Total
266239 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2004-0076 | 2024-02-28 | N/A | N/A | ||
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was removed from consideration by its Candidate Numbering Authority. Notes: none | |||||
CVE-1999-1223 | 1 Microsoft | 1 Internet Information Server | 2024-02-28 | 5.0 MEDIUM | N/A |
IIS 3.0 allows remote attackers to cause a denial of service via a request to an ASP page in which the URL contains a large number of / (forward slash) characters. | |||||
CVE-2001-0574 | 1 Jason Rahaim | 1 Mp3mystic | 2024-02-28 | 5.0 MEDIUM | N/A |
Directory traversal vulnerability in MP3Mystic prior to 1.04b3 allows a remote attacker to download arbitrary files via a '..' (dot dot) in the URL. | |||||
CVE-2003-1079 | 1 Sun | 2 Solaris, Sunos | 2024-02-28 | 5.0 MEDIUM | N/A |
Unknown vulnerability in UDP RPC for Solaris 2.5.1 through 9 for SPARC, and 2.5.1 through 8 for x86, allows remote attackers to cause a denial of service (memory consumption) via certain arguments in RPC calls that cause large amounts of memory to be allocated. | |||||
CVE-2001-1556 | 1 Apache | 1 Http Server | 2024-02-28 | 5.0 MEDIUM | N/A |
The log files in Apache web server contain information directly supplied by clients and does not filter or quote control characters, which could allow remote attackers to hide HTTP requests and spoof source IP addresses when logs are viewed with UNIX programs such as cat, tail, and grep. | |||||
CVE-1999-1369 | 1 Realnetworks | 1 Realserver | 2024-02-28 | 4.6 MEDIUM | N/A |
Real Media RealServer (rmserver) 6.0.3.353 stores a password in plaintext in the world-readable rmserver.cfg file, which allows local users to gain privileges. | |||||
CVE-2003-0242 | 1 Apple | 1 Mac Os X | 2024-02-28 | 7.5 HIGH | N/A |
IPSec in Mac OS X before 10.2.6 does not properly handle certain incoming security policies that match by port, which could allow traffic that is not explicitly allowed by the policies. | |||||
CVE-2001-1432 | 1 Cherokee | 1 Cherokee Httpd | 2024-02-28 | 7.8 HIGH | N/A |
Directory traversal vulnerability in Cherokee Web Server allows remote attackers to read arbitrary files via a .. (dot dot) in the URL. | |||||
CVE-2002-1822 | 1 Ibm | 1 Http Server | 2024-02-28 | 5.0 MEDIUM | N/A |
IBM HTTP Server 1.0 on AS/400 allows remote attackers to obtain the path to the web root directory and other sensitive information, which is leaked in an error mesage when a request is made for a non-existent Java Server Page (JSP). | |||||
CVE-2000-0648 | 1 Texas Imperial Software | 1 Wftpd | 2024-02-28 | 5.0 MEDIUM | N/A |
WFTPD and WFTPD Pro 2.41 allows local users to cause a denial of service by executing the RENAME TO (RNTO) command before a RENAME FROM (RNFR) command. | |||||
CVE-1999-0506 | 1 Microsoft | 2 Windows 2000, Windows Nt | 2024-02-28 | 7.2 HIGH | N/A |
A Windows NT domain user or administrator account has a default, null, blank, or missing password. | |||||
CVE-1999-1424 | 1 Sun | 1 Solstice Adminsuite | 2024-02-28 | 6.2 MEDIUM | N/A |
Solaris Solstice AdminSuite (AdminSuite) 2.1 uses unsafe permissions when adding new users to the NIS+ password table, which allows local users to gain root access by modifying their password table entries. | |||||
CVE-2002-1943 | 1 Safetp | 1 Safetp Server | 2024-02-28 | 5.0 MEDIUM | N/A |
SafeTP 1.46, when network address translation (NAT) is being used, leaks the internal IP address of the FTP server in a response to a passive mode (PASV) file transfer request. | |||||
CVE-2003-1382 | 1 Instantservers Inc. | 1 Ismail | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in ISMail 1.4.3 and earlier allow remote attackers to execute arbitrary code via long domain names in (1) MAIL FROM or (2) RCPT TO fields. | |||||
CVE-2000-0384 | 1 Intel | 2 Netstructure 7110, Netstructure 7180 | 2024-02-28 | 10.0 HIGH | N/A |
NetStructure 7110 and 7180 have undocumented accounts (servnow, root, and wizard) whose passwords are easily guessable from the NetStructure's MAC address, which could allow remote attackers to gain root access. | |||||
CVE-2000-0664 | 1 Analogx | 1 Simpleserver Www | 2024-02-28 | 5.0 MEDIUM | N/A |
AnalogX SimpleServer:WWW 1.06 and earlier allows remote attackers to read arbitrary files via a modified .. (dot dot) attack that uses the %2E URL encoding for the dots. | |||||
CVE-2004-2008 | 1 Adam Webb | 1 Nukejokes | 2024-02-28 | 4.6 MEDIUM | N/A |
SQL injection vulnerability in modules.php in NukeJokes 1.7 and 2 Beta allows remote attackers to execute arbitrary SQL via the jokeid parameter. | |||||
CVE-2002-0973 | 1 Freebsd | 1 Freebsd | 2024-02-28 | 4.6 MEDIUM | N/A |
Integer signedness error in several system calls for FreeBSD 4.6.1 RELEASE-p10 and earlier may allow attackers to access sensitive kernel memory via large negative values to the (1) accept, (2) getsockname, and (3) getpeername system calls, and the (4) vesa FBIO_GETPALETTE ioctl. | |||||
CVE-2001-0482 | 1 Argus Systems | 1 Pitbull Lx | 2024-02-28 | 7.2 HIGH | N/A |
Configuration error in Argus PitBull LX allows root users to bypass specified access control restrictions and cause a denial of service or execute arbitrary commands by modifying kernel variables such as MaxFiles, MaxInodes, and ModProbePath in /proc/sys via calls to sysctl. | |||||
CVE-2001-0039 | 1 Ipswitch | 1 Imail | 2024-02-28 | 5.0 MEDIUM | N/A |
IPSwitch IMail 6.0.5 allows remote attackers to cause a denial of service using the SMTP AUTH command by sending a base64-encoded user password whose length is between 80 and 136 bytes. |