Vulnerabilities (CVE)

Total 165079 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2001-1040 1 Hp 1 Jetadmin 2008-09-05 6.4 MEDIUM N/A
HP LaserJet, and possibly other JetDirect devices, resets the admin password when the device is turned off, which could allow remote attackers to access the device without the password.
CVE-2001-1048 1 Topher1kenobe 1 Awol 2008-09-05 7.5 HIGH N/A
AWOL PHP script allows remote attackers to include arbitrary files from remote web sites via an HTTP request that sets the includedir variable.
CVE-2001-1061 1 Ibm 1 Aix 2008-09-05 10.0 HIGH N/A
Vulnerability in lsmcode in unknown versions of AIX, possibly related to a usage error.
CVE-2001-1081 2 Lucent, Simon Horms 2 Radius, Radius 2008-09-05 7.5 HIGH N/A
Format string vulnerabilities in Livingston/Lucent RADIUS before 2.1.va.1 may allow local or remote attackers to cause a denial of service and possibly execute arbitrary code via format specifiers that are injected into log messages.
CVE-2001-1082 2 Lucent, Simon Horms 2 Radius, Radius 2008-09-05 5.0 MEDIUM N/A
Directory traversal vulnerability in Livingston/Lucent RADIUS before 2.1.va.1 may allow attackers to read arbitrary files via a .. (dot dot) attack.
CVE-2001-1104 1 Sonicwall 1 Soho 2008-09-05 7.5 HIGH N/A
SonicWALL SOHO uses easily predictable TCP sequence numbers, which allows remote attackers to spoof or hijack sessions.
CVE-2001-1110 1 Khamil Landross And Zack Jones 1 Eftp 2008-09-05 5.0 MEDIUM N/A
EFTP 2.0.7.337 allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection.
CVE-2001-1131 1 Whitsoft Development 1 Slimftpd 2008-09-05 5.0 MEDIUM N/A
Directory traversal vulnerability in WhitSoft Development SlimFTPd 2.2 allows an attacker to read arbitrary files and directories via a ... (modified dot dot) in the CD command.
CVE-2001-1133 1 Bsdi 1 Bsd Os 2008-09-05 2.1 LOW N/A
Vulnerability in a system call in BSDI 3.0 and 3.1 allows local users to cause a denial of service (reboot) in the kernel via a particular sequence of instructions.
CVE-2001-1139 1 Ascii Nt 1 Winwrapper Professional 2008-09-05 5.0 MEDIUM N/A
Directory traversal vulnerability in ASCII NT WinWrapper Professional allows remote attackers to read arbitrary files via a .. (dot dot) in the server request.
CVE-2001-1142 1 Argosoft 1 Ftp Server 2008-09-05 5.0 MEDIUM N/A
ArGoSoft FTP Server 1.2.2.2 uses weak encryption for user passwords, which allows an attacker with access to the password file to gain privileges.
CVE-2001-1143 1 Ibm 1 Db2 Universal Database 2008-09-05 5.0 MEDIUM N/A
IBM DB2 7.0 allows a remote attacker to cause a denial of service (crash) via a single byte to (1) db2ccs.exe on port 6790, or (2) db2jds.exe on port 6789.
CVE-2001-1147 1 Andries Brouwer 1 Util-linux 2008-09-05 7.2 HIGH N/A
The PAM implementation in /bin/login of the util-linux package before 2.11 causes a password entry to be rewritten across multiple PAM calls, which could provide the credentials of one user to a different user, when used in certain PAM modules such as pam_limits.
CVE-2001-1149 1 Panda 1 Panda Antivirus Platinum 2008-09-05 5.0 MEDIUM N/A
Panda Antivirus Platinum before 6.23.00 allows a remore attacker to cause a denial of service (crash) when a user selects an action for a malformed UPX packed executable file.
CVE-2001-1150 1 Trend Micro 2 Officescan, Virus Buster 2008-09-05 5.0 MEDIUM N/A
Vulnerability in cgiWebupdate.exe in Trend Micro OfficeScan Corporate Edition (aka Virus Buster) 3.5.2 through 3.5.4 allows remote attackers to read arbitrary files.
CVE-2001-1152 1 Baltimore Technologies 1 Websweeper 2008-09-05 7.5 HIGH N/A
Baltimore Technologies WEBsweeper 4.02, when used to manage URL blacklists, allows remote attackers to bypass blacklist restrictions and connect to unauthorized web servers by modifying the requested URL, including (1) a // (double slash), (2) a /SUBDIR/.. where the desired file is in the parentdir, (3) a /./, or (4) URL-encoded characters.
CVE-2001-1155 1 Freebsd 1 Freebsd 2008-09-05 7.5 HIGH N/A
TCP Wrappers (tcp_wrappers) in FreeBSD 4.1.1 through 4.3 with the PARANOID ACL option enabled does not properly check the result of a reverse DNS lookup, which could allow remote attackers to bypass intended access restrictions via DNS spoofing.
CVE-2001-1156 1 Typsoft 1 Typsoft Ftp Server 2008-09-05 5.0 MEDIUM N/A
TYPSoft FTP 0.95 allows remote attackers to cause a denial of service (CPU consumption) via a "../../*" argument to (1) STOR or (2) RETR.
CVE-2001-1157 1 Baltimore Technologies 1 Websweeper 2008-09-05 7.5 HIGH N/A
Baltimore Technologies WEBsweeper 4.0 and 4.02 does not properly filter Javascript from HTML pages, which could allow remote attackers to bypass the filtering via (1) an extra leading < and one or more characters before the SCRIPT tag, or (2) tags using Unicode.
CVE-2001-1159 1 Squirrelmail 1 Squirrelmail 2008-09-05 7.5 HIGH N/A
load_prefs.php and supporting include files in SquirrelMail 1.0.4 and earlier do not properly initialize certain PHP variables, which allows remote attackers to (1) view sensitive files via the config_php and data_dir options, and (2) execute arbitrary code by using options_order.php to upload a message that could be interpreted as PHP.