Vulnerability Index: Year 2000

Denial of Service Vulnerability in RealMedia Server via Long Ramgen Request Remote Code Execution Vulnerability in ZBServer Pro 1.50 via Buffer Overflow Buffer Overflow Vulnerability in UnixWare RTPM Program Remote Code Disclosure Vulnerability in ZBServer Pro Privilege Escalation Vulnerability in HP-UX aserver Program via Symlink Attack Memory Mapped File Name Vulnerability in strace Unrestricted Access to Trend Micro PC-Cillin Internal Proxy Port Allows Denial of Service FTPPro Local Information Disclosure Vulnerability Arbitrary Command Execution Vulnerability in Optivity NETarchitect's bna_pass Program Remote Code Execution in WebWho+ Whois.cgi Program Buffer Overflow Vulnerability in AnalogX SimpleServer:WWW HTTP Server Remote Code Execution via Buffer Overflow in w3-msql CGI Program Local Privilege Escalation in IRIX Soundplayer Program via Shell Metacharacters in .wav File Null character denial of service vulnerability in Savant web server Privilege Escalation via Symlink Attack in CascadeView TFTP Server Buffer Overflow Vulnerability in Internet Anywhere POP3 Mail Server Buffer Overflow Vulnerability in Linuxconf Package Allows Remote Root Privilege Escalation Privilege Escalation via .wmmonrc Configuration File in FreeBSD Weak Encryption in IMail POP3 Daemon Allows Local Users to Read Files DNS PRO Denial of Service Vulnerability Path Disclosure Vulnerability in Lotus Domino HTTP Server Improper Anonymous Access Configuration in Lotus Domino HTTP Server's cgi-bin Directory Lotus Domino HTTP Server Buffer Overflow Vulnerability IIS URL Canonicalization Vulnerability Virtual Directory Source Code Disclosure Vulnerability Buffer Overflow Vulnerability in UnixWare i2odialogd Daemon Privilege Escalation Vulnerability in IBM Network Station Manager NetStation Cross Frame File Reading Vulnerability in Internet Explorer 5.0 and 5.01 Privilege Escalation Vulnerability in UnixWare pis and mkpis Commands Solaris dmispd dmi_cmd Local Privilege Escalation Vulnerability Local Privilege Escalation Vulnerability in Red Hat Linux Initscripts Package Solaris dmi_cmd Local Denial of Service Vulnerability Vulnerability: Inadequate Scanning of Messages with Malformed Attachments in InterScan VirusWall SMTP Scanner Netscape 4.7 Vulnerability: Unauthorized Password Storage in preferences.js Local Privilege Escalation Vulnerability in Majordomo's Resend Command HTML Mail Attachment vulnerability in Outlook Express 5 for Macintosh Local Privilege Escalation via Majordomo Wrapper Configuration File Default glFtpD User Account with Root Privileges Remote File Disclosure Vulnerability in AltaVista Search Engine Privilege Escalation Vulnerability in glFtpD via SITE ZIPCHK Command Macintosh Systems: Vulnerability as Amplifiers in ICMP Flood Attacks CSM Mail Server Buffer Overflow Vulnerability CamShot WebCam HTTP Server Buffer Overflow Vulnerability Arbitrary File Read and Command Execution Vulnerability in War FTP 1.70 and 1.67b2 Privilege Escalation: Local Users Can Modify Passwords for Arbitrary MySQL Users Remote Code Execution Vulnerability in ICQ 99b 1.1.1.1 Client via Malformed URL Buffer Overflow Vulnerability in Yahoo Pager/Messenger Client Local Privilege Escalation Vulnerability in Corel Linux Update Winamp Client Buffer Overflow Vulnerability Webtop Section Access Vulnerability Allaire Spectra Configuration Wizard Denial of Service Vulnerability Local Privilege Escalation Vulnerability in Red Hat Userhelper Program Denial of Service Vulnerability in Microsoft Commercial Internet System (MCIS) IMAP Server Directory Traversal Vulnerability in search.cgi Buffer Overflow Vulnerability in Solaris chkperm Command IMail IMONITOR status.cgi Denial of Service Vulnerability CFCACHE Tag Vulnerability: Remote Information Disclosure Unauthenticated Remote Access Vulnerability in Handspring Visor's Network HotSync Program Command Injection Vulnerability in PHP3 with safe_mode Enabled Denial of Service Vulnerability in aVirt Rover POP3 Server 1.1 Security Zone Modification Vulnerability in Internet Explorer 5 Remote Code Execution Vulnerability in Zope DTML Implementation Arbitrary File Read Vulnerability in Nortel Contivity HTTP Server's cgiproc CGI Script Denial of Service Vulnerability in Nortel Contivity HTTP Server's cgiproc CGI Script Remote Code Execution Vulnerability in InetServ 3.0 via Long GET Request Path Disclosure Vulnerability in WebSite Pro Local File Modification Vulnerability in CyberCash Merchant Connection Kit (MCK) Unauthenticated Remote Access Vulnerability in Intel InBusiness E-mail Station Local Privilege Escalation Vulnerability in Solstice Backup's Recover Program Spoofed LPC Port Request Vulnerability in Windows NT 4.0 Path Disclosure Vulnerability in IIS 4.0 Vcasel Local File Execution Vulnerability Microsoft Rich Text Format (RTF) Reader Buffer Overflow Vulnerability Remote Code Execution in PowerScripts PlusMail CGI Program SMTP Memory Leak Vulnerability Local File Deletion Vulnerability in Debian nvi Package's nviboot Boot Script Privilege Escalation via Alternate PATH in HP-UX aserver Program Privilege Escalation via Alternate PATH in HP-UX aserver Program Path Disclosure Vulnerability in W3C CERN httpd HTTP Server Local Privilege Escalation via Symlink Attack in AIX techlibss Hotmail Vulnerability: Remote Code Execution via JavaScript Protocol WebTV Email Client HTML Injection Vulnerability Insecure Permissions in HP Asecure Audio Security File (audio.sec) Vulnerability Weak Encryption Vulnerability in CuteFTP's tree.dat File Remote Code Execution Vulnerability in Hotmail Cleartext Transmission of User IDs and Passwords in Netopia Timbuktu Pro Insecure IMAP Connection in Netscape Mail Notification Utility Malformed Conversion Data vulnerability in Japanese, Korean, and Chinese Word 5 document conversion utilities RDISK Registry Enumeration File Vulnerability Symlink Attack Vulnerability in VMWare 1.1.2 Buffer Overflow in vchkpw/vpopmail POP Authentication Package Vulnerability: Symlink Attack in BSD Make Program with -j Option Weak Password Encryption in Red Hat Installation: DES Crypt() Vulnerability Local Privilege Escalation via Modified File Descriptor in procfs HP-UX PMTU Discovery Vulnerability: Remote Packet Amplification Buffer Overflow Vulnerability in qpopper 3.0 Beta Versions via Long LIST Command Malformed Hit-Highlighting Argument vulnerability in Microsoft Index Server's WebHits ISAPI filter Path Disclosure Vulnerability in Microsoft Index Server Buffer Overflow Vulnerability in UnixWare ppptalk Command Insecure Permissions in SMS Remote Control Program Allow Privilege Escalation Remote Code Execution Vulnerability in Make-a-Store OrderPage Shopping Cart Application Remote Code Execution Vulnerability in SalesCart Shopping Cart Application Remote Code Execution Vulnerability in SmartCart Shopping Cart Application Remote Code Execution Vulnerability in Shoptron Shopping Cart Application Remote Code Execution Vulnerability in Outlook Express 5.01 and Internet Explorer 5.01 Remote Code Execution Vulnerability in EasyCart Shopping Cart Application Local Privilege Escalation Vulnerability in Linux apcd Program Remote Code Execution Vulnerability in Intellivend Shopping Cart Application Unsecured Accounts in mcsp Client Site Processor System Pose Security Risk Remote Code Execution Vulnerability in WebSiteTool Shopping Cart Application Predictable Session Numbers in RightFax Web Client Allow Remote Session Hijacking Insecure Master Boot Record (MBR) Allows Local User to Boot from Floppy Disk during Debian GNU/Linux Installation SyGate Remote Management Program Vulnerability: Unauthorized Access and Denial of Service Information Disclosure: Remote Enumeration of Anonymous Account Name in Frontpage Server Extensions Denial of Service Vulnerability in IIS via Invalid Regular Expressions in ASP Pages Bypassing Strip Script Tags Restriction in Firewall-1 Cobalt RaQ2 Server Vulnerability: Unauthorized Password Modification in siteUserMod.cgi Unlogged Failed Password Guessing Vulnerability in Red Hat Linux su Program Vulnerability in McAfee Virus Scan and Norton Anti-Virus Allows Malicious Code Storage in Windows Recycle Bin Authentication Bypass Vulnerability in Allaire Spectra 1.0 Remote Access Service Recycle Bin Creation Vulnerability in Windows NT and Windows 2000 Information Disclosure Vulnerability in Frontpage Server Extensions Remote Code Execution Vulnerability in Filemaker's Shopping Cart Application Vulnerability: Bypassing Web Access Restrictions in surfCONTROL SuperScout SQL Injection Vulnerability in wwwthreads Forums Remote File Read Vulnerability in IIS 3 and 4 via Dot Dot Attack WSMadmin Utility Privilege Escalation Vulnerability Remote Command Execution Vulnerability in Finger Server 0.82 Buffer Overflow in SHGetPathFromIDList Function of Serv-U FTP Server Remote Code Execution Vulnerability in SCO scohelp Program Buffer Overflow Vulnerability in War FTPd 1.6x: Denial of Service via Long MKD and CWD Commands Remote File Read Vulnerability in Microsoft Java Virtual Machine Command Execution Vulnerability in Tiny FTPd 0.52 beta3 FTP Server Hidden Form Field Manipulation Vulnerability in Check It Out Shopping Cart Application Remote Code Execution Vulnerability in @Retail Shopping Cart Application Remote Code Execution Vulnerability in Cart32 Shopping Cart Application Remote Code Execution Vulnerability in CartIt Shopping Cart Application DDoS Attack Tool Vulnerability Denial of Service Vulnerability in Internet Anywhere POP3 Mail Server Denial of Service Vulnerability in Internet Anywhere POP3 Mail Server Remote Code Execution in Infopop Ultimate Bulletin Board (UBB) via Shell Metacharacters in Hidden Topic Field Denial of Service Vulnerability in Timbuktu Pro 2.0b650 Authentication Protocol Local Privilege Escalation Vulnerability in SSH Protocol Server Axis 700 Network Scanner Vulnerability: Bypassing Password Protection via Dot Dot Attack World-Writable Permissions Vulnerability in libguile.so Library File Denial of Service Vulnerability in Novell GroupWise Web Access Enhancement Pack Default Writable SNMP Community String in SCO OpenServer Allows Local Configuration Modification MySQL 3.22 Remote Authentication Bypass Vulnerability Zeus Web Server Source Code Disclosure Vulnerability Bypassing Port Access Restrictions on Check Point Firewall-1 via FTP Server Vulnerability Symlink Following Vulnerability in GNU Make Allows Command Execution Denial of Service Vulnerability in Novell BorderManager 3.5 via Telnet Connection Remote File Disclosure Vulnerability in FrontPage Personal Web Server (PWS) Symlink Attack Vulnerability in ARCserve Agent for UnixWare Windows NT Autorun Vulnerability: Unauthorized Execution of Alternate Programs on Non-Removable Media Image Source Redirect Vulnerability Vulnerability: Privilege Escalation via PSL Modification in NetBSD ptrace Call on VAX Buffer Overflow in MMDF Server Allows Remote Privilege Escalation via Long MAIL FROM Command Ignite-UX Vulnerability: Privilege Escalation via Blank Password Field Microsoft Active Setup ActiveX Component Allows Unauthorized Software Installation SQL Injection Vulnerability in Microsoft Site Server 3.0 Commerce Edition VM File Reading Vulnerability Privilege Escalation via asmon and ascpu Configuration File in FreeBSD World-readable file vulnerability in Sun Internet Mail Server (SIMS) allows password exposure Buffer Overflow Vulnerabilities in Delegate Application Proxy Buffer Overflow in TelnetD Allows Remote Command Execution Denial of Service Vulnerability in IIS Inetinfo.exe via Long File Name in Pickup Directory DOS Device in Path Name Vulnerability in Microsoft Windows 9x Operating Systems Remote Command Execution in Oracle Web Listener via Malformed URL Buffer Overflow Vulnerability in Linux Man Program via MANPAGER Environmental Variable Local Privilege Escalation in atsadc of atsar Package for Linux Privilege Escalation Vulnerability in mtr Program EELS System Denial of Service Vulnerability in SCO UnixWare 7.1.x Arbitrary File Read Vulnerability in StarOffice StarScheduler Web Server Buffer Overflow Vulnerability in StarOffice StarScheduler Web Server Information Disclosure Vulnerability in Serv-U 2.5d and Earlier Remote Command Execution in DNSTools CGI Applications Predictable TCP/IP Sequence Numbers in ServerIron Switches: A Gateway for Session Spoofing and Hijacking Denial of Service Vulnerability in HP OpenView OmniBack 2.55 Arbitrary File Read Vulnerability in Sojourn Search Engine Firewall-1 3.0 and 4.0 IP Address Leakage Vulnerability Denial of Service Vulnerability in iPlanet Web Server 4.1 Remote Code Execution via Buffer Overflow in ircII 4.4 IRC Client's DCC Chat Capability World-readable printer configuration files in Linux printtool allow local attackers to obtain printer share passwords RealMedia RealServer IP Address Disclosure Vulnerability Privilege Escalation via Buffer Overflow in Linux ext2fs Backup Package Arbitrary File Read and Command Execution Vulnerability in EZShopper 3.0 loadpage.cgi Arbitrary File Read and Command Execution Vulnerability in EZShopper 3.0 search.cgi CGI Script Path Disclosure Vulnerability in ColdFusion Server 4.x AIM Client Denial of Service Vulnerability Unauthenticated Remote Access to Administrator URLs in Axis StorPoint CD Remote Information Disclosure Vulnerability in Caldera OpenLinux 2.3 Privilege Escalation Vulnerability in Dosemu Default Configuration Arbitrary File Modification Vulnerability in buildxconf in Corel Linux Local Privilege Escalation in Corel Linux via setxconf -T Parameter Remote Code Execution via Buffer Overflow in Linux nmh Package Drive Mapping Privilege Escalation Vulnerability Buffer Overflow Vulnerability in MERCUR Mail Server Suite POP3 and IMAP Servers Weak Encryption of Login Credentials in Enterprise Manager for Microsoft SQL Server 7.0 Clip Art Buffer Overrun: Remote Code Execution and Denial of Service Vulnerability in Microsoft Clip Art Gallery Arbitrary Command Execution via window.showHelp() Method in Internet Explorer 5.x Remote Privilege Escalation via Malformed Select Statement in Microsoft SQL Server 7.0 and MSDE 1.0 Denial of Service Vulnerability in Trend Micro OfficeScan Client tmlisten.exe Denial of Service Vulnerability in Trend Micro OfficeScan Client Remote Command Replay and Configuration Modification Vulnerability in Trend Micro OfficeScan World-Writable orainstRoot.sh File Vulnerability in Oracle 8.1.5.x on Linux Remote Command Execution in SGI InfoSearch CGI Program Arbitrary File Read Vulnerability in htsearch CGI Program Buffer Overflow Vulnerability in Lynx 2.x Allows Remote Code Execution Symlink Vulnerability in Sun Flex License Manager (FlexLM) Allows Arbitrary File Modification Denial of Service via Misordered Windows Media Services Handshake Denial of Service Vulnerability in InterAccess TelnetD Server 4.0 Remote Code Execution Vulnerability in Sambar Server Weak Encryption Used for Storing FTP Explorer Credentials Privilege Escalation Vulnerability in SCO cu Program in UnixWare 7.x Read Receipt and Delivery Receipt Flood Vulnerability X Forwarding in SSH Allows Remote Control of Client's X Sessions via Malicious xauth Program Buffer Overflow Vulnerability in Linux Mount and Umount: Local Privilege Escalation Root Access Vulnerability in Red Hat 6.0 through Single User Boot ZoneAlarm Vulnerability: Cleartext Transmission of Sensitive System and Network Information Nautica Marlin Bridge Denial of Service Vulnerability Windows 2000 Vulnerability: Remote Access to ADMIN$ Share Without Password Buffer Overflow Vulnerability in wmcdplay CD Player Program for WindowMaker Desktop Local Privilege Escalation Vulnerability in ARCserve Agent for SCO UnixWare 7.x Remote Access Vulnerability in Pocsag POC32 Program IIS 4.0 Chunked Transfer Encoding Buffer Overflow Vulnerability Unrestricted Unix Domain Sockets in Linux 2.2.x Kernel: Denial of Service Vulnerability Malformed Media License Request Vulnerability in Microsoft Windows Media License Manager Privilege Escalation Vulnerability in gpm-root Utility Buffer Overflow in imwheel Allows Local Privilege Escalation Privilege Escalation Vulnerability in Linux kreatecd Denial of Service Vulnerability in Microsoft TCP/IP Printing Services Remote Authentication Bypass Vulnerability in SuSE Linux IMAP Server Default Configuration of Cobalt RaQ2 and RaQ3 Allows Remote Viewing of .htaccess Contents Buffer Overflow Vulnerability in Huh Program Enables Local Privilege Escalation Directory Listing Vulnerability in Netscape Enterprise Server with Directory Indexing Enabled Arbitrary Directory Listing Vulnerability in Netscape Enterprise Server with Web Publishing Buffer Overflow Vulnerability in Norton AntiVirus for Internet Email Gateways Web Server Buffer Overflow in MERCUR WebView WebMail Server: Remote Denial of Service Vulnerability Arbitrary File Read Vulnerability in vqSoft vqServer Program Cleartext Storage of Sensitive Information in vqSoft vqServer's server.cfg File Shell Command Injection Vulnerability in WindMail Denial of Service Vulnerability in AnalogX SimpleServer:WWW HTTP Server 1.03 Weak Encryption in Citrix ICA Protocol: A Vulnerability in User Authentication Remote Account Creation Vulnerability in SGI IRIX Objectserver Daemon Virtualized UNC Share Vulnerability in IIS 4.0 and 5.0 Root Privilege Escalation Vulnerability in Generic-NQS (GNQS) Backdoor Password Vulnerability in Red Hat Linux Piranha's LVS Web GUI AIX Fast Response Cache Accelerator (FRCA) Configuration File Modification Vulnerability Weak Encryption in QNX Crypt Function Allows Password Decryption by Local Users Multiple Aliased IP Addresses Vulnerability in HP-UX 11.04 VirtualVault (VVOS) Remote Command Execution Vulnerability in dansie shopping cart application cart.pl Remote Code Execution in dansie shopping cart application cart.pl Remote Information Disclosure Vulnerability in dansie shopping cart application cart.pl Remote Denial of Service Vulnerability in Nbase-Xyplex EdgeBlaster Router Server-Side Image Map Components Vulnerability in FrontPage 97 and 98 Server Extensions NetWare Remote Web Administration Utility Buffer Overflow Vulnerability Myriad Escaped Characters Denial of Service Vulnerability in IIS 4.0 and 5.0 Default Permissions Vulnerability in Cryptography\Offload Registry Key Link View Server-Side Component Buffer Overflow Vulnerability Arbitrary File Read Vulnerability in AVM KEN! Web Server AVM KEN! ISDN Proxy Server Denial of Service Vulnerability Denial of Service Vulnerability in X Font Server (xfs) in Red Hat Linux 6.x Panda Security 3.0 Vulnerability: Privilege Escalation via Registry Editing Unintended Uninstallation Vulnerability in Panda Security 3.0 Cross Frame Scripting Vulnerability in Internet Explorer 5.01 Cisco Catalyst 5.4.x Vulnerability: Unauthorized Access to 'Enable' Mode Cisco IOS Denial of Service Vulnerability via Telnet ENVIRON Option Improper Permissions in Emacs 20 Allow Unauthorized Access to Subprocess Communications Predictable Temporary File Names in Emacs 20: Symlink Attack Vulnerability Emacs 20 Vulnerability: Unencrypted Password Exposure via read-passwd Denial of Service Vulnerability in RealNetworks RealServer (Port 7070) PCAnywhere Denial of Service Vulnerability Linux Trustees Kernel Patch Denial of Service Vulnerability Weak Encryption in CRYPTOCard CryptoAdmin for PalmOS Allows PIN Cracking and Token Generation Denial of Service Vulnerability in BeOS 4.5 and 5.0 via Malformed Direct System Calls XLM Text Macro Vulnerability in Microsoft Excel 97 and 2000 Unauthenticated Access to SalesLogix Eviewer's slxweb.dll Administration Program Denial of Service Vulnerability in BeOS Due to Malformed Packets Buffer Overflow in RealPlayer Client Versions 6 and 7: Denial of Service via Long Location URL Buffer Overflow Vulnerability in Napster Client Beta 5 Arbitrary File Read Vulnerability in TalentSoft Web+ Shopping Cart Application Default Installation of IRIX Performance Copilot Allows Remote Access to Sensitive System Information via pmcd Daemon Critical Buffer Overflow Vulnerability in University of Washington imapd 4.7 Allows Command Execution Buffer Overflow Vulnerability in XFree86 3.3.x via Long -xkbmap Parameter Denial of Service Vulnerability in X Font Server (XFS) Remote Code Execution Vulnerability in BizDB CGI Script Bypassing Payment Phase in Infonautics getdoc.cgi Vulnerability IP Masquerading Vulnerability in Linux 2.2.x Allows Remote UDP Routing Buffer Overflow Vulnerability in Webstar HTTP Server Allows Remote Denial of Service Denial of Service Vulnerability in Star Office 5.1 via Long URL Embedding Adtran MX2800 M13 Multiplexer Denial of Service Vulnerability Arbitrary File Deletion Vulnerability in aaa_base and cron.daily in SuSE Linux 6.3 Buffer Overflow Vulnerability in healthd for FreeBSD Allows Local Privilege Escalation Remote Code Execution Vulnerability in LCDproc via screen_add Command Local Privilege Escalation in fcheck via Shell Metacharacters in File Names Bypassing Access Restrictions in Allaire Forums 2.0.5 Insecure Permissions in Windows 2000 OEMPreinstall Vulnerability Buffer Overflow Vulnerability in WebObjects Developer 4.5 Package Weak Encryption in PcAnywhere 9.x Allows Remote Attackers to Sniff and Decrypt Accounts Denial of Service Vulnerability in Ipswitch IMAIL Server 6.02 and Earlier Microsoft Index Server Source Code Disclosure Vulnerability Dot Dot (..) Attack: File Manipulation Vulnerability in Quake3 Arena Undelimited .HTR Request Vulnerability in Microsoft IIS 4.0 and 5.0 IP Fragment Reassembly Vulnerability in Windows 95, 98, 2000, NT 4.0, and Terminal Server Systems Buffer Overflow Vulnerability in calserver in SCO OpenServer Denial of Service Vulnerability in SCO UnixWare and OpenServer Root Privilege Escalation Vulnerability in Netscape FastTrack Server, Enterprise Server, and Proxy Server on SCO UnixWare 7.0.x and 2.1.3 i386 Trace-Trap Handling Vulnerability in OpenBSD 2.4 with DDB Enabled Denial of Service Vulnerability in IP Fragment Assembly in OpenBSD 2.4 Windows 2000 Domain Controller Vulnerability: Mixed Object Access OpenBSD 2.5 Cron Local Privilege Escalation Vulnerability Local Privilege Escalation Vulnerability in OpenBSD 2.6 Vulnerability: Local User Flooding in Traceroute with Large Waittime Option Local Privilege Escalation: Traceroute Source Address Modification Vulnerability Buffer Overflow Vulnerability in Solaris 7 lp Command Allows Local Privilege Escalation Buffer Overflow Vulnerability in Solaris 7 lpset Allows Local Privilege Escalation Local File Inclusion Vulnerability in Atrium Mercur Mail Server 3.2 Denial of Service and Mailbox Corruption Vulnerability in Sendmail 8.10.x Qpopper Denial of Service Vulnerability IC Radius Package Buffer Overflow Vulnerability Command Execution Vulnerability in Red Hat Piranha Virtual Server Package Text I-ISAM Vulnerability: Unauthorized Modification of Text Files via Microsoft Jet Database Engine Denial of Service Vulnerability in pcAnywhere 8.x and 9.0 VBA Shell vulnerability in Microsoft Jet database engine allows command execution via database query Weak Encryption in Meeting Maker Allows Remote Password Sniffing and Decryption Virtual Machine Verifier vulnerability in Microsoft Virtual Machine (VM) allows remote code execution Predictable TCP Initial Sequence Numbers in Windows NT 4.0: A Vulnerability for Spoofing and Session Hijacking Active Setup Control Vulnerability: Remote Execution of Malicious Cabinet File The File Access URL Vulnerability in Windows 95 and Windows 98 Networking Software Malformed Environment Variable vulnerability in Microsoft CMD.EXE Arbitrary File Read Vulnerability in UltraBoard 1.6 Denial of Service via Malformed DNS Packets in tcpdump and Ethereal Container Object Security Bypass in Allaire Spectra Editor Preview Tool Predictable IDs in glibc 2.1.3 resolver allow DNS query result spoofing Symlink Attack Vulnerability in Linux OpenLDAP Server Buffer Overflow Vulnerability in Xsun X Server in Solaris 7 Predictable Temporary File Names in CVS Locking Vulnerability ZoneAlarm Firewall 2.1.10 and Earlier Vulnerability: Bypassing Firewall Rules via Unfiltered UDP Packets Buffer Overflow in Gnomelib in SuSE Linux 6.3: Arbitrary Command Execution via DISPLAY Environmental Variable Denial of Service Vulnerability in ATRIUM Cassandra NNTP Server 1.10 Stealth Attachment Vulnerability in Eudora 4.x Remote Code Execution Vulnerability in Sniffit 0.3.x with -L Logging Option Denial of Service Vulnerability in Linux Kernel 2.2.x NFS Server Cisco Router Vulnerability: Unauthorized Access to Sensitive Information via Online Help System Remote Information Disclosure Vulnerability in AppleShare IP 6.1 and Later Denial of Service Vulnerability in Windows 95 and Windows 98 via NetBIOS Session Request Packet Root Privilege Escalation Vulnerability in Sendmail Configuration File (sendmail.cf) on SCO UnixWare 7.1.0 and Earlier Denial of Service Vulnerability in SCO UnixWare 7.1.0 Passthru Driver Weak Authentication Bypass and Unencrypted Event Posting Vulnerability in NetworkICE ICEcap 2.0.23 and Earlier Insecure Privileges in Packaging Commands of SCO UnixWare 7.1.0 Command Injection Vulnerability in Pine (before version 4.21) Arbitrary Command Execution Vulnerability in Pine 4.x via Malicious index.html File Remote File Creation Vulnerability in Mirror 2.8.x on Linux Systems Arbitrary File Read Vulnerability in SuSE pbpg 1.x Package Insecure Access Control for Disabled NIS Accounts in Red Hat Linux 6.1 PAM Insufficient Random Number Generation in ORBit and esound in Red Hat Linux 6.1 Remote Code Execution Vulnerability in ORBit and gnome-session in Red Hat Linux 6.1 Buffer Overflow Vulnerability in THTTPd via Long If-Modified-Since Header Buffer Overflow Vulnerability in INN 2.2.1 and Earlier: Remote Denial of Service via Malicious Article World Readable .config File in PPP wvdial.lxdialog Script Local Privilege Escalation Vulnerability in Linux cdwtools 093 and Earlier Privilege Escalation Vulnerability in Linux cdwtools 093 and Earlier via /tmp Directory Improper TTY Device Mode Setting Vulnerability in Red Hat Linux 6.0 Insecure Permissions in /dev/pts File System on Red Hat Linux 6.0 Symlink Restoration Vulnerability in Debian GNU/Linux 2.1 Root Privilege Escalation Vulnerability in Eterm 0.8.8 on Debian GNU/Linux Command History Disclosure Vulnerability in Cisco IOS 9.1 and Later Multiple Thread Creation Vulnerability in Caldera Linux 2.3 IDENT Server Remote Code Execution Vulnerability in Caldera Linux Smail Debug Option Arbitrary File Creation Vulnerability in libmediatool Library Local Privilege Escalation Vulnerability in Caldera RMT Command in Dump Package 0.4b4 Root Privilege Escalation Vulnerability in KDE kvt Terminal Program Default Configuration of kdm Allows Remote Access Vulnerability Symbolic Link Following Vulnerability in FreeBSD 3.2 Kernel Remote Code Execution Vulnerability in i-drive Filo HTTP Proxy Server Remote Registry Access Authentication Vulnerability in Windows NT 4.0 Persistent Device Sniffing Vulnerability Netopia R9100 Router SNMP Table Modification Vulnerability Denial of Service Vulnerability in Cisco IOS HTTP Service Information Disclosure Vulnerability in Gossamer Threads DBMan db.cgi CGI Script Stale Query String Arguments Disclosure Vulnerability in ColdFusion ClusterCATS File Transfer Vulnerability in AOL Instant Messenger (AIM) Exposes File Path Undocumented Account Vulnerability in NetStructure 7110 and 7180: Remote Root Access via Easily Guessable Passwords Bypassing Field-Level Database Security in FileMaker Pro 5 Web Companion Remote Email Spoofing Vulnerability in FileMaker Pro 5 Web Companion Local File Overwrite Vulnerability in makelev program of golddig game in FreeBSD Ports Collection Buffer Overflow in FreeBSD libmytinfo Library Allows Local Command Execution via Long TERMCAP Environmental Variable Buffer Overflow in krb_rd_req Function Allows Remote Root Privilege Escalation Kerberos 5 Buffer Overflow Vulnerability Allows Remote Root Privilege Escalation Buffer Overflow Vulnerability in krshd in Kerberos 5 Allows Remote Root Privilege Escalation Buffer Overflow Vulnerability in ksu Allows Local Privilege Escalation Privilege Escalation in KDE kscd Program via SHELL Environmental Variable Denial of Service Vulnerability in NetProwler 3.0 via Man-in-the-Middle Signature CProxy 3.3 Buffer Overflow Vulnerability Remote Code Execution Vulnerability in Carello Shopping Cart Software Session ID Leakage in EMURL Web-Based Email Account Software Remote Code Execution Vulnerability in Rockliffe MailSite Management Agent Buffer Overflow Vulnerability in MDaemon POP Server Unrestricted File Download Vulnerability in Microsoft Active Movie ActiveX Control Arbitrary Command Execution Vulnerability in PDGSoft Shopping Cart SQL Server 7.0 Service Pack Password Vulnerability: Plaintext Storage of System Administrator Account HostAnnouncement Flooding Vulnerability in CIFS Computer Browser Service on Windows NT 4.0 CIFS Computer Browser Service Denial of Service Vulnerability Remote Code Execution Vulnerability in L0pht AntiSniff via Malformed DNS Response Packet Acros-Suencksen SSL vulnerability Buffer Overflow Vulnerability in Solaris netpr Program Malformed Extension Data in URL Denial of Service Vulnerability in IIS 4.05 and 5.0 Symlink Vulnerability in Netscape 4.73 and Earlier Allows File Overwrite Denial of Service Vulnerability in ColdFusion Server 4.5.1 Remote Information Disclosure in Matt Wright's FormMail CGI Script Arbitrary File Read Vulnerability in Gnapster and Knapster Clients Path Disclosure Vulnerability in shtml.exe Privilege Escalation Vulnerability in HP-UX Shutdown Command Outlook Express 4.x Buffer Overflow Vulnerability with Long File Name Attachments Bypassing NTMail Proxy Restrictions via Web Configuration Server Redirect Denial of Service Vulnerability in Cayman 3220-H DSL Router's HTTP Administration Interface Cayman 3220-H DSL Router Denial of Service Vulnerability Office 2000 UA Control Vulnerability: Unauthorized Activities via Show Me Function Default Configuration of SYSKEY in Windows 2000 Allows Recovery of Startup Key from Registry Arbitrary Command Execution Vulnerability in process_bug.cgi Netwin DMailWeb CGI Program Buffer Overflow Vulnerability Netwin DNEWSWEB CGI Program Buffer Overflow Vulnerability Arbitrary Command Execution Vulnerability in CGI Counter 4.0.7 Remote Code Execution Vulnerability in L-Soft LISTSERV 1.8 Web Archives Component Denial of Service Vulnerability in UltraBoard 1.6 and Other Versions Physical Access Exploit: PIN Reset Vulnerability in Aladdin Knowledge Systems eToken Device Arbitrary Command Execution via Buffer Overflow in InterScan Virus Wall SMTP Gateway Backdoor Password Vulnerability in Cart32 3.0 and Earlier Sensitive Debugging Information Exposure in Cart32 Improper Access Permissions and Ownership Setting in Cobalt RaQ2 and RaQ3 Allows File Modification via FrontPage Arbitrary Command Execution Vulnerability in calender.pl and calendar_admin.pl Insecure Home Directory Configuration in SuSE aaa_base Package Plaintext Storage of Administrative Password in Allmanage Web Site Administration Software Remote Code Execution Vulnerability in Allmanage Website Administration Software 2.6 Arbitrary File Access Vulnerability in MetaProducts Offline Explorer 1.2 and Earlier Buffer Overflow Vulnerability in CyberPatrol Daemon cyberdaemon Allows Remote Code Execution Buffer Overflow Vulnerability in fdmount on Linux Systems Unauthorized Cookie Access Vulnerability in Internet Explorer 4.0 and 5.0 Denial of Service Vulnerability in NetBSD 1.4.2 and Earlier Privilege Escalation Vulnerability in AIX 3.2.x and 4.x Local Privilege Escalation via Formatting String in Qpopper 2.53 and Earlier Arbitrary File Read Vulnerability in HP Web JetAdmin 5.6 Denial of Service Vulnerability in HP Web JetAdmin 6.0 via Malformed URL Insufficiently Random Data Source in PGP 5.x on Unix Systems for Key Pair Generation Remote Code Execution Vulnerability in MDBMS Database Server Remote Code Execution Vulnerability in WebShield SMTP 4.5.44 Unrestricted Access to WebShield SMTP Management Tool Configuration via GET_CONFIG Command Weak Encryption Vulnerability in Omnis Studio 2.4 Arbitrary Command Execution Vulnerability in BBD Server of Big Brother System and Network Monitor Denial of Service Vulnerability in Intel Express 8100 ISDN Router Buffer Overflow in Lotus Domino Server 5.0.1 ESMTP Service Denial of Service Vulnerability in XFree86 3.3.x and 4.0 via Malformed TCP Packet Buffer Overflow Vulnerability in Linux cdrecord Allows Privilege Escalation via dev Parameter Buffer Overflow Vulnerability in xlockmore xlock Program Version 4.16 and Earlier CPU Hog Vulnerability in NetBSD 1.4.2 and Earlier .HTR File Fragment Reading vulnerability in IIS 4.0 and 5.0 World-readable files in /tmp directory in MSWordView application in IMP Improper File Removal in IMP MSWordView Application Allows Disk Space Denial of Service Buffer Overflow in KDE kdesud on Linux: Privilege Escalation via Long DISPLAY Environmental Variable Denial of Service Vulnerability in BSD Semaphore System via Undocumented semconfig System Call Improper Parsing of /etc/ftpchroot in NetBSD 1.4.2 Allows Unauthorized Access Denial of Service Vulnerability in BeOS 5.0 via Fragmented TCP Packets Malformed Component Attribute Vulnerability in Internet Explorer 4.x and 5.x Frame Domain Verification Vulnerability in Internet Explorer 4.x and 5.x Shell Metacharacters Vulnerability in AIX cdmount Allows Local Privilege Escalation Buffer Overflow in Linux splitvt 1.6.3 and Earlier: Privilege Escalation via Screen Locking Function Symlink Attack Vulnerability in HP-UX 10.20 and 11 Arbitrary File Read Vulnerability in Selena Sol WebBanner 4.0 Denial of Service Vulnerability in Allegro RomPager HTTP Server Buffer Overflow Vulnerability in ufsrestore in Solaris 8 and Earlier Remote Code Execution Vulnerability in innd 2.2.2 via Buffer Overflow Buffer Overflow Vulnerability in AnalogX SimpleServer 1.05 Allows Remote Denial of Service Denial of Service Vulnerability in Real Networks RealServer 7.x Desktop Separation Vulnerability in Windows 2000 Escape Character Denial of Service Vulnerability in xterm, Eterm, and rxvt Buffer Overflow Vulnerability in Norton Antivirus for Exchange (NavExchange) via Long File Names in .zip Files Fail-Open Vulnerability in Norton Antivirus for Exchange (NavExchange) Allows Virus Bypass Dragon FTP Server Denial of Service Vulnerability Dragon Telnet Server Denial of Service Vulnerability Remote Denial of Service Vulnerability in KDE Kmail via Long File Name Attachment Denial of Service Vulnerability in Check Point Firewall-1 Remote Code Execution Vulnerability in Zope 2.2 and Earlier Memory Corruption Vulnerability in Small HTTP Server ver 3.06 Leads to Denial of Service DTS Password Vulnerability in Microsoft SQL Server Cisco TACACS+ tac_plus Server Buffer Overflow Vulnerability Protected Store Key Length Vulnerability in Windows 2000 Remote Code Execution Vulnerability in ITHouse Mail Server 1.04 via Long RCPT TO Mail Command Denial of Service Vulnerability in BSD Socket Pair Function Remote Code Execution Vulnerability in NetWin DSMTP 2.7q Buffer Overflow in XDMCP Parsing Code of GNOME GDM, KDE KDM, and WDM: Remote Command Execution and Denial of Service Vulnerability Weak Encryption in PassWD 1.2 Allows Easy Password Decryption Buffer Overflow Vulnerability in Simple Network Time Sync (SMTS) Daemon World Writable .server_pids File Vulnerability in Veritas Volume Manager Malformed Windows Media Encoder Request Denial of Service Vulnerability Information Disclosure Vulnerability in IBM WebSphere Server 3.0.2 Unify eWave ServletExec Source Code Disclosure Vulnerability Case-sensitive JSP Extension Disclosure Vulnerability in BEA WebLogic Remote Code Disclosure Vulnerability in BEA WebLogic 5.1.0 Race condition vulnerability in MDaemon 2.8.5.0 POP server allows local users to cause denial of service Arbitrary Modification of Alerts in Mcafee VirusScan 4.03 Cross Frame Security Policy Violation via NavigateComplete2 Event in Internet Explorer 5.01 WebBrowser Control Denial of Service Vulnerability in libICE in XFree86 Directory Listing Vulnerability in Apache 1.3.x HTTP Server for Windows Platforms Linux Kernel Setuid/Setcap Vulnerability Denial of Service Vulnerability in Imate Webmail Server 2.5 Denial of Service Vulnerability in rpc.lockd in Red Hat Linux 6.1 and 6.2 Remote Code Execution Vulnerability in Sambar Server 4.3 via Buffer Overflow in Finger and Whois Scripts Denial of Service Vulnerability in CUPS 1.04 and Earlier CUPS Denial of Service Vulnerability CUPS 1.04 and Earlier Request File Deletion Vulnerability Denial of Service Vulnerability in CUPS 1.04 and Earlier GSSFTP FTP Daemon in Kerberos 5 1.1.x Privilege Escalation and Denial of Service Vulnerability World-Writable snmpd.conf File in HP-UX 11.0 Allows Unauthorized Configuration Modification and Privilege Escalation Cleartext Storage of Root DN and Password in Shiva Access Manager 5.0.0 Certificate Spoofing Vulnerability in Netscape 4.73 and Earlier SSL Certificate Validation Vulnerabilities in Internet Explorer 4.x and 5.x SSL Certificate Re-validation Vulnerability in Internet Explorer 4.x and 5.x Buffer Overflow Vulnerability in Restore Program Allowing Arbitrary Command Execution Savant Web Server Source Code Disclosure Vulnerability Denial of Service Vulnerability in RSA ACE/Server Arbitrary Command Execution via Buffer Overflow in EServ Logging Feature Denial of Service Vulnerability in Microsoft Outlook and Outlook Express Privilege Escalation via OpenSSH UseLogin Option Arbitrary File Read Vulnerability in MailStudio 2000 2.0 and Earlier Arbitrary Command Execution Vulnerability in userreg.cgi CGI Program Improper Access Restriction in Net Tools PKI Server via XUDA Template Files Denial of Service Vulnerability in Net Tools PKI Server Arbitrary File Overwrite Vulnerability in KApplication Class Denial of Service Vulnerability in Linux gpm Program Vulnerability: SSH Listening on Additional Port 722 Local File Overwrite Vulnerability in cvconnect in SGI IRIX WorkShop Local Privilege Escalation in apsfilter Software Weak Key Generation Vulnerability in OpenSSL and OpenSSH for FreeBSD Alpha Systems Inadequate Access Control in xinetd 2.1.8.x with Hostname-based Restrictions Local Privilege Escalation in BRU Backup Software via Alternate Configuration File Denial of Service Vulnerability in ColdFusion Administrator for ColdFusion 4.5.1 and Earlier Sensitive Information Disclosure in Allaire JRun 2.3.x via SessionServlet Arbitrary File Access and Configuration Disclosure in Allaire JRun 2.3.x Panda Antivirus Console Local Command Execution Vulnerability Incomplete Recording of Radius Accounting Information in Tigris Remote Access Server Denial of Service Vulnerability in PGP Certificate Server 2.5.0 and 2.5.1 Denial of Service Vulnerability in Windows NT and Windows 2000 via Malformed DCE/RPC SMBwriteX Requests Buffer Overflow in Mailx Mail Command Allows Local Privilege Escalation Kerberos 4 KDC Program Buffer Overflow Vulnerability Buffer Overflow Vulnerability in Kerberos 4 KDC Program: Remote Denial of Service via localrealm Variable Kerberos 4 KDC Program Buffer Overflow Vulnerability Null Termination Vulnerability in Kerberos 4 KDC Program Double-Free Vulnerability in Kerberos 4 KDC Program: Remote Denial of Service Unauthenticated Remote File Access and Modification in Danware NetOp 6.0 World Readable Temporary File Vulnerability in ICQwebmail Client Bypassing Access Restrictions in IPFilter Firewall 3.4.3 and Earlier Ceilidh Directory Path Disclosure Vulnerability Ceilidh Denial of Service Vulnerability through POST Requests Buffer Overflow Vulnerability in Cmail 2.4.7 Web Interface Cmail 2.4.7 Web Interface Buffer Overflow Vulnerability Buffer Overflow in HP Openview Network Node Manager 6.1: Remote Command Execution via OVALARMSRV Weak XOR Encryption of Administrative Passwords in eTrust Intrusion Detection System Remote Code Execution Vulnerability in WebBBS 1.15 via Buffer Overflow Inadequate Back Orifice Traffic Blocking in BlackIce Defender and BlackIce Pro Arbitrary Host Connection Vulnerability in MacOS Runtime Java (MRJ) and Microsoft Virtual Machine (VM) for MacOS Denial of Service Vulnerability in ICQ Web Front Service Arbitrary File Access Vulnerability in SmartFTP Daemon 0.2 Symlink Attack Vulnerability in Linux Man Package: Local File Overwrite Malformed E-mail Header vulnerability in Microsoft Outlook and Outlook Express allows remote code execution Vulnerability: Sybergen Secure Desktop 2.1 Allows Remote Attackers to Modify Default Routes via False Router Advertisements (ICMP Type 9) Denial of Service Vulnerability in Sybergen Sygate Denial of Service Vulnerability in FirstClass Internet Services Server Denial of Service Vulnerability in LocalWEB HTTP Server 1.2.0 Weak Encryption in Razor Configuration Management Tool Allows Privilege Escalation Remote Code Execution Vulnerability in wu-ftpd 2.6.0 and earlier Format String Vulnerability in FTP Servers Kerberos Ticket Cache Sniffing Vulnerability in SSH 1.2.27 Denial of Service Vulnerability in Oracle Web Listener for AIX Arbitrary File Read Vulnerability in Netscape Professional Services FTP Server 1.3.6 Predictable Temporary File Names in SGI MIPSPro Compilers: Local User File Manipulation Vulnerability Predictable Temporary File Names in IRIX crontab Vulnerability Denial of Service Vulnerability in Windows 2000 Server Denial of Service Vulnerability in Windows 2000 Telnet Server Denial of Service Vulnerability in Check Point FireWall-1 SMTP Security Server Proxy Untrusted Format String Vulnerability in vchkpw Program Canna Input System Buffer Overflow Vulnerability Remote Code Execution in ISC DHCP Client Program dhclient Buffer Overflow in Dalnet IRC Server 4.6.5: Remote Code Execution via SUMMON Command Privpath Bypass Vulnerability in glftpd 1.18 Arbitrary File Read Vulnerability in SawMill 5.0.21 CGI Program Weak Encryption in SawMill 5.0.21 Allows Password Decryption and Configuration Modification Arbitrary File Read Vulnerability in Poll It 2.0 CGI Script URL Filtering Bypass Vulnerability in Novell BorderManager 3.0 and 3.5 Remote Code Execution Vulnerability in WinProxy 2.0 and 2.0.1 POP3 Service Denial of Service Vulnerability in WinProxy 2.0 and 2.0.1 Format String Vulnerability in BitchX IRC Client Local Privilege Escalation: Arbitrary Command Execution via libedit's Incorrect .editrc File Search IE Script Vulnerability: Remote Code Execution via ActiveX OBJECT Tags Office HTML Script Vulnerability Remote Bypass of Access Restrictions in Fortech Proxy+ Administration Service Buffer Overflow Vulnerability in iMesh 1.02 Allows Remote Code Execution Remote Code Execution and Denial of Service Vulnerability in Netscape Enterprise Server LeafChat 1.7 IRC Client Denial of Service Vulnerability Privilege Escalation via Malformed Configuration File in Secure Locate (slocate) Stored Procedure Permissions Bypass in Microsoft SQL Server 7.0 Improper Installation of gkermit in Red Hat Linux Allows Local Users to Modify UUCP-Owned Files Clear-text Storage of Administrator Passwords in Blackboard CourseInfo 4.0 Buffer Overflow Vulnerability in KON Program in Kanji on Console (KON) Package on Linux Buffer Overflow Vulnerability in KON Package on Linux Allows Local Privilege Escalation Denial of Service Vulnerability in NetWin dMailWeb and cwMail 2.6i and Earlier Denial of Service Vulnerability in NetWin dMailWeb and cwMail 2.6g and Earlier Authentication Bypass and Mail Relay Vulnerability in NetWin dMailWeb and cwMail 2.6g and Earlier Default Configuration of NetWin dMailWeb and cwMail Allows Bypass of Authentication and Denial of Service ARP Spoofing Vulnerability in Windows 95 and Windows 98 Cisco Secure PIX Firewall Vulnerability: Remote Attackers Can Force Closure of Legitimate Connections Arbitrary File Overwrite Vulnerability in TNEF Program on Linux Systems Improper Installation of LPRng 3.6.x Allows Local Users to Append Trace and Logging Messages to Files Privilege Escalation Vulnerability in HP TurboIMAGE DBUTIL Buffer Overflow Vulnerability in xconq and cconq Game Programs on Red Hat Linux Buffer Overflow Vulnerability in xconq and cconq Game Programs on Red Hat Linux Denial of Service Vulnerability in Top Layer AppSwitch 2500 Denial of Service Vulnerability in libX11 X Library Cache Bypass Vulnerability in Microsoft Outlook and Outlook Express Remote Code Execution via Buffer Overflow in Webfind CGI Program in O'Reilly WebSite Professional Web Server 2.x Arbitrary Command Execution Vulnerability in O'Reilly WebSite Professional Web Server Remote Code Execution Vulnerability in Winamp 2.64 and Earlier via Long #EXTINF: Extension in M3U Playlist Weak Encryption in NetZero 3.0 and Earlier: Local User Password Decryption Vulnerability Buffer Overflow Vulnerability in Alibaba Web Server Allows Remote DoS Local Privilege Escalation in BlackBoard CourseInfo 4.0 Remote File Modification Vulnerability in Apache::ASP 1.93 and Earlier Arbitrary Command Execution Vulnerability in Sun Java Web Server 2.0 and Earlier IIS 4.0 and 5.0 Source Code Exposure Vulnerability Absent Directory Browser Argument Vulnerability Remote Code Execution Vulnerability in L-Soft Listserv Web Archive Component Local Privilege Escalation Vulnerability in Mandrake Linux Usermode Package Arbitrary File Read Vulnerability in CommuniGate Pro 3.2.5 and Earlier Remote Code Execution Vulnerability in MiniVend Shopping Cart Program Denial of Service Vulnerability in HP JetDirect Printers Excel REGISTER.ID Function Vulnerability Arbitrary File Read Vulnerability in Big Brother 1.4h1 and Earlier Arbitrary Command Execution via Default Configuration in Big Brother 1.4h2 and Earlier Guild FTPd Directory Traversal Vulnerability Remote Code Execution Vulnerability in Savant Web Server WebActive HTTP Server 1.00 Log Disclosure Vulnerability Buffer Overflow Vulnerability in WebActive HTTP Server 1.00 Denial of Service Vulnerability in WFTPD and WFTPD Pro 2.41 Denial of Service Vulnerability in WFTPD and WFTPD Pro 2.41 File Path Disclosure Vulnerability in WFTPD and WFTPD Pro 2.41 Denial of Service Vulnerability in WFTPD and WFTPD Pro 2.41 Denial of Service Vulnerability in WFTPD and WFTPD Pro 2.41 IIS 4.0 Basic Authentication Vulnerability: Remote IP Address Disclosure Insecure Permissions in VirusScan 4.5 and NetShield 4.5 Allow Arbitrary Command Execution Authentication Replay Vulnerability in Novell BorderManager Remote Code Disclosure Vulnerability in IBM WebSphere InvokerServlet Persistent Mail-Browser Link Vulnerability in Microsoft Outlook Express DTS Password Vulnerability in Microsoft Enterprise Manager JPEG Image Comment Field Length Vulnerability Buffer Overflow Vulnerability in AnalogX Proxy Server 4.04 and Earlier via Long USER Command in FTP Protocol Buffer Overflow Vulnerability in AnalogX Proxy Server 4.04 and Earlier via Long HELO Command in SMTP Protocol Buffer Overflow Vulnerability in AnalogX Proxy Server 4.04 and Earlier via Long USER Command in POP3 Protocol Buffer Overflow in AnalogX Proxy Server 4.04 and Earlier: Denial of Service via Long User ID in SOCKS4 CONNECT Request Arbitrary File Read Vulnerability in WDaemon Web Server for WorldClient 2.1 Denial of Service Vulnerability in WircSrv IRC Server 5.07s Arbitrary File Reading Vulnerability in Internet Explorer 5.x and Microsoft Outlook Relative Shell Path Vulnerability Arbitrary File Read Vulnerability in AnalogX SimpleServer:WWW 1.06 and Earlier Denial of Service Vulnerability in GAMSoft TelSrv Telnet Server 1.5 and Earlier Untrusted Format String Vulnerability in rpc.statd GPM Vulnerability in Caldera Linux: Arbitrary File Deletion and Denial of Service Vulnerability: Unauthorized System Reboot via pam_console PAM Module Denial of Service Vulnerability in Novell NetWare 5.0 Remote Code Execution in CVSWeb 1.80 via Shell Metacharacters Null Character Bypass Vulnerability in Roxen Web Server Unrestricted Access to Jakarta Tomcat /admin Context Allows Arbitrary File Reading NetBIOS Name Server Protocol Spoofing Vulnerability FTP.pl CGI Program Directory Traversal Vulnerability Remote Code Execution Vulnerability in Infopulse Gatekeeper 3.5 and Earlier Arbitrary File Reading Vulnerability in Netscape Communicator and Navigator 4.04-4.74 Buffer Overflow in IBM Net.Data db2www CGI Program Insecure Additional Decryption Key (ADK) Storage in PGP 5.5.x through 6.5.3 Arbitrary File Creation Vulnerability in CVS 1.10.8 Client Arbitrary Program Creation Vulnerability in CVS 1.10.8 Server Remote Code Execution Vulnerability in BEA WebLogic Server Proxy Plugin Remote Code Disclosure in BEA WebLogic 5.1.x via FileServlet Remote Code Disclosure in BEA WebLogic 5.1.x via SSIServlet Unrestricted Access to JSPServlet in BEA WebLogic 5.1.x Unrestricted Access to PageCompileServlet in BEA WebLogic 5.1.x Arbitrary File Read Vulnerability in Auction Weaver CGI Script 1.03 and Earlier Arbitrary File Read Vulnerability in Auction Weaver CGI Script 1.03 and Earlier Improper Authentication in Subscribe Me LITE Allows Remote Privilege Escalation Account Manager LITE Privilege Escalation via Insecure Password Change Authentication Remote Command Execution in Auction Weaver CGI Script 1.02 and Earlier Symlink Attack Vulnerability in faxrunq and faxrunqd of mgetty Package Denial of Service Vulnerability in ISS RealSecure 3.2.1 and 3.2.2 Arbitrary Command Execution Vulnerability in Raptor GFX Configuration Tool Privilege Escalation via Symlink Attack in Raptor GFX Configuration Tool Buffer Overflow Vulnerability in pgxconfig Allows Local Privilege Escalation Authentication Bypass Vulnerability in Solaris AnswerBook2 dwhttpd Web Server Remote Command Execution Vulnerability in Solaris AnswerBook2 Administration Interface Symlink Attack Vulnerability in Minicom 1.82.1 and Earlier on Linux Systems Format String Vulnerability in HP-UX 10.20 FTPD Vulnerability: Line Card Failure Bypass and Packet Forwarding Disruption in Cisco Gigabit Switch Routers Untrusted Format String Vulnerability in Mailman 2.0beta3 and 2.0beta4 Symlink Attack Vulnerability in HP-UX 11.00 (S008net.init) Privilege Escalation via Suidperl's Improper Escape Sequence Handling Buffer Overflow in SGI Omron WorldView Wnn Allows Remote Code Execution Arbitrary File Read Vulnerability in ntop Web Mode Remote Code Execution Vulnerability in ntop Web Mode Insecure File Placement in PCCS MySQLDatabase Admin Tool Manager 1.2.4 and Earlier Buffer Overflow Vulnerability in Pragma Systems TelnetServer 2000 v4.0 Denial of Service Vulnerability in Microsoft FrontPage 2000 Server Extensions 1.1 Path Disclosure Vulnerability in Microsoft FrontPage 2000 Server Extensions 1.1 Untrusted Entity Exploits ServerSocket Object in Netscape Communicator Privilege Escalation Vulnerability in LIDS 0.9.7 Buffer Overflow Vulnerability in Adobe Acrobat and Reader Products Handling PDF Files World-Writable Files in umb-scheme 3.2-11 for Red Hat Linux Symlink Attack Vulnerability in DiskCheck Script (diskcheck.pl) in Red Hat Linux 6.2 Session Hijacking Vulnerability in WorldClient Email Client Denial of Service Vulnerability in GoodTech FTP Server via RNTO Commands Race Condition Vulnerability in MandrakeUpdate Allows Unauthorized Modification of RPM Files World-writeable files in VariCAD 7.0 allow local users to replace programs with Trojan horse programs Unauthenticated Author Addition Vulnerability in GWScripts News Publisher World-Writeable FlagShip Programs Vulnerability Arbitrary RPM Package Installation Vulnerability in Helix GNOME Updater Improper Creation of /tmp Directories in Helix GNOME Updater Allows Local Users to Create Empty System Configuration Files Local Privilege Escalation Vulnerability in go-gnome Helix GNOME Pre-installer Improper Access Restriction in Zope's getRoles Method Allows Unauthorized Role Modification Arbitrary File Read Vulnerability in Stalkerlab Mailers 1.1.2 Arbitrary Command Execution via URL in xpdf PDF Viewer Client (CVE-XXXX-XXXX) Symlink Attack Vulnerability in xpdf PDF Viewer Client (Version < 0.91) Denial of Service Vulnerability in FreeBSD ELF Image Header Parsing Privilege Escalation Vulnerability in HP-UX 11.0 newgrp Command Worm HTTP Server Directory Traversal Vulnerability Worm HTTP Server Denial of Service Vulnerability Format String Injection Vulnerability in Telnetd Server in IRIX 5.2 through 6.1 Denial of Service Vulnerability in eEye IRIS 1.01 beta Buffer Overflow in Becky! Internet Mail Client 1.26.03 and Earlier: Denial of Service via Long Content-type MIME Header in Reply Buffer Overflow in Becky! Internet Mail Client 1.26.04 and Earlier: Denial of Service via Long Content-type MIME Header Windows 2000 Service Control Manager Named Pipe Impersonation Vulnerability Denial of Service Vulnerability in WebShield SMTP 4.5 Directory Traversal Vulnerability in NAI Net Tools PKI Server 1.0 before HotFix 3 Buffer Overflow Vulnerability in NAI Net Tools PKI Server 1.0 before HotFix 3 Format String Vulnerability in NAI Net Tools PKI Server 1.0 before HotFix 3 Malformed IPX Ping Packet Vulnerability in Microsoft Windows 95 and 98 Remote Code Execution Vulnerability in UMN Gopherd 2.x via Long Ticket Value in GDESkey Request Insecure Password Verification in PHP-Nuke Admin Panel IIS Cross-Site Scripting Vulnerabilities Improper Signal Handling in OpenLDAP Logrotate Script OpenLDAP Group Write Permissions Vulnerability Buffer Overflow in Linux Binary Compatibility Module in FreeBSD Allows Local Privilege Escalation Remote Code Execution Vulnerability in mopd via Long File Name Remote Code Execution in MOPD (Maintenance Operations Protocol loader daemon) due to User-Injected Format Strings Buffer Overflow Vulnerability in brouted Allows Local Privilege Escalation Winmail.dat Attachment Vulnerability: Exposing Sender's Machine Path in Microsoft Outlook Critical Password Vulnerability in HP OpenView Network Node Manager (NMM) 6.1 Privilege Escalation Vulnerability in HP-UX 11.00 newgrp Command Denial of Service Vulnerability in Microsoft Outlook 2000 vCard Processing Unauthenticated Remote Root Privilege Escalation in Aptis Totalbill's Sysgen Service Lyris List Manager Web Interface Vulnerability: Subscriber Administrative Access Path Disclosure Vulnerability in Jakarta Tomcat 3.1 under Apache Sensitive System Information Disclosure in Jakarta Tomcat 3.1 and 3.0 via Snoop Servlet Denial of Service Vulnerability in OS2/Warp 4.5 FTP Server Default Encryption Key Vulnerability in eTrust Access Control Local Privilege Escalation in xlockmore and xlockf via User-Injected Format Strings Denial of Service Vulnerability in Intel Express 500 Series Switches Microsoft Office 2000 HTML Interpreter Buffer Overflow Vulnerability Buffer Overflow Vulnerability in vqSoft vqServer 1.4.49 via Long HTTP GET Request Scriptlet Rendering Vulnerability Frame Domain Verification Vulnerability in Internet Explorer 4.x and 5.x Arbitrary File Execution Vulnerability in O'Reilly WebSite Pro 2.3.7 File Permission Canonicalization Vulnerability in IIS 4.0 and 5.0 Local Security Policy Corruption Vulnerability in Microsoft Windows 2000 Default Account sa with No Password Vulnerability Arbitrary File Read Vulnerability in Bajie HTTP Web Server 0.30a Path Disclosure Vulnerability in Bajie HTTP Web Server 0.30a Buffer Overflow Vulnerability in RobTex Viking Server Arbitrary Command Execution Vulnerability in Mediahouse Statistics Server 5.02x The Money Password Vulnerability: Plaintext Storage of Passwords in Microsoft Money IIS 5.0 Specialized Header Vulnerability: Remote Source Code Disclosure Remote Code Execution Vulnerability in Checkpoint Firewall-1 with RSH/REXEC Enabled Arbitrary File Read and Delete Vulnerability in IPSWITCH IMail 6.04 and Earlier Insecure File Handling in ARCServeIT Client Agent 6.62 Arbitrary File Read Vulnerability in Netauth.cgi Program Denial of Service Vulnerability in Watchguard Firebox II Authentication Service Hard-coded rsadmin Account with Null Password in Rapidstream 2.1 Beta VPN Appliance SSHD Program Arbitrary File Reading Vulnerability in WircSrv IRC Server 5.07s via importmotd Command File Descriptor Swapping Vulnerability in GNU userv 1.0.0 and Earlier Arbitrary Command Execution via URL Encoding in XChat IRC Client Unprompted Execution of VBA Scripts in Microsoft Word's Mail Merge Tool Weak Encryption in WinU 5.x and Earlier Allows Privilege Escalation Folder.htt File Vulnerability in Internet Explorer 5.5 on Windows 98 World-Writeable Permissions Vulnerability in Trustix Apache-SSL Installation Inadequate Port Access Restrictions in Gnome Lokkit Firewall Package Vulnerability: Auto-Protection Service Failure in Norton AntiVirus 5.00.01C with Novell Netware Client Buffer Overflow in IRIX libgl.so Library Allows Local Privilege Escalation Buffer Overflow Vulnerability in lpstat Allows Local Privilege Escalation Buffer Overflow Vulnerability in dmplay Allows Local Privilege Escalation Buffer Overflow Vulnerability in gr_osview Allows Privilege Escalation Privilege Escalation Vulnerability in IRIX 6.x Truncate Function Symlink Attack Vulnerability in Inpview of InPerson in SGI IRIX 5.3 through IRIX 6.5.10 Remote Code Execution Vulnerability in rpc.kstatd Buffer Overflow Vulnerability in bdf Program in HP-UX 11.00 BAIR Program Vulnerability: Unauthorized Access to Internet Explorer Internet Options Menu Local Privilege Escalation in GNU Groff via Malicious Device Description File One-way Connection Enforcement Bypass in Check Point VPN-1/FireWall-1 4.1 and earlier Retransmission of Encapsulated Packets Vulnerability in Check Point VPN-1/FireWall-1 4.1 and Earlier Inter-module Communications Bypass Vulnerability in Check Point VPN-1/FireWall-1 OPSEC Authentication Vulnerability One-time Password Authentication Vulnerability in Check Point VPN-1/FireWall-1 Buffer Overflow in Getkey in Check Point VPN-1/FireWall-1: Remote Denial of Service Vulnerability Arbitrary File and Directory Deletion Vulnerability in Auction Weaver 1.0 through 1.04 Arbitrary File Read Vulnerability in Auction Weaver 1.0 through 1.04 Arbitrary Command Execution Vulnerability in Sun Java Web Server Administration Module FTP Bounce Vulnerability in Check Point VPN-1/FireWall-1 4.1 and Earlier Arbitrary Command Execution Vulnerability in Linux tmpwatch --fuser Option Netmon Protocol Parsing Vulnerability: Remote Code Execution via Buffer Overflow Arbitrary File Logging and Command Execution Vulnerability in Oracle Listener Program Arbitrary Command Execution via Duplicate Environmental Variables in glibc 2.1.1 Denial of Service Vulnerability in Ipswitch Imail 6.0 Arbitrary Command Execution Vulnerability in Mobius DocumentDirect for the Internet 1.2 Buffer Overflow in Mobius DocumentDirect for the Internet 1.2 Web Authorization Form Arbitrary Command Execution Vulnerability in Mobius DocumentDirect for the Internet 1.2 Denial of Service Vulnerability in tmpwatch Utility in Red Hat Linux Denial of Service Vulnerability in annclist.exe in webTV for Windows Buffer Overflow Vulnerability in Fastream FTP++ 2.0: Remote Denial of Service and Command Execution Arbitrary File Read Vulnerability in Htgrep CGI Program Buffer Overflow Vulnerability in WinSMTP 1.06f and 2.X Windows 2000 Telnet Client NTLM Authentication Vulnerability Arbitrary Directory Read Vulnerability in Sambar Server 4.4 Beta 3 Remote Code Execution Vulnerability in CamShot WebCam Trial2.6 FTP Serv-U 2.5e Denial of Service Vulnerability Denial of Service Vulnerability in Fastream FUR HTTP Server 1.0b Denial of Service Vulnerability in WinCOM LPD 1.00.90 Buffer Overflow in XMail POP3 Server Allows Remote Code Execution via Long USER Command Buffer Overflow in XMail POP3 Server Allows Remote Code Execution via Long APOP Command Arbitrary File Read Vulnerability in UnixWare 7 scohelphttp Webserver Remote Code Execution via Buffer Overflow in pam_smb and pam_ntdom PAM Modules Unsanitized Format Strings in Unix Locale Subsystem Functions Arbitrary File Read Vulnerability in kdebugd in Digital Unix 4.0F Remote Code Execution Vulnerability in Darxite 0.4 and Earlier Remote Code Execution Vulnerability in University of Washington c-client Library Remote Code Execution Vulnerability in IBM WebSphere Web Application Server (WAS) via Long Host Request Header Unicast Service Race Condition Vulnerability in Microsoft Windows Media Server Authentication Bypass Vulnerability in Netegrity SiteMinder Still Image Service Privilege Escalation Vulnerability in Windows 2000 Root Privilege Escalation via Buffer Overflows in Eject on FreeBSD and Other OSes Arbitrary File Read Vulnerability in YaBB Bulletin Board 9.1.2000 Arbitrary Command Execution Vulnerability in Microsoft Office 2000 Denial of Service Vulnerability in SunFTP Build 9(1) Buffer Overflow Vulnerability in SunFTP Build 9(1) Format string vulnerability in muh 2.05d IRC server allows remote code execution or denial of service Invalid URL Denial of Service Vulnerability in Microsoft Windows NT 4.0 Denial of Service Vulnerability in NTMail V5 and V6 Web Configuration Server Arbitrary File Read Vulnerability in PHP File Upload Capability Arbitrary Command Execution Vulnerability in Mailman 1.1 Remote Code Execution Vulnerability in Allaire Spectra 1.0.1 Administrative Interface Buffer Overflow Vulnerability in Listmanager < 2.105.1: Local Privilege Escalation Race condition vulnerability in GNOME esound 0.2.19 and earlier allows local privilege escalation via symlink attack in Unix domain socket creation. Buffer Overflow Vulnerability in Tridia Double Vision 3.07.00: Local Privilege Escalation via Long Terminal Type Argument Denial of Service Vulnerability in Interbase 6 SuperServer for Linux via 0-byte Query Local Privilege Escalation via Malformed Kernel Messages Apache 1.3.12 Default Configuration Source Code Disclosure Vulnerability Apache 1.3.12 Default Configuration WebDAV Directory Listing Vulnerability Buffer Overflow Vulnerability in EFTP Allows Remote Denial of Service EFTP Buffer Overflow Vulnerability Allows Remote Denial of Service Arbitrary File Read Vulnerability in PhotoAlbum 0.9.9 Improper Access Restriction in netstat -Zi Option in AIX 4.x.x Absolute Path Disclosure Vulnerability in Eudora Mail Client's Virtual Card (VCF) Denial of Service Vulnerability in WFTPD and WFTPD Pro 2.41 RC12 Path Disclosure Vulnerability in WFTPD and WFTPD Pro 2.41 RC12 Arbitrary File Read Vulnerability in MailForm 2.0 Arbitrary Command Execution Vulnerability in mailto CGI Script Arbitrary Local Users Can Start and Stop LPD Services through LPPlus Programs World-writeable permissions on lpdprocess file in LPPlus allows unauthorized process termination Arbitrary File Printing Vulnerability in LPPlus's dccscan Setuid Program Denial of Service Vulnerability in Intel Express 500 Series Switches via Malformed ICMP Packet Directory Listing Vulnerability in mod_perl for Apache on Mandrake Linux 6.1-7.1 Web Server Folder Traversal Vulnerability in IIS 4.0 and 5.0 Netmon Protocol Parsing Vulnerability Web Server File Request Parsing Vulnerability The zxfr bug vulnerability in BIND 8.2 through 8.2.2-P6 BIND SRV Record Denial of Service Vulnerability Critical Security Vulnerability: Compromised Sun Certificates Enable Malicious Code Injection Symlink Attack Vulnerability in FreeBSD 4.1.1 and Earlier Arbitrary Command Execution via Default ECL in Lotus Notes Telnet Client Vulnerability: Sensitive Information Exposure via Environment Variables and Telnet URLs SGI IRIX Distributed GL Daemon (dgld) Service Remote Identification Vulnerability Unrestricted Administrative Access Vulnerability on WatchGuard SOHO Firewall Buffer Overflow Vulnerability in WatchGuard SOHO Firewall HTTP Server WatchGuard SOHO Firewall Denial of Service Vulnerability Denial of Service Vulnerability in Small HTTP Server 2.03 and Earlier Server Side Includes (SSI) Null Value Processing Vulnerability Denial of Service Vulnerability in Small HTTP Server 2.01 Directory Traversal Vulnerability in ssi CGI Program in thttpd 2.19 and Earlier Format String Vulnerability in Screen 3.9.5 and Earlier: Local Privilege Escalation via vbell_msg Initialization Variable Arbitrary File Read Vulnerability in getalbum.php in PhotoAlbum before 0.9.9 Voyager Web Server 2.01B Directory Traversal Vulnerability Sensitive Web Client Information Disclosure in Voyager Web Server 2.01B for QNX 405 QNX Embedded Resource Manager in Voyager Web Server 2.01B Information Disclosure Vulnerability Moreover.com cached_feed.cgi Directory Traversal Vulnerability Remote Code Execution and Denial of Service Vulnerability in EServ 2.92 Build 2982 Denial of Service and Arbitrary Command Execution Vulnerability in BrowseGate 2.80 Buffer Overflow in Pine Mail Checking Component Allows Remote Code Execution Arbitrary Command Execution Vulnerability in Horde Library 1.02 Arbitrary File Read and Deletion Vulnerability in IMP 2.2 and Earlier Arbitrary File Read and Command Execution Vulnerability in MultiHTML CGI Script Arbitrary File Read Vulnerability in mod_rewrite in Apache 1.3.12 and Earlier ARP Request Flooding Vulnerability in OpenBSD 2.6 and Earlier Arbitrary File Read Vulnerability in fingerd in FreeBSD 4.1.1 Insufficient Random Number Generator in FreeBSD and BSD-based OSes Allows TCP Connection Spoofing Arbitrary Command Execution via Format String Vulnerability in LPRng 3.6.24 Arbitrary Command Execution Vulnerability in KDE 1.1.2's kvt via Format String PHPix Photo Album 1.0.2 Directory Traversal Vulnerability BOA Web Server Directory Traversal Vulnerability Hassan Consulting shop.cgi Shopping Cart Program Directory Traversal Vulnerability Directory Traversal Vulnerability in Bytes Interactive Web Shopper Shopping Cart Program (shopper.cgi) 2.0 and Earlier Arbitrary Command Execution in authenticate.cgi CGI Program Armada Master Index search.cgi Directory Traversal Vulnerability World Readable Permissions in SmartWin CyberOffice Shopping Cart 2 (aka CyberShop) _private Directory Remote Price Modification Vulnerability in SmartWin CyberOffice Shopping Cart 2 Bypassing Quota Restrictions by Exploiting Alternative Data Streams in WQuinn QuotaAdvisor 4.1 Directory and File Listing Vulnerability in WQuinn QuotaAdvisor 4.1 OCX Attachment Vulnerability in Microsoft Windows Media Player 7 Arbitrary File Read Vulnerability in Pegasus Mail 3.12 Buffer Overflow Vulnerability in Pegasus Mail 3.11 Denial of Service Vulnerability in MAILsweeper for SMTP 3.x Simplified Chinese IME State Recognition Vulnerability Symlink Attack Vulnerability in Glint on Red Hat Linux 5.2 Symlink Attack Vulnerability in Samba Web Administration Tool (SWAT) World Readable Permissions in Samba SWAT CGI Logging File Brute Force Password Guessing Vulnerability in Samba Web Administration Tool (SWAT) Samba SWAT User Enumeration Vulnerability Denial of Service Vulnerability in Samba Web Administration Tool (SWAT) Metertek pagelog.cgi Directory Traversal Vulnerability Remote Code Execution in Kootenay Web KW Whois 1.0 CGI Program Indexing Services Cross Site Scripting Vulnerability Buffer Overflow Vulnerability in bftp daemon (bftpd) 1.0.11 via Long USER Command Vulnerability: Password Bypass in CGI Script Center News Update 1.1 Unauthenticated Remote Command Execution in Catalyst 3500 XL Switches Vulnerability: Unauthorized Access and Privilege Escalation in Compaq Easy Access Keyboard Software 1.3 Format String Vulnerability in cfd Daemon in GNU CFEngine Arbitrary File Modification Vulnerability in GnoRPM before 0.95 Heap Overflow Vulnerability in LBNL Traceroute 1.4a5 and Earlier via -g Option Format String Vulnerability in x-gw in TIS Firewall Toolkit (FWTK) Directory Listing Vulnerability in IIS 5.0 with Index Server and WebDAV Arbitrary Command Execution Vulnerability in Global 3.55 and Earlier on NetBSD Denial of Service Vulnerability in Shambala Server 4.5 Plaintext Password Storage Vulnerability in Shambala Server 4.5 Weak Encryption of Usernames and Passwords in Cisco Virtual Central Office 4000 (VCO/4K) SNMP MIB Local User Authorization Bypass in Cyrus-SASL before 1.5.24 in Red Hat Linux 7.0 SQL Injection Vulnerability in pam_mysql Plugin for MySQL Authentication DOM Access Vulnerability in HotJava Browser 3.0 via javascript: URL Symlink Attack Vulnerability in glibc2's LD_DEBUG_OUTPUT and LD_DEBUG Environmental Variables User Enumeration Vulnerability in Netscape Messaging Server 4.15p1 Buffer Overflow Vulnerability in Netscape Messaging Server 4.15 Patch 2 IMAP Server Denial of Service Vulnerability in OpenBSD 2.7 IPSEC Implementation Buffer Overflow Vulnerability in ncurses Library Allows Arbitrary Command Execution Buffer Overflow Vulnerability in HiNet LP5100 IP-Phone Web Administration Service Denial of Service Vulnerability in NSAPI Plugins for TGA and Java Servlet Proxy in HP-UX VVOS 10.24 and 11.04 Buffer Overflow Vulnerability in HP-UX LP-SPOOL Allows Privilege Escalation Remote Code Execution via User-Injected Format Strings in PHP 3 and 4 Buffer Overflow Vulnerability in Half Life Dedicated Server Allows Remote Command Execution Format String Injection in Half Life Dedicated Server Build 3104 and Earlier Session ID Cookie Marking Vulnerability Remote Code Execution and Denial of Service Vulnerability in Avirt Mail 4.0 and 4.2 Local File Disclosure Vulnerability in HP-UX 11.00 crontab Remote Code Execution Vulnerability in Older Versions of Curl Signature Verification Bypass in GnuPG (gpg) 1.0.3 Anaconda Foundation Directory apexec.pl Directory Traversal Vulnerability Buffer Overflow Vulnerability in Xlib in XFree 3.3.x Arbitrary File Read Vulnerability in MailFile 1.10 Arbitrary Command Execution Vulnerability in BBD Server Share Level Password Vulnerability in Windows 95, 98, and Me NMPI Listener in Microsoft NWLink Allows Remote Broadcast Storm Weak Authentication Method in MySQL Database Engine: Password Leakage Vulnerability Cached Web Credentials Vulnerability NetMeeting Desktop Sharing Denial of Service Vulnerability Denial of Service Vulnerability in Cisco IOS HTTP Server All-Mail 1.1 Buffer Overflow Vulnerability Buffer Overflow in Oracle 8.1.5 Applications via Long ORACLE_HOME Environmental Variable Buffer Overflow Vulnerability in oidldapd in Oracle 8.1.6 Backdoor Password Vulnerability in WinU 1.0 - 5.1 Buffer Overflow in Intel InBusiness eMail Station 1.04.87 POP Service Denial of Service Vulnerability in cmd5checkpw 0.21 and Earlier HyperTerminal Buffer Overflow Vulnerability Directory Traversal Vulnerability in scp Allows Remote File Overwrite Root Privilege Escalation via Format String Vulnerability in pw_error Function Root Privilege Escalation via Format String Vulnerability in OpenBSD fstat Program Root Privilege Escalation via Format String Vulnerability in OpenBSD yp_passwd Program OpenBSD su Program Format String Vulnerability EEPROM Program Format String Vulnerability Format String Vulnerability in top Program Allows Local Privilege Escalation Critical Format String Vulnerability in OpenBSD SSH: Root Privilege Escalation Exploit Format String Vulnerability in AOL Instant Messenger (AIM) 4.1.2010 Remote Code Execution in Element InstantShop via Price Modification Information Leakage in Stalker CommuniGate Pro 3.3.2 POP3 Daemon Denial of Service Vulnerability in NETBIOS Client on Windows 95 and Windows 98 OpenBSD photurisd Configuration File Directory Format String Vulnerability eXtropia WebStore CGI Directory Traversal Vulnerability Malformed MIME Header Vulnerability in Microsoft Exchange Server 5.5 URL Length Vulnerability in I-gear 3.5.7 and Earlier Weak Encryption Vulnerability in PalmOS 3.5.2 and Earlier Allows Password Decryption Privilege Escalation via RSH Environmental Variable in Red Hat Linux 6.2 Format String Vulnerability in talkd in BSD-based OSes Buffer Overflow in catopen() Function Allows Local Privilege Escalation Arbitrary File Read Vulnerability in catopen Function Arbitrary File Read Vulnerability in setlocale Function Remote Code Execution via Format String Vulnerability in SCO Help HTTP Server Default Administrative Password Vulnerability in Slashcode Apache Default Configuration Vulnerability Arbitrary File Read Vulnerability in Webteachers Webdata Insecure File Overwriting in Shred 1.0 Utility Denial of Service Vulnerability in Ultraseek 3.1 and 3.1.10 Heap Overflow Vulnerability in Worldclient in Mdaemon 3.1.1 and Earlier Heap Overflow Vulnerability in WebConfig of Mdaemon 3.1.1 and Earlier SMTP Command Execution Vulnerability in Cisco Secure PIX Firewall 5.2(2) and Earlier Unauthenticated Access to Alabanza Control Panel Allows Domain Name Modification Unrestricted Access and Arbitrary Command Execution in eWave ServletExec 3.0C and Earlier Denial of Service Vulnerability in eWave ServletExec JSP/Java Servlet Engine LBNL tcpdump Multiple Buffer Overflow Vulnerabilities Cisco Secure PIX Firewall 5.2(2) FTP Server IP Address Disclosure Vulnerability Buffer Overflow Vulnerability in cu Program in HP-UX 11.0 Remote Code Execution Vulnerability in Host Command via Long AXFR Response Information Disclosure: Differential Error Messages in CS&T CorporateTime for the Web Buffer Overflow Vulnerability in dtterm on HP-UX 11.0 and HP Tru64 UNIX 4.0f through 5.1a Check Point Firewall-1 4.0 and Earlier Username Enumeration Vulnerability Bypassing Anti-Hammering Feature in Serv-U FTP Server through User Password Guessing Remote Code Execution via Buffer Overflow in System Monitor ActiveX Control Buffer Overflow Vulnerability in TYPSoft FTP Server 0.78 and Earlier Extent RBS ISP Web Server Directory Traversal Vulnerability Vulnerability: User Enumeration and Brute Force Attack in Check Point Firewall-1 Session Agent Denial of Service Vulnerability in IBM AS/400 Firewall Web Administration Interface The NAPTHA Denial of Service Vulnerability Debug mode in ypbind 3.3 allows file descriptor leakage and denial of service through format string vulnerability in logging function Critical Buffer Overflow Vulnerability in ypbind 3.3: Potential Root Privilege Escalation Buffer Overflow Vulnerability in ypserv Allows Root Privilege Escalation Root Privilege Escalation via Format String Vulnerability in ypserv Format String Vulnerability in ypbind-mt: Root Privilege Escalation Denial of Service Vulnerability in nss_ldap with nscd Buffer Overflow Vulnerabilities in Lotus Domino ESMTP Service Buffer Overflow in Lotus Domino SMTP Service: Remote DoS and Command Execution Directory Traversal Vulnerability in Wingate 4.1 Beta A and Earlier Denial of Service Vulnerability in Allaire JRun 3.0 HTTP Servlet Server Remote Access to WEB-INF Directory in Allaire JRun 3.0 Servlet Server Arbitrary File Read Vulnerability in Allaire JRun 2.3 Server Remote Code Disclosure Vulnerability in Allaire JRun 2.3 Server Remote Code Execution via Cross-Site Scripting (XSS) in Allaire JRun 2.3.3 Server Buffer Overflow Vulnerability in CiscoSecure ACS Server 2.4(2) and Earlier Buffer Overflow Vulnerability in CiscoSecure ACS Server 2.4(2) and Earlier Bypassing LDAP Authentication in CiscoSecure ACS Server 2.4(2) and Earlier Insecure Permissions in HP OpenView Network Node Manager (NNM) Database Configuration Scripts Buffer Overflow Vulnerability in HP OpenView Network Node Manager (NNM) 6.1 and Earlier Xsession File Default Configuration Bypass Vulnerability Xauthority Bypass Vulnerability in XFCE 3.5.1 Microsoft VM ActiveX Component Vulnerability HP JetDirect Printer Card Firmware Buffer Overflow Vulnerability Buffer Overflow Vulnerability in HP JetDirect Printer Card Firmware x.08.20 and Earlier: Remote Denial of Service Buffer Overflow in HP JetDirect Printer Card Firmware x.08.20 and Earlier: Remote Denial of Service Vulnerability Denial of Service Vulnerability in HP JetDirect Printer Card Firmware x.08.20 and Earlier Denial of Service Vulnerability in getnameinfo Function Arbitrary Command Execution in Poll It 2.0 via poll_options Parameter Authentication Bypass in Poll It 2.01 and Earlier Sensitive Information Disclosure in Poll It 2.01 and Earlier iCal 2.1 Patch 2 GUI Installation Vulnerability: Remote Privilege Escalation via X Server Access Control Bypass World-writeable permissions in iCal 2.1 Patch 2 allow local users to execute arbitrary commands via Trojan horse replacement of iplncal.sh Local Privilege Escalation Vulnerability in csstart Program Privilege Escalation Vulnerability in csstart program of iCal 2.1 Patch 2 Directory Traversal Vulnerability in iPlanet Certificate Management System and Directory Server Plaintext Storage of Administrative Password in Netscape (iPlanet) Certificate Management System and Directory Server Remote Code Execution via Buffer Overflow in iPlanet Web Server 4.x SHTML Logging ICQ Web Front HTTPd Denial of Service Vulnerability CIFS Browser Protocol and NetBIOS Name Cache Modification Vulnerability Denial of Service Vulnerability in Quake 1 and ProQuake 1.01 and Earlier Extended Stored Procedure Parameter Parsing Vulnerability Extended Stored Procedure Parameter Parsing Vulnerability Extended Stored Procedure Parameter Parsing Vulnerability Extended Stored Procedure Parameter Parsing Vulnerability Extended Stored Procedure Parameter Parsing Vulnerability Extended Stored Procedure Parameter Parsing Vulnerability Extended Stored Procedure Parameter Parsing Vulnerability Extended Stored Procedure Parameter Parsing vulnerability Phone Book Service Buffer Overflow Remote Code Disclosure Vulnerability in Microsoft IIS for Far East Editions 4.0 and 5.0 Directory Traversal Vulnerability in EZshopper 3.0 and 2.0 Buffer Overflow Vulnerability in AOL Instant Messenger (AIM) 4.3.2229 and earlier versions Arbitrary Command Execution Vulnerability in AOL Instant Messenger (AIM) Command Injection Vulnerability in modprobe of modutils 2.3.x Package on Linux Systems Insecure Temporary File Handling in crontab by Paul Vixie Denial of Service Vulnerability in SonicWALL SOHO Firewall Web Server Denial of Service Vulnerability in SonicWALL SOHO Firewall Web Server Java Runtime Environment (JRE) Vulnerability: Unauthorized Class Invocation in JDK 1.2.2_05 and Earlier Sensitive Information Disclosure in PostACI Webmail System Winsock FTPd (WFTPD) 3.00 and 2.41 Directory Traversal Vulnerability Remote Denial of Service Vulnerability in PTlink IRCD 3.5.3 and PTlink Services 1.8.1 Privilege Escalation via rcvtty in BSD 3.0 and 4.0 Unquoted Script Execution in IIS Cross-Site Scripting Vulnerability Remote File Existence Disclosure Vulnerability in ixsso.query ActiveX Object Insecure Permissions in Trend Micro InterScan VirusWall Allows Privilege Escalation Denial of Service Vulnerability in SuSE Linux 6.x and 7.0 in.identd Ident Server Symbolic Link Vulnerability in Midnight Commander (mc) 4.5.42 and Earlier Privilege Escalation via Malformed Directory Names in Midnight Commander (mc) 4.5.51 and Earlier Path Disclosure Vulnerability in IBM Net.Data db2www Package Denial of Service Vulnerability in Windows 2000 Professional Telnet Service .WMS Script Execution Vulnerability .ASX Buffer Overrun vulnerability in Microsoft Windows Media Player Unify ServletExec AS v3.0C Source Code Disclosure Vulnerability Buffer Overflow in 602Pro LAN SUITE Web Administration Component (webprox.dll) Allows Remote Code Execution Buffer Overflow in TransSoft Broker FTP Server: Remote Code Execution and Denial of Service Vulnerability Java Virtual Machine (JVM) Extended Control List (ECL) File Existence Disclosure Vulnerability Bypassing Access Restrictions in 24Link 1.06 Web Server Buffer Overflow Vulnerability in setsenv Command in IBM AIX 4.3.x and Earlier Arbitrary Command Execution Vulnerability in IBM AIX Digest Command Buffer Overflow Vulnerability in IBM AIX enq Command Buffer Overflow Vulnerability in setclock Command in IBM AIX 4.3.x and Earlier Buffer Overflow Vulnerability in pioout Command in IBM AIX 4.3.x and Earlier Buffer Overflow Vulnerability in piobe Command in IBM AIX 4.3.x Privilege Escalation via RSH Environmental Variable in Red Hat Linux 6.2 Remote Code Execution and Denial of Service Vulnerability in auto_parms and set_parms in HP-UX 11.00 and Earlier Local Privilege Escalation Vulnerability in HP Resource Monitor Service Unquoted ImagePath Vulnerability in McAfee VirusScan 4.5 Denial of Service Vulnerability in McAfee WebShield SMTP 4.5 Bypassing Email Content Filtering Rules via Extended ASCII Characters in Attachment Names Remote Code Execution in Bill Kendrick GBook via _MAILTO Form Variable Arbitrary File Read and Program Deletion Vulnerability in DCForum cgforum.cgi CGI Script Bypassing Authentication in Authentix Authentix100 via URL Manipulation Symlink Attack Vulnerability in Multiple Unix Shell Programs Local Privilege Escalation Vulnerability in fshd (fsh daemon) in Debian GNU/Linux Local Privilege Escalation via Symlink Attack in elvis-tiny Local Privilege Escalation: Symlink Attack in GNU ed before 0.2-18.1 Lack of S/MIME Email Message Modification Warning in Lotus Notes R5 Client Exchange User Account Privilege Escalation Vulnerability Inadequate Process Hiding in Recourse ManTrap 1.6 Reveals Honeypot System Kernel Modification Vulnerability: Concealing .. in /proc Listing Honeypot System Vulnerability: Attacker Identification via Recourse ManTrap 1.6 Recourse ManTrap 1.6 Vulnerability: Process Hiding Exposes Honeypot System Chroot Inode Number Disclosure Vulnerability Root Access Vulnerability in Recourse ManTrap 1.6 Allows Unauthorized Process Identification and Data Modification Denial of Service Vulnerability in Recourse ManTrap 1.6 via /proc/self Directory Navigation IIS ISAPI .ASP Parsing Mechanism Buffer Overflow Vulnerability Insecure Permissions and Plaintext Password Storage in VolanoChatPro Chat Server Terminal Server Login Buffer Overflow Vulnerability Denial of Service Vulnerability in Felix IRC Client in BeOS R5 Pro and Earlier Denial of Service Vulnerability in Baxter IRC Client Denial of Service Vulnerability in BeOS Browser IRC Client Denial of Service Vulnerability in PostMaster 1.0 Denial of Service Vulnerability in RHConsole of RobinHood 1.1 Web Server Denial of Service Vulnerability in RobinHood 1.1 Web Server Local Privilege Escalation Vulnerability in StarOffice 5.2 Buffer Overflow in NAI Sniffer Agent: Remote Command Execution via SNMP Community Name Base64 Authentication Vulnerability in NAI Sniffer Agent Remote Privilege Escalation in NAI Sniffer Agent through UDP Authentication Packet Sniffing and Command Spoofing Denial of Service Vulnerability in NAI Sniffer Agent Remote Code Execution and Database Manipulation Vulnerability in AdCycle Banner Management System Symlink Attack Vulnerability in Ghostscript Local Privilege Escalation via Trojan Horse Library in Ghostscript WinVNC3 Registry Key Vulnerability: Unauthorized Access to Sensitive Information and System Compromise Denial of Service Vulnerability in Balabit syslog-ng Arbitrary PHP Code Injection in Twig Webmail System Remote Code Execution Vulnerability in FreeBSD PPP Utility Denial of Service and Remote Command Execution Vulnerability in IBM HTTP Server 1.3.6 OpenSSH SSH Client X11 and Agent Forwarding Vulnerability Buffer Overflow in Netsnap Webcam HTTP Server Allows Remote Code Execution CGIForum 1.0 Directory Traversal Vulnerability Buffer Overflow Vulnerability in Gaim 0.10.3 and Earlier via OSCAR Protocol Weak Encryption and Lack of Encryption in Microsys CyberPatrol Expose Credit Card Numbers and Sensitive Data to Network Sniffing Buffer Overflow Vulnerability in AFS ACL Parser for Ethereal 0.8.13 and Earlier Buffer Overflow Vulnerability in Koules 1.4 Allows Arbitrary Command Execution YaBB search.pl CGI Script Directory Traversal Vulnerability Information Disclosure in Big Brother (BB) Shell Scripts Vulnerability: Local Users Can Overwrite Files in Joe Text Editor's DEADJOE Rescue Copy Unauthenticated Remote Access to System Logs in Netopia ISDN Router 650-ST Buffer Overflow in Oracle 8.1.5 Connection Manager Control (cmctl) Program Allows Local Privilege Escalation Memory Disclosure Vulnerability in Real Networks RealServer 7 and Earlier Denial of Service Vulnerability in WatchGuard Firebox II Buffer Overflow Vulnerability in Linux Socks5 Server Allows Remote Command Execution Denial of Service Vulnerability in telnetd on FreeBSD 4.2 and Earlier Denial of Service Vulnerability in RideWay PN Telnet Proxy Server Buffer Overflow in phf CGI Program Allows Remote Code Execution HTML Parser Buffer Overflow Vulnerability in Netscape 4.75 and Earlier Quikstore Shopping Cart Program Directory Traversal Vulnerability Privilege Escalation via Buffer Overflow in pam_localuser PAM Module Local Privilege Escalation Vulnerability in imwheel-solo Path Disclosure Vulnerability in htsearch Program in htDig Buffer Overflow Vulnerability in BTT Software SNMP Trap Watcher 1.16 Denial of Service Vulnerability in Performance Metrics Collector Daemon (PMCD) Remote Code Execution and Denial of Service Vulnerability in Argosoft FRP Server 1.0 Bypassing Authentication in Linux Netkit Telnet Daemon Arbitrary File Reading Vulnerability in Netscape PublishingXpert 2.5 before SP2 Predictable Lock File Names in imap-uw IMAP Package on FreeBSD and Other Operating Systems Predictable Lock File Names in qpopper POP Server: A Denial of Service Vulnerability Vulnerability: Plaintext Storage of Usernames and Passwords in PostgreSQL Windows NT Domain SID Enumeration Vulnerability Denial of Service Vulnerability in Check Point FireWall-1 (Port 264) Arbitrary Code Execution via Trojan Horse Ikeyman Class in IBM IBMHSSSB 1.0 Denial of Service Vulnerability in Lotus Domino SMTP Server Remote Code Disclosure Vulnerability in mod_vhost_alias for Apache 1.3.9, 1.3.11, and 1.3.12 Cross-Site Scripting Vulnerabilities in Apache 1.3.0 through 1.3.11 Arbitrary File Retrieval Vulnerability in Apache httpd Userhelper in Usermode Package on Red Hat Linux Allows Format String Exploitation via LANG or LC_ALL Environment Variables (CVE-2000-0844) Format String Vulnerability in startprinting() Function of BSD-based lpr lpd Package Default Null Password Vulnerability in Microsoft SQL Server 2000, SQL Server 7.0, and MSDE 1.0 Apache Tomcat Directory Traversal Vulnerability in source.jsp Improper Security Registration for Legacy Object Constructors in Zope 2.2.0 - 2.2.4 Data Modification Vulnerability in Zope 2.2.0 through 2.2.4 Privilege Escalation Vulnerability in Ping Utility Buffer Overflow Vulnerabilities in ping Command Information Disclosure in Lotus Domino Server 5.0.8 via HTTP Headers Buffer Overflow Vulnerability in Portmir for AIX 4.3.0: Local Privilege Escalation via echo_error Routine Domain Account Lockout Vulnerability DNS Cache Poisoning Vulnerability in Microsoft Windows 98, NT 4.0, 2000, and XP Incomplete Integer Overflow Handling in gcc and g++ 3.3.3 and Earlier Local Privilege Escalation in Line Printer Daemon (lpd) Allows Root Access Remote DNS Manipulation Vulnerability in Line Printer Daemon (lpd) Privilege Escalation via Relative Path Vulnerability in AIX sysback Arbitrary Command Execution in Quikstore Shopping Cart via URL Metacharacters Remote Code Disclosure Vulnerability in Caucho Technology Resin 1.2 and Earlier Sensitive Configuration Information Disclosure in Xitami 2.5b's Default testcgi.exe Program Denial of Service Vulnerability in Snort 1.6 Denial of Service Vulnerability in Windows NT 4.0 and Windows 2000 SMB Protocol Unauthenticated Remote Password Change Vulnerability in Phorum 3.0.7 Phorum 3.0.7 Directory Traversal Vulnerability Remote Access Vulnerability in Phorum 3.0.7 via Backdoor in auth.php3 Arbitrary File Read Vulnerability in Phorum 3.0.7 Remote Code Execution in Phorum 3.0.7 via upgrade.php3 SQL Injection Vulnerability in Phorum 3.0.7: Remote Code Execution via read.php3 and other scripts Arbitrary Email Sending and Spam Proxy Vulnerability in Phorum 3.0.7 Default Configurations in Oracle Internet Application Server (IAS) Allow Unauthorized Access to Database Information SQL Injection Vulnerability in mod_sql in Oracle Internet Application Server (IAS) 3.0.7 and Earlier POP3 Server Vulnerability: Username Enumeration and Brute Force Attack Vector Access Control Bypass in BEA Systems WebLogic Server Bypassing File Permissions in IBM Tivoli Management Framework 3.7.1 Unspecified Path Disclosure Vulnerability in AnyPortal(php) Unspecified Vulnerability in Haakon Nilsen Simple, Integrated Publishing System (SIPS) Before 0.2.4 Default Username and Password Vulnerability in APC PowerChute HTTP Service Dansie Shopping Cart 3.04 and Earlier Versions: Sensitive Information Leakage to Product Developers SMTP Header Missing From Field Vulnerability Unspecified vulnerabilities in NWFTPD.nlm allowing bypass of anonymous access restrictions Denial of Service Vulnerability in NWFTPD.nlm FTP Server Apache JServ 1.1.2 Default Configuration Information Disclosure Vulnerability Improper RSA Key Generation Vulnerability in OpenSSL