CVEdetails.com the ultimate security vulnerability data source
(e.g.: CVE-2009-1234 or 2010-1234 or 20101234)
Log In   Register
Vulnerability Feeds & WidgetsNew   www.itsecdb.com  

Security Vulnerabilities Published In March 2001

Press ESC to close
# CVE ID CWE ID # of Exploits Vulnerability Type(s) Publish Date Update Date Score Gained Access Level Access Complexity Authentication Conf. Integ. Avail.
51 CVE-2001-0129 DoS Exec Code Overflow 2001-03-12 2018-05-02
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in Tinyproxy HTTP proxy 1.3.3 and earlier allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long connect request.
52 CVE-2001-0128 +Priv Bypass 2001-03-12 2017-10-09
7.2
Admin Local Low Not required Complete Complete Complete
Zope before 2.2.4 does not properly compute local roles, which could allow users to bypass specified access restrictions and gain privileges.
53 CVE-2001-0127 DoS Exec Code Overflow 2001-03-12 2008-09-05
7.6
Admin Remote High Not required Complete Complete Complete
Buffer overflow in Olivier Debon Flash plugin (not the Macromedia plugin) allows remote attackers to cause a denial of service and possibly execute arbitrary code via a long DefineSound tag.
54 CVE-2001-0126 Exec Code 2001-03-12 2017-10-09
7.5
User Remote Low Not required Partial Partial Partial
Oracle XSQL servlet 1.0.3.0 and earlier allows remote attackers to execute arbitrary Java code by redirecting the XSQL server to another source via the xml-stylesheet parameter in the xslt stylesheet.
55 CVE-2001-0125 2001-03-12 2017-10-09
1.2
None Local High Not required None Partial None
exmh 2.2 and earlier allows local users to overwrite arbitrary files via a symlink attack on the exmhErrorMsg temporary file.
56 CVE-2001-0124 Overflow +Priv 2001-03-12 2018-10-30
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in exrecover in Solaris 2.6 and earlier possibly allows local users to gain privileges via a long command line argument.
57 CVE-2001-0123 Dir. Trav. 2001-03-12 2017-10-09
5.0
None Remote Low Not required Partial None None
Directory traversal vulnerability in eXtropia bbs_forum.cgi 1.0 allows remote attackers to read arbitrary files via a .. (dot dot) attack on the file parameter.
58 CVE-2001-0122 DoS 2001-03-13 2017-10-09
5.0
None Remote Low Not required None None Partial
Kernel leak in AfpaCache module of the Fast Response Cache Accelerator (FRCA) component of IBM HTTP Server 1.3.x and Websphere 3.52 allows remote attackers to cause a denial of service via a series of malformed HTTP requests that generate a "bad request" error.
59 CVE-2001-0121 DoS 2001-03-12 2017-10-09
5.0
None Remote Low Not required None None Partial
ImageCast Control Center 4.1.0 allows remote attackers to cause a denial of service (resource exhaustion or system crash) via a long string to port 12002.
60 CVE-2001-0120 2001-03-12 2017-10-09
1.2
None Local High Not required None Partial None
useradd program in shadow-utils program may allow local users to overwrite arbitrary files via a symlink attack.
61 CVE-2001-0119 2001-03-12 2017-10-09
1.2
None Local High Not required None Partial None
getty_ps 2.0.7j allows local users to overwrite arbitrary files via a symlink attack.
62 CVE-2001-0118 2001-03-12 2017-10-09
1.2
None Local High Not required None Partial None
rdist 6.1.5 allows local users to overwrite arbitrary files via a symlink attack.
63 CVE-2001-0117 2001-03-12 2017-10-09
1.2
None Local High Not required None Partial None
sdiff 2.7 in the diffutils package allows local users to overwrite files via a symlink attack.
64 CVE-2001-0116 2001-03-12 2017-10-09
1.2
None Local High Not required None Partial None
gpm 1.19.3 allows local users to overwrite arbitrary files via a symlink attack.
65 CVE-2001-0115 Exec Code Overflow 2001-03-12 2018-10-30
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in arp command in Solaris 7 and earlier allows local users to execute arbitrary commands via a long -f parameter.
66 CVE-2001-0114 2001-03-12 2008-09-05
5.0
None Remote Low Not required None Partial None
statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to overwrite arbitrary files via the cgidir parameter.
67 CVE-2001-0113 Exec Code 2001-03-12 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
statsconfig.pl in OmniHTTPd 2.07 allows remote attackers to execute arbitrary commands via the mostbrowsers parameter, whose value is used as part of a generated Perl script.
68 CVE-2001-0112 Exec Code Overflow 2001-03-12 2016-10-17
7.2
Admin Local Low Not required Complete Complete Complete
Multiple buffer overflows in splitvt before 1.6.5 allow local users to execute arbitrary commands.
69 CVE-2001-0111 Exec Code 2001-03-12 2017-10-09
7.2
Admin Local Low Not required Complete Complete Complete
Format string vulnerability in splitvt before 1.6.5 allows local users to execute arbitrary commands via the -rcfile command line argument.
70 CVE-2001-0110 Overflow +Priv 2001-03-12 2017-10-09
7.2
Admin Local Low Not required Complete Complete Complete
Buffer overflow in jaZip Zip/Jaz drive manager allows local users to gain root privileges via a long DISPLAY environmental variable.
71 CVE-2001-0109 2001-03-12 2017-10-09
1.2
None Local High Not required None Partial None
rctab in SuSE 7.0 and earlier allows local users to create or overwrite arbitrary files via a symlink attack on the rctmp temporary file.
72 CVE-2001-0108 Bypass 2001-03-12 2017-10-09
5.0
None Remote Low Not required Partial None None
PHP Apache module 4.0.4 and earlier allows remote attackers to bypass .htaccess access restrictions via a malformed HTTP request on an unrestricted page that causes PHP to use those access controls on the next page that is requested.
73 CVE-2001-0107 DoS 2001-03-12 2016-10-17
5.0
None Remote Low Not required None None Partial
Veritas Backup agent on Linux allows remote attackers to cause a denial of service by establishing a connection without sending any data, which causes the process to hang.
74 CVE-2001-0017 DoS 2001-03-12 2018-10-12
5.0
None Remote Low Not required None None Partial
Memory leak in PPTP server in Windows NT 4.0 allows remote attackers to cause a denial of service via a malformed data packet, aka the "Malformed PPTP Packet Stream" vulnerability.
75 CVE-2001-0016 2001-03-12 2018-10-12
7.2
Admin Local Low Not required Complete Complete Complete
NTLM Security Support Provider (NTLMSSP) service does not properly check the function number in an LPC request, which could allow local users to gain administrator level access.
76 CVE-2001-0015 +Priv 2001-03-12 2018-10-12
7.2
Admin Local Low Not required Complete Complete Complete
Network Dynamic Data Exchange (DDE) in Windows 2000 allows local users to gain SYSTEM privileges via a "WM_COPYDATA" message to an invisible window that is running with the privileges of the WINLOGON process.
77 CVE-2000-0375 2001-03-12 2008-09-10
2.1
None Local Low Not required None Partial None
The kernel in FreeBSD 3.2 follows symbolic links when it creates core dump files, which allows local attackers to modify arbitrary files.
78 CVE-2000-0368 200 +Info 2001-03-12 2016-09-21
2.1
None Local Low Not required Partial None None
Classic Cisco IOS 9.1 and later allows attackers with access to the login prompt to obtain portions of the command history of previous users, which may allow the attacker to access sensitive data.
79 CVE-2000-0351 2001-03-12 2008-09-05
4.6
User Local Low Not required Partial Partial Partial
Some packaging commands in SCO UnixWare 7.1.0 have insecure privileges, which allows local users to add or remove software packages.
80 CVE-2000-0349 DoS 2001-03-12 2008-09-05
5.0
None Remote Low Not required None None Partial
Vulnerability in the passthru driver in SCO UnixWare 7.1.0 allows an attacker to cause a denial of service.
81 CVE-2000-0348 +Priv 2001-03-12 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
A vulnerability in the Sendmail configuration file sendmail.cf as installed in SCO UnixWare 7.1.0 and earlier allows an attacker to gain root privileges.
82 CVE-2000-0315 2001-03-12 2016-10-17
5.0
None Remote Low Not required None Partial None
traceroute in NetBSD 1.3.3 and Linux systems allows local unprivileged users to modify the source address of the packets, which could be used in spoofing attacks.
83 CVE-2000-0314 2001-03-12 2016-10-17
5.0
None Remote Low Not required None None Partial
traceroute in NetBSD 1.3.3 and Linux systems allows local users to flood other systems by providing traceroute with a large waittime (-w) option, which is not parsed properly and sets the time delay for sending packets to zero.
84 CVE-2000-0313 2001-03-12 2008-09-10
4.6
User Local Low Not required Partial Partial Partial
Vulnerability in OpenBSD 2.6 allows a local user to change interface media configurations.
85 CVE-2000-0312 +Priv 2001-03-12 2008-09-05
7.2
Admin Local Low Not required Complete Complete Complete
cron in OpenBSD 2.5 allows local users to gain root privileges via an argv[] that is not NULL terminated, which is passed to cron's fake popen function.
86 CVE-2000-0310 DoS 2001-03-12 2008-09-10
5.0
None Remote Low Not required None None Partial
IP fragment assembly in OpenBSD 2.4 allows a remote attacker to cause a denial of service by sending a large number of fragmented packets.
87 CVE-2000-0309 DoS 2001-03-12 2008-09-10
2.1
None Local Low Not required None None Partial
The i386 trace-trap handling in OpenBSD 2.4 with DDB enabled allows a local user to cause a denial of service.
88 CVE-2000-0308 +Priv 2001-03-12 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Insecure file permissions for Netscape FastTrack Server 2.x, Enterprise Server 2.0, and Proxy Server 2.5 in SCO UnixWare 7.0.x and 2.1.3 allow an attacker to gain root privileges.
89 CVE-2000-0307 DoS 2001-03-12 2008-09-05
5.0
None Remote Low Not required None None Partial
Vulnerability in xserver in SCO UnixWare 2.1.x and OpenServer 5.05 and earlier allows an attacker to cause a denial of service which prevents access to reserved port numbers below 1024.
90 CVE-2000-0306 Overflow 2001-03-12 2008-09-05
10.0
Admin Remote Low Not required Complete Complete Complete
Buffer overflow in calserver in SCO OpenServer allows remote attackers to gain root access via a long message.
91 CVE-1999-0945 119 DoS Overflow 2001-03-12 2018-08-13
5.0
None Remote Low Not required None None Partial
Buffer overflow in Internet Mail Service (IMS) for Microsoft Exchange 5.5 and 5.0 allows remote attackers to conduct a denial of service via AUTH or AUTHINFO commands.
92 CVE-1999-0924 DoS 2001-03-12 2017-10-09
5.0
None Remote Low Not required None None Partial
The Syntax Checker in ColdFusion Server 4.0 allows remote attackers to conduct a denial of service.
93 CVE-1999-0923 DoS 2001-03-12 2008-09-05
7.5
User Remote Low Not required Partial Partial Partial
Sample runnable code snippets in ColdFusion Server 4.0 allow remote attackers to read files, conduct a denial of service, or use the server as a proxy for other HTTP calls.
94 CVE-1999-0922 2001-03-12 2008-09-09
5.0
None Remote Low Not required Partial None None
An example application in ColdFusion Server 4.0 allows remote attackers to view source code via the sourcewindow.cfm file.
95 CVE-1999-0805 DoS 2001-03-12 2017-12-18
5.0
None Remote Low Not required None None Partial
Novell NetWare Transaction Tracking System (TTS) in Novell 4.11 and earlier allows remote attackers to cause a denial of service via a large number of requests.
96 CVE-1999-0800 2001-03-12 2017-10-09
5.0
None Remote Low Not required Partial None None
The GetFile.cfm file in Allaire Forums allows remote attackers to read files through a parameter to GetFile.cfm.
97 CVE-1999-0784 DoS 2001-03-12 2008-09-05
5.0
None Remote Low Not required None None Partial
Denial of service in Oracle TNSLSNR SQL*Net Listener via a malformed string to the listener port, aka NERP.
98 CVE-1999-0760 +Priv 2001-03-12 2017-10-09
10.0
Admin Remote Low Not required Complete Complete Complete
Undocumented ColdFusion Markup Language (CFML) tags and functions in the ColdFusion Administrator allow users to gain additional privileges.
99 CVE-1999-0758 2001-03-12 2008-09-09
5.0
None Remote Low Not required Partial None None
Netscape Enterprise 3.5.1 and FastTrack 3.01 servers allow a remote attacker to view source code to scripts by appending a %20 to the script's URL.
100 CVE-1999-0757 2001-03-12 2017-12-18
2.1
None Local Low Not required Partial None None
The ColdFusion CFCRYPT program for encrypting CFML templates has weak encryption, allowing attackers to decrypt the templates.
Total number of vulnerabilities : 105   Page : 1 2 (This Page)3
CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site. OVAL is a registered trademark of The MITRE Corporation and the authoritative source of OVAL content is MITRE's OVAL web site.
Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.