSS
7.5
EPSS Score
0.44%
Published
2001-09-03
Updated
2008-09-05
shop.pl in Hassan Consulting Shopping Cart 1.23 allows remote attackers to execute arbitrary commands via shell metacharacters in the "page" parameter.
Max CVSS
7.5
EPSS Score
4.75%
Published
2001-09-08
Updated
2017-12-19
shopplus.cgi in ShopPlus shopping cart allows remote attackers to execute arbitrary commands via shell metacharacters in the "file" parameter.
Max CVSS
7.5
EPSS Score
4.26%
Published
2001-09-05
Updated
2017-12-19
135 vulnerabilities found
1 2 3 4 5 6
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!