Cisco IOS 12.1(3) and 12.1(3)T allows remote attackers to read and modify device configuration data via the cable-docsis read-write community string used by the Data Over Cable Service Interface Specification (DOCSIS) standard.
Max CVSS
7.5
EPSS Score
1.03%
Published
2001-02-28
Updated
2017-07-11
SSH protocol 2 (aka SSH-2) public key authentication in the development snapshot of OpenSSH 2.3.1, available from 2001-01-18 through 2001-02-08, does not perform a challenge-response step to ensure that the client has the proper private key, which allows remote attackers to bypass authentication as other users by supplying a public key from that user's authorized_keys file.
Max CVSS
6.8
EPSS Score
0.89%
Published
2001-12-31
Updated
2017-07-29
CardBoard 2.4 greeting card CGI by Michael Barretto allows remote attackers to execute arbitrary commands via shell metacharacters in the recipient field.
Max CVSS
7.5
EPSS Score
0.66%
Published
2001-12-31
Updated
2017-07-29

CVE-2001-1583

Public exploit
lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary commands via a job request with a crafted control file that is not properly handled when lpd invokes a mail program. NOTE: this might be the same vulnerability as CVE-2000-1220.
Max CVSS
10.0
EPSS Score
19.96%
Published
2001-12-31
Updated
2022-09-13
Buffer overflow in the LDAP naming services library (libsldap) in Sun Solaris 8 allows local users to execute arbitrary code via a long LDAP_OPTIONS environment variable to a privileged program that uses libsldap.
Max CVSS
7.2
EPSS Score
0.12%
Published
2001-12-31
Updated
2018-10-30
The File Blocker feature in Clearswift MAILsweeper for SMTP 4.2 allows remote attackers to bypass e-mail attachment filtering policies via a modified name in a Content-Type header.
Max CVSS
7.5
EPSS Score
0.51%
Published
2001-12-31
Updated
2017-07-29
Directory traversal vulnerability in ScriptEase viewcode.jse for Netware 5.1 before 5.1 SP3 allows remote attackers to read arbitrary files via ".." sequences in the query string.
Max CVSS
5.0
EPSS Score
2.06%
Published
2001-12-31
Updated
2017-12-19
The timed program (in.timed) in UnixWare 7 and OpenUnix 8.0.0 does not properly terminate certain strings with a null, which allows remote attackers to cause a denial of service.
Max CVSS
5.0
EPSS Score
0.16%
Published
2001-12-31
Updated
2008-09-05
Unknown vulnerability in SCO OpenServer 5.0.6 and earlier allows local users to modify critical information such as certain CPU registers and segment descriptors.
Max CVSS
2.1
EPSS Score
0.04%
Published
2001-12-31
Updated
2008-09-05
Unknown vulnerability in CDE in Caldera OpenUnix 7.1.0, 7.1.1, and 8.0 allows an xterm session to gain privileges when the session is reused.
Max CVSS
7.5
EPSS Score
0.40%
Published
2001-12-31
Updated
2017-07-11
Buffer overflow in cron in Caldera UnixWare 7 allows local users to execute arbitrary code via a command line argument.
Max CVSS
4.6
EPSS Score
0.04%
Published
2001-12-31
Updated
2008-09-05
Apple Personal Web Sharing (PWS) 1.1, 1.5, and 1.5.5, when Web Sharing authentication is enabled, allows remote attackers to cause a denial of service via a long password, possibly due to a buffer overflow.
Max CVSS
5.0
EPSS Score
1.22%
Published
2001-12-31
Updated
2017-07-11
Buffer overflow in (1) HttpSaveCVP.dll and (2) HttpSaveCSP.dll in Trend Micro InterScan VirusWall 3.5.1 allows remote attackers to execute arbitrary code.
Max CVSS
10.0
EPSS Score
0.40%
Published
2001-12-31
Updated
2008-09-05
Buffer overflow in smtpscan.dll for Trend Micro InterScan VirusWall 3.51 for Windows NT has allows remote attackers to execute arbitrary code via a certain configuration parameter.
Max CVSS
10.0
EPSS Score
0.40%
Published
2001-12-31
Updated
2008-09-05
The MAC module in Netfilter in Linux kernel 2.4.1 through 2.4.11, when configured to filter based on MAC addresses, allows remote attackers to bypass packet filters via small packets.
Max CVSS
7.5
EPSS Score
0.37%
Published
2001-12-31
Updated
2008-09-05
The Remote Desktop client in Windows XP sends the most recent user account name in cleartext, which could allow remote attackers to obtain terminal server user account names via sniffing.
Max CVSS
5.0
EPSS Score
1.57%
Published
2001-12-31
Updated
2008-09-05
Windows XP with fast user switching and account lockout enabled allows local users to deny user account access by setting the fast user switch to the same user (self) multiple times, which causes other accounts to be locked out.
Max CVSS
2.1
EPSS Score
0.04%
Published
2001-12-31
Updated
2008-09-05
Openwave WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in-the-middle attack.
Max CVSS
6.4
EPSS Score
0.13%
Published
2001-12-31
Updated
2008-09-05
CMG WAP gateway does not verify the fully qualified domain name URL with X.509 certificates from root certificate authorities, which allows remote attackers to spoof SSL certificates via a man-in-the-middle attack.
Max CVSS
6.4
EPSS Score
0.13%
Published
2001-12-31
Updated
2008-09-05
Lotus Domino server 5.0.9a and earlier allows remote attackers to bypass security restrictions and view Notes database files and possibly sensitive Notes template files (.ntf) via an HTTP request with a large number of "+" characters before the .nsf file extension, which are converted to spaces by Domino.
Max CVSS
5.0
EPSS Score
0.24%
Published
2001-12-31
Updated
2016-10-18
Format string vulnerability in libvanessa_logger 0.0.1 in Perdition 0.1.8 allows remote attackers to execute arbitrary code via format string specifiers in the __vanessa_logger_log function.
Max CVSS
7.5
EPSS Score
0.58%
Published
2001-12-31
Updated
2008-09-05
Point to Point Protocol daemon (pppd) in MacOS x 10.0 and 10.1 through 10.1.5 provides the username and password on the command line, which allows local users to obtain authentication information via the ps command.
Max CVSS
2.1
EPSS Score
0.04%
Published
2001-12-31
Updated
2008-09-05
setrlimit in HP-UX 10.01, 10.10, 10.24, 10.20, 11.00, 11.04 and 11.11 does not properly enforce core file size on processes after setuid or setgid privileges are dropped, which could allow local users to cause a denial of service by exhausting available disk space.
Max CVSS
2.1
EPSS Score
0.04%
Published
2001-12-31
Updated
2017-10-12
Unknown vulnerability in Tomcat 3.2.1 running on HP Secure OS for Linux 1.0 allows attackers to access servlet resources. NOTE: due to the vagueness of the vendor advisory, it is not clear whether this issue is already covered by other CVE identifiers.
Max CVSS
7.5
EPSS Score
0.13%
Published
2001-12-31
Updated
2017-07-11
Format string vulnerability in nvi before 1.79 allows local users to gain privileges via format string specifiers in a filename.
Max CVSS
7.2
EPSS Score
0.12%
Published
2001-12-31
Updated
2016-10-18
1676 vulnerabilities found
1 2 3 4 5 6 ...... 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!