| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2001-1238 | Hig | 0.51 | 7.8 | 0.01 | Jul 16, 2001 | Task Manager in Windows 2000 does not allow local users to end processes with uppercase letters named (1) winlogon.exe, (2) csrss.exe, (3) smss.exe and (4) services.exe via the Process tab which could allow local users to install Trojan horses that cannot be stopped with the… | ||
| CVE-2001-1042 | Hig | 0.49 | 7.5 | 0.03 | Jul 2, 2001 | Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file. | ||
| CVE-2001-1043 | Hig | 0.49 | 7.5 | 0.03 | Jul 1, 2001 | ArGoSoft FTP Server 1.2.2.2 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file. | ||
| CVE-2001-1386 | Hig | 0.49 | 7.5 | 0.03 | Jul 1, 2001 | WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends in a ".lnk." extension, which bypasses WFTPD's check for a ".lnk" extension. | ||
| CVE-2001-0334 | Hig | 0.50 | 7.5 | 0.15 | Jun 27, 2001 | FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded. | ||
| CVE-2001-0195 | Hig | 0.51 | 7.8 | 0.00 | Mar 26, 2001 | sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking. | ||
| CVE-2001-0006 | Hig | 0.49 | 7.1 | 0.03 | Feb 12, 2001 | The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has inappropriate Everyone/Full Control permissions, which allows local users to modify the permissions to "No Access" and disable Winsock network connectivity to cause a denial of service, aka the "Winsock Mutex"… | ||
| CVE-2000-0497 | Hig | 0.49 | 7.5 | 0.03 | Jun 8, 2000 | IBM WebSphere server 3.0.2 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case. | ||
| CVE-2000-0498 | Hig | 0.49 | 7.5 | 0.02 | Jun 8, 2000 | Unify eWave ServletExec allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case. | ||
| CVE-2000-0499 | Hig | 0.49 | 7.5 | 0.03 | Jun 8, 2000 | The default configuration of BEA WebLogic 3.1.8 through 4.5.1 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case. | ||
| CVE-2000-0342 | Hig | 0.52 | 7.5 | 0.03 | Apr 28, 2000 | Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment." | ||
| CVE-2000-0258 | Hig | 0.50 | 7.5 | 0.20 | Apr 12, 2000 | IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability. | ||
| CVE-1999-1127 | Hig | 0.50 | 7.5 | 0.18 | Dec 31, 1999 | Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections containing malformed data, aka the "Named Pipes Over RPC" vulnerability. | ||
| CVE-1999-1549 | Hig | 0.51 | 7.8 | 0.01 | Nov 16, 1999 | Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a "secure" hidden form value from a temporary file and craft a LYNXOPTIONS: URL that causes Lynx to modify the user's configuration file and execute commands. | ||
| CVE-1999-0468 | Hig | 0.54 | 8.2 | 0.03 | Apr 9, 1999 | Internet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system using the Microsoft Scriptlet Component. | ||
| CVE-1999-0632 | — | Hig | 0.48 | 7.3 | 0.01 | Jan 1, 1999 | The RPC portmapper service is running. | |
| CVE-1999-1568 | Hig | 0.49 | 7.5 | 0.02 | Jan 1, 1999 | Off-by-one error in NcFTPd FTP server before 2.4.1 allows a remote attacker to cause a denial of service (crash) via a long PORT command. | ||
| CVE-1999-0052 | Hig | 0.49 | 7.5 | 0.02 | Nov 4, 1998 | IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash. | ||
| CVE-1999-1152 | Hig | 0.49 | 7.5 | 0.02 | Jun 3, 1998 | Compaq/Microcom 6000 Access Integrator does not disconnect a client after a certain number of failed login attempts, which allows remote attackers to guess usernames or passwords via a brute force attack. | ||
| CVE-1999-0069 | Hig | 0.58 | 8.4 | 0.01 | Apr 29, 1998 | Solaris ufsrestore buffer overflow. | ||
| CVE-1999-0012 | Hig | 0.47 | 7.0 | 0.18 | Feb 6, 1998 | Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names. | ||
| CVE-1999-0013 | Hig | 0.55 | 8.4 | 0.01 | Jan 22, 1998 | Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user. | ||
| CVE-1999-0239 | Hig | 0.52 | 7.5 | 0.07 | Jan 1, 1998 | Netscape FastTrack Web server lists files when a lowercase "get" command is used instead of an uppercase GET. | ||
| CVE-1999-0029 | Hig | 0.58 | 8.4 | 0.01 | Jul 16, 1997 | root privileges via buffer overflow in ordist command on SGI IRIX systems. | ||
| CVE-1999-0059 | Hig | 0.48 | 7.3 | 0.02 | Jul 14, 1997 | IRIX fam service allows an attacker to obtain a list of all files on the server. | ||
| CVE-1999-0036 | Hig | 0.58 | 8.4 | 0.01 | May 26, 1997 | IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files. | ||
| CVE-1999-0039 | Hig | 0.52 | 7.3 | 0.16 | May 6, 1997 | webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers to execute arbitrary commands via shell metacharacters in the distloc parameter. | ||
| CVE-1999-0038 | Hig | 0.58 | 8.4 | 0.01 | Apr 26, 1997 | Buffer overflow in xlock program allows local users to execute commands as root. | ||
| CVE-1999-0236 | Hig | 0.54 | 7.5 | 0.26 | Jan 1, 1997 | ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs. | ||
| CVE-1999-0022 | Hig | 0.51 | 7.8 | 0.01 | Jul 3, 1996 | Local user gains root privileges via buffer overflow in rdist, via expstr() function. | ||
| CVE-1999-0084 | Hig | 0.55 | 8.4 | 0.00 | May 1, 1990 | Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0. |
- risk 0.51cvss 7.8epss 0.01
Task Manager in Windows 2000 does not allow local users to end processes with uppercase letters named (1) winlogon.exe, (2) csrss.exe, (3) smss.exe and (4) services.exe via the Process tab which could allow local users to install Trojan horses that cannot be stopped with the…
- risk 0.49cvss 7.5epss 0.03
Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file.
- risk 0.49cvss 7.5epss 0.03
ArGoSoft FTP Server 1.2.2.2 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file.
- risk 0.49cvss 7.5epss 0.03
WFTPD 3.00 allows remote attackers to read arbitrary files by uploading a (link) file that ends in a ".lnk." extension, which bypasses WFTPD's check for a ".lnk" extension.
- risk 0.50cvss 7.5epss 0.15
FTP service in IIS 5.0 and earlier allows remote attackers to cause a denial of service via a wildcard sequence that generates a long string when it is expanded.
- risk 0.51cvss 7.8epss 0.00
sash before 3.4-4 in Debian GNU/Linux does not properly clone /etc/shadow, which makes it world-readable and could allow local users to gain privileges via password cracking.
- risk 0.49cvss 7.1epss 0.03
The Winsock2ProtocolCatalogMutex mutex in Windows NT 4.0 has inappropriate Everyone/Full Control permissions, which allows local users to modify the permissions to "No Access" and disable Winsock network connectivity to cause a denial of service, aka the "Winsock Mutex"…
- risk 0.49cvss 7.5epss 0.03
IBM WebSphere server 3.0.2 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case.
- risk 0.49cvss 7.5epss 0.02
Unify eWave ServletExec allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case.
- risk 0.49cvss 7.5epss 0.03
The default configuration of BEA WebLogic 3.1.8 through 4.5.1 allows a remote attacker to view source code of a JSP program by requesting a URL which provides the JSP extension in upper case.
- risk 0.52cvss 7.5epss 0.03
Eudora 4.x allows remote attackers to bypass the user warning for executable attachments such as .exe, .com, and .bat by using a .lnk file that refers to the attachment, aka "Stealth Attachment."
- risk 0.50cvss 7.5epss 0.20
IIS 4.0 and 5.0 allows remote attackers to cause a denial of service by sending many URLs with a large number of escaped characters, aka the "Myriad Escaped Characters" Vulnerability.
- risk 0.50cvss 7.5epss 0.18
Windows NT 4.0 does not properly shut down invalid named pipe RPC connections, which allows remote attackers to cause a denial of service (resource exhaustion) via a series of connections containing malformed data, aka the "Named Pipes Over RPC" vulnerability.
- risk 0.51cvss 7.8epss 0.01
Lynx 2.x does not properly distinguish between internal and external HTML, which may allow a local attacker to read a "secure" hidden form value from a temporary file and craft a LYNXOPTIONS: URL that causes Lynx to modify the user's configuration file and execute commands.
- risk 0.54cvss 8.2epss 0.03
Internet Explorer 5.0 allows a remote server to read arbitrary files on the client's file system using the Microsoft Scriptlet Component.
- risk 0.48cvss 7.3epss 0.01
The RPC portmapper service is running.
- risk 0.49cvss 7.5epss 0.02
Off-by-one error in NcFTPd FTP server before 2.4.1 allows a remote attacker to cause a denial of service (crash) via a long PORT command.
- risk 0.49cvss 7.5epss 0.02
IP fragmentation denial of service in FreeBSD allows a remote attacker to cause a crash.
- risk 0.49cvss 7.5epss 0.02
Compaq/Microcom 6000 Access Integrator does not disconnect a client after a certain number of failed login attempts, which allows remote attackers to guess usernames or passwords via a brute force attack.
- risk 0.58cvss 8.4epss 0.01
Solaris ufsrestore buffer overflow.
- risk 0.47cvss 7.0epss 0.18
Some web servers under Microsoft Windows allow remote attackers to bypass access restrictions for files with long file names.
- risk 0.55cvss 8.4epss 0.01
Stolen credentials from SSH clients via ssh-agent program, allowing other local users to access remote accounts belonging to the ssh-agent user.
- risk 0.52cvss 7.5epss 0.07
Netscape FastTrack Web server lists files when a lowercase "get" command is used instead of an uppercase GET.
- risk 0.58cvss 8.4epss 0.01
root privileges via buffer overflow in ordist command on SGI IRIX systems.
- risk 0.48cvss 7.3epss 0.02
IRIX fam service allows an attacker to obtain a list of all files on the server.
- risk 0.58cvss 8.4epss 0.01
IRIX login program with a nonzero LOCKOUT parameter allows creation or damage to files.
- risk 0.52cvss 7.3epss 0.16
webdist CGI program (webdist.cgi) in SGI IRIX allows remote attackers to execute arbitrary commands via shell metacharacters in the distloc parameter.
- risk 0.58cvss 8.4epss 0.01
Buffer overflow in xlock program allows local users to execute commands as root.
- risk 0.54cvss 7.5epss 0.26
ScriptAlias directory in NCSA and Apache httpd allowed attackers to read CGI programs.
- risk 0.51cvss 7.8epss 0.01
Local user gains root privileges via buffer overflow in rdist, via expstr() function.
- risk 0.55cvss 8.4epss 0.00
Certain NFS servers allow users to use mknod to gain privileges by creating a writable kmem device and setting the UID to 0.