CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4566 matches found

securityvulns•added 2001/09/08 12:0 a.m.•53 views

Exchange Public Folders Information Leakage

The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com SUMMARY Microsoft Exchange Server handles anonymous access to its Public Folders insecurely. While administrators may disable the "Find Users" features to...

6.9AI score

Exploits0

CERT•added 2001/09/05 12:0 a.m.•44 views

IBM AIX lsfs utility invokes grep and lslv with relative pathnames

Overview The IBM AIX operating system contains a vulnerability in the lsfs utility that allows a local user to execute arbitrary code as root. Description The IBM AIX lsfs utility displays filesystem information such as mount points, permissions and volume sizes. To list this information, it...

4.6CVSS6.9AI score0.00476EPSS

Exploits1References3

CERT•added 2001/08/14 12:0 a.m.•17 views

Microsoft Internet Information Server 4.0 (IIS) vulnerable to DoS when URL redirecting is enabled

Overview A vulnerability in IIS 4.0 may permit intruders to crash vulnerable IIS servers with URL redirection enabled. Description A vulnerability in Microsoft IIS 4.0 allows an attacker to crash IIS 4.0 servers if they are configured to use URL redirection. URL redirection is not used by default...

6.9AI score

Exploits0References2

securityvulns•added 2001/07/27 12:0 a.m.•33 views

Security Bulletin MS01-041

---------------------------------------------------------------------- Title: Malformed RPC Request Can Cause Service Failure Date: 26 July 2001 Software: Exchange Server 5.5, Exchange Server 2000, SQL Server 7.0, SQL Server 2000, Windows NT 4.0, Windows 2000 Impact: Denial of service Bulletin:...

0.8AI score

Exploits0

securityvulns•added 2001/07/19 12:0 a.m.•25 views

[SNS Advisory No.37] HTTProtect allows attackers to change the protected file using a symlink

----------------------------------------------------------------------- SNS Advisory No.37 HTTProtect allows attackers to change the protected file using a symlink Problem first discovered: Mon, 4 Jun 2001 Published: Wed, 18 Jul 2001...

0.7AI score

Exploits0

FreeBSD Advisory•added 2001/07/10 12:0 a.m.•6 views

FreeBSD-SA-01:42.signal

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:42 Security Advisory FreeBSD, Inc. Topic: signal handling during exec may allow local root compromise Category: core Module: kernel Announced: 2001-07-10 Revised:...

6.2AI score

Exploits0

Tenable Nessus•added 2001/05/29 12:0 a.m.•21 views

iPlanet Certificate Management Traversal Arbitrary File Access

It is possible to read arbitrary files on the remote server by prepending /ca/../../ in front on the file name. C Tenable Network Security, Inc. XXX might be redundant with plugin 10589 include"compat.inc"; ifdescription scriptid10683; scriptversion "1.25"; scriptcveid"CVE-2000-1075";...

5CVSS5.7AI score0.06023EPSS

Exploits2References2

securityvulns•added 2001/05/22 12:0 a.m.•62 views

Security Bulletin MS01-028

---------------------------------------------------------------------- Title: RTF document linked to template can run macros without warning Date: 21 May 2001 Software: Microsoft Word for Windows and Word for the Mac Impact: Run Macros without warning Bulletin: MS01-028 Microsoft encourages...

6.8AI score

Exploits0

securityvulns•added 2001/05/16 12:0 a.m.•129 views

iPlanet - Netscape Enterprise Web Publisher Buffer Overflow

iPlanet – Netscape Enterprise Web Publisher Buffer Overflow Release Date: May 11, 2001 Severity: High Remote SYSTEM level code execution Systems Affected: Netscape Enterprise 4.1 and prior versions. Description: The Web Publisher feature in Netscape Enterprise 4.1 is vulnerable to a buffer...

8AI score

Exploits0

securityvulns•added 2001/05/14 12:0 a.m.•35 views

Hexyn / Securax Advisory #17 - Bison FTP Server Directory Traversal

Hexyn / Securax Advisory 17 - Bison FTP Server Directory Traversal Topic: Bison FTP Server Directory Traversal Announced: 2001-02-17 Affects: Bison FTP Server version 4 Release 1 DISCLAIMER: THE ENTIRE ADVISORY HAS BEEN BASED UPON TRIAL AND ERROR RESULTS. THEREFORE WE CANNOT ENSURE YOU THE...

7.3AI score

Exploits0

securityvulns•added 2001/05/14 12:0 a.m.•38 views

Hexyn / Securax Advisory #17 - Bison FTP Server Directory Traversal

Hexyn / Securax Advisory 16 - Ghetto FTP Server Directory Traversal Topic: Ghetto FTP Server Directory Traversal Announced: 2001-02-17 Affects: Ghetto FTP Server version 1.0 beta 1 DISCLAIMER: THE ENTIRE ADVISORY HAS BEEN BASED UPON TRIAL AND ERROR RESULTS. THEREFORE WE CANNOT ENSURE YOU THE...

Exploits0

Tenable Nessus•added 2001/05/13 12:0 a.m.•45 views

Microsoft IIS 5.0 WebDAV Malformed PROPFIND Request Remote DoS

The remote version of the IIS web server contains a bug in its implementation of the WebDAV protocol that could allow an attacker to temporarily disable this service remotely. To exploit this flaw, an attacker would require the ability to send a malformed PROPFIND request to the remote host,...

5CVSS5.6AI score0.67875EPSS

Exploits0References2

CERT•added 2001/05/04 12:0 a.m.•27 views

Sun Solaris mailx contains buffer overflow via -F option

Overview A buffer overflow in the mailx program on Solaris systems can allow an intruder to execute code with the privileges of the mail group. Description A buffer overflow in the -F option of the mailx program on Solaris systems may allow an intruder to execute code with the privileges of the...

4.6CVSS7AI score0.01282EPSS

Exploits1

CERT•added 2001/05/03 12:0 a.m.•25 views

Microsoft Visual Studio VB-TSQL debugger object vbsdicli.exe contains buffer overflow via NewSPID method

Overview A vulnerability in an object included with Visual Studio 6.0 Enterprise Edition may allow an attacker to execute code with the privileges of an interactively logged in user. Description The VB-TSQL debugger object included in Visual Studio 6.0 Enterprise Edition contains a buffer overflo...

7.5CVSS7.1AI score0.12367EPSS

Exploits0References3

Packet Storm•added 2001/04/25 12:0 a.m.•21 views

Hexyn-sa-16.TXT

7.4AI score

Exploits0

Packet Storm•added 2001/04/25 12:0 a.m.•21 views

Hexyn-sa-17.txt

7.4AI score

Exploits0

securityvulns•added 2001/04/14 12:0 a.m.•27 views

Solaris ipcs vulnerability

Solaris ipcs vulnerability Release Date: April 11, 2001 Systems Affected: Solaris 7 x86 Other versions of Solaris are most likely affected also. Discovered by: Riley Hassell [email protected] Description: We have discovered a buffer overflow in the /usr/bin/i86/ipcs utility provided with Solaris 7...

7.7AI score

Exploits0

FreeBSD Advisory•added 2001/04/06 12:0 a.m.•4 views

FreeBSD-SA-01:31.ntpd

-----BEGIN PGP SIGNED MESSAGE----- ============================================================================= FreeBSD-SA-01:31 Security Advisory FreeBSD, Inc. Topic: ntpd contains potential remote compromise Category: core/ports Module: ntpd Announced: 2001-04-06 Credits: Przemyslaw Frasunek...

6.4AI score

Exploits0

securityvulns•added 2001/01/24 12:0 a.m.•63 views

Security Bulletin MS01-002

--------------------------------------------------------------------- Title: PowerPoint File Parsing Vulnerability Date: January 22, 2001 Software: PowerPoint 2000 Impact: Execution of Arbitrary Code Bulletin: MS01-002 Microsoft encourages customers to review the Security Bulletin at:...

1.3AI score

Exploits0

Tenable Nessus•added 2001/01/08 12:0 a.m.•39 views

iPlanet Directory Server Traversal Arbitrary File Access

There is a bug in the remote iPlanet web server that allows a user to read arbitrary files on the remote host. To exploit this flaw, an attacker needs to prepend '/../../' to the file name to read. C Tenable Network Security, Inc. include"compat.inc"; ifdescription scriptid10589; scriptversion...

5CVSS5.8AI score0.06023EPSS

Exploits2References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by