CVE-2000-1209

Public exploit
The "sa" account is installed with a default null password on (1) Microsoft SQL Server 2000, (2) SQL Server 7.0, and (3) Data Engine (MSDE) 1.0, including third party packages that use these products such as (4) Tumbleweed Secure Mail (MMS) (5) Compaq Insight Manager, and (6) Visio 2000, which allows remote attackers to gain privileges, as exploited by worms such as Voyager Alpha Force and Spida.
Max CVSS
10.0
EPSS Score
95.73%
Published
2002-08-12
Updated
2018-08-13
Integer overflow in xdr_array function in RPC servers for operating systems that use libc, glibc, or other code based on SunRPC including dietlibc, allows remote attackers to execute arbitrary code by passing a large number of arguments to xdr_array through RPC services such as rpc.cmsd and dmispd.
Max CVSS
10.0
EPSS Score
85.02%
Published
2002-08-12
Updated
2024-02-08
Buffer overflow in SH39 MailServer 1.21 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary code, via a long command to the SMTP port.
Max CVSS
10.0
EPSS Score
2.88%
Published
2002-08-12
Updated
2008-09-05
Buffer overflow in efingerd 1.5 and earlier, and possibly up to 1.61, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a finger request from an IP address with a long hostname that is obtained via a reverse DNS lookup.
Max CVSS
10.0
EPSS Score
3.66%
Published
2002-08-12
Updated
2008-09-05
Buffer overflows in fpexec in mod_frontpage before 1.6.1 may allow attackers to gain root privileges.
Max CVSS
10.0
EPSS Score
0.38%
Published
2002-08-12
Updated
2008-09-05
Directory traversal vulnerability in filemanager.asp for Hosting Controller 1.4.1 and earlier allows remote attackers to read and modify arbitrary files, and execute commands, via a .. (dot dot) in the OpenPath parameter.
Max CVSS
10.0
EPSS Score
0.85%
Published
2002-08-12
Updated
2017-12-19
Buffer overflows in Ecartis (formerly Listar) 1.0.0 before snapshot 20020125 allows remote attackers to execute arbitrary code via (1) address_match() of mystring.c or (2) other functions in tolist.c.
Max CVSS
10.0
EPSS Score
9.96%
Published
2002-08-12
Updated
2008-09-05
PHPNetToolpack 0.1 allows remote attackers to execute arbitrary code via shell metacharacters in the a_query variable.
Max CVSS
10.0
EPSS Score
1.22%
Published
2002-08-12
Updated
2008-09-24
db.php in phpBB 2.0 (aka phpBB2) RC-3 and earlier allows remote attackers to execute arbitrary code from remote servers via the phpbb_root_path parameter.
Max CVSS
10.0
EPSS Score
11.01%
Published
2002-08-12
Updated
2016-09-17
ISS RealSecure for Nokia devices before IPSO build 6.0.2001.141d is configured to allow a user "skank" on a machine "starscream" to become a key manager when the "first time connection" feature is enabled and before any legitimate administrators have connected, which could allow remote attackers to gain access to the device during installation.
Max CVSS
10.0
EPSS Score
1.24%
Published
2002-08-12
Updated
2016-10-18
Linux Directory Penguin traceroute.pl CGI script 1.0 allows remote attackers to execute arbitrary code via shell metacharacters in the host parameter.
Max CVSS
10.0
EPSS Score
1.89%
Published
2002-08-12
Updated
2008-09-05
Linux Directory Penguin NsLookup CGI script (nslookup.pl) 1.0 allows remote attackers to execute arbitrary code via shell metacharacters in the (1) query or (2) type parameters.
Max CVSS
10.0
EPSS Score
1.89%
Published
2002-08-12
Updated
2016-10-18
Instant Web Mail before 0.60 does not properly filter CR/LF sequences, which allows remote attackers to (1) execute arbitrary POP commands via the id parameter in message.php, or (2) modify certain mail message headers via numerous parameters in write.php.
Max CVSS
10.0
EPSS Score
0.71%
Published
2002-08-12
Updated
2008-09-05
admin.php in AlGuest 1.0 guestbook checks for the existence of the admin cookie to authenticate the AlGuest administrator, which allows remote attackers to bypass the authentication and gain privileges by setting the admin cookie to an arbitrary value.
Max CVSS
10.0
EPSS Score
0.65%
Published
2002-08-12
Updated
2008-09-05
csSearch.cgi in csSearch 2.3 and earlier allows remote attackers to execute arbitrary Perl code via the savesetup command and the setup parameter, which overwrites the setup.cgi configuration file that is loaded by csSearch.cgi.
Max CVSS
10.0
EPSS Score
2.65%
Published
2002-08-12
Updated
2024-02-13
wwwisis 3.45 and earlier allows remote attackers to execute arbitrary commands and read files via the parameters (1) prolog or (2) epilog.
Max CVSS
10.0
EPSS Score
0.94%
Published
2002-08-12
Updated
2008-09-05
The PHP administration script in popper_mod 1.2.1 and earlier relies on Apache .htaccess authentication, which allows remote attackers to gain privileges if the script is not appropriately configured by the administrator.
Max CVSS
10.0
EPSS Score
0.71%
Published
2002-08-12
Updated
2008-09-05
SquirrelMail 1.2.5 and earlier allows authenticated SquirrelMail users to execute arbitrary commands by modifying the THEME variable in a cookie.
Max CVSS
10.0
EPSS Score
2.62%
Published
2002-08-12
Updated
2008-09-05
Format string vulnerabilities in (1) inews or (2) rnews for INN 2.2.3 and earlier allow local users and remote malicious NNTP servers to gain privileges via format string specifiers in NTTP responses.
Max CVSS
10.0
EPSS Score
0.35%
Published
2002-08-12
Updated
2008-09-05
Watchguard SOHO firewall 5.0.35 unpredictably disables certain IP restrictions for customized services that were set before the administrator upgrades to 5.0.35, which could allow remote attackers to bypass the intended access control rules.
Max CVSS
10.0
EPSS Score
0.54%
Published
2002-08-12
Updated
2008-09-05
Microsoft Metadirectory Services (MMS) 2.2 allows remote attackers to bypass authentication and modify sensitive data by using an LDAP client to directly connect to MMS and bypass the checks for MMS credentials.
Max CVSS
10.0
EPSS Score
1.10%
Published
2002-08-12
Updated
2018-10-12
Microsoft BackOffice 4.0 and 4.5, when configured to be accessible by other systems, allows remote attackers to bypass authentication and access the administrative ASP pages via an HTTP request with an authorization type (auth_type) that is not blank.
Max CVSS
10.0
EPSS Score
1.04%
Published
2002-08-12
Updated
2008-09-05
Buffer overflow in pioout on AIX 4.3.3.
Max CVSS
10.0
EPSS Score
0.28%
Published
2002-08-12
Updated
2008-09-05
mail and mailx in AIX 4.3.3 core dump when called with a very long argument, an indication of a buffer overflow.
Max CVSS
10.0
EPSS Score
0.28%
Published
2002-08-12
Updated
2008-09-05
namerslv in AIX 4.3.3 core dumps when called with a very long argument, possibly as a result of a buffer overflow.
Max CVSS
10.0
EPSS Score
0.28%
Published
2002-08-12
Updated
2008-09-05
255 vulnerabilities found
1 2 3 4 5 6 7 8 9 10 11
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!