CVE List - 2001 / May
Showing 101 - 200 of 292 CVEs for May 2001 (Page 2 of 3)
| CVE ID | Date | Title |
|---|---|---|
| CVE-2001-0061 | 2001-05-07 | procfs in FreeBSD and possibly other operating systems does not properly restrict access to per-process mem and ctl files, which allows local users to gain root privileges by forking a... |
| CVE-2001-0062 | 2001-05-07 | procfs in FreeBSD and possibly other operating systems allows local users to cause a denial of service by calling mmap on the process' own mem file, which causes the kernel... |
| CVE-2001-0063 | 2001-05-07 | procfs in FreeBSD and possibly other operating systems allows local users to bypass access control restrictions for a jail environment and gain additional privileges. |
| CVE-2001-0066 | 2001-05-07 | Secure Locate (slocate) allows local users to corrupt memory via a malformed database file that specifies an offset value that accesses memory outside of the intended buffer. |
| CVE-2001-0069 | 2001-05-07 | dialog before 0.9a-20000118-3bis in Debian GNU/Linux allows local users to overwrite arbitrary files via a symlink attack. |
| CVE-2001-0071 | 2001-05-07 | gpg (aka GnuPG) 1.0.4 and other versions does not properly verify detached signatures, which allows attackers to modify the contents of a file without detection. |
| CVE-2001-0072 | 2001-05-07 | gpg (aka GnuPG) 1.0.4 and other versions imports both public and private keys from public key servers without notifying the user about the private keys, which could allow an attacker... |
| CVE-2001-0080 | 2001-05-07 | Cisco Catalyst 6000, 5000, or 4000 switches allow remote attackers to cause a denial of service by connecting to the SSH service with a non-SSH client, which generates a protocol... |
| CVE-2001-0081 | 2001-05-07 | swinit in nCipher does not properly disable the Operator Card Set recovery feature even when explicitly disabled by the user, which could allow attackers to gain access to application keys. |
| CVE-2001-0083 | 2001-05-07 | Windows Media Unicast Service in Windows Media Services 4.0 and 4.1 does not properly shut down some types of connections, producing a memory leak that allows remote attackers to cause... |
| CVE-2001-0085 | 2001-05-07 | Buffer overflow in Kermit communications software in HP-UX 11.0 and earlier allows local users to cause a denial of service and possibly execute arbitrary commands. |
| CVE-2001-0089 | 2001-05-07 | Internet Explorer 5.0 through 5.5 allows remote attackers to read arbitrary files from the client via the INPUT TYPE element in an HTML form, aka the "File Upload via Form"... |
| CVE-2001-0090 | 2001-05-07 | The Print Templates feature in Internet Explorer 5.5 executes arbitrary custom print templates without prompting the user, which could allow an attacker to execute arbitrary ActiveX controls, aka the "Browser... |
| CVE-2001-0091 | 2001-05-07 | The ActiveX control for invoking a scriptlet in Internet Explorer 5.0 through 5.5 renders arbitrary file types instead of HTML, which allows an attacker to read arbitrary files, aka a... |
| CVE-2001-0092 | 2001-05-07 | A function in Internet Explorer 5.0 through 5.5 does not properly verify the domain of a frame within a browser window, which allows a remote attacker to read client files,... |
| CVE-2001-0096 | 2001-05-07 | FrontPage Server Extensions (FPSE) in IIS 4.0 and 5.0 allows remote attackers to cause a denial of service via a malformed form, aka the "Malformed Web Form Submission" vulnerability. |
| CVE-2001-0099 | 2001-05-07 | bsguest.cgi guestbook script allows remote attackers to execute arbitrary commands via shell metacharacters in the email address. |
| CVE-2001-0100 | 2001-05-07 | bslist.cgi mailing list script allows remote attackers to execute arbitrary commands via shell metacharacters in the email address. |
| CVE-2001-0105 | 2001-05-07 | Vulnerability in top in HP-UX 11.04 and earlier allows local users to overwrite files owned by the "sys" group. |
| CVE-2001-0106 | 2001-05-07 | Vulnerability in inetd server in HP-UX 11.04 and earlier allows attackers to cause a denial of service when the "swait" state is used by a server. |
| CVE-2001-0109 | 2001-05-07 | rctab in SuSE 7.0 and earlier allows local users to create or overwrite arbitrary files via a symlink attack on the rctmp temporary file. |
| CVE-2001-0110 | 2001-05-07 | Buffer overflow in jaZip Zip/Jaz drive manager allows local users to gain root privileges via a long DISPLAY environmental variable. |
| CVE-2001-0111 | 2001-05-07 | Format string vulnerability in splitvt before 1.6.5 allows local users to execute arbitrary commands via the -rcfile command line argument. |
| CVE-2001-0115 | 2001-05-07 | Buffer overflow in arp command in Solaris 7 and earlier allows local users to execute arbitrary commands via a long -f parameter. |
| CVE-2001-0116 | 2001-05-07 | gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack. |
| CVE-2001-0117 | 2001-05-07 | sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack. |
| CVE-2001-0118 | 2001-05-07 | rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack. |
| CVE-2001-0119 | 2001-05-07 | getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack. |
| CVE-2001-0120 | 2001-05-07 | useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack. |
| CVE-2001-0123 | 2001-05-07 | Directory traversal vulnerability in eXtropia bbs_forum.cgi 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the file parameter. |
| CVE-2001-0124 | 2001-05-07 | Buffer overflow in exrecover in Solaris 2.6 and earlier possibly allows local users to gain privileges via a long command line argument. |
| CVE-2001-0125 | 2001-05-07 | exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file. |
| CVE-2001-0126 | 2001-05-07 | Oracle XSQL servlet 1.0.3.0 and earlier allows remote attackers to execute arbitrary Java code by redirecting the XSQL server to another source via the xml-stylesheet parameter in the xslt stylesheet. |
| CVE-2001-0128 | 2001-05-07 | Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges. |
| CVE-2001-0129 | 2001-05-07 | Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long connect request. |
| CVE-2001-0130 | 2001-05-07 | Buffer overflow in HTML parser of the Lotus R5 Domino Server before 5.06, and Domino Client before 5.05, allows remote attackers to cause a denial of service and possibly execute... |
| CVE-2001-0137 | 2001-05-07 | Windows Media Player 7 allows remote attackers to execute malicious Java applets in Internet Explorer clients by enclosing the applet in a skin file named skin.wmz, then referencing that skin... |
| CVE-2001-0138 | 2001-05-07 | privatepw program in wu-ftpd before 2.6.1-6 allows local users to overwrite arbitrary files via a symlink attack. |
| CVE-2001-0139 | 2001-05-07 | inn 2.2.3 allows local users to overwrite arbitrary files via a symlink attack in some configurations. |
| CVE-2001-0140 | 2001-05-07 | arpwatch 2.1a4 allows local users to overwrite arbitrary files via a symlink attack in some configurations. |
| CVE-2001-0141 | 2001-05-07 | mgetty 1.1.22 allows local users to overwrite arbitrary files via a symlink attack in some configurations. |
| CVE-2001-0142 | 2001-05-07 | squid 2.3 and earlier allows local users to overwrite arbitrary files via a symlink attack in some configurations. |
| CVE-2001-0143 | 2001-05-07 | vpop3d program in linuxconf 1.23r and earlier allows local users to overwrite arbitrary files via a symlink attack. |
| CVE-2001-0144 | 2001-05-07 | CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow. |
| CVE-2001-0147 | 2001-05-07 | Buffer overflow in Windows 2000 event viewer snap-in allows attackers to execute arbitrary commands via a malformed field that is improperly handled during the detailed view of event records. |
| CVE-2001-0148 | 2001-05-07 | The WMP ActiveX Control in Windows Media Player 7 allows remote attackers to execute commands in Internet Explorer via javascript URLs, a variant of the "Frame Domain Verification" vulnerability. |
| CVE-2001-0149 | 2001-05-07 | Windows Scripting Host in Internet Explorer 5.5 and earlier allows remote attackers to read arbitrary files via the GetObject Javascript function and the htmlfile ActiveX object. |
| CVE-2001-0150 | 2001-05-07 | Internet Explorer 5.5 and earlier executes Telnet sessions using command line arguments that are specified by the web site, which could allow remote attackers to execute arbitrary commands if the... |
| CVE-2001-0151 | 2001-05-07 | IIS 5.0 allows remote attackers to cause a denial of service via a series of malformed WebDAV requests. |
| CVE-2001-0152 | 2001-05-07 | The password protection option for the Compressed Folders feature in Plus! for Windows 98 and Windows Me writes password information to a file, which allows local users to recover the... |
| CVE-2001-0153 | 2001-05-07 | Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual Studio 6.0 Enterprise Edition allows remote attackers to execute arbitrary commands. |
| CVE-2001-0154 | 2001-05-07 | HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly. |
| CVE-2001-0157 | 2001-05-07 | Debugging utility in the backdoor mode of Palm OS 3.5.2 and earlier allows attackers with physical access to a Palm device to bypass access restrictions and obtain passwords, even if... |
| CVE-2001-0165 | 2001-05-07 | Buffer overflow in ximp40 shared library in Solaris 7 and Solaris 8 allows local users to gain privileges via a long "arg0" (process name) argument. |
| CVE-2001-0166 | 2001-05-07 | Macromedia Shockwave Flash plugin version 8 and earlier allows remote attackers to cause a denial of service via malformed tag length specifiers in a SWF file. |
| CVE-2001-0169 | 2001-05-07 | When using the LD_PRELOAD environmental variable in SUID or SGID applications, glibc does not verify that preloaded libraries in /etc/ld.so.cache are also SUID/SGID, which could allow a local user to... |
| CVE-2001-0170 | 2001-05-07 | glibc 2.1.9x and earlier does not properly clear the RESOLV_HOST_CONF, HOSTALIASES, or RES_OPTIONS environmental variables when executing setuid/setgid programs, which could allow local users to read arbitrary files. |
| CVE-2001-0178 | 2001-05-07 | kdesu program in KDE2 (KDE before 2.2.0-6) does not properly verify the owner of a UNIX socket that is used to send a password, which allows local users to steal... |
| CVE-2001-0179 | 2001-05-07 | Allaire JRun 3.0 allows remote attackers to list contents of the WEB-INF directory, and the web.xml file in the WEB-INF directory, via a malformed URL that contains a "." |
| CVE-2001-0183 | 2001-05-07 | ipfw and ip6fw in FreeBSD 4.2 and earlier allows remote attackers to bypass access restrictions by setting the ECE flag in a TCP packet, which makes the packet appear to... |
| CVE-2001-0185 | 2001-05-07 | Netopia R9100 router version 4.6 allows authenticated users to cause a denial of service by using the router's telnet program to connect to the router's IP address, which causes a... |
| CVE-2001-0187 | 2001-05-07 | Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a... |
| CVE-2001-0190 | 2001-05-07 | Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0). |
| CVE-2001-0191 | 2001-05-07 | gnuserv before 3.12, as shipped with XEmacs, does not properly check the specified length of an X Windows MIT-MAGIC-COOKIE cookie, which allows remote attackers to execute arbitrary commands via a... |
| CVE-2001-0193 | 2001-05-07 | Format string vulnerability in man in some Linux distributions allows local users to gain privileges via a malformed -l parameter. |
| CVE-2001-0194 | 2001-05-07 | Buffer overflow in httpGets function in CUPS 1.1.5 allows remote attackers to execute arbitrary commands via a long input line. |
| CVE-2001-0195 | 2001-05-07 | sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking. |
| CVE-2001-0196 | 2001-05-07 | inetd ident server in FreeBSD 4.x and earlier does not properly set group permissions, which allows remote attackers to read the first 16 bytes of files that are accessible by... |
| CVE-2001-0197 | 2001-05-07 | Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands. |
| CVE-2001-0218 | 2001-05-07 | Format string vulnerability in mars_nwe 0.99.pl19 allows remote attackers to execute arbitrary commands. |
| CVE-2001-0219 | 2001-05-07 | Vulnerability in Support Tools Manager (xstm,cstm,stm) in HP-UX 11.11 and earlier allows local users to cause a denial of service. |
| CVE-2001-0221 | 2001-05-07 | Buffer overflow in ja-xklock 2.7.1 and earlier allows local users to gain root privileges. |
| CVE-2001-0222 | 2001-05-07 | webmin 0.84 and earlier allows local users to overwrite and create arbitrary files via a symlink attack. |
| CVE-2001-0230 | 2001-05-07 | Buffer overflow in dc20ctrl before 0.4_1 in FreeBSD, and possibly other operating systems, allows local users to gain privileges. |
| CVE-2001-0233 | 2001-05-07 | Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Description field. |
| CVE-2001-0234 | 2001-05-07 | NewsDaemon before 0.21b allows remote attackers to execute arbitrary SQL queries and gain privileges via a malformed user_username parameter. |
| CVE-2001-0259 | 2001-05-07 | ssh-keygen in ssh 1.2.27 - 1.2.30 with Secure-RPC can allow local attackers to recover a SUN-DES-1 magic phrase generated by another user, which the attacker can use to decrypt that... |
| CVE-2001-0260 | 2001-05-07 | Buffer overflow in Lotus Domino Mail Server 5.0.5 and earlier allows a remote attacker to crash the server or execute arbitrary code via a long "RCPT TO" command. |
| CVE-2001-0266 | 2001-05-07 | Vulnerability in Software Distributor SD-UX in HP-UX 11.0 and earlier allows local users to gain privileges. |
| CVE-2001-0267 | 2001-05-07 | NM debug in HP MPE/iX 6.5 and earlier does not properly handle breakpoints, which allows local users to gain privileges. |
| CVE-2001-0268 | 2001-05-07 | The i386_set_ldt system call in NetBSD 1.5 and earlier, and OpenBSD 2.8 and earlier, when the USER_LDT kernel option is enabled, does not validate a call gate target, which allows... |
| CVE-2001-0274 | 2001-05-07 | kicq IRC client 1.0.0, and possibly later versions, allows remote attackers to execute arbitrary commands via shell metacharacters in a URL. |
| CVE-2001-0278 | 2001-05-07 | Vulnerability in linkeditor in HP MPE/iX 6.5 and earlier allows local users to gain privileges. |
| CVE-2001-0279 | 2001-05-07 | Buffer overflow in sudo earlier than 1.6.3p6 allows local users to gain root privileges. |
| CVE-2001-0284 | 2001-05-07 | Buffer overflow in IPSEC authentication mechanism for OpenBSD 2.8 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed Authentication header... |
| CVE-2001-0287 | 2001-05-07 | VERITAS Cluster Server (VCS) 1.3.0 on Solaris allows local users to cause a denial of service (system panic) via the -L option to the lltstat command. |
| CVE-2001-0288 | 2001-05-07 | Cisco switches and routers running IOS 12.1 and earlier produce predictable TCP Initial Sequence Numbers (ISNs), which allows remote attackers to spoof or hijack TCP connections. |
| CVE-2001-0289 | 2001-05-07 | Joe text editor 2.8 searches the current working directory (CWD) for the .joerc configuration file, which could allow local users to gain privileges of other users by placing a Trojan... |
| CVE-2001-0290 | 2001-05-07 | Vulnerability in Mailman 2.0.1 and earlier allows list administrators to obtain user passwords. |
| CVE-2001-0295 | 2001-05-07 | Directory traversal vulnerability in War FTP 1.67.04 allows remote attackers to list directory contents and possibly read files via a "dir *./../.." command. |
| CVE-2001-0299 | 2001-05-07 | Buffer overflow in Voyager web administration server for Nokia IP440 allows local users to cause a denial of service, and possibly execute arbitrary commands, via a long URL. |
| CVE-2001-0301 | 2001-05-07 | Buffer overflow in Analog before 4.16 allows remote attackers to execute arbitrary commands by using the ALIAS command to construct large strings. |
| CVE-2001-0309 | 2001-05-07 | inetd in Red Hat 6.2 does not properly close sockets for internal services such as chargen, daytime, echo, etc., which allows remote attackers to cause a denial of service via... |
| CVE-2001-0310 | 2001-05-07 | sort in FreeBSD 4.1.1 and earlier, and possibly other operating systems, uses predictable temporary file names and does not properly handle when the temporary file already exists, which causes sort... |
| CVE-2001-0311 | 2001-05-07 | Vulnerability in OmniBackII A.03.50 in HP 11.x and earlier allows attackers to gain unauthorized access to an OmniBack client. |
| CVE-2001-0316 | 2001-05-07 | Linux kernel 2.4 and 2.2 allows local users to read kernel memory and possibly gain privileges via a negative argument to the sysctl call. |
| CVE-2001-0317 | 2001-05-07 | Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local users to gain privileges by using ptrace to track and modify a running setuid process. |
| CVE-2001-0318 | 2001-05-07 | Format string vulnerability in ProFTPD 1.2.0rc2 may allow attackers to execute arbitrary commands by shutting down the FTP server while using a malformed working directory (cwd). |
| CVE-2001-0319 | 2001-05-07 | orderdspc.d2w macro in IBM Net.Commerce 3.x allows remote attackers to execute arbitrary SQL queries by inserting them into the order_rn option of the report capability. |
| CVE-2001-0326 | 2001-05-07 | Oracle Java Virtual Machine (JVM ) for Oracle 8.1.7 and Oracle Application Server 9iAS Release 1.0.2.0.1 allows remote attackers to read arbitrary files via the .jsp and .sqljsp file extensions... |