CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register   Reset Password   Activate Account
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In June 2000

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-2000-0639 Exec Code 2000-06-11 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
The default configuration of Big Brother 1.4h2 and earlier does not include proper access restrictions, which allows remote attackers to execute arbitrary commands by using bbd to upload a file whose extension will cause it to be executed as a CGI script by the web server.
2 CVE-2000-0620 DoS 2000-06-19 2008-09-10
5.0
None Remote Low Not required None None Partial
libX11 X library allows remote attackers to cause a denial of service via a resource mask of 0, which causes libX11 to go into an infinite loop.
3 CVE-2000-0618 Overflow +Priv 2000-06-22 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
Buffer overflow in xconq and cconq game programs on Red Hat Linux allows local users to gain additional privileges via long DISPLAY environmental variable.
4 CVE-2000-0617 Overflow +Priv 2000-06-22 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
Buffer overflow in xconq and cconq game programs on Red Hat Linux allows local users to gain additional privileges via long USER environmental variable.
5 CVE-2000-0616 +Priv 2000-06-26 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
Vulnerability in HP TurboIMAGE DBUTIL allows local users to gain additional privileges via DBUTIL.PUB.SYS.
6 CVE-2000-0612 2000-06-29 2008-09-10
5.0
None Remote Low Not required None Partial None
Windows 95 and Windows 98 do not properly process spoofed ARP packets, which allows remote attackers to overwrite static entries in the cache table.
7 CVE-2000-0611 DoS Bypass 2000-06-23 2008-09-05
5.0
None Remote Low Not required None None Partial
The default configuration of NetWin dMailWeb and cwMail trusts all POP servers, which allows attackers to bypass normal authentication and cause a denial of service.
8 CVE-2000-0610 Bypass 2000-06-23 2008-09-10
5.0
None Remote Low Not required None Partial None
NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to bypass authentication and use the server for mail relay via a username that contains a carriage return.
9 CVE-2000-0609 DoS 2000-06-21 2008-09-10
5.0
None Remote Low Not required None None Partial
NetWin dMailWeb and cwMail 2.6g and earlier allows remote attackers to cause a denial of service via a long username parameter.
10 CVE-2000-0608 DoS 2000-06-21 2008-09-10
5.0
None Remote Low Not required None None Partial
NetWin dMailWeb and cwMail 2.6i and earlier allows remote attackers to cause a denial of service via a long POP parameter (pophost).
11 CVE-2000-0607 Overflow +Priv 2000-06-21 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in fld program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via an input file containing long CHARSET_REGISTRY or CHARSET_ENCODING settings.
12 CVE-2000-0606 Overflow +Priv 2000-06-21 2008-09-10
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in kon program in Kanji on Console (KON) package on Linux may allow local users to gain root privileges via a long -StartupMessage parameter.
13 CVE-2000-0604 2000-06-21 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
gkermit in Red Hat Linux is improperly installed with setgid uucp, which allows local users to modify files owned by uucp.
14 CVE-2000-0602 +Priv 2000-06-21 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
Secure Locate (slocate) in Red Hat Linux allows local users to gain privileges via a malformed configuration file that is specified in the LOCATE_PATH environmental variable.
15 CVE-2000-0601 DoS 2000-06-25 2008-09-10
5.0
None Remote Low Not required None None Partial
LeafChat 1.7 IRC client allows a remote IRC server to cause a denial of service by rapidly sending a large amount of error messages.
16 CVE-2000-0600 DoS Exec Code 2000-06-26 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Netscape Enterprise Server in NetWare 5.1 allows remote attackers to cause a denial of service or execute arbitrary commands via a malformed URL.
17 CVE-2000-0599 Exec Code Overflow 2000-06-29 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in iMesh 1.02 allows remote attackers to execute arbitrary commands via a long string to the iMesh port.
18 CVE-2000-0598 Bypass 2000-06-26 2008-09-10
5.0
None Remote Low Not required None Partial None
Fortech Proxy+ allows remote attackers to bypass access restrictions for to the administration service by redirecting their connections through the telnet proxy.
19 CVE-2000-0597 2000-06-27 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are marked as safe for scripting, which allows remote attackers to force Internet Explorer or some email clients to save files to arbitrary locations via the Visual Basic for Applications (VBA) SaveAs function, aka the "Office HTML Script" vulnerability.
20 CVE-2000-0596 Exec Code 2000-06-27 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Internet Explorer 5.x does not warn a user before opening a Microsoft Access database file that is referenced within ActiveX OBJECT tags in an HTML document, which could allow remote attackers to execute arbitrary commands, aka the "IE Script" vulnerability.
21 CVE-2000-0593 DoS 2000-06-27 2008-09-10
5.0
None Remote Low Not required None None Partial
WinProxy 2.0 and 2.0.1 allows remote attackers to cause a denial of service by sending an HTTP GET request without listing an HTTP version number.
22 CVE-2000-0592 Exec Code Overflow 2000-06-27 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflows in POP3 service in WinProxy 2.0 and 2.0.1 allow remote attackers to execute arbitrary commands via long USER, PASS, LIST, RETR, or DELE commands.
23 CVE-2000-0589 310 2000-06-26 2013-07-30
7.5
User Remote Low Not required Partial Partial Partial
SawMill 5.0.21 uses weak encryption to store passwords, which allows attackers to easily decrypt the password and modify the SawMill configuration.
24 CVE-2000-0588 200 +Info 2000-06-26 2013-07-30
5.0
None Remote Low Not required Partial None None
SawMill 5.0.21 CGI program allows remote attackers to read the first line of arbitrary files by listing the file in the rfcf parameter, whose contents SawMill attempts to parse as configuration commands.
25 CVE-2000-0587 Bypass 2000-06-26 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
The privpath directive in glftpd 1.18 allows remote attackers to bypass access restrictions for directories by using the file name completion capability.
26 CVE-2000-0586 DoS Exec Code Overflow 2000-06-29 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Dalnet IRC server 4.6.5 allows remote attackers to cause a denial of service or execute arbitrary commands via the SUMMON command.
27 CVE-2000-0585 Exec Code 2000-06-24 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
ISC DHCP client program dhclient allows remote attackers to execute arbitrary commands via shell metacharacters.
28 CVE-2000-0583 DoS 2000-06-30 2008-09-10
5.0
None Remote Low Not required None None Partial
vchkpw program in vpopmail before version 4.8 does not properly cleanse an untrusted format string used in a call to syslog, which allows remote attackers to cause a denial of service via a USER or PASS command that contains arbitrary formatting directives.
29 CVE-2000-0582 DoS 2000-06-30 2008-09-10
5.0
None Remote Low Not required None None Partial
Check Point FireWall-1 4.0 and 4.1 allows remote attackers to cause a denial of service by sending a stream of invalid commands (such as binary zeros) to the SMTP Security Server proxy.
30 CVE-2000-0581 DoS 2000-06-30 2008-09-10
5.0
None Remote Low Not required None None Partial
Windows 2000 Telnet Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros, which causes the server to crash.
31 CVE-2000-0580 DoS 2000-06-30 2008-09-10
5.0
None Remote Low Not required None None Partial
Windows 2000 Server allows remote attackers to cause a denial of service by sending a continuous stream of binary zeros to various TCP and UDP ports, which significantly increases the CPU utilization.
32 CVE-2000-0579 2000-06-21 2008-09-10
3.7
User Local High Not required Partial Partial Partial
IRIX crontab creates temporary files with predictable file names and with the umask of the user, which could allow local users to modify another user's crontab file as it is being edited.
33 CVE-2000-0578 2000-06-21 2008-09-10
3.7
User Local High Not required Partial Partial Partial
SGI MIPSPro compilers C, C++, F77 and F90 generate temporary files in /tmp with predictable file names, which could allow local users to insert malicious contents into these files as they are being compiled by another user.
34 CVE-2000-0577 2000-06-21 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Netscape Professional Services FTP Server 1.3.6 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
35 CVE-2000-0570 DoS 2000-06-27 2008-09-05
5.0
None Remote Low Not required None None Partial
FirstClass Internet Services server 5.770, and other versions before 6.1, allows remote attackers to cause a denial of service by sending an email with a long To: mail header.
36 CVE-2000-0569 DoS 2000-06-30 2008-09-05
5.0
None Remote Low Not required None None Partial
Sybergen Sygate allows remote attackers to cause a denial of service by sending a malformed DNS UDP packet to its internal interface.
37 CVE-2000-0568 2000-06-30 2008-09-10
5.0
None Remote Low Not required None None Partial
Sybergen Secure Desktop 2.1 does not properly protect against false router advertisements (ICMP type 9), which allows remote attackers to modify default routes.
38 CVE-2000-0565 2000-06-13 2008-09-05
2.1
None Local Low Not required Partial None None
SmartFTP Daemon 0.2 allows a local user to access arbitrary files by uploading and specifying an alternate user configuration file via a .. (dot dot) attack.
39 CVE-2000-0562 2000-06-22 2008-09-10
7.5
User Remote Low Not required Partial Partial Partial
BlackIce Defender 2.1 and earlier, and BlackIce Pro 2.0.23 and earlier, do not properly block Back Orifice traffic when the security setting is Nervous or lower.
40 CVE-2000-0561 Exec Code Overflow 2000-06-19 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflow in WebBBS 1.15 allows remote attackers to execute arbitrary commands via a long HTTP GET request.
41 CVE-2000-0559 2000-06-07 2008-09-10
2.1
None Local Low Not required Partial None None
eTrust Intrusion Detection System (formerly SessionWall-3) uses weak encryption (XOR) to store administrative passwords in the registry, which allows local users to easily decrypt the passwords.
42 CVE-2000-0558 Exec Code Overflow 2000-06-06 2008-09-10
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in HP Openview Network Node Manager 6.1 allows remote attackers to execute arbitrary commands via the Alarm service (OVALARMSRV) on port 2345.
43 CVE-2000-0557 Exec Code Overflow 2000-06-05 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in the web interface for Cmail 2.4.7 allows remote attackers to execute arbitrary commands via a long GET request.
44 CVE-2000-0556 DoS Overflow 2000-06-05 2008-09-05
5.0
None Remote Low Not required None None Partial
Buffer overflow in the web interface for Cmail 2.4.7 allows remote attackers to cause a denial of service by sending a large user name to the user dialog running on port 8002.
45 CVE-2000-0555 DoS 2000-06-09 2008-09-05
5.0
None Remote Low Not required None None Partial
Ceilidh allows remote attackers to cause a denial of service via a large number of POST requests.
46 CVE-2000-0554 2000-06-08 2008-09-10
5.0
None Remote Low Not required Partial None None
Ceilidh allows remote attackers to obtain the real path of the Ceilidh directory via the translated_path hidden form field.
47 CVE-2000-0552 +Info 2000-06-06 2008-09-05
2.1
None Local Low Not required Partial None None
ICQwebmail client for ICQ 2000A creates a world readable temporary file during login and does not delete it, which allows local users to obtain sensitive information.
48 CVE-2000-0550 DoS 2000-06-09 2008-09-10
5.0
None Remote Low Not required None None Partial
Kerberos 4 KDC program improperly frees memory twice (aka "double-free"), which allows remote attackers to cause a denial of service.
49 CVE-2000-0549 DoS 2000-06-09 2008-09-10
5.0
None Remote Low Not required None None Partial
Kerberos 4 KDC program does not properly check for null termination of AUTH_MSG_KDC_REQUEST requests, which allows remote attackers to cause a denial of service via a malformed request.
50 CVE-2000-0548 DoS Overflow 2000-06-09 2008-09-10
5.0
None Remote Low Not required None None Partial
Buffer overflow in Kerberos 4 KDC program allows remote attackers to cause a denial of service via the e_msg variable in the kerb_err_reply function.
Total number of vulnerabilities : 119   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.