# |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
76651 |
CVE-2001-1141 |
|
|
|
2001-07-10 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
The Pseudo-Random Number Generator (PRNG) in SSLeay and OpenSSL before 0.9.6b allows attackers to use the output of small PRNG requests to determine the internal state information, which could be used by attackers to predict future pseudo-random numbers. |
76652 |
CVE-2001-1140 |
|
|
|
2001-08-22 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
BadBlue Personal Edition v1.02 beta allows remote attackers to read source code for executable programs by appending a %00 (null byte) to the request. |
76653 |
CVE-2001-1139 |
|
|
Dir. Trav. |
2001-08-22 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Directory traversal vulnerability in ASCII NT WinWrapper Professional allows remote attackers to read arbitrary files via a .. (dot dot) in the server request. |
76654 |
CVE-2001-1137 |
|
|
DoS |
2001-09-06 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
D-Link DI-704 Internet Gateway firmware earlier than V2.56b6 allows remote attackers to cause a denial of service (reboot) via malformed IP datagram fragments. |
76655 |
CVE-2001-1136 |
|
|
DoS |
2001-09-13 |
2017-12-18 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
The libsecurity library in HP-UX 11.04 (VVOS) allows attackers to cause a denial of service. |
76656 |
CVE-2001-1134 |
|
|
DoS |
2001-08-09 |
2008-09-10 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Xerox DocuPrint N40 Printers allow remote attackers to cause a denial of service via malformed data, such as that produced by the Code Red worm. |
76657 |
CVE-2001-1133 |
|
|
DoS |
2001-08-21 |
2008-09-05 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
Vulnerability in a system call in BSDI 3.0 and 3.1 allows local users to cause a denial of service (reboot) in the kernel via a particular sequence of instructions. |
76658 |
CVE-2001-1131 |
|
|
Dir. Trav. |
2001-08-21 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Directory traversal vulnerability in WhitSoft Development SlimFTPd 2.2 allows an attacker to read arbitrary files and directories via a ... (modified dot dot) in the CD command. |
76659 |
CVE-2001-1126 |
|
|
DoS |
2001-10-05 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Symantec LiveUpdate 1.4 through 1.6, and possibly later versions, allows remote attackers to cause a denial of service (flood) via DNS spoofing of the update.symantec.com site. |
76660 |
CVE-2001-1124 |
|
|
DoS Overflow |
2001-10-01 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
rpcbind in HP-UX 11.00, 11.04 and 11.11 allows remote attackers to cause a denial of service (core dump) via a malformed RPC portmap requests, possibly related to a buffer overflow. |
76661 |
CVE-2001-1122 |
|
|
DoS |
2001-08-03 |
2017-12-18 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
Windows NT 4.0 SP 6a allows a local user with write access to winnt/system32 to cause a denial of service (crash in lsass.exe) by running the NT4ALL exploit program in 'SPECIAL' mode. |
76662 |
CVE-2001-1120 |
|
|
|
2001-07-11 |
2017-12-18 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
Vulnerabilities in ColdFusion 2.0 through 4.5.1 SP 2 allow remote attackers to (1) read or delete arbitrary files, or (2) overwrite ColdFusion Server templates. |
76663 |
CVE-2001-1119 |
|
|
|
2001-08-03 |
2017-10-09 |
6.2 |
Admin |
Local |
High |
Not required |
Complete |
Complete |
Complete |
cda in xmcd 3.0.2 and 2.6 in SuSE Linux allows local users to overwrite arbitrary files via a symlink attack. |
76664 |
CVE-2001-1117 |
|
|
|
2001-08-10 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
LinkSys EtherFast BEFSR41 Cable/DSL routers running firmware before 1.39.3 Beta allows a remote attacker to view administration and user passwords by connecting to the router and viewing the HTML source for (1) index.htm and (2) Password.htm. |
76665 |
CVE-2001-1116 |
|
|
Bypass |
2001-08-02 |
2017-10-09 |
4.6 |
User |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
Identix BioLogon 2.03 and earlier does not lock secondary displays on a multi-monitor system running Windows 98 or ME, which allows an attacker with physical access to the system to bypass authentication through a secondary display. |
76666 |
CVE-2001-1115 |
|
|
|
2001-08-13 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
generate.cgi in SIX-webboard 2.01 and before allows remote attackers to read arbitrary files via a dot dot (..) in the content parameter. |
76667 |
CVE-2001-1111 |
|
|
|
2001-09-12 |
2017-12-18 |
4.6 |
User |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
EFTP 2.0.7.337 stores user passwords in plaintext in the eftp2users.dat file. |
76668 |
CVE-2001-1110 |
|
|
+Info |
2001-09-12 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
EFTP 2.0.7.337 allows remote attackers to obtain NETBIOS credentials by requesting information on a file that is in a network share, which causes the server to send the credentials to the host that owns the share, and allows the attacker to sniff the connection. |
76669 |
CVE-2001-1107 |
|
|
+Priv |
2001-07-26 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
SnapStream PVS 1.2a stores its passwords in plaintext in the file SSD.ini, which could allow a remote attacker to gain privileges on the server. |
76670 |
CVE-2001-1102 |
|
|
|
2001-09-08 |
2017-12-18 |
6.2 |
Admin |
Local |
High |
Not required |
Complete |
Complete |
Complete |
Check Point FireWall-1 3.0b through 4.1 for Solaris allows local users to overwrite arbitrary files via a symlink attack on temporary policy files that end in a .cpp extension, which are set world-writable. |
76671 |
CVE-2001-1101 |
|
|
|
2001-09-08 |
2017-12-18 |
6.4 |
None |
Remote |
Low |
Not required |
None |
Partial |
Partial |
The Log Viewer function in the Check Point FireWall-1 GUI for Solaris 3.0b through 4.1 SP2 does not check for the existence of '.log' files when saving files, which allows (1) remote authenticated users to overwrite arbitrary files ending in '.log', or (2) local users to overwrite arbitrary files via a symlink attack. |
76672 |
CVE-2001-1099 |
|
|
|
2001-09-07 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
The default configuration of Norton AntiVirus for Microsoft Exchange 2000 2.x allows remote attackers to identify the recipient's INBOX file path by sending an email with an attachment containing malicious content, which includes the path in the rejection notice. |
76673 |
CVE-2001-1098 |
|
|
|
2001-10-10 |
2017-10-09 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
Cisco PIX firewall manager (PFM) 4.3(2)g logs the enable password in plaintext in the pfm.log file, which could allow local users to obtain the password by reading the file. |
76674 |
CVE-2001-1097 |
|
|
DoS |
2001-07-24 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Cisco routers and switches running IOS 12.0 through 12.2.1 allows a remote attacker to cause a denial of service via a flood of UDP packets. |
76675 |
CVE-2001-1096 |
|
|
Exec Code Overflow |
2001-10-09 |
2013-07-25 |
4.6 |
User |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
Buffer overflows in muxatmd in AIX 4 allows an attacker to cause a core dump and possibly execute code. |
76676 |
CVE-2001-1095 |
|
|
Exec Code Overflow |
2001-10-09 |
2016-09-16 |
4.6 |
User |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
Buffer overflow in uuq in AIX 4 could allow local users to execute arbitrary code via a long -r parameter. |
76677 |
CVE-2001-1094 |
|
|
Bypass |
2001-09-11 |
2017-12-18 |
4.6 |
User |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
NetOp School 1.5 allows local users to bypass access restrictions on the administration version by logging into the student version, closing the student version, then starting the administration version. |
76678 |
CVE-2001-1092 |
|
|
|
2001-09-10 |
2017-12-18 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
msgchk in Digital UNIX 4.0G and earlier allows a local user to read the first line of arbitrary files via a symlink attack on the .mh_profile file. |
76679 |
CVE-2001-1085 |
|
|
|
2001-07-05 |
2017-10-09 |
3.7 |
User |
Local |
High |
Not required |
Partial |
Partial |
Partial |
Lmail 2.7 and earlier allows local users to overwrite arbitrary files via a symlink attack on a temporary file. |
76680 |
CVE-2001-1083 |
|
|
DoS |
2001-06-26 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Icecast 1.3.7, and other versions before 1.3.11 with HTTP server file streaming support enabled allows remote attackers to cause a denial of service (crash) via a URL that ends in . (dot), / (forward slash), or \ (backward slash). |
76681 |
CVE-2001-1082 |
|
|
Dir. Trav. |
2001-07-13 |
2008-09-05 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Directory traversal vulnerability in Livingston/Lucent RADIUS before 2.1.va.1 may allow attackers to read arbitrary files via a .. (dot dot) attack. |
76682 |
CVE-2001-1079 |
|
|
DoS |
2002-02-13 |
2017-10-09 |
3.6 |
None |
Local |
Low |
Not required |
None |
Partial |
Partial |
create_keyfiles in PSSP 3.2 with DCE 3.1 authentication on AIX creates keyfile directories with world-writable permissions, which could allow a local user to delete key files and cause a denial of service. |
76683 |
CVE-2001-1077 |
|
|
Overflow +Priv |
2001-06-15 |
2017-12-18 |
4.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
Partial |
Buffer overflow in tt_printf function of rxvt 2.6.2 allows local users to gain privileges via a long (1) -T or (2) -name argument. |
76684 |
CVE-2001-1075 |
|
|
Bypass |
2001-07-04 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
poprelayd script before 2.0 in Cobalt RaQ3 servers allows remote attackers to bypass authentication for relaying by causing a "POP login by user" string that includes the attacker's IP address to be injected into the maillog log file. |
76685 |
CVE-2001-1073 |
|
|
+Info |
2001-08-31 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Webridge PX Application Suite allows remote attackers to obtain sensitive information via a malformed request that generates a server error message, which includes full pathname or internal IP address information in the variables (1) APPL_PHYSICAL_PATH, (2) PATH_TRANSLATED, and (3) LOCAL_ADDR. |
76686 |
CVE-2001-1072 |
|
|
Bypass |
2001-08-31 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Apache with mod_rewrite enabled on most UNIX systems allows remote attackers to bypass RewriteRules by inserting extra / (slash) characters into the requested path, which causes the regular expression in the RewriteRule to fail. |
76687 |
CVE-2001-1071 |
|
|
DoS |
2001-10-09 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Cisco IOS 12.2 and earlier running Cisco Discovery Protocol (CDP) allows remote attackers to cause a denial of service (memory consumption) via a flood of CDP neighbor announcements. |
76688 |
CVE-2001-1070 |
|
|
DoS |
2001-08-31 |
2017-12-18 |
2.1 |
None |
Local |
Low |
Not required |
None |
None |
Partial |
Sage Software MAS 200 allows remote attackers to cause a denial of service by connecting to port 10000 and entering a series of control characters. |
76689 |
CVE-2001-1068 |
|
|
|
2001-08-31 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
qpopper 4.01 with PAM based authentication on Red Hat systems generates different error messages when an invalid username is provided instead of a valid name, which allows remote attackers to determine valid usernames on the system. |
76690 |
CVE-2001-1066 |
|
|
|
2001-08-31 |
2018-05-02 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
ns6install installation script for Netscape 6.01 on Solaris, and other versions including 6.2.1 beta, allows local users to overwrite arbitrary files via a symlink attack. |
76691 |
CVE-2001-1065 |
|
|
|
2001-08-31 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Web-based configuration utility in Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap binds itself to port 80 even when web-based configuration services are disabled, which could leave the router open to attack. |
76692 |
CVE-2001-1064 |
|
|
DoS |
2001-08-31 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
Cisco 600 series routers running CBOS 2.0.1 through 2.4.2ap allows remote attackers to cause a denial of service via multiple connections to the router on the (1) HTTP or (2) telnet service, which causes the router to become unresponsive and stop forwarding packets. |
76693 |
CVE-2001-1059 |
|
|
|
2001-07-30 |
2017-10-09 |
3.6 |
None |
Local |
Low |
Not required |
Partial |
Partial |
None |
VMWare creates a temporary file vmware-log.USERNAME with insecure permissions, which allows local users to read or modify license information. |
76694 |
CVE-2001-1057 |
|
|
DoS |
2001-07-30 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The License Manager (mathlm) for Mathematica 4.0 and 4.1 allows remote attackers to cause a denial of service (resource exhaustion) by connecting to port 16286 and not disconnecting, which prevents users from making license requests. |
76695 |
CVE-2001-1055 |
|
|
DoS |
2001-07-30 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
The Microsoft Windows network stack allows remote attackers to cause a denial of service (CPU consumption) via a flood of malformed ARP request packets with random source IP and MAC addresses, as demonstrated by ARPNuke. |
76696 |
CVE-2001-1047 |
|
|
DoS |
2001-06-02 |
2017-12-18 |
1.2 |
None |
Local |
High |
Not required |
None |
None |
Partial |
Race condition in OpenBSD VFS allows local users to cause a denial of service (kernel panic) by (1) creating a pipe in one thread and causing another thread to set one of the file descriptors to NULL via a close, or (2) calling dup2 on a file descriptor in one process, then setting the descriptor to NULL via a close in another process that is created via rfork. |
76697 |
CVE-2001-1045 |
|
|
Dir. Trav. |
2001-07-06 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Directory traversal vulnerability in basilix.php3 in Basilix Webmail 1.0.3beta and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the request_id[DUMMY] parameter. |
76698 |
CVE-2001-1043 |
|
|
|
2001-07-01 |
2017-10-09 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
ArGoSoft FTP Server 1.2.2.2 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file. |
76699 |
CVE-2001-1042 |
|
|
|
2001-07-02 |
2017-12-18 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
Transsoft Broker 5.9.5.0 allows remote attackers to read arbitrary files and directories by uploading a .lnk (link) file that points to the target file. |
76700 |
CVE-2001-1041 |
|
|
|
2001-08-31 |
2016-10-17 |
2.1 |
None |
Local |
Low |
Not required |
None |
Partial |
None |
oracle program in Oracle 8.0.x, 8.1.x and 9.0.1 allows local users to overwrite arbitrary files via a symlink attack on an Oracle log trace (.trc) file that is created in an alternate home directory identified by the ORACLE_HOME environment variable. |