The HTTP service in American Power Conversion (APC) PowerChute uses a default username and password, which allows remote attackers to gain system access.
Max CVSS
9.0
EPSS Score
0.18%
Published
2000-12-31
Updated
2008-09-05
Unspecified vulnerability in Haakon Nilsen simple, integrated publishing system (SIPS) before 0.2.4 has an unknown impact and attack vectors, related to a "grave security fault."
Max CVSS
10.0
EPSS Score
0.23%
Published
2000-12-31
Updated
2009-10-14
The HTTP interface of Tivoli Lightweight Client Framework (LCF) in IBM Tivoli Management Framework 3.7.1 sets http_disable to zero at install time, which allows remote authenticated users to bypass file permissions on Tivoli Endpoint Configuration data files via an unspecified manipulation of log files.
Max CVSS
9.0
EPSS Score
0.32%
Published
2000-12-31
Updated
2017-07-20
Buffer overflow in the SHTML logging functionality of iPlanet Web Server 4.x allows remote attackers to execute arbitrary commands via a long filename with a .shtml extension.
Max CVSS
10.0
EPSS Score
0.20%
Published
2000-12-11
Updated
2017-10-10
Netscape (iPlanet) Certificate Management System 4.2 and Directory Server 4.12 stores the administrative password in plaintext, which could allow local and possibly remote attackers to gain administrative privileges on the server.
Max CVSS
10.0
EPSS Score
0.57%
Published
2000-12-11
Updated
2017-12-19
csstart program in iCal 2.1 Patch 2 uses relative pathnames to install the libsocket and libnsl libraries, which could allow the icsuser account to gain root privileges by creating a Trojan Horse library in the current or parent directory.
Max CVSS
10.0
EPSS Score
1.50%
Published
2000-12-11
Updated
2017-10-10
The GUI installation for iCal 2.1 Patch 2 disables access control for the X server using an "xhost +" command, which allows remote attackers to monitor X Windows events and gain privileges.
Max CVSS
10.0
EPSS Score
0.93%
Published
2000-12-11
Updated
2017-10-10
pollit.cgi in Poll It 2.0 allows remote attackers to execute arbitrary commands via shell metacharacters in the poll_options parameter.
Max CVSS
10.0
EPSS Score
0.49%
Published
2000-12-11
Updated
2017-10-10
Buffer overflow in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large TACACS+ packet.
Max CVSS
10.0
EPSS Score
0.51%
Published
2000-12-11
Updated
2017-10-10
Buffer overflow in CSAdmin module in CiscoSecure ACS Server 2.4(2) and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a large packet.
Max CVSS
10.0
EPSS Score
0.87%
Published
2000-12-11
Updated
2017-10-10
Allaire JRun 2.3.3 server allows remote attackers to compile and execute JSP code by inserting it via a cross-site scripting (CSS) attack and directly calling the com.livesoftware.jrun.plugins.JSP JSP servlet.
Max CVSS
10.0
EPSS Score
2.82%
Published
2000-12-11
Updated
2017-12-19
Buffer overflow in SMTP service of Lotus Domino 5.0.4 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long ENVID keyword in the "MAIL FROM" command.
Max CVSS
10.0
EPSS Score
0.71%
Published
2000-12-11
Updated
2017-10-10
Multiple buffer overflows in the ESMTP service of Lotus Domino 5.0.2c and earlier allow remote attackers to cause a denial of service and possibly execute arbitrary code via long (1) "RCPT TO," (2) "SAML FROM," or (3) "SOML FROM" commands.
Max CVSS
10.0
EPSS Score
0.70%
Published
2000-12-11
Updated
2008-09-05
Format string vulnerability in ypbind-mt in SuSE SuSE-6.2, and possibly other Linux operating systems, allows an attacker to gain root privileges.
Max CVSS
10.0
EPSS Score
0.70%
Published
2000-12-11
Updated
2017-10-10
Format string vulnerability in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.
Max CVSS
10.0
EPSS Score
3.88%
Published
2000-12-11
Updated
2017-10-10
Buffer overflow in ypserv in Mandrake Linux 7.1 and earlier, and possibly other Linux operating systems, allows an attacker to gain root privileges when ypserv is built without a vsyslog() function.
Max CVSS
10.0
EPSS Score
1.98%
Published
2000-12-11
Updated
2017-10-10
Buffer overflow in ypbind 3.3 possibly allows an attacker to gain root privileges.
Max CVSS
10.0
EPSS Score
0.47%
Published
2000-12-11
Updated
2017-10-10
Format string vulnerability in logging function of ypbind 3.3, while running in debug mode, leaks file descriptors and allows an attacker to cause a denial of service.
Max CVSS
10.0
EPSS Score
1.03%
Published
2000-12-11
Updated
2017-10-10
Buffer overflows in TYPSoft FTP Server 0.78 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long USER, PASS, or CWD command.
Max CVSS
10.0
EPSS Score
35.97%
Published
2000-12-11
Updated
2016-10-18
Buffer overflow in the System Monitor ActiveX control in Windows 2000 allows remote attackers to execute arbitrary commands via a long LogFileName parameter in HTML source code, aka the "ActiveX Parameter Validation" vulnerability.
Max CVSS
10.0
EPSS Score
0.11%
Published
2000-12-11
Updated
2018-10-12
Buffer overflow in host command allows a remote attacker to execute arbitrary commands via a long response to an AXFR query.
Max CVSS
10.0
EPSS Score
0.94%
Published
2000-12-11
Updated
2017-07-11
Multiple buffer overflows in LBNL tcpdump allow remote attackers to execute arbitrary commands.
Max CVSS
10.0
EPSS Score
1.55%
Published
2000-12-11
Updated
2018-05-03
eWave ServletExec 3.0C and earlier does not restrict access to the UploadServlet Java/JSP servlet, which allows remote attackers to upload files and execute arbitrary commands.
Max CVSS
10.0
EPSS Score
0.41%
Published
2000-12-11
Updated
2017-10-10
Format string vulnerability in talkd in OpenBSD and possibly other BSD-based OSes allows remote attackers to execute arbitrary commands via a user name that contains format characters.
Max CVSS
10.0
EPSS Score
0.54%
Published
2000-12-11
Updated
2017-10-10
Format string vulnerabilities in OpenBSD ssh program (and possibly other BSD-based operating systems) allow attackers to gain root privileges.
Max CVSS
10.0
EPSS Score
0.55%
Published
2000-12-11
Updated
2008-09-05
42 vulnerabilities found
1 2
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!