Количество 343 004
Количество 343 004
CVE-2000-0025
IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the "Virtual Directory Naming" vulnerability.
CVE-2000-0024
IIS does not properly canonicalize URLs, potentially allowing remote attackers to bypass access restrictions in third-party software via escape characters, aka the "Escape Character Parsing" vulnerability.
CVE-2000-0023
Buffer overflow in Lotus Domino HTTP server allows remote attackers to cause a denial of service via a long URL.
CVE-2000-0022
Lotus Domino HTTP server does not properly disable anonymous access for the cgi-bin directory.
CVE-2000-0021
Lotus Domino HTTP server allows remote attackers to determine the real path of the server via a request to a non-existent script in /cgi-bin.
CVE-2000-0020
DNS PRO allows remote attackers to conduct a denial of service via a large number of connections.
CVE-2000-0019
IMail POP3 daemon uses weak encryption, which allows local users to read files.
CVE-2000-0018
wmmon in FreeBSD allows local users to gain privileges via the .wmmonrc configuration file.
CVE-2000-0017
Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter.
CVE-2000-0016
Buffer overflow in Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service or execute commands via a long username.
CVE-2000-0015
CascadeView TFTP server allows local users to gain privileges via a symlink attack.
CVE-2000-0014
Denial of service in Savant web server via a null character in the requested URL.
CVE-2000-0013
IRIX soundplayer program allows local users to gain privileges by including shell metacharacters in a .wav file, which is executed via the midikeys program.
CVE-2000-0012
Buffer overflow in w3-msql CGI program in miniSQL package allows remote attackers to execute commands.
CVE-2000-0011
Buffer overflow in AnalogX SimpleServer:WWW HTTP server allows remote attackers to execute commands via a long GET request.
CVE-2000-0010
WebWho+ whois.cgi program allows remote attackers to execute commands via shell metacharacters in the TLD parameter.
CVE-2000-0009
The bna_pass program in Optivity NETarchitect uses the PATH environmental variable for finding the "rm" program, which allows local users to execute arbitrary commands.
CVE-2000-0008
FTPPro allows local users to read sensitive information, which is stored in plain text.
CVE-2000-0007
Trend Micro PC-Cillin does not restrict access to its internal proxy port, allowing remote attackers to conduct a denial of service.
CVE-2000-0006
strace allows local users to read arbitrary files via memory mapped file names.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2000-0025 IIS 4.0 and Site Server 3.0 allow remote attackers to read source code for ASP files if the file is in a virtual directory whose name includes extensions such as .com, .exe, .sh, .cgi, or .dll, aka the "Virtual Directory Naming" vulnerability. | CVSS2: 5 | 46% Средний | больше 26 лет назад |
| CVE-2000-0024 IIS does not properly canonicalize URLs, potentially allowing remote attackers to bypass access restrictions in third-party software via escape characters, aka the "Escape Character Parsing" vulnerability. | CVSS2: 6.4 | 12% Средний | больше 26 лет назад |
| CVE-2000-0023 Buffer overflow in Lotus Domino HTTP server allows remote attackers to cause a denial of service via a long URL. | CVSS2: 5 | 1% Низкий | больше 26 лет назад |
| CVE-2000-0022 Lotus Domino HTTP server does not properly disable anonymous access for the cgi-bin directory. | CVSS2: 5 | 1% Низкий | больше 26 лет назад |
| CVE-2000-0021 Lotus Domino HTTP server allows remote attackers to determine the real path of the server via a request to a non-existent script in /cgi-bin. | CVSS2: 5 | 1% Низкий | больше 26 лет назад |
| CVE-2000-0020 DNS PRO allows remote attackers to conduct a denial of service via a large number of connections. | CVSS2: 5 | 1% Низкий | больше 26 лет назад |
| CVE-2000-0019 IMail POP3 daemon uses weak encryption, which allows local users to read files. | CVSS2: 2.1 | 0% Низкий | около 27 лет назад |
| CVE-2000-0018 wmmon in FreeBSD allows local users to gain privileges via the .wmmonrc configuration file. | CVSS2: 7.2 | 0% Низкий | больше 26 лет назад |
| CVE-2000-0017 Buffer overflow in Linux linuxconf package allows remote attackers to gain root privileges via a long parameter. | CVSS2: 10 | 3% Низкий | больше 26 лет назад |
| CVE-2000-0016 Buffer overflow in Internet Anywhere POP3 Mail Server allows remote attackers to cause a denial of service or execute commands via a long username. | CVSS2: 5 | 5% Низкий | больше 26 лет назад |
| CVE-2000-0015 CascadeView TFTP server allows local users to gain privileges via a symlink attack. | CVSS2: 4.6 | 0% Низкий | больше 26 лет назад |
| CVE-2000-0014 Denial of service in Savant web server via a null character in the requested URL. | CVSS2: 5 | 4% Низкий | больше 26 лет назад |
| CVE-2000-0013 IRIX soundplayer program allows local users to gain privileges by including shell metacharacters in a .wav file, which is executed via the midikeys program. | CVSS2: 7.2 | 0% Низкий | больше 26 лет назад |
| CVE-2000-0012 Buffer overflow in w3-msql CGI program in miniSQL package allows remote attackers to execute commands. | CVSS2: 10 | 5% Низкий | больше 26 лет назад |
| CVE-2000-0011 Buffer overflow in AnalogX SimpleServer:WWW HTTP server allows remote attackers to execute commands via a long GET request. | CVSS2: 7.5 | 6% Низкий | больше 26 лет назад |
| CVE-2000-0010 WebWho+ whois.cgi program allows remote attackers to execute commands via shell metacharacters in the TLD parameter. | CVSS2: 10 | 5% Низкий | больше 26 лет назад |
| CVE-2000-0009 The bna_pass program in Optivity NETarchitect uses the PATH environmental variable for finding the "rm" program, which allows local users to execute arbitrary commands. | CVSS2: 7.2 | 0% Низкий | больше 26 лет назад |
| CVE-2000-0008 FTPPro allows local users to read sensitive information, which is stored in plain text. | CVSS2: 2.1 | 0% Низкий | больше 26 лет назад |
| CVE-2000-0007 Trend Micro PC-Cillin does not restrict access to its internal proxy port, allowing remote attackers to conduct a denial of service. | CVSS2: 5 | 1% Низкий | больше 26 лет назад |
| CVE-2000-0006 strace allows local users to read arbitrary files via memory mapped file names. | CVSS2: 2.6 | 0% Низкий | больше 26 лет назад |
Уязвимостей на страницу