7706 matches found
CVE-2001-0180
Lars Ellingsen guestserver.cgi allows remote attackers to execute arbitrary commands via shell metacharacters in the "email" parameter...
CVE-2001-0154
HTML e-mail feature in Internet Explorer 5.5 and earlier allows attackers to execute attachments by setting an unusual MIME type for the attachment, which Internet Explorer does not process correctly...
CVE-2001-0005
Buffer overflow in the parsing mechanism of the file loader in Microsoft PowerPoint 2000 allows attackers to execute arbitrary commands...
CVE-2000-1078
ICQ Web Front HTTPd allows remote attackers to cause a denial of service by requesting a URL that contains a "?" character...
vixie-cron Local Root Exploit
Exploit for linux platform in category local exploits ============================= vixie-cron Local Root Exploit ============================= !/bin/sh echo '.-------------------------------------------------------------------------.' echo '| Marchew Hyperreal Industries ................... |'...
I-gear 3.5.x for Microsoft Proxy logging vulnerability + temporary fix.
Hello everyone, this message is generated after several hours with Symantec Tech support and my personal research of the issue. The issue is confirmed to be a problem by Symantec® . Platform: I-gear 3.5.6 and 3.5.7-x for MSP Proxy 2.0 ; Windows NT 4.0 SP6; MSP 2.0 SP1; PowerEdge 2300 dual 450; 51...
CVE-2000-0685
BEA WebLogic 5.1.x does not properly restrict access to the PageCompileServlet, which could allow remote attackers to compile and execute Java JHTML code by directly invoking the servlet on any source file...
CVE-2000-0536
CVE-2000-0536 affects xinetd 2.1.8.x where access control relies on hostnames; if a connecting host has no reverse DNS entry, connections are not properly restricted. This can allow unauthorized access or bypass controls intended by hostname-based filtering. The vulnerability is described in the ...
CVE-2000-0705
ntop running in web mode allows remote attackers to read arbitrary files via a .. dot dot attack...
Loading Rootkit using SystemLoadAndCallImage
Greets, For a while there has been a thread on NTBUGTRAQ about kernel-mode protection from rootkits. This is good - the whole point of our rootkit.com project is to get people thinking about the problem. For example, there is now an ANTI-Rootkit called Integrity Protection Driver from Pedestal...
CVE-2000-0612
Windows 95 and Windows 98 do not properly process spoofed ARP packets, which allows remote attackers to overwrite static entries in the cache table...
CVE-2000-0543
The command port for PGP Certificate Server 2.5.0 and 2.5.1 allows remote attackers to cause a denial of service if their hostname does not have a reverse DNS entry and they connect to port 4000...
CVE-1999-0585
A Windows NT administrator account has the default name of Administrator...
CVE-2000-0335
The resolver in glibc 2.1.3 uses predictable IDs, which allows a local attacker to spoof DNS query results...
CVE-2000-0165
The Delegate application proxy has several buffer overflows which allow a remote attacker to execute commands...
CVE-2000-0229
gpm-root in the gpm package does not properly drop privileges, which allows local users to gain privileges by starting a utility from gpm-root...
CVE-2000-0174
StarOffice StarScheduler web server allows remote attackers to read arbitrary files via a .. dot dot attack...
CVE-1999-0121
Buffer overflow in dtaction command gives root access...
CVE-1999-0736
The showcode.asp sample file in IIS and Site Server allows remote attackers to read arbitrary files...
CVE-1999-0593
The default setting for the Winlogon key entry ShutdownWithoutLogon in Windows NT allows users with physical access to shut down a Windows NT system without logging in...