Security Vulnerabilities, CVEs, Published In May 2000
The guestbook CGI program in ICQ Web Front service for ICQ 2000a, 99b, and others allows remote attackers to cause a denial of service via a URL with a long name parameter.
Max CVSS
5.0
EPSS Score
0.21%
Published
2000-05-29
Updated
2008-09-10
Race condition in IPFilter firewall 3.4.3 and earlier, when configured with overlapping "return-rst" and "keep state" rules, allows remote attackers to bypass access restrictions.
Max CVSS
2.6
EPSS Score
0.33%
Published
2000-05-26
Updated
2017-10-10
The file transfer mechanism in Danware NetOp 6.0 does not provide authentication, which allows remote attackers to access and modify arbitrary files.
Max CVSS
10.0
EPSS Score
0.75%
Published
2000-05-23
Updated
2017-10-10
The KApplication class in the KDE 1.1.2 configuration file management capability allows local users to overwrite arbitrary files.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-05-31
Updated
2017-10-10
Netscape 4.73 and earlier does not properly warn users about a potentially invalid certificate if the user has previously accepted the certificate for a different web site, which could allow remote attackers to spoof a legitimate web site by compromising that site's DNS information.
Max CVSS
5.0
EPSS Score
0.41%
Published
2000-05-26
Updated
2017-10-10
The Apache 1.3.x HTTP server for Windows platforms allows remote attackers to list directory contents by requesting a URL containing a large number of / characters.
Max CVSS
5.0
EPSS Score
0.39%
Published
2000-05-31
Updated
2021-06-06
Microsoft Windows Media Encoder allows remote attackers to cause a denial of service via a malformed request, aka the "Malformed Windows Media Encoder Request" vulnerability.
Max CVSS
5.0
EPSS Score
24.10%
Published
2000-05-30
Updated
2018-10-12
Buffer overflow in the XDMCP parsing code of GNOME gdm, KDE kdm, and wdm allows remote attackers to execute arbitrary commands or cause a denial of service via a long FORWARD_QUERY request.
Max CVSS
10.0
EPSS Score
7.14%
Published
2000-05-24
Updated
2008-09-10
Buffer overflow in ITHouse mail server 1.04 allows remote attackers to execute arbitrary commands via a long RCPT TO mail command.
Max CVSS
10.0
EPSS Score
0.42%
Published
2000-05-30
Updated
2017-10-10
Buffer overflow in Cisco TACACS+ tac_plus server allows remote attackers to cause a denial of service via a malformed packet with a long length field.
Max CVSS
5.0
EPSS Score
0.73%
Published
2000-05-30
Updated
2017-10-10
Microsoft SQL Server allows local users to obtain database passwords via the Data Transformation Service (DTS) package Properties dialog, aka the "DTS Password" vulnerability.
Max CVSS
2.1
EPSS Score
0.05%
Published
2000-05-30
Updated
2018-10-12
Internet Explorer 4.x and 5.x does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files via the frame, aka the "Frame Domain Verification" vulnerability.
Max CVSS
5.1
EPSS Score
63.25%
Published
2000-05-17
Updated
2021-07-23
Internet Explorer 4.x and 5.x allows remote attackers to execute arbitrary commands via a buffer overflow in the ActiveX parameter parsing capability, aka the "Malformed Component Attribute" vulnerability.
Max CVSS
7.6
EPSS Score
0.32%
Published
2000-05-17
Updated
2021-07-23
BeOS 5.0 allows remote attackers to cause a denial of service via fragmented TCP packets.
Max CVSS
5.0
EPSS Score
0.94%
Published
2000-05-18
Updated
2008-09-10
ftpd in NetBSD 1.4.2 does not properly parse entries in /etc/ftpchroot and does not chroot the specified users, which allows those users to access other files outside of their home directory.
Max CVSS
2.1
EPSS Score
0.05%
Published
2000-05-28
Updated
2008-09-10
The undocumented semconfig system call in BSD freezes the state of semaphores, which allows local users to cause a denial of service of the semaphore system by using the semconfig call.
Max CVSS
2.1
EPSS Score
0.04%
Published
2000-05-29
Updated
2008-09-10
Buffer overflow in KDE kdesud on Linux allows local uses to gain privileges via a long DISPLAY environmental variable.
Max CVSS
7.2
EPSS Score
0.05%
Published
2000-05-27
Updated
2008-09-10
ISM.DLL in IIS 4.0 and 5.0 allows remote attackers to read file contents by requesting the file and appending a large number of encoded spaces (%20) and terminated with a .htr extension, aka the ".HTR File Fragment Reading" or "File Fragment Reading via .HTR" vulnerability.
Max CVSS
7.5
EPSS Score
40.85%
Published
2000-05-11
Updated
2018-10-30
NetBSD 1.4.2 and earlier allows local users to cause a denial of service by repeatedly running certain system calls in the kernel which do not yield the CPU, aka "cpu-hog".
Max CVSS
2.1
EPSS Score
0.04%
Published
2000-05-28
Updated
2008-09-10
Buffer overflow in xlockmore xlock program version 4.16 and earlier allows local users to read sensitive data from memory via a long -mode option.
Max CVSS
2.1
EPSS Score
0.04%
Published
2000-05-29
Updated
2008-09-10
Buffer overflow in Linux cdrecord allows local users to gain privileges via the dev parameter.
Max CVSS
7.2
EPSS Score
0.04%
Published
2000-05-29
Updated
2008-09-10
XFree86 3.3.x and 4.0 allows a user to cause a denial of service via a negative counter value in a malformed TCP packet that is sent to port 6000.
Max CVSS
5.0
EPSS Score
0.67%
Published
2000-05-18
Updated
2008-09-10
Buffer overflow in the ESMTP service of Lotus Domino Server 5.0.1 allows remote attackers to cause a denial of service via a long MAIL FROM command.
Max CVSS
5.0
EPSS Score
1.18%
Published
2000-05-18
Updated
2008-09-10
The Intel express 8100 ISDN router allows remote attackers to cause a denial of service via oversized or fragmented ICMP packets.
Max CVSS
5.0
EPSS Score
0.94%
Published
2000-05-19
Updated
2008-09-10
Vulnerability in bbd server in Big Brother System and Network Monitor allows an attacker to execute arbitrary commands.
Max CVSS
7.5
EPSS Score
1.75%
Published
2000-05-18
Updated
2008-09-10