CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In March 2001

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
1 CVE-1999-0760 +Priv 2001-03-12 2017-10-09
10.0
Admin Remote Low Not required Complete Complete Complete
Undocumented ColdFusion Markup Language (CFML) tags and functions in the ColdFusion Administrator allow users to gain additional privileges.
2 CVE-2000-0306 Overflow 2001-03-12 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in calserver in SCO OpenServer allows remote attackers to gain root access via a long message.
3 CVE-2000-0308 +Priv 2001-03-12 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges.
4 CVE-2000-0348 +Priv 2001-03-12 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 and earlier allows an attacker to gain root privileges.
5 CVE-2001-0113 Exec Code 2001-03-12 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to execute arbitrary commands via the mostbrowsers parameter, whose value is used as part of a generated Perl script.
6 CVE-2001-0129 DoS Exec Code Overflow 2001-03-12 2018-05-02
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long connect request.
7 CVE-2001-0130 DoS Exec Code Overflow 2001-03-12 2017-10-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in HTML parser of the Lotus R5 Domino Server before 5.06, and Domino Client before 5.05, allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a malformed font size specifier.
8 CVE-2001-0133 2001-03-12 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
The web administration interface for Interscan VirusWall 3.6.x and earlier does not use encryption, which could allow remote attackers to obtain the administrator password to sniff the administrator password via the setpasswd.cgi program or other HTTP GET requests that contain base64 encoded usernames and passwords.
9 CVE-2001-0134 Exec Code Overflow 2001-03-12 2016-10-17
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in cpqlogin.htm in web-enabled agents for various Compaq management software products such as Insight Manager and Management Agents allows remote attackers to execute arbitrary commands via a long user name.
10 CVE-2001-0144 Exec Code Overflow 2001-03-12 2018-05-02
10.0
Admin Remote Low Not required Complete Complete Complete
CORE SDI SSH1 CRC-32 compensation attack detector allows remote attackers to execute arbitrary commands on an SSH server or client via an integer overflow.
11 CVE-2001-0181 Exec Code 2001-03-26 2017-12-18
10.0
Admin Remote Low Not required Complete Complete Complete
Format string vulnerability in the error logging code of DHCP server and client in Caldera Linux allows remote attackers to execute arbitrary commands.
12 CVE-2001-0187 Exec Code 2001-03-26 2017-10-09
10.0
Admin Remote Low Not required Complete Complete Complete
Format string vulnerability in wu-ftp 2.6.1 and earlier, when running with debug mode enabled, allows remote attackers to execute arbitrary commands via a malformed argument that is recorded in a PASV port assignment.
13 CVE-2001-0197 Exec Code 2001-03-26 2017-10-09
10.0
Admin Remote Low Not required Complete Complete Complete
Format string vulnerability in print_client in icecast 1.3.8beta2 and earlier allows remote attackers to execute arbitrary commands.
14 CVE-2001-0203 +Priv 2001-03-26 2017-10-09
10.0
Admin Remote Low Not required Complete Complete Complete
Watchguard Firebox II firewall allows users with read-only access to gain read-write access, and administrative privileges, by accessing a file that contains hashed passphrases, and using the hashes during authentication.
15 CVE-2001-0207 Exec Code Overflow 2001-03-26 2017-10-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in bing allows remote attackers to execute arbitrary commands via a long hostname, which is copied to a small buffer after a reverse DNS lookup using the gethostbyaddr function.
16 CVE-2001-0209 DoS Exec Code Overflow 2001-03-26 2017-12-18
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Shoutcast Distributed Network Audio Server (DNAS) 1.7.1 allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long description.
17 CVE-2001-0223 Exec Code Overflow 2001-03-26 2017-12-18
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in wwwwais allows remote attackers to execute arbitrary commands via a long QUERY_STRING (HTTP GET request).
18 CVE-2001-0233 DoS Exec Code Overflow 2001-03-26 2017-10-09
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in micq client 0.4.6 and earlier allows remote attackers to cause a denial of service, and possibly execute arbitrary commands, via a long Description field.
19 CVE-2001-0127 DoS Exec Code Overflow 2001-03-12 2008-09-05
7.6
Admin Remote High Not required Complete Complete Complete
Buffer overflow in Olivier Debon Flash plugin (not the Macromedia plugin) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long DefineSound tag.
20 CVE-2001-0166 DoS 2001-03-26 2017-10-09
7.6
Admin Remote High Not required Complete Complete Complete
Macromedia Shockwave Flash plugin version 8 and earlier allows remote attackers to cause a denial of service via malformed tag length specifiers in a SWF file.
21 CVE-1999-0359 DoS 2001-03-12 2008-09-09
7.5
User Remote Low Not required Partial Partial Partial
ptylogin in Unix systems allows users to perform a denial of service by locking out modems, dial out with that modem, or obtain passwords.
22 CVE-1999-0923 DoS 2001-03-12 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Sample runnable code snippets in ColdFusion Server 4.0 allow remote attackers to read files, conduct a denial of service, or use the server as a proxy for other HTTP calls.
23 CVE-2001-0126 Exec Code 2001-03-12 2017-10-09
7.5
User Remote Low Not required Partial Partial Partial
Oracle XSQL servlet 1.0.3.0 and earlier allows remote attackers to execute arbitrary Java code by redirecting the XSQL server to another source via the xml-stylesheet parameter in the xslt stylesheet.
24 CVE-2001-0183 Bypass 2001-03-26 2017-10-09
7.5
User Remote Low Not required Partial Partial Partial
ipfw and ip6fw in FreeBSD 4.2 and earlier allows remote attackers to bypass access restrictions by setting the ECE flag in a TCP packet, which makes the packet appear to be part of an established connection.
25 CVE-2001-0201 2001-03-26 2017-07-10
7.5
User Remote Low Not required Partial Partial Partial
The Postaci frontend for PostgreSQL does not properly filter characters such as semicolons, which could allow remote attackers to execute arbitrary SQL queries via the deletecontact.php program.
26 CVE-2001-1103 Exec Code 2001-03-03 2017-10-09
7.5
User Remote Low Not required Partial Partial Partial
FTP Voyager ActiveX control before 8.0, when it is marked as safe for scripting (the default) or if allowed by the IObjectSafety interface, allows remote attackers to execute arbitrary commands.
27 CVE-2001-1229 DoS Exec Code Overflow 2001-03-12 2016-10-17
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflows in (1) Icecast before 1.3.9 and (2) libshout before 1.0.4 allow remote attackers to cause a denial of service (crash) and execute arbitrary code.
28 CVE-2001-1230 DoS Exec Code Overflow 2001-03-13 2016-10-17
7.5
User Remote Low Not required Partial Partial Partial
Buffer overflows in Icecast before 1.3.10 allow remote attackers to cause a denial of service (crash) and execute arbitrary code.
29 CVE-2001-1445 Bypass 2001-03-01 2017-07-10
7.5
None Remote Low Not required Partial Partial Partial
Unknown vulnerability in the SMTP server in Lotus Domino 5.0 through 5.7 allows remote attackers to bypass mail relaying restrictions via crafted e-mail addresses in "RCPT TO" commands.
30 CVE-2000-0312 +Priv 2001-03-12 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
cron in OpenBSD 2.5 allows local users to gain root privileges via an argv[] that is not NULL terminated, which is passed to cron's fake popen function.
31 CVE-2001-0015 +Priv 2001-03-12 2018-10-12
7.2
Admin Local Low Not required Complete Complete Complete
Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users to gain SYSTEM privileges via a "WM_COPYDATA" message to an invisible window that is running with the privileges of the WINLOGON process.
32 CVE-2001-0016 2001-03-12 2018-10-12
7.2
Admin Local Low Not required Complete Complete Complete
NTLM Security Support Provider (NTLMSSP) service does not properly check the function number in an LPC request, which could allow local users to gain administrator level access.
33 CVE-2001-0110 Overflow +Priv 2001-03-12 2017-10-09
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in jaZip Zip/Jaz drive manager allows local users to gain root privileges via a long DISPLAY environmental variable.
34 CVE-2001-0111 Exec Code 2001-03-12 2017-10-09
7.2
Admin Local Low Not required Complete Complete Complete
Format string vulnerability in splitvt before 1.6.5 allows local users to execute arbitrary commands via the -rcfile command line argument.
35 CVE-2001-0112 Exec Code Overflow 2001-03-12 2016-10-17
7.2
Admin Local Low Not required Complete Complete Complete
Multiple buffer overflows in splitvt before 1.6.5 allow local users to execute arbitrary commands.
36 CVE-2001-0115 Exec Code Overflow 2001-03-12 2018-10-30
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in arp command in Solaris 7 and earlier allows local users to execute arbitrary commands via a long -f parameter.
37 CVE-2001-0124 Overflow +Priv 2001-03-12 2018-10-30
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in exrecover in Solaris 2.6 and earlier possibly allows local users to gain privileges via a long command line argument.
38 CVE-2001-0128 +Priv Bypass 2001-03-12 2017-10-09
7.2
Admin Local Low Not required Complete Complete Complete
Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.
39 CVE-2001-0172 DoS Exec Code Overflow 2001-03-26 2017-12-18
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in ReiserFS 3.5.28 in SuSE Linux allows local users to cause a denial of service and possibly execute arbitrary commands by via a long directory name.
40 CVE-2001-0176 Exec Code +Priv 2001-03-26 2017-10-09
7.2
Admin Local Low Not required Complete Complete Complete
The setuid doroot program in Voyant Sonata 3.x executes arbitrary command line arguments, which allows local users to gain root privileges.
41 CVE-2001-0190 Overflow +Priv 2001-03-26 2018-10-30
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in /usr/bin/cu in Solaris 2.8 and earlier, and possibly other operating systems, allows local users to gain privileges by executing cu with a long program name (arg0).
42 CVE-1999-0718 +Priv 2001-03-12 2017-10-09
6.2
Admin Local High Not required Complete Complete Complete
IBM GINA, when used for OS/2 domain authentication of Windows NT users, allows local users to gain administrator privileges by changing the GroupMapping registry key.
43 CVE-2001-0137 Exec Code 2001-03-12 2018-10-12
5.1
User Remote High Not required Partial Partial Partial
Windows Media Player 7 allows remote attackers to execute malicious Java applets in Internet Explorer clients by enclosing the applet in a skin file named skin.wmz, then referencing that skin in the codebase parameter to an applet tag, aka the Windows Media Player Skins File Download" vulnerability.
44 CVE-1999-0681 DoS Overflow 2001-03-12 2017-10-09
5.0
None Remote Low Not required None None Partial
Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote attackers to cause a denial of service via a long URL.
45 CVE-1999-0729 DoS Overflow 2001-03-12 2008-09-09
5.0
None Remote Low Not required None None Partial
Buffer overflow in Lotus Notes LDAP (NLDAP) allows an attacker to conduct a denial of service through the ldap_search request.
46 CVE-1999-0756 2001-03-12 2017-10-09
5.0
None Remote Low Not required None None Partial
ColdFusion Administrator with Advanced Security enabled allows remote users to stop the ColdFusion server via the Start/Stop utility.
47 CVE-1999-0758 2001-03-12 2008-09-09
5.0
None Remote Low Not required Partial None None
Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote attacker to view source code to scripts by appending a %20 to the script's URL.
48 CVE-1999-0784 DoS 2001-03-12 2008-09-05
5.0
None Remote Low Not required None None Partial
Denial of service in Oracle TNSLSNR SQL*Net Listener via a malformed string to the listener port, aka NERP.
49 CVE-1999-0800 2001-03-12 2017-10-09
5.0
None Remote Low Not required Partial None None
The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm.
50 CVE-1999-0805 DoS 2001-03-12 2017-12-18
5.0
None Remote Low Not required None None Partial
Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests.
Total number of vulnerabilities : 105   Page : 1 (This Page)2 3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.